There are few simple things that might help administrators in utilizing their time working with Cisco routers. I gathered the most important ten things, in my point of view, and wrote them down.

1. The best sequence of configuring a Cisco router, as I see it, is the following:

a. Setup the hostname with the ‘hostname XXXXXX’ command.

b. Setup the secret password (or enable password) with the ‘enable secret XXXXX’ command.

c. Setup console and telnet passwords (use the ‘logging synchronous’ command at the console) with the ‘password XXXXX’ and ‘login’ commands.

d. Encrypt the un-encrypted passwords with ‘service password-encryption’ command and don’t forget to turn it off after you ‘show run’.

e. Setup the interfaces (IP addresses, description, bandwidth, etc) with ‘ip address’, ‘bandwidth’, and ‘description’ commands

f. Setup the Routing protocols (or static routes)

g. Test the connectivity with ‘ping’ and ‘traceroute’

h. Setup the access-lists

i. Test the connectivity (again)

2. Be as descriptive as possible.

Use the ‘description’ command on ALL interfaces. And give useful description in it. Describe the network to which this interface is connected, the bandwidth of the link, the duplex settings, and any other information that you might think useful. Use ‘remark’ in writing the access-lists so you would identify the access-list according to its function. And if you find it necessary, use banners. 

Examples:

RouterA(config-if)#description This link is connected to the Accounting Lan

RouterA(config)#access-list 101 remark This list stops the telnet to the Marketing net

RouterA(config)#banner motd #This router is connected to the marketing and accounting LANS#

3. Use hotkeys.

There are many useful hotkeys in the configuration command line environment. Few of the most important are:

Control P Recalls the previous command in the history buffer

Control N Recalls the next command in the history buffer

Control E Goes to the end of the line

Control A Goes to the beginning of the line

4. Stop the router from looking-up DNS server for wrong commands.

When you misspell a command and hit the ‘Enter’ key, the router does not recognize the command and thinks that it might be a host name. The router, then, tries to contact the DNS server to resolve the name to an IP address so it would telnet it. This would take a large amount of time, especially when you have not setup a valid DNS server (because the router will broadcast the request and waits for a DNS server to reply). To turn this off, use the ‘transport preferred none’ command in the console and vty lines.

Example:

RouterA(config)#line con 0

RouterA(config-line)#transport preferred none

5. Setup the Bandwidth of serial interfaces.

Use the ‘bandwidth’ command for setting the bandwidth of ALL serial interfaces to guarantee the correct calculation of routing table. The bandwidth of a serial link is dependant on the type of WAN connection you are using. And unlike Ethernet or FastEthernet, serial interfaces cannot automatically detect the bandwidth of the link. And the bandwidth of the actual link might be different from the small link between the serial interface and the modem or CSU/DSU device you are using. And remember to write the bandwidth after the ‘bandwidth’ command in Kilobits.

Example:

RouterA(config)#int serial 0

RouterA(config-if)#bandwidth 1024       >> This means the link bandwidth is 1Mbit/second

6. Turn off Auto-summarization of routing updates when using subnetted addresses.

If you are using subnetting, remember use the ‘no auto-summary’ command to turn off auto-summarization. This is when using routing protocols that support it, like OSPF.

Example:

RouterA(config)#no auto-summary

7. Turn off split-horizon in two cases.

The first is when you are doing inter-VLAN routing. This is because updates from one VLAN can not pass to other VLANs. And the second case is when you are using frame-relay to connect one site to multiple sites.

Example:

RouterA(config-if)#no ip split-horizon

8. The ‘show’ command is your best friend.

Whenever you’re in trouble, or even if you’re not in trouble yet, you best friend comes up; the ‘show’ command. The most widely used ‘show’ commands are the following:

show version - Shows some good information like the IOS version, the configuration-register value and the interfaces available.

show ip route - Shows the routing table

show ip interface - Shows the access-lists applied to interfaces

show access-list - Shows the contents of access-lists

show ip protocols - Shows information about the routing protocols currently running.

show cdp neighbor detail - Shows detailed information about neighboring devices.

show interface - Show status information about interfaces.

show run - Shows the running configuration, i.e., all the commands now in action.

9. Keep the IP addresses of servers and printers out of the DHCP pool.

When using the router as a DHCP server, do NOT forget to exclude the addresses of server and printers off the DHCP pool.

Example:

RouterA(config)#ip dhcp excluded-address 192.168.0.1

RouterA(config)#ip dhcp excluded-address 192.168.0.1 192.168.0.10

You can use a single IP address in this command or a start-IP and end-IP to define a range.

10. Keep a scheduled ‘reload’ when configuring a router remotely.

When you are configuring a router remotely, you might do something wring and loose the connectivity with the router. In this case, you will need to restart the router physically. There are chances that no one is around the router to restart it for you. You can solve this by yourself by using the ‘reload in xx’ command. This command schedules a reload after xx minutes. So, before you start nosing around the router remotely, issue this command and schedule a reload. If something goes wrong and you loose the connectivity with the router, the router will reload and you get back in business. And if things go smooth and you don’t need to reload after all, you can issue a ‘reload cancel’ command to stop the scheduled restart from happening.

I hope you find these tips useful in getting you out of trouble or getting you away from it. 

Only registered users can write comments.
Please login or register.

Thank you for leaving a comment