Cisco Router Configuration

Prepared By Eng/Abdulrahman M. Abutaleb

Cisco router configuration

1-What is a Cisco router? Routers are boxes dedicated to routing packets. For high-speed connections, or multiple connections, they are useful. For small networks, the cost might not be worth it. They can also often handle many different routing protocols, rather than loading your PC. Routers also support a variety of network interfaces (Ethernet, token ring, etc.) -- you can get what you need. A Router is a layer 3-network device that moves data between different network segments and can look into a packet header to determine the best path for the packet to travel. Routers can connect network segments that use different protocols. They also allow all users in a network to share a single connection to the Internet or a WAN. It is used to improve network performance by: Segmenting the network and creating separate collision & broadcast domains. Reducing competition for bandwidth. Broadcasts are not forwarded to other network segments. Increases security by using Access Lists. Cisco routers run the Internetwork Operating System (IOS). 2- Router components: Cisco routers can be divided into external and internal components: External components: -Console port : The first and probably most important port (asynchronous serial),it provides local access to a router through a laptop running terminal emulation software(HyperTerminal). -Auxiliary port: This port allows you to hook a modem up to the router and dial in to configure or troubleshoot it. -Ethernet port: This port is called LAN interface. There are other types like FastEtherner or Token Ring.
2

-Interfaces: Like Serial interface and ISDN interface. Which are mostly used to connect long-distance as in a WAN (Wide-Area Network). Internal components: - ROM (Read Only Memory): This is a form of permanent memory used by the Router to store: The "Power-On Self Test" that checks the Router on boot up. The "Bootstrap Startup Program" that gets the Router going. A very basic form of the Cisco IOS software. (to change the ROM you have to remove and replace chips). - Flash Memory: An Electronically Erasable and Re-Programmable memory chip. The "Flash" contains the full Operating System, or "Image". This allows you to Upgrade the IOS without removing chips. -RAM (Random Access Memory): This is a regular computer memory chip. These are the working memory of the Router, and provide Caching, Packet Buffering, and hold Routing Tables. The RAM is also where the Running Operating System lives when the Router is on. RAM loses all its data when reset or powered off. -NVRAM ( Non-Volatile RAM ): This stores your Router's "Startup Configuration File". Similar to Flash memory, this retains data even when power is lost (off). What Happens As Your Router Boots Up 1. The "Power-On Self-Test" checks the Router Hardware. This includes the CPU (Central Processor Unit), memory, and interfaces. 2. The "Bootstrap Program", which is stored in ROM, runs itself 3. The "Bootfield" is read to find out the proper Operating System source. 4. The "Operating System Image" is loaded into RAM. (Random Access Memory) 5. The "Configuration File" saved in NVRAM is loaded into the RAM. The Configuration File is then executed one line at a time.
3

6. If no "Configuration File" is found in NVRAM, the Cisco IOS will offer you the chance to use the "Initial Configuration Dialog". This is a set of Questions for you to answer to do a basic configuration. Since in our theoretical New Router there is no NVRAM configuration This "Setup Dialog" will be one of the first things we see. A brandnew Router should enter automatically into what is called the "System Configuration Dialog". Also called the "Setup Dialog". It should ask you "Would you like to enter the initial configuration dialog? [yes|no]:" But we are going to type in "NO" when it asks us if we want to use the System Configuration Dialog", because putting in the commands ourselves, will let us learn exactly how to properly configure a Router. Besides if you are a Cisco person, you like doing things the hard way! As they always say, "The more difficult and challenging, the better!" See Table-1 below:

Software Version Bootstrap Version System up-time System restart info Software image name Router Type and Processor type Memory type and allocation (Shared/Main) Software Features Hardware Interfaces Configuration Register

- IOS software version (stored in flash) - Bootstrap version (stored in Boot ROM) - Time since last reboot - Method of restart (e.g. power cycle, crash) - IOS filename stored in flash - Model number and processor type - Main Processor RAM - Shared Packet I/O buffering - Supported protocols / feature sets - Interfaces available on router - Bootup specifications, console speed setting, etc.

3- Cisco IOS Operation Modes: User EXEC Mode

When you are connected to the router, you are started in user EXEC mode. The user EXEC commands are a subset of the privileged EXEC commands.User can examine router status and operation. Configuration cannot be viewed or altered from user mode.
prompt : router>

Privileged Exec Mode

Sometimes called enable mode, provides access to configuration mode, which permits authorized users to configure and manage the router. To enter the privilegedlevel EXEC mode, enter the enable command, enter the enable password, and press Return. The prompt changes to the pound sign (#) as shown in the following example: Router1> enable Password: cisco Router1# If you want to go back to being a plain User, just type disable.

Configuration Mode
Configuration mode has a set of submodes that you use for modifying interface settings, routing protocol settings, line settings, and so forth. Use caution with configuration mode because all changes you enter take effect immediately. To enter configuration mode, enter the command configure terminal and exit by pressing Ctrl-Z. See Table-2 and Fig.-1

Table-2: Cisco CLI Command Modes, respective prompts and commands.

Command Mode
User EXEC Privileged EXEC Global configuration Interface configuration Subinterface configuration Router configuration Line configuration

Prompt
Router1> Router1# Router1(config)# Router1(config-if)# Router1(config-subif)#

Command to enter mode

login enable configure terminal Interface type number

(from global configuration mode) interface type number (to configure a sub interface from within interface configuration mode) router routing_protocol (from global configuration mode) line line_type line_number ending_line_number (from global configuration mode)

Router1(config-router)# Router1(config-line)#

Getting Help
In any command mode, you can get a list of available commands by entering a question mark (?). Router>? To obtain a list of command that begin with a particular character sequence, type in those characters followed immediately by the question mark (?). Router#co? Configure connect copy To list keywords or arguments, enter a question mark in place of a keyword or argument. Include a space before the question mark. Router#configure ? memory Configure from NV memory network Configure from a TFTP network host terminal Configure from the terminal
7

You can also abbreviate commands and keywords by entering just enough characters to make the command unique from other commands. For example, you can abbreviate the show command to sh.

Keyboard Editing & Hot Keys

The following table offers a comprehensive list of the hot keys and some other keyboard editing functions. See Table-2 below. Delete Backspace TAB Ctrl-A Ctrl-N Ctrl-R - Removes one character to the right of the cursor. - Removes one character to the left of the cursor. - Finishes a partial command. - Moves the cursor to the beginning of the current line. - Forwards the history buffer. - Creates new command prompt, followed by all the characters typed at the last one. This is useful for syslog messages. - Erases a line from the command prompt and also from memory buffer. - Erases a word. - Ends configuration mode and returns to the EXEC mode. - Allows user to scroll forward through previous commands. - Allows user to scroll backward through previous commands. - Moves the cursor to the beginning of previous word. - Moves the cursor to the beginning of next word.

Ctrl-U Ctrl-W Ctrl-Z Up Arrow Down Arrow Esc-B Esc-F

4-Basic Router Configuration:

Rename the Router
To specify or modify the host name for the router, global configuration command HOSTNAME is used. Hostname is case sensitive. The host name is used in prompts and default configuration filenames.
8

Router(config)# hostname YemenNet YemenNet(config)# The factory-assigned default host name is router.

Setting the System Clock

The system clock runs from the moment the system starts up and keeps track of the current date and time based on Coordinated Universal Time (UTC), also known as Greenwich Mean Time (GMT). The system clock can be set from a number of sources, and in turn can be used to distribute the current time through various mechanisms to other systems. To manually set the system clock, use one of the formats of the clock set EXEC command. clock set hh:mm:ss day month yyyy clock set hh:mm:ss month day yyyy In the following example, the system clock is manually set to 10:02 a.m. on September 21, 2004: YemenNet # clock set 10:02:00 21 September 2004 Show System Time To display the system clock, use the show clock EXEC command. If time has not been set by the clock set command then this command will show the time lapsed since router is up. YemenNet # show clock Setting the Banner To specify a message-of-the-day (MOTD) banner, use the banner motd global configuration command. The no form of this command deletes the MOTD banner. When someone connects to the router, the MOTD banner appears before the login prompt. YemenNet (config)# banner motd # message # Here (#) sign is used as delaminating character. You can use any character Setting the Description for an Interface To add a description to an interface configuration, use the description interface configuration command. Use the no form of this command to remove the description. The description command is meant solely as a comment to be put in the configuration to help you remember what certain interfaces are used for. The following example shows how to add a description for a T1 interface:

YemenNet(config)# interface serial 0 YemenNet (config-if)# description T1 line to Yemen-Mobile - 128 Kb/s The description "T1 line to Yemen-Mobile - 128 Kb/s" appears in the output of the following EXEC commands: show startup-config, show interfaces, and show running-config Setting the Line Password To specify a password on a line, use the password line configuration command. Use the no form of this command to remove the password. The first character cannot be a number. The string can contain any alphanumeric characters, including spaces, up to 80 characters. -Console Password Console password is needed when logging into router at user EXEC mode from console. YemenNet(config)# line console 0 YemenNet(config-line)# password yemen -vty lines password Virtual terminal lines (vty) are used to allow remote access to the router (by telneting through its interfaces). The router has five virtual terminal lines by default. YemenNet(config)# line vty 0 4 YemenNet(config-line)# password yemendata YemenNet(config)# exec-timeout 30 0 -Setting Privileged Access Password To set a local password to control access to various privilege levels, use the enable password global configuration command. Use the no form of this command to remove the password requirement. YemenNet(config)# enable password yemennet This password may contain any alphanumeric characters up to 80 including spaces but MUST NOT START with a number or a space. The password is stored in an unencrypted (plain text) format in the configuration file. Obviously, it is desirable to have the password encrypted before it is saved. To do this, use: YemenNet(config)# service password-encryption This will cause all passwords in the system to be encrypted before being stored in a saved configuration using Cisco's proprietary encryption algorithm. NOTE: There is no way to recover a lost encrypted password.

10

-Setting Secret (Encrypted) Password To set an encrypted local password to control access to various privilege levels, use the enable secret global configuration command. Use the no form of this command to remove the password requirement. This password overrides the enable password and is encypted within the config file. YemenNet(config)# enable secret yemenmobile

5- Configuration Files
Any time you make changes to the router configuration, you must save the changes to memory because if you do not they will be lost if there is a system reload or power outage. There are two types of configuration files: the running (current operating) configuration and the startup configuration, which is loaded up in rebooting a router. Use the following privileged mode commands to work with configuration files. show running-config display the running configuration. show startup-config display the startup configuration. copy running-config startup-config copy the running configuration to the startup configuration. copy startup-config running-config copy the startup configuration to the running configuration. erase startup-config erase the startup-configuration in NVRAM. copy tftp running-config load a configuration file stored on a Trivial File Transfer Protocol (TFTP) server into the running configuration. copy running-config tftp store the running configuration on a TFTP server.

Configuring interfaces
Cisco interface naming is straightforward. Individual interfaces are referred to by this convention: media type slot#/port# "Media type" refers to the type of media that the port is an interface for, such as Ethernet, Token Ring, FDDI, serial, etc. Slot numbers are only applicable for routers that provide slots into which you can install modules. These modules contain several ports for a given media. Here is an example of configuring a serial port with an IP address:
11

YemenNet(config)# config t YemenNet(config)# interface serial 1/1 YemenNet(config-if)#ip address 192.168.155.2 255.255.255.0 YemenNet(config-if)#no shutdown YemenNet(config-if)#ctrl-Z YemenNet#wr mem Then to verify configuration: YemenNet#show interface serial 1/1
Serial1/1is up, line protocol is up Hardware is PA-MC-2T3+ Description: Customer T1 Internet address is x.x.x.x/30 MTU 1500 bytes, BW 256 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation PPP, crc 16, loopback not set Keepalive set (10 sec) LCP Open Open: IPCP, CDPCP Last input 00:00:03, output 00:01:08, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 20950 packets input, 1992090 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 1 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 1 abort 31524 packets output, 10804297 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions no alarm present Timeslot(s) Used: 1-4, subrate: 256Kb/s, transmit delay is 0 flags non-inverted data

12

Interface and Line Protocol Status: See Table-3 below

Line State

Possible Causes and Actions

Serial x is up, line protocol is up

This status indicates that the interface is functioning properly This status indicates that the router is not sensing a carrier detect (CD) signal. Possible Causes: 1-Telephone company problem. 2-Faulty or incorrect cabling 3-Hardware failure Suggested Actions: 1-Check the LED's on the CSU/DSU to see if the CD light is active. 2-Verify that the cables are connected properly. 3-Reset your equipment 4-Contact your leased-line provider 5-Replace faulty equipment

Serial x is down, line protocol is down

Serial x is up, line protocol is down

Possible Causes: 1-Local or remote router misconfigured. 2-Keep-alives not being sent by remote router 3-Leased-line or other carrier service problems, such as noisy lines or faulty switch 4-Timing problem on cable, possibly caused by the CSU/DSU not being set correctly. 5-Failed local or remote CSU/DSU. 6-Router failure. Possible Causes: Loop exists in the circuit. Contact your leased line provider or owner of remote router to remove loop.

Serial x is up, line protocol is up (looped)

13

Possible Causes: Serial x is administratively down, line protocol is 1-Router configuration includes the shutdown interface configuration down. command. 2-Duplicate IP address.

Hardware This field describes the type of hardware that the interface is connected to. In this case, this Serial interface is part of a channelized T3. Description This field is simply used to describe the interface by the network administrator. It has not bearing on connectivity. Internet address This is the IP address and subnet mask assigned to the interface in question. MTU, BW, DLY, rely, and load MTU - Maximum Tranmission Unit. By default, this is 1500 bytes, which describes the largest packet that can be sent through the interface before the packet is fragmented. BW - Bandwidth. This field is defined by the network administrator and has no actual effect on the bandwidth of a line. It is simply used for describing the load on a specific interface. DLY - Delay. Amount of micro seconds of delay. I do not have any more information on this at this time. rely - Reliability. Reliability of the interface as a fraction of 255 (255/255 is 100% reliability), calculated as an exponential average over five minutes (default). load - Load Average. Load on the interface as a fraction of 255 (255/255 is completely saturated), calculated as an exponential average over five minutes (default). Encapsulation and Loopback Encapsulation is the type of Data-Link encapsulation. This is commonly either PPP, HDLC (Cisco's proprietary PPP), Frame-Relay, and ATM. Loopback specifies whether the loopback bit is set in the D channel signalling. Last input The last input is the number of hours, minutes, and seconds since the last packet was successfully received by an interface. This is useful for determining when a dead interface. The last output is the number of hours, minutes, and seconds since the last packet was successfully transmitted by an interface. This is useful for determining when a dead interface failed.

14

The output hang is the number of hours, minutes, and seconds (or never) since the interface was last reset because of a transmission that took too long. Last clearing This shows the elapsed time, in seconds, since the last clearing of the interface counters that will be described in a later section on counters. Output queue, input queue, drops Number of packets in output and input queues. Each number is followed by a slash, the maximum size of the queue, and the number of packets dropped due to a full queue. 5 minute input/output rate Average number of bits and packets received and transmitted per second in the last five minutes. Counters Packets input - Total number of error-free packets received. Broadcasts - Total number of broadcast or multicast packets received. Runts - Number of packets discarded because they are smaller than the medium's minimum packet size. Giants - Number of packets that are discarded because they exceed the medium's maximum packet size. Parity - Number of parity errors on the HSSI. RX Disabled - Indicates inability to get a buffer when accessing a packet. Input Errors - Sum of all errors that prevented the receipt of datagrams. This may not balance with the sum of the enumerated output errors, because some datagrams may have more than one error and others may have errors that do not fall into any of the specific categories. CRC - Cyclic redundancy checksum generated mismatch. CRC errors also are reported when a far-end abort occurs and when the idle flag pattern is corrupted. This makes it possible to get CRC errors even when there is no data traffic. Frame - Number of packets received incorrectly having a CRC error and a noninteger number of octets. Overrun - Number of times the serial receiver hardware was unable to hand received data to a hardware buffer because the input rate exceeded the receiver's ability to handle the data. Ignored - Number of received packets ignored by the interface because the interface hardware ran low on internal buffers. Abort - Number of packets whose receipt was aborted. Bytes - Total number of bytes, including data and MAC encapsulation, transmitted by the system. Underruns - Number of times that the far-end router's transmitter has been running faster than the near-end router's receiver can handle. This may never happen (be reported) on some interfaces.
15

Congestion Drop - Number of messages discarded because the output queue on an interface grew too long. Output Errors - Sum of all errors that prevented the final transmission. This may not balance with the sum of the enumerated output errors, because some datagrams may have more than one error and others may have errors that do not fall into any of the specific categories. Interface Resets - Number of times an interface has been completely reset. Restarts - Number of times the controller was restarted because of errors. Carrier Transitions - Number of times the carrier detect signal of a serial interface has changed state.

6-Routing Protocol Configuration

There are two types of routing protocol as follows:

Static route Dynamic route Static route

These days static routes are generally used in very simple networks or in particular cases that necessitate their use. To create a static route, the administrator tells the router operating system that any network traffic destined for a specified network layer address should be forwarded to a similiarly specified network layer address. In the Cisco IOS this is done with the ip route command.

16

Router#config Router(config)#ip route 172.16.0.0 255.255.255.0 192.168.150.1 Router(config)#ctrl-Z Two things to be said about this example. First, the packet destination address must include the subnet mask for that destination network. Second, the address it is to be forwarded to is the specified addres of the next router along the path to the destination. We can use the Default route when we do not care about the destination . Router(config)#ip
route 0.0.0.0 0.0.0.0 192.168.150.1

Dynamic route
Dynamic routing protocols, running on connected routers, enable those routers to share routing information. This enables routers to learn the routes available to them. The advantage of this method is that routers are able to adjust to changes in network topologies. If a route is physically removed, or a neighbor router goes down, the routing protocol searches for a new route. Routing protocols can even dynamically choose between possible routes based on variables such as network congestion or network reliability. There are many different routing protocols, and they all use different variables, known as "metrics," to decide upon appropriate routes. This document describes how to configure the Routing Information Protocol (RIP) on Cisco routers. From the command-line, we must explicitly tell the router which protocol to use, and what networks the protocol will route for.

Routing Information Protocol (RIP) Step 1: Enter privileged EXEC mode: Router>enable password Step 2: Enter the configure terminal command to enter global configuration mode. Router#config terminal
17

Step 3: Enter the router rip command Router(config)#router rip Step 4: Add the network number to use RIP and repeat this step for all the numbers. Router(config-router)#network network-number Example: Router(config-router)#network 192.168.10.0 Note: To turn off RIP, use the no router rip command. Router(config)#no router rip

7-Access Lists
There are two types of Access list and we disscuss one of them only: access-list (standard) access-list (extended)

- access-list (standard)
To define a standard IP access list with a number, use the standard version of the access-list global configuration command. To remove a standard access lists, use the no form of this command.
access-list access-list-number {deny | permit} source [source-wildcard] [log] no access-list access-list-number

18

Description access-list- Number of an access list. This is a decimal number from 1 to 99. number deny permit source Denies access if the conditions are matched. Permits access if the conditions are matched. Number of the network or host from which the packet is being sent. There are two alternative ways to specify the source:

Use a 32-bit quantity in four-part, dotted-decimal format. Use the keyword any as an abbreviation for a source and source-wildcard of 0.0.0.0 255.255.255.255.

sourcewildcard

(Optional) Wildcard bits to be applied to the source. There are two alternative ways to specify the source wildcard:

Use a 32-bit quantity in four-part, dotted-decimal format. Place ones in the bit positions you want to ignore. Use the keyword any as an abbreviation for a source and source-wildcard of 0.0.0.0 255.255.255.255.

log

(Optional) Causes an informational logging message about the packet that matches the entry to be sent to the console. (The level of messages logged to the console is controlled by the logging console command.) The message includes the access list number, whether the packet was permitted or denied, the source address, and the number of packets. The message is generated for the first packet that matches, and then at 5-minute intervals, including the number of packets permitted or denied in the prior 5-minute interval.

Default The access list defaults to an implicit deny statement for everything. The access list is always terminated by an implicit deny statement for everything.

19

You can use access lists to control the transmission of packets on an interface, control virtual terminal line access, and restrict the contents of routing updates. Use the show access-lists EXEC command to display the contents of all access lists. Use the show ip access-list EXEC command to display the contents of one access list. Examples The following example of a standard access list allows access for only those hosts on the three specified networks. The wildcard bits apply to the host portions of the network addresses. Any host with a source address that does not match the access list statements will be rejected. access-list 1 permit 192.5.34.0 0.0.0.255 access-list 1 permit 128.88.0.0 0.0.255.255 access-list 1 permit 36.0.0.0 0.255.255.255 ! (Note: all other access implicitly denied) To specify a large number of individual addresses more easily, you can omit the wildcard if it is all zeros. Thus, the following two configuration commands are identical in effect: access-list 2 permit 36.48.0.3 access-list 2 permit 36.48.0.3 0.0.0.0

8-Configure Frame Relay -Enabling Frame Relay Encapsulation on an Interface:

To enable Frame Relay encapsulation on the interface level, use the following commands beginning in global configuration mode: Command Purpose

20

Step 1 Step 2

interface type number encapsulation framerelay [ietf]

Specifies the interface, and enters interface configuration mode. Enables and specifies Frame Relay encapsulation method.

Frame Relay supports encapsulation of all supported protocols in conformance with RFC 1490, allowing interoperability between multiple vendors. Use the Internet Engineering Task Force (IETF) form of Frame Relay encapsulation if your router or access server is connected to another vendor's equipment across a Frame Relay network. IETF encapsulation is supported either at the interface level or on a per-VC basis. Shut down the interface prior to changing encapsulation types. Although shutting down the interface is not required, it ensures that the interface is reset for the new encapsulation.

-Configuring Static Mapping:

A static map links a specified next hop protocol address to a specified DLCI. Static mapping removes the need for Inverse ARP requests; when you supply a static map, Inverse ARP is automatically disabled for the specified protocol on the specified DLCI. You must use static mapping if the router at the other end either does not support Inverse ARP at all or does not support Inverse ARP for a specific protocol that you want to use over Frame Relay. To establish static mapping according to your network needs, use one of the following commands in interface configuration mode: Command frame-relay map protocol protocoladdress dlci [broadcast] [ietf] [cisco] Purpose Maps between a next hop protocol address and DLCI destination address.

-Defining Subinterface Addressing

21

For point-to-point subinterfaces, the destination is presumed to be known and is identified or implied in the frame-relay interface-dlci command. For multipoint subinterfaces, the destinations can be dynamically resolved through the use of Frame Relay Inverse ARP or can be statically mapped through the use of the frame-relay map command. Command frame-relay interfacedlci dlci Purpose Associates the selected point-to-point subinterface with a DLCI.

-Configuring the LMI :

If the router or access server is attached to a public data network (PDN), the LMI type must match the type used on the public network. Otherwise, the LMI type can be set to suit the needs of your private Frame Relay network. You can set one of three types of LMIs on our devices: ANSI T1.617 Annex D, Cisco, and ITU-T Q.933 Annex A. To do so, use the following command beginning in interface configuration mode:

Command frame-relay lmi-type {ansi | cisco | q933a}

Purpose Sets the LMI type.

- Configuring Frame Relay Traffic Shaping

Common implementations of Frame Relay traffic shaping are: 1. High speed to low speed circuit mismatches: There are two possibilities here:

22

The hub site has a T1 line into the cloud, while the remote site has a lower speed (56 Kbps). In this case, you need to rate-limit the hub site so that it does not exceed the remote side access rate. The hub site has a single T1 line into the cloud, while the remote sites also have a full T1 line into the cloud, connecting to the same hub site. In this case, you need to rate-limit the remote sites so as to not overrun the hub.

2. Oversubscription: For example, if the guaranteed rate on a permanent virtual circuit (PVC) is 64 Kbps and the access rate is 128 Kbps on both ends, it is possible to burst above the guaranteed rate when there is no congestion and fall back to the guaranteed rate when there is congestion. Note: The access rate is the physical line speed of the interface connecting to the Frame Relay. The guaranteed rate is the committed information rate (CIR) the Telco has given for the PVC. Setting the CIR or minCIR at the access rate should be avoided, because it may result in output drops, causing traffic to throttle. The reason for this is that the shape rate does not take into account the overhead bytes of the flag and Cyclic Redundancy Check (CRC) fields. So, shaping at line rate is actually oversubscribing, and will cause interface congestion. Shaping at the access rate is not recommended. You should always shape the traffic at 95 percent of the access rate. More generally, the aggregate shaped rate should be no more than 95 percent of the access rate.

Configure
In this section, you are presented with the information to configure the features described in this document.
Network Diagram
This document uses this network setup: See fig -3

23

In the above example, we have the following values:

HUB - access rate = 192 Kbps, guaranteed rate = 32Kbps REMOTE - access rate = 64Kbps, guaranteed rate = 32Kbps

Here, we are implementing traffic shaping at both ends so that the average transmit rate is 64Kbps. If needed, the HUB can burst above this. In case of congestion, it can drop down to 32Kbps at the minimum. Congestion notification from the cloud is via backward explicit congestion notification (BECN). Hence, the shaping is configured to adapt to BECN. Note: Frame-relay traffic shaping is enabled on the main interface, and it applies to all data link connection identifiers (DLCIs) under that interface. We cannot enable traffic shaping only for a particular DLCI or subinterface under the main interface. If a certain DLCI has no map class attached to it, and traffic shaping is enabled on the main interface, the DLCI is assigned a default map-class with CIR = 56000. Configurations This document uses these configurations:

Hub Remote Hub

interface Serial0/0 no ip address encapsulation frame-relay no fair-queue frame-relay traffic-shaping !--- Apply traffic shaping to main interface (step 3). interface Serial0/0.1 point-topoint ip address 10.1.1.1 255.255.255.0 frame-relay interface-dlci 16 frame-relay class cisco
24

!--- Apply map class to the DLCI / subinterface (step 2). ! ! !--- Configure map class parameters (step 1). map-class frame-relay cisco frame-relay cir 64000 frame-relay mincir 32000 frame-relay adaptive-shaping becn frame-relay bc 8000 frame-relay be 16000 ! Remote interface Serial0/0 no ip address encapsulation frame-relay no fair-queue frame-relay traffic-shaping ! interface Serial0/0.1 point-topoint ip address 10.1.1.2 255.255.255.0 frame-relay interface-dlci 16 frame-relay class cisco ! map-class frame-relay cisco frame-relay cir 64000 frame-relay mincir 32000 frame-relay adaptive-shaping becn frame-relay bc 8000 ! This diagram shows traffic being sent out of the HUB router:
25

Assuming that the traffic is sent with a burst of 80000 bits, this is sent out of the PVC in 8 Tc intervals (125 msec each). We can achieve this because, in the first interval, the credit available is Bc + Be = 8000 + 16000 = 24000 bits. This means that the rate is 24000 bits / 125 msec = 192 Kbps. In the next seven intervals it is only Bc = 8000 bits. Hence the rate is 8000 / 125 msec = 64 Kbps. For example, if we receive a burst of 88000 bits, we cannot send all this traffic in 8 Tc intervals. The final 8000 bits will be sent in the 9th Tc interval. Thus, this traffic is delayed by the traffic shaping mechanism.

show Commands
Use the show frame relay pvc <dlci> command to view the configuration details:
Hub#show frame relay pvc 16 PVC Statistics for interface Serial0/0 (Frame Relay DLCI = 16, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, Serial0/0.1 input pkts 8743 output pkts 5 2548330 out bytes 520 dropped pkts 0 0 in BECN pkts 0 out FECN pkts 0 0 DTE) INTERFACE = in bytes in FECN pkts out BECN pkts

26

in DE pkts 0 out DE pkts 0 out bcast pkts 0 out bcast bytes 0 Shaping adapts to BECN pvc create time 6d01h, last time pvc status changed 6d01h cir 64000 bc 8000 be 16000 byte limit 3000 interval 125 mincir 56000 byte increment 1000 Adaptive Shaping BECN pkts 5 bytes 170 pkts delayed 0 bytes delayed 0 shaping inactive traffic shaping drops 0 Queueing strategy: fifo Output queue 0/40, 0 drop, 0 dequeued

shaping inactive / active This shows, in real time, whether the traffic shaping mechanism has been activated or not. Traffic shaping is active in the following scenarios: 1. BECNs are received, and DLCI has been configured to shape to BECNs. 2. The number of data bytes to transmit out of an interface are more than the available credit (byte limit) in a given interval (Tc). 3. FRF.12 fragmentation has been configured, and packets are waiting to be fragmented. pkts delayed / bytes delayed This shows the number of packets and bytes that have been delayed due to activation of the traffic shaping mechanism. This mainly applies if the number of bytes to be transmitted exceeds the available credit per interval, or if packets need to be fragmented (FRF.12). These packets and bytes are stored in the shaping queue (allocated per VC) and then transmitted in subsequent intervals when there is enough available credit. traffic shaping drops This shows the number of drops in the shaping queue. Bytes are first delayed by the shaping mechanism and stored in this queue. If the queue fills up, then packets are dropped. By default, the queue type is FCFS (First Come First Serve) or FIFO, but can be changed to WFQ, PQ, CQ, CBWFQ, or LLQ.
Configurable Parameters

27

frame relay cir The average rate you want to send traffic out on a given PVC in bps. This is generally higher than the guaranteed rate but less than the access rate (AR). It equals the guaranteed rate only if: 1. The service provider does not allow you to send above guaranteed rate. 2. The physical line rate on the interface is same as the guaranteed rate. 3. There are Voice (voice over IP [VOIP] or voice over Frame Relay [VOFR]) packets on this PVC, therefore you cannot afford dropped packets for quality or service. The value of the CIR is 56000 bps is by default. frame relay mincir The actual guaranteed rate obtained from service provider in bps. This value should be the minimum rate you should drop to in the event of congestion (dropping below this rate implies you are not getting the bandwidth you are paying for). In certain cases (listed above) the mincir and cir values must be the same. The value of mincir is half of the CIR value in bps by default. frame relay bc The amount of data to send per each Tc interval in bits. Ideally for data PVCs Bc = CIR/8 so that Tc = 125msec. Cisco IOS recalculates the FRTS parameter when Bc is greater than 10,000 bytes. If we are doing voice on the PVC, then Bc = CIR/100 is preferable, so that the interval Tc = 10msec (as voice packets cannot tolerate a longer delay). The value of Bc by default is shown as the CIR in bits in the output of the show traffic-shape command. However, internally, a different value is assigned to ensure optimal performance. This value is shown in the "Increment Bytes" column in the show traffic-shape output. A value of bc=CIR equates to a Tc of 1 second. Depending on how traffic arrives at the shaper, the router would have to stop transmission for close to 1 second if the burst was exhausted immediately at the start of the interval. Thus, the shaper assigns a different internal value which still allows for the configured Bc over the original Tc, only we will do it in a number of small bursts instead of one large burst.

28

frame relay be The amount of excess data allowed to be sent during first Tc interval in bits once credit is built up. Configure Be only if the Frame Relay CIR value is less than the AR. For PVCs carrying voice packets, the Be must be set to zero to ensure best possible voice quality. The router only bursts (Be) when there are tokens in the token bucket. The token bucket does not accrue tokens unless the amount of traffic being sent out is less than the CIR. The router can only burst for the first Tc, after which the token bucket is empty. The value of Be by default is zero bits. frame relay adaptive-shaping becn Implies that the PVC adapts the rate of transmit in response to the BECNs received. The behaviour is as below:

If the PVC receives any BECNs during the current time interval (it doesn't matter if this is one or 1000) the transmit rate is decreased by 25 percent or to mincir and stops if mincir configured value is more than 75% of the cir value. It continues to drop with each BECN (limit one drop per time interval) until the traffic rate gets to the mincir (guaranteed rate) where it stops. Once the traffic rate has decreased, it must allow 16 time intervals of receiving no BECNs before starting to increase traffic again. The amount it increases by is the byte limit that shows up in the show frame pvc x output divided by 16. This increase occurs only if traffic shaping is active. Thus, it takes much longer to get back to the CIR than it did to drop to mincir.

Non-Configurable Parameters

interval (Tc) The interval during which you send the Bc bits in order to maintain the average rate of the CIR in seconds. Tc = Bc/CIR in seconds The range for Tc is between 10 ms and 125 ms. The router internally calculates this value based on the CIR and Bc values in the map class. If Bc/CIR is more than or equal to 125 msec, it uses the internal Tc value. If Bc/CIR is less than 125 ms, it uses the Tc calculated from that equation.
29

byte increment The actual number of committed bytes sent per Tc. We can calculate this using the following formula: Cir * Tc / 8 byte limit The actual number of bytes sent in the first Tc. We can calculate this using the following formula: byte increment + Be/8 (measured in bytes)

The show traffic-shape Command

Use the show traffic-shape EXEC command to display the current traffic-shaping configuration. The command output contains the following fields.

Field

Description

Target Rate Rate that traffic is shaped to in bps. Byte Limit Sustain bits/int Excess bits/int Maximum number of bytes transmitted per internal interval. Configured sustained bits per interval.

Configured excess bits in the first interval. Interval being used internally. This interval may be smaller than the Bc divided by the CIR if the router determines that traffic flow will be more stable with a smaller configured interval. Number of bytes that are sustained per internal interval.

Interval (ms)

Increment (bytes)

30

Adapt Active

Contains BECN if Frame Relay has BECN adaptation configured.

The following is sample output of the show traffic-shape command.

Target Rate = CIR = 100000 bits/s Mincir = CIR/2 = 100000/2 = 50000 bits/s Sustain = Bc = 8000 bits/int Excess = Be = 8000 bits/int Interval = Bc/CIR = 8000/100000 = 80 ms Increment = Bc/8 = 8000/8 = 1000 bytes Byte Limit = Increment + Be/8 = 1000 + 8000/8 = 2000 bytes

The diagram below maps the fields described above to some sample output shown by the show traffic-shape command:

-Some

Commands:

show frame-relay lmi

To display statistics about the Local Management Interface (LMI), use the show framerelay lmi EXEC command. show frame-relay lmi [type number]

31

type

(Optional) Interface type; it must be serial.

number (Optional) Interface number

Examples
The following is sample output from the show frame-relay lmi command when the interface is a DTE device:
Router#show frame-relay lmi LMI Statistics for interface Serial1 (Frame Relay DTE) LMI TYPE = ANSI Invalid Unnumbered info 0 Invalid Prot Disc 0 Invalid dummy Call Ref 0 Invalid Msg Type 0 Invalid Status Message 0 Invalid Lock Shift 0 Invalid Information ID 0 Invalid Report IE Len 0 Invalid Report Request 0 Invalid Keep IE Len 0 Num Status Enq. Sent 9 Num Status msgs Rcvd 0 Num Update Status Rcvd 0 Num Status Timeouts 9

Field LMI Statistics Invalid Unnumbered info Invalid Prot Disc

Description Signalling or LMI specification: CISCO, ANSI, or ITU-T. Number of received LMI messages with invalid unnumbered information field. Number of received LMI messages with invalid protocol discriminator.

Invalid dummy Call Ref Number of received LMI messages with invalid dummy call references. Invalid Msg Type Number of received LMI messages with invalid message type.

Invalid Status Message Number of received LMI messages with invalid status message. Invalid Lock Shift Invalid Information ID Invalid Report IE Len Number of received LMI messages with invalid lock shift type. Number of received LMI messages with invalid information identifier. Number of received LMI messages with invalid Report IE Length.

32

Invalid Report Request Number of received LMI messages with invalid Report Request. Invalid Keep IE Len Num Status Enq. Sent Number of received LMI messages with invalid Keep IE Length. Number of LMI status inquiry messages sent.

Num Status Msgs Rcvd Number of LMI status messages received. Num Update Status Rcvd Num Status Timeouts Num Status Enq. Rcvd Num Status Msgs Sent Num Status Enq. Timeouts Num Update Status Sent Number of LMI asynchronous update status messages received. Number of times the status message was not received within the keepalive time value. Number of LMI status enquiry messages received. Number of LMI status messages sent. Number of times the status enquiry message was not received within the T392 DCE timer value. Number of LMI asynchronous update status messages sent.

show frame-relay pvc

To display statistics about permanent virtual circuits (PVCs) for Frame Relay interfaces, use the show frame-relay pvc command in privileged EXEC mode. show frame-relay pvc [interface interface] [dlci]

interface (Optional) Indicates a specific interface for which PVC information will be
33

displayed. interface (Optional) Interface number containing the DLCIs for which you wish to display PVC information. (Optional) A specific DLCI number used on the interface. Statistics for the specified PVC display when a DLCI is also specified.

dlci

Examples

The various displays in this section show sample output for a variety of different PVCs. Some of the PVCs carry data only; some carry a combination of voice and data. The following is sample output for the show frame-relay pvc command with no arguments. Statistics for all of the PVCs on all of the interfaces are displayed.
PVC Statistics for interface Serial2/1 (Frame Relay DTE) Local Switched Unused Active 115 0 0 Inactive 0 0 0 Deleted 0 0 0 Static 0 0 0

DLCI = 100, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial2/1 input pkts 12 output pkts 7 in bytes 4406 out bytes 1366 dropped pkts 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 7 out bcast bytes 1366 pvc create time 1d04h, last time pvc status changed 00:30:32 --More--

34

9-Configure Asynchronous Transfer Mode (ATM)

The most important parameters in ATM configuration are:

pvc [name] vpi/vci Creates an ATM PVC on a main interface or subinterface. Assigns a name to an ATM PVC network virtual path identifier (VPI) for this PVC. encapsulation aal5snap|aal5mux Configures the ATM adaptation layer (AAL) and encapsulation type for an ATM PVC, SVC, or VC class. Use one of the aal5mux encapsulation options to dedicate the specified PVC to a single protocol; use the aal5snap encapsulation option to multiplex two or more protocols over the same PVC.

Example: interface ATM1/0.1 point-to-point description This Sub-Intrface is to carry SNMP Traffic only
35

ip address 192.168.0.3 255.255.255.0 pvc SNMP 1/9 encapsulation aal5snap

10-Configure Frame Relay-to-ATM Service Interworking (FRF.8)

To communicate over WANs, end-user stations and the network cloud typically must use the same type of transmission protocol. This limitation has prevented differing networks such as Frame Relay and ATM from being linked. However, the Frame Relay-to-ATM Service Interworking (FRF.8) feature allows Frame Relay and ATM networks to exchange data, despite differing network protocols. The functional requirements for linking Frame Relay and ATM networks are provided by the Frame Relay/ATM PVC Service Interworking Implementation Agreement specified in Frame Relay Forum (FRF) document number FRF.8. FRF.8 provides service interworking functionality that allows a Frame Relay end user to communicate with an ATM end user. Traffic is translated by a protocol converter that provides communication between dissimilar Frame Relay and ATM equipment. Figure-2 illustrates this concept. Figure-2 Frame Relay-to-ATM Service Interworking (FRF.8)

36

The Frame Relay-to-ATM Service Interworking (FRF.8) feature benefits Internet service providers that need to link Frame Relay and ATM networks, especially those networks with ATM backbones and Frame Relay end users.

Configuring an FRF.8 Service Interworking Connection

To configure FRF.8 one-to-one protocol mapping between a Frame Relay end user and an ATM end user, use the following commands beginning in global configuration command mode:

Command
Step 1
Router(config)# interface serialnumber

Purpose
Configures the Frame Relay interface and enters interface configuration mode.

Step 2

Router(config-if)# frame-relay interfacedlci dlci switched

Configures a switched Frame Relay DLCI.

Step 3

Router(config)# interface atmnumber

Configures the ATM interface and enters

37

interface configuration mode. Step 4

Router(config-if)# pvc [PVC-name] vpi/vci

Creates the ATM PVC and virtual path identifier/virtual channel identifier (VPI/VCI). The VCI is a 16-bit field in the header of the ATM cell.

Step 5

Router(config-if)# encapsulation aal5mux fr-atm-srv

Configures the ATM adaption layer (AAL) and encapsulation type for the ATM PVC.

Step 6

Router(config)# connect connection-name FR-interface FR-DLCI ATM-interface ATMvpi/vci service-interworking

Creates a connection to connect the Frame Relay DLCI to the ATM PVC and configures FRF.8 encapsulation. Sets the ATM cell loss priority (CLP) field in the ATM cell header. Sets the Frame Relay discard eligible (DE) bit field in the Frame Relay cell header. Sets the explicit forward congestion indication (EFCI) bit field in the ATM cell header.

Step 7

Router(config-frf8)# clp-bit {0 | 1 | map-de} or Router(config-frf8)# de-bit {0 | 1 | mapclp} or Router(config-frf8)# efci-bit {0 | mapfecn}

Step 8

Router(config-frf8)# service translation

Enables upper layer user protocol encapsulation for Frame Relay-to-ATM service interworking. Step 9
Router(config-frf8)# end

Ends configuration mode and enters EXEC mode. Use the exit command to exit a submode and reenter global configuration command mode.

38

To disconnect the FRF.8 interworking connection, use the shutdown connect subcommand.

Verifying Configuration
To verify correct configuration of the Frame Relay-to-ATM Service Interworking (FRF.8) feature, perform the following tasks: Step 1 Enter the show connect id EXEC command to view information, including interworking parameters set, about the specified connection identifier: Router# show connect id 10 FR/ATM Service Interworking Connection: service-1 Status - UP Segment 1 - Serial1/0 DLCI 16 Segment 2 - ATM3/0 VPI 1 VCI 32 Interworking Parameters service translation efci-bit 0 de-bit map-clp clp-bit map-de Step 2 Enter the show connect port EXEC command to view information about the connection on a specific interface: Router # show connect port atm3/0 ID Name Segment 1 Segment 2 State ========================================================== 10 service-1 Serial1/0 16 ATM3/0 1/32 UP Step 3 Enter the show frame-relay pvc EXEC command to view statistics about Frame Relay interfaces: Router # show frame-relay pvc PVC Statistics for interface Serial1/0 (Frame Relay DCE) Active Inactive Deleted Static Local 0 0 0 0 Switched 1 0 0 0 Unused 0 0 0 0 DLCI = 18, DLCI USAGE = FRF.5, PVC STATUS = ACTIVE, INTERFACE =
39

Serial1/0 input pkts 22 output pkts 21 in bytes 2140 out bytes 2110 dropped pkts 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 0 out bcast bytes 0 Num Pkts Switched 22 pvc create time 02:02:49, last time pvc status changed 02:02:42 Step 4 Enter the show atm pvc EXEC command to view ATM PVCs and statistics: Router # show atm pvc VCD / Peak Avg/Min Burst Interface Name VPI VCI Type Encaps SC Kbps Kbps Cells Sts 3/0 10 1 32 PVC FRATMSRV UBR 155000 UP

Monitoring and Maintaining Frame Relay-to-ATM Interworking

To display status of the virtual circuits and the Frame Relay-to-ATM interworking connections, use any of the following commands in EXEC mode:

Command
Router# show atm pvc [signalling | interface | vcd]

Purpose Displays all ATM PVCs, switched virtual circuits (SVCs), and traffic information. Use the signalling keyword to display ATM interface signalling information for all interfaces. Use the interface keyword to display all PVCs and SVCs on the interface or subinterface. Use the vcd argument to specify the ATM VCD number (1-1023) about which to display information. Displays connection statistics. Use the optional all keyword

Router# show connect [all | element | ID

40

| name | port]

to display statistics about all connections. Use the optional element, ID, name, or port arguments to display particular connection details.

Configuration Example FRF.8 Service Interworking Example The following example shows how to configure an FRF.8 service interworking connection: ; ; Configure a switched Frame Relay DLCI ; interface serial 0 frame-relay interface-dlci 100 switched ; ; Configure ATM PVC with FRF.8 encapsulation ; interface atm1/0 pvc 0/32 encapsulation aal5mux fr-atm-srv ; ; Create a connection that connects Frame Relay DLCI 100 to ATM PVC 1/32 ; connect service-1 Serial0 100 ATM3/0 1/32 serviceinterworking efci-bit map-fecn

Command Reference
This section documents the following new and modified commands. All other commands used with this feature are documented in the Cisco IOS Release 12.1 command reference publications. clp-bit connect (FR-ATM) de-bit efci-bit
41

frame-relay interface-dlci switched (FR-ATM) service translation show connect shutdown

clp-bit
To set the ATM cell loss priority (CLP) field in the ATM cell header, use the clp-bit connect submode command. To disable ATM CLP bit mapping, use the no form of this command. clp-bit {0 | 1 | map-de} no clp-bit {0 | 1 | map-de}

0 1 mapde
Defaults

The CLP field in the ATM cell header is always set to 0. The CLP field in the ATM cell header is always set to 1. The discard eligible (DE) field in the Frame Relay header is mapped to the CLP field in the ATM cell header.

The default is set to map-de.

Examples The following example sets the CLP field in the ATM header to 1 for FRF.8: Router(config)# connect service-1 Serial1/0 16 ATM3/0 1/32 service-interworking Router(config-frf8)# clp-bit 1

42

 connect (FR-ATM)
To configure an FRF.8 one-to-one mapping between a Frame Relay data-link connection identifier (DLCI) and an ATM permanent virtual circuit (PVC), use the connect global configuration command. To remove a connection, use the no form of this command. connect connection-name {FR-interface FR-DLCI | ATM-interface ATMVPI/VCI} service-interworking no connect connection-name {FR-interface FR-DLCI | ATM-interface ATMVPI/VCI} service-interworking

connection-name

Specifies a connection name. Enter as a 15-byte maximum character string. Specifies the Frame Relay interface type and number, for example, serial1/0. Specifies the Frame Relay data-link connection identifier (DLCI) in the range 16 to 991. Specifies the ATM interface type and number, for example atm1/0. Specifies the ATM virtual path identifier/virtual channel identifier (VPI/VCI). If a VPI is not specified, the default VPI is 0. Specifies FRF.8 service interworking.

FR-interface

FR-DLCI

ATM-interface ATM-VPI/VCI

serviceinterworking
Defaults

43

No default behavior or values. . Examples The following example shows how to create an FRF.8 connection: router(config)# interface serial0 router(config-if)# frame-relay interface-dlci 100 switched router(config-if)# interface atm1/0 router(config-if)# pvc 0/32 router(config-if-atm-vc)# encapsulation aal5mux fr-atm-srv router(config)# connect service-1 Serial0 100 ATM3/0 1/32 service-interworking router(config-frf8)# efci-bit map-fecn

de-bit
To set the Frame Relay discard eligible (DE) bit field in the Frame Relay cell header for FRF.8 service interworking, use the de-bit connect submode command. To disable or reset Frame Relay DE bit mapping, use the no form of this command. de-bit {0 | 1 | map-clp} no de-bit {0 | 1 | map-clp}

0 1 mapclp
Defaults

The DE field in the Frame Relay header is always set to 0. The DE field in the Frame Relay header is always set to 1. The DE field is set to 1 when one or more cells belonging to a frame has its cell loss priority (CLP) field set.

The default is set to map-clp.

44

Examples The following example sets the DE bit field in the Frame Relay cell header to 1: router(config)# connect service-1 serial1/0 16 atm3/0 1/32 service-interworking router(config-frf8)# de-bit 1

efci-bit
To set the explicit forward congestion indication (EFCI) bit field in the ATM cell header for FRF.8 service interworking, use the efci-bit connect submode command. To disable or reset this bit, use the no form of this command. efci-bit {0 | map-fecn} no efci-bit {0 | map-fecn}

0 mapfecn
Defaults

The EFCI field in the ATM cell header is set to 0. The EFCI field in the ATM cell header is set to 1 when the forward explicit congestion notification (FECN) field in the Frame Relay header is set.

The default is 0. Examples The following example creates a connection that connects Frame Relay DLCI 100 to ATM PVC 0/32, and sets the EFCI field in the ATM cell header to 1 when the FECN field in the Frame Relay header is set: router(config)# interface atm1/0 router(config-if)# pvc 0/32 router(config-if)# encapsulation aal5mux fr-atm-srv

45

router(config)# connect serial0 100 atm1/0 0/32 serviceinterworking router(config-frf8)# efci-bit map-fecn

frame-relay interface-dlci switched (FR-ATM)

To indicate that a Frame Relay data-link connection identifier (DLCI) is switched, use the frame-relay interface-dlci switched interface configuration command. To remove this assignment, use the no form of this command. frame-relay interface-dlci dlci switched no frame-relay interface-dlci dlci switched

dlci

Specifies the Frame Relay DLCI number.

Defaults

No DLCI is assigned. Examples The following example configures serial interface 0 as a switched Frame Relay DLCI: router(config)# interface serial0 router(config-if)# frame-relay interface-dlci 100 switched router(config-fr-dlci)#

service translation
To enable upper layer user protocol encapsulation for Frame Relay-to-ATM Service Interworking (FRF.8) feature, which allows mapping between encapsulated ATM protocol data units (PDUs) and encapsulated Frame Relay PDUs, use the service connect submode command. To disable upper layer user protocol encapsulation, use the no form of this command. service translation no service translation

46

This command has no arguments or keywords.

Defaults

The default state is service translation. The no service translation command disables mapping between encapsulated ATM PDUs and encapsulated Frame Relay PDUs. Examples The following example shows an FRF.8 configuration with service translation disabled: router# show running:configuration Building configuration... Current configuration: connect service-1 Serial1/0 16 ATM3/0 1/32 serviceinterworking no service translation efci-bit map-fecn The following example shows how to configure service translation on the connection named service-1: router(config)# connect service-1 serial1/0 16 ATM3/0 1/32 service-interworking router(config-frf8)# service translation

show connect
To display statistics and other information about Frame Relay-to-ATM Service Interworking (FRF.8) connections, use the show connect EXEC command. show connect [all | element | ID | name | port]

47

all

(Optional) Displays information about all Frame Relay-to-ATM Service Interworking (FRF.8) connections. (Optional) Displays information about the specified connection element. (Optional) Displays information about the specified connection identifier. (Optional) Displays information about the specified connection name. (Optional) Displays information about all connections on an interface.

element ID name port

Defaults

Default state is show connect all. Examples The following example displays information about the specified FRF.8 connection identifier: router# show connect id 10 FR/ATM Service Interworking Connection: service-1 Status - UP Segment 1 - Serial1/0 DLCI 16 Segment 2 - ATM3/0 VPI 1 VCI 32 Interworking Parameters service translation efci-bit 0 de-bit map-clp clp-bit map-de The following example displays information about the FRF.8 connection on an interface: router# show connect port atm3/0
48

ID Name Segment 1 Segment 2 State ========================================================== 10 service-1 Serial1/0 16 ATM3/0 1/32 UP Table describes the fields seen in these displays.

Table show connect Field Descriptions Display ID Description Arbitrary connection identifier assigned by the operating system. Assigned connection name. Frame Relay or ATM interworking segments. Status of the connection, UP, DOWN, or ADMIN DOWN.

Name Segment 1 or 2 State or Status

shutdown
To shut down a Frame Relay-to-ATM Service Interworking (FRF.8) connection, use the shutdown connect submode command. To disable disconnection, use the no form of this command. shutdown no shutdown

49

This command has no arguments or keywords. Defaults No default behavior or values.

The FRF.8 connection must be manually shut down once the interworking connection is created by use of the shutdown connect subcommand.

Examples The following example shows how to shut down an FRF.8 connection: Router(config)# connect serial0 100 atm3/0 1/35 serviceinterworking Router(config-frf8)# shutdown

11-Testing connectivity
It is very possible that the point of failure is not in your router configuration, or at your router at all. If you examine your router's configuration and operation and everything looks good, the problem might be be farther up the line. In fact, it may be the line itself, or it could be another router, which may or may not be under your administration. One extremely useful and simple diagnostic tool is the ping command. Ping is an implementation of the IP Message Control Protocol (ICMP). Ping sends an ICMP echo request to a destination IP address. If the destination machine receives the request, it responds with an ICMP echo response. This is a very simple exchange that consists of: Hello, are you alive? Yes, I am.

50

Router#ping

xx.xx.xx.xx

If the ping test is successful, you know that the destination you are having difficulty reaching is alive and physically reachable. If there are routers between your router and the destination you are having difficulty reaching, the problem might be at one of the other routers. Even if you ping a router and it responds, it might have other interfaces that are down, its routing table may be corrupted, or any number of other problems may exist. To see where packets that leave your router for a particular destination go, and how far, use the trace command. Router#trace
xx.xx.xx.xx

It may take a few minutes for this utility to finish, so give it some time. It will display a list of all the hops it makes on the way to the destination. To go to remote access perform this command, Router#telnet

xx.xx.xx.xx

12-Password Recovery Procedure for the Cisco Router

Step-by-Step Procedure 1. Attach a terminal or PC with terminal emulation to the console port of the router. Use the following terminal settings: 9600 baud rate No parity 8 data bits 1 stop bit No flow control

51

2. Type show version and record the setting of the configuration register; it is usually 0x2102 or 0x102. Note: Do not continue to step 3 until you record the setting of the configuration register. In step 14 of this password recovery procedure, you must reset the configuration register to the setting that you record in this step. 3. Using the power switch, turn off the router and then turn it on. 4. Press Break on the terminal keyboard within 60 seconds of the powerup to put the router into ROMMON. If the break sequence doesn't work, you can try CTRL+BREAK or possibly sending it through an ASCII code. 5. Type confreg 0x2142 at the rommon 1> prompt to boot from Flash without loading the configuration. 6. Type reset at the rommon 2> prompt. The router reboots but ignores its saved configuration. 7. Type no after each setup question or press Ctrl-C to skip the initial setup procedure. 8. Type enable at the Router> prompt. You'll be in enable mode and see the Router# prompt. 9. Important: Type config mem or copy start running to copy the nonvolatile RAM (NVRAM) into memory. Do not type config term. 10.Type wr term or show running. The show running and wr term commands show the configuration of the router. In this configuration you see under all the interfaces the shutdown command, which means all interfaces are currently shutdown. Also, you can see the passwords either in encrypted or unencrypted format. 11.Type config term and make the changes. The prompt is now hostname(config)#. 12.Type enable secret <password>. 13.Issue the no shutdown command on every interface that is used. If you issue a show ip interface brief command, every interface that you want to use should be "up up". 14. Type config-register 0x2102, or the value you recorded in step 2. 15.Press Ctrl-z to leave the configuration mode. The prompt is now hostname#. 16.Type write mem or copy running startup to commit the changes.

52