1

Cisco IOS File System and

Devices

Managing Cisco IOS Images

Verifying Memory Image

Filenames
wg_ro_a#show flash

System flash directory:

File Length
Name/status
1
10084696 c2500-js-l_120-3.bin
[10084760 bytes used, 6692456 available, 16777216 total]
16384K bytes of processor board System flash (Read ONLY)

Creating a Software Image

Backup

Upgrading the Image from the

Network

LAB
Install TFTP server on a virtual machine
Connect the machine to a Router
To see the content of Flash file
#show Flash
To copy flash
#Copy flash tftp
supply IP address of TFTP Server and file name

To copy running-configuration
#copy running-config tftp
supply IP address of TFTP Server and file name

Resolving Host Names

To use a hostname rather than an IP address to
connect to a remote device
Two ways to resolve hostnames to IP addresses
building a host table on each router
building a Domain Name System (DNS) server

Resolving Host Names

Building a host table

ip host host_name ip_address

R1(config)#ip host com1 10.0.0.1
R1(config)#ip host com2 10.0.0.2

To view table
R1#show hosts
To verify that the host table resolves names, try ping
hostnames at a router prompt.
9

Password Recovery
Normal Boot Sequence
POST
Bootstrap
IOS
Startup
Running

This setup is decided by configuration

register value
10

Configuration Register
Decimal
Bit

Default

4 2 1 8

4 2 1 8

4 2 1 8

4 2 1

15 14 13 12 11 10 9 8 7

6 5 4 3

2 1 0

0 0 0 0

0 1 0

0 1 0 0

0 0 1 0

2102

This means that bits 13, 8, and 1 are on.

To ignore NVRAM the 6th bit should be made ON
When the 6th bit is turned on the value will be 2142

11

Password Recovery
Show version will give configuration register
value
Password is stored in NVRAM
To by pass NVRAM during boot sequence we
need to change the configuration register value
To change the CR values press Ctr+Break and
go to ROM monitor mode

12

Password Recovery
Router 2500
o/r 0x2142
i
Router 2600
confreg 0x2142
>reset

13

14

WAN vs LAN
Distance between WAN and LAN
WAN speed is less
WAN is leased from Service provider

15

Remote Access Overview

A WAN is a data communications network covering a
relatively broad geographical area.
A network administrator designing a remote network
must weight issues concerning users needs such as
bandwidth and cost of the variable available
technologies.

16

WAN Overview

Service
Provider

WANs connect sites

Connection requirements vary depending on user requirements and
cost
17

WAN technology/terminology

Devices on the subscriber premises are called customer premises equipment (CPE).
The subscriber owns the CPE or leases the CPE from the service provider.
A copper or fiber cable connects the CPE to the service providers nearest exchange or central
office (CO). A central office (CO) is sometimes referred to as a point of presence (POP)
This cabling is often called the local loop, or "last-mile".

CPE
(Customer
Premises
Equipment)
are
equipments
located at the customers site,
they are owned, operated and
managed by the customer.

18

WAN technology/terminology
A demarcation point is where
customer
premises
equipment (CPE) ends, and
local loop begins.

The local loop is the cabling

from demarcation point to
Central Office (CO).

19

WAN technology/terminology
Devices that put data on the local loop are called data communications
equipment (DCE).
The customer devices that pass the data to the DCE are called data
terminal equipment (DTE).
The DCE primarily provides an interface for the DTE into the communication
link on the WAN cloud.

The DTE/DCE interface

uses various physical layer

protocols, such as V.35.

These protocols establish

the codes and electrical
parameters the devices use
to communicate with each
other.

20

WAN Devices
Modems transmit data over

voice-grade telephone lines

by
modulating
and
demodulating the signal.

The

digital signals are

superimposed on an analog
voice signal that is modulated
for transmission.

The modulated signal can

be heard as a series of
whistles by turning on the
internal modem speaker.

At the receiving end the

analog signals are returned to
their
digital
form,
or
demodulated

21

WANs - Data Link

Encapsulation
The data link layer protocols define how data is encapsulated for transmission to
remote sites, and the mechanisms for transferring the resulting frames.
A variety of different technologies are used, such as ISDN, Frame Relay or
Asynchronous Transfer Mode (ATM).
These protocols use the same basic framing mechanism, high-level data link control
(HDLC)

22

WAN Technologies Overview

Dedicated
T1, E1, T3, E3
DSL
SONET

Circuit
Switched
POTS
ISDN

Switched

Analog
Dial-up modems
Cable modems
Wireless

Packet Switched

X.25

Frame Relay
ATM

Covers a relative broad area

Use transmission facilities
leased from service provider
Carries
different
traffic
(voice, video and data)

23

Dedicated Digital Services

Dedicated Digital Services provide
full-time connectivity through a
point-to-point link
T series in U.S. and E series in
Europe
Uses time division multiplexing and
assign time slots for transmissions
T1 = 1.544 Mbps E1 = 2.048 Mbps
T3 = 44.736 Mbps E3 = 34.368 Mbps

24

Digital Subscriber Lines

Digital Subscriber Line (DSL) technology is a broadband technology
that uses existing twisted-pair telephone lines to transport highbandwidth data to service subscribers.
The two basic types of DSL technologies are asymmetric (ADSL) and
symmetric (SDSL).
All forms of DSL service are categorized as ADSL or SDSL and there
are several varieties of each type.
Asymmetric service provides higher download or downstream
bandwidth to the user than upload bandwidth.
Symmetric service provides the same capacity in both directions.

25

Analog Services
Dial-up Modems (switched analog)
Standard that can provides 56 kbps download speed and 33.6
kbps upload speed.
With the download path, there is a digital-to-analogue
conversion at the client side.
With the upload path, there is a analogue-to-digital conversion at
the client side.

26

Cable Modems (Shared Analog)

Cable TV provides residential premises with a coaxial cable that has a
bandwidth of 750MHz
The bandwidth is divided into 6 MHz band using FDM for each TV channel
A "Cable Modem" is a device that allows high-speed data access (Internet)
via cable TV network.
A cable modem will typically have two connections because a splitter delivers
the TV bands to TV set and the internet access bands to PC via a cable box
The splitter delivers the TV bands to TV set and the internet access bands to
PC via a cable box

27

Wireless
Terrestrial
Bandwidths typically in the 11 Mbps range
Cost is relatively low
Line-of-sight is usually required
Usage is moderate
Satellite
Can serve mobile users and remote users
Usage is widespread
Cost is very high
28

Circuit Switched Services

Integrated Services Digital Network (ISDN)
Historically important--first dial-up digital service
Max. bandwidth = 128 kbps for BRI (Basic Rate
Interface)
2 B channels @ 64kps and 1 D channel @ 16kps
B channels are voice/data channels; D for
signaling

B
D
B

29

Integrated Services Digital

Network

30

WAN Connection Types

Leased lines
It is a pre-established WAN communications path
from the CPE, through the DCE switch, to the CPE of
the remote site, allowing DTE networks to
communicate at any time with no setup procedures
before transmitting data.
Circuit switching
Sets up line like a phone call. No data can transfer
before the end-to-end connection is established.

32

WAN Connection Types

Packet switching
WAN switching method that allows you to share
bandwidth with other companies to save money. As
long as you are not constantly transmitting data and
are instead using bursty data transfers, packet
switching can save you a lot of money.
However, if you have constant data transfers, then
you will need to get a leased line.
Frame Relay and X.25 are packet switching
technologies.

33

Defining WAN Encapsulation

Protocols
Each WAN connection uses an encapsulation protocol to
encapsulate traffic while it crossing the WAN link.
The choice of the encapsulation protocol depends on the
underlying WAN technology and the communicating
equipment.

34

Defining WAN Encapsulation

Protocols
Typical WAN encapsulation types include the following:
Point-to-Point Protocol (PPP)
Serial Line Internet Protocol (SLIP)
High-Level Data Link Control Protocol (HDLC)
X.25 / Link Access Procedure Balanced (LAPB)
Frame Relay
Asynchronous Transfer Mode (ATM)

35

Determining the WAN Type to Use

Availability
Each type of service may be available in certain
geographical areas.
Bandwidth
Determining usage over the WAN is important to
evaluate the most cost-effective WAN service.
Cost
Making a compromise between the traffic you need to
transfer and the type of service with the available
cost that will suit you.

36

Max. WAN Speeds for WAN

Connections
WAN Type

Maximum
Speed

Asynchronous Dial-Up

56-64 Kbps

X.25, ISDN BRI

128 Kbps

ISDN PRI

E1 / T1

Leased Line / Frame Relay

E3/T3
37

Typical WAN Encapsulation

Protocols: Layer 2
Leased Line

HDLC, PPP, SLIP

X.25, Frame Relay, ATM

Packet-switched

Service
Provider

PPP, SLIP, HDLC

Circuit-switched

Telephone
Company

38

WAN Protocols
LAN

E0

S0

S0

Network

Datalink
WAN

Physical

Point to Point - HDLC, PPP

Multipoint
- Frame Relay, X.25 and ATM

HDLC Proprietary cisco device default

PPP - Open

39

HDLC Command

Router(config-if)#encapsulation hdlc
Enable hdlc encapsulation
HDLC is the default encapsulation on
synchronous serial interfaces

41

An Overview of PPP

PPP Encapsulation

Link setup and control

using LCP in PPP

PPP is open standard

HDLC is only for encapsulation
PPP provides encapsulation and authentication
PPP is made up of LCP and NCP
LCP is for link control and NCP for multiple protocol support and call
back
42

PPP LCP Configuration Options

Feature
Authentication

How It Operates

Protocol

Require a password

PAP
Perform Challenge Handshake CHAP

Compression

Compress data at source;

reproduce data at
destination

Error
Detection

Monitor data dropped on link

Multilink

Load balancing across

multiple links

Avoid frame looping

Multilink
Protocol (MP)
43

PPP Authentication Overview

Dialup or
Circuit-Switched
Network

PPP Session Establishment

1
2
3

Link Establishment Phase

Optional Authentication Phase
Network-Layer Protocol Phase

Two PPP authentication protocols:

PAP and CHAP

44

Selecting a PPP
Authentication Protocol
Remote Router
(SantaCruz)

PAP
2-Way Handshake

Central-Site Router
(HQ)

santacruz, boardwalk

Accept/Reject
Hostname: santacruz
Password: boardwalk

username santacruz
password boardwalk

Passwords sent in clear text

45

Selecting a PPP Authentication

Protocol (cont.)
Remote Router
(SantaCruz)

CHAP
3-Way Handshake

Central-Site Router
(HQ)

Challenge
Response

Hostname: santacruz
Password: boardwalk

Accept/Reject

username santacruz
password boardwalk

Use secret known only to authenticator and

peer
46

Configuring PPP and

Authentication Overview
Verify who
you are.
Service
Provider

Authenticating Router

Router to Be Authenticated
(The router that initiated the call.)

(The router that received the

call.)
Enabling PPP

Enabling PPP

Enabling PPP Authentication

Enabling PPP Authentication

ppp encapsulation
hostname
username / password
ppp authentication

ppp encapsulation
hostname
username / password
ppp authentication
47

Configuring PPP

Router(config-if)#encapsulation ppp
Enable PPP encapsulation

48

Configuring PPP
Authentication
Router(config)#hostname name

Assigns a host name to your router

Router(config)#username name password password

Identifies the username and password of

authenticating router

49

Configuring PPP Authentication

(cont.)

Router(config-if)#ppp authentication
{chap | chap pap | pap chap | pap}

Enables PAP and/or CHAP authentication

50

Configuring CHAP Example

R1

PSTN/ISDN

hostname R1
username R2 password cisco
!
int serial 0
ip address 10.0.1.1 255.255.255.0
encapsulation ppp
ppp authentication CHAP

R2

hostname R2
username R1 password cisco
!
int serial 0
ip address 10.0.1.2 255.255.255.0
encapsulation ppp
ppp authentication CHAP

51

Verifying HDLC and PPP

Encapsulation Configuration
Router#show interface s0
Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 10.140.1.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255
Encapsulation PPP, loopback not set, keepalive set (10 sec)
LCP Open
Open: IPCP, CDPCP
Last input 00:00:05, output 00:00:05, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
Output queue 0/40, 0 drops; input queue 0/75, 0 drops
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
38021 packets input, 5656110 bytes, 0 no buffer
Received 23488 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
38097 packets output, 2135697 bytes, 0 underruns
0 output errors, 0 collisions, 6045 interface resets
0 output buffer failures, 0 output buffers swapped out
482 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
52

Verifying PPP Authentication with the

debug ppp authentication Command
R1

4d20h:
4d20h:
4d20h:
4d20h:
4d20h:
4d20h:
4d20h:
4d20h:
4d20h:
4d20h:
changed

Service
Provider

R2

%LINK-3-UPDOWN: Interface Serial0, changed state to up

Se0 PPP: Treating connection as a dedicated line
Se0 PPP: Phase is AUTHENTICATING, by both
Se0 CHAP: O CHALLENGE id 2 len 28 from left"
Se0 CHAP: I CHALLENGE id 3 len 28 from right"
Se0 CHAP: O RESPONSE id 3 len 28 from left"
Se0 CHAP: I RESPONSE id 2 len 28 from right"
Se0 CHAP: O SUCCESS id 2 len 4
Se0 CHAP: I SUCCESS id 3 len 4
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0,
state to up

debug ppp authentication

debug ppp authentication successful CHAP output

53

What is ISDN?
Small office

Digital
PBX

Provider
network

Telecommuter

Home office
Central site

Voice, data, video

54

Why ISDN?
ISDN - Integrated Services Digital Network
Telephone services -> Telecommunication
services
Used for voice, data and video

55

ISDN Access Options

Channel

Capacity

64 kbps

16/64 kbps

Mostly Used for

Circuit-switched data (HDLC, PPP)
Signaling information

BRI
D 2B

PRI
D 23 or 30B

BRI and PRI are used globally for ISDN

56

Interfaces and Devices

TE1

ISDN Ready
BRI Port
4W
S/T interface

2W

NT1

U interface
TE2
Analog devices:
phone, Serial port

TA
After connecting to TA it becomes TE1

I
S
D
N

S
w
i
t
c
h
58

Interfaces and Devices

Function Group A set of functions implemented by a device or software

Reference Point The interface between two function group
59

Reference Points

60

LAB-ISDN
ISDN Switch

R1
BRI
E0

192.168.0.1

10.0.0.1

192.168.0.2

Router(config)#hostname R1
R1(config)#username R2 password cisco
R1(config-if)#int bri 0
R1(config-if)# ip address 10.0.0.1 255.0.0.0
R1(config-if)#enacapsulation ppp
R1(config-if)#PPP authentication CHAP
R1(config-if)#no shut
Static Routes or default route
R1(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.2
R1(config)#isdn switch-type basic-net3

R2
BRI
10.0.0.2 E0
192.168.1.1

192.168.1.2

Access List
R1(config)#dialer-list 1 protocol ip permit
R1(config)#int bri 0
R1(config-if)# dialergroup 1
R1(config-if)#dialer map ip 10.0.0.2 name R2 20
R1(config-if)#no shut
R1(config-if)#dialer idle-timeout 100

61

ISDN DDR configuration

Commands
Command

Description

iproute

Global command that configure static route or default

route

username name name password

Global command that configure CHAP username and

password

access-list

Global command that creates ACLs to define a subset

of traffic as interesting

dialer-list 1 protocol IP

Global command that creates a dialer list that makes all

IP traffic interesting or reference to ACL for subset

dialergroup 1

Interface subcommand that references dialer list to

define what is interesting

dialer idle-timeout 100

Interface subcommand that settles idle time out values

dialer string number

Interface subcommand that define dial numbers

int bri 0

Global command that selects BRI interface

secret

62

Packet Switched Services

X.25 (Connection-oriented)
Reliable--X.25 has been extensively debugged and is now very stable--literally no
errors in modern X.25 networks
Store & Forward--Since X.25 stores the whole frame to error check it before
forwarding it on to the destination, it has an inherent delay (unlike Frame Relay)
and requires large, expensive memory buffering capabilities.

Frame Relay (Connectionless)

More efficient and much faster than X.25
Used mostly to forward LAN IP packets

63

Frame Relay Basics

FR is WAN layer2 protocol
FR developed in 1984, its a faster packet
switching technology
In 1990 FR consortium was developed and
extension added

64

Terminology
R1

FR Network

R2

Frame Relay Network

End Device

Interface Device
Encapsulate Data
Access Line

DCE Dedicated FR Switches, can be one or multiple

Trunk Line

Virtual Circuit an end to end connection between interface device - PVC or SVC

Data Link connection Identifiers (DLCI) number is the identification for VC, 16-1007
Committed Information Rate or CIR - agreed-upon bandwidth
Frame Relay there are two encapsulation types: Cisco and IETF
Local Management Interface (LMI) is a signaling standard used between your router and
the first Frame Relay switch i - Cisco, ANSI, and Q.933A.
65

LAB - Frame Relay

FR Switch

R1
S0
E0
192.168.1.1/24

100

192.168.3.9/29

200

192.168.3.10/29 R2
S0
E0

DCE

192.168.1.2/24

R1
Router#config t
Router(config)#hostname R1
R1(config)# int s 0
R1(config-if)#ip address 192.168.3.9 255.255.255.248
R1(config-if)#enacapsulation frame-relay
R1(config-if)# frame-relay intf-type DTE
R1(config-if)# frame-relay interface-dlci 100
R1(config-if-dlci)# exit
R1(config-if)#framerelay map ip 192.168.3.10 100
R1(config-if)#no shut

DCE

192.168.2.1/24

192.168.2.2/24

Frame Relay Switch

Router#config t
Router(config)#hostname FRSwitch
FRSwitch(config)# frame-relay switching
FRSwitch(config)# int s 1/0
FRSwitch(config-if)#enacapsulation frame-relay
FRSwitch(config-if)# frame-relay intf-type DCE
FRSwitch(config-if)# clock rate 64000

FRSwitch(config-if)# frame-relay route 100 int serial 1/1 200

FRSwitch(config-if)#no shut

67