Cisco IOS is a collection of network operating systems used on Cisco Network Devices#, usually stored at the flash of the device or TFTP server. It can be used from input and output devices. It also provides the mean for memory management, process management, file systems management, security management, hardware management, network interface configuration, and enabling routing# and switching# functions.
ROM of the device will be used to partially boot up IOS by waking up the bootstrap program. Otherwise, it could be also used to perform power-on self test (POST) diagnostics. The flash of the device is used to store, locate and load IOS. Unless it doesn’t function, then Trivial File Transfer Protocol (TFTP) will be the second choice where the IOS will be transferred. The configuration file could be found in NVRAM, console and/or TFTP server. We can enter setup mode via them too.
We could access an IOS device’s command line interface (CLI) using either its console (by connecting to its console port with RJ-45/mini-USB to Serial/USB rollover cable), Telnet or Secure Shell (SSH)#, or auxiliary port (uses telephone line).
The emulation of IOS for different devices could be seen in #Cisco Packet Tracer.
Modes of Operations
There are several modes of operations in IOS which we can access via the console with built-in commands. They are User EXEC, Privileged EXEC, Global Configuration, Interface Configuration, Sub-Interface Configuration, Routing Engine Configuration, Line Configuration, Controller Configuration, Map-List Configuration, Map-Class Configuration, Router Configuration, IPX-Router Configuration, Route-Map Configuration, Setup, and ROM Monitor.
The following sections describe the commands used in these modes of operation. Additionally, we can add a ?
to the end of an incomplete command in order to get hints on using the command or finding a command.
User EXEC
User EXEC is the default mode for an IOS device.
-
ping
-
show
-
enable
(enter Privileged EXEC, can shorten asen
) -
traceroute
Privileged EXEC
Privileged EXEC could be entered via the command enable
in User EXEC. It includes all User EXEC and debugging commands excepts the following:
-
reload
-
show
, with subcommandsrunning-config
(show the system details) andip route
(shows Routing Table#) -
copy
, commonlycopy running-config startup-config
to save the configurations -
erase
, with subcommandsstartup-config
(remove configurations) -
reload
(reload the system) -
configure terminal
(enter Global Configuration, can shorten asconf t
) -
disable
(exit Privileged EXEC)
Global Configuration
Global Configuration will show up when the command configure
is executed in Privileged EXEC. From here, we can configure the settings for the Network Device#.
-
hostname
(set host name of the device) -
enable secret
(set password for Privileged EXEC) -
ip route
(Static Routing#) -
interface
, with subcommandsethernet
,serial
,dsl
etc. (enter Interface Configuration) -
router
, with subcommandsrip
,ospf
,eigrp
etc. (enter Routing Engine Configuration) -
line
, with subcommandsvty
,console
etc. (enter Line Configuration) -
end
(to end the configuration, available too in other Configuration modes) -
service password-encryption
(shows all the password configured in encrypted form) -
banner motd
(set banner, typically used to warn entering users) -
no ip domain-lookup
(disable Domain Name Server (DNS) lookup). -
ipv6 unicast-routing
(enable IPv6# unicast forwarding)
Interface Configuration
Interface Configuration could be entered via the command interface
executed in Global Configuration. It is where we could configure the network interface of the device.
Note: We could define a range of interfaces with the same configuration by running the command interface range {interfaces}
, e.g., interface range f0/1-12, f0/18-24
.
-
ip address
(set static IPv4 Address#) -
ipv6 address
(set static IPv6 Address#) -
encapsulation
-
shutdown
(disable the interface) -
no shutdown
(enable the interface and keep-alive mechanism) -
bandwidth
(adjusting the bandwidth of the interface in Kb/s, useful in Routing Protocol that use bandwidth as its metric)
Routing Engine Configuration
Routing Engine Configuration could be entered via the command router
executed in Global Configuration. It is where we could configure the routing information.
-
network
-
version
-
auto summary
-
passive interface
(prevent a router from sending updates through an interface)
Line Configuration
Line Configuration could be entered via the command line
executed in Global Configuration. It is where we could configure the line access of the device including modem commands.
-
password
(set password for the line) -
login
(activates the password immediately)
Note: Console port should be secured from unauthorised access by physically plugging in a cable to the device.