Using Cisco IOS XE Software

This chapter provides information to prepare you to configure the Cisco ASR 1000 Series Routers:

Accessing the CLI Using a Router Console

The following sections describe how to access the command-line interface (CLI) using a directly-connected console or by using Telnet or a modem to obtain a remote console:

Accessing the CLI Using a Directly-Connected Console

This section describes how to connect to the console port on the router and use the console interface to access the CLI.

The console port on a Cisco ASR 1000 Series Router is an EIA/TIA-232 asynchronous, serial connection with no flow control and an RJ-45 connector. The console port is located on the front panel of each Route Processor (RP).


Note


Cisco ASR 1000 Series Router auxiliary port does not support modem.

Connecting to the Console Port

To connect to the console port, complete the following steps:

SUMMARY STEPS

    1.    Configure your terminal emulation software with the following settings:

    2.    Connect to the port using the RJ-45-to-RJ-45 cable and RJ-45-to-DB-25 DTE adapter or using the RJ-45-to-DB-9 DTE adapter (labeled “Terminal”).


DETAILED STEPS
    Step 1   Configure your terminal emulation software with the following settings:
    • 9600 bits per second (bps)
    • 8 data bits
    • No parity
    • 1 stop bit
    • No flow control
    Step 2   Connect to the port using the RJ-45-to-RJ-45 cable and RJ-45-to-DB-25 DTE adapter or using the RJ-45-to-DB-9 DTE adapter (labeled “Terminal”).

    Using the Console Interface

    Every RP on a Cisco ASR 1000 Series Router has a console interface. Notably, a standby RP can be accessed using the console port in addition to the active RP in a dual RP configuration.

    To access the CLI using the console interface, complete the following steps:

    SUMMARY STEPS

      1.    After you attach the terminal hardware to the console port on the router and you configure your terminal emulation software with the proper settings, the following prompt appears:

      2.    Press Return to enter user EXEC mode. The following prompt appears:

      3.    From user EXEC mode, enter the enable command as shown in the following example:

      4.    At the password prompt, enter your system password. If an enable password has not been set on your system, this step may be skipped.The following example shows entry of the password enablepass:

      5.    When your enable password is accepted, the privileged EXEC mode prompt appears:

      6.    You now have access to the CLI in privileged EXEC mode and you can enter the necessary commands to complete your desired tasks.

      7.    To exit the console session, enter the quit command as shown in the following example:


    DETAILED STEPS
      Step 1   After you attach the terminal hardware to the console port on the router and you configure your terminal emulation software with the proper settings, the following prompt appears:

      Example:
      Press RETURN to get started.
      
      Step 2   Press Return to enter user EXEC mode. The following prompt appears:

      Example:
      Router>
      
      Step 3   From user EXEC mode, enter the enable command as shown in the following example:

      Example:
      Router> enable
      
      Step 4   At the password prompt, enter your system password. If an enable password has not been set on your system, this step may be skipped.The following example shows entry of the password enablepass:

      Example:
      Password: enablepass
      
      Step 5   When your enable password is accepted, the privileged EXEC mode prompt appears:

      Example:
      Router#
      
      Step 6   You now have access to the CLI in privileged EXEC mode and you can enter the necessary commands to complete your desired tasks.
      Step 7   To exit the console session, enter the quit command as shown in the following example:

      Example:
      Router# quit
      

      Accessing the CLI from a Remote Console Using Telnet

      This section describes how to connect to the console interface on a router using Telnet to access the CLI.

      Preparing to Connect to the Router Console Using Telnet

      Before you can access the router remotely using Telnet from a TCP/IP network, you need to configure the router to support virtual terminal lines (vtys) using the line vty global configuration command. You also should configure the vtys to require login and specify a password.


      Note


      To prevent disabling login on the line, be careful that you specify a password with the password command when you configure the login line configuration command. If you are using authentication, authorization, and accounting (AAA), you should configure the login authentication line configuration command. To prevent disabling login on the line for AAA authentication when you configure a list with the login authentication command, you must also configure that list using the aaa authentication login global configuration command. For more information about AAA services, see the Cisco IOS XE Security Configuration Guide, and the Cisco IOS Security Command Reference Guide .

      In addition, before you can make a Telnet connection to the router, you must have a valid host name for the router or have an IP address configured on the router. For more information about requirements for connecting to the router using Telnet, information about customizing your Telnet services, and using Telnet key sequences, see the Cisco IOS Configuration Fundamentals Configuration Guide.

      Using Telnet to Access a Console Interface

      To access a console interface using Telnet, complete the following steps:

      SUMMARY STEPS

        1.    From your terminal or PC, enter one of the following commands:

        2.    At the password prompt, enter your login password. The following example shows entry of the password mypass:

        3.    From user EXEC mode, enter the enable command as shown in the following example:

        4.    At the password prompt, enter your system password. The following example shows entry of the password enablepass:

        5.    When the enable password is accepted, the privileged EXEC mode prompt appears:

        6.    You now have access to the CLI in privileged EXEC mode and you can enter the necessary commands to complete your desired tasks.

        7.    To exit the Telnet session, use the exit or logout command as shown in the following example:


      DETAILED STEPS
        Step 1   From your terminal or PC, enter one of the following commands:
        • connect host [port] [keyword]
        • telnet host [port] [keyword]

        In this syntax, host is the router hostname or an IP address, port is a decimal port number (23 is the default), and keyword is a supported keyword. For more information, see the Cisco IOS Configuration Fundamentals Command Reference Guide .

        Note    If you are using an access server, then you will need to specify a valid port number such as telnet 172.20.52.40 2004, in addition to the hostname or IP address.

        The following example shows the telnet command to connect to the router named router:



        Example:
        unix_host% telnet router
        Trying 172.20.52.40...
        Connected to 172.20.52.40.
        Escape character is '^]'.
        unix_host% connect 
        
        Step 2   At the password prompt, enter your login password. The following example shows entry of the password mypass:

        Example:
        User Access Verification
        Password: mypass
        
        Note    If no password has been configured, press Return.
        Step 3   From user EXEC mode, enter the enable command as shown in the following example:

        Example:
        Router> enable
        
        Step 4   At the password prompt, enter your system password. The following example shows entry of the password enablepass:

        Example:
        Password: enablepass
        
        Step 5   When the enable password is accepted, the privileged EXEC mode prompt appears:

        Example:
        Router#
        
        Step 6   You now have access to the CLI in privileged EXEC mode and you can enter the necessary commands to complete your desired tasks.
        Step 7   To exit the Telnet session, use the exit or logout command as shown in the following example:

        Example:
        Router# logout
        

        Using Keyboard Shortcuts

        Commands are not case sensitive. You can abbreviate commands and parameters if the abbreviations contain enough letters to be different from any other currently available commands or parameters.

        The following table lists the keyboard shortcuts for entering and editing commands.

        Table 1 Keyboard Shortcuts

        Keystrokes

        Purpose

        Ctrl-B or the Left Arrow key1

        Move the cursor back one character

        Ctrl-F orthe Right Arrow key1

        Move the cursor forward one character

        Ctrl-A

        Move the cursor to the beginning of the command line

        Ctrl-E

        Move the cursor to the end of the command line

        Esc B

        Move the cursor back one word

        Esc F

        Move the cursor forward one word

        1 The arrow keys function only on ANSI-compatible terminals such as VT100s.

        Using the History Buffer to Recall Commands

        The history buffer stores the last 20 commands you entered. History substitution allows you to access these commands without retyping them, by using special abbreviated commands.

        The following table lists the history substitution commands.

        Table 2 History Substitution Commands

        Command

        Purpose

        Ctrl-P or the Up Arrow key2

        Recall commands in the history buffer, beginning with the most recent command. Repeat the key sequence to recall successively older commands.

        Ctrl-N or the Down Arrow key1

        Return to more recent commands in the history buffer after recalling commands with Ctrl-P or the Up Arrow key.

        Router# show history

        While in EXEC mode, list the last several commands you have just entered.

        2 The arrow keys function only on ANSI-compatible terminals such as VT100s.

        Understanding the Command Mode

        The command modes available in the traditional Cisco IOS CLI are exactly the same as the command modes available in Cisco IOS XE.

        You use the CLI to access Cisco IOS XE software. Because the CLI is divided into many different modes, the commands available to you at any given time depend on the mode that you are currently in. Entering a question mark (?) at the CLI prompt allows you to obtain a list of commands available for each command mode.

        When you log in to the CLI, you are in user EXEC mode. User EXEC mode contains only a limited subset of commands. To have access to all commands, you must enter privileged EXEC mode, normally by using a password. From privileged EXEC mode, you can issue any EXEC command—user or privileged mode—or you can enter global configuration mode. Most EXEC commands are one-time commands. For example, show commands show important status information, and clear commands clear counters or interfaces. The EXEC commands are not saved when the software reboots.

        Configuration modes allow you to make changes to the running configuration. If you later save the running configuration to the startup configuration, these changed commands are stored when the software is rebooted. To enter specific configuration modes, you must start at global configuration mode. From global configuration mode, you can enter interface configuration mode and a variety of other modes, such as protocol-specific modes.

        ROM monitor mode is a separate mode used when the Cisco IOS XE software cannot load properly. If a valid software image is not found when the software boots or if the configuration file is corrupted at startup, the software might enter ROM monitor mode.

        The follwoing table describes how to access and exit various common command modes of the Cisco IOS XE software. It also shows examples of the prompts displayed for each mode.

        Table 3 Accessing and Exiting Command Modes

        Command Mode

        Access Method

        Prompt

        Exit Method

        User EXEC

        Log in.

        Router>

        Use the logout command.

        Privileged EXEC

        From user EXEC mode, use the enable EXEC command.

        Router#

        To return to user EXEC mode, use the disable command.

        Global configuration

        From privileged EXEC mode, use the configure terminal privileged EXEC command.

        Router(config)#

        To return to privileged EXEC mode from global configuration mode, use the exit or end command.

        Interface configuration

        From global configuration mode, specify an interface using an interface command.

        Router(config-if)#

        To return to global configuration mode, use the exit command.

        To return to privileged EXEC mode, use the end command.

        Diagnostic

        The router boots up or accesses diagnostic mode in the following scenarios:

        In some cases, diagnostic mode will be reached when the IOS process or processes fail. In most scenarios, however, the router will.

        A user-configured access policy was configured using the transport-map command that directed the user into diagnostic mode. See the Chapter 4, “Console Port, Telnet, and SSH Handling” of this book for information on configuring access policies.

        The router was accessed using a Route Processor auxiliary port.

        A break signal (Ctrl-C, Ctrl-Shift-6, or the send break command ) was entered and the router was configured to go into diagnostic mode when the break signal was received.

        Router(diag)#

        If the IOS process failing is the reason for entering diagnostic mode, the IOS problem must be resolved and the router rebooted to get out of diagnostic mode.

        If the router is in diagnostic mode because of a transport-map configuration, access the router through another port or using a method that is configured to connect to the Cisco IOS CLI.

        If the router is accessed through the Route Processor auxiliary port, access the router through another port. Accessing the router through the auxiliary port is not useful for customer purposes anyway.

        ROM monitor

        From privileged EXEC mode, use the reload EXEC command. Press the Break key during the first 60 seconds while the system is booting.

        >

        To exit ROM monitor mode, use the continue command.

        Getting Help

        Entering a question mark (?) at the CLI prompt displays a list of commands available for each command mode. You can also get a list of keywords and arguments associated with any command by using the context-sensitive help feature.

        To get help specific to a command mode, a command, a keyword, or an argument, use one of the commands listed in the following table:

        Table 4 Help Commands and Purpose

        Command

        Purpose

        help

        Provides a brief description of the help system in any command mode.

        abbreviated-command-entry?

        Provides a list of commands that begin with a particular character string. (No space between command and question mark.)

        abbreviated-command-entry<Tab>

        Completes a partial command name.

        ?

        Lists all commands available for a particular command mode.

        command ?

        Lists the keywords or arguments that you must enter next on the command line. (Space between command and question mark.)

        Finding Command Options

        This section provides an example of how to display syntax for a command. The syntax can consist of optional or required keywords and arguments. To display keywords and arguments for a command, enter a question mark (?) at the configuration prompt or after entering part of a command followed by a space. The Cisco IOS XE software displays a list and brief description of available keywords and arguments. For example, if you were in global configuration mode and wanted to see all the keywords or arguments for the arap command, you would type arap ?.

        The <cr> symbol in command help output stands for “carriage return.” On older keyboards, the carriage return key is the Return key. On most modern keyboards, the carriage return key is the Enter key. The <cr> symbol at the end of command help output indicates that you have the option to press Enter to complete the command and that the arguments and keywords in the list preceding the <cr> symbol are optional. The <cr> symbol by itself indicates that no more arguments or keywords are available and that you must press Enter to complete the command.

        The following table shows examples of how you can use the question mark (?) to assist you in entering commands.

        Table 5 Finding Command Options

        Command

        Comment

        Router> enable
        Password: <password>
        Router# 

        Enter the enable command and password to access privileged EXEC commands. You are in privileged EXEC mode when the prompt changes to a “# ” from the “> ”; for example, Router> to Router# .

        Router# 
        configure terminal
        Enter configuration commands, one per line. End with CNTL/Z.
        Router(config)#
        

        Enter the configure terminal privileged EXEC command to enter global configuration mode. You are in global configuration mode when the prompt changes to Router(config)# .

        Router(config)# interface serial ?
          <0-6>     Serial interface number
        Router(config)# interface serial 4 ?
          /
        Router(config)# interface serial 4/ ?
          <0-3>     Serial interface number
        Router(config)# interface serial 4/0 ?
        <cr>
        Router(config)# interface serial 4/0
        Router(config-if)#

        Enter interface configuration mode by specifying the serial interface that you want to configure using the interface serial global configuration command.

        Enter ? to display what you must enter next on the command line. In this example, you must enter the serial interface slot number and port number, separated by a forward slash.

        When the <cr> symbol is displayed, you can press Enter to complete the command.

        You are in interface configuration mode when the prompt changes to Router(config-if)# .

        Router(config-if)# ?
        Interface configuration commands:
          .
          .
          .
          ip                  Interface Internet Protocol config commands
          keepalive           Enable keepalive
          lan-name            LAN Name command
          llc2                LLC2 Interface Subcommands
          load-interval       Specify interval for load calculation for an
                              interface
          locaddr-priority    Assign a priority group
          logging             Configure logging for interface
          loopback            Configure internal loopback on an interface
          mac-address         Manually set interface MAC address
          mls                 mls router sub/interface commands
          mpoa                MPOA interface configuration commands
          mtu                 Set the interface Maximum Transmission Unit (MTU)
          netbios             Use a defined NETBIOS access list or enable
                              name-caching
          no                  Negate a command or set its defaults
          nrzi-encoding       Enable use of NRZI encoding
          ntp                 Configure NTP
          .
          .
          .
        Router(config-if)#

        Enter ? to display a list of all the interface configuration commands available for the serial interface. This example shows only some of the available interface configuration commands.

        Router(config-if)# ip ?
        Interface IP configuration subcommands:
          access-group        Specify access control for packets
          accounting          Enable IP accounting on this interface
          address             Set the IP address of an interface
          authentication      authentication subcommands
          bandwidth-percent   Set EIGRP bandwidth limit
          broadcast-address   Set the broadcast address of an interface
          cgmp                Enable/disable CGMP
          directed-broadcast  Enable forwarding of directed broadcasts
          dvmrp               DVMRP interface commands
          hello-interval      Configures IP-EIGRP hello interval
          helper-address      Specify a destination address for UDP broadcasts
          hold-time           Configures IP-EIGRP hold time
          .
          .
          .
        Router(config-if)# ip
        

        Enter the command that you want to configure for the interface. This example uses the ip command.

        Enter ? to display what you must enter next on the command line. This example shows only some of the available interface IP configuration commands.

        Router(config-if)# ip address ?
          A.B.C.D             IP address
          negotiated          IP Address negotiated over PPP
        Router(config-if)# ip address
        

        Enter the command that you want to configure for the interface. This example uses the ip address command.

        Enter ? to display what you must enter next on the command line. In this example, you must enter an IP address or the negotiated keyword.

        A carriage return (<cr>) is not displayed; therefore, you must enter additional keywords or arguments to complete the command.

        Router(config-if)# ip address 172.16.0.1 ?
          A.B.C.D             IP subnet mask
        Router(config-if)# ip address 172.16.0.1
        

        Enter the keyword or argument that you want to use. This example uses the 172.16.0.1 IP address.

        Enter ? to display what you must enter next on the command line. In this example, you must enter an IP subnet mask.

        A <cr> is not displayed; therefore, you must enter additional keywords or arguments to complete the command.

        Router(config-if)# ip address 172.16.0.1 255.255.255.0 ?
          secondary           Make this IP address a secondary address
          <cr>
        Router(config-if)# ip address 172.16.0.1 255.255.255.0
        

        Enter the IP subnet mask. This example uses the 255.255.255.0 IP subnet mask.

        Enter ? to display what you must enter next on the command line. In this example, you can enter the secondary keyword, or you can press Enter.

        A <cr> is displayed; you can press Enter to complete the command, or you can enter another keyword.

        Router(config-if)# ip address 172.16.0.1 255.255.255.0
        Router(config-if)#

        In this example, Enter is pressed to complete the command.

        Using the no and default Forms of Commands

        Almost every configuration command has a no form. In general, use the no form to disable a function. Use the command without the no keyword to re-enable a disabled function or to enable a function that is disabled by default. For example, IP routing is enabled by default. To disable IP routing, use the no ip routing command; to re-enable IP routing, use the ip routing command. The Cisco IOS software command reference publications provide the complete syntax for the configuration commands and describe what the no form of a command does.

        Many CLI commands also have a default form. By issuing the command default command-name , you can configure the command to its default setting. The Cisco IOS software command reference publications describe the function of the default form of the command when the default form performs a different function than the plain and no forms of the command. To see what default commands are available on your system, enter default ? in the appropriate command mode.

        Saving Configuration Changes

        Use the copy running-config startup-config command to save your configuration changes to the startup configuration so that the changes will not be lost if the software reloads or a power outage occurs. For example:

        Router# copy running-config startup-config
        Building configuration...
        

        It might take a minute or two to save the configuration. After the configuration has been saved, the following output appears:

        [OK]
        Router#
        

        This task saves the configuration to NVRAM.

        Managing Configuration Files

        On the Cisco ASR 1000 Series Routers, the startup configuration file is stored in the nvram: file system and the running-configuration files are stored in the system: file system. This configuration file storage setup is not unique to the Cisco ASR 1000 Series Routers and is used on several Cisco router platforms.

        As a matter of routine maintenance on any Cisco router, users should backup the startup configuration file by copying the startup configuration file from NVRAM onto one of the router’s other file systems and, additionally, onto a network server. Backing up the startup configuration file provides an easy method of recovering the startup configuration file in the event the startup configuration file in NVRAM becomes unusable for any reason.

        The copy command can be used to backup startup configuration files. The following examples show the startup configuration file in NVRAM being backed up:

        Example 1: Copying a Startup Configuration File to Bootflash

        Router# dir bootflash:
        Directory of bootflash:/
           11  drwx       16384   Dec 4 2007 04:32:46 -08:00  lost+found
        86401  drwx        4096   Dec 4 2007 06:06:24 -08:00  .ssh
        14401  drwx        4096   Dec 4 2007 06:06:36 -08:00  .rollback_timer
        28801  drwx        4096  May 29 2008 16:31:41 -07:00  .prst_sync
        43201  drwx        4096   Dec 4 2007 04:34:45 -08:00  .installer
           12  -rw-   208904396  May 28 2008 16:17:34 -07:00  asr1000rp1-adventerprisek9.02.01.00.122-33.XNA.bin
        Router# copy nvram:startup-config bootflash:
        Destination filename [startup-config]? 
        3517 bytes copied in 0.647 secs (5436 bytes/sec)
        Router# dir bootflash:
        Directory of bootflash:/
           11  drwx       16384   Dec 4 2007 04:32:46 -08:00  lost+found
        86401  drwx        4096   Dec 4 2007 06:06:24 -08:00  .ssh
        14401  drwx        4096   Dec 4 2007 06:06:36 -08:00  .rollback_timer
        28801  drwx        4096  May 29 2008 16:31:41 -07:00  .prst_sync
        43201  drwx        4096   Dec 4 2007 04:34:45 -08:00  .installer
           12  -rw-   208904396  May 28 2008 16:17:34 -07:00  asr1000rp1-adventerprisek9.02.01.00.122-33.XNA.bin
        13 -rw-        7516   Jul 2 2008 15:01:39 -07:00  startup-config
        

        Example 2: Copying a Startup Configuration File to USB Flash Disk

        Router# dir usb0:
        Directory of usb0:/
        43261  -rwx   208904396  May 27 2008 14:10:20 -07:00  asr1000rp1-adventerprisek9.02.01.00.122-33.XNA.bin
        255497216 bytes total (40190464 bytes free)
        Router# copy nvram:startup-config usb0:
        Destination filename [startup-config]? 
        3172 bytes copied in 0.214 secs (14822 bytes/sec)
        Router# dir usb0:
        Directory of usb0:/
        43261  -rwx   208904396  May 27 2008 14:10:20 -07:00  asr1000rp1-adventerprisek9.02.01.00.122-33.XNA.bin43262 -rwx        3172   Jul 2 2008 15:40:45 -07:00  startup-config255497216 bytes total (40186880 bytes free)

        Example 3: Copying a Startup Configuration File to a TFTP Server

        Router# copy bootflash:startup-config tftp:
        Address or name of remote host []? 172.17.16.81
        Destination filename [pe24_asr-1002-confg]? /auto/tftp-users/user/startup-config
        !!
        3517 bytes copied in 0.122 secs (28828 bytes/sec)
        

        For more detailed information on managing configuration files, see the Managing Configuration Files section in the Cisco IOS XE Configuration Fundamentals Configuration Guide

        Filtering the Output of the show and more Commands

        You can search and filter the output of show and more commands. This functionality is useful if you need to sort through large amounts of output or if you want to exclude output that you need not see.

        To use this functionality, enter a show or more command followed by the “pipe” character ( | ); one of the keywords begin, include, or exclude; and a regular expression on which you want to search or filter (the expression is case sensitive):

        show command | {append | begin | exclude | include | redirect | section | tee} regular-expression

        The output matches certain lines of information in the configuration file. The following example illustrates how to use output modifiers with the show interface command when you want the output to include only lines in which the expression “protocol” appears:

        Router# show interface | include protocol
        FastEthernet0/0 is up, line protocol is up
        Serial4/0 is up, line protocol is up
        Serial4/1 is up, line protocol is up
        Serial4/2 is administratively down, line protocol is down
        Serial4/3 is administratively down, line protocol is down

        Powering Off a Router

        Before you turn off a power supply, make certain the chassis is grounded and you perform a soft shutdown on the power supply. Not performing a soft shutdown will often not harm the router, but may cause problems in certain scenarios.

        To perform a soft shutdown before powering off the router, enter the reload command to halt the system and then wait for ROM Monitor to execute before proceeding to the next step.

        The following screenshot shows an example of this process:

        Router# reload
        Proceed with reload? [confirm]
        ...(Some messages are omitted here)
        Initializing Hardware...
        Calculating the ROMMON CRC...CRC is correct.
        

        Place the power supply switch in the Off position after seeing this message.

        Finding Support Information for Platforms and Cisco Software Images

        Cisco software is packaged in feature sets consisting of software images that support specific platforms. The feature sets available for a specific platform depend on which Cisco software images are included in a release. To identify the set of software images available in a specific release or to find out if a feature is available in a given Cisco IOS XE software image, you can use Cisco Feature Navigator or the software release notes.

        Using the Cisco Feature Navigator

        Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS XE software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http:/​/​www.cisco.com/​go/​cfn . An account on Cisco.com is not required.

        Using the Software Advisor

        To see if a feature is supported by a Cisco IOS XE release, to locate the software document for that feature, or to check the minimum software requirements of Cisco IOS XE software with the hardware installed on your router, Cisco maintains the Software Advisor tool on Cisco.com at http:/​/​www.cisco.com/​cgi-bin/​Support/​CompNav/​Index.pl.

        You must be a registered user on Cisco.com to access this tool.

        Using the Software Release Notes

        Cisco IOS XE software releases include release notes that provide the following information:

        • Platform support information
        • Memory recommendations
        • New feature information
        • Open and resolved severity 1 and 2 caveats for all platforms

        Release notes are intended to be release-specific for the most current release, and the information provided in these documents may not be cumulative in providing information about features that first appeared in previous releases. Refer to Cisco Feature Navigator for cumulative feature information.