Home - Rasfoiesc.com
Educatie Sanatate Inginerie Business Familie Hobby Legal
Doar rabdarea si perseverenta in invatare aduce rezultate bune.stiinta, numere naturale, teoreme, multimi, calcule, ecuatii, sisteme



Biologie Chimie Didactica Fizica Geografie Informatica
Istorie Literatura Matematica Psihologie

Calculatoare


Index » educatie » » informatica » Calculatoare
» Configurarea unui ruter


Configurarea unui ruter




Configurarea unui ruter

1 Configurarea numelui unui ruter

Unui ruter trebuie sa i se atribuie un nume unic, fiind una din primele misiuni din configurarea ruterului. Acest lucru se realizeaza utililizand comanda:

Router(config)#hostname numeledorit

numeledorit(config)#




Dupa validarea comenzii prin apasarea tastei “Enter” promptul va schimba din numele initial care este Router in noul nume setat, in exemplul nostru Router1.

Exemplu:

Router>enable

Router#configure terminal

Router(config)#hostname Router1

Rouiter1(config)#

2 Stabilirea parolelor unui ruter

Parolele restrictioneaza accesul la ruter. Acestea trebuie intotdeauna configurate pentru liniile terminalului virtual (VTY) si ale consolei. Prin liniile terminalului virtual, sistemul poate fi accesat de la distanta prin Telnet sau SSH. Parolele sunt folosite de asemenea pentru a accesa modul “privileged EXEC”, mod care autorizeaza utilizatorii sa faca schimbari in fisierul de configurare.

Comenzile urmatoare sunt utilizate pentru a seta o parola optionala, dar recomandata, pentru linia de consola.

Router1#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router1(config)#line console 0

Router1(config-line)#password 1234

Router1(config-line)#login

Router1(config-line)#exit

%SYS-5-CONFIG_I: Configured from console by console

Router1#

Acum cand vom incerca sa intram pe ruter ni se va solicita parola.

Daca introducem de trei ori la rand alta parola vom fi deconectati. Dupa introducerea parolei corecte vom putea accesa modul utilizator. Din motive de securitate, caracterele introduse de la tastura nu vor fi afisate pe ecran. Mai jos se va introduce parola corecta dupa introducerea celei gresite de trei ori si se va observa ca ni se va permite accesul:

Press RETURN to get started!

User Access Verification

Password:

Router1>

Parola trebuie setata pe una sau mai multe linii virtuale VTY pentru ca utilizatorii sa aiba acces la ruter de la distanta prin intermediul Telnet sau SSH (Secure Shell). Cele mai multe rutere Cisco suporta cinci linii numerotate de la 0 la 4. Alte platforme suporta diferite conexiuni. Aceeasi parola este utilizata in mod general pentru toate liniile. Totusi, o parola unica poate fi setata pentru o singura linie pentru a furniza o intrare fall-back in cazul in care celelalte patru conexiuni sunt in folosinta. Pentru acestea se folosesc urmatoarele comenzi:

Router1>enable

Router1#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router1(config)#line vty 0 4

Router1(config-line)#password 1234

Router1(config-line)#login

Router1(config-line)#end

Comenzile “enable password” si “enable secret” sunt utilizate pentru a restrictiona accesul la modul “privileged EXEC”. Enable passwordse utilizeaza numai daca enable secret” nu a fost setat. Comanda enable secret” trebuie utilizata deoarece folosind aceasta comanda, parola este criptata si ea nu va mai fi afisata in clar la introducerea comenzii „show running-config” de exemplu. Pentru a seta parolele folosim urmatoarele comenzi:

Router1#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router1(config)#enable password 1234

Router1(config)#^Z

%SYS-5-CONFIG_I: Configured from console by console

Router1#show running-config

Building configuration

Current configuration : 764 bytes

version 12.3

no service password-encryption

hostname Router1

enable password 1234

ip ssh version 1

router rip

version 2

network 131.2.0.0

network 139.10.0.0

network 195.40.0.0

ip classless

line con 0

password 1234

login

line vty 0 4

password 1234

login

End

Router1#exit

Router1 con0 is now available

Press RETURN to get started.

User Access Verification

Password:

Router1>enable

Password:

Router1#

Uneori nu se doreste ca parolele sa fie aratate sub forma unui text clar, utilizand comezile “show running-config sau show startup-config . Pentru a cripta parolele se foloseste comanda:

Router(config)#service password-encryption

Comanda service password-encryption” aplica criptarea tuturor parolelor necriptate.

Router1#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router1(config)#service password-encryption

Router1(config)#^Z

%SYS-5-CONFIG_I: Configured from console by console

Router1#show running-config

Building configuration

Current configuration : 785 bytes

version 12.3

service password-encryption

hostname Router1

enable password 7 08701E1D5D

ip ssh version 1

router rip

version 2

network 131.2.0.0

network 139.10.0.0

network 195.40.0.0

ip classless

line con 0

password 7 08701E1D5D

login

line vty 0 4

password 7 08701E1D5D

login

end

3 Examinarea comenzilor de afisare (comenzile „show”)

In acest capitol se vor prezenta cateva comenzi de afisare (comenzile “ show ”). Multe din aceste comenzi se vor folosi pentru a afisa continutul unor fisiere din ruter precum si cele de diagnosticare (“troubleshooting”). In ambele moduri privilegiate “EXEC” si “user EXEC” comanda “show” listeaza toate comenzile “show” disponibile. Lista de comenzi este mai mare pentru modul „privileged EXEC” fata de cel al utilizatorului („user EXEC”).

3.1 #show interfaces

Aceasta comanda afiseaza statisticile pentru toate interfetele ruter-ului.

Router1#show interface

FastEthernet0/0 is up, line protocol is up (connected)





Hardware is Lance, address is 0050.0fac.2201 (bia 0050.0fac.2201)

Internet address is 195.40.0.1/24

[]

FastEthernet0/1 is administratively down, line protocol is down (disabled)

Hardware is Lance, address is 0050.0fac.2202 (bia 0050.0fac.2202)

[]

Serial0/0/0 is administratively down, line protocol is down (disabled)

Hardware is HD64570

[]

Serial0/0/1 is administratively down, line protocol is down (disabled)

Hardware is HD64570

[]

Serial0/1/0 is up, line protocol is up (connected)

Hardware is HD64570

Internet address is 131.2.0.1/16

[]

Serial0/1/1 is up, line protocol is up (connected)

Hardware is HD64570

Internet address is 139.10.0.1/16

[]

Pentru a vedea statistica pentru o anumita interfata, se introduce comanda “show interfaces” urmata de interfata cu slot-ul/portul dorit. Aceasta este ilustrata in urmatorul exemplu:

Router1#show interfaces serial0/1/0

Serial0/1/0 is up, line protocol is up (connected)

Hardware is HD64570

Internet address is 131.2.0.1/16

[]

Router1#

#show controllers serial

Aceasta comanda afiseaza informatia specifica interfetei hardware si trebuie sa contina in plus numarul portului/slot-ului interfetei seriale.

Exemplu:

Router1# show controllers serial0/1/0

Interface Serial0/1/0

Hardware is PowerQUICC MPC860

DCE V.35, clock rate 64000

idb at 0x81081AC4, driver data structure at 0x81084AC0

SCC Registers:

General [GSMR]=0x2:0x00000000, Protocol-specific [PSMR]=0x8

Events [SCCE]=0x0000, Mask [SCCM]=0x0000, Status [SCCS]=0x00

Transmit on Demand [TODR]=0x0, Data Sync [DSR]=0x7E7E

Interrupt Registers:

Config [CICR]=0x00367F80, Pending [CIPR]=0x0000C000

Mask [CIMR]=0x00200000, In-srv [CISR]=0x00000000

Command register [CR]=0x580

Port A [PADIR]=0x1030, [PAPAR]=0xFFFF

[PAODR]=0x0010, [PADAT]=0xCBFF

Port B [PBDIR]=0x09C0F, [PBPAR]=0x0800E

[PBODR]=0x00000, [PBDAT]=0x3FFFD

Port C [PCDIR]=0x00C, [PCPAR]=0x200

[PCSO]=0xC20, [PCDAT]=0xDF2, [PCINT]=0x00F

Receive Ring

rmd(68012830): status 9000 length 60C address 3B6DAC4

rmd(68012838): status B000 length 60C address 3B6D444

3.3 #show clock

Aceasta comanda afiseaza ceasul stabilit pentru ruter.

Exemplu:

Router1#clock set 10:10:0 1 Jan 2009

Router1#show clock

*11:6:33.25 UTC Thu Jan 1 2009

Router1#

3.4 #show hosts

Aceasta comanda afiseaza lista de gazde si adrese.

Exemplu:

Router1# show hosts

Default Domain is not set

Name/address lookup uses domain service

Name servers are 255.255.255.255

Codes: UN - unknown, EX - expired, OK - OK, ?? - revalidate

temp - temporary, perm - permanent

NA - Not Applicable None - Not defined

Host Port Flags Age Type Address(es)

Router1#

3.5. #show users

Aceasta comanda afiseaza toti utilizatorii care sunt conectati la ruter.

Router1#show users

Line User Host(s) Idle Location

0 con 0 idle 00:00:00

Interface User Mode Idle Peer Address

Router1#

Daca pe ruter este deschisa o sesiune prin telnet de exemplu, cu aceasta comanda se va afisa sesiunea deschisa, durata acesteia si IP-ul de la care este executata aceasta conexiune.

3. #show history

Aceasta comanda afiseaza lista cu o istorie a comenzilor ce au fost folosite.

Router1# show history

show interfaces serial 0/2

show interfaces serial0/1/0

show controllers serial0/1/0

show clock

clock set 10:10:0 1 Jan 2009

show clock

show clock

show hosts

show users

show history

In mod implicit se afiseaza ultimele 10 comenzi executate, numarul maxim de comenzi ce pot fi retinute este de 25

3.7 #show flash

Aceasta comanda afiseaza informatii despre memoria flash precum si ce fisiere IOS sunt stocate in acea memorie;

Exemplu:

Router1#show flash

System flash directory:

File Length Name/status

1 13832032 c1841-ipbase-mz.123-14.T7.bin



[13832032 bytes used, 18682016 available, 32514048 total]

32768K bytes of processor board System flash (Read/Write)

Router1#

3.8 #show arp

Comanda show arp” este folosita pentru afisarea tabelei ARP a ruter-ului;

Router1#show arp

Protocol Address Age (min) Hardware Addr Type Interface

Internet 195.40.0.1 - 0050.0FAC.2201 ARPA FastEthernet0/0

Router1#

Asa arata initial tabela ARP a ruterului. Dupa configurarea unor protocoale de rutare, a adreselor IP si pornirea interfetelor, pe masura ce ruterul invata cai catre alte destinatii tabela va fi populata.

3.8 #show protocols

Comanda „show protocols afiseaza starea globala si specifica fiecarei interfete a protocoalelor de Nivel 3;

Router1#show protocols

Global values:

Internet Protocol routing is enabled

FastEthernet0/0 is up, line protocol is up

Internet address is 195.40.0.1/24

FastEthernet0/1 is administratively down, line protocol is down

Serial0/0/0 is administratively down, line protocol is down

Serial0/0/1 is administratively down, line protocol is down

Serial0/1/0 is up, line protocol is up

Internet address is 131.2.0.1/16

Serial0/1/1 is up, line protocol is up

Internet address is 139.10.0.1/16

Vlan1 is administratively down, line protocol is down

Router1#

3.10.#show startup-config

Aceasta comanda afiseaza configuratia salvata in NVRAM;

Router1#show startup-config

Using 785 bytes

version 12.3

service password-encryption

hostname Router1

enable password 7 08701E1D5D

ip ssh version 1

interface FastEthernet0/0

ip address 195.40.0.1 255.255.255.0

duplex auto

speed auto

interface FastEthernet0/1

no ip address

duplex auto

speed auto

shutdown

interface Serial0/0/0

no ip address

shutdown

interface Serial0/0/1

no ip address

shutdown

interface Serial0/1/0

ip address 131.2.0.1 255.255.0.0

clock rate 64000

interface Serial0/1/1

ip address 139.10.0.1 255.255.0.0

clock rate 64000

interface Vlan1

no ip address

shutdown

router rip

version 2

network 131.2.0.0

network 139.10.0.0

network 195.40.0.0

ip classless

line con 0

password 7 08701E1D5D

login

line vty 0 4

password 7 08701E1D5D

login

end

4 Configurarea unei interfete seriale

In acest paragraf se va explica cum poate fi configurata o interfata seriala de la consola sau de la o linie de terminal virtual.

Insa, interfata seriala este diferita – este o interfata seriala sincrona, de viteza mai mare decat interfata Seriala asincrona de la PC, si cu alt tip de conector (60 sau 26 pini). Interfetele seriale sunt capat-la-capat, adica au numai 2 capete. Particularitatea interfetelor sincrone este ca trebuie generat un semnal de ceas (clock la unul din capete. Capatul respectiv se numeste DCE, in timp ce capatul opus se numeste DTE. Identificarea fizica a capatului se face dupa inscriptia de pe cablu, prin urmare cablul este cel care determina tipul capatului (interfata propriu-zisa suporta ambele tipuri). La capatul DCE trebuie data o comanda aditionala (4).

  • Pentru a configura o interfata se urmaresc urmatorii pasi:
  • Se intra in modul de configurare globala (‘ global configuration mode’)
  • Se intra in modul de interfata (‘interface mode’)
  • Se specifica adresa interfetei si masca de subnetizare
  • Se seteaza ‘clock rate-ul’
  • Se activeaza interfata

Fiecare interfata conectata trebuie sa aiba o adresa IP si o masca de subnetizare pentru a ruta pachetele IP de date. Configurarea adresei IP se face cu urmatoarele comenzi:

Router(config)#interface serial 2/0

Router(config-if)#ip address <ip address > <netmask >

Se va observa ca initial, interfetele nu sunt activate sau deschise. Pentru a porni/activa o interfata, comanda ’no shutdown’ trebuie folosita. In cazul in care o interfata trebuie dezactivata/inchisa pentru diagnosticare, comanda ”shutdown” va fi utilizata.

Theo#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Theo(config)#interface serial 2/0

Theo(config-if)#ip address 192.168.1.129 255.255.255.252

Theo(config-if)#exit

%SYS-5-CONFIG_I: Configured from console by console

Theo#sh interfaces serial 2/0

Theo#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Theo(config)#interface serial 2/0

Theo(config-if)#no shut

%LINK-5-CHANGED: Interface Serial2/0, changed state to up

Theo(config-if)#^Z

%SYS-5-CONFIG_I: Configured from console by console

Theo#show interfaces serial 2/0

Interfata Seriala necesita un semnal de tact pentru sincronizare (‚clock signal’). In majoritatea cazurilor, un dispozitiv DCE va furniza semnalul de tact. Initial, ruterele Cisco sunt dispozitive DTE dar pot fi configurate ca dispozitive DCE. Ceasul este activat iar viteza este specificata folosind comanda ”clock rate”

Valorile disponibile pentru ceas masurate in biti/secunda (bps) sunt: 1200, 2400, 9600, 19200, 38400, 56000, 64000, 72000, 125000, 148000, 500000, 800000, 1000000, 1300000, 2000000, sau 4000000. Unele viteze nu pot fi folosite pentru anumite interfete seriale. Aceasta depinde de capacitatile fiecarei interfete seriale.



De exemplu, in practica, viteza folosita este de 56000. Comenzile pentru a seta ceasul si pentru a activa o interfata sunt dupa cum urmeaza:

Router1#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router1(config-if)#interface Serial0/1/0

Router1(config-if)#ip addr 131.2.0.1 255.255.0.0

Router1(config-if)#no shut

Router1(config-if)#interface Serial0/1/1

Router1(config-if)#ip addr 139.10.0.1 255.255.0.0

Router1(config-if)#no shut

Router1(config-if)#interface Serial 0/1/1

Router1(config-if)#clock rate 64000

Router1(config-if)#interface s0/1/0

Router1(config-if)#clock rate 64000

Router1(config-if)#

Router1(config-if)#^Z

%SYS-5-CONFIG_I: Configured from console by console

Router1#^Z

5. Configurarea unei interfete Ethernet

In acest paragraf se va explica cum se configureaza o interfata Ethernet de la consola sau folosind o linie de terminal virtual. Fiecare interfata Ethernet trebuie sa aiba alocata o adresa IP si o masca de subretea pentru a ruta pachetele de date.

Pentru a configura o interfata Ethernet se parcurg urmatorii pasi:

  • Introduceti modul de configurare globala (“global configuration mode”)
  • Introduceti modul de interfata (‘interface mode”)
  • Specificati adresa interfetei si masca de subretea
  • Activati interfata

Initial, interfetele sunt dezactivate sau inchise. Pentru a porni/activa o interfata, comanda no shutdown trebuie folosita. In cazul in care o interfata trebuie dezactivata/inchisa pentru diagnosticare, comanda shutdown va fi utilizata.

Router1#configure terminal

Enter configuration commands, one per line. End with CNTL/Z

Router1(config)#interface FastEthernet 0/0

Router1(config-if)#ip address 195.40.0.1 255.255.255.0

Router1(config-if)#no shut

Router1#

Pentru o prezentare mai pe scurt a interfetelor putem folosi comanda:

show ip interface brief

Exemplu

Router1#show ip interface brief

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0    195.40.0.1 YES manual up up

FastEthernet0/1    unassigned YES manual administratively down down

Serial0/0/0    unassigned YES manual administratively down down

Serial0/0/1    unassigned YES manual administratively down down

Serial0/1/0    131.2.0.1 YES manual up up

Serial0/1/1    139.10.0.1 YES manual up up

Vlan1    unassigned YES manual administratively down down

Router1#

6 Comanda Reload

Se foloseste aceasta comanda cand se doreste reinitializarea sistemului de operare fie pentru a incarca un alt sistem de operare din flash, fie pentru a testa anumite setari sau pentru a readuce echipamentul la paremetri initiali, caz in care se executa mai inainte comanda „erase startup-config” . Din modul privilegiat se tasteaza comanda „reload” si apoi se executa. Va fi necesara o confirmare, dupa care echipamentul se va reinitializa.

Exemplu:

Router1#erase startup-config

Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]

[OK]

Erase of nvram: complete

%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram

Router1#reload

Proceed with reload? [confirm]

%SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.

System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1)

Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory.

Self decompressing the image :

########################################################################## [OK]

Restricted Rights Legend

Use, duplication, or disclosure by the Government is

subject to restrictions as set forth in subparagraph

(c) of the Commercial Computer Software - Restricted

Rights clause at FAR sec. 52.227-19 and subparagraph

(c) (1) (ii) of the Rights in Technical Data and Computer

Software clause at DFARS sec. 252.227-7013.

cisco Systems, Inc.

170 West Tasman Drive

San Jose, California 95134-1706

Cisco IOS Software, 1841 Software (C1841-IPBASE-M), Version 12.3(14)T7, RELEASE SOFTWARE (fc2)

Technical Support: https://www.cisco.com/techsupport

Copyright (c) 1986-2006 by Cisco Systems, Inc.

Compiled Mon 15-May-06 14:54 by pt_team

Image text-base: 0x6007D180, data-base: 0x61400000

Port Statistics for unclassified packets is not turned on.

Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory.

Processor board ID FTX0947Z18E

M860 processor: part number 0, mask 49

2 FastEthernet/IEEE 802.3 interface(s)

4 Low-speed serial(sync/async) network interface(s)

191K bytes of NVRAM.

31360K bytes of ATA CompactFlash (Read/Write)

Cisco IOS Software, 1841 Software (C1841-IPBASE-M), Version 12.3(14)T7, RELEASE SOFTWARE (fc2)

Technical Support: https://www.cisco.com/techsupport

Copyright (c) 1986-2006 by Cisco Systems, Inc.

Compiled Mon 15-May-06 14:54 by pt_team

--- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]:

% Please answer 'yes' or 'no'.

Continue with configuration dialog? [yes/no]: y

At any point you may enter a question mark '?' for help.

Use ctrl-c to abort configuration dialog at any prompt.

Default settings are in square brackets '[]'.






Politica de confidentialitate


Copyright © 2020 - Toate drepturile rezervate