Command-Line Interface (CLI)
I sometimes refer to the CLI as “Cash-Line Interface” because if you can create advanced configurations on Cisco routers and switches using the CLI, then you'll get the cash!
Entering the CLI
After the interface status messages appear and you press Enter, the Router> prompt will appear. This is called user exec mode (user mode), and it's mostly used to view statistics, but it's also a stepping stone to logging in to privileged mode.
You can only view and change the configuration of a Cisco router starting in privileged exec mode (privileged mode), which you can enter with the enable command.
Here's how:
Router>enable
Router#
You now end up with a Router# prompt, which indicates that you're in privileged mode, where you can both view and change the router's configuration. You can go back from privileged mode into user mode by using the disable command, as shown here:
Router#disable
Router>
At this point, you can type logout from either mode to exit the console.
Router>logout
Router con0 is now available
Press RETURN to get started.
In the following sections, I am going to show you how to perform some basic administrative configurations.
Overview of Router Modes
To configure from a CLI, you can make global changes to the router by typing configure terminal (or config t for short), which puts you in global configuration mode and changes what's known as the running-config. A global command (a command run from global config) is set only once and affects the entire router.
You can type config from the privileged-mode prompt and then just press Enter to take the default of terminal, as shown here:
Router#config Configuring from terminal, memory, or network [terminal]? [press enter] Enter configuration commands, one per line. End with CNTL/Z. Router(config)#
At this point, you make changes that affect the router as a whole (globally), which is why it's called global configuration mode. To change the running-config—the current configuration running in dynamic RAM (DRAM)—you use the configure terminal command, as I just demonstrated.
Here are some of the other options under the configure command:
Router(config)#exit or press cntl-z Router#config ? memory Configure from NV memory network Configure from a TFTP network host overwrite-network Overwrite NV memory from TFTP network host terminal Configure from the terminal <cr>
I'll go through these commands in Chapter 5, “Managing a Cisco Internetwork.”
CLI Prompts
It's really important that you understand the different prompts you can use when configuring a router. Knowing these well will help you navigate and recognize where you are at any time within configuration mode. In the following sections, I'll demonstrate the prompts that are used on a Cisco router and discuss the various terms used. (Always check your prompts before making any changes to a router's configuration!)
I won't go into every different command prompt offered because doing that would be reaching beyond the scope of this book. Instead, I'll describe all the different prompts you'll see throughout this chapter and the rest of the book. These command prompts really are the ones you'll use most in real life anyway; plus, they're the ones you'll need to know for the exam.
Don't freak! It's not important that you understand what each of these command prompts accomplishes yet because I'm going to completely fill you in on all of them really soon. So, right now, just relax and focus on becoming familiar with the different prompts available, and all will be well!
Interfaces
To make changes to an interface, you use the interface command from global configuration mode.
Router(config)#interface ? Async Async interface BVI Bridge-Group Virtual Interface CDMA-Ix CDMA Ix interface CTunnel CTunnel interface Dialer Dialer interface FastEthernet FastEthernet IEEE 802.3 Group-Async Async Group interface Lex Lex interface Loopback Loopback interface MFR Multilink Frame Relay bundle interface Multilink Multilink-group interface Null Null interface Port-channel Ethernet Channel of interfaces Serial Serial Tunnel Tunnel interface Vif PGM Multicast Host interface Virtual-PPP Virtual PPP interface Virtual-Template Virtual Template interface Virtual-TokenRing Virtual TokenRing range interface range command Router(config)#interface fastEthernet 0/0 Router(config-if)#
Did you notice that the prompt changed to Router(config-if)#? This tells you that you're in interface configuration mode. And wouldn't it be nice if the prompt also gave you an indication of what interface you were configuring? Well, at least for now you'll have to live without that prompt information, because it doesn't provide that. One thing is for sure: you really have to pay attention when configuring a router!
Subinterfaces
Subinterfaces allow you to create logical interfaces within the router. The prompt then changes to Router(config-subif)#.
Router(config-if)#interface f0/0.1
Router(config-subif)#
Line Commands
To configure user-mode passwords, use the line command. The prompt then becomes Router(config-line)#.
Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#line ? <0-337> First Line number aux Auxiliary line console Primary terminal line tty Terminal controller vty Virtual terminal
The line console 0 command is known as a major command (also called a global command), and any command typed from the (config-line) prompt is known as a subcommand.
Routing Protocol Configurations
To configure routing protocols such as RIP and EIGRP, you'll use the prompt Router(config-router#).
Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#router rip Router(config-router)#version 2 Router(config-router)#
Defining Router Terms
Table 4.1 defines some of the terms I've used so far.
Editing and Help Features
You can use the Cisco advanced editing features to help you configure your router. If you type in a question mark (?) at any prompt, you'll be given a list of all the commands available from that prompt.
Router#?
Exec commands:
access-enable Create a temporary Access-List entry
access-profile Apply user-profile to interface
access-template Create a temporary Access-List entry
archive manage archive files
auto Exec level Automation
bfe For manual emergency modes setting
calendar Manage the hardware calendar
cd Change current directory
clear Reset functions
clock Manage the system clock
cns CNS agents
configure Enter configuration mode
connect Open a terminal connection
copy Copy from one file to another
crypto Encryption related commands.
ct-isdn Run an ISDN component test command
debug Debugging functions (see also ‘undebug’)
delete Delete a file
dir List files on a filesystem
disable Turn off privileged commands
disconnect Disconnect an existing network connection
-More-
Plus, at this point you can press the spacebar to get another page of information, or you can press Enter to go one command at a time. You can also press Q (or any other key, for that matter) to quit and return to the prompt.
Here's a shortcut: to find commands that start with a certain letter, use the letter and the question mark with no space between them.
Router#c?
calendar cd clear clock
cns configure connect copy
crypto ct-isdn
Router#c
By typing c?, I received a response listing all the commands that start with c. Also notice that the Router#c prompt reappears after the list of commands is displayed. This can be helpful when you have long commands and need the next possible command. It would be pretty lame if you had to retype the entire command every time you used a question mark!
To find the next parameters of a command string, type the first command and then a question mark.
Router#clock ? read-calendar Read the hardware calendar into the clock set Set the time and date update-calendar Update the hardware calendar from the clock Router#clock set ? hh:mm:ss Current Time Router#clock set 11:15:11 ? <1-31> Day of the month MONTH Month of the year Router#clock set 11:15:11 25 april ? <1993-2035> Year Router#clock set 11:15:11 25 april 2011 ? <cr> Router#clock set 11:15:11 25 april 2011 *April 25 11:15:11.000: %SYS-6-CLOCKUPDATE: System clock has been updated from 18:52:53 UTC Wed Feb 28 2011 to 11:15:11 UTC Sat April 25 2011, configured from console by cisco on console.
By typing the clock ? command, you'll get a list of the next possible parameters and what they do. Notice that you should just keep typing a command, a space, and then a question mark until <cr> (carriage return) is your only option.
If you're typing commands and receive
Router#clock set 11:15:11
% Incomplete command.
you'll know that the command string isn't done yet. Just press the up arrow key to redisplay the last command entered, and then continue with the command by using your question mark.
And if you receive the error
Router(config)#access-list 110 permit host 1.1.1.1
^
% Invalid input detected at ‘^’ marker.
you've entered a command incorrectly. See that little caret—the ^? It's a very helpful tool that marks the exact point where you blew it and entered the command incorrectly. Here's another example of when you'll see the caret:
Router#sh serial 0/0/0
^
% Invalid input detected at ‘^’ marker.
This command looks right, but be careful! The problem is that the full command is show interface serial 0/0/0.
Now if you receive the error
Router#sh ru
% Ambiguous command: “sh ru”
it means there are multiple commands that begin with the string you entered and it's not unique. Use the question mark to find the command you need.
Router#sh ru?
rudpv1 running-config
As you can see, there are two commands that start with show ru.
Table 4.2 lists the enhanced editing commands available on a Cisco router.
TABLE 4.2 Enhanced editing commands
Another cool editing feature I want to show you is the automatic scrolling of long lines. In the following example, the command typed had reached the right margin and automatically moved 11 spaces to the left (the dollar sign [$] indicates that the line has been scrolled to the left):
Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#$110 permit tcp host 10.1.1.1 171.10.10.10 0.0.0.0 eq 23
You can review the router-command history with the commands shown in Table 4.3.
TABLE 4.3 Router-command history
The following example demonstrates the show history command and how to change the history size as well as how to verify it with the show terminal command. First, use the show history command to see the last 10 commands that were entered on the router, as shown here:
Router#show history
en
sh history
show terminal
sh cdp neig
sh ver
sh flash
sh int fa0
sh history
sh int s0/0
sh int s0/1
Now use the show terminal command to verify the terminal history size.
Router#show terminal
Line 0, Location: “”, Type: “”
[output cut]
Modem type is unknown.
Session limit is not set.
Time since activation: 00:21:41
Editing is enabled.
History is enabled, history size is 20.
DNS resolution in show commands is enabled
Full user help is disabled
Allowed input transports are none.
Allowed output transports are pad telnet rlogin lapb-ta mop v120 ssh.
Preferred transport is telnet.
No output characters are padded
No special data dispatching characters
The terminal history size command, used from privileged mode, can change the size of the history buffer.
Router#terminal history size ? <0-256> Size of history buffer Router#terminal history size 25
You verify the change with the show terminal command.
Router#show terminal
Line 0, Location: “”, Type: “”
[output cut]
Editing is enabled.
History is enabled, history size is 25.
Full user help is disabled
Allowed transports are lat pad v120 telnet mop rlogin
nasi. Preferred is lat.
No output characters are padded
No special data dispatching characters
Group codes: 0
When Do You Use the Cisco Editing Features?
A couple of editing features are used quite often and some not so much, if at all. Understand that Cisco didn't make these up; these are just old Unix commands. However, Ctrl+A is really helpful to negate a command.
For example, if you were to put in a long command and then decide you didn't want to use that command in your configuration after all, or if it didn't work, then you could just press your up arrow key to show the last command entered, press Ctrl+A to move your cursor to the beginning of the line, type no and then a space, press Enter—and poof! The command is negated. This doesn't work on every command, but it works on a lot of them.
Gathering Basic Routing Information
The show version command will provide basic configuration for the system hardware as well as the software version and the boot images. Here's an example:
Router#show version Cisco IOS Software, 2800 Software (C2800NM-ADVSECURITYK9-M), Version 12.4(12), RELEASE SOFTWARE (fcl) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2006 by Cisco Systems, Inc. Compiled Fri 17-Nov-06 12:02 by prod_rel_team
The preceding section of output describes the Cisco IOS running on the router. The following section describes the read-only memory (ROM) used, which is used to boot the router and holds the POST:
ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
The next section shows how long the router has been running, how it was restarted (if you see a system restarted by bus error, that is a very bad thing), the location from which the Cisco IOS was loaded, and the IOS name. Flash is the default, and the “Flash:” before the IOS name shows where the IOS that is currently running was loaded from. The IOS could load from difference sources, such as from a TFTP server.
Router uptime is 2 hours, 30 minutes System returned to ROM by power-on System restarted at 09:04:07 UTC Sat Aug 25 2007 System image file is “flash:c2800nm-advsecurityk9-mz.124-12.bin”
This next section displays the processor, the amount of DRAM and flash memory, and the interfaces the POST found on the router:
[some output cut] Cisco 2811 (revision 53.50) with 249856K/12288K bytes of memory. Processor board ID FTX1049A1AB 2 FastEthernet interfaces 4 Serial(sync/async) interfaces 1 Virtual Private Network (VPN) Module DRAM configuration is 64 bits wide with parity enabled. 239K bytes of non-volatile configuration memory. 62720K bytes of ATA CompactFlash (Read/Write) Configuration register is 0x2102
The configuration register value is listed last—it's something I'll cover in Chapter 5.
In addition, the show interfaces and show ip interface brief commands are very useful in verifying and troubleshooting a router as well as network issues. These commands are covered later in this chapter. Don't miss it!