Getting the most from your Cisco router

	Servers/Storage

	Sun servers

	Rack mount servers

	Refurbished Sun Servers

	Cisco Routers

	Industrial PC

	Reviews/Guides

	Servers Home

Cool Create a more intelligent, responsive integrated network based on adaptive and resilient technologies. Cisco

The Self-Defending Network is Cisco's long-term strategy to protect an organization's business processes by identifying, preventing, and adapting to threats from both internal and external sources. This protection helps organizations take better advantage of the intelligence in their network resources, thus improving business processes and cutting costs. more

Getting the most from your shiny new CISCO router

Your company just bought a new Cisco router and stuck you in charge of it, and you know the very basics of configuring it. There are several things that CCNA training, and other admins teaching the basics often forget. Luckily there are a few things you can do, and a few sites you can visit to make your life easier with your company’s new Cisco router.

IOS Cheat Sheet

The IOS cheat sheet is a handy tool that shows all the basic commands

you need to know to get around on the Cisco CLI. It explains how to setup the clock, Cisco Detection Protocol, and basic commands. If you do not know anything about these technologies, then the cheat sheet will not help you too much. However, if you know a little bit about the commands, this tool can be a life saver. It has saved me time and effort any time I have forgot the syntax of a command. You can find the IOS cheat sheet here: http://www.skullbox.net/ioscheat.php.

Disabling DNS Lookup

The Cisco CLI has an annoying habit that whenever something is typed in that is not a command; it automatically tries to telnet into that hostname. There are two things that are annoying about this. First, you have to wait for the name to resolve, or time out. Second, there is no way I ever intended to telnet into something and forgot to write telnet.

There are two solutions to this problem. One solution to this problem is to disable DNS lookup. To do this simply run the command “Router(config)# no ip domain-lookup” The other way to get around this annoying feature is to configure DNS. To configure DNS run this command: “Router(config)# ip name-server 192.168.0.1” The ip address should be set to the actual ip address of your DNS server.

Setting the Router’s Clock

It can be important to have the clock set to the correct time for many reasons. One important reason is in logging of events. If the router does not have the time set, the logs are pretty useless. Cisco routers do not have an internal clock that keeps set between reboots. This makes it necessary to run an NTP time update from a remote timeserver.

To set the time on a Cisco router, you will first need to set the time zone. From config mode, type, “clock time zone Central -6”. That can be changed to other time zones, using the name or the abbreviation. The next step is to set the router to update from a timeserver. If there are no NTP timeservers within your organization, a good one to use is tick.usno.navy.mil. This timeserver is the same server that the US Navy uses for its time. To set this up enter config mode and type, “ntp server tick.usno.navy.mil”

Use SSH instead of Telnet

Telnet can be great because it is quick, easy, and efficient. However it sends everything over the wire in plaintext. Everything including

passwords is sent in plain text. This can be a problem, especially to the security conscious. While telnet may work while on the same network as the router, it is never a good idea to use telnet across the internet to access a router. Instead Cisco has implemented SSH. SSH can be used to securely access your router. It has an easy to use Windows client called “Putty.” Unix, Linux, and OS X all support ssh from the command line. This makes SSH an ideal alternative to an insecure telnet connection.

To enable ssh, there are a series of commands that need to be ran. The only thing that needs to be changed below is that the domain name needs to be changed to the domain of your organization.

(config)# ip domain-name example.com 

(config)# crypto key generate rsa

(config)# ip ssh time-out 30 

(config)# ip ssh authentication-retries 2 

(config-line)# transport input ssh

Preventing Processes from Hanging

Since a Cisco router is essentially a computer, it operates similarly to windows or any server operating system. There are processes that are scheduled by the CPU scheduler. The problem with this is that every once and a while, a process may become out of control. This process could start to consume excessive memory and CPU time, which would in turn cause massive problems for the network. Luckily the Cisco engineers thought about this problem ahead of time and created a solution for it. They created what is called the Process Watchdog. What the Process Watchdog does is monitors the router’s processes and if one is determined to have hung, it carries out a pre-determined action.

There are several modes that the Process Watchdog can be set to. These different modes are: normal, hang, reload, terminate. The normal mode is the default that was programmed into the Cisco IOS. The hang mode stops allocating CPU time to the process after it decides the process has gone out of control. The reload mode reloads the router if a process hangs. This may seem undesirable, but there is no point to killing a critical process and expecting the router to continue functioning afterwards. The last mode is terminate, and it just kills the process that is out of control.

Now that you know the various modes, you can pick a mode and then type this command to initiate the Process Watchdog. To run the command type: “scheduler process-watchdog <MODE NAME>”

There are tons more commands and tricks out there. These are just the things that seem to be absolutely critical to keep sanity while working with a new Cisco router. If you understand these commands and implement them into your router’s config file you will make the most out of your shiny new Cisco router.

by Tyler Weaver