Tag Archives: cisco

Configure Trunking Between Cisco Catalyst 2960 Switches

This tutorial also applies to other Cisco switches. The Cisco Catalyst 2960 is a layer 2 switch, perhaps one of the most commonly used switches I see in the field. Trunking is a solution for connecting two switches at layer 2, trunking even allows for VLANs in both switches to communicate.

2960 Topology

For this tutorial I will create a trunk between two Cisco Catalyst 2960 switches. My Catalyst 2960 come with two gigabit uplink ports, I will use one port on each switch to establish the trunk. By default all VLANs will be able to traverse the trunk(this includes VLAN 1).

SWITCH-A Trunk Configuration

SWITCH-A# configure terminal
SWITCH-A(config)# interface gigabitEthernet 1/1
SWITCH-A(config-if)# description trunk link
SWITCH-A(config-if)# switchport mode trunk
SWITCH-A(config-if)# switchport nonegotiate

Command explanation:

  • switchport mode trunk – Configure interface for trunking mode
  • switchport nonegotiate – Since the interface was manually configure for trunking there is no need to negotiate

SWITCH-B Trunk Configuration

SWITCH-B configuration steps are identical to SWITCH-A.

SWITCH-B# configure terminal
SWITCH-B(config)# interface gigabitEthernet 1/1
SWITCH-B(config-if)# description trunk link
SWITCH-B(config-if)# switchport mode trunk
SWITCH-B(config-if)# switchport nonegotiate

Conclusion

By trunking two switches together the amount of available ports can be increased. The interfaces linking the two switches may be come bottle necks if the switches send more traffic than either the Fast Ethernet or Gigabit Ethernet port used for the trunk can handle, to increase bandwidth between the switches consider adding EtherChannel to the trunk link.

Feel free to leave a comment below, who knows I maybe able to provide some extra assistance.

Delete Multiple VLAN’s at Once – Cisco IOS

The scenario is a simple one, I have a Cisco 2960 switch with 3 VLANs(10 Acct_dept, 12 HR_dept, 20 Guests) that I need to remove. To demonstrate here is the partial output from the Catalyst 2960, use the show vlan command to view all VLANs in the switch.

SW1# show vlan

VLAN Name
---- --------------------------------
1    default

10   Acct_dept
12   HR_dept
20   Guests
1002 fddi-default
1003 token-ring-default
1004 fddinet-default

To delete multiple VLANs(range) we use the no parameter, followed by the VLANs range to be deleted. In this case all VLANs between 10 and 20 will be removed. When you delete a VLAN ports assigned to the same will revert back to VLAN 1.

SW1(config)# no vlan 10-20

Issue the show vlan command once again to confirm that all previous VLANs are now removed.

SW1# show vlan

VLAN Name
---- --------------------------------
1    default

1002 fddi-default
1003 token-ring-default
1004 fddinet-default

Conclusion

Efficient and less painful for those of us that regularly make changes.

Feel free to leave a comment below, who knows I maybe able to provide some extra assistance.

Creating Ethernet VLANs on Catalyst Switches – cisco.com

Cisco Continuous Ping

If you ping an address from a Cisco router the ping will be repeated five times, to increase the amount of repeated pings all you need to do is make use of the repeat parameter. The command below will ping 10.10.10.1 1000 times.

R1# ping 10.10.10.1 repeat 1000

Breakdown

ping: Execute ping
10.10.10.1: Address of the host we weill be pinging
repeat: Ping should be repeated
1000: Repeat ping 1000 times

Repeat In Action

R2# ping 10.10.10.1 repeat 1000

Type escape sequence to abort.
Sending 1000, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (1000/1000), round-trip min/avg/max = 1/5/8 ms

Cisco: %Error opening tftp://255.255.255.255

Router#
%Error opening tftp://255.255.255.255/network-confg (Timed out)
%Error opening tftp://255.255.255.255/cisconet.cfg (Timed out)

The error above is the result of the Cisco IOS attempting to retrieve config files from a TFTP server. Let’s turn this annoying feature off…

Change over to Global Config.

R1# config t

Turn off the service.

R1(config)# no service config
R1(config)# exit

Reload the device and admire your productivity. You should no longer be bothered by the previous error.

R1# reload

Questions and comments are always welcome, feel free to use the form below.

Cisco Portable Product Sheets – Product Reference

There is one area where I cannot complain about Cisco, “Documentation” Cisco unlike other companies does of a good job of making available relevant docs about a product and the product line it belongs to. After all, information should not be restricted by hiding it or failing to produce it in the first place.

To be specific, I like their Portable Product Sheets which are intended to provide a reference on the raw performance of a Cisco product, helpful if you need to make a decision on how to size your purchase. Keep in mind the Portable Product Sheets assume no services are enabled. The use of ACL’s, encryption, or compression will impact the numbers given in the sheets.

All of the avaible sheets can be found in PDF format at the following link: Portable Product Sheets


Each product line has its own sheet, the first example refers to routers and the second to switches.

Example 1: Routers like the 2500s, 2600s series and so on are grouped in the same sheet, values found in this sheet are: Process Switching and Fast/CEF Switching.

Cisco

Example 2: L2 and L3 switches like the 2690s and 3750s are grouped in the same sheet, the values found in this sheet are: Switch Performance (Mpps) and Switch Fabric (Gbps).

Perf-sw

While I don’t believe Cisco is inflating their numbers, they are not what you will see in the real world. Due to the potential for endless configuration options the numbers are bound to change.

Below are the links to the sheets I tend to refer the most:

Links

Visit: www.Cisco.com

10 Useful Cisco IOS Commands – Part 1

This is not a complete list of all the commands found in the Cisco IOS, instead I intend this page to be a simple reference of the commands I frequently come across when working with Cisco products.

Although, I tried to write a description for most of the commands found below some of them are self explanatory.

Schedule Router to Reload in X amount of minutes:

You can schedule a Cisco device to reload at a predetermined amount of time. The example below will reload a router in 25 minutes.

Router# reload in 25

System configuration has been modified. Save? [yes/no]: yes
Building configuration...
[OK]
Reload scheduled in 25 minutes by console
Reload reason: Reload Command
Proceed with reload? [confirm]

To cancel the reload just issue:

Router# reload cancel

Router#

***
*** --- SHUTDOWN ABORTED ---
***

Display CPU load:

Router# show proc cpu

CPU utilization for five seconds: 0%/0%; one minute: 0%; five minutes: 0%
 PID Runtime(ms)   Invoked      uSecs   5Sec   1Min   5Min TTY Process
   1           0         2          0  0.00%  0.00%  0.00%   0 Chunk Manager
   2           4       192         20  0.00%  0.00%  0.00%   0 Load Meter
   3           0         1          0  0.00%  0.00%  0.00%   0 chkpt message ha
   4           0         1          0  0.00%  0.00%  0.00%   0 EDDRI_MAIN

Display available memory:

Router# show proc mem

Processor Pool Total:  162187652 Used:   20502480 Free:  141685172
      I/O Pool Total:   16777216 Used:    2831648 Free:   13945568
Transient Pool Total:   16777216 Used:      16584 Free:   16760632

 PID TTY  Allocated      Freed    Holding    Getbufs    Retbufs Process
   0   0   28163076    6754612   19372876        351         84 *Init*
   0   0      12052      79384      12052          0          0 *Sched*

Clear interface configuration:

Clear a specific interface of all configuration and return to a default state.

Router(config)# default interface fastEthernet 0/0

Building configuration...

Interface FastEthernet0/0 set to default configuration

Change hostname:

Router(config)# hostname R12BNY

Disable host to IP translation:

While harmless frequent “Translating…. domain server (255.255.255.255)” messages can result in waste of valuable time. The logical solution is to disable Host to IP Address Translation. After disabling the message will no longer appear.

Router(config)# no ip domain-lookup

Test network throughput with TTCP:

TTCP is hidden IOS command designed to measure network throughput. In order to use TTCP you need to configure a sender and a receiver. Keep in mind this will result in increased Router load.

R2# ttcp transmit 192.168.1.1

ttcp-t: buflen=8192, nbuf=2048, align=16384/0, port=5001  tcp  -> 192.168.1.1
ttcp-t: connect (mss 1460, sndwnd 4128, rcvwnd 4128)
ttcp-t: 16777216 bytes in 75696 ms (75.696 real seconds) (~215 kB/s) +++
ttcp-t: 2048 I/O calls
ttcp-t: 0 sleeps (0 ms total) (0 ms average)
R1# ttcp receive

ttcp-r: buflen=8192, align=16384/0, port=5001
rcvwndsize=0, delayedack=yes  tcp
ttcp-r: accept from 192.168.1.2 (mss 1460, sndwnd 4128, rcvwnd 2668)
ttcp-r: 16777216 bytes in 75696 ms (75.696 real seconds) (~215 kB/s) +++
ttcp-r: 8330 I/O calls
ttcp-r: 0 sleeps (0 ms total) (0 ms average)

Banner MOTD:

Change the message with which users will be greeted when logging in.

Router(config)# banner motd #

Enter TEXT message.  End with the character '#'.
You are entering the vicinity of an area adjacent to a location. The kind of place where there might be a monster,
or some kind of weird mirror. These are just examples; it could also be something much better.
Prepare to enter: The Scary Door.
#

Display IOS version:

Router# show version

Cisco IOS Software, 7200 Software (C7200-JK9S-M), Version 12.4(13b), RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Wed 25-Apr-07 03:18 by prod_rel_team

ROM: ROMMON Emulation Microcode
BOOTLDR: 7200 Software (C7200-JK9S-M), Version 12.4(13b), RELEASE SOFTWARE (fc3)

Disable Cisco Discovery Protocol (CDP):

CDP allows a Cisco device to see an adjacent Cisco device along with the protocols and IP addresses it uses. While useful CDP is considered by some to be a risk because it provides information to potential attackers.

Router(config)# no cdp run

Simple Cisco Tips

When working with the Cisco ISO it’s normal to receive some warnings and messages and they are vital for knowledge of the system but some tend to interrupt while working on a router. If you agree with the later one then disabling some of the unnecessary one’s is not that hard.

Router#config t
Router#line con 0
Router#logging synchronous
Router#line vty 0 4
Router#logging synchronous
Router#^Z

In privileged mode Cisco routers attempt to resolve DNS hostname to IP addresses, this can frustrating when entering a wrong command creating a 30 to 40 second delay, the solution is to disable DNS look up.

Router#config t
Router#no ip domain-lookup
Router#^z

The result from now on will be “% Unknown command or computer name, or unable to find computer address“.

There is no need to erase the whole configuration if you need to wipe the interfaces, just erase the configuration on the interface instead.

Router(config)#default interface
Example =
Router(config)#default interface fastethernet0/0

Back Up And Install The Cisco IOS Image

In order to back up the IOS you need a TFTP server, SolarWinds offers a Free TFTP Server.

If you have no idea what version of the IOS you are using use the show flash command.

Router#show flash
System flash directory:
File Length Name/status
1 3289170 d1206.bin
[3289236 bytes used, 905068 available, 4194304 total]
4096K bytes of processor board System flash (Read/Write)

Backup

From the console in privileged EXEC mode enter the copy flash tftp command. When requested enter the IP address of the TFTP server.

Router#copy flash tftp
Source filename []? d1205.bin
Address or name of remote host []? 192.168.1.21
Destination filename [d1205.bin]? y
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
3289170 bytes copied in 47.668 secs (69982 bytes/sec)

Restore

To copy the IOS from a TFTP server use the copy tftp command. When requested enter the IP address of the TFTP server containing the IOS.

Router#copy tftp flash
Address or name of remote host []? 192.168.1.21
Source filename []? d1206.bin
Destination filename [d1206.bin]?
Accessing tftp://192.168.1.21/d1206.bin...
Erase flash: before copying? [confirm]
Erasing the flash filesystem will remove all files! Continue? [confirm]
Erasing device... eeeeeeeeeeeeeeee ...erased
Erase of flash: complete
Loading d1206.bin from 192.168.1.21 (via Ethernet0): !!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 3289170/6578176 bytes]
Verifying checksum... OK (0xB6BD)
3289170 bytes copied in 89.272 secs (36956 bytes/sec)

Password Recovery For The Cisco IOS

Connect a PC with a terminal emulation software to the console port on the Cisco router. Cisco 2620 router, IOS 12.2.

Settings for the terminal

9600 baud rate
No parity
8 data bits
1 stop bit
No flow control

Turn off the router, then back on.

After the router is on press the BREAK key(Alt + b on Tera Term) within 60 seconds of start to have the router in ROMMON.

The prompt will show.

rommon 1>

Then type confreg 0x2142 to boot from flash (this will bypass startup configuration).

rommon 1>confreg 0×2142

Type reset at the prompt (ignores saved configuration, then reboots).

rommon 2>reset

Press Ctrl-c to skip the initial procedure.

Type enable at the prompt.

Router>enable

Then the prompt changes to Router#.

Now type.

Router#configure memory

or

Router#copy startup-config running-config

commands will copy NVRAM in to memory.

To show the current configuration on the router use.

Router#show running-config

The output will be :
enable passwords
enable secret
vty
console password

which will be in encrypted or unencrypted format, encrypted passwords should be change to a new one.

To change encrypted or enable secret password do the following.

Router#
Router#configure terminal
Router(config)#enable secret 
Router(config)#exit

Issue the no shutdown command on every interface.

Router#
Router(config)#interface serial 0/1
Router(config-t)#no shutdown
Router(config-t)#exit

Type config-register use the value 0×2102.

Router(config)#config-register 0×2102

Press Ctrl-z to leave configuration mode.

Router#

Type write memory or copy running-config startup-config to commit all of the new changes and configurations.