Cisco IOS is the proprietary operating system for Cisco devices. IOS provides group of commands used for monitoring, configuring, maintaining cisco devices. For security and easy administration, IOS commands are divided in the set of different command modes. Each command mode has its own set of commands. Which commands are available to use, depend upon the mode you are in.
CLI ( command-line interface) is the primary user interface used for connecting Cisco devices. Although new devices support web interface for management, still you need to be fluent at command prompt. CLI allows you to directly execute IOS commands, whether using a router console or terminal, or using remote access methods.
Cisco IOS Mode
Cisco IOS supports various command modes, among those following are the main command modes.
- User EXEC Mode
- Privileged EXEC Mode
- Global Configuration Mode
- Interface Configuration Mode
- Sub Interface Configuration Mode
- Setup Mode
- ROM Monitor Mode
You need to execute specific commands to navigate from one mode to another. Following section describe IOS command modes with specific navigation commands in details.
User EXEC Mode
This is the primary mode when you logged in router. On job environment, it is usually password protected. You need a valid username and password to access this mode. You have three chances to enter a valid password, before connection attempt is refused. On LAB environment, you could access this mode directly ( unless you have configured it for password).
User Exec Mode Command Prompt
By default it consists device hostname followed by greater than sign. For router default hostname is Router. For switch default hostname is Switch.
Default hostname can be changed from global configuration mode using hostname command.
User exec mode is the subset of privileged exec mode. For security purposes, this mode is reserved for tasks that do not change the configuration of router. It has limited commands those allow you to connect to remote devices, change terminal line settings on a temporary basis, perform basic tests, and list system information.
Enter ? at command prompt to list all available commands on this mode.
Privileged Exec Mode
Privileged exec mode is the main exec mode. Same as user exec mode on job environment, this mode is also password protected. You have to enter the password to access this mode. In lab environment, it's usually unprotected. You can access this mode by executing enable command at user exec mode.
Most commands of this mode are one time commands, like show or clear commands, which show current configuration status and clear counters on interfaces respectively. You can list all available commands of this mode by entering ? at command prompt.
This mode has all commands available for exec mode including user exec mode.
Common commands can be entered either from user exec mode or privileged exec mode.
Exec mode commands are not saved across the reboot of device.
Global Configuration Mode
Global configuration mode is the next access level in IOS mode sequence. This mode is used to configure device globally, or to enter in element like interface, protocols specific configuration mode. Use configure terminal command at privileged exec mode to access global configuration mode.
Global configuration mode and element specific configuration mode allow you to make change in running configuration. By default running configuration is not stored across the reboot, but you can save running configuration to preserve it across the reboot. To save running configuration use copy running-config startup-config from privileged EXEC mode commands.
To return in privileged exec mode from global configuration mode or element specific configuration mode we have three commands.
- Ctrl + Z ( Press CTRL key with Z Key)
- exit
- end
Ctrl+Z key combination will works in all mode. But it has a drawback, if you pressed Ctrl+Z at the end of a command line in which a valid command has been typed, that command will be added in the running configuration file.
exit command only works in global configuration mode.
end command is the safest way to exit from global configuration mode or interface specific mode. It will always take you back in privileged EXEC mode regardless of which configuration mode or configuration submode you are in.
Interface configuration mode
Interface configuration mode is used to configure interface related settings. Many settings are enabled on a per-interface basis like as serial port, Ethernet. Interface configuration commands affect interface related settings, such as enable or disable interface, bandwidth, clock rate etc. To configure or change these setting, you need to enter in interface specific mode. To access interface configuration mode use following command.
Router(config)# interface type number
For example, to configure first serial port on 1841 series router we would use following command
Router(config)#interface serial 0/0/0
Sub Interface Configuration Mode
If interface supports virtualization, than sub interface mode is used to configure the virtual interface. From sub interface configuration mode you can configure multiple virtual interfaces known as sub interface on a single physical interface. On router usually virtual interfaces are used for wan connection such as Frame Relay. Frame Relay connection supports multiple point-to-point links known as PVC ( Permanent virtual circuits). PVC can be combined under the separate sub interfaces those are configured on a single physical interface. Another example of sub interface is VLAN communication, where we create sub interface on physical FastEthernet port for each VLAN. To access sub interface configuration mode run following command from interface configuration mode.
Router(config-if)# interface type number
In above example fastethernet 0/0.1 is the virtual interface ( sub interface ) of physical interface fastethernet 0/0.
Setup Mode
At the end of booting process, router try to locate running configuration. If it finds the configuration, it would load that. If it fails to find valid configuration, it would initiate the setup mode. In Setup Mode router will ask you questions about the initial setting in a sequence for basic configuration values. Depending on answers provided by you, router will automatically build initial configuration.
Router will enter in setup mode only if it does not find the valid configuration.
ROMMON Mode
During the boot process router loads IOS image in RAM. If it does not find a valid IOS image, it would enter in ROMMON mode. You can manually enter in this mode by interrupting boot sequence during the startup. This mode is used for diagnostic purpose. By default router does not enter in this mode unless it completely fail to locate the IOS image. To manually enter in this mode, execute reload command from privileged exec mode and then press CTRL + C key combination during the first 60 seconds of startup.
Cisco IOS mode cheat sheet
| Mode | Purpose | Prompt | Command to enter | Command to exit |
| User EXEC | Allow you to connect with remote devices, perform basic tests, temporary change terminal setting, list system information | Router > | Default mode after booting. Login with password, if configured. | Use exit command |
| Privileged EXEC | Allow you to set operating parameters. It also includes high level testing and list commands like show, copy, debug. | Router # | Use enable command from user exec mode | Use exit command |
| Global Configuration | Contain commands those affect the entire system | Router(config)# | Use configure terminal command from privileged exec mode | Use exit command |
| Interface Configuration | Contain commands those modify the operation of an interface | Router(config-if)# | Use interface type number command from global configuration mode | Use exit command to return in global configuration mode |
| Sub-Interface Configuration | Configure or modify the virtual interface created from physical interface | Router(config-subif) | Use interface type sub interface number command from global configuration mode or interface configure mode | Use exit to return previous mode. Use end command to return in privileged exec mode. |
| Setup | Used by router to create initial configuration, if running configuration is not present | Parameter[Parameter value]: | Router will automatically insert in this mode if running configuration is not present | Press CTRL+C to abort. Type yes to save configuration, or no to exit without saving when asked in the end of setup. |
| ROMMON | If router automatically enter in this mode, than it indicate that it fails to locate a valid IOS image. Manual entrance in this mode Allow you to perform low-level diagnostics. | ROMMON> | Enter reload command from privileged exec mode. Press CTRL + C key combination during the first 60 seconds of booting process | Use exit command. |
- IOS commands are not case sensitive, you can enter them in uppercase, lowercase, or mixed case.
- Password is case sensitive. Make sure you type it in correct case.
- In any mode, you can obtain a list of commands available on that mode by entering a question mark(?).
- Standard order of accessing mode is
- User Exec mode => Privileged Exec mode => Global Configuration mode => Interface Configuration mode => Sub Interface Configuration mode
- Router will enter in setup mode only if it fails to load a valid running configuration.
- Router will enter in ROMMON mode only if it fails to load a valid IOS image file.
- You can manually enter in ROMMON mode for diagnostics purpose.
No comments:
Post a Comment