Answers: CLI Miscellany 1

certskills
By certskills August 3, 2016 09:10

This lab was pretty straightforward, but this answer post makes little sense without looking at the lab post first. Read the requirements, remember the command, get the syntax right, and move on. Answers below the fold.

Answers

Figure 1: Single Router Topology

 

Example 1: Router Config

 

Commentary

There are a number of different commands that are commonly used by almost all Cisco network engineers; this lab focuses on a few of these.

The first requirement asks for a command that can simplify the life of an engineer day to day: the no ip domain-lookup command. By default, a router will assume that any words that are entered at the CLI prompt that are not specific commands but are hostnames. Another default tells IOS to broadcast on the connected subnets looking for a DNS server to resolve names, with around a one-minute timeout waiting for a response. That combination of facts means that with default settings, if an engineer mistypes a command, they end up waiting for roughly a minute before IOS gives them another command prompt. The no ip domain-lookup command simply turns off name resolution on the router. (Note that it does not impact name resolution on the hosts in the network at all.) In lab, this command will become one of your habitual commands to add every time you set up a new lab device.

The next command basically asked you to add the logging synchronous subcommand to the console line. This command causes IOS to synchronize device messages, debug output and command output. With this command, you will have an easier time reading show command output at the console.

The third command is used to alter the amount of time that goes by before the connection between a device and a user will timeout, by default the timeout is set to 10 minutes; the command to configure this is exec-timeout minutes [seconds]. The line timeout is vital because in most environments users are required to login before they are allowed access to a device line. If a session is allowed to sit idle for a long amount of time, then it increases the likelihood that someone else could walk up and exploit the login. It is also a helpful command when using a lab environment (including VIRL), because it can be used to disable the timeout so you are not constantly kicked out while testing different configurations. For this lab the requirement was to alter the exec-timeout of the console to 5 minutes; the command to use would be exec-timeout 5 while inside console line configuration mode.

The fourth command is very common and is used to disable (or enable) an interface. The shutdown interface subcommand disables an interface, and the no shutdown interface subcommand enables an interface.

Answers: Extended Named ACLs 1
Dynamic NAT 1
certskills
By certskills August 3, 2016 09:10
Write a comment

4 Comments

  1. Lester March 3, 08:47

    Very good explanation below the commentary. Keep up the good work Mr. Odom.

    Reply to this comment
  2. Peter August 2, 16:30

    Is the command “no ip domain lookup” or “no ip domain-lookup”? Your post has both. Are they two different commands?

    Reply to this comment
  3. George March 12, 13:44

    Hello, you said not to use any commands that set default values, but you used exec-timeout 5. As far as I know its set by default to 5 minutes anyway

    Reply to this comment
View comments

Write a comment

Comment; Identify w/ Social Media or Email

Subscribe

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.

Search

Categories