Basic Router Configuration

This chapter contains the following sections:

Default Configuration

When you boot up the router for the first time, the router looks for a default file name-the PID of the router. For example, the Cisco 1000 Series Integrated Services Routers look for a file named isr1100.cfg. The Cisco 1000 Series ISR looks for this file before finding the standard files-router-confg or the ciscortr.cfg.

The Cisco 1000 ISR looks for the isr1100.cfg file in the bootflash. If the file is not found in the bootflash, the router then looks for the standard files-router-confg and ciscortr.cfg. If none of the files are found, the router then checks for any inserted USB that may have stored these files in the same particular order.


Note

If there is a configuration file with the PID as its name in an inserted USB, but one of the standard files are in bootflash, the system finds the standard file for use.

Use the show running-config command to view the initial configuration, as shown in the following example: 

Router# show running-config

Building configuration...


Current configuration : 1749 bytes
!
! Last configuration change at 20:23:33 UTC Fri Nov 3 2017
!
version 16.6
service timestamps debug datetime msec
service timestamps log datetime msec
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
!
!         
!         
!         
!         
!         
!         
!         
subscriber templating
!         
!         
multilink bundle-name authenticated
!         
!         
!         
crypto pki trustpoint TP-self-signed-4175586959
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-4175586959
 revocation-check none
 rsakeypair TP-self-signed-4175586959
!         
!         
crypto pki certificate chain TP-self-signed-4175586959
!         
!         
license udi pid C1111-8PLTELA sn FGL212694ML
!         
diagnostic bootup level minimal
spanning-tree extend system-id
!         
!         
!         
redundancy
 mode none
!         
controller Cellular 0/2/0
 lte modem link-recovery disable
!         
!         
vlan internal allocation policy ascending
!         
!         
!         
!         
!         
!         
interface GigabitEthernet0/0/0
 no ip address
 shutdown 
 negotiation auto
!         
interface GigabitEthernet0/0/1
 no ip address
 shutdown 
 negotiation auto
!         
interface GigabitEthernet0/1/0
!         
interface GigabitEthernet0/1/1
!         
interface GigabitEthernet0/1/2
!         
interface GigabitEthernet0/1/3
!         
interface GigabitEthernet0/1/4
!         
interface GigabitEthernet0/1/5
!         
interface GigabitEthernet0/1/6
!         
interface GigabitEthernet0/1/7
!         
interface Cellular0/2/0
 ip address negotiated
 ipv6 enable
!         
interface Cellular0/2/1
 no ip address
 shutdown 
!         
interface Vlan1
 no ip address
!         
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!         
!         
!         
!         
!         
!         
control-plane
!         
!         
line con 0
 transport input none
 stopbits 1
line vty 0 4
 login    
!         
wsma agent exec
!         
wsma agent config
!         
wsma agent filesys
!         
wsma agent notify
!         
!         
end

Configuring Global Parameters

To configure the global parameters for your router, follow these steps.

Procedure

  Command or Action Purpose
Step 1

configure terminal

Example:


Router> enable
Router# configure terminal
Router(config)#

Enters global configuration mode when using the console port.

Use the following to connect to the router with a remote terminal: 

telnet router-name or address
Login: login-id
Password: *********
Router> enable
Step 2

hostname name

Example:


Router(config)# hostname Router

Specifies the name for the router.

Step 3

enable password password

Example:


Router(config)# enable password cr1ny5ho

Specifies a password to prevent unauthorized access to the router.

Note 

In this form of the command, password is not encrypted.
Step 4

no ip domain-lookup

Example:


Router(config)# no ip domain-lookup

Disables the router from translating unfamiliar words (typos) into IP addresses.

For complete information on global parameter commands, see the Cisco IOS Release Configuration Guide documentation set.

Configuring Gigabit Ethernet Interfaces

To manually define onboard Gigabit Ethernet interfaces, follow these steps, beginning from global configuration mode.

Procedure

  Command or Action Purpose
Step 1

interface slot/bay/port

Example:


Router(config)# interface 0/0/1

Enters the configuration mode for an interface on the router.

Step 2

ip address ip-address mask

Example:


Router(config-if)# ip address 192.168.12.2 255.255.255.0

Sets the IP address and subnet mask for the specified interface. Use this Step if you are configuring an IPv4 address.

Step 3

ipv6 address ipv6-address/prefix

Example:


Router(config-if)# ipv6 address 2001.db8::ffff:1/128

Sets the IPv6 address and prefix for the specified interface. Use this step instead of Step 2, if you are configuring an IPv6 address.

Step 4

no shutdown

Example:


Router(config-if)# no shutdown

Enables the interface and changes its state from administratively down to administratively up.

Step 5

exit

Example:


Router(config-if)# exit

Exits the configuration mode of interface and returns to the global configuration mode.

Configuring a Loopback Interface

Before you begin

The loopback interface acts as a placeholder for the static IP address and provides default routing information.

To configure a loopback interface, follow these steps.

Procedure

  Command or Action Purpose
Step 1

interface type number

Example:


Router(config)# interface Loopback 0

Enters configuration mode on the loopback interface.

Step 2

(Option 1) ip address ip-address mask

Example:


Router(config-if)# ip address 10.108.1.1 255.255.255.0

Sets the IP address and subnet mask on the loopback interface. (If you are configuring an IPv6 address, use the ipv6 address ipv6-address/prefix command described below.

Step 3

(Option 2) ipv6 address ipv6-address/prefix

Example:


Router(config-if)# 2001:db8::ffff:1/128

Sets the IPv6 address and prefix on the loopback interface.

Step 4

exit

Example:


Router(config-if)# exit

Exits configuration mode for the loopback interface and returns to global configuration mode.

The loopback interface in this sample configuration is used to support Network Address Translation (NAT) on the virtual-template interface. This configuration example shows the loopback interface configured on the Gigabit Ethernet interface with an IP address of 192.0.2.0/16, which acts as a static IP address. The loopback interface points back to virtual-template1, which has a negotiated IP address. 

!
interface loopback 0
ip address 192.10.2.3 255.255.0.0 (static IP address)
ip nat outside
!
interface Virtual-Template1
ip unnumbered loopback0
no ip directed-broadcast
ip nat outside

Verifying Loopback Interface Configuration

Enter the show interface loopback command. You should see an output similar to the following example: 


Router# show interface loopback 0
Loopback0 is up, line protocol is up 
  Hardware is Loopback
  Internet address is 192.0.2.0/16
  MTU 1514 bytes, BW 8000000 Kbit, DLY 5000 usec, 
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation LOOPBACK, loopback not set
  Last input never, output never, output hang never
  Last clearing of "show interface" counters never
  Queueing strategy: fifo
  Output queue 0/0, 0 drops; input queue 0/75, 0 drops
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     0 packets output, 0 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 output buffer failures, 0 output buffers swapped out

Alternatively, use the ping command to verify the loopback interface, as shown in the following example: 


Router# ping 192.0.2.0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.0.2.0, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

Configuring Module Interfaces

For detailed information about configuring service modules, see the Wireless Device Overview chapter and the Cisco Fourth-Generation LTE-Advanced chapter.

Configuring Command-Line Access

To configure parameters to control access to the router, follow these steps.

Procedure

  Command or Action Purpose
Step 1

line [ console | tty | vty] line-number

Example:


Router(config)# line console 0

Enters line configuration mode, and specifies the type of line.

The example provided here specifies a console terminal for access.

Step 2

password password

Example:


Router(config-line)# password 5dr4Hepw3

Specifies a unique password for the console terminal line.

Step 3

login

Example:


Router(config-line)# login

Enables password checking at terminal session login.

Step 4

exec-timeout minutes [seconds]

Example:


Router(config-line)# exec-timeout 5 30
Router(config-line)#

Sets the interval during which the EXEC command interpreter waits until user input is detected. The default is 10 minutes. Optionally, adds seconds to the interval value.

The example provided here shows a timeout of 5 minutes and 30 seconds. Entering a timeout of 0 0 specifies never to time out.

Step 5

exit

Example:


Router(config-line)# exit

Exits line configuration mode to re-enter global configuration mode.

Step 6

line [ console | tty | vty] line-number

Example:


Router(config)# line vty 0 4
Router(config-line)#

Specifies a virtual terminal for remote console access.

Step 7

password password

Example:


Router(config-line)# password aldf2ad1

Specifies a unique password for the virtual terminal line.

Step 8

login

Example:


Router(config-line)# login

Enables password checking at the virtual terminal session login.

Step 9

end

Example:


Router(config-line)# end

Exits line configuration mode, and returns to privileged EXEC mode.

Example

The following configuration shows the command-line access commands.

You do not have to input the commands marked default. These commands appear automatically in the configuration file that is generated when you use the show running-config command. 

!
line console 0
exec-timeout 10 0
password 4youreyesonly
login
transport input none (default)
stopbits 1 (default)
line vty 0 4
password secret
login
!

Configuring Static Routes

Static routes provide fixed routing paths through the network. They are manually configured on the router. If the network topology changes, the static route must be updated with a new route. Static routes are private routes unless they are redistributed by a routing protocol.

To configure static routes, follow these steps.

Procedure

  Command or Action Purpose
Step 1

(Option 1) ip route prefix mask {ip-address | interface-type interface-number [ip-address]}

Example:


Router(config)# ip route 192.10.2.3 255.255.0.0 10.10.10.2

Specifies a static route for the IP packets. (If you are configuring an IPv6 address, use the ipv6 route command described below.)

Step 2

(Option 2) ipv6 route prefix/mask {ipv6-address | interface-type interface-number [ipv6-address]}

Example:


Router(config)# ipv6 route 2001:db8:2::/64 2001:db8:3::0

Specifies a static route for the IP packets.

Step 3

end

Example:


Router(config)# end

Exits global configuration mode and enters privileged EXEC mode.

In the following configuration example, the static route sends out all IP packets with a destination IP address of 192.168.1.0 and a subnet mask of 255.255.255.0 on the Gigabit Ethernet interface to another device with an IP address of 10.10.10.2. Specifically, the packets are sent to the configured PVC.

You do not have to enter the command marked default. This command appears automatically in the configuration file generated when you use the running-config command. 

!
ip classless (default)
ip route 2001:db8:2::/64 2001:db8:3::0

Verifying Configuration

To verify that you have configured static routing correctly, enter the show ip route command (or show ipv6 route command) and look for static routes marked with the letter S.

When you use an IPv4 address, you should see verification output similar to the following: 


Router# show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 1 subnets
C       10.108.1.0 is directly connected, Loopback0
S*   0.0.0.0/0 is directly connected, FastEthernet0

When you use an IPv6 address, you should see verification output similar to the following: 


Router# show ipv6 route
IPv6 Routing Table - default - 5 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
       I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
       EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE -
Destination
       NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
       OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
       ls - LISP site, ld - LISP dyn-EID, a - Application

C   2001:DB8:3::/64 [0/0]
       via GigabitEthernet0/0/2, directly connected
S   2001:DB8:2::/64 [1/0]
       via 2001:DB8:3::1

Configuring Dynamic Routes

In dynamic routing, the network protocol adjusts the path automatically, based on network traffic or topology. Changes in dynamic routes are shared with other routers in the network.

A router can use IP routing protocols, such as Routing Information Protocol (RIP) or Enhanced Interior Gateway Routing Protocol (EIGRP), to learn about routes dynamically.

Configuring Routing Information Protocol

To configure the RIP on a router, follow these steps.

Procedure

  Command or Action Purpose
Step 1

router rip

Example:


Router(config)# router rip

Enters router configuration mode, and enables RIP on the router.

Step 2

version {1 | 2}

Example:


Router(config-router)# version 2

Specifies use of RIP version 1 or 2.

Step 3

network ip-address

Example:


Router(config-router)# network 192.168.1.1
Router(config-router)# network 10.10.7.1

Specifies a list of networks on which RIP is to be applied, using the address of the network of each directly connected network.

Step 4

no auto-summary

Example:


Router(config-router)# no auto-summary

Disables automatic summarization of subnet routes into network-level routes. This allows subprefix routing information to pass across classful network boundaries.

Step 5

end

Example:


Router(config-router)# end
Exits router configuration mode, and enters privileged EXEC mode.

The following configuration example shows RIP Version 2 enabled in IP networks 10.0.0.0 and 192.168.1.0. To see this configuration, use the show running-config command from privileged EXEC mode. 

!
Router# show running-config
Building configuration...


Current configuration : 5980 bytes
!
! Last configuration change at 13:56:48 PST Fri Nov 3 2017 by admin
!
version 16.6
service timestamps debug datetime msec
service timestamps log datetime msec
service call-home
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
platform shell
!
hostname Router
!
boot-start-marker
boot system tftp /auto/tftp-sjc-users5/c1100-universalk9_ias.16.06.02.SPA.bin 223.255.254.254
boot-end-marker
!
!
vrf definition VRF-example
 description VRF-example
!         
no logging console
!
aaa new-model
!
!
!
aaa login success-track-conf-time 1
!
!
!
!
aaa session-id common
!
transport-map type persistent webui tsn_sol
 server   
 secure-server
!
clock timezone PST -23 0
call-home
 contact-email-addr dsfdsfds@cisco.com
 profile "ewrewtrwrewr"
  destination address email cisco@cisco.com 
!
!
ipv6 unicast-routing
ipv6 dhcp pool 234324
!
!
!
!
!
!
!
!
subscriber templating
!
!
multilink bundle-name authenticated
passthru-domain-list 34324
 match 3r4324
passthru-domain-list ewtrewr
 match asfdkdslkf.com
!
!
!
crypto pki trustpoint TP-self-signed-2994767669
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2994767669
 revocation-check none
 rsakeypair TP-self-signed-2994767669
!
crypto pki trustpoint TP-self-signed-3039537782
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3039537782
 revocation-check none
 rsakeypair TP-self-signed-3039537782
!
!
crypto pki certificate chain TP-self-signed-2994767669
crypto pki certificate chain TP-self-signed-3039537782
!
!
license udi pid C1111-8PLTELAWN sn FGL212392WT
!
redundancy
 mode none
!
controller Cellular 0/2/0
 lte modem link-recovery disable
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
interface Loopback3
 no ip address
!
interface Loopback50
 ip address 5.5.5.5 255.255.255.255
!
interface Loopback100
 no ip address
!
interface Loopback544534
 no ip address
!
interface Loopback32432532
 no ip address
!
interface Port-channel2
 no ip address
 no negotiation auto
!
interface GigabitEthernet0/0/0
 description Interface for WebUI access
 ip address 192.168.1.46 255.255.255.0
 negotiation auto
 spanning-tree portfast disable
!
interface GigabitEthernet0/0/1
 description Interface for TFTP
 ip address 15.15.15.1 255.255.255.0
 negotiation auto
 spanning-tree portfast disable
!
interface GigabitEthernet0/1/0
 spanning-tree portfast disable
!
interface GigabitEthernet0/1/1
!
interface GigabitEthernet0/1/2
 
!
interface GigabitEthernet0/1/3
!
interface GigabitEthernet0/1/4
!
interface GigabitEthernet0/1/5
!
interface GigabitEthernet0/1/6
!
interface GigabitEthernet0/1/7
!
interface Wlan-GigabitEthernet0/1/8
!
interface Cellular0/2/0
 pulse-time 1
!
interface Cellular0/2/1
 no ip address
 
!
interface Vlan1
 ip address 10.10.10.1 255.255.255.0
!
router rip
 version 2
 network 10.0.0.0
 network 192.168.1.0
!
 !
 address-family ipv4 unicast autonomous-system 44
  !       
  af-interface GigabitEthernet0/0/0
   no split-horizon
  exit-af-interface
  !
  topology base
  exit-af-topology
 exit-address-family
!
!
!
!
control-plane
!
banner login ^CTSN_WebUI^C
!
line con 0
 transport input none
 stopbits 1
line vty 0 4
 exec-timeout 0 0
 transport input telnet ssh
 transport output all
line vty 5 15
 transport input all
 transport output all
!
wsma agent exec
!
wsma agent config
!
wsma agent filesys
!
wsma agent notify
!
!
end

Router#

Verifying Configuration

To verify that you have configured RIP correctly, enter the show ip route command and look for RIP routes marked with the letter R. You should see an output similar to the one shown in the following example: 

Router# show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 1 subnets
C       10.108.1.0 is directly connected, Loopback0
R    3.0.0.0/8 [120/1] via 2.2.2.1, 00:00:02, Ethernet0/0/0

Configuring Enhanced Interior Gateway Routing Protocol

To configure Enhanced Interior Gateway Routing Protocol (EIGRP), follow these steps.

Procedure

  Command or Action Purpose
Step 1

router eigrp as-number

Example:


Router(config)# router eigrp 109

Enters router configuration mode, and enables EIGRP on the router. The autonomous-system number identifies the route to other EIGRP routers and is used to tag the EIGRP information.

Step 2

network ip-address

Example:


Router(config)# network 192.168.1.0
Router(config)# network 10.10.12.115

Specifies a list of networks on which EIGRP is to be applied, using the IP address of the network of directly connected networks.

Step 3

end

Example:


Router(config-router)# end
Exits router configuration mode, and enters privileged EXEC mode.

Example

The following configuration example shows the EIGRP routing protocol enabled in IP networks 192.168.1.0 and 10.10.12.115. The EIGRP autonomous system number is 109. To see this configuration, use the show running-config command. 

Router# show running-config
.
.
.
!
router eigrp 109
	network 192.168.1.0
		network 10.10.12.115
!
.
.
.

Verifying Configuration

To verify that you have configured IP EIGRP correctly, enter the show ip route command, and look for EIGRP routes marked by the letter D. You should see verification output similar to the following: 

Router# show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 1 subnets
C       10.108.1.0 is directly connected, Loopback0
D    	3.0.0.0/8 [90/409600] via 2.2.2.1, 00:00:02, Ethernet0/0