Posts tagged ios
Cisco IOS Tips – cache running-configuration
Oct 14th
This is probably one of the most ignored and forgotten feature of IOS since 12.2(25)S and 12.2(27)SBC.
I am positing it here as I never stopped coming across routers and switches with this feature not active. Please note you need to enough memory,to use this feature; that is to say, the available space in memory to hold a copy of the interfaces configuration.
As you may guess, a router or switch with a monstrous configuration, can take a while to display the running configuration when issuing
edge1#sh run
as it needs to fetch all the configuration from various places in memory.
Quoting Cisco
When invoked, NVGEN queries each system component and each instance of interface or other configuration objects. A running configuration file is constructed as NVGEN traverses the system performing these queries.
To speed things up, IOS ships in with a feature called Configuration Generation Performance Enhancement , which caches the interfaces configurations, which in return speed up NVGEN.
Activate caching with
edge1(config)#parser config cache interface
and voilà.
Filter networks with BGP
Sep 20th
There are 3 easy ways to filter/restrict certain networks to be announced through BGP to a remote/adjacent AS (Autonomous System).
Those 3 simple ways include: prefix-list | Extended Access-list + Route-map | Extended Access-list + Distribute-list
To Note: before we go on, I need to specify that creating an extended access list to be in use with BGP (route-map, distribute-list) is almost as similar as creating a prefix-list… Having said that, we are therefore no longer matching source and destination address but merely address prefix and netmask with the access list.
Let’s assume in all 3 examples, we do not want add the network 192.168.4.0/24 to our routing table when advertised from our one eBGP peer – AS 64515.
* in this example, we are of course using a private ASN
1. Prefix-list
First we jump into global configuration mode and create a prefix-list filter named “DENY-PREFIX”
border1#conf t
border1(config)#ip prefix-list DENY-PREFIX seq 10 deny 192.168.4.0/25
border1(config)#ip prefix-list DENY-PREFIX seq 20 permit 0.0.0.0/0 le 32
border1(config)#router bgp 64514
border1(config-router)#neighbor 192.168.10.1 remote-as 64515
border1(config-router)#neighbor 192.168.10.1 prefix-list DENY-PREFIX in
border1(config-router)#do wr
2. Extended access-list / Route-map
First, we create an extended access list in global config mode
border1#conf t
border1(config)#access-list 101 deny ip host 192.168.4.0 host 255.255.255.0
border1(config)#access-list 101 permit ip any any
We then now proceed to create a route map (still in global config mode)
border1(config)#route-map NET-FILTER permit 20
border1(config-route-map)#match ip address 101
We jump back in global config mode
border1(config)#route-map NET-FILTER deny 30
border1(config-route-map)#exit
border1(config)#router bgp 64514
border1(config-router)#neighbor 192.168.10.1 remote-as 64515
border1(config-router)#neighbor 192.168.10.1 route-map NET-FILTER in
border1(config-router)#do wr
3. Distribute-list
Similar to route-map, we will be using an extended access list to accomplish the filtering.
We will be using the same access list we defined early for rout- maps, which is access-list 101
border1(config)#router bgp 64514
border1(config-router)#neighbor 192.168.10.1 remote-as 64515
border1(config-router)#neighbor 192.168.10.1 distribute-list 101 in
border1(config-router)#do wr
- Final point but not last
Remember that for inbound updates, the order of preference is
-
first route-map
-
filter-list
-
prefix-list/distribute-list
and for outbound updates
-
prefix-list/distribute-list
-
filter-list
-
route-map
Cisco IOS Configuration boot register – ROMMON
Sep 16th
Every cisco routers has a configuration register which is saved in NVRAM and is a 16 bit value.
This post will not tackle all the 16 bits of the configuration register, but only the 13th bit which is used to either load IOS or ROMMON. Another post will be made to detail all the 16 bit configuration register.
Before continuing, it is important to understand the basic “boot process” of a router. When you power a router on, it first performs a POST, then loads the bootstrap program from ROM to RAM, which in return loads the appropriate IOS (bootstrap can load an IOS from tftp)/ROMMON or RXBOOT. Once loaded, the bootstrap program gives the hand to the IOS to handle the commands from there on.
The most important bit is the low order bit which is (2 for IOS, 1 for Rxboot and 0 for ROMMON)
Please note that by default, the low order boot bit is 2 thus 0x 2102
Example:
home-booth(config)#conf t
home-booth(config)#config-register 0×2100
home-booth(config)#do wr
Building configuration…
[OK]
home-booth(config)#do reloadProceed with reload? [confirm]
(… a bit later)
%SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.
System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1)
Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory.rommon 1 > System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1)
Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory.rommon 1 >
rommon 1 > confreg 0×2102
rommon 2 >
What could ROMMON be useful for? Simple… restoring a router with a corrupted/broken IOS image!
Configuration Register
Cisco IOS shortcuts
Sep 15th
Configuring Cisco IOS shortcuts command are quite easy and neat… just use the exec command “alias”.
command structure: alias <mode> <shortcut> <command>
Example in exec mode: sh ip int br (show ip interface brief)
so following, we would get “alias exec s sh ip int br”
Example in configure mode: router ospf
and we would get “alias configure ro router ospf”
More mixed examples [ alias / original command / command to enter ]
shr / show run | inc ip / alias exec shr sh run | inc ip
et0 / interface fa0/0 / alias configure et0 interface fa0/0
reload / sh run / alias exec reload sh run <— rewrite IOS command
I hope that was informative!
Cisco IOS hidden tools
Aug 26th
Hello there,
Just a quick overview over a couple of cisco hidden command useful in certain circumstances
1. ttcp
ttcp is only available on routers/layer 3 switches (of course 
)
For those familiar with iperf, ttcp is a kinda”ish” iperf
Start ttcp on one router in point 2 point scenario and ttcp on the other endpoint. One router will be in receiving mode, while the other will be in sending mode… running the command is quite straight forward, thus I will not demonstrate it here.
2. test crash
Ok this used to be hidden, but isn’t in newer IOS version. Test crash allows to simulate a crash.. so you came to the office one morning and found your switch dead… not log, not knowing what happened. test crash can help you dig into the problem by simulating the crash
3. test transmit
This is a very cool feature 
(ah I love cisco 
). You can simulate traffic to interfaces, using specific encapsulations and protocols…
4. ip route profile and show ip route profile
Used in conjonction, this “debug” command enables you to see route fluctuation.
5. csim start “number”
This emulates a voice call to the specified number… practical for VoIP testing environment.
6. show controller switch
Need to get a quick overview on your switch traffic stats. Suspect a congestion network? show controller switch will give you the quick heads up on where you stand
7. debug ip osfp monitor
This command enables you to monitor the OSPF SPF process
8. ip-con 2 con
Available on cisco 7500… it enables you to enter the VIP console to execute VIP commands on VIP boards
9. ip osfp interface retry <X>
Back to OSPF (the coolest routing protocol), by default OSPF pools retry on the interface 10 times… having too much fluctuation of states on the interface of your router? increase the pooling period.
10. show region
Displays how the memory is partitioned on the device