CISCO Router Commands: Difference between revisions
From KlavoWiki
Jump to navigationJump to search
(17 intermediate revisions by the same user not shown) | |||
Line 14: | Line 14: | ||
exit | exit | ||
</pre> | </pre> | ||
== IPv6 == | |||
<pre> | |||
enable | |||
configure terminal | |||
! | |||
ipv6 unicast-routing | |||
! | |||
interface FastEthernet 0/0 | |||
ipv6 address 001:db8:0:1::1/64 | |||
no shutdown | |||
exit | |||
</pre> | |||
=== IPv6 Routing === | |||
<pre> | |||
ipv6 route ::/0 FastEthernet 1/0 | |||
</pre> | |||
=== IPv6 General Commands === | |||
When using IPv6 the same commands can be used when using IPv4. Ths ip command is changed to ipv6. | |||
<pre> | |||
enable | |||
! | |||
show ipv6 interface FastEtherenet 0/0 | |||
show ipv6 interface brief | |||
! | |||
configure terminal | |||
! | |||
interface FastEthernet 1/0 | |||
ipv6 ospf 1 area 0 | |||
! | |||
interface FastEthernet 6/0 | |||
ipv6 address fe80::1 link-local | |||
no shutdown | |||
exit | |||
! | |||
ipv6 route 2001:db8:0:1::1/64 FastEthernet 0/0 10 | |||
</pre> | |||
== Multiple VLAN Single Interface == | == Multiple VLAN Single Interface == | ||
Line 100: | Line 141: | ||
! | ! | ||
show dhcp lease | show dhcp lease | ||
</pre> | |||
== Relay == | |||
<pre> | |||
enable | |||
configure terminal | |||
! | |||
ip helper-address x.x.x.x | |||
</pre> | </pre> | ||
Line 156: | Line 205: | ||
==== Hello Interval ==== | ==== Hello Interval ==== | ||
All routers must be set the same | All routers must be set the same. Defaults as below. | ||
<pre> | <pre> | ||
enable | |||
configure terminal | |||
! | |||
interface FastEthernet 0/0 | |||
ip ospf hello-interval 5 | ip ospf hello-interval 5 | ||
ip ospf dead-interval 40 | |||
</pre> | </pre> | ||
=== Show === | === Show === | ||
<pre> | <pre> | ||
enable | |||
! | |||
show ip ospf interface | show ip ospf interface | ||
show ip ospf database | show ip ospf database | ||
Line 171: | Line 227: | ||
=== BGP === | === BGP === | ||
As the AS number is the same for local and remote it is concidered iBGP. Making the local and remote AS number different make it eBGP. | |||
Router 1 | |||
<pre> | |||
enable | |||
configure terminal | |||
! | |||
router bgp 1001 | |||
neighbor 192.51.100.2 remote-as 1001 | |||
exit | |||
</pre> | |||
Router 2 | |||
<pre> | |||
enable | |||
configure terminal | |||
! | |||
router bgp 1001 | |||
neighbor 198.51.100.1 remote-as 1001 | |||
</pre> | |||
==== Show ==== | |||
<pre> | |||
enable | |||
! | |||
show ip bgp neighbors | |||
show ip bgp summary | |||
</pre> | |||
=== RIP === | === RIP === | ||
==== Advertise ==== | ==== Advertise ==== | ||
The '''no auto-summary''' allows subprefix routing information to pass across classful network boundaries. | |||
<pre> | <pre> | ||
enable | enable | ||
Line 180: | Line 265: | ||
! | ! | ||
router rip | router rip | ||
version 2 | |||
no auto-summary | |||
network 192.168.1.0 | network 192.168.1.0 | ||
network 172.30.24.0 | network 172.30.24.0 | ||
Line 193: | Line 280: | ||
passive-interface FastEthernet 3/0 | passive-interface FastEthernet 3/0 | ||
</pre> | </pre> | ||
==== Show ==== | |||
<pre> | |||
show ip rip database | |||
</pre> | |||
=== EIGRP === | |||
<pre> | |||
enable | |||
configure terminal | |||
! | |||
router eigrp 1 | |||
no auto summary | |||
network 192.168.10.0 0.0.0.255 | |||
network 192.168.20.0 0.0.0.255 | |||
network 10.1.1.0 0.0.0.3 | |||
! | |||
passive-interface fa0/0 | |||
</pre> | |||
==== Redistribute Static Routes ==== | |||
<pre> | |||
enable | |||
configure terminal | |||
! | |||
router eigrp 1 | |||
redistribute static | |||
exit | |||
</pre> | |||
==== Show ==== | |||
<pre> | |||
show ip eigrp neighbors | |||
show ip eigrp topology | |||
show ip route | |||
</pre> | |||
= ACL (Access Control List) = | |||
<pre> | |||
enable | |||
configure terminal | |||
! | |||
access-list 1 permit host 192.168.2.123 | |||
access-list 1 permit 192.168.13.0 0.0.0.255 | |||
end | |||
</pre> | |||
<pre> | |||
enable | |||
configure terminal | |||
! | |||
access-list 100 permit ip host 192.168.1.1 host 172.18.23.1 | |||
access-list 100 permit tcp host 10.1.1.101 host 192.168.33.241 eq www | |||
access-list 100 deny tcp 10.24.1.0 0.0.0.255 192.168.0.0 0.0.253.255 | |||
end | |||
</pre> | |||
<pre> | |||
interface FastEthernet 0/0 | |||
ip access-group 1 in | |||
end | |||
</pre> | |||
== Named ACL == | |||
<pre> | |||
enable | |||
configure terminal | |||
! | |||
ip access-list [standard|extended] [name|number] | |||
</pre> | |||
== Show == | |||
<pre> | |||
enable | |||
show access-list | |||
</pre> | |||
== Edit == | |||
<pre> | |||
enable | |||
configure terminal | |||
ip access-list [standard|extended] [name|number] | |||
7 permit host 192.168.11.1 | |||
</pre> | |||
= NAT = | |||
<pre> | |||
enable | |||
configure terminal | |||
! | |||
ip access-list standard NAT_ADDRESSES | |||
permit 192.168.1.0 0.0.0.255 | |||
exit | |||
! | |||
interface FastEthernet 0/0 | |||
ip nat inside | |||
exit | |||
interface FastEthernet 0/1 | |||
ip nat outside | |||
exit | |||
! | |||
ip nat inside source list NAT_ADDRESSES interface FastEthernet 0/1 overload | |||
</pre> | |||
== Pool == | |||
<pre> | |||
enable | |||
configure terminal | |||
! | |||
ip nat pool ISP_NAT_RANGE 203.61.12.23 203.61.12.25 | |||
ip nat inside source list NAT_ADDRESSES pool ISP_NAT_RANGE overload | |||
</pre> | |||
== MIP == | |||
<pre> | |||
enable | |||
configure terminal | |||
! | |||
ip nat inside source static 192.168.25.11 203.61.12.25 | |||
ip nat inside source static tcp 192.168.25.11 80 203.61.12.25 80 | |||
ip nat inside source static tcp 192.168.25.11 443 203.61.12.25 443 | |||
</pre> | |||
== Show == | |||
<pre> | |||
enable | |||
show ip nat translation | |||
</prE> | |||
= Disable Domain Lookup = | = Disable Domain Lookup = |
Latest revision as of 04:00, 4 March 2017
IP Settings
enable configure terminal ! interface fa0/0 ip address 192.168.1.200 255.255.255.0 no shutdown exit ! interface fa1/0 ip address 172.16.1.254 255.255.255.0 no shutdown exit
IPv6
enable configure terminal ! ipv6 unicast-routing ! interface FastEthernet 0/0 ipv6 address 001:db8:0:1::1/64 no shutdown exit
IPv6 Routing
ipv6 route ::/0 FastEthernet 1/0
IPv6 General Commands
When using IPv6 the same commands can be used when using IPv4. Ths ip command is changed to ipv6.
enable ! show ipv6 interface FastEtherenet 0/0 show ipv6 interface brief ! configure terminal ! interface FastEthernet 1/0 ipv6 ospf 1 area 0 ! interface FastEthernet 6/0 ipv6 address fe80::1 link-local no shutdown exit ! ipv6 route 2001:db8:0:1::1/64 FastEthernet 0/0 10
Multiple VLAN Single Interface
enable configure terminal ! interface FastEthernet 0/0 no shutdown ! interface FastEthernet 0/0.10 encapsulation dot1Q 10 ip address 192.168.1.254 255.255.255.0 ! interface FastEthernet 0/0.20 encapsulation dot1Q 20 ip address 192.168.2.254 255.255.255.0 ! interface FastEthernet 0/0.30 encapsulation dot1Q 30 ip address 192.168.3.254 255.255.255.0 ! exit
Show
enable ! show ip interface brief ! show interfaces show interfaces FastEthernet 0/0 show interfaces Port-channel 1
Loopback
Create
enable configure terminal ! interface loopback 1 ip address 172.18.101.9 255.255.255.255 exit ! interface loopback 2 ip address 10.77.101.5 255.255.254.0 exit
Delete
enable configure terminal ! no interface loopback 2 exit
DHCP
enable configure terminal ! ip dhcp pool Sales network 192.168.10.0 255.255.255.0 default-router 192.168.10.1 dns-server 8.8.8.8 lease h m s exit ! ip dhcp pool Admin network 192.168.20.0 255.255.255.0 default-router 192.168.20.1 exit
Show
enable ! show ip dhcp binding show ip dhcp conflict show ip dhcp relay ! show dhcp lease
Relay
enable configure terminal ! ip helper-address x.x.x.x
Routes
Default
enable configure terminal ! ip route 0.0.0.0 0.0.0.0 FastEthernet 0/0
Static
enable configure terminal ! ip route 192.168.22.0 255.255.255.0 FastEthernet 0/0 20 ip route 172.30.11.0 255.255.255.0 FastEthernet 0/3 10
Automatic
OSPF
Advertising
Advertise each subnet to be distributed. The subnet needs to exist on the router for the route to be distributed.
router ospf 1 network 192.168.1.0 0.0.0.255 area 0 network 172.16.12.0 0.0.3.255 area 0
Exclude
Exclude an interface from OSPF broadcasts
enable configure terminal ! router ospf passive-interface FastEthernet 0/0
OSPF Static Routes
To distribute static routes. Needs to be completed on each router that has a static route that needs to be part of OSPF.
enable configure terminal ! router ospf 1 redistribute static subnets
Hello Interval
All routers must be set the same. Defaults as below.
enable configure terminal ! interface FastEthernet 0/0 ip ospf hello-interval 5 ip ospf dead-interval 40
Show
enable ! show ip ospf interface show ip ospf database show ip ospf neighbor show ip protocols show ip ospf interface FastEthernet 3/0
BGP
As the AS number is the same for local and remote it is concidered iBGP. Making the local and remote AS number different make it eBGP.
Router 1
enable configure terminal ! router bgp 1001 neighbor 192.51.100.2 remote-as 1001 exit
Router 2
enable configure terminal ! router bgp 1001 neighbor 198.51.100.1 remote-as 1001
Show
enable ! show ip bgp neighbors show ip bgp summary
RIP
Advertise
The no auto-summary allows subprefix routing information to pass across classful network boundaries.
enable configure terminal ! router rip version 2 no auto-summary network 192.168.1.0 network 172.30.24.0
Exclude Interface
Disable RIP broadcasts from a particular interface.
enable configure terminal ! router rip passive-interface FastEthernet 3/0
Show
show ip rip database
EIGRP
enable configure terminal ! router eigrp 1 no auto summary network 192.168.10.0 0.0.0.255 network 192.168.20.0 0.0.0.255 network 10.1.1.0 0.0.0.3 ! passive-interface fa0/0
Redistribute Static Routes
enable configure terminal ! router eigrp 1 redistribute static exit
Show
show ip eigrp neighbors show ip eigrp topology show ip route
ACL (Access Control List)
enable configure terminal ! access-list 1 permit host 192.168.2.123 access-list 1 permit 192.168.13.0 0.0.0.255 end
enable configure terminal ! access-list 100 permit ip host 192.168.1.1 host 172.18.23.1 access-list 100 permit tcp host 10.1.1.101 host 192.168.33.241 eq www access-list 100 deny tcp 10.24.1.0 0.0.0.255 192.168.0.0 0.0.253.255 end
interface FastEthernet 0/0 ip access-group 1 in end
Named ACL
enable configure terminal ! ip access-list [standard|extended] [name|number]
Show
enable show access-list
Edit
enable configure terminal ip access-list [standard|extended] [name|number] 7 permit host 192.168.11.1
NAT
enable configure terminal ! ip access-list standard NAT_ADDRESSES permit 192.168.1.0 0.0.0.255 exit ! interface FastEthernet 0/0 ip nat inside exit interface FastEthernet 0/1 ip nat outside exit ! ip nat inside source list NAT_ADDRESSES interface FastEthernet 0/1 overload
Pool
enable configure terminal ! ip nat pool ISP_NAT_RANGE 203.61.12.23 203.61.12.25 ip nat inside source list NAT_ADDRESSES pool ISP_NAT_RANGE overload
MIP
enable configure terminal ! ip nat inside source static 192.168.25.11 203.61.12.25 ip nat inside source static tcp 192.168.25.11 80 203.61.12.25 80 ip nat inside source static tcp 192.168.25.11 443 203.61.12.25 443
Show
enable show ip nat translation
Disable Domain Lookup
no ip domain lookup