Cisco 12000 Series Internet Router Architecture: Packet Switching
Document ID: 47320
Introduction
Prerequisites
Requirements
Components Used
Conventions
Background Information
Packet Switching: Overview
Packet Switching: Engine 0 and Engine 1 Line Cards
Packet Switching: Engine 2 Line Cards
Packet Switching: Switching Cells across Fabric
Packet Switching: Transmitting Packets
Packet Flow Summary
Related Information
Introduction
This document examines the most important architectural elements of the Cisco 12000 Series Internet Router ?? switching packets. Switching packets are radically different from any of the shared memory or bus?based Cisco architectures. By using a crossbar fabric, the Cisco 12000 provides very large amounts of bandwidth and scalability. Furthermore, the 12000 uses virtual output queues to eliminate the Head of Line Blocking within the switch fabric.
Prerequisites
Requirements
There are no specific requirements for this document.
Components Used
The information in this document is based on the following hardware:
?
Cisco 12000 Series Internet Router
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Conventions
For more information on document conventions, see the Cisco Technical Tips Conventions.
Background Information
(The switching decision on a Cisco 12000 is done by the line cards (LCs). For some LCs, a dedicated Application?Specific Integrated Circuit (ASIC) actually switches the packets. Distributed Cisco Express Forwarding (dCEF) is the only switching method available.
Remark: Engines 0, 1, and 2 are not the latest engines developed by Cisco. There are also Engine 3, 4, and
4+ line cards, with more to follow. Engine 3 line cards are capable of performing Edge features at line rate. The higher the Layer 3 engine, the more packets get switched in hardware. You can find some useful information about the different line cards available for the Cisco 12000 Series Router and the engine on which they are based at Cisco 12000 Series Internet Router: Frequently Asked Questions.
Packet Switching: Overview
Packets are always forwarded by the ingress line card (LC). The egress LC only performs outbound Quality of Service (QoS) that is queue?dependent (for example, Weighted Random Early Detection (WRED) or Committed Access Rate (CAR)). Most of the packets are switched by the LC using distributed Cisco Express Forwarding (dCEF). Only the control packets (such as routing updates) are sent to the Gigabit Route Processor (GRP) for processing. The packet switching path depends on the type of switching engines used on the LC.
This is what happens when a packet comes in:
1.
A packet comes into the physical layer interface module (PLIM). Various things happen here:
?
A transceiver turns optical signals into electrical ones (most CSR line cards have fiber
connectors)
?
L2 framing is removed (SANE, Asynchronous Transfer Mode (ATM), Ethernet, High?Level
Data Link Control (HDLC)/Point?to?Point Protocol ? PPP)
ATM cells are reassembled
?
Packets that fail the cyclic redundancy check (CRC) are discarded
?
As the packet is received and processed, it is Direct Memory Accessed into a small (approximately 2
2.
x maximum transmission unit (MTU) buffer) memory called the "First In, First Out (FIFO) burst
memory". The amount of this memory depends on the type of LC (from 128 KB to 1 MB).
3.
Once the packet is completely in FIFO memory, an application?specific integrated circuit (ASIC) on the PLIM contacts the Buffer Management ASIC (BMA) and asks for a buffer to put the packet in.
The BMA is told what size the packet is, and allocates a buffer accordingly. If the BMA cannot get a buffer of the right size, the packet is dropped and the "ignore" counter is incremented on the incoming interface. There is no fallback mechanism as with some other platforms. While this is going on, the
PLIM could be receiving another packet in the FIFO burst memory, which is why it is 2xMTU in size.
4.
If there is a free buffer available in the right queue, the packet is stored by the BMA in the free queue list of the appropriate size. This buffer is placed on the Raw Queue, which is examined by the Salsa ASIC or the R5K CPU. The R5K CPU determines the destination of the packet by consulting its local dCEF table in Dynamic RAM (DRAM), and then moves the buffer from the Raw Queue to a
ToFabric queue corresponding to the destination slot.
If the destination is not in the CEF table, the packet is dropped. If the packet is a control packet (for
example, routing updates), it is enqueued to the queue of the GRP and will be processed by the GRP.
There are 17 ToFab queues (16 unicast, plus 1 Multicast). There is one toFab queue per line card (this includes the RP). These queues are known as "virtual output queues", and are important so that
head?of?line blocking doesn't occur.
5.
The ToFab BMA cuts the packet up into 44?byte pieces, which are the payload for what will
eventually be known as "Cisco Cells". These cells are given an 8?byte header and 4?byte buffer
header by the frFab BMA (total data size so far = 56 bytes), and then enqueued into the proper ToFab queue (at which point, the #Qelem counter in the pool the buffer came from goes down by one, and the ToFab queue counter goes up by one).
The "decision maker" depends on the type of switching engines:
On Engine 2+ cards, a special ASIC is used to improve the way the packets are switched. Normal packets (IP/Tag, no options, checksum) are processed directly by the Packet Switching ASIC (PSA), then bypass the raw queue/CPU/Salsa combination and are enqueued directly onto the toFab queue. Only the first 64 bytes of the packet are passed through the Packet Switching ASIC. If the packet cannot be switched by the PSA, the packet is enqueued to the RawQ to be handled by the CPU of the LC as explained previously.
At this point, the switching decision has been made and the packet has been enqueued onto the proper ToFab output queue.
6.
The toFab BMA DMAs (Direct Memory Access) the cells of the packet into small FIFO buffers in the fabric interface ASIC (FIA). There are 17 FIFO buffers (one per ToFab queue). When the FIA gets a cell from the toFab BMA, it adds an 8?byte CRC (total cell size ? 64 bytes; 44 bytes payload, 8 bytes cell header, 4 bytes buffer header). The FIA has serial line interface (SLI) ASICs that then perform
8B/10B encoding on the cell (like the Fiber Distributed Data Interface (FDDI) 4B/5B), and prepares to transmit it over the fabric. This may seem like a lot of overhead (44 bytes of data gets turned into 80 bytes across the fabric!), but it is not an issue since fabric capacity has been provisioned accordingly.
Now that an FIA is ready to transmit, the FIA requests access to the fabric from the currently active 7.
card scheduler and clock (CSC). The CSC works on a rather complex fairness algorithm. The idea is that no LC is allowed to monopolize the outgoing bandwidth of any other card. Note that even if an LC wants to transmit data out of one of its own ports, it still has to go through the fabric. This is important because if this didn't happen, one port on an LC could monopolize all bandwidth for a given port on that same LC. It'd also make the switching design more complicated. The FIA sends cells across the switch fabric to their outgoing LC (specified by data in the Cisco Cell header put there by the switching engine).
The fairness algorithm is also designed for optimal matching; if card 1 wants to transmit to card 2, and card 3 wants to transmit to card 4 at the same time, this happens in parallel. That's the big difference between a switch fabric and a bus architecture. Think of it as analogous to an Ethernet switch versus a hub; on a switch, if port A wants to send to port B, and port C wants to talk to port D, those two flows happen independently of each other. On a hub, there are half?duplex issues such as collisions and backoff and retry algorithms.
8.
The Cisco Cells that come out of the fabric go through SLI processing to remove the 8B/10B encoding. If there any errors here, they'd appear in the show controller fia command output as "cell parity". See How To Read the Output of the show controller fia Command for additional information.
9.
These Cisco Cells are DMA'd into FIFOs on the frFab FIAs, and then into a buffer on the frFab BMA. The frFab BMA is the one that actually does the reassembly of cells into a packet.
How does the frFab BMA know what buffer to put the cells in before it reassembles them? This is another decision made by the incoming line card switching engine; since all queues on the entire box are the same size and in the same order, the switching engine just has the Tx LC put the packet in the same number queue from which it entered the router.
The frFab BMA SDRAM queues can be viewed with the show controller frfab queue command on the LC. See How To Read the Output of the show controller frfab | tofab queue Commands on a Cisco 12000 Series Internet Router for details.
This is basically the same idea as the toFab BMA output. Packets come in and are placed in packets that are dequeued from their respective free queues. These packets are placed into the from?fabric
queue, enqueued on either the interface queue (there is one queue per physical port) or the rawQ for output processing. Not much happens in the rawQ: per?port multicast replication, Modified Deficit
Round Robin (MDRR) ? same idea as Distributed Weighted Fair Queuing (DWFQ), and output CAR.
If the transmit queue is full, the packet is dropped and the output drop counter is incremented.
10.
The frFab BMA waits until the TX portion of the PLIM is ready to send a packet. The frFab BMA
does the actual MAC rewrite (based, remember, on information contained in the Cisco Cell header), and DMAs the packet over to a small (again, 2xMTU) buffer in the PLIM circuitry. The PLIM does the ATM SAR and SONET encapsulates, where appropriate, and transmits the packet.
11.
ATM traffic is reassembled (by the SAR), segmented (by the tofab BMA), reassembled (by the
fromfab BMA) and segmented again (by the fromfab SAR). This happens very quickly.
That is the lifecycle of a packet, from beginning to end. If you want to know what a GSR feels like at the end of the day, read this entire paper 500,000 times!
The packet switching path on the GSR depends on the type of forwarding engine on the LC. Now we'll go through all the steps for Engine 0, Engine 1, and the two LCs.
Packet Switching: Engine 0 and Engine 1 Line Cards
The sections below are based on the book Inside Cisco IOS Software Architecture, Cisco Press.
Figure 1 below illustrates the different steps during packet switching for an Engine 0 or Engine 1 LC.
Figure 1: Engine 0 and Engine 1 Switching Path
The switching path for the Engine 0 and Engine 1 LC is essentially the same, although the Engine 1 LC has an enhanced switching engine and buffer manager for increased performance. The switching path is as follows:
Step 1 ? The interface processor (PLIM) detects a packet on the network media and begins copying it into a FIFO memory called burst memory on the LC. The amount of burst memory each interface has depends on the type of LC; typical LCs have 128 KB to 1 MB of burst memory.
? Step 2 ? The interface processor requests a packet buffer from the receive BMA; the pool from which the buffer is requested depends on the length of the packet. If there aren't any free buffers, the
interface is dropped and the interface's "ignore" counter is incremented. For example, if a 64?byte packet arrives into an interface, the BMA tries to allocate an 80?byte packet buffer. If no free buffers exist in the 80?byte pool, buffers are not allocated from the next available pool.
? Step 3 ? When a free buffer is allocated by the BMA, the packet is copied into the buffer and is
enqueued on the raw queue (RawQ) for processing by the CPU. An interrupt is sent to the LC CPU.? Step 4 ? The LC's CPU processes each packet in the RawQ as it is received (the RawQ is a FIFO),consulting the local distributed Cisco Express Forwarding table in DRAM to make a switching
decision.
4.1 If this is a unicast IP packet with a valid destination address in the CEF table, the packet
header is rewritten with the new encapsulation information obtained from the CEF adjacency
table. The switched packet is enqueued on the virtual output queue corresponding to the
destination slot.
? 4.2 If the destination address is not in the CEF table, the packet is dropped.
? 4.3 If the packet is a control packet (a routing update, for example), the packet is enqueued on
the virtual output queue of the GRP and processed by the GRP.
? ? Step 5 ? The receive BMA fragments the packet into 64?bytes cells, and hands these off to the FIA for transmission to the outbound LC.
? At the end of Step 5, the packet that arrived into an Engine 0/1 LC has been switched and is ready to be transported across the switch fabric as cells. Go to Step 6 in the section Packet Switching: Switching Cells across Fabric.
Packet Switching: Engine 2 Line Cards
Figure 2 below illustrates the packet switching path when the packets arrive into an Engine 2 LC, as described in the following list of steps.
Figure 2: Engine 2 Switching Path
Step 1 ? The interface processor (PLIM) detects a packet on the network media and begins copying it into a FIFO memory called burst memory on the LC. The amount of burst memory each interface has depends on the type of LC; typical LCs have 128 KB to 1 MB of burst memory.
? Step 2 ? The first 64 bytes of the packet, called the header, are passed through the Packet Switching ASIC (PSA).
2.1 The PSA switches the packet by consulting the local CEF table in the PSA memory. If the packet cannot be switched by the PSA, go to Step 4; otherwise, continue to Step
3.
? ? Step 3 ? The Receive Buffer Manager (RBM) accepts the header from the PSA and copies it into a free buffer header. If the packet is larger than 64 bytes, the tail of the packet is also copied into the same free buffer in packet memory and is queued on the outgoing LC virtual output queue. Go to Step 5.
? Step 4 ? The packet arrives at this step if it cannot be switched by the PSA. These packets are placed on the raw queue (RawQ) and the switching path is essentially the same as for the Engine 1 and Engine 0 LC from this point (Step 4 in the case of Engine 0). Note that the packets that are switched by the PSA are never placed in the RawQ and no interrupt is sent to the CPU.
? Step 5 ? The Fabric Interface Module (FIM) is responsible for segmenting the packets into Cisco Cells and sending the cells to the Fabric Interface ASIC (FIA) for transmission to the outbound LC.? Packet Switching: Switching Cells across Fabric
You arrive at this stage after the packet switching engine switches the packets. At this stage, the packets are segmented into Cisco Cells and are waiting to be transmitted across the switching fabric. The steps for this stage are as follows:
Step 6 ? The FIA sends a grant request to the CSC, which schedules each cell's transfer across the switch fabric.
? Step 7 ? When the scheduler grants access to the switch fabric, the cells are transferred to the destination slot. Note that the cells might not be transmitted all at once; other cells within other packets might be interleaved.
? Packet Switching: Transmitting Packets
Figure 3 below shows the last stage of packet switching. The cells are reassembled and the packet is transmitted onto the media. This takes place on the outbound line card.
Figure 3: Cisco 12000 Packet Switching: Transmit Stage
Step 8 ? The cells switched across the fabric arrive into the destination line card through the FIA.? Step 9 ? The transmit Buffer Manager allocates a buffer from the transmit packet memory and reassembles the packet in this buffer.
? Step 10 ? When the packet is rebuilt, the transmit BMA enqueues the packet onto the destination interface's transmit queue on the LC. If the interface transmit queue is full (the packet cannot be enqueued), the packet is dropped and the output queue drop counter is incremented.
Note: In the transmit direction, the only time packets are placed in the RawQ is when the LC CPU needs to do any processing before transmission. Examples include IP fragmentation, multicast, and output CAR.
? Step 11 ? The interface processor detects a packet waiting to be transmitted, dequeues the buffer from the transmit memory, copies it into internal FIFO memory, and transmits the packet on the media.?
Packet Flow Summary
IP packets that traverse the 12000 are processed in three phases:
Ingress Line Card in three sections:
Ingress PLIM (Physical Line Interface Module) ? Optical to Electrical conversion,
Synchronous Optical Network (SONET)/Synchronous Digital Hierarchy (SDH) un?framing,HDLC, and PPP processing.
? IP Forwarding ? Forwarding decision based on FIB lookup and queuing into one of the ingress unicast queues or multicast queues.
? Ingress Queue management and Fabric Interface ? Random Early Detection (RED)/Weighted Random Early Detection (WRED) processing on the ingress queues and de?queuing towards the fabric in order to maximize fabric utilization.
? ? Switching IP packets through the 12000 fabric from ingress card to egress card or egress cards (in case of multicast).
? Egress Line Card in three sections:
Egress Fabric Interface ? Reassembling the IP packets to be sent and queuing into egress queues; processing multicast packets.
? Egress queue management ? RED/WRED processing on the ingress queues and de?queuing towards the egress PLIM to maximize the egress line utilization.
? Egress PLIM ? HDLC and PPP processing, SONET/SDH framing, Electrical to Optical conversion.
? ? Related Information
Cisco 12000 Series Internet Router Architecture ? Chassis
? Cisco 12000 Series Internet Router Architecture ? Switch Fabric
? Cisco 12000 Series Internet Router Architecture ? Route Processor
? Cisco 12000 Series Internet Router Architecture ? Line Card Design
? Cisco 12000 Series Internet Router Architecture ? Memory Details
? Cisco 12000 Series Internet Router Architecture ? Maintenance Bus, Power Supplies and Blowers, and Alarm Cards
? Cisco 12000 Series Internet Router Architecture ? Software Overview
? Understanding Cisco Express Forwarding
? Technical Support ? Cisco Systems
? Contacts & Feedback | Help | Site Map
? 2008 ? 2009 Cisco Systems, Inc. All rights reserved. Terms & Conditions | Privacy Statement | Cookie Policy | Trademarks of Cisco Systems, Inc.
Updated: Jul 07, 2005Document ID: 47320
cisco路由器配置及维护手册 作者:pixfire 一、路由器简单配置 1. 用串行电缆将PC机串口与路由器CONSOLE口连接,用WIN95的超级终端或NETTERM 软件进行配置。PC机串口设置为波特率9600 数据位8 停止位1。 2. 新出厂的路由器启动后会进入自动配置状态。可按提示对相应端口进行配置。 3 . 命令行状态。若不采用自动配置,可在自动配置完成后,题问是否采用以上配置时,回答N。此时进入命令行状态。 4 进入CONFIG模式。在router>键入enable , 进入router # ,再键入config t ,进入 router(config)# 。 5 配置广域端口。在正确连接好与E1端口的电缆线后,在router # 下键入sh controller cbus 。检验端口物理特性,及连线是否正确。之后,进入config模式。 进行以下配置。 int serial <端口号> E1端口号。 ip address
clock 管理系统时钟 configure 进入设置模式 connect 打开一个终端 copy 从tftp服务器拷贝设置文件或把设置文件拷贝到tftp服务器上 debug 调试功能 disable 退出优先命令状态 disconnect 断开一个网络连接 enable 进入优先命令状态 erase 擦除快闪内存 exit 退出exce模式 help 交互帮助系统的描述 lat 打开一个本地传输连接 lock 锁定终端 login 以一个用户名登录 logout
一、 1.router(config)#router rip 启动rip进程 2.router(conifg-router)#network 172.17.0.0指定rip协议的主网络 3.router(config-router)#passive-interface f0/1把f0/1配置成passive端口 4.router(config-router)#neighbor 172.17.12.67 以单波方式通告rip更新给路由器 5.router(config-if)#ip address 192.168.83.244 255.255.255.0 主ip地址 router(config-if)#ip address 10.33.55.1 255.255.255.0 secondary辅助ip地址二、 1.router(config-router)#version 2将rip配置成版本2 2.router(config-ip)#ip rip send version 1只发rip 1数据包 router(config-ip)#ip rip receive version 2只接收rip 2数据包 3.router(config-router)#no auto-summary 关闭汇总功能 4.router(config-if)#no ip split-horizon关闭水平分割 5.router#show ip ospf database router 192.168.30.10显示路由器LSA通告 router#show ip ospf database network 192.168.17.18显示网络LSA通告 router#show ip ospf database summary 172.16.121.0显示网络汇总LSA通告 router#show ip ospf database asbr-summary显示ASBR汇总LSA通告 router#show ip ospf database external 10.83.10.0显示自主系统外部LSA通告router#show ip ospf database nssa-external显示NSSA外部LSA通告 三、 1.router(config)#router ospf 10配置ospf进程id 2.router(config)#interface loopback0
第一章路由器配置基础 一、基本设置方式 一般来说,可以用5种方式来设置路由器: 1.Console口接终端或运行终端仿真软件的微机; 2.AUX口接MODEM,通过电话线与远方的终端或运行终端仿真软件的微机相连; 3.通过Ethernet上的TFTP服务器; 4.通过Ethernet上的TELNET程序; 5.通过Ethernet上的SNMP网管工作站。 但路由器的第一次设置必须通过第一种方式进行,此时终端的硬件设置如下: 波特率:9600 数据位:8 停止位:1 奇偶校验: 无 二、命令状态 1. router> 路由器处于用户命令状态,这时用户可以看路由器的连接状态,访问其它网络和主机,但不能看到和更改路由器的设置内容。
2. router# 在router>提示符下键入enable,路由器进入特权命令状态router#,这时不但可以执行所有的用户命令,还可以看到和更改路由器的设置内容。 3. router(config)# 在router#提示符下键入configure terminal,出现提示符router(config)#,此时路由器处于全局设置状态,这时可以设置路由器的全局参数。 4. router(config-if)#; router(config-line)#; router(config-router)#;… 路由器处于局部设置状态,这时可以设置路由器某个局部的参数。 5. > 路由器处于RXBOOT状态,在开机后60秒内按ctrl-break可进入此状态,这时路由器不能完成正常的功能,只能进行软件升级和手工引导。 6. 设置对话状态 这是一台新路由器开机时自动进入的状态,在特权命令状态使用SETUP命令也可进入此状态,这时可通过对话方式对路由器进行设置。 三、设置对话过程 1.显示提示信息 2.全局参数的设置 3.接口参数的设置 4.显示结果 利用设置对话过程可以避免手工输入命令的烦琐,但它还不能完全代替手工设置,一些特殊的设置还必须通过手工输入的方式完成。 进入设置对话过程后,路由器首先会显示一些提示信息: --- System Configuration Dialog --- At any point you may enter a question mark '?' for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. 这是告诉你在设置对话过程中的任何地方都可以键入“?”得到系统的帮助,按ctrl-c 可以退出设置过程,缺省设置将显示在‘[]’中。然后路由器会问是否进入设置对话:
思科交换机路由器命令 大全 YUKI was compiled on the morning of December 16, 2020
1. 交换机支持的命令:交换机基本状态: 交换机口令设置: switch>enable ;进入特权模式switch#config terminal ;进入全局配置模式 switch(config)#hostname ;设置交换机的主机名 switch(config)#enable secret xxx ;设置特权加密口 令switch(config)#enable password xxa ;设置特权非 密口令switch(config)#line console 0 ;进入控制台 口switch(config-line)#line vty 0 4 ;进入虚拟终端 switch(config-line)#login ;允许登录 switch(config-line)#password xx ;设置登录口令 xxswitch#exit ;返回命令 交换机VLAN设置:
switch(vlan)#vlan 2 ;建VLAN 2switch(vlan)#no vlan 2 ;删vlan 2switch(config)#int f0/1 ;进入端 口1switch(config-if)#switchport access vlan 2 ; 当前端口加入vlan 2switch(config-if)#switchport mode trunk ;设置为干线switch(config- if)#switchport trunk allowed vlan 1,2 ;设置允许 的vlanswitch(config-if)#switchport trunk encap dot1q ;设置vlan 中继switch(config)#vtp domain ;设置发vtp域名switch(config)#vtp password ;设置发vtp密码switch(config)#vtp mode server ;设置发vtp模式switch(config)#vtp mode client ;设置发vtp模式 交换机设置IP地址: 交换机显示命令:
switch> 用户模式 1:进入特权模式 enable switch> enable switch# 2:进入全局配置模式 configure terminal switch> enable switch#c onfigure terminal switch(conf)# 3:交换机命名 hostname aptech2950 以aptech2950为例 switch> enable switch#c onfigure terminal switch(conf)#hostname aptch-2950 aptech2950(conf)# 4:配置使能口令 enable password cisco 以cisco为例 switch> enable switch#c onfigure terminal switch(conf)#hostname aptch2950 aptech2950(conf)# enable password cisco 5:配置使能密码 enable secret ciscolab 以cicsolab为例 switch> enable switch#c onfigure terminal switch(conf)#hostname aptch2950 aptech2950(conf)# enable secret ciscolab 6:设置虚拟局域网vlan 1 interface vlan 1 switch> enable switch#c onfigure terminal switch(conf)#hostname aptch2950 aptech2950(conf)# interface vlan 1 aptech2950(conf-if)#ip address 192.168.1.1 255.255.255.0 配置交换机端口ip 和子网掩码 aptech2950(conf-if)#no shut 是配置处于运行中aptech2950(conf-if)#exit aptech2950(conf)#ip default-gateway 192.168.254 设置网关地址 7:进入交换机某一端口 interface fastehernet 0/17 以17端口为例switch> enable switch#c onfigure terminal switch(conf)#hostname aptch2950 aptech2950(conf)# interface fastehernet 0/17 aptech2950(conf-if)#
Cisco路由器的基本配置命令 Cisco 路由器的基本配置命令 一(实训目的 1(掌握路由器的连接方式和使用基本规则。 2(掌握路由器的基本配置命令。 二(实训器材及环境 1(安装 Windows 2000 Server 系统的计算机一台。 2(安装模拟软件 Boson Netsim 5.31。 3(模拟环境如下: 图 11-1 实验拓扑环境 三(实训理论基础 1(路由器的基本配置语句 (1)配置路由器名字和特权密码: Router1> enable Router1# conf t Router1(config)# hostname R1 R1(config)# enable secret 123456
b5E2RGbCAP
(2)配置路由器的 Ethernet 端口:
R1(config)# interface e0 R1(config-if)# ip address 192.168.1.1 255.255.255.0 p1EanqFDPw R1(config-if)# no shutdown (3)配置路由器的 Serial 端口(DTE 端):DXDiTa9E3d R1(config)# interface s0 R1(config-if)# ip address 10.0.0.1 255.0.0.0 R1(config-if)# no shutdown (4)配置路由器的 Serial 端口(DCE 端):
RTCrpUDGiT
R2(config)# interface s0 R2(config-if)# ip address 10.0.0.2 255.0.0.0 R2(config-if)# clock rate 64000 R2(config-if)# no shutdown 2(路由器可以有多种类型的端口,用于连接 不同的网络,常用的有以太网端口(Ethernet)、快速以太网端口 (FastEthernet)、高速同步串口(Serial)等。有的端口是固定端口,有的端
5PCzVD7HxA
- 1 -
一 switch> 用户模式 1:进入特权模式enable switch> enable switch# 2:进入全局配置模式configure terminal switch> enable switch#c onfigure terminal switch(conf)# 3:交换机命名hostname aptech2950 以aptech2950为例 switch> enable switch#c onfigure terminal switch(conf)#hostname aptch-2950 aptech2950(conf)# 4:配置使能口令enable password cisco 以cisco为例 switch> enable switch#c onfigure terminal switch(conf)#hostname aptch2950 aptech2950(conf)# enable password cisco 5:配置使能密码enable secret ciscolab 以cicsolab为例 switch> enable switch#c onfigure terminal switch(conf)#hostname aptch2950 aptech2950(conf)# enable secret ciscolab 6:设置虚拟局域网vlan 1 interface vlan 1 switch> enable switch#c onfigure terminal switch(conf)#hostname aptch2950 aptech2950(conf)# interface vlan 1 aptech2950(conf-if)#ip address 配置交换机端口ip和子网掩码 aptech2950(conf-if)#no shut 是配置处于运行中aptech2950(conf-if)#exit aptech2950(conf)#ip default-gateway 设置网关地址 7:进入交换机某一端口interface fastehernet 0/17 以17端口为例switch> enable switch#c onfigure terminal switch(conf)#hostname aptch2950 aptech2950(conf)# interface fastehernet 0/17 aptech2950(conf-if)# 8:查看命令show switch> enable
实训目的: (1)学习和掌握科路由器的配置方式和要求。 (2)学习和掌握科路由器的工作模式分类、提示符、进入方式。1、路由器的配置方式 ①超级终端方式。该方式主要用于路由器的初始配置,路由器不需要IP地址。基本方法是:计算机通过COM1/COM2口和路由器的Console口连接,在计算机上启用“超级终端”程序,设置“波特率:9600 ,数据位:8,停止位:1,奇偶校验: 无,校验:无”即可。常用 ②Telnet方式。该方式配置要求路由器必须配置了IP地址。基本方法是:计算机通过网卡和路由器的以太网接口相连,计算机的网卡和路由器的以太网接口的IP地址必须在同一网段。常用 ③其他方式:AUX口接MODEM,通过电话线与远方运行终端仿真软件的微机;通过Ethernet上的TFTP服务器;通过Ethernet上的SNMP网管工作站。 2、路由器的工作模式 在命令行状态下,主要有以下几种工作模式: ①一般用户模式。主要用于查看路由器的基本信息,只能执行少数命令,不能对路由 器进行配置。提示符为:Router>;进入方式为:Telnet或Console ②使能(特权)模式。主要用于查看、测试、检查路由器或网络,不能对接口、路由 协议进行配置。提示符为:Router#;进入方式为:Router>enable。 ③全局配置模式。主要用于配置路由器的全局性参数。提示符为:Router(config)#; 进入方式为:Router#config ter。 ④全局模式下的子模式。包括:接口、路由协议、线路等。其进入方式和提示符如下: Router(config)#ineterface e0 //进入接口模式 Router(config-if)#//接口模式提示符 Router(config)#rip //进入路由协议模式 Router(config-router)# //路由协议模式 Router(config)#line con 0 //进入线路模式
前思科路由器已经成为路由行业的领军人物,可能好多人还不了解Cisco路由器配置的步骤,没有关系,看完本文你肯定有不少收获,希望本文能教会你更多东西,该单位公司总部在北京,全国有3个分支机构。 要求做到在4个地点的数据能够实时查询,便于业务员根据具体情况作出正确决策。早期方案是使用路由器,通过速率为256Kbps的DDN专网连接北京总部。但技术人员通过市场调研,发现该网络运营成本过高。通过进一步的咨询和调整,最终方案是分支机构使用DDN在本地接入Internet,总部使用以太网就近接入Internet。并对互联的Cisco路由器配置,使用VPN技术,保证内部数据通过Internet安全传输。该企业的网络分布见附图。 配置过程及测试步骤 在实施配置前,需要检查硬件和软件是否支持VPN。对于Cisco路由器配置,要求IOS 版本高于12.0.6(5)T,且带IPSec功能。本配置在Cisco路由器配置通过。以下是分支网络1的路由器实际配置过程,其他路由器的配置方法与此基本一致,只需修改具体的环境参数(IP 地址和接口名称)即可。 配置路由器的基本参数,并测试网络的连通性 (1) 进入Cisco路由器配置模式 将计算机串口与路由器console口连接,并按照路由器说明书配置“终端仿真”程序。执行下述命令进入配置模式。 Router>en Router#config terminal Router(config)# (2)配置路由器的基本安全参数 主要是设置特权口令、远程访问口令和路由器名称,方便远程调试。 Router(config)#enable secret xxxxxxx Router(config)#line vty 0 4 Router(config-line)#password xxxxxx Router(config-line)#exit Router(config)#hostname huadong
CISCO路由器配置手册----Frame Relay 1. 帧中继技术 帧中继是一种高性能的WAN协议,它运行在OSI参考模型的物理层和数据链路层。它是一种数据包交换技术,是X.25的简化版本。它省略了X.25的一些强健功能,如提供窗口技术和数据重发技术,而是依靠高层协议提供纠错功能,这是因为帧中继工作在更好的WAN设备上,这些设备较之X.25的WAN设备具有更可靠的连接服务和更高的可靠性,它严格地对应于OSI参考模型的最低二层,而X.25还提供第三层的服务,所以,帧中继比X.25具有更高的性能和更有效的传输效率。 帧中继广域网的设备分为数据终端设备(DTE)和数据电路终端设备(DCE),Cisco 路由器作为 DTE设备。 帧中继技术提供面向连接的数据链路层的通信,在每对设备之间都存在一条定义好的通信链路,且该链路有一个链路识别码。这种服务通过帧中继虚电路实现,每个帧中继虚电路都以数据链路识别码(DLCI)标识自己。DLCI的值一般由帧中继服务提供商指定。帧中继即支持PVC也支持SVC。 帧中继本地管理接口(LMI)是对基本的帧中继标准的扩展。它是路由器和帧中继交换机之间信令标准,提供帧中继管理机制。它提供了许多管理复杂互联网络的特性,其中包括全局寻址、虚电路状态消息和多目发送等功能。 2. 有关命令: 端口设置 任务命令 设置Frame Relay封装encapsulation frame-relay[ietf] 1 设置Frame Relay LMI类型frame-relay lmi-type {ansi | cisco | q933a}2 设置子接口interface interface-type interface-number.subinterface -number [multipoint|point-to-point] 映射协议地址与DLCI frame-relay map protocol protocol-address dlci
cisco路由器配置ACL详解 如果有人说路由交换设备主要就是路由和交换的功能,仅仅在路由交换数据包时应用的话他一定是个门外汉。 如果仅仅为了交换数据包我们使用普通的HUB就能胜任,如果只是使用路由功能我们完全可以选择一台WINDOWS服务器来做远程路由访问配置。 实际上路由器和交换机还有一个用途,那就是网络管理,学会通过硬件设备来方便有效的管理网络是每个网络管理员必须掌握的技能。今天我们就为大家简单介绍访问控制列表在CISCO路由交换上的配置方法与命令。 什么是ACL? 访问控制列表简称为ACL,访问控制列表使用包过滤技术,在路由器上读取第三层及第四层包头中的信息如源地址,目的地址,源端口,目的端口等,根据预先定义好的规则对包进行过滤,从而达到访问控制的目的。该技术初期仅在路由器上支持,近些年来已经扩展到三层交换机,部分最新的二层交换机也开始提供ACL的支持了。 访问控制列表使用原则 由于ACL涉及的配置命令很灵活,功能也很强大,所以我们不能只通过一个小小的例子就完全掌握全部ACL的配置。在介绍例子前为大家将ACL设置原则罗列出来,方便各位读者更好的消化ACL知识。 1、最小特权原则 只给受控对象完成任务所必须的最小的权限。也就是说被控制的总规则是各个规则的交集,只满足部分条件的是不容许通过规则的。 2、最靠近受控对象原则 所有的网络层访问权限控制。也就是说在检查规则时是采用自上而下在ACL 中一条条检测的,只要发现符合条件了就立刻转发,而不继续检测下面的ACL 语句。 3、默认丢弃原则 在CISCO路由交换设备中默认最后一句为ACL中加入了DENY ANY ANY,也就是丢弃所有不符合条件的数据包。这一点要特别注意,虽然我们可以修改这
思科交换机命令大全 (一) 序号/类别基于ios的交换机命令基于CLI的交换机命令 1.设置主机名/系统名switch(config)# hostname "hostname" switch(enable) set system name name-string 2.设置登录口令switch(config)# enable password level 1 password switch(enable) set password switch(enable) set enalbepass 3.设置远程访问switch(config)# inte***ce vlan 1 switch(config-if)# ip address ip-address netmask switch(config-if)# ip default-gateway ip-address switch(enable) set inte***ce sc0 ip-address netmask broadcast-address switch(enable) set inte***ce sc0 vlan switch(enable) set ip route default gateway 4.启用和浏览CDP信息switch(config-if)# cdp enable switch(config-if)# no cdp enable switch(enable) set cdp {enable|disable} module/port 5.查看Cisco邻接设备的CDP通告switch# show cdp inte***ce [type modle/port] switch# show cdp neighbors [type module/port] [detail] switch(enable) show cdp neighbors[module/port] [vlan|duplex|capabilities|detail] 6.端口描述switch(config-if)#description escription-string switch(enable)set port name module/number description-string 7.设置端口速度switch(config-if)# speed{10|100|auto} switch(enable) set port speed moudle/number {10|100|auto} switch(enable) set port speed moudle/number {4|16|auto} 8.设置以太网的链路模式switch(config-if)# duplex {auto|full|half} switch(enable) set port duplex module/number {full|half 9.配置静态VLAN switch# vlan database switch(vlan)# vlan vlan-num name vla switch(vlan)# exit switch# configure teriminal switch(config)#inte***ce inte***ce module/number switch(config-if)# switchport mode access switch(config-if)# switchport access vlan vlan-num switch(config-if)# end switch(enable) set vlan vlan-num [name name] switch(enable) set vlan vlan-num mod-num/port-list 10.配置VLAN中继线switch(config)# inte***ce inte***ce mod/port switch(config-if)# switchport mode trunk switch(config-if)#switchport trunk encapsulation {isl|dotlq} switch(config-if)# switchport trunk allowed vlan remove vlan-list switch(config-if)# switchport trunk allowed vlan add vlan-list switch(enable)set trunk module/port [on|off|desirable|auto|nonegotiate] Vlan-range [isl|dotlq|dotl0|lane|negotiate] 11.配置VTP管理域switch# vlan database
CISCO路由器配置手册 第一章路由器配置基础 一、基本设置方式 一般来说,可以用5种方式来设置路由器: 1.Console口接终端或运行终端仿真软件的微机; 2.AUX口接MODEM,通过电话线与远方的终端或运行终端仿真软件的微机相连;3.通过Ethernet上的TFTP服务器; 4.通过Ethernet上的TELNET程序; 5.通过Ethernet上的SNMP网管工作站。 但路由器的第一次设置必须通过第一种方式进行,此时终端的硬件设置如下: 波特率:9600 数据位:8 停止位:1 奇偶校验: 无
二、命令状态 1.router> 路由器处于用户命令状态,这时用户可以看路由器的连接状态,访问其它网络和主机,但不能看到和更改路由器的设置内容。 2.router# 在router>提示符下键入enable,路由器进入特权命令状态router#,这时不但可以执行所有的用户命令,还可以看到和更改路由器的设置内容。 3.router(config)# 在router#提示符下键入configure terminal,出现提示符router(config)#,此时路由器处于全局设置状态,这时可以设置路由器的全局参数。 4.router(config-if)#; router(config-line)#; router(config-router)#;… 路由器处于局部设置状态,这时可以设置路由器某个局部的参数。 5.> 路由器处于RXBOOT状态,在开机后60秒内按ctrl-break可进入此状态,这时路由器不能完成正常的功能,只能进行软件升级和手工引导。 6.设置对话状态 这是一台新路由器开机时自动进入的状态,在特权命令状态使用SETUP命令也可进入此状态,这时可通过对话方式对路由器进行设置。 三、设置对话过程 1.显示提示信息 2.全局参数的设置 3.接口参数的设置 4.显示结果 利用设置对话过程可以避免手工输入命令的烦琐,但它还不能完全代替手工设置,一些特殊的设置还必须通过手工输入的方式完成。
视图模式介绍: 普通视图 router> 特权视图 router# /在普通模式下输入enable 全局视图 router(config)# /在特权模式下输入config t 接口视图 router(config-if)# /在全局模式下输入int 接口名称例如int s0或int e0 路由协议视图 router(config-route)# /在全局模式下输入router 动态路由协议名称 1、基本配置: router>enable /进入特权模式 router#conf t /进入全局配置模式 router(config)# hostname xxx /设置设备名称就好像给我们的计算机起个名字 router(config)#enable password /设置特权口令 router(config)#no ip domain lookup /不允许路由器缺省使用DNS解析命令 router(config)# Service password-encrypt /对所有在路由器上输入的口令进行暗文加密router(config)#line vty 0 4 /进入设置telnet服务模式 router(config-line)#password xxx /设置telnet的密码 router(config-line)#login /使能可以登陆 router(config)#line con 0 /进入控制口的服务模式 router(config-line)#password xxx /要设置console的密码 router(config-line)#login /使能可以登陆 2、接口配置: router(config)#int s0 /进入接口配置模式 serial 0 端口配置(如果是模块化的路由器前面加上槽位编号,例如serial0/0 代表这个路由器的0槽位上的第一个接口) router(config-if)#ip add xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx /添加ip 地址和掩码router(config-if)#enca hdlc/ppp 捆绑链路协议 hdlc 或者 ppp 思科缺省串口封装的链路层协议是HDLC所以在show run配置的时候接口上的配置没有,如果要封装为别的链路层协议例如PPP/FR/X25就是看到接口下的enca ppp或者enca fr router(config)#int loopback /建立环回口(逻辑接口)模拟不同的本机网段 router(config-if)#ip add xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx /添加ip 地址和掩码给环回口 在物理接口上配置了ip地址后用no shut启用这个物理接口反之可以用shutdown管理性的关闭接口 3、路由配置: (1)静态路由 router(config)#ip route xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx 下一条或自己的接口router(config)#ip route 0.0.0.0 0.0.0.0 s 0 添加缺省路由 (2)动态路由 rip协议 router(config)#router rip /启动rip协议 router(config-router)#network xxx.xxx.xxx.xxx /宣告自己的网段 router(config-router)#version 2 转换为rip 2版本 router(config-router)#no auto-summary /关闭自动汇总功能,rip V2才有作用 router(config-router)# passive-int 接口名 /启动本路由器的那个接口为被动接口
CISCO路由器简要配置手册 编者: 审核: 中兴通讯网络事业部南京用服部
修订记录
目录 第1章路由器配置基础 (1) 1.1IP地址概览 (1) 1.1.1 IP地址的类别 (1) 1.1.2 子网掩码 (2) 1.2路由器基本知识介绍 (2) 1.2.1 路由器物理端口介绍 (2) 1.2.2 路由器型号 (2) 1.2.3 内存体系结构介绍 (3) 1.3基本设置方式 (4) 1.4命令状态 (5) 1.5设置对话过程 (5) 1.6常用命令 (9) 1.7配置IP寻址 (11) 1.8配置静态路由 (14) 第2章广域网协议设置 (16) 2.1HDLC (16) 2.2PPP (21) 2.3 X.25 (23) 2.4F RAME R ELAY (29) 2.5ISDN (34) 2.6PSTN (47) 第3章路由协议设置 (68) 3.1RIP协议 (68) 3.2IGRP协议 (69) 3.3OSPF协议 (70) 3.4重新分配路由 (76) 3.5IPX协议设置 (79) 第4章访问控制 (83) 4.1标准IP访问列表 (83) 4.2扩展IP访问列表 (87) 第5章配置举例 (89)
5.1组网描述 (89) 5.2路由器配置举例 (89)
第1章路由器配置基础 摘要: 路由器是处于网络层的设备,它负责把IP数据包从一个网络中的主机转发到另一个网络上的主机(中间可能用到多个路由器的转发)。路由器可以有多个接口连接局域网络和广域网络。 它有两个基本的功能:路径判断和交换。交换功能让路由器从一个接口接收数据包并转发到其它的接口。路径判断功能使得路由器能选择最合适的接口来转发数据包,即选择最佳的路径到达目的网络。下图中蓝线表示两台计算机IP数据包的传输最佳路径。 1.1 IP地址概览 1.1.1 IP地址的类别 为了同时容纳大型网络和小型网络,网络信息中心(NIC)将32比特IP地址分为A类、B类、C类、D类和E类。每种地址类别分别允许在其网络中有某一数量的网络地址和某一数量的主机地址。 类别地址范围网络数主机数 A类 1.0.0.0到126.0.0.0128(27)16777214 B类128.0.0.0 到191.255.0.016386(214)65532 C类192.0.0.0 到 223.255.255.0大约200万(221)254 D类224.0.0.0 到 239.255.255.254为多组播地址保留 E类240.0.0.0 到 254.255.255.255为研究保留
思科路由器查看配置命令 show run// 看运行状况 show ip route// 看路由表 show int// 看断口 * show ip int br// 看端口 ip 地址 show cdp nei// 察看 cdp 邻居 show ip pro// 察看 ip 协议 查看配置信息用 show 命令,该命令可以在用户模式和特权模式下执行,且在特权模式下看 到的信息比用户模式多。 show 命令很多,常用的有: 1、查看运行配置文件: Router#show running-config 运行配置文件 running-config 位于路由器的 RAM 中,存放的是路由器当前使用的配置信息。 2、查看启动配置文件: Router#show startup-config 启动配置文件 startup-config 位于路由器的 NVRAM 中,可以长期保存。它在启动路由器时装入 RAM ,成为 running-config 。 3、查看路由器的版本信息: Router#show version' 4、查看路由器的接口状态: Router#show ip interface brief 如果接口状态标识为“ Down ”,表示此接口未激活,如果标识为“ Up”,表示此接口已经激活。 5、查看路由表:
Router#show ip route 通过路由表可以看出该路由器已经识别的网络。 6、查看 NAT 翻译情况: Router#show ip nat translation 应该先进行内网与外网的通讯(如:用 ping 命令 ),然后再查看,才能看到翻译情况。
第一章:路由器配置基础 一、基本设置方式 一般来说,可以用5种方式来设置路由器: 1.Console口接终端或运行终端仿真软件的微机; 2.AUX口接MODEM,通过电话线与远方的终端或运行终端仿真软件的微机相连;3.通过Ethernet上的TFTP服务器; 4.通过Ethernet上的TELNET程序; 5.通过Ethernet上的SNMP网管工作站。 但路由器的第一次设置必须通过第一种方式进行,此时终端的硬件设置如下: 波特率:9600 数据位:8 停止位:1 奇偶校验: 无 二、命令状态 1. router> 路由器处于用户命令状态,这时用户可以看路由器的连接状态,访问其它网络和主机,但不能看到和更改路由器的设置内容。 2. router# 在router>提示符下键入enable,路由器进入特权命令状态router#,这时不但可以执行所有的用户命令,还可以看到和更改路由器的设置内容。 3. router(config)# 在router#提示符下键入configure terminal,出现提示符router(config)#,此时路由器处于全局设置状态,这时可以设置路由器的全局参数。 4. router(config-if)#; router(config-line)#; router(config-router)#;… 路由器处于局部设置状态,这时可以设置路由器某个局部的参数。 5. > 路由器处于RXBOOT状态,在开机后60秒内按ctrl-break可进入此状态,这时路由器不能完成正常的功能,只能进行软件升级和手工引导。 设置对话状态 这是一台新路由器开机时自动进入的状态,在特权命令状态使用SETUP命令也可进入此状态,这时可通过对话方式对路由器进行设置。 三、设置对话过程 显示提示信息 全局参数的设置 接口参数的设置 显示结果 利用设置对话过程可以避免手工输入命令的烦琐,但它还不能完全代替手工设置,一些特殊的设置还必须通过手工输入的方式完成。 进入设置对话过程后,路由器首先会显示一些提示信息: --- System Configuration Dialog --- At any point you may enter a question mark '?' for help. Use ctrl-c to abort configuration dialog at any prompt. Default settings are in square brackets '[]'. 这是告诉你在设置对话过程中的任何地方都可以键入“?”得到系统的帮助,按ctrl-c可以退
思科路由器常用配置命令大全 本文按字母顺序列举了思科路由器常用配置命令,适合思科路由器操作人员随时查看 Access-enable允许路由器在动态访问列表中创建临时访问列表入口 Access-group把访问控制列表(ACL)应用到接口上 Access-list定义一个标准的IP ACL Access-template在连接的路由器上手动替换临时访问列表入口 Appn向APPN子系统发送命令 Atmsig 执行ATM信令命令 B 手动引导操作系统 Bandwidth 设置接口的带宽 Banner motd 指定日期信息标语 Bfe 设置突发事件手册模式 Boot system 指定路由器启动时加载的系统映像 Calendar 设置硬件日历 Cd 更改路径 Cdp enable 允许接口运行CDP协议 Clear 复位功能 Clear counters 清除接口计数器 Clear interface 重新启动接口上的件逻辑 Clockrate 设置串口硬件连接的时钟速率,如网络接口模块和接口处理器能接受的速率 Cmt 开启/关闭FDDI连接管理功能 Config-register 修改配置寄存器设置 Configure 允许进入存在的配置模式,在中心站点上维护并保存配置信息 Configure memory 从NVRAM加载配置信息 Configure terminal 从终端进行手动配置 Connect 打开一个终端连接 Copy 复制配置或映像数据 Copy flash tftp 备份系统映像文件到TFTP服务器 Copy running-config startup-config 将RAM中的当前配置存储到NVRAM Copy running-config tftp 将RAM中的当前配置存储到网络TFTP服务器上 Copy tftp flash 从TFTP服务器上下载新映像到Flash Copy tftp running-config 从TFTP服务器上下载配置文件 Debug 使用调试功能 Debug dialer 显示接口在拨什么号及诸如此类的信息 Debug ip rip 显示RIP路由选择更新数据 Debug ipx routing activity 显示关于路由选择协议(RIP)更新数据包的信息 Debug ipx sap 显示关于SAP(业务通告协议)更新数据包信息 Debug isdn q921 显示在路由器D通道ISDN接口上发生的数据链路层(第2层)的访问过程 Debug ppp 显示在实施PPP中发生的业务和交换信息 Delete 删除文件 Deny 为一个已命名的IP ACL设置条件 Dialer idle-timeout 规定线路断开前的空闲时间的长度 Dialer map 设置一个串行接口来呼叫一个或多个地点 Dialer wait-for-carrier-time 规定花多长时间等待一个载体 Dialer-group 通过对属于一个特定拨号组的接口进行配置来访问控制 Dialer-list protocol 定义一个数字数据接受器(DDR)拨号表以通过协议或ACL与协议的组合来控