Saturday 28 May 2011

Creating Command Aliases


Problem

You want to create aliases for commonly-used or complex commands.

Solution

You can create command aliases on your router with the alias command:
Router1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#alias exec rt show ip route
Router1(config)#alias exec on show ip ospf neighbor
Router1(config)#end
Router1#
 

Discussion

Unix system administrators have been using command aliases for many years to help reduce typing and save time. These shortcut commands allow you to reduce long or complex command sequences down to a few simple characters. This is most useful for extremely common commands, or for those that are complex or difficult to remember. You can create an alias for any command, including some or all of its associated keywords or variables.
Here we have created the alias rt for one of the most common commands that we use every day, show ip route:
Router1(config)#alias exec rt show ip route
We can now use this simple two-letter command to display the routing table, saving time and typing:
Router1#rt
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route
   
Gateway of last resort is 172.25.1.1 to network 0.0.0.0
   
S    192.168.10.0/24 [1/0] via 172.22.1.4
     172.16.0.0/24 is subnetted, 1 subnets
C       172.16.2.0 is directly connected, FastEthernet0/0.2
     172.20.0.0/16 is variably subnetted, 3 subnets, 3 masks
O       172.20.10.0/24 [110/74] via 172.20.1.2, 00:52:55, Serial0/0.2
C       172.20.1.0/30 is directly connected, Serial0/0.2
O       172.20.100.1/32 [110/65] via 172.20.1.2, 00:52:55, Serial0/0.2
     172.22.0.0/16 is variably subnetted, 2 subnets, 2 masks
D       172.22.0.0/16 is a summary, 20:31:03, Null0
C       172.22.1.0/24 is directly connected, FastEthernet0/1
Router1#

The key to choosing a good alias command name is to pick something that is short and easy to remember. Of course, it is critical to select an alias that does not conflict with an existing command. In our example, we choose rt as a short and memorable mnemonic for "route table." This abbreviation does not conflict with any existing IOS command.
You can also use a command alias as part of a longer command. For example, we could use our rt alias to shorten the command show ip route 172.16.2.0.
Router1#rt 172.16.2.0
Routing entry for 172.16.2.0/24
  Known via "connected", distance 0, metric 0 (connected, via interface)
  Routing Descriptor Blocks:
  * directly connected, via FastEthernet0/0.2
      Route metric is 0, traffic share count is 1
Router1#
Command aliases are most effective if you use them consistently among all of the routers that you manage. Otherwise, you'll have to remember a different set of alias commands for each group of devices. If you want to use this feature, we recommend that the entire network management team work together to develop a standard set of aliases before implementing them. We also recommend keeping the aliases simple. And, above all, resist the urge to alias every possible command. Instead, create aliases for only the most common commands.
Command aliases are also useful for scripting. You can build a script to perform a task on a router that might be slightly different on each router. For example, suppose you want to clear the counters of a particular access list on a weekly basis. But, some of your routers use a different access list number. You can simply build an alias with the same name on each router, but make the actual commands represented by the alias appropriate to each individual router. Finally, you can build a script to issue the command alias and automate what would otherwise be an extremely onerous task.
The show aliases command displays all of the command aliases configured on the router:
Router1#show aliases
Exec mode aliases:
  h                     help
  lo                    logout
  p                     ping
  r                     resume
  s                     show
  u                     undebug
  un                    undebug
  w                     where
  rt                    show ip route
  on                    show ip ospf neighbor
   
Router1#
If you type this command on any router, you will see that Cisco implements several command aliases by default.

Thursday 26 May 2011

Redistributing Static Routes into RIP

Problem
You want RIP to redistribute static routes that you have configured on your router.

Solution

The redistribute static command tells RIP to forward static routes in addition to the directly connected routes and the routes that have been learned from other RIP routers, which it forwards by default:
Router1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#ip route 192.168.10.0 255.255.255.0 172.22.1.4
Router1(config)#router rip
Router1(config-router)#redistribute static
Router1(config-router)#end
Router1#
You can define how these routes look to other routers when they are redistributed:
Router1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#ip route 192.168.10.0 255.255.255.0 172.22.1.4
Router1(config)#router rip                  
Router1(config-router)#redistribute static metric 5
Router1(config-router)#distribute-list 7 out static
Router1(config-router)#exit
Router1(config)#access-list 7 permit 192.168.10.0
Router1(config)#end
Router1#

Discussion

The biggest potential problem that you will encounter with redistributing routes into RIP comes from breaking network class boundaries. RIP is classful, so you have to be rather careful about how you distribute routing information from other sources that may be classless. In this recipe, Router1 redistributes a static route for the Class C network 192.168.10.0. But if we tried instead to redistribute a larger range (such as 192.168.12.0/22), RIP would not generate any errors—the router would just quietly refuse to forward this route.
Looking at the RIP database on a router with IOS level 12.0(6)T or higher shows the redistributed static route:
Router1#show ip rip database 192.168.10.0 255.255.255.0
192.168.10.0/24    redistributed
    [5] via 0.0.0.0, 
Router1#
After configuring the second example, the output of show ip protocols includes information about the filtering. This command also tells you what protocols RIP is distributing:
Router1#show ip protocols 
Routing Protocol is "rip"
  Sending updates every 30 seconds, next due in 5 seconds
  Invalid after 180 seconds, hold down 180, flushed after 240
  Outgoing update filter list for all interfaces is not set
    Redistributed static filtered by 7
  Incoming update filter list for all interfaces is not set
  Redistributing: static, rip
  Default version control: send version 2, receive version 2
    Interface             Send  Recv  Triggered RIP  Key-chain
    FastEthernet0/0.1     2     2 
    Serial0/0.2           2     2                                    
    FastEthernet0/1       2     2                                    
   Automatic network summarization is in effect
  Maximum path: 4
  Routing for Networks:
    172.22.0.0
    172.25.0.0
  Routing Information Sources:
    Gateway         Distance      Last Update
    172.25.1.7           120      00:00:03
    172.25.2.2           120      00:00:06
    172.22.1.4           120      00:00:08
  Distance: (default is 120)
Router1#
In addition to static routes, you can distribute information from other dynamic routing protocols with RIP simply by specifying which protocol's routes you want RIP to use. For example, if you have an EIGRP network that uses process number 65530 on the same router, you would redistribute the EIGRP routes into RIP like this:
Router1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router1(config)#router eigrp 65530
Router1(config-router)#network 192.168.1.0
Router1(config-router)#exit
Router1(config)#router rip
Router1(config-router)#redistribute eigrp 65530
Router1(config-router)#end
Router1#
If you look at the show ip protocols command, you can see that RIP redistributes routes it learns from EIGRP, but EIGRP does not redistribute routes learned from RIP. If you also want EIGRP to redistribute RIP routes, you must explicitly configure it to do so. 
Router1#show ip protocols   
Routing Protocol is "rip"
  Sending updates every 30 seconds, next due in 0 seconds
  Invalid after 180 seconds, hold down 180, flushed after 240
  Outgoing update filter list for all interfaces is 
  Incoming update filter list for all interfaces is 
  Redistributing: static, rip, eigrp 65530
   

  Default version control: send version 1, receive any version
    Interface        Send  Recv   Key-chain
    FastEthernet0/0.1     2     2 
    Serial0/0.2           2     2                                    
    FastEthernet0/1       2     2                                    
   Automatic network summarization is in effect
  Maximum path: 4
  Routing for Networks:
    172.22.0.0
    172.25.0.0
  Routing Information Sources:
    Gateway         Distance      Last Update
    172.25.1.7           120      00:00:03
    172.25.2.2           120      00:00:06
    172.22.1.4           120      00:00:08
  Distance: (default is 120)
   
Routing Protocol is "eigrp 65530"
  Outgoing update filter list for all interfaces is 
  Incoming update filter list for all interfaces is 
  Default networks flagged in outgoing updates
  Default networks accepted from incoming updates
  EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
  EIGRP maximum hopcount 100
  EIGRP maximum metric variance 1
  Redistributing: eigrp 65530
  Automatic network summarization is in effect
  Routing for Networks:
    192.168.1.0
  Routing Information Sources:
    Gateway         Distance      Last Update
  Distance: internal 90 external 170
   

Wednesday 25 May 2011

Study Cisco SDM without any router

This post illustrate how we can study Cisco SDM(Security Device Manager) without using a real router.


Step 1: Download and Install JAVA


JAVA download link
http://dl8-cdn-00.sun.com/s/ESD6/JSCDL/jre/6u17-b70/JavaSetup6u17-rv.exe?e=1258225115292&h=bdf397401ba01d188d6618881798a506%2F&filename=JavaSetup6u17-rv.exe


Step 2: Download and Install SDM


SDM download link.
http://ftp-sj.cisco.com/pub/web/sdm/SDM-V232.zip


Step 3: Download SDM demo , which make u use SDM without having a router , for learning purpose 


download link :

http://download-sj.cisco.com/pub/web/sdm/tool/SDM_demo_tool.zip


note :


Extract SDM demo in C:\ , read instruction file and follow it's procedure. SDM you will be able to access SDM using loopback IP 127.0.0.1 .


This is quite interesting and helpful try it..


If you want a complete guide of SDM please download it in below link:


http://www.cisco.com/en/US/docs/routers/access/cisco_router_and_security_device_manager/25/software/user/guide/SDM25ug.pdf

GNS 3 - Some interesting Configuration


1)Adding your own PC to GNS3 with MS Loopback





2)Connecting Virtual Machines in GNS3 to the Local Machine and to the Internet 



3) How to connect GNS3 to a real router or switch and to the internet