INTERNET TEACHING LAB: START-FROM-SCRATCH LAB
INSTRUCTOR VERSION
Overview
Your instructor has deleted the configuration on all lab routers except for the firewall/r6 router. Since the lab network is not functional, you will need to access your router by telnetting from xi.cs.fsu.edu to the firewall/r6 router at ITL1.cs.fsu.edu (128.186.121.88). Once logged in, you will need to connect using reverse telnet to access your router’s console port to get basic TCP/IP with RIP v1 working. To prove you have successfully completed this assignment, submit a copy of your router’s output to the following commands: “show running-config”, “show ip interface brief”, “show cdp neighbor”, and “show ip route”.
You can erase the router configuration with “write erase” and reboot with “reload”. Be sure to only erase the configs on routers r1 r2, r3, r4, and r5, NOT the firewall/r6. Here is an example:
xi% telnet itl1
Password:
fw/r6>r1
Trying r1 (128.186.121.88, 2001)... Open
r1>en
Password:
r1#write erase
[OK]
r1#show config
%% Non-volatile configuration memory has not been set up
r1#reload
Proceed with reload? [confirm]y
Nov 3 20:43:07 EST: %SYS-5-RELOAD: Reload requested
System Bootstrap, Version 5.0(7), RELEASE SOFTWARE
...
Notice: NVRAM invalid, possibly due to write erase.
...
%SYS-5-RESTART: System restarted --
Cisco Internetwork Operating System Software
IOS (tm) GS Software (GS7-J-M), Version 11.1(24), RELEASE
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Mon 04-Jan-99 21:19 by richv
Router>enable
Router#
PART0 – Numbering Convention
Each router is numbered with a small integer. Networks that tie together two routers use a network number composed of the router numbers concatenated with the lower number first. Loopback addresses are numbered with the IP network consisting of the router ID repeated. On network between routers, the last octet of the IP address is the same as the router. On serial connections between routers, the higher numbered router is always the DCE side which provides the clocking. On PC LAN segments, the router IP addresses use the number have the last octet equal to 1.
PART1 – Out-Of-Band Login
Begin by logging into xi.cs.fsu.edu from a computer on a functional computer network. From xi.cs.fsu.edu, you can telnet to IT1.cs.fsu.edu (128.186.121.88). Once logged in, type the name of your router such as “r1”. Aliases are define to connect to to the appropriate console port. Routers “r1” thru “r5” correspond to lines “1” thru “5” respectively. If this does not work, you may need to enable security level 2 and clear the line manually with the command “clear line X” where X is the appropriate line. Once connected to your router, you may need to press control-C to abort an auto configuration dialog and hit return:
xi% telnet itl1
Trying 128.186.121.88...
Connected to itl1.
Escape character is '^]'.
User Access Verification
Password:
fw/r6>enable 2
Password:
fw/r6#clear line 1
[confirm]y [OK]
fw/r6#r1
Trying r1 (128.186.121.88,
2001)... Open
User Access Verification
Password:
Router>en
Password:
Router#
Use “enable” to put your router in privileged mode to allow you to make changes. Go into configuration mode and add the basic configuration information as shown below. Configuration mode is entered with the command “config term” and exited with control-Z. Notice how the prompt changes to indicate the router mode. The command “show run” displays the running configuration. “term length 24” will make the router page every 24 lines, while “term length 0” will inhibit paging. The running configuration on a router whose configuration has been erased is shown below.
Router>enable
Router#term len 24
Router#show
running-config
Building configuration...
Current configuration:
!
version 11.1
service udp-small-servers
service tcp-small-servers
!
hostname Router
!
...
line con 0
line aux 0
line vty 0 4
login
!
end
PART2 – Enter the routine configuration.
There are some configuration parts that will be common to all routers. In this example, we are adding three passwords:
- enable password (like a superuser password)
- console password (used when logging in via RS232 console)
- vty password (used when accessed via TELNET)
Two other handy commands are “no ip domain-lookup” to prevent the router from trying to lookup any typos with DNS, and “exec-timeout 0 0” which disables a login port from logging you out automatically.
Router#config term
Enter configuration
commands, one per line. End with
CNTL/Z.
Router(config)#enable
password cisco
Router(config)#hostname
r1 <-------- USE APPROPRATE
ROUTER NAME
r1(config)#enable
password cisco
r1(config)#no ip
domain-lookup
r1(config)#line con 0
r1(config-line)#password
cisco
r1(config-line)#login
r1(config-line)#exec-timeout
0 0
r1(config-line)#line
vty 0 4
r1(config-line)#password
cisco
r1(config-router)#^Z
r1#
%SYS-5-CONFIG_I:
Configured from console by console
Here is the plain text
that you should be able to copy/paste:
enable password cisco
no ip domain-lookup
line con 0
password cisco
login
exec-timeout 0 0
line vty 0 4
password cisco
PART3 – Enter the router specific configuration.
Now enter the specific configuration for your router as appropriate below. I have included the “no shutdown” command because interfaces are left in a shutdown state by default.
R1:
int loopback0
ip address 192.168.11.1 255.255.255.0
no shutdown
int serial1/2
ip address 192.168.12.1 255.255.255.0
no shutdown
int serial 1/3
ip address 192.168.13.1 255.255.255.0
no shutdown
int ethernet 2/0
ip address 192.168.10.1 255.255.255.0
no shutdown
int ethernet 2/1
ip address 192.168.20.1 255.255.255.0
no shutdown
int ethernet 2/2
ip address 192.168.30.1 255.255.255.0
no shutdown
int ethernet 2/3
ip address 192.168.40.1 255.255.255.0
no shutdown
int ethernet 2/4
ip address 192.168.50.1 255.255.255.0
no shutdown
int ethernet 2/5
ip address 192.168.60.1 255.255.255.0
no shutdown
router rip
network 192.168.10.0
network 192.168.20.0
network 192.168.30.0
network 192.168.40.0
network 192.168.50.0
network 192.168.60.0
network 192.168.12.0
network 192.168.13.0
network 192.168.11.0
R2:
int loopback0
ip address 192.168.22.2 255.255.255.0
no shutdown
int serial1/1
ip address 192.168.12.2 255.255.255.0
clock rate 2000000
no shutdown
int serial 1/3
ip address 192.168.23.2 255.255.255.0
no shutdown
int serial 1/4
ip address 192.168.24.2 255.255.255.0
no shutdown
router rip
network 192.168.12.0
network 192.168.22.0
network 192.168.23.0
network 192.168.24.0
R3:
int loopback0
ip address 192.168.33.3 255.255.255.0
no shutdown
int serial1/1
ip address 192.168.13.3 255.255.255.0
clock rate 2000000
no shutdown
int serial 1/2
ip address 192.168.23.3 255.255.255.0
clock rate 2000000
no shutdown
int serial 1/4
ip address 192.168.34.3 255.255.255.0
no shutdown
int serial 1/6
ip address 192.168.36.3 255.255.255.0
no shutdown
router rip
network 192.168.13.0
network 192.168.23.0
network 192.168.33.0
network 192.168.34.0
network 192.168.36.0
R4:
int loopback0
ip address 192.168.44.4 255.255.255.0
no shutdown
int serial1/2
ip address 192.168.24.4 255.255.255.0
clock rate 2000000
no shutdown
int serial 1/3
ip address 192.168.34.4 255.255.255.0
clock rate 2000000
no shutdown
int fddi0/0
ip address 192.168.45.4 255.255.255.0
no shutdown
router rip
network 192.168.24.0
network 192.168.34.0
network 192.168.44.0
network 192.168.45.0
R5:
int loopback0
ip address 192.168.55.5 255.255.255.0
no shutdown
int FDDI0
ip address 192.168.45.5 255.255.255.0
no shutdown
int fastethernet 0
ip address 192.168.70.1 255.255.255.0
media-type 100baseX
no shutdown
int ethernet 0
ip address 192.168.80.1 255.255.255.0
media-type 10baseT
no shutdown
int ethernet 1
ip address 192.168.90.1 255.255.255.0
media-type 10baseT
no shutdown
router rip
network 192.168.45.0
network 192.168.55.0
network 192.168.70.0
network 192.168.80.0
network 192.168.90.0
R6:
int loopback0
ip address 192.168.66.6 255.255.255.0
no shutdown
int serial 1
ip address 192.168.36.6 255.255.255.0
clock rate 2000
no shutdown
router rip
network 192.168.36.0
network 192.168.66.0
default-metric 5
PART4 – Test the network.
By default, Cisco routers send out Cisco Discovery Protocol (CDP) packets. As your router hears CDP packets, it maintains a table of adjacent devices. Display your CDP neighbors with the command “show cdp neighbor”. You should see a listing like this if all is working correctly.
r1#show cdp nei
Capability Codes: R -
Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
r2 Ser 1/2
179 R RP1 Ser 1/1
r3 Ser 1/3 149 R RP1 Ser 1/1
cat1 Eth 2/5 172 T S
WS-C3524-XFas 0/6
cat1 Eth 2/4 172 T S
WS-C3524-XFas 0/5
cat1 Eth 2/3 171 T S
WS-C3524-XFas 0/4
cat1 Eth 2/2 171 T S
WS-C3524-XFas 0/3
cat1 Eth 2/1 171 T S WS-C3524-XFas
0/2
cat1 Eth 2/0 171 T S
WS-C3524-XFas 0/1
r2#show cdp nei
Capability Codes: R -
Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce
Holdtme Capability Platform
Port ID
r3 Ser 1/3 135 R RP1 Ser 1/2
r1 Ser 1/1 164 R RP1 Ser 1/2
r4 Ser 1/4 144 R RP1 Ser 1/2
r3#show cdp nei
Capability Codes: R -
Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
r2 Ser 1/2 151 R RP1 Ser 1/3
r1 Ser 1/1 150 R RP1 Ser 1/3
r4 Ser 1/4 129 R RP1 Ser 1/3
fw/r6 Ser 1/6 136 R
2511 Ser 1
r4#show cdp nei
Capability Codes: R -
Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability
Platform Port ID
r2 Ser 1/2 139 R RP1 Ser 1/4
r3 Ser 1/3 169 R RP1 Ser 1/4
r5 Fddi0/0 124 R
4500 Fddi0
r5#show cdp nei
Capability Codes: R -
Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
r4 Fddi0 153 R RP1 Fddi0/0
cat1 Eth 1 168 T S
WS-C3524-XFas 0/9
cat1 Eth 0 167 T S
WS-C3524-XFas 0/8
cat1 Fas 0 167 T S WS-C3524-XFas
0/7
fw/r6#show cdp nei
Capability Codes: R -
Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
r3 Ser 1
136 R RP1 Ser 1/6
c2900.cs.fsu.edu Eth 0 179 S WS-C2924M-Fas 0/2
You can display the status of your interfaces with “show ip int brief” for an abbreviated listing, or “show ip int” for a detailed listing. If everything is working, you should have a status of “interface up and line protocol up” on the active interfaces. If you see the status as “administratively down”, it means that your interface is shutdown which can be fixed with a “no shutdown” command issued under the appropriate interface. It is normal for interfaces not used in this lab to be in the default “shutdown” state.
r1#show ip int brief
Interface IP-Address OK? Method Status Protocol
Fddi0/0 unassigned YES unset administratively down down
Serial1/0 unassigned YES unset administratively down down
Serial1/1 unassigned YES unset administratively down down
Serial1/2 192.168.12.1 YES manual up up
Serial1/3 192.168.13.1 YES manual up up
Serial1/4 unassigned YES unset administratively down down
Serial1/5 unassigned YES
unset administratively down down
Serial1/6 unassigned YES unset administratively down down
Serial1/7 unassigned YES unset administratively down down
Ethernet2/0 192.168.10.1 YES manual up up
Ethernet2/1 192.168.20.1 YES manual up up
Ethernet2/2 192.168.30.1 YES manual up up
Ethernet2/3 192.168.40.1 YES manual up up
Ethernet2/4 192.168.50.1 YES manual up up
Ethernet2/5 192.168.60.1 YES manual up up
Loopback0 192.168.11.1 YES manual up up
r1#show int ethernet2/0
Ethernet2/0 is up,
line protocol is up
Hardware is cxBus Ethernet, address is 0000.0c39.dfc4 (bia
0000.0c39.dfc4)
Internet address is 192.168.10.1/24
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, rely 255/255, load
1/255
Encapsulation ARPA, loopback not set, keepalive set (10 sec)
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:05, output 00:00:05, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
Output queue 0/40, 0
drops; input queue 0/75, 0 drops
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
278 packets input, 36107 bytes, 0 no buffer
Received 73 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 input packets with dribble condition detected
498 packets output, 103025 bytes, 0 underruns
0 output errors, 0 collisions, 4 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Verify that everything is working by trying to PING each router IP address from both your router and PC. By default, PING will send 5 ICMP echo packets. If the destination responds, exclaimation marks “!” are displayed, otherwise a timeout is indicated by a period “.” Try using the TRACEROUTE utility to trace the path to the other routers. Both the PING and TRACEROUTE commands can be entered without the destination argument to give you extended option choices such as changing the packet size, number of packets, source interface, etc.
r1#ping 192.168.11.1
Sending 5, 100-byte ICMP
Echoes to 192.168.11.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent
(5/5), round-trip min/avg/max = 1/1/4 ms
r1#ping 192.168.22.2
Sending 5, 100-byte ICMP
Echoes to 192.168.22.2, timeout is 2 seconds:
!!!!!
Success rate is 100
percent (5/5), round-trip min/avg/max = 4/4/4 ms
r1#ping 192.168.33.3
Sending 5, 100-byte ICMP
Echoes to 192.168.33.3, timeout is 2 seconds:
!!!!!
Success rate is 100
percent (5/5), round-trip min/avg/max = 1/2/4 ms
r1#ping 192.168.44.4
Sending 5, 100-byte ICMP
Echoes to 192.168.44.4, timeout is 2 seconds:
!!!!!
Success rate is 100
percent (5/5), round-trip min/avg/max = 4/6/8 ms
r1#ping 192.168.55.5
Sending 5, 100-byte ICMP
Echoes to 192.168.55.5, timeout is 2 seconds:
!!!!!
Success rate is 100
percent (5/5), round-trip min/avg/max = 4/5/8 ms
r1#ping 192.168.66.6
Sending 5, 100-byte ICMP
Echoes to 192.168.66.6, timeout is 2 seconds:
!!!!!
Success rate is 100
percent (5/5), round-trip min/avg/max = 4/5/8 ms
r1#traceroute
192.168.55.5
Type escape sequence to
abort.
Tracing the route to
192.168.55.5
1 192.168.13.2 0 msec
192.168.12.2 0 msec
192.168.13.2 0 msec
2 192.168.24.4 8 msec
192.168.34.2 4 msec
192.168.24.4 4 msec
3 192.168.45.5 4 msec * 0 msec
Display the routing table with “show ip route” and verify you have a route to each IP network.
r3#show ip route
Codes: C - connected, S -
static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter
area
E1 - OSPF external type 1, E2 - OSPF external type 2, E -
EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2,
* - candidate default, U - per-user static route
Gateway of last resort is
192.168.36.6 to network 0.0.0.0
R 192.168.70.0/24 [120/2] via 192.168.34.2,
00:00:24, Serial1/4
R 192.168.90.0/24 [120/2] via 192.168.34.2,
00:00:24, Serial1/4
R 192.168.80.0/24 [120/2] via 192.168.34.2, 00:00:25, Serial1/4
R 192.168.40.0/24 [120/1] via 192.168.13.1,
00:00:00, Serial1/1
R 192.168.44.0/24 [120/1] via 192.168.34.2,
00:00:25, Serial1/4
R 192.168.45.0/24 [120/1] via 192.168.34.2,
00:00:25, Serial1/4
C 192.168.33.0/24 is directly connected,
Loopback0
C 192.168.34.0/24 is directly connected,
Serial1/4
...
When you have everything working, save the configuration. Cisco routers have both a running configuration and startup configuration. Issue the command:
“copy running-config startup-config” to save your configuration in non-volatile memory so it will retain the configuration upon rebooting. You should also capture your configuration to a text file on your PC using your terminal emulator’s logging function. The command “show running-config” will display the config to your screen. To prevent the screen from paging every 24 lines, you may want to first set the terminal length to zero, display the config, then set it back to 24 lines.
Router# term length 0
Router# show running-config
…..lots of config displayed here….
Router# term length 24