|
|
This chapter describes how to load system images, microcode images, and configuration files. The system images contain the system software, and the configuration files contain commands entered to customize the function of the router. Microcode images contain microcode to be downloaded to various hardware devices. The instructions in this chapter describe how to copy system images from routers to network servers (and vice versa), display and compare different configuration files, and list the system software version running on the router.
This chapter also describes the AutoInstall procedure, which you can use to automatically configure and enable a new router upon startup.
For a complete description of the commands mentioned in this chapter, refer to the "System Image, Microcode Image, and Configuration File Load Commands" chapter in the Router Products Command Reference publication.
Note You also can use the setup command and its interactive prompts to create a basic configuration file. See the Router Products Getting Started Guide for more information.
With Cisco IOS Release 10.3(3), you can use Flash memory cards in the Personal Computer Memory Card International Association (PCMCIA) Flash memory card slots on your Cisco 7500 series. The Cisco 7500 series Route Switch Processor (RSP) card contains two PCMCIA slots.
These Flash memory cards can store executable images and configuration files. The router can now boot images and load configuration files from Flash memory cards as well as from internal flash (or "bootflash" on the Cisco 7500 series), NVRAM, and the network.
Because the Cisco 7500 series can boot images and load configuration files from several locations, it uses special ROM monitor environment variables to specify the location and filename of images and configuration files that the router is to use for various functions. These special environment variables are as follows:
The BOOT environment variable specifies a list of bootable images on various devices. For the Cisco 7500 series, valid devices are internal flash (bootflash:), the first PCMCIA slot (slot0:), the second PCMCIA slot (slot1:), and tftp. Once you save the BOOT environment variable to your startup configuration, the router checks the variable upon startup to determine the device and filename of the image to boot.
The router tries to boot the first image in the BOOT environment variable list. If the router is unsuccessful at booting that image, it tries to boot the next image specified in the list. The router tries each image in the list until it successfully boots. If the router cannot boot any image in the BOOT environment variable list, then the router attempts to boot the rxboot image of the Cisco 7500 series.
If an entry in the BOOT environment variable list does not specify a device, the router assumes the device is tftp. If an entry in the BOOT environment variable list specifies an invalid device, the router skips that entry.
The BOOTLDR environment specifies the flash device and filename containing the rxboot image that the ROM monitor uses. For the Cisco 7500 series, valid devices are bootflash:, slot0:, and slot1:.
This environment variable allows you to have several rxboot images. Moreover, you can instruct the ROM monitor to use a specific rxboot image without having to switch out ROMs. Once you save the BOOTLDR environment variable to your startup configuration, the router checks the variable upon startup to determine which rxboot image to use.
The CONFIG_FILE environment variable specifies the device and filename of the configuration file to use for initialization (startup). For the Cisco 7500 series, valid devices are bootflash:, nvram:, slot0:, and slot1:. Once you save the CONFIG_FILE environment variable to your startup configuration, the router checks the variable upon startup to determine the location and filename of the configuration file to use for initialization.
The router uses the NVRAM configuration during initialization when the CONFIG_FILE environment variable does not exist or when it is null (such as at first-time startup). If the router detects a problem with NVRAM or the configuration it contains, the router enters setup mode. Refer to the Router Products Getting Started Guide for more information on the setup command facility.
Although the ROM monitor controls environment variables, you can create, modify, or view them with certain system image commands. To create or modify the BOOT, BOOTLDR, and CONFIG_FILE environment variables, use the boot system, boot bootldr, and boot config system image commands, respectively.
Note When you use these three global configuration commands, you affect only the running configuration. You must save the environment variable settings to your startup configuration to place the information under ROM monitor control and for the environment variables to function as expected. Use the copy running-config startup-config or write memory command to save the environment variables from your running configuration to your startup configuration.
You can view the contents of the BOOT, BOOTLDR, and the CONFIG_FILE environment variables by issuing the show boot command. This command displays the settings for these variables as they exist in the startup configuration as well as in the running configuration if a running configuration setting differs from a startup configuration setting.
Use the show configuration command to display the contents of the configuration file pointed to by the CONFIG_FILE environment variable.
For complete information on the commands presented in this section, refer to the Router Products Command Reference publication.
One of the first attempts to use the network as a resource in the UNIX community resulted in the design and implementation of the remote shell protocol, which included remote shell (rsh) and remote copy (rcp). Rsh and rcp give users the ability to execute commands remotely and copy files to and from a file system residing on a remote host or server on the network. Cisco's implementation of rsh and rcp will interoperate with standard implementations of rsh and rcp.
From the router, you can use rsh to execute commands on remote systems to which you have access. When you issue the rsh command, a shell is started on the remote system. The shell allows you to execute commands on the remote system without having to log into the target host.
In other words, you do not need to connect to the system or router and then disconnect after you execute a command if you use rsh. For example, you can use rsh to remotely look at the status of other routers without connecting to the target router, executing the command, and then disconnecting from the router. This is useful for looking at statistics on many different routers.
To gain access to a remote system running rsh, such as a UNIX host, there must be an entry in the system's .rhosts file or its equivalent identifying you as a trusted user who is authorized to execute commands remotely on the system. On UNIX systems, the .rhosts file identifies trusted users who can remotely execute commands on the system.
You can enable rsh support on a Cisco router to allow users on remote systems to execute commands on the router. However, our implementation of rsh does not support an .rhosts file. Instead, you configure a local authentication database to control access to the router by users attempting to execute commands remotely using rsh. A local authentication database is similar in concept and use to a UNIX .rhosts file. Each entry that you configure in the authentication database identifies the local user, the remote host, and the remote user.
The rcp copy commands rely on the rsh server (or daemon) on the remote system. To copy files using rcp, you do not need to create a server for file distribution, as you do with TFTP.You only need to have access to a server that supports rsh. (Most UNIX systems support rsh.) Because you are copying a file from one place to another, you must have read permission on the source file and write permission on the destination file. If the destination file does not exist, rcp creates it for you.
Although our rcp implementation emulates the behavior of the UNIX rcp implementation—copying files among systems on the network—our command syntax differs from the UNIX rcp command syntax. Our rcp support offers a set of copy commands that use rcp as the transport mechanism. These rcp copy commands are similar in style to our TFTP copy commands, but they offer an alternative that provides faster performance and reliable delivery of data. This is because the rcp transport mechanism is built on and uses the Transmission Control Protocol/Internet Protocol (TCP/IP) stack, which is connection oriented. You can use rcp commands to copy system images and configuration files from the router to a network server and vice versa.
You can also enable rcp support on the router to allow users on remote systems to copy files to and from the router.
You can perform the tasks in the following sections to load system images, microcode images, and configuration files.
This section provides information about AutoInstall, a procedure that allows you to configure a new router automatically and dynamically. The AutoInstall procedure involves connecting a new router to a network on which there is an existing preconfigured router, turning on the new router, and enabling it with a configuration file that is automatically downloaded from a Trivial File Transfer Protocol (TFTP) server.
The following sections provide the requirements for AutoInstall and an overview of how the procedure works. To start the procedure, go to "Perform the AutoInstall Procedure" later in this section.
For the AutoInstall procedure to work, your system must meet the following requirements:
Note Only Token Ring interfaces that set ring speed with physical jumpers will support AutoInstall. AutoInstall does not work with Token Ring interfaces for which the ring speed must be set using software configuration commands. If the ring speed is not set, the interface is set to shutdown mode.
frame-relay map ip 172.21.177.100 100 dlci
AutoInstall over Frame Relay and over other WAN encapsulations support downloading configuration files from UNIX-based and DOS-based TFTP servers. Other booting mechanisms such as RARP and SLARP also support UNIX-based and DOS-based TFTP servers.
The DOS format of the UNIX network-confg file that must reside on the server must be eight characters or less, with a three-letter extension. Therefore, when an attempt to load network-confg fails, AutoInstall automatically attempts to download cisconet.cfg from the TFTP server.
If cisconet.cfg exists and a download succeeds, then the server is assumed to be a DOS machine. The AutoInstall program will then attempt to resolve the host name for the router through host commands in cisconet.cfg.
If cisconet.cfg does not exist or cannot be downloaded, or the program is unable to resolve a host name, DNS will attempt to resolve the host name of the router. If it is unable to resolve the host name through DNS, the router will attempt to download ciscortr.cfg. If the host name is longer than eight characters, it will get truncated to eight characters. For example, a router with a host name "australia" will be treated as "australi" and an attempt will be made to download australi.cfg.
The format of cisconet.cfg and ciscortr.cfg are to be the same as those described for network-confg and hostname-confg.
If neither network-confg nor cisconet.cfg exist and DNS is unable to resolve the host name, the program will attempt to load router-confg, and then ciscortr.cfg if router-confg does not exist or cannot be downloaded. The cycle is repeated three times.
Once the requirements for using AutoInstall are met, the dynamic configuration of the new router occurs in the following order:
1. The new router acquires its IP address. Depending upon the interface connection between the two routers, the new router's IP address is dynamically resolved by either SLARP requests or BOOTP or RARP requests.
2. The new router resolves its name either through network-confg or cisconet.cfg or through DNS.
3. The new router automatically requests and downloads its configuration file from a TFTP server.
4. If a host name is not resolved, the newrouter will attempt to load router-confg or ciscortr.cfg.
The new router (newrouter) resolves its interface's IP addresses by one of the following means:
The existing router (existing) responds in one of the following ways depending upon the request type:
A BOOTP or RARP server must have already been set up to map newrouter's MAC address to its IP address. If the BOOTP server does not reside on the directly attached network segment, routers between newrouter and the BOOTP server can be configured using the ip helper-address command to allow the request and response to be forwarded between segments, as shown in Figure 3-2.
AutoInstall over Frame Relay is a special case in which BOOTP is used but the existing router acts as a BOOTP server and responds to the incoming BOOTP request. Only a helper address and a Frame Relay map need to be set up. There is no need for a MAC-to-IP address map on the existing router.
As of Software Release 9.21, routers can be configured to act as RARP servers.
As soon as one interface resolves its IP address, the router will attempt to resolve its host name. Therefore, only one IP address needs to be set up using SLARP, BOOTP, or RARP.
The new router resolves its IP address-to-host name mapping by sending a TFTP broadcast requesting the file network-confg, as shown in Figure 3-3.
The network-confg file is a configuration file generally shared by several routers. In this case, it is used to map the IP address of the new router just obtained dynamically to the name of the new router. The file network-confg must reside on a reachable TFTP server and must be globally readable.
The following is an example of a minimal network-confg file that maps the IP address of the new router (131.108.10.2) to the name newrouter. The address of the new router was learned via SLARP and is based on existing's IP address of 131.108.10.1.
If you are not using AutoInstall over Frame Relay, the host portion of the address must be 1 or 2. AutoInstall over Frame Relay does not have this addressing constraint.
If newrouter does not receive a network-confg file, or if the IP address-to-host-name mapping does not match the newly acquired IP address, newrouter sends a DNS broadcast. If DNS is configured and has an entry that maps newrouter's SLARP, BOOTP, or RARP-acquired IP address to its name, newrouter successfully resolves its name.
If DNS does not have an entry that maps the new router's SLARP, BOOTP, or RARP-acquired address to its name, the new router cannot resolve its host name. The new router attempts to download a default configuration file as described in the next section, and failing that, enters setup mode (except with AutoInstall over Frame Relay, in which case the router enters user EXEC mode).
After the router successfully resolves its host name, newrouter sends a TFTP broadcast requesting the file newrouter-confg. The name newrouter-confg must be in all lowercase, even if the true host name is not. If newrouter cannot resolve its host name, it sends a TFTP broadcast requesting the default host configuration file router-confg. The file is downloaded to newrouter, where the configuration commands take effect immediately.
When using AutoInstall over Frame Relay, you are put into setup mode while the AutoInstall process is running. If the configuration file is successfully installed, the setup process is terminated. If you expect the AutoInstall process to be successful, either do not respond to the setup prompts or respond to the prompts as follows:
If you do not expect the AutoInstall process to be successful, create a configuration file by responding to the setup prompts. The AutoInstall process is terminated transparently.
You will see the following display as the AutoInstall operation is in progress:
If the host configuration file contains only the minimal information, you must Telnet into existing, from there Telnet to newrouter, and then run the setup command to configure newrouter. Refer to the Router Products Getting Started Guide for details on the setup command.
If the host configuration file is complete, newrouter should be fully operational. You can enter the enable command (with the system administrator password) at the system prompt on newrouter, and then issue the write memory command to save the information in the recently obtained configuration file into nonvolatile random-access memory (NVRAM) or the location specified by the CONFIG_FILE environment variable. If a reload occurs, newrouter simply loads its configuration file from NVRAM.
If the TFTP request fails, or if newrouter still has not obtained the IP addresses of all its interfaces, and those addresses are not contained in the host configuration file, then newrouter enters setup mode automatically. Setup mode prompts for manual configuration of the router via the console. The new router continues to issue broadcasts to attempt to learn its host name and obtain any unresolved interface addresses. The broadcast frequency will dwindle to every ten minutes after several attempts. Refer to the Router Products Getting Started Guide for details on the setup command.
To dynamically configure a new router using AutoInstall, complete the following tasks. Steps 1, 2, and 3 are completed by the central administrator. Step 4 is completed by the person at the remote site.
Step 2 Set up the TFTP server to support the AutoInstall procedure.
Step 3 Set up the BOOTP or RARP server if needed. A BOOTP or RARP server is required for AutoInstall using an Ethernet, Token Ring, FDDI, or Frame Relay-encapsulated serial interface. With a Frame Relay-encapsulated serial interface, the existing router acts as the BOOTP server. A BOOTP or RARP server is not required for AutoInstall using an HDLC-encapsulated serial interface.
Step 4 Connect the new router to the network.
You can use any of the following types of interface:
To set up AutoInstall via a serial line with HDLC encapsulation (the default), you must configure the existing router. Perform the following steps, beginning in global configuration mode:
| 1This command and the clock rate command are documented in the "Interface Commands" chapter in the Router Products Command Reference publication.
2This command and the ip helper-address command are documented in the "IP Commands" chapter in the Router Products Command Reference publication. |
In the following example, the existing router's configuration file contains the commands needed to configure the router for AutoInstall on a serial line using HDLC encapsulation:
To set up AutoInstall using an Ethernet, Token Ring, or FDDI interface, you must modify the configuration of the existing router. Perform the following steps, beginning in global configuration mode.
| 1This command is documented in the "Interface Commands" chapter in the Router Products Command Reference publication.
2This command and the ip helper-address command are documented in the "IP Commands" chapter in the Router Products Command Reference publication. |
Typically, the LAN interface and IP address are already configured on the existing router. You might need to configure an IP helper address if the TFTP server is not on the same network as the new router.
In the following example, the existing router's configuration file contains the commands needed to configure the router for AutoInstall on an Ethernet interface:
To set up AutoInstall via a serial line with Frame Relay encapsulation, you must configure the existing router. Perform the following tasks, beginning in global configuration mode:
| Task | Command |
|---|---|
| Step 1. Configure the serial interface that connects to the new router and enter interface configuration mode. | |
| Step 2. Configure Frame Relay encapsulation on the interface that connects to the new router. | |
| Step 3. Create a Frame Relay map pointing back to the new router.
For point-to-point subinterfaces, assign a data link connection identifier (DLCI) to the interface that connects to the new router, and provide the IP address of the serial port on the new router. |
frame-relay map ip ip-address dlci2 frame-relay interface-dlci dlci option [protocol ip ip-address]2 |
| Step 4. Enter an IP address for the interface. This step sets the IP address of the existing router. | |
| Step 5. Configure a helper address for the TFTP server. | |
| Step 6. Optionally, configure a DCE clock rate for the serial line, unless an external clock is being used. This step is needed only for DCE appliques. | |
| Step 7. Exit configuration mode. | |
| Step 8. Save the configuration changes to your startup configuration. On most platforms, this step saves the configuration to NVRAM. On the Cisco 7500 series, this step saves the configuration to the location specified by the CONFIG_FILE environment variable. |
| 1This command, the encapsulation command, and the clock rate command are documented in the "Interface Commands" chapter in the Router Products Command Reference publication.
2This command is documented in the "Frame Relay Commands" chapter in the Router Products Command Reference publication. 3This command and the ip helper-address command are documented in the "IP Commands" chapter in the Router Products Command Reference publication. |
You must use a DTE interface on the new router because the network will always provide the clock signal.
In the following example, the existing router's configuration file contains the commands needed to configure the router for Frame Relay AutoInstall on a serial line:
For AutoInstall to work correctly, the new router must be able to resolve its host name and then download a name-confg or name.cfg file from a TFTP server. The new router can resolve its host name by using a network-confg or cisconet.cfg file downloaded from a TFTP server or by using the DNS.
To set up a TFTP server to support AutoInstall, complete the following tasks. Step 2 includes two ways to resolve the new router's host name. Use the first method if you want to use a network-config file to resolve the new router's host name. Use the second method if you want to use the DNS to resolve the new router's host name.
| 1This command is documented in the "IP Commands" chapter in the Router Products Command Reference publication. |
The name-confg or the name.cfg file can contain either the new router's full configuration or a minimal configuration.
The minimal configuration file consists of a virtual terminal password and an enable password. It allows an administrator to Telnet into the new router to configure it. If you are using BOOTP or RARP to resolve the address of the new router, the minimal configuration file must also include the IP address to be obtained dynamically using BOOTP or RARP.
You can use the write network command to help you generate the configuration file that you will download during the AutoInstall process.
Note The existing router might need to forward TFTP requests and response packets if the TFTP server is not on the same network segment as the new router. When you modified the existing router's configuration, you specified an IP helper address for this purpose.
You can save a minimal configuration under a generic newrouter-confg file. Use the ip host command in the network-confg or cisconet.cfg file to specify newrouter as the host name with the address you will be dynamically resolving. The new router should then resolve its IP address, host name and minimal configuration automatically. Use Telnet to connect to the new router from the existing router and use the setup facility to configure the rest of the interfaces. For example, the line in the network-confg or cisconet.cfg file could be similar to the following:
The following host configuration file contains the minimal set of commands needed for AutoInstall using SLARP or BOOTP:
The preceding example shows a minimal configuration for connecting from a router one hop away. From this configuration, use the setup facility to configure the rest of the interfaces. If the router is more than one hop away, you also must include routing information in the minimal configuration.
The following minimal network configuration file maps the new router's IP address, 131.108.10.2, to the host name newrouter. The new router's address was learned via SLARP and is based on the existing router's IP address of 131.108.10.1.
If the new router is connected to the existing router using an Ethernet, Token Ring, or FDDI interface, you must configure a BOOTP or RARP server to map the new router's MAC address to its IP address. If the new router is connected to the existing router using a serial line with HDLC encapsulation or if you are configuring AutoInstall over Frame Relay, the tasks in this section are not required.
To configure a BOOTP or RARP server, complete one of the following tasks:
Note If the RARP server is not on the same subnet as the new router, use the ip rarp-server command to configure the existing router to act as a RARP server. See the section "Configure a Router as a RARP Server" in the "Loading System Images, Microcode Images, and Configuration Files" chapter of this manual.
The following host configuration file contains the minimal set of commands needed for AutoInstall using RARP. It includes the IP address that will be obtained dynamically via BOOTP or RARP during the AutoInstall process. When RARP is used, this extra information is needed to specify the proper netmask for the interface.
Connect the new router to the network using either an HDLC-encapsulated or Frame Relay-encapsulated serial interface or an Ethernet, Token Ring, or FDDI interface. After the router successfully resolves its host name, newrouter sends a TFTP broadcast requesting the file name-confg or name.cfg. The router name must be in all lowercase, even if the true host name is not. The file is downloaded to the new router where the configuration commands take effect immediately. If the configuration file is complete, the new router should be fully operational. To save the complete configuration to NVRAM, complete the following tasks in privileged EXEC mode:
| 1This command is documented in the "User Interface Commands" chapter in the Router Products Command Reference publication. |
 | Caution Verify that the existing and new routers are connected before entering the write memory EXEC command to save configuration changes. Use the ping EXEC command to verify connectivity. If an incorrect configuration file is downloaded, the new router will load NVRAM configuration information before it can enter AutoInstall mode. |
If the configuration file is a minimal configuration file, the new router comes up, but with only one interface operational. Complete the following steps to connect to the new router and configure it:
| 1This command and the enable command are documented in the "User Interface Commands" chapter in the Router Products Command Reference publication.
2This command is documented in the Router Products Getting Started Guide. |
On the Cisco 7500 series, you must format a new Flash memory card before using it in a PCMCIA slot. You can also format internal Flash memory (bootflash).
Flash memory cards have sectors that can fail. You can reserve certain Flash memory sectors as "spares" for use when other sectors fail. Use the format command to specify between 0 and 16 sectors as spares. If you reserve a small number of spare sectors for emergencies, you do not waste space because you can use most of the Flash memory card. If you specify zero spare sectors and some sectors fail, you must reformat the Flash memory card and thereby erase all existing data.
The system requires a monlib file for the format operation. The monlib file is the ROM monitor library. The ROM monitor uses the monlib file to access files in the Flash file system.
 | Caution The following formatting procedure erases all information in Flash memory. To prevent the loss of important data, proceed carefully. |
Use the following procedure to format Flash memory. If you are formatting bootflash, you can skip the first step. If you are formatting a Flash memory card, complete both steps.
Step 2 Format Flash memory.
To format Flash memory, complete the following task in EXEC mode:
The following example shows the format command that formats a Flash memory card inserted in slot 0 of a Route Switch Processor (RSP) card on a Cisco 7500 series.
When the router returns you to the EXEC prompt, the new Flash memory card is successfully formatted and ready for use.
You also format a Flash memory card to recover from locked blocks. A locked block of Flash memory occurs when power is lost or a Flash memory card is unplugged during a write or erase operation. When a block of Flash memory is locked, it cannot be written to or erased, and the operation will consistently fail at a particular block location. The only way to recover from locked blocks is to reformat the Flash memory card with the format command.
 | Caution Formatting a Flash memory card to recover from locked blocks will cause existing data to be lost. |
To enter configuration mode, enter the EXEC command configure at the privileged-level EXEC prompt. The router responds with the following prompt asking you to specify the terminal, NVRAM (memory), or a file stored on a network server (network) as the source of configuration commands:
Each of these three methods is described in the next three sections.
The router accepts one configuration command per line. You can enter as many configuration commands as you want.
You can add comments to a configuration file describing the commands you have entered. Precede a comment with an exclamation point (!). Comments are not stored in NVRAM or in the active copy of the configuration file. In other words, comments do not show up when you list the active configuration with the write terminal EXEC command or list the configuration in NVRAM with the show configuration EXEC command. Comments are stripped from the configuration file when it is loaded to the router. However, you can list the comments in configuration files stored on a TFTP or Maintenance Operation Protocol (MOP) server.
To configure the router from the terminal, complete the following tasks:
In the following example, the router is configured from the terminal. The comment "The following command provides the router host name" identifies the purpose of the next command line. The hostname command changes the router name from router1 to router2. By pressing ^Z, the user quits configuration mode. The command write memory loads the configuration changes into NVRAM.
NVRAM stores the current configuration information in text format as configuration commands, recording only nondefault settings. The memory is checksummed to guard against corrupted data.
As part of its startup sequence, the router startup software always checks for configuration information in NVRAM. If NVRAM holds valid configuration commands, the router executes the commands automatically at startup. If the router detects a problem with the NVRAM or the configuration it contains, it enters setup mode and prompts for configuration. Problems can include a bad checksum for the information in NVRAM or the absence of critical configuration information. See the publication Troubleshooting Internetworking Systems for troubleshooting procedures. See the Router Products Getting Started Guide for details on setup information.
On the Cisco 7500 series, the router startup software uses the configuration pointed to by the CONFIG_FILE environment variable to start up. When the CONFIG_FILE environment variable does not exist or is null (such as at first-time startup), the router uses NVRAM as the default startup device. When the router uses NVRAM to start up and the system detects a problem with NVRAM or the configuration it contains, the router enters setup mode. Refer to the Router Products Getting Started Guide for more information on the setup command facility. For more information on environment variables, refer to the "Cisco's Implementation of Environment Variables" section in this chapter.
On all platforms except the Cisco 7500 series, you can configure the router to execute the commands located in NVRAM. On the Cisco 7500 series, the same command configures the router to execute the configuration specified by the CONFIG_FILE environment variable.
To configure the router to execute the commands located in NVRAM or to execute the configuration specified by the CONFIG_FILE environment variable, complete the following task in privileged EXEC mode:
You can configure the router from the network by copying a configuration from a network server to your running or startup configuration. The following two sections explain these tasks.
You can configure the router by retrieving and modifying the configuration file stored on one of your network servers. To do so, complete the following tasks:
In the following example, the router is configured from the file tokyo-config at IP address 131.108.2.155:
You can copy a configuration file directly to your startup configuration without affecting the running configuration. On all platforms except the Cisco 7500 series, this task loads a configuration file directly into NVRAM without affecting the running configuration.
On the Cisco 7500 series, this task loads a configuration file directly into the location specified by the CONFIG_FILE environment variable without affecting the running configuration. If the CONFIG_FILE environment variable specifies NVRAM, the command functions as on all other platforms.
To copy a configuration file directly to the startup configuration, perform the following task in EXEC mode:
| Task | Command |
|---|---|
Load a configuration file directly into NVRAM or directly into the location specified by the CONFIG_FILE environment variable. |
The configuration register boot field determines whether or not the router loads an operating system image, and if so, where it obtains this system image. The following sections describe the router's process for using the configuration register boot field, your process for setting this field, and the tasks you must perform to modify the configuration register boot field.
The lowest four bits of the 16-bit configuration register (bits 3, 2, 1, and 0) form the boot field. The following boot field values determine if the router loads an operating system and where the router obtains the system image:
When loading a default system image from a network server, the router uses the configuration register settings to determine the default system image filename for booting from a network server. The router forms the default boot filename by starting with the word cisco and then appending the octal equivalent of the boot field number in the configuration register, followed by a hyphen (-) and the processor type name (cisconn-cpu). See the appropriate hardware installation guide for details on the configuration register and default filename.
You must correctly set the configuration register boot field to ensure that your router loads the operating system image as you intend. To set the boot field, follow this general procedure:
Step 2 Modify the current configuration register setting to reflect the way in which you want the router to load a system image. To do so, change the least significant hexadecimal digit to one of the following:
For example, if the current configuration register setting is 0x101 and you want to load a system image from boot system commands in the startup configuration file, you would change the configuration register setting to 0x102.
Step 3 Reboot the router to make your changes to the configuration register take effect.
You modify the boot field from either the hardware configuration register or the software configuration register, depending on the platform.
Use the hardware configuration register to modify the boot field of a
The hardware configuration register can be changed only on the processor card or with dual in-line package (DIP) switches located at the back of the router. For information on modifying the hardware configuration register, refer to the appropriate hardware installation guide.
Use the software configuration register to modify the boot field of a
To modify the software configuration register boot field, complete the following tasks:
Use the show version EXEC command to list the current configuration register setting. In ROM monitor mode, use the o command to list the value of the boot field in the configuration register.
In the following example, the show version command indicates that the current configuration register is set so that the router does not automatically load an operating system image. Instead, it enters ROM monitor mode and waits for user-entered ROM monitor commands. The new setting instructs the router to a load a system image from commands in the startup configuration file or from a default system image stored on a network server.
You can enter multiple boot commands in the NVRAM configuration or in the BOOT environment variable to provide backup methods for loading a system image onto the router. There are three ways to load a system image:
You can enter the different types of boot commands in any order in the NVRAM configuration or in the BOOT environment variable. If you enter multiple boot commands, the router tries them in the order they are entered.
Use the following sections to configure your Cisco 2500 series, Cisco 3000 series, Cisco 4000 series, Cisco 7000 series, Cisco 7500 series, AccessPro PC card, and AGS+ to boot from Flash memory. Depending on the hardware platform, Flash memory might be available as EPROMs, single in-line memory modules (SIMMs), or Flash memory cards. Check the appropriate hardware installation and maintenance guide for information about types of Flash memory available on a specific platform.
In the Cisco 7000 series, Flash memory is located on the Route Processor (RP) card. In the Cisco 7500 series, Flash memory is located on the RSP card or on a Flash memory card inserted in one of the PCMCIA slots (slot 0 or slot 1) of the RSP card. You can store or boot software images in Flash memory as necessary. Flash memory can reduce the effects of network failure by reducing dependency on files that can only be accessed over the network.
Note Booting from ROM is faster than booting from Flash memory. However, if you are booting from a network server, Flash memory is faster and more reliable.
Flash memory allows you to do the following:
Flash memory features include the following:
Take the following precautions when loading from Flash memory:
To configure your Cisco 2500, Cisco 3000 series, Cisco 4000 series, Cisco 7000 series, AccessPro, and AGS+ systems to boot from Flash memory, follow this general procedure. Refer to the appropriate hardware installation and maintenance publication for complete instructions on installing the hardware and for information about the jumper settings required for your configuration.
Step 2 On the Cisco 2500, Cisco 3000, and AccessPro, if you ran the image from boot ROMs, reload the system image.
Step 3 Copy a system image to Flash memory using TFTP or rcp. See the "Copy System Images from a Network Server to Flash Memory Using TFTP" or "Copy System Images from Flash Memory to a Network Server Using rcp" section for more information on performing this step.
Step 4 Configure the system to automatically boot from the desired file in Flash memory. You might need to change the configuration register value. See the "Modify the Configuration Register Boot Field" section for more information on the modifying configuration register.
Step 5 Save your configurations.
Step 6 Power-cycle and reboot your system to ensure that all is working as expected.
To configure your Cisco 4500 router to boot from Flash memory using a bootstrap image, follow this general procedure:
Step 2 Configure your system to automatically boot from Flash memory. You might need to change the configuration register value. See the "Modify the Configuration Register Boot Field" section for more information on modifying the configuration register.
Step 3 Save your configurations.
Step 4 Reboot your system to ensure that all is working as expected.
For the Cisco 7500 series, the configuration process is similar to the previous two processes, except you can specify the Flash device that contains the rxboot image. When you receive your the Cisco 7500 series router, bootflash contains the rxboot image. You can change the location of this image to a Flash memory card inserted in a PCMCIA slot. To specify the rxboot image Flash device, you set the BOOTLDR environment variable.
Note When no BOOTLDR environment variable exists, the default rxboot image on the Cisco 7500 series is the first image file in bootflash.
The Cisco 7500 series configuration process is as follows:
Step 2 Optionally, use rcp or TFTP to update the system image that resides in bootflash or on one of the Flash memory cards inserted in a PCMCIA slot. Performing this step allows you to update a degraded system image with one that is not degraded.
Step 3 Configure your system to automatically boot from the desired file in Flash memory. You might need to change the configuration register value. See the "Modify the Configuration Register Boot Field" section for more information on modifying the configuration register.
Step 4 Save your configurations.
Step 5 Power-cycle and reboot your system to ensure that all is working as expected.
Flash memory configuration tasks discussed in this section include the following:
To set the BOOTLDR environment variable on your Cisco 7500 series router, perform the following tasks, beginning in privileged EXEC mode:
The following example sets the BOOTLDR environment variable to change the location of the rxboot image from internal Flash to slot 0.
To configure a router (including the AGS+, Cisco 3000 series, Cisco 4000 series, Cisco 7000 series, and Cisco 7500 series systems) to automatically boot from an image in Flash memory, perform the following tasks:
| 1Refer to the "Modify the Configuration Register Boot Field" section for more information on systems that can use this command to modify the software configuration register. |
If you enter more than one image filename, the router tries them in the order entered.
If a filename already appears in the configuration file and you want to specify a new filename, remove the existing filename with the no boot system flash filename command.
Note The no boot system configuration command disables all boot system configuration commands regardless of argument. Specifying the flash keyword or the filename argument with the no boot system command disables only the commands specified by these arguments.
The following example shows how to configure the router to automatically boot from an image in Flash memory:
You can configure the router to load a system image from a network server using TFTP, rcp, or MOP to copy the system image file.
To do this, the configuration register boot field must be set to the correct value. See the "Modify the Configuration Register Boot Field" section. Use the show version command to list the current configuration register setting.
If you do not boot from a network server using MOP and you omit both the tftp and the rcp keywords, by default the system image that you specify is booted from a network server using TFTP.
Note If you are using a Sun workstation as a network server and TFTP to transfer the file, set up the workstation to enable verification and generation of UDP checksums. See the Sun documentation for details.
For increased performance and reliability, boot from a system image from a network server using rcp. The rcp implementation uses the Transmission Control Protocol (TCP), which ensures reliable delivery of data. If you boot the router from a network server using rcp, the router software searches for the system image on the server relative to the directory of the remote username, if the remote server has a directory structure, for example, as do UNIX systems.You cannot explicitly specify a remote username when you issue the boot command. Instead, the host name configured for the router is used.
You can also boot from a compressed image on a network server. One reason to use a compressed image is to ensure that there is enough memory available for storage. On routers that do not contain a run-from-ROM image in EPROM, when the router boots software from a network server, the image being booted and the running image both must fit into memory. If the running image is large, there might not be room in memory for the image being booted from the network server.
If there is not enough room in memory to boot a regular image from a network server, you can produce a compressed software image on any UNIX platform using the compress command. Refer to your UNIX platform's documentation for the exact usage of the compress command.
To specify the loading of a system image from a network server, complete the following tasks:
| 1Refer to the "Modify the Configuration Register Boot Field" section for more information on systems that can use this command to modify the software configuration register. |
In the following example, the router is configured to use rcp to netboot from the testme5.tester system image file on a network server at IP address 131.108.0.1:
To specify the use of the ROM system image as a backup to other boot instructions in the configuration file, complete the following tasks:
| 1Refer to the "Modify the Configuration Register Boot Field" section for more information on systems that can use this command to modify the software configuration register. |
In the following example, the router is configured to boot from ROM:
Occasionally network failures make booting from a network server impossible. To lessen the effects of network failure, consider the following booting strategy. After Flash is installed and configured, you might want to configure the router to boot in the following order:
2. Boot an image from a system file on a network server.
This boot order provides the most fault-tolerant booting strategy. Perform the following tasks to allow the router to boot first from Flash, then from a system file from a network server, and finally from ROM:
| 1Refer to the "Modify the Configuration Register Boot Field" section for more information on systems that can use this command to modify the software configuration register. |
The following example illustrates the order of the commands needed to implement this strategy. In the example, the router is configured to first boot an internal Flash image called gsxx. Should that image fail, the router will boot the configuration file gsxx from a network server. If that method should fail, then the system will boot from ROM.
Using this strategy, a router has three alternative sources from which to boot. These alternative sources help lessen the negative effects of a failure on network or file server from which the system image is copied.
Configuration files can be stored on network servers. You can configure the router to automatically request and receive two configuration files from the network server:
The first file the server attempts to load is the network configuration file. This network configuration file contains information that is shared among several routers. For example, it can be used to provide mapping between IP addresses and host names.
The second file the server attempts to load is the host configuration file. This file contains commands that apply to one router in particular. Both the network and host configuration files must reside on a network server reachable using TFTP, rcp, or MOP, and must be readable.
You can specify an ordered list of network configuration and host configuration filenames. The router scans this list until it successfully loads the appropriate network or host configuration file.
In addition to storing configuration files on a network servers, with the Cisco 7500 series, you can store configuration files in NVRAM and on Flash memory cards. The CONFIG_FILE environment variable specifies the device and filename of the configuration file to use during initialization. For more information on environment variables, refer to the "Cisco's Implementation of Environment Variables" section in this chapter.
You can set the CONFIG_FILE environment variable to specify the startup configuration on a Cisco 7500 series.
To configure the router to download a network configuration file from a server upon restart, complete the following tasks:
For step 2, if you do not specify a network configuration filename, the router uses the default filename network-confg. If you omit both the tftp and the rcp keywords, the router assumes that the you are using TFTP to transfer the file and that the server whose IP address you specify supports TFTP.
If you configure the router to download the network configuration file from a network server using rcp and the server has a directory structure as do UNIX systems, the router software searches for the system image on the server relative to the directory of the remote username. The router host name is used as the remote username.
You can specify more than one network configuration file. The router tries them in order until it loads one successfully. This procedure can be useful for keeping files with different configuration information loaded on a network server.
To configure the router to download a host configuration file from a server upon restart, complete the following tasks. Step 2 is optional. If you do not specify a host configuration filename, the router uses its own name to form a host configuration filename by converting the router name to all lowercase letters, removing all domain information, and appending -confg. If no host name information is available, the router uses the default host configuration filename router-confg.
You can specify more than one host configuration file. The router tries them in order until it loads one successfully. This procedure can be useful for keeping files with different configuration information loaded on a network server.
In the following example, the router is configured to boot from the host configuration file hostfile1 and from the network configuration file networkfile1:
If the network server fails to load a configuration file during startup, it tries again every ten minutes (the default setting) until a host provides the requested files. With each failed attempt, the network server displays a message on the console terminal. If the network server is unable to load the specified file, it displays the following message:
Refer to the Troubleshooting Internetworking Systems publication for troubleshooting procedures. If there are any problems with the configuration file pointed to in NVRAM, or if the configuration register is set to ignore NVRAM, the router will enter the setup command facility. See the Router Products Getting Started Guide for details on the setup command.
In addition to loading startup configuration files from a server, on the Cisco 7500 series, you can configure the router to load a startup configuration file specified by the CONFIG_FILE environment variable. To do so, complete the following tasks, beginning in EXEC mode:
When saving the runtime CONFIG_FILE environment variable to the startup configuration, the router saves a complete version of the configuration file to the location specified by the CONFIG_FILE environment variable and a distilled version to NVRAM. A distilled version is one that does not contain access list information. If NVRAM contains a complete configuration file, the router prompts you to confirm your overwrite of the complete version with the distilled version. If NVRAM contains a distilled configuration, the router does not prompt you for confirmation and proceeds with overwriting the existing distilled configuration file in NVRAM.
The following example copies the running configuration file to the first PCMCIA slot of the RSP card in a Cisco 7500 series. This configuration is then used as the startup configuration when the system is restarted.
You may want to schedule a reload of the system image to occur on the router at a later time (for example, late at night or during the weekend when the router is used less), or you may want to synchronize a reload network-wide (for example, to perform a software upgrade on all routers in the network).
To configure the router to reload the Cisco IOS software at a later time, perform one of the following tasks in privileged EXEC command mode:
If you specify the month and day, the reload is scheduled to take place at the specified time and date. If you do not specify the month and day, the reload takes place at the specified time on the current day (if the specified time is later than the current time), or on the next day (if the specified time is earlier than the current time). Specifying 00:00 schedules the reload for midnight.
Note The at keyword can only be used if the system clock has been set on the router (either through NTP, the hardware calendar, or manually). The time is relative to the configured time zone on the router. To schedule reloads across several routers to occur simultaneously, the time on each router must be synchronized with NTP.
To display information about a previously scheduled reload or to determine if a reload has been scheduled on the router, perform the following task in EXEC command mode:
| Task | Command |
|---|---|
Display reload information including the time the reload is scheduled to occur, and the reason for the reload if it was specified when the reload was scheduled. |
To cancel a previously scheduled reload, perform the following task in privileged EXEC command mode:
The following example illustrates how to use the reload command to reload the software on the router on the current day at 7:30 p.m.:
The following example illustrates how to use the reload command to reload the software on the router at a future time:
The following example illustrates how to use the reload cancel command to stop a scheduled reload:
On the Cisco 3000 and 4000 systems that do not run from Flash memory, the following automatic booting features are implemented:
The buffer that holds the configuration commands is generally the size of NVRAM. Complex configurations may need a larger configuration file buffer size. To change the buffer size, complete the following tasks:
In the following example, the buffer size is set to 50000 bytes:
On the Cisco 7000 series, Cisco 4000 series, Cisco 3000 series, and AGS+ routers that have NVRAM, you can compress configuration files. To do so, perform the following tasks:
| 1This command is documented in the "User Interface Commands" chapter of the Router Products Command Reference. |
Installing new ROMs is a one-time operation and is necessary only if you do not already have Cisco IOS Release 10 in ROM. Before you can load a configuration that is larger than the size of NVRAM, you must issue the service compress-config command. The configure terminal command works only if you have Release 10 boot ROMs. It does not work with Release 9.17 ROMs or earlier versions.
If your router does not find a valid system image, or if its configuration file is corrupted at startup, and the configuration register is set to enter ROM monitor mode, the system might enter memory ROM monitor mode. From this mode, you can manually load a system image from Flash memory, from a network server file, or from ROM.
You can force the router to stop booting and enter ROM monitor mode by pressing the Break key during the first 60 seconds of startup.
To manually boot from Flash memory, complete the following tasks:
| Task | Command |
| Step 1. Restart the router. | |
| Step 2. Press the Break key during the first 60 seconds while the system is starting up. | |
| Step 3. Manually boot the router from Flash. |
| 1This key will not work on the Cisco 7000 unless it has Cisco IOS Release 10 boot ROMs. |
In the following example, the router is manually booted from Flash memory. Because the optional filename argument is absent, the first file in Flash memory is loaded.
In the following example, the boot flash command is used with the filename gs7-k—the name of the file that is loaded:
To manually boot from a network file, complete the following tasks in EXEC mode:
| Task | Command |
| Step 1. Restart the router. | |
| Step 2. Press the Break key during the first 60 seconds while the system is starting up. | |
| Step 3. Manually boot the router. |
| 1This key will not work on the Cisco 7000 unless it has Cisco IOS Release 10 boot ROMs. |
In the following example, the router is manually booted from the network file network1:
To manually boot the router from ROM, complete the following steps in EXEC mode:
| Task | Command |
| Step 1. Restart the router. | |
| Step 2. Press the Break key during the first 60 seconds while the system is starting up. | |
| Step 3. Manually boot the router from ROM. |
| 1This key will not work on the Cisco 7000 unless it has Cisco IOS Release 10 boot ROMs. |
On the Cisco 7500 series, the boot command loads the first bootable image located in bootflash.
In the following example, the router is manually booted from ROM:
You can interactively boot system software using MOP. Typically, you would do this to verify that system software has been properly installed on the MOP boot server before configuring the router to automatically boot the system software image.
To manually boot the router using MOP, perform the following tasks in EXEC mode:
| Task | Command |
|---|---|
| Step 1. Restart the router. | |
| Step 2. Press the Break key during the first 60 seconds while the system is starting up. | |
| Step 3. Manually boot the router using MOP. |
| 1This key will not work on the Cisco 7000 unless it has Cisco IOS Release 10 boot ROMs. |
The Cisco 7500 series does not support the boot mop command.
In the following example, the router is manually booted from a MOP server:
To return to EXEC mode from the ROM monitor to use the system image instead of reloading, perform the following task in ROM monitor mode:
The AccessPro card and the Cisco 4500 have two banks of Flash memory on one SIMM, referred to as dual-bank Flash memory. The dual-bank Flash SIMM is used for storing system images.
Dual-bank Flash provides partitioning support on systems that can accommodate only one Flash SIMM device. See the "Partition Flash Memory Using Dual Flash Bank" section for information about how to partition Flash memory.
You can retrieve a boot image from a TFTP, rcp, or MOP server. This image is copied into boot Flash memory. You can also copy the boot image from the boot Flash to a TFTP or rcp server.
To retrieve a boot image from a TFTP or rcp server, perform the following task in EXEC mode:
To retrieve a boot image from a MOP server, perform the following task in EXEC mode:
To copy a boot image from boot Flash to a TFTP server, perform the following task in EXEC mode:
To verify the checksum of a boot image in Flash memory, perform the following task in EXEC mode:
To erase the contents of boot Flash memory, perform the following task at the EXEC prompt:
As a TFTP server host, the router responds to TFTP Read Request messages by sending a copy of the system image contained in ROM or one of the system images contained in Flash memory to the requesting host. The TFTP Read Request message must use one of the filenames that are specified in the router's configuration.
To specify TFTP server operation for a router, complete the following tasks:
The TFTP session can sometimes fail. TFTP generates the following special characters to help you determine why a TFTP session fails:
The transfer session might still succeed even if TFTP generates these characters, but the output is useful for diagnosing the transfer failure. For troubleshooting procedures, refer to the Troubleshooting Internetworking Systems publication.
In the following example, the system uses TFTP to send a copy of the Flash memory file version-10.3 in response to a TFTP Read Request for that file. The requesting host is checked against access list 22.
In the following example, the system uses TFTP to send a copy of the ROM image gs3-k.101 in response to a TFTP Read Request for the gs3-k.101 file:
You configure a local authentication database to control access to the router by remote users. A local authentication database is similar in concept and use to a UNIX .rhosts file. To allow remote users to execute rcp or rsh commands on the router, configure entries for those users in the router's authentication database.
Each entry configured in the authentication database identifies the local user, the remote host, and the remote user. To be allowed to remotely execute commands on the router, the remote user must specify all three values—the local username, the remote host name, and the remote username—and therefore must be apprised of the local username. For rsh users, you can also grant a user permission to execute privileged EXEC commands remotely.
An entry that you configure in the router authentication database differs from an entry in a UNIX .rhosts file in several ways, the most salient of which is the inclusion of a local username. Because the .rhosts file on a UNIX system resides in the home directory of a local user account, an entry in a UNIX .rhosts file does not need to include the local username. The local username is determined from the user account. Because our routers do not inherently support the concept of accounts, you must specify the local username along with the remote host name and the remote username in each authentication database entry that you configure. You can specify the router host name as the local username.
To make the local username available to remote users, you need to communicate the username to the network administrator or the remote user. To allow a remote user to execute a command on the router, our rcp implementation requires that the local username sent by the remote user match the local username configured in the database entry.
The router software uses DNS to authenticate the remote host's name and address. Because DNS can return several valid IP addresses for a host name, the router software checks the address of the requesting client against all of the IP addresses for the named host returned by DNS. If the address sent by the requester is considered invalid, that is, it does not match any address listed with DNS for the host name, then the router software will reject the remote-command execution request.
Note that if no DNS servers are configured for the router, then the router cannot authenticate the host in this manner. In this case, the router software will send a broadcast request to attempt to gain access to DNS services on another server. If DNS services are not available, you must use the no ip domain-lookup command to disable the router's attempt to gain access to a DNS server by sending a broadcast request.
If DNS services are not available and, therefore, you bypass the DNS security check, the router software will accept the request to remotely execute a command only if all three values sent with the request match exactly the values configured for an entry in the local authentication file.
If DNS is enabled but you do not want to use DNS for rcmd queries, use the no ip rcmd domain-lookup command.
To ensure security, the router is not enabled to support rcp requests from remote users by default. When the router is not enabled to support rcp, the authorization database has no effect.
To configure the router to allow users on remote systems to copy files to and from the router and execute commands on the router, perform the tasks in one of the first sections and, if desired, the task in the third section:
To configure the router to support incoming rcp requests, complete the following tasks:
To disable the router from supporting incoming rcp requests, use the no ip rcmd rcp-enable command.
Note When the router's support for incoming rcp requests is disabled, you can still use the rcp commands to copy images from remote servers. The router's support for incoming rcp requests is distinct from its capacity for outgoing rcp requests.
The following example shows how to add two entries for remote users to the router's authentication database and then enable the router to support remote copy requests from remote users. The users, named netadmin1 on the remote host at IP address 131.108.15.555 and netadmin3 on remote host at IP address 131.108.101.101, are both allowed to connect to the router and remotely execute rcp commands on it after the router is enabled to support rcp. Both authentication database entries give the router's host name Router1 as the local username. The fourth command enables the router to support for rcp requests from remote users.
Note In Cisco IOS Release 10.3, the ip keyword has been added to rcmd commands. If you are upgrading from Release 10.2 to 10.3, this keyword is automatically added to any rcmd commands you have in your Release 10.2 configuration files.
To configure the router as an rsh server, complete the following tasks:
To disable the router from supporting incoming rsh commands, use the no ip rcmd rsh-enable command.
Note When the router is disabled, you can still issue a remote shell command to be executed on other routers that support the remote shell protocol and on UNIX hosts on the network.
The following example shows how to add two entries for remote users to the router's authentication database, and enable the router to support rsh commands from remote users. The users, named rmtnetad1 and netadmin4, are both on the remote host at IP address 131.108.101.101. Although both users are on the same remote host, you must include a unique entry for each user. Both users are allowed to connect to the router and remotely execute rsh commands on it after the router is enabled for rsh. The user named netadmin4 is allowed to execute privileged EXEC mode commands on the router. Both authentication database entries give the router's host name Router1 as the local username. The fourth command enables the router for to support rsh commands issued by remote users.
To bypass the DNS security check when DNS services are configured but not available, perform the following task in global configuration mode:
The router software will accept the request to remotely execute a command only if all three values sent with the request match exactly the values configured for an entry in the local authentication file.
You can configure the router as a RARP server. With this feature, RARP requests can be answered by the router, thereby allowing the router to make possible diskless booting of various systems, such as Sun workstations or PCs, on networks where the client and server are on separate subnets.
To configure the router as a RARP server, perform the following task in interface configuration mode:
In the following example, the router is configured to act as a RARP server. Figure 3-4 illustrates the network configuration.
The Sun client and server machine's IP addresses must use the same major network number due to a limitation of the current SunOS rpc.bootparamd daemon.
From the router, you can use rcp to remotely copy files to and from network servers and hosts if those systems support rcp. You do not need to configure the router to issue remote copy requests from the router using rcp. However, to prepare to use rcp from the router for remote copying, you can perform an optional configuration process to specify the remote username to be sent on each rcp request.
The rcp protocol requires that a client send the remote username on an rcp request. By default, the router software sends the remote username associated with the current TTY (terminal) process, if that name is valid, for rcp commands.
Note For Cisco, TTYs are commonly used in communications servers. The concept of TTYs originated with UNIX. For UNIX systems, each physical device is represented in the file system. Terminals are called TTY devices (which stands for teletype, the original UNIX terminal).
If the username for the current TTY process is not valid, the router software sends the host name as the remote username. For boot commands using rcp, the router software sends the router host name by default. You cannot explicitly configure the remote username.
If the remote server has a directory structure, for example, as do UNIX systems, rcp performs its copy operations along the following lines:
To override the default remote username sent on rcp requests, complete the following tasks:
| Task | Command |
|---|---|
| Step 1. Enter configuration mode from the terminal | |
| Step 2. Specify the remote username. |
To remove the remote username and return to the default value, use the no ip rcmd remote-username command.
If you are writing to the server, the rcp server must be properly configured to accept the rcp write request from the user on the router. For UNIX systems, you must add an entry to the .rhosts file for the remote user on the rcp server. For example, if the router contains the following configuration lines:
and the router's IP address translates to Router1.company.com, then the .rhosts file for User0 on the rcp server should contain the following line:
Refer to the documentation for your rcp server for more details.
The Boot Protocol (BOOTP) server for asynchronous interfaces supports the extended BOOTP requests specified in RFC 1084. The following command is useful in conjunction with using the auxiliary port as an asynchronous interface.
To configure extended BOOTP requests for asynchronous interfaces, perform the following task in global configuration mode:
You can display the extended BOOTP requests by performing the following task in EXEC mode:
To change the router's parameters for retransmitting boot requests to a MOP server, complete the following tasks:
By default, when the router transmits a request that requires a response from a MOP boot server and the server does not respond, the message will be retransmitted after four seconds. If the MOP boot server and router are separated by a slow serial link, it may take longer than four seconds for the router to receive a response to its message. Therefore, you might want to configure the router to wait longer than four seconds before retransmitting the message if you are using such a link.
In the following example, if the MOP boot server does not respond within 10 seconds after the router sends a message, the router will retransmit the message:
To copy a system image from a TFTP server to Flash memory, complete the following tasks:
| Task | Command |
|---|---|
| Step 1. Make a backup copy of the current system software image. | See the instructions in the section "Copy System Images from Flash Memory to a Network Server Using TFTP" later in this chapter. |
| Step 2. Copy a system image to Flash memory. | |
| Step 3. When prompted, enter the IP address or domain name of the server. | |
| Step 4. When prompted, enter the filename of the server system image. |
Note Be sure there is ample space available before copying a file to Flash memory. Use the show flash command and compare the size of the file you want to copy to the amount of available Flash memory shown. If the space available is less than the space required by the file you want to copy, the copy process will continue, but the entire file will not be copied into Flash. The failure message "buffer overflow - xxxx/xxxx," will appear, where xxxx/xxxx is the number of bytes read in relation to the number of bytes available.
The server system image copied to the Flash memories for the AGS+, AGS, MGS, and CGS must be at least Software Version 9.0 or later. For Cisco 3000, Cisco 4000, and Cisco 7000 series, the server system image must be at least Software Version 9.1 or later.
Note When you are upgrading or changing to a different Cisco IOS release, refer to the appropriate release notes for information on system requirements and limitations.
When you issue the copy tftp flash command, the system prompts you for the IP address or domain name of the TFTP server. This server can be another router serving ROM or Flash system software images. The system then prompts you for the filename of the software image to copy.
For the copy tftp flash and copy tftp file_id commands, when there is free space available in Flash memory, you are given the option of erasing the existing Flash memory before writing onto it. If no free Flash memory space is available, or if the Flash memory has never been written to, the erase routine is required before new files can be copied. The system will inform you of these conditions and prompt you for a response. Note that on the AGS+ and Cisco 7000 series, the Flash memory is erased at the factory before shipment.
The file_id argument of the copy tftp file_id command specifies a device and filename as the destination of the copy operation. You can omit the device, entering only copy tftp filename. When you omit the device, the system uses the default device specified by the cd command. On the Cisco 7500 series, you can choose bootflash:, slot0:, or slot1: as the Flash memory device.
If you attempt to copy a file into Flash memory that is already there, a prompt informs you that a file with the same name already exists. This file is "deleted" when you copy the new file into Flash. The first copy of the file still resides within Flash memory, but it is rendered unusable in favor of the newest version, and is listed with the "deleted" tag when you use the show flash command. If you terminate the copy process, the newer file is marked "deleted" because the entire file was not copied and is not valid. In this case, the original file in Flash memory is valid and available to the system.
Following is sample output (copying a system image named gs7-k) of the prompt you will see when using the copy tftp flash command when Flash memory is too full to copy the file. The filename gs7-k can be in either lowercase or uppercase; the system will see GS7-K as gs7-k. If more than one file of the same name is copied to Flash, regardless of case, the last file copied will become the valid file.
Note If you enter n after the "Erase flash before writing?" prompt, the copy process continues. If you enter y, the erase routine begins. Make certain you have ample Flash memory space before entering n at the erasure prompt.
Following is sample output from copying a system image named gs7-k into the current Flash configuration, in which a file of the name gs7-k already exists:
In the following example, the Flash security jumper is not installed, so you cannot write files to Flash memory.
Note To terminate this copy process, press Ctrl-^ (the Ctrl, Shift, and 6 keys on a standard keyboard) simultaneously. Although the process will terminate, the partial file copied before the termination will remain until the entire Flash memory is erased. Refer to the Troubleshooting Internetworking Systems publication for procedures on how to resolve Flash memory problems.
On the Cisco 7500 series, the following example copies the router-config file from a TFTP server to the Flash memory card inserted in slot 0 of the Route Switch Processor (RSP) card. The copied file has the name new-config.
You can copy normal or compressed images to Flash memory. You can produce a compressed system image on any UNIX platform using the compress command. Refer to your UNIX platform's documentation for the exact usage of the compress command.
The following example shows sample output from copying a system image named IJ09140Z into the current Flash configuration.
The series of pound signs (#) indicates that each Flash device is being cleared and initialized; one per device. Different router platforms use different ways of indicating that Flash is being cleared. The exclamation points (!) indicate the copy process. The series of Vs indicates that a checksum is calculated. An O would have indicated an out-of-order packet. A period (.) would have indicated a timeout. The last line in the sample configuration indicates that the copy is successful.
On all platforms except the Cisco 7500 series, you can copy a system image from a MOP server to Flash memory. To do so, perform the following task in EXEC mode:
Note When you are upgrading or changing to a different Cisco IOS release, refer to the appropriate release notes for information on system requirements and limitations.
The following example shows a sample output from the copy mop flash command. In this example, the system image junk, which already exists in Flash memory, is copied to Flash memory, and there is enough memory to copy the file without erasing any existing files.
You can copy a system image from a network server to Flash memory using rcp. For the rcp command to execute properly, an account must be defined on the network server for the remote username. You can override the default remote username sent on the rcp copy request by configuring the remote username. For example, if the system image resides in the home directory of a user on the server, you can specify that user's name as the remote username. The rcp protocol implementation copies the system image from the remote server relative to the directory of the remote username if the remote server has a directory structure, for example, as do UNIX systems.
To copy a system image from a network server to Flash memory using rcp, complete the following task
| Tasks | Command |
|---|---|
| Step 1. Make a backup copy of the current system software image. | See the instructions in the section "Copy System Images from Flash Memory to a Network Server Using rcp" later in this chapter. |
| Step 2. Enter configuration mode from the terminal.
This step is only required if you are going to override the default remote username (see Step 3). |
|
| Step 3. Specify the remote username. This step is optional, but recommended. | |
| Step 4. Exit configuration mode. | |
| Step 5. Copy the system image from the network server to Flash memory using rcp. | |
| Step 6. When prompted, enter the IP address or domain name of the network server. | |
| Step 7. When prompted, enter the filename of the server system image to be copied. |
s:
The copy command automatically displays the Flash memory directory, including the amount of free space. On Cisco 2500, Cisco 3000, and Cisco 4000 systems, if the file being downloaded to Flash memory is an uncompressed system image, the copy command automatically determines the size of the file being downloaded and validates it with the space available in Flash memory.
The server system image copied to the Flash memories must be Cisco IOS Release10.2 or later.
Note When you are upgrading or changing to a different Cisco IOS release, refer to the appropriate release notes for information on system requirements and limitations.
When you issue the copy rcp flash or copy rcp file_id command, the system prompts you for the IP address or domain name of the server. This server can be another router serving Flash system software images. The system then prompts you for the filename of the software image to copy. With the copy rcp flash command, the system also prompts you to name the system image file that will reside in Flash memory once the copy is complete. You can use the filename of the source file, or you can choose another name.
When free space is available in Flash memory, you are given the option of erasing the existing Flash memory before writing onto it. If no free Flash memory space is available, or if the Flash memory has never been written to, the erase routine is required before new files can be copied. The system informs you of these conditions and prompts you for a response. If you accept the erasure, the system prompts you again to confirm before erasing. Note that the Flash memory is erased at the factory before shipment.
If you attempt to copy a file into Flash memory that is already there, a prompt will tell you that a file with the same name already exists. The older file is "deleted" when you copy the new file into Flash. The first copy of the file still resides within Flash memory, but is rendered unusable in favor of the newest version, and will be listed with the "deleted" tag when you use the show flash command. If you abort the copy process, the newer file will be marked "deleted" because the entire file was not copied. In this case, the original file in Flash memory is valid and available to the system.
The following example copies a system image named mysysim1 from the netadmin1 directory on the remote server named SERVER1.CISCO.COM with an IP address of 131.108.101.101 to the router's Flash memory. To ensure that enough Flash memory is available to accommodate the system image to be copied, the router software allows you to erase the contents of Flash memory first.
The exclamation points (!) indicate that the copy process is taking place. Each exclamation point (!) indicates that ten packets have been transferred successfully.
Note If you enter n after the "Erase Flash device before writing?" prompt, the copy process continues. If you enter y and you confirm the erasure, the erasing routine begins. Make certain you have ample Flash memory space before entering n at the erasure prompt.
You can copy normal or compressed images to Flash memory. You can produce a compressed system image on any UNIX platform using the compress command. Refer to your UNIX platform's documentation for the exact usage of the compress command.
On the Cisco 3000 series and Cisco 4000 series systems that do not run from Flash memory, the upgrade feature of checks and validations are performed to maximize the success of a Flash upgrade and minimize the chances of leaving Flash memory in either an erased state or with a nonbootable file. The software performs the following checks:
For the Cisco 4500 router, you can copy a bootstrap image stored on a network server to Flash memory using rcp or TFTP. Before you perform the copy operation, back up the system image or bootstrap image in Flash memory to a network server.
Note When you are upgrading or changing to a different Cisco IOS release, refer to the appropriate release notes for information on system requirements and limitations.
The rcp protocol requires that a client send the remote username on each rcp request. When you copy a bootstrap image from a network server using rcp, the router software sends the remote username associated with the current TTY (terminal) process, if that name is valid. If the TTY username is invalid, the router software uses the router host name as the both the remote and local usernames. You can configure a different remote username to be sent to the server. The rcp protocol implementation searches for the bootstrap image to copy from the remote server relative to the directory of the remote username, if the remote server has a directory structure, for example, as do UNIX systems.
Note For Cisco, TTYs are commonly used in communications servers. The concept of TTYs originated with UNIX. For UNIX systems, each physical device is represented in the file system. Terminals are called TTY devices (which stands for teletype, the original UNIX terminal).
For the rcp command to execute properly, an account must be defined on the destination server for the remote username.
When you request the bootstrap image to copy using rcp, the router prompts you for the name or address of the server and the name of the file to be copied. It provides an option to erase existing Flash memory before writing onto it, and allows you to confirm the erasure. The entire copying process takes several minutes and will differ from network to network.
To copy a bootstrap image from a network server to Flash memory on a Cisco 4500 router using either rcp or TFTP, complete the following task
| Tasks | Command |
|---|---|
| Step 1. Make a backup copy of the current system or bootstrap software image. | See the instructions in the section "Copy System Images from Flash Memory to a Network Server Using rcp" or the section "Copy System Images from Flash Memory to a Network Server Using TFTP" in this chapter. |
| Step 2. Enter configuration mode from the terminal.
This step is required if you are going to override the default remote username (see Step 3). |
|
| Step 3. If the copy is performed using rcp, specify the remote username. This step is optional, but recommended. | |
| Step 4. Exit configuration mode. | |
| Step 5. Copy the bootstrap image from the network server to Flash memory using rcp or TFTP. | |
| Step 6. When prompted, enter the IP address or domain name of the server. | |
| Step 7. When prompted, enter the filename of the bootstrap image to be copied from the server. |
s:
Before booting the router from Flash memory, verify that the checksum of the bootstrap image in Flash memory matches the checksum listed in the README file that was distributed with the system software image. The checksum of the bootstrap image in Flash memory is displayed at the bottom of the display output when you issue the copy request. The README file was copied to the server automatically when you installed the system software.
 | Caution If the checksum value does not match the value in the README file, do not reboot the router. Issue the copy request and compare the checksums again. If the checksum is repeatedly wrong, copy the original bootstrap image back into Flash memory before you reboot the router from Flash memory. If you have a bad image in Flash memory and try to boot from Flash, the router will start the system image contained in ROM (assuming the system is not configured to boot from a network server). |
If you use rcp to copy the bootstrap image from a personal computer used as a file server, the computer must support rsh. If you use TFTP to copy the bootstrap image from a personal computer used as a file server, the computer must be configured as a TFTP server.
The following example shows how to copy a bootstrap image from the server to Flash memory:
The exclamation points (!) indicate that the copy process is taking place. Each exclamation point (!) indicates that ten packets have been transferred successfully.
Flash load helper is a software option that enables you to upgrade system software on run-from-Flash systems that have a single bank of Flash memory. It is a lower-cost software upgrade solution than dual-bank Flash, which requires an additional bank of Flash memory.
The Flash load helper software upgrade process is simple and does not require additional hardware; however, it does require some brief network downtime. A system image running from Flash can use Flash load helper only if the boot ROMs support Flash load helper. If the boot ROMs do not support Flash load helper, you must perform the Flash upgrade manually. See the "Manually Boot from Flash" section in this chapter.
Flash load helper is an automated procedure that reloads the ROM-based image, downloads the software to Flash memory, and reboots to the system image in Flash memory. Flash load helper performs checks and validations to maximize the success of a Flash upgrade and minimize the chance of leaving Flash memory in either an erased state or with a file that cannot boot.
In run-from-Flash systems, the software image in the router is stored in and executed from the Flash EPROM (as opposed to being executed from RAM). This method reduces memory cost. A run- from-Flash system requires enough Flash EPROM to hold the image and enough main system RAM to hold the routing tables and data structures. The system does not need the same amount of main system RAM as a run-from-RAM system because the full image does not reside in RAM. Run-from-Flash systems include the Cisco 2500 series and some Cisco 3000 series.
Flash load helper includes the following features:
Flash load helper can also be used on systems with multiple banks of Flash memory that support Flash memory partitioning. Flash load helper enables you to download a new file into the same partition from which the system is executing an image.
For information about how to partition multiple banks of Flash memory so your system can hold two different images, see the "Partition Flash Memory Using Dual Flash Bank" section in this chapter.
Perform the tasks in the following sections to use and monitor Flash load helper:
To download a new file to Flash memory using Flash load helper, check to make sure that your boot ROMs support Flash load helper, then perform the following tasks in privileged EXEC mode:
The following error message displays if you are in a Telnet session and the system is set for manual booting (the boot bits in the configuration register are zero):
In case of any catastrophic failure in the Flash memory upgrade, this error message helps to minimize the chance of the system going down to the ROM monitor prompt and being taken out of the remote Telnet user's control.
The system tries to bring up at least the boot ROM image if it cannot boot an image from Flash memory. Before re-initiating the copy tftp flash command, you must set the boot bits to a nonzero value, using the config-register global configuration command.
The copy tftp flash command initiates a series of prompts to which you must respond. The dialog is similar to the following:
If terminals other than the one on which this command is being executed are active, the following message appears:
Enter the IP address or the name of the remote host you are copying from:
Enter the name of the file you want to copy:
Enter the name of the destination file:
If you choose to erase Flash memory, the dialog continues as follows. The copy tftp flash operation verifies the request from the running image by trying to TFTP a single block from the remote TFTP server. Then the Flash load helper is executed, causing the system to reload to the ROM-based system image.
If the file does not seem to be a valid image for the system, a warning is displayed and a separate confirmation is sought from you.
If you choose not to erase Flash memory and there is no file duplication, the dialog continues as follows:
If you choose not to erase Flash memory, and there was file duplication, the dialog continues as follows:
If the configuration has been modified but not yet saved, you are prompted to save the configuration:
If you confirm to save the configuration, you might also receive this message:
Users with open Telnet connections are notified of the system reload, as follows:
If the TFTP process fails, the copy operation is retried up to three times. If the failure happens in the middle of a copy operation (in other words, if part of the file has been written to Flash memory), the retry does not erase Flash memory unless you specified an erase operation. The partly written file is marked as deleted and a new file is opened with the same name. If Flash memory runs out of free space in this process, the copy operation is terminated.
After Flash load helper finishes copying (whether the copy operation is successful or not), it automatically attempts an automatic or a manual boot, depending on the value of the boot bits in the configuration register. If the boot bits are zero, the system attempts a default boot from Flash memory to load up the first bootable file in Flash memory. This default boot is equivalent to a manual b flash command at the ROM monitor prompt.
If the boot bits are nonzero, the system attempts to boot based on the boot configuration commands. If no boot configuration commands exist, the system attempts a default boot from Flash memory; that is, it attempts to load the first bootable file in Flash memory.
To view the system console output generated during the Flash load helper operation, use the image that has been booted up after the Flash memory upgrade. Perform the following task in privileged EXEC mode:
If you are a remote Telnet user performing the Flash upgrade without a console connection, this task allows you to retrieve console output when your Telnet connection has terminated due to the switch to the ROM image. The output indicates what happened during the download, and is particularly useful if the download fails.
Before booting from Flash memory, verify that the checksum of the image in Flash memory matches the checksum listed in the README file that was distributed with the system software image. The checksum of the image in Flash memory is displayed at the bottom of the screen when you issue the copy tftp flash, copy rcp flash, or copy rcp bootflash commands. The README file was copied to the network server automatically when you installed the system software image on the server.
 | Caution If the checksum value does not match the value in the README file, do not reboot the router. Issue the copy request and compare the checksums again. If the checksum is repeatedly wrong, copy the original system software image bootstrap image back into Flash memory before you reboot the router from Flash memory. If you have a bad image in Flash memory and try to boot from Flash, the router will start the system image contained in ROM (assuming netbooting is not configured). If ROM does not contain a fully functional system image, the router will not function and will have to be reconfigured through a direct console port connection. |
Dual Flash bank allows you to partition two banks of Flash memory into two separate, logical devices so the router can hold and maintain two different software images. No downtime is required to write software into Flash memory while running software that is in another bank of Flash memory.
Dual Flash bank is supported on low-end systems that have at least two banks of Flash memory, including systems that support a single SIMM that has two banks of Flash memory (the AccessPro card and the Cisco 4500). Systems that support dual Flash bank include the AccessPro PC card, Cisco 2500 series, Cisco 3000 series, and Cisco 4000 series. CiscoFlash MIB variables support dual Flash bank. Refer to the Cisco Management Information Base (MIB) User Quick Reference for more information on these variables.
To use dual Flash bank, you must have at least two banks of Flash memory; a bank is a set of 4 chips. The minimum partition size is the size of a bank.
There are several benefits to partitioning Flash memory:
You might use Flash load helper rather than dual Flash bank for one of the following reasons:
See the "Use Flash Load Helper to Upgrade Software on Run-from-Flash Systems" section in this chapter for information about using Flash load helper.
Partitioning requires that run-from-Flash images be loaded into different Flash memory banks at different physical addresses. This means that images must be relocatable. A relocatable image is an image that contains special relocation information that allows the following:
Run-from-Flash systems (that is, the Cisco 2500 series and some Cisco 3000 series) used to run nonrelocatable images that needed to be stored in Flash memory at a specific address. This means that the image had to be stored as the first file in Flash memory. If the image is stored at any other location in Flash memory, it could not be executed in Flash memory, nor could the image be executed from RAM. The relocatable image overcomes this limitation.
With Flash partitioning, the run-from-Flash images will not work unless they are loaded into the first device as the first file. This requirement defeats the purpose of partitioning. However, relocatable images can be loaded into any Flash partition (and not necessarily as the first file within the partition) and executed in place.
Note that unless the image is downloaded as the first file in the first partition, this download must be performed by an image that recognizes relocatable images.
A relocatable image is an image that is Cisco IOS Release 10.0(6) or later. A nonrelocatable image is an image that was created before the relocatable image era (and hence does not recognize relocatable images). The following are nonrelocatable images:
You can identify a relocatable image by its name. The naming convention for image names for storage on a UNIX system is as follows:
The letter "l" in the type field indicates a relocatable image. Examples of some relocatable image names are:
Only the "igs" prefix images used by the Cisco 3000 series and Cisco 2500 series are available as relocatable images. Images distributed on floppy disks might have different naming conventions.
For backward compatibility, the relocatable images have been linked to execute as the first file in the first Flash memory bank. This makes the images similar to previous Flash memory images. Thus, if you download a relocatable image into a nonrelocatable image system, the image will run correctly from Flash memory.
To use dual Flash bank, perform the tasks in one or more of the following sections:
See the "Boot Systems That Have Dual-Bank Flash Memory" section in this chapter for information about booting systems that have two banks of Flash memory.
See the "Display System Image and Configuration Information" section in this chapter for information about monitoring dual Flash bank.
To upgrade your software, you must erase Flash memory when you are prompted during the download. This is to ensure that the image is downloaded as the first file in Flash memory.
To partition Flash memory, perform the following task in global configuration mode:
This task will succeed only if the system has at least two banks of Flash and the partitioning does not cause an existing file in Flash memory to be split across the two partitions.
To download a file into a Flash partition, perform one of the following tasks in EXEC mode:
| Task | Command |
|---|---|
The prompts displayed after you execute these tasks indicate the method by which the download can be done into each partition. The possible methods are as follows:
If the image download can be done into more than one partition, you are prompted for the partition number. Enter any of the following at the partition number prompt to obtain help:
To manually boot the router from Flash memory, perform one of the following tasks in ROM monitor mode:
| Task | Command |
|---|---|
boot flash partition-number: |
|
boot flash partition-number:filename |
The result of booting a relocatable image from Flash memory depends on where and how the image was downloaded into Flash memory. Table 3-1 describes various means by which an image could be downloaded and the corresponding result of booting from Flash memory.
Table 3-1 Downloading an Image and Booting from Flash
To configure the router to boot automatically from Flash memory, perform one of the following tasks in global configuration mode:
The result of booting a relocatable image from Flash memory depends on where and how the image was downloaded into Flash memory. Table 3-1 shown earlier describes various means by which an image could be downloaded and the corresponding result of booting from Flash memory.
To configure a Flash partition as a TFTP server, perform one of the following tasks in global configuration mode:
| Task | Command |
|---|---|
Once you have specified TFTP server operation, exit configuration mode and save the configuration information to NVRAM.
You can copy a system image back to a TFTP network server. In some implementations of TFTP, you must first create a "dummy" file on the TFTP server and give it read, write, and execute permissions before copying a file over it. Refer to your TFTP documentation for more information.
The network server copy of the system image can serve as a backup copy and also can be used to verify that the copy in Flash is the same as on the original file on disk. To copy the system image to a network server, perform the following task:
The following example uses the show flash all command to learn the name of the system image file and the copy flash tftp command to copy the system image to a TFTP server. The name of the system image file (xk09140z) is listed near the end of the show flash all output.
To stop the copy process, press Ctrl-^. Refer to the Troubleshooting Internetworking Systems publication for procedures on how to resolve Flash memory problems.
The following example uses the show flash [device:] command on a Cisco 7500 series to display the name of the system image file to copy. In the example, the Flash memory device containing the system image is the second PCMCIA slot. The file to copy is test. The example uses the copy file_id tftp command, to copy test to a TFTP server.
Once you have configured Flash memory, you might want to configure the system (using the configure terminal command) with the no boot system flash configuration command to revert to booting from ROM (for example, if you do not yet need this functionality, if you choose to netboot from a network server, or if you do not have the proper image in Flash memory). After you enter the no boot system flash command, use the write memory command to save the new configuration command to NVRAM.
This procedure on the Cisco 7000 series also requires changing the jumper on the processor's configuration register. Refer to the appropriate hardware installation and maintenance manual for instructions.
You can copy a system image back to a network server. This copy of the system image can serve as a backup copy and also can be used to verify that the copy in Flash memory is the same as on the original file on disk.
The rcp protocol requires that a client send the remote username on each rcp request to the server. When you copy a bootstrap image from Flash memory to a network server using rcp, the router software sends the remote username associated with the current TTY (terminal) process, if that name is valid. If the TTY remote username is invalid, the router software uses the router host name as the both the remote and local usernames.
Note For Cisco, TTYs are commonly used in communications servers. The concept of TTYs originated with UNIX. For UNIX systems, each physical device is represented in the file system. Terminals are called TTY devices (which stands for teletype, the original UNIX terminal).
You can configure a different remote username to be sent to the server. The rcp protocol implementation writes the system image relative to the directory associated with the remote username on the network server, if the server has a directory structure, for example, as do UNIX systems.
For the rcp command to execute properly, an account must be defined on the destination server for the remote username.
If you are writing to the server, the rcp server must be properly configured to accept the rcp write request from the user on the router. For UNIX systems, you must add an entry to the .rhosts file for the remote user on the rcp server. For example, if the router contains the following configuration lines:
and the router's IP address translates to Router1.company.com, then the .rhosts file for User0 on the rcp server should contain the following line:
Refer to the documentation for your rcp server for more details.
To stop the copy process, press Ctrl-^. Refer to the Troubleshooting Internetworking Systems publication for procedures on how to resolve Flash memory problems.
If you copy the system image to a personal computer used as a file server, the computer must support the rcp protocol.
To copy the system image to a network server, perform the following tasks:
The following example copies the system image gsxx to a network server using rcp:
The exclamation points (!) indicate that the copy process is taking place. Each exclamation point (!) indicates that ten packets have been transferred successfully.
The following example copies a system image file called test from the second PCMCIA slot on a Cisco 7500 series to a network server using rcp:
You can copy a configuration file from a network server to the local router using rcp. You might use this process to restore a configuration file to the router if you have backed up the file to a server. If you replace a router and want to use the configuration file that you created for the original router, you could restore that file instead of recreating it. You can also use this process to copy to the router a different configuration that is stored on a network server.
There are two ways to copy a configuration file from a network server using rcp:
The rcp protocol requires that a client send the remote username on each rcp request to a network server. When you issue a request to copy a configuration file from a network server using rcp and copy it to NVRAM or copy and run it, the router sends a default remote username unless you override the default by configuring a remote username. As the default value of the remote username, the router software sends the remote username associated with the current TTY process, if that name is valid. If the TTY username is invalid, the router software uses the router host name as the both the remote and local usernames. The rcp implementation searches for the configuration file to be copied relative to the directory associated with the remote username on the network server, if the server has a directory structure, for example, as do UNIX systems.
For the rcp copy request to execute successfully, an account must be defined on the network server for the remote username. If you copy the configuration file from a personal computer used as a file server, the remote host computer must support the remote shell protocol.
You can retrieve the commands stored in a configuration file on a server and write them to the startup configuration. On all platforms except the Cisco 7500 series, the startup configuration is NVRAM. On the Cisco 7500 series, the CONFIG_FILE environment variable specifies the device and filename of the startup configuration.
A host configuration file contains commands that apply to one network server in particular. A network configuration file contains commands that apply to all network servers on a network.
To copy a configuration file from an rcp network server to the startup configuration, perform the following tasks:
On the Cisco 7500 series, the copy rcp startup-config command copies the configuration file from the network server to the configuration file pointed to by the CONFIG_FILE environment variable. If you want to write the configuration file from the server to NVRAM on the router, be sure to set the CONFIG_FILE environment variable to NVRAM. Refer to the "Download the CONFIG_FILE Environment Variable Configuration on Cisco 7500 Series" section in this chapter for instructions on setting the CONFIG_FILE environment variable with the boot config command.
The following example specifies a remote username of netadmin1. Then it copies a host configuration file host2-confg from the netadmin1 directory on the remote server with an IP address of 131.108.101.101 to the router's NVRAM:
You can copy a configuration file from an rcp server to the running configuration.
A host configuration file contains commands that apply to one network server in particular. A network configuration file contains commands that apply to all network servers on a network.
To copy a configuration file from an rcp server to the running configuration, perform the following tasks:
The following example copies a host configuration file named host1-confg from the netadmin1 directory on the remote server with an IP address of 131.108.101.101, and loads and runs that file on the router:
You can copy configuration files from the router to a TFTP server. You might do this task to back up a current configuration file to a server before changing its contents, thereby allowing you to later restore the original configuration file from the server. The configuration file that you copy to usually must already exist on the TFTP server and be globally writable before the TFTP server allows you to write to it.
To store configuration information on a TFTP network server, complete the following tasks in the EXEC mode:
The command prompts you for the destination host's address and a filename, as the following example illustrates.
The following example copies a configuration file from a router to a server:
You can use rcp to copy configuration files from the local router to a network server. You can back up current configuration files to the server before you change a file's contents, and restore the original configuration files from the server at a later time.
You can copy a startup configuration file or a running configuration file to the server.
The rcp protocol requires that a client send the remote username on each rcp request to a server. When you issue a command to copy a configuration file from the router to a server using rcp, the router sends a default remote username unless you override the default by configuring a remote username. As the default value of the remote username, the router software sends the remote username associated with the current TTY (terminal) process, if that name is valid.
Note For UNIX systems, each physical device is represented in the file system. Terminals are called TTY devices (which stands for teletype, the original UNIX terminal).
If the TTY remote username is invalid, the router software uses the router host name as the both the remote and local usernames. The rcp protocol implementation writes the configuration file to be copied relative to the directory associated with the remote username on the server, if the server has a directory structure, for example, as do UNIX systems.
For the rcp copy request to execute successfully, an account must be defined on the network server for the remote username.
The rcp server must be properly configured to accept the rcp write request from the user on the router. For UNIX systems, you must add an entry to the .rhosts file for the remote user on the rcp server. For example, if the router contains the following configuration lines:
and the router's IP address translates to Router1.company.com, then the .rhosts file for User0 on the rcp server should contain the following line:
Refer to the documentation for your rcp server for more details.
If you copy the configuration file to a personal computer used as a file server, the computer must support rcp.
To copy a startup configuration file or a running configuration file from the router to a server using rcp, use one of following tasks:
You can copy the contents of the configuration file in NVRAM to a network server using rcp or TFTP. The copied file can serve as a backup configuration file.
To copy a startup configuration file to a network server using rcp, complete the following tasks:
The following example shows how to store a startup configuration file on a server using rcp to copy the file:
You can copy the running configuration file to a server using rcp or TFTP. The copied file can serve as a backup configuration file.
To store a running configuration file on a server, complete the following tasks:
The following example copies the running configuration file named Rtr2-confg to the netadmin1 directory on the remote host with an IP address of 131.108.101.101:
Perform the following tasks in EXEC mode to display information about system software, system image files, and configuration files:
Refer to the Router Products Command Reference for examples of these commands.
You can also use the o command in ROM monitor mode to list the configuration register settings on some models.
The Flash memory content listing does not include the checksum of individual files. To recompute and verify the image checksum after the image is copied into Flash memory, complete the following task in EXEC mode:
When you enter this command, the screen prompts you for the filename to verify. By default, it prompts for the last (most recent) file in Flash. Press Return to recompute the default file checksum, or enter the filename of a different file at the prompt. Note that the checksum for microcode images is always 0x0000.
On a Cisco 7500 series, you can verify the checksum of individual files on a Flash memory device. You can verify the checksum of a file located in internal Flash (bootflash:) or in one of the PCMCIA slots (slot0:, slot1:). To do so, perform the following task in EXEC mode:
The following example verifies the gsxx file on the Flash memory card inserted in slot 0 of a Cisco 7500's RSP card:
To clear your startup configuration, perform the following task in EXEC mode:
On the Cisco 7500 series, when you use the write erase command, the router erases or deletes the configuration pointed to by CONFIG_FILE environment variable. If this variable points to NVRAM, the router erases NVRAM. If the CONFIG_FILE environment variable specifies a Flash memory device and configuration filename, the router deletes the configuration file. That is, the router marks the file as "deleted," rather than erasing it. This feature allows you to recover a "deleted" file. Refer to the "Manage Flash Files on Cisco 7500 Series" section for more information on recovering deleted files.
To erase a saved configuration from a specific Flash device on a Cisco 7500 series, complete the following task in EXEC mode:
When you erase or delete a specific file, the system marks the file as deleted, allowing you to later recover a "deleted" file. If you omit the device, the router uses the default device specified by the cd command.
If you attempt to erase or delete the configuration file specified by the CONFIG_FILE or BOOTLDR environment variable, the system prompts you to confirm the deletion. Also, if you attempt to erase or delete the last valid system image specified in the BOOT environment variable, the system prompts you to confirm the deletion.
On all platforms except the Cisco 7500 series, you can reexecute the configuration commands stored in NVRAM. On the Cisco 7500 series, the same command allows you to reexecute the configuration specified by the CONFIG_FILE environment variable.
To reexecute the commands located in the startup configuration, complete the following task in privileged EXEC mode:
| Task | Command |
|---|---|
Reexecute the configuration commands located in NVRAM. On the Cisco 7500 series, configure the router to reexecute the configuration specified by the CONFIG_FILE environment variable. |
You can use rsh to execute commands remotely on network servers that support the remote shell protocol. To use this command, the .rhosts files on the network server must include an entry that permits you to remotely execute commands on that host.
The rsh command that you issue is remotely executed from the directory of the account for the remote user that you specify through the /user username keyword and argument pair, if the remote server has a directory structure, as do UNIX systems.
If you do not specify the /user keyword and argument, the router sends a default remote username. As the default value of the remote username, the router software sends the remote username associated with the current TTY process, if that name is valid. If the TTY remote username is invalid, the router software uses the router host name as the both the remote and local usernames.
To execute a command remotely on a network server using rsh, perform the following tasks in privileged EXEC mode:
| Task | Command |
|---|---|
| Step 1. Enter privileged EXEC mode. | |
| Step 2. Enter the rsh command to be executed remotely. |
| 1This command is documented in the "User Interface Commands" chapter of the Router Products Command Reference publication. |
The following example shows how to execute a command remotely using rsh:
Flash memory can be used as a TFTP file server for other routers on the network. This feature allows you to boot a remote router with an image that resides in the Flash server memory.
In the description that follows, one Cisco 7000 router is referred to as the Flash server, and all other routers are referred to as client routers. Example configurations for the Flash server and client routers include commands as necessary.
The Flash server and client router must be able to reach one another before the TFTP function can be implemented. Verify this connection by pinging between the Flash server and client router (in either direction) using the ping command.
An example use of the ping command is as follows:
In this example, the IP address of 131.131.101.101 belongs to the client router. Connectivity is indicated by !!!!!, while ... [timed out] or [failed] indicates no connection. If the connection fails, reconfigure the interface, check the physical connection between the Flash server and client router, and ping again.
After you verify the connection, ensure that a TFTP-bootable image is present in Flash memory. This is the system software image the client router will boot. Note the name of this software image so you can verify it after the first client boot.
Note The filename used must represent a software image that is present in Flash memory. If no image resides in Flash memory, the client router will boot the server's ROM image as a default.
 | Caution For full functionality, the software residing in the Flash memory must be the same type as the ROM software installed on the client router. For example, if the server has X.25 software, and the client does not have X.25 software in ROM, the client will not have X.25 capabilities after booting from the server's Flash memory. |
Perform the following task to configure the Flash server:
The following example configures the Flash server. This example gives the filename of the software image in the Flash server and one access list (labeled 1). The access list must include the network where the client router resides. Thus, in the example, the network 131.108.101.0 and any client routers on it are permitted access to the Flash server filename gs7-k.9.17.
Configure the client router using the boot system rom command. Use the configure terminal command to enter this commands into the client router's memory configuration. Using these commands on the Cisco 7000 requires changing the jumper on the configuration register of the processor to the pattern 0-0-1-0 (Position 1). For this exercise, the IP address of the Flash server is 131.131.111.111.
| Task | Command |
|---|---|
 | Caution Using the no boot system command in the following example will invalidate all other boot system commands currently in the client router system configuration. Before proceeding, determine whether the system configuration stored in the client router should first be saved (uploaded) to a TFTP file server so you have a backup copy. |
Following is an example of the use of these commands:
In this example, the no boot system command invalidates all other boot system commands currently in the configuration memory, and any boot system commands entered after this command will be executed first. The second command, boot system filename address, tells the client router to look for the file gs7-k.9.17 in the (Flash) server with an IP address of 131.131.111.111. Failing this, the client router will boot from its system ROM upon the boot system rom command, which is included as a backup in case of a network problem. The write memory command copies the configuration to memory, and the reload command boots the system.
 | Caution The system software (gs7-k.9.17) to be booted from the Flash server (131.131.111.111) must reside in Flash memory on the server. If it is not in Flash memory, the client router will boot the Flash server's system ROM. |
Use the show version command on the client router to verify that the software image booted from the Flash server is the image present in Flash memory.
Following is sample output of the show version command:
The important information in this example is contained in the first line (GS Software...) and in the line that begins with "System image file...." The two software types and versions shown indicate the software currently running in RAM in the client router (first line) and the software booted from the Flash server (last line). These two types and versions must be the same.
Note If no bootable image was present in the Flash server memory when the client server was booted, the version currently running (first line of the preceding example) will be the system ROM version of the Flash server by default.
Verify that the software shown in the first line of the previous example is the software residing in the Flash server memory.
With the Cisco 7500 series, you must manage files on as many as three different Flash memory devices. To help you manage your Flash files, you can
You can specify the Flash device that the system uses as the default device. Setting the default Flash device allows you to omit an optional device: argument from related commands. For all EXEC commands that have an optional device: argument, the system uses the device specified by the cd command when you omit the optional device: argument. For example, the dir command contains an optional device: argument and displays a list of files on a Flash memory device.
To specify a default Flash device, complete the following task from EXEC mode:
The following example sets the default device to the Flash memory card inserted in the slot 0 of the RSP card:
You may want to show the current setting of the cd command to see which device is the current default Flash device. To display the current default Flash device specified by the cd command, complete the following task from EXEC mode:
The following example shows that the present working device specified by the cd command is slot 0 of the RSP card:
The following example uses the cd command to change the present working device to bootflash and then uses the pwd command to display that present working device:
You may want to view a list of the contents of a Flash memory device before manipulating its contents. For example, before copying a new configuration file to a Flash device, you may want to verify that the device does not already contain a configuration file with the same name. Similarly, before copying a Flash configuration file to another location, you may want to verify its filename for use in another command. You can check the contents a Flash device with the dir EXEC command.
To show a list of files on a specified Flash device, complete the following task from EXEC mode:
| Task | Command |
|---|---|
The following example instructs the router to list undeleted files for the default device specified by the cd command. Notice that the router displays the information in short format because no keywords are used:
The following example displays the long version of the same device:
When you no longer need a file on a Flash memory device, you can delete it.
To delete a file from a specified Flash device, complete the following task from EXEC mode:
| Task | Command |
|---|---|
If you omit the device, the router uses the default device specified by the cd command.
If you attempt to delete the configuration file specified by the CONFIG_FILE or BOOTLDR environment variable, the system prompts you to confirm the deletion. Also, if you attempt to delete the last valid system image specified in the BOOT environment variable, the system prompts you to confirm the deletion. When you delete a file, the router simply marks the file as deleted, but does not erase the file. This feature allows you to recover a "deleted" file, as discussed in the following section.
The following example deletes the myconfig file from a Flash memory card inserted in the slot 0 of the RSP card:
The following example erases the myconfig file from a Flash memory card inserted in the slot 0 of the RSP card:
You can undelete a deleted file. For example, you may want to revert to a previous configuration file because the current one is corrupt.
To undelete a deleted file on a Flash memory device, complete the following task from EXEC mode:
You must undelete a file by its index because you can have multiple deleted files with the same name. For example, the "deleted" list could contain multiple configuration files with the name router-config. You undelete by index to indicate which of the many router-config files from the list to undelete. Use the dir command to learn the index number of the file you want to undelete.
You cannot undelete a file if a valid (undeleted) one with the same name exists. Instead, you first delete the existing file and then undelete the file you want. For example, if you had an undeleted version of the router-config file and you wanted to use a previous, deleted version instead, you cannot simply undelete the previous version by index. You must first delete the existing router-config file and then undelete the previous router-config file by index. You can undelete a file as long as the file has not been permanently erased via the squeeze command. You can delete and undelete a file up to 15 times.
The following example recovers the deleted file whose index number is 1 to the Flash memory card inserted in slot 0 of the RSP card:
When a Flash memory device is full, you may need to rearrange the files so that the space used by the "deleted" files can be reclaimed. To determine whether a Flash memory device is full, use the show flash command.
To permanently delete files on a Flash memory device, complete the following task from privileged EXCE mode:
When you issue the squeeze command, the router copies all valid files to the beginning of Flash memory and erases all files marked "deleted." At this point, you cannot recover "deleted" files, and you can now write to the reclaimed Flash memory space.
Note The squeeze operation can take as long as several minutes because it can involve erasing and rewriting almost an entire Flash memory space.
Cisco 7000 interface processors and the switch processor (SP) each have a writable control store (WCS). The WCS stores microcode. You can load updated microcode onto the WCS from the onboard ROM or from Flash memory on the route processor (RP) card. On the Cisco 7500 series, you can load updated microcode onto the WCS from bootflash or a Flash memory card inserted in one of the PCMCIA slots of the RSP card.
With this feature, you can update microcode without having physical access to the router, and you can load new microcode without rebooting the system.
The default is to load from the microcode bundled in the system image.
To load microcode from Flash, complete the following task:
| Task | Command |
|---|---|
| Step 1. Copy microcode files into Flash. |
copy tftp file_id (Cisco 7500 series only) See the section "Copy System Images from a Network Server to Flash Memory Using TFTP" earlier in this chapter for more information about how to copy TFTP images to Flash memory. |
| Step 2. Load microcode from Flash memory into the WCS. | microcode interface [flash filename | rom | system] (Cisco 7000 series only) microcode interface [flash file_id | system] (Cisco 7500 series only) |
| Step 3. Save the configuration changes to your startup configuration. On most platforms, this step saves the configuration to NVRAM. On the Cisco 7500 series, this step saves the configuration to the location specified by the CONFIG_FILE environment variable. |
If an error occurs when you are attempting to download microcode, the onboard ROM microcode will be loaded and the interface will remain operational.
These configuration commands are implemented following one of three events:
After you have entered a microcode configuration command and one of these events has taken place, all of the cards are reset, loaded with microcode from the appropriate sources, tested, and enabled for operation.
To signal to the system that all microcode configuration commands have been entered and the processor cards should be reloaded, complete the following task in global configuration mode:
| Task | Command |
|---|---|
Notify the system that all microcode configuration commands have been entered and the processor cards should be reloaded. |
If Flash memory is busy because a card is being removed or inserted, or a microcode reload command is executed while Flash is locked, the files will not be available and the onboard ROM microcode will be loaded. Issue another microcode reload command when Flash memory is available, and the proper microcode will be loaded. The show flash command will show if another user or process has locked Flash memory. The microcode reload command should not be used while Flash is in use. For example, do not use this command when a copy tftp flash or show flash command is active.
The microcode reload command is automatically added to your running configuration when you issue a microcode command that changes the system's default behavior of loading all processors from ROM.
To display microcode information, perform the following task in EXEC mode:
Posted: Wed Jul 2 23:16:58 PDT 2003
All contents are Copyright © 1992--2003 Cisco Systems, Inc. All rights reserved.
Important Notices and Privacy Statement.
