What is IOS and How It Works
IOS stands for Cisco's Internetwork Operating System, which is the operating system used by most of Switches and Routers from Cisco (I will refer to switches, but generally, it can also apply to routers). The entire IOS is stored in a single image file with the extension bin and in current switches, it is about 5 MB in size. In the flash memory of the switch, there may also be a web interface stored in the HTML folder.
IOS is a sophisticated and custom-made system. It offers a wide range of configuration options, and if we know what we want to configure, it is not too difficult. The operation of IOS is based on the CLI – Command Line Interface.
To properly use/configure the switch, it is necessary to be familiar with the different types of memory used and know how the switch works with them. The types of memory are described in the next chapter. The startup process of the switch is also important:
- connect the power to the switch
- the microcode from the ROM memory starts
- if it does not find a valid version of IOS, it starts in the limited RxBoot function
- finds the IOS image (usually in Flash memory) and loads it
- loads and applies the startup-config from NVRAM (this text file contains a sequence of IOS commands that are executed just like when entered through the CLI)
- if not found, express setup is invoked
- if it exists, the vlan.dat is loaded from Flash memory
If we enter any configuration commands in IOS, they are executed immediately but are only saved to the running-config, which is stored in RAM (at startup, the contents of the startup-config are copied into it). This means they are currently valid, but will be erased after restarting the switch. If we make a configuration that we cannot revert, simply restart the switch, and it will be in the state it was in at the last saved configuration. However, if we want to keep our changes, we must always copy the running configuration to the startup configuration.
Note: To emphasize, all changes that we do not want to lose when restarting the switch must be saved! This is done by copying the running configuration to the startup configuration.
SWITCH#copy running-config startup-config // save Destination filename [startup-config]? // prompt for name, press ENTER Building configuration... [OK]
Types of Memory
Cisco switches and routers use five different types of memory (usually only four are mentioned, but I think the last one is also important).
ROM Memory
ROM memory is read-only and independent of power. It contains processes that are executed during the booting (starting) of the switch. In older versions of switches, it also contained IOS. The ROM memory contains several basic functions:
- POST (Power-on Self Test) - after turning on the switch, this microcode tests the functionality of the main parts (memory, CPU, interfaces)
- Bootstrap Program - initializes booting, loads IOS
- ROM monitor - a special diagnostic mode for troubleshooting
- RxBoot - if a functional IOS is not found, this limited version of IOS is loaded, allowing the correct IOS image to be installed
Flash Memory
Flash is a type of NVRAM (Non-volatile random access memory) that can be written to and retains its contents when power is disconnected. The flash memory primarily stores IOS (there may be multiple versions), a copy of the startup-config in the config.text
file, and VLAN information in vlan.dat
. Theoretically, we can store anything here. The memory can be listed using dir flash:
or show flash:
.
NVRAM Memory
Non-volatile random access memory (NVRAM) is similar to Flash in that it is writable and independent of power. It is used to store the startup-config. The memory can be listed using dir nvram:
.
RAM Memory
Random Access Memory (RAM) is operational memory. It is fast writable memory that is dependent on power and is erased when the switch is restarted. This memory is typically divided into two parts - the main memory of the processor and shared I/O memory. The main part stores the running configuration (running-config), the running IOS, routing and ARP tables. The shared memory is used as a buffer for storing currently processed packets. Its contents can be displayed using show memory
.
External Memory - TFTP
The last type of memory is not part of the device, so it may not be counted here, but it is used for various tasks. A TFTP (Trivial FTP) server is used, which can be run on any computer. Note that this is not FTP, but TFTP. It is most commonly used for backing up or upgrading IOS, but it is also possible to load IOS directly from the TFTP server.
Basic Work with IOS
First, we need to connect to the switch to work in the CLI. We can do this via the console, i.e., with a serial cable through a special port on the switch. This is the basic connection and sometimes the only possible one. Or, if we have already done the basic configuration, via telnet or ssh. For these connections to work, they must be set up, and a login password must always be set. For some tasks, such as basic configuration, we can connect via the web interface or the useful program Cisco Network Assistant. But although it may not seem so at first glance, it is ultimately easier to perform most settings via the CLI. For console connection, we use hyperterminal or putty, which also serves for ssh and telnet.
Entering Commands
All IOS commands can be entered in shorthand, just enter the first characters that uniquely identify the command (i.e., so that no other command starts with these characters in the given context).
The tab key completes the command. Enter the first few letters of the command and press TAB to complete the command if it is unique, or it completes the part common to multiple commands.
Entering ? (question mark) displays a list of commands with a brief description that can be used at the current location. We can also enter the first few letters of the command and a question mark to display a list of commands starting with those letters. Most commands consist of a sequence of keywords; if we enter command ?
, we get a list of arguments or keywords that can be entered at that point.
SWITCH#? Exec commands: Session number to resume access-enable Create a temporary Access-List entry access-template Create a temporary Access-List entry archive manage archive files --More-- SWITCH#co? configure connect copy
The up arrow and down arrow keys are used to scroll through history, going through previously entered commands.
If data is being displayed on the screen, it scrolls by pages. When a page is displayed, the output stops. Press the SPACE key to display the next page, and the ENTER key to display the next line.
For commands that generate some informational output, we can use the output modifier | (vertical bar) to limit the output.
Displaying MAC addresses on port 16
SWITCH#show mac-address-table | include Fa0/16
If we are in the CLI on a switch, we can connect to another switch by entering one of the commands in user/privileged mode. ssh address
, telnet address
, connect address
, or simply entering the address
if it does not match any keyword. The address can be either an IP address or a hostname. To switch back without ending the current session, use Ctrl+Shift+6 and then x.
Canceling Commands
If we enter a command in IOS and send it using the ENTER key, it is immediately applied and saved to the running configuration. If we want to cancel some setting, i.e., revoke a previously entered command, we use the keyword no
followed by the same command as for entering. Thus, all settings can be canceled using the no
command. Often, it is not necessary to enter all the command parameters. These changes are again applied only to the running configuration.
SWITCH(config-if)#no ip address // canceling the IP address for the interface
Command Modes
The user interface of IOS is divided into several different modes that allow us to perform different tasks. The main modes are:
- user mode (EXEC) – user EXEC –
SWITCH>
in this mode, we are immediately after logging in and it has only limited commands - privileged mode (EXEC) – privileged EXEC -
SWITCH#
the default mode for transitioning to other configurations, allows displaying various data - global configuration mode – global configuration -
SWITCH(config)#
here we configure functions that affect the entire system - interface configuration – interface configuration -
SWITCH(config-if)#
in this mode, we configure the properties of a specific interface
There are many similar modes like interface configuration. The modes are distinguished by different prompts.
SWITCH> // user mode SWITCH>enable // switch to privileged mode SWITCH#configure terminal // switch to global configuration SWITCH(config)#interface {name} // switch to interface configuration SWITCH(config-if)# // interface configuration
To move from a higher level to a lower one, use the exit
command. If we want to move from several higher levels to privileged mode, use Ctrl+Z.
SWITCH(config-if)#exit SWITCH(config)#
Basic Control (Informational) Commands - show
These commands are used to display settings and information about the current item. Most are entered in privileged mode using the show
command, which displays information from the running configuration.
General Commands
Displaying the contents of flash memory (two identical commands) SWITCH#show flash: SWITCH#dir Information about the switch and IOS version SWITCH#show version Displaying the running configuration SWITCH#show running-config Displaying the startup configuration SWITCH#show startup-config Information about logging and recent entries SWITCH#show logging List of recently entered commands SWITCH#show history Displaying information about neighboring Cisco switches using the CDP protocol SWITCH#show cdp neighbors SWITCH#show cdp neighbors detail Information about CPU usage and running processes SWITCH#show processes
Connections
Information about current telnet connections SWITCH#show sessions Information about current ssh connections SWITCH#show ssh Information about logged-in users SWITCH#show users Information about lines SWITCH#show line
Interface
Detailed information about the interface SWITCH#show interfaces Detailed information about one interface SWITCH#show interfaces {interface-name} SWITCH#show interfaces f0/1
Interface – interfaces are mainly physical ports on the switch and VLANs. Ports are addressed by type, today mainly fastEthernet (just f) and gigabitEthernet (just g), and port number (it can be a combination of numbers, where, for example, the order in the stack, but the last is always the port number).
Information about the port with VLAN details SWITCH#show interfaces {interface-name} switchport Displaying a list of physical interfaces with description and status in a clear form SWITCH#show interfaces status Brief list of all interfaces with transfer statistics SWITCH#show interfaces summary List of statistics for interfaces SWITCH#show interfaces stats Brief information about VLANs and port assignments SWITCH#show vlan Information about existing trunks SWITCH#show interfaces trunk Displaying the CAM table – MAC addresses and ports of communicating devices SWITCH#show mac-address-table Displaying the ARP table SWITCH#show arp Displaying information about ACL and routing on the interface SWITCH#show ip interface Displaying the routing table SWITCH#show ip route
command "show memory" neexistuje (teda aspon nie v najnovsom packet tracery 5.0)
nepozna ich viac. aj show logging, line, interfaces status, interfaces summary, interfaces stats
respond to [1]stiff: Já se zde věnuji switchům a ne hračkám pro děti jako PT (tam chybí většina všeho, protože to je simulátor)
inak "show users" sa da nahradit "who"
efekt rovnaky
U popisu příkazových režimů ještě chybí vlan database
vím že cisco se ji snaží ze switchů vymýtit, ale na routeru se switchovací kartou se jinak ani vlan konfigurovat nedají
respond to [5]Koumes: Příkazových módů existuje mnohonásobně více. A jak všude poznamenávám, já se věnuji switchů. Použití vlan database je již mnoho let nedoporučováno, takže by jeho i jen zmínění odporovalo účelu mého webu.
Mám k Vám jako k odborníkovi pro Vás školácký dotaz. Příklad z praxe, mám IP adresu PC a potřebuji zjistit na jakém portu cisco switche visí. Připojuji se telnetem. Umím vylistovat MAC pomocí příkazu "show mac address-table". Není nějaký podobný příkaz kde uvidím přímo IP adresu??
Děkuji za odpověď
respond to [7]Honza: Přímá možnost neexistuje, protože switch pracuje na L2 a tudíž IP adresy "nevidí" (i když některé funkce pracují i s vyššími vrstvami). Musíme to tedy nějak obejít. Možností je určitě více.
Nejjednodušší, pokud máte přístup na stanici, je zjistit si její MAC a podle toho dohledat na switchi.
Pokud máte centrální L3 switch (který routuje) nebo router, tak na něm se najde MAC v ARP tabulce a následně dohledá na switchi.
Já jsem si napsal aplikaci, která mi stahuje tyto informace ze všech switchů i routerů a dává vše dohromady, takže se dá hledat i podle IP nebo DNS jména.
Asi budou i jiné možnosti, ale teď mě nic nenapadá.
Dobry den...
mam otazecku... Da se v IOS zjistit co na jistem portu jede za IP nebo MAC (mysleno tim IP nebo MAC zarizeni zapojeneho do Switche)
Dekuji mnohokrat
P.S. jinak luxusni web!!!!
respond to [9]VoDa: Jde to a možností je více. Složitější je to ale s IP adresou, switch standardně kouká pouze na MAC adresy. Takže IP adresy se musí vytáhnout z routeru (nebo podobně). Existují i různé aplikace, které to automatizují. Já jsem si napsal svoji vlastní.
MAC adresu na portu najdeme v CAM tabulce. Příklad pro port G2/0/5:
SWITCH#show mac address-table | include Gi2/0/5
Zobrazení množství informací o zařízení (interfaces, running processes, IOS image ...)
SWITCH#show tech-support
Dobry den, mam otazocku
ako zistim kedy bol port naposledy vyuzity? aby som nevyuzite porty (dlhsiu dobu) v pripade ich nedostatku mohol znova vyuzit..dik
Become listed at http://hireahomeinspector.com to get more home inspection jobs.
free home inspection leads http://hireahomeinspector.com