Bambang F. Indarto

The Journey… The Shares

Posts Tagged ‘Router’

Service Command in Cisco Routers

Posted by bfindarto on June 1, 2008

The service command is the beginning of 24 other subcommands. Some of these commands are relatively unimportant, but others are so important that you probably know them by heart. However, as you know, many commands seem unimportant — until you need them. You may list all the service subcommands by typing service ? at configuration mode.

From all 24 service subcommandshere the list of some most important commands you should know.

1. service dhcp
You can use the service dhcp command to enable or disable the Cisco IOS DHCP server and relay agent. The Cisco IOS enables this command by default.

However, if you’re turning on DHCP or it isn’t functioning, you should check the status of the service dhcp command. (You can disable the server using the no service dhcp command.)

2. service linenumber
This command notifies the user of the router’s or switch’s async line number used at login. This can come in handy if you’re having problems with your VTY line — it reminds you what line you’re on. It even works on the console. Here’s an example:

myRoutercon0 is now available
Press RETURN to get started.

myRouter line 0

myRouter>

3. service password-encryption
This command should be one you’ve already enabled. While disabled by default, the service password-encryption command is one that I recommend everyone turn on.

This command encrypts the Cisco IOS passwords stored in the router’s NVRAM configuration files. This helps prevent anyone from browsing the passwords if the configuration finds its ways to something like a TFTP server.

4. service nagle
Nagle is a congestion control algorithm used to reduce the transmission of small packets. It’s a bandwidth-saving feature for keystroke-based applications (such as Telnet). While the Cisco IOS turns off Nagle by default, you can enable it with the service nagle command.

5. service prompt config
The service prompt config command displays the configuration prompt.

If you enter no service prompt config, you’ll get no prompt when going into Global Configuration Mode. In other words, you can still type, but you don’t get any kind of prompt. This would really throw off someone who wasn’t familiar with this command.

Here’s an example:

myRouter(config)# no service prompt config

^Z
myRouter#
myRouter# conf t
Enter configuration commands, one per line.  End with CNTL/Z.

service prompt config
myRouter(config)#

6. service sequence-numbers
You can use the service sequence-numbers command to insert sequence numbers into log files. This can be important when log entries are coming really quickly. In fact, they can come so quickly that they appear at the same time. Here’s an example of sequence numbers:

000377: *Mar 17 23:06:33.609: %SYS-5-CONFIG_I: Configured from console by console

(where the 000377 is the sequence number)

7. service tcp-keepalives
You can use the service tcp-keepalives-in and the service tcp-keepalives-out commands to monitor TCP connections to and from the router. They can terminate connections if the router or switch doesn’t receive a response from the remote device.

8. service tcp-small-servers
The Cisco IOS disables the service tcp-small-servers command by default. Enabling this command turns on the following services on the router: Echo, Discard, Chargen, and Daytime.

I don’t recommend enabling this service because it could be a security concern. If you see any routers that have this command enabled, I suggest disabling it unless there’s a purpose for these services.

9. service timestamps
You can use the service timestamps command to create timestamps on the router’s log files. Since version 11.3, the Cisco IOS has enabled certain timestamps by default, so most of us have this on. However, there are additional timestamps options that you can enable as well as places where timestamps are probably off by default.

Here’s an example of turning on all timestamp options for logging and debugging:

service timestamps log datetime localtime msec show-timezone year
service timestamps debugging datetime localtime msec show-timezone year

10. service password-recovery
The service password-recovery command enables the password recovery capability. This lets you recover the enable-mode password if you lose it by changing the config-register.

The no service password-recovery command can be dangerous. If you use this command, there’s no way to recover the enable-mode password if you lose it.

Posted in Cisco Networking | Tagged: , , , | Leave a Comment »

Configure Your Router As DHCP Server

Posted by bfindarto on March 30, 2008

Well.. if you have situation like: you have 20 to 100 clients, and you don’t have a DHCP server (becouse of your company doesn’t want waste money for buying a Server? he he..), you may configure your router as the DHCP server for the networks. Okay, here we go:

1. Define a DHCP address pool
MyRouter(config)#ip dhcp pool network-address subnet-mask
you may replace subnet mask number with /prefix or the CIDR number

2. Configure Basic Parameters
a. Router(dhcp-config)#default-router ip-address (usually the the network gateway’s ip address on router’s interface)
b. Router(dhcp-config)#Network first-ip-address last-ip-address

3. Configure Additonal Parameters
a. Router(dhcp-config)#dns-server dns-server-ip-address
b. Router(dhcp-config)#netbios-name-server net-bios-server-ip-address
c. Router(dhcp-config)#domain-name NAME
d. Router(dhcp-config)#lease DAYS HOURS MINUTES or
e. Router(dhcp-config)#lease infinite

4. Configure the IP addresses to be excluded from the pool
This is usually done to avoid the conflicts caused by the DHCP with servers and printers. Remember to give ALL servers and network printers static IP addresses in the same range of the DHCP pool. And then exclude these addresses from the pool to avoid conflicts.

Router(config)#ip dhcp excluded-address ip-address (repeat this as many static ip addresses you have to exclude it from the pool, or
Router(config)#ip dhcp excluded-address start-ip-address end-ip-address

5. Enable the DHCP service in the router
Router(config)#service dhcp
To disable it use
Router(config)#no service dhcp

Usually the DHCP service is enabled by default on your router.

6. Verify your DHCP configuration
Router#show ip dhcp binding
Router#show ip dhcp server statistics
Router#debug ip dhcp server

DHCP server software is supported for these series; 800, 1000, 1400, 1600, 1700 series (Cisco IOS Release 12.0[2]T), 2500, 2600, 3600, 3800, MC3810, 4000, AS5100, AS5200, AS5300, 7000, 7100, 7200, MGX 8800 with an installed Route Processor Module, 12000, uBR900, uBR7200, Catalyst 5000 family switches with an installed Route Switch Module, Catalyst 6000 family switches with an installed MultiLayer Switch Feature Card, and Catalyst 8500.

Posted in Cisco Networking | Tagged: , , , , , , | Leave a Comment »

Want to be CCNA? Prepare Yourself here..

Posted by bfindarto on March 13, 2008

The CCNA certification is a valuable certification that is frequently updated, so there are about 5 things that every CCNA candidates should have handy when preparing for the CCNA or trying to keep your CCNA current. Lets take a look…

Look out for new changes to the CCNA certification program!

There are frequently new changes to the CCNA certification (as well as the other Cisco certifications). For example, on June 25, 2007, Cisco introduced the Cisco Certified Entry-Level Network Technician (CCENT). There is a 640-822 exam that you must pass to achieve the CCENT certification. Cisco has broken up the Interconnecting Cisco Network Devices (ICND) one week training into two weeks and has named them ICND Part 1 and ICND Part 2. ICND Part 1 is to prepare you for the CCENT certification and ICND part 2 is to prepare you for the CCNA certification. To pass the CCNA, you can take ONE of the following paths:
ICND1 640-822 and ICND2 640-816, or
CCNA 640-802 composite exam
For more information on Cisco certification program updates, checkout the Cisco Learning Program updates website.

Important Websites to help you prepare for the CCNA certification.

I have used some excellent FREE resources for CCNA-related training, preparation, and question/answer. Here is my list:
Cisco’s CCNA Prep Center
Cisco’s official CCNA certification home

Important Technical Tips to passing your CCNA

Here are my important tips to passing the CCNA the first time:
Know what is on the Exam – for example, if you are taking the 640-802 exam, you should know the 640-802 exam blueprint front and back. You should be able to talk at length about these topics.
Know the basics of getting around and configuring a real router – you can’t count on just books to get you through the exam. You should find some way to get on a real router (borrow, buy, or get yourself on the training, he he.. 🙂 ) or a simulator (PacketTracer, or Boson Simulator). The test will give you a simulated router and you will have to do something on it. If you have never used one before, you will be in trouble.
Know how to perform IP subnetting and also number system conversioncoz this is where all the problems come 🙂 .

The Value of a CCNA certification
According to the TCPMag.com salary surveys, an IT professional who has a CCNA earns, on average, $76,500 USD. That is $16,500 more than the $60,000 average rate earned by CCNAs in 2004. Even better, if you could upgrade your CCNA to a CCNP, you could earn an average estimated $12,000 per year more (that is $1,000 per month).

Keep in mind the IT Pro’s surveyed may have multiple years of experience and/or other certifications. For example, from those surveyed who have ONLY a CCNA, the average salary is $68,000.So, in general, what are these numbers telling you?The value of a CCNA continues to increase. You can justify a higher salary by having a CCNA. The more years of experience you have and the more certifications you have, the more salary you will be awarded (on average, of course). To some of you, this may be obvious information. To others this may be “news”. Either way, the survey helps to justify cost and time associated with obtaining your CCNA.

The single source for the best CCNA and CCNP video training available

In my opinion, the single best source I have seen for CCNA & CCNP training material is the Train Signal CCNA video training series covering these exams. These videos are the closest thing you can find to hands-on real world training. You get to see an expert-level network administrator not only train you on what you need to need to pass the exams but also train you on how to configure Cisco routers & switches for the real world.

In summary, the CCNA certification is a valuable certification that is frequently updated. You should use the websites found in this article to ensure you have what you need to pass the CCNA and, after that, stay current on the CCNA certification.

Posted in Cisco Networking | Tagged: , , , , , , , , , | 6 Comments »