Category: Configuration

read more see 7 comments

read more see 3 comments

If you have to troubleshoot routers with long configurations, you're probably as fed up with the slow response of the show running-config command as I am. Unfortunately, there's not much you can do; the running configuration is reverse-engineered from various memory variables every time you ask for it and that process simply takes time if you've configured many parameters.

IOS release 12.2(33)SRB has introduced a fantastic feature: router configuration partitioning. The early seeds of this idea are already present in mainstream IOS releases. For example, you can display the configuration of a single interface, all class-maps or all policy-maps. The configuration partitioning gives you the ability to display access-lists, route-maps, static routes, router configurations ...

Numerous comments to the "terminal exec prompt" post told me that it might be good to review the line/terminal configuration rules:

• If you want to configure a permanent line characteristic (for example, international), you should do so in the VTY configuration (see also how the VTY configurations are merged);
• If you want a temporary change in the characteristic of your current line (VTY or console), use terminal characteristic to enable it or terminal no characteristic to disable it.

Marcus Jensen asked me a very interesting question:

I want to send 3 lines of configuration to a remote router, but I know the first line will kill my connection. Can I save these 3 lines of code to a text file, and then issue a Tcl command to add those to the running config?

The solution is much simpler and does not have to involve Tcl at all. The copy something system:running-config command merges the configuration commands in the source file with the current running configuration.

You can store the configuration commands you want to execute in a local file (even in NVRAM) or you could execute them directly off a file server (using HTTP, FTP, TFTP or SCP protocol).

This article is part of You've asked for it series.

Someone has sent me an interesting question a while ago: he's changed the configuration of a single VTY line and got three blocks of VTY configuration commands, similar to this:

line vty 0 2
 login
line vty 3
 password secret
 login
line vty 4
 login

He wanted to merge the three configuration blocks back into a single one but somehow didn't know how to do it.

To realize what's going on, you have to understand how the IOS generates line configurations. It takes the first line (VTY 0, for example) and generates its configuration. If the next line (VTY 1) has exactly the same configuration, the range of numbers is expanded (becoming VTY 0 1) and so forth until the pool of similar lines is exhausted or a line is found that has at least one parameter different from the starting one, in which case a new block is started. That's why the sample configuration has three blocks (0-2, 3 and 4) even though the first and the third block are identical.

However, if you change the offending parameter, the VTY lines will have identical configurations and will be automatically merged. If you want to be on the safe side, you should change the parameter for all lines, for example:

line vty 0 4
 login
 password secret

Note: This article is part of You've asked for it series.

One of the most tedious tasks in the initial lab setup (at least for me) is the IP address configuration, which usually includes a number of typos and mixups on the WAN links. You can simplify then WAN address configuration if you configure only one end of the WAN link and let PPP do the rest. For example, you could use the following configuration to configure WAN link on your core router …

hostname Core-2
!
interface Serial1/0
 description link to POP
 ip address 10.0.2.1 255.255.255.252
 encapsulation ppp
 peer default ip address 10.0.2.2

… and use IPCP negotiation on the POP router to pick up the WAN IP address:

hostname POP
!
interface Serial1/0
 description link to Core-1
 ip address negotiated
 encapsulation ppp

You should not configure no peer neighbor-route on the router that gets dynamic IP address, as the subnet mask is not assigned with IPCP; you need the IPCP-generated host routes if you want to do hop-by-hop telnet between the routers.

Every now and then, EEM applets fail to recognize a new configuration prompt generated by the router and abort due to timeout (or hang-up forever if you're using IOS release prior to 12.4(15)T). You can use the new pattern keyword of the action cli configuration command to fix the bug.

Were you ever in a situation where a file that would have to be on the router was sitting on your laptop, but you couldn't store it into the router's flash across the Telnet session or through the console port?

If the file in question is a text file, and the router supports Tcl shell, _danshtr_ documented an interesting trick: you create the file in Tclsh interpreter, cut-and-paste the text through the telnet session into a Tcl string and write the string to the file. If you want to have a more cryptic solution here it is:

• Start tclsh;
• Enter puts [open "flash:filename" w+] {. Do not hit the ENTER key at the end of the line
• Copy-paste the file contents. The contents should not include unmatched curly right brackets (every curly right bracket has to be preceded by a matching curly left bracket).
• After the file contents have been pasted, enter } and press ENTER.
• End the tclsh session with tclquit.

When two groups within Cisco needed time-based command execution in Cisco IOS, they (in a typical big-corporation fashion) decided to implement the same wheel from two different sets of spokes and rims. One group built the Embedded Event Manager with its event timer cron command (introduced in 12.2(25)S and 12.3(14)T), the other group created the more limited kron command set (introduced in 12.3(1)).