C2960 config - What do the commands do

Discussion in 'Cisco' started by Martin, Oct 11, 2006.

  1. Martin

    Martin Guest

    Hi,

    I have a simple switch configuration, but I have some lines in the
    configuration I do not understand. Can you help?


    no service pad
    service timestamps debug uptime
    service timestamps log datetime
    service password-encryption
    service sequence-numbers
    !
    no aaa new-model
    clock timezone UTC 1
    clock summer-time UTC recurring last Sun Mar 2:00 last Sun Oct 3:00
    ip subnet-zero
    !
    !
    !
    !
    no file verify auto
    spanning-tree mode pvst
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    !
    control-plane



    Best Regards
    Martin
     
    Martin, Oct 11, 2006
    #1
    1. Advertising

  2. Martin

    Everyman Guest

    Hi,
    however its reasonably to see official cisco IOS definition of these
    commands
    I try to write some notes from my head and cco.


    > no service pad

    switch off pad protocol on the router.

    Packet Assembly and Disassembly (PAD) is used for sending and
    receiving "raw" data over IP networks. The modem takes care of
    establishing IP network connections, as well as the encapsulation
    of data within UDP or TCP packets. This eliminates the need for a
    TCP/IP stack running on the host device.

    > service timestamps debug uptime

    switch on the service of timestamping each debug log (when you type any
    debug command) the router produces.
    But in opposed to "datetime" you use "uptime".

    > service timestamps log datetime


    The same what above, but applied to regular log data.

    > service password-encryption

    switch on cisco algorithm to hide clear text password (enable, telnet etc)
    and instead show this password as a meaningless string (ggtrg9543ygtrhth).
    In opposed to hash algorithm (e.g. MD5) its eassy to decipher this string to
    original password.

    > service sequence-numbers


    To enable visible sequence numbering of system logging messages, use the
    service sequence-numbers command in global configuration mode.
    Each system status messages logged in the system logging process have a
    sequence reference number applied. This command makes that number visible by
    displaying it with the message. The sequence number is displayed as the
    first part of the system status message.

    For example:

    000066: .Mar 22 15:35:57 PST: %SYS-5-CONFIG_I: Configured from console by
    console

    > no aaa new-model

    You do not going to use AAA model (authentication, authorization and
    accounting).


    > clock timezone UTC 1

    You set UTC time zone.
    UTC is Coordinated Universal Time.
    "1" after UTC means one hour shift, i.e. this is UTC+1=CET (and some others,
    BST, IST, WEST)
    CET is Central European Time.


    > clock summer-time UTC recurring last Sun Mar 2:00 last Sun Oct 3:00


    Configure the system to automatically switch to summer time (daylight saving
    time).

    > ip subnet-zero

    You want to save and use the first subent (subnet zero).
    This sybnet has the same network address what main network (the subnetted
    one) but longer subnet mask
    For example:

    10.0.0.0/8 is main network
    10.0.0.0/24 is subnet zero of this network.
    With the commands "no ip subnet-zero" You are not allowed to use this
    subnet.
    Then You can use 10.0.1.0/24 subnet as the first usable subnet.


    > no file verify auto


    switch off automatic verification of cisco files.
    When You copy some files to your router its safe to verify theirs control
    sum.
    For example:

    copy /verify tftp://10.1.1.1/jdoe/c7200-js-mz disk0:
    verify disk0:c7200-js-mz
    reload /verify

    With this feature switch on You do not need to do this, insted router do
    this automatically.


    > spanning-tree mode pvst


    You want to run pvst (per-Vlan spannig tree) mode od spanning tree protocol.
    It means that in every vlan throughout your switched network
    seperate instance of STP frames will be running. Its good only for small
    number of vlans. In other cases its safe to use MST (multiple spanning tree)

    > spanning-tree extend system-id


    Enable the extended system ID feature on a chassis that supports 1024 MAC
    addresses.Releases 12.1(13)E and later support chassis with 64 or 1024 MAC
    addresses. For chassis with 64 MAC addresses, STP uses the extended system
    ID plus a MAC address to make the bridge ID unique for each VLAN.

    > vlan internal allocation policy ascending

    It configures the Internal Vlan allocation policy. You can choose between
    "ascending" and "descending".
    Enter the ascending keyword to allocate internal VLANs from 1006 and up.
    Enter the descending keyword to allocate internal VLAN from 4094 and down.
    1006-4094 - this is extended range of etherenet-only vlans, they are not
    propagated by vtp protocol.


    > control-plane


    switch on control plane policing.
    The Control Plane Policing feature allows users to configure a quality of
    service (QoS) filter that manages the traffic flow of control plane packets
    to protect the control plane of Cisco IOS routers and switches against
    reconnaissance and denial-of-service (DoS) attacks. In this way, the control
    plane (CP) can help maintain packet forwarding and protocol states despite
    an attack or heavy traffic load on the router or switch.

    ***
    More about these you can find on cisco.com in public area without CCO
    access.

    http://www.cisco.com/univercd/home/home.htm


    Regards,
    Wlodek.
     
    Everyman, Oct 11, 2006
    #2
    1. Advertising

  3. Martin

    Martin Guest

    Everyman wrote:
    > Hi,
    > however its reasonably to see official cisco IOS definition of these
    > commands
    > I try to write some notes from my head and cco.
    >
    >
    >
    >>no service pad

    >
    > switch off pad protocol on the router.
    >
    > Packet Assembly and Disassembly (PAD) is used for sending and
    > receiving "raw" data over IP networks. The modem takes care of
    > establishing IP network connections, as well as the encapsulation
    > of data within UDP or TCP packets. This eliminates the need for a
    > TCP/IP stack running on the host device.
    >
    >
    >>service timestamps debug uptime

    >
    > switch on the service of timestamping each debug log (when you type any
    > debug command) the router produces.
    > But in opposed to "datetime" you use "uptime".
    >
    >
    >>service timestamps log datetime

    >
    >
    > The same what above, but applied to regular log data.
    >
    >
    >>service password-encryption

    >
    > switch on cisco algorithm to hide clear text password (enable, telnet etc)
    > and instead show this password as a meaningless string (ggtrg9543ygtrhth).
    > In opposed to hash algorithm (e.g. MD5) its eassy to decipher this string to
    > original password.
    >
    >
    >>service sequence-numbers

    >
    >
    > To enable visible sequence numbering of system logging messages, use the
    > service sequence-numbers command in global configuration mode.
    > Each system status messages logged in the system logging process have a
    > sequence reference number applied. This command makes that number visible by
    > displaying it with the message. The sequence number is displayed as the
    > first part of the system status message.
    >
    > For example:
    >
    > 000066: .Mar 22 15:35:57 PST: %SYS-5-CONFIG_I: Configured from console by
    > console
    >
    >
    >>no aaa new-model

    >
    > You do not going to use AAA model (authentication, authorization and
    > accounting).
    >
    >
    >
    >>clock timezone UTC 1

    >
    > You set UTC time zone.
    > UTC is Coordinated Universal Time.
    > "1" after UTC means one hour shift, i.e. this is UTC+1=CET (and some others,
    > BST, IST, WEST)
    > CET is Central European Time.
    >
    >
    >
    >>clock summer-time UTC recurring last Sun Mar 2:00 last Sun Oct 3:00

    >
    >
    > Configure the system to automatically switch to summer time (daylight saving
    > time).
    >
    >
    >>ip subnet-zero

    >
    > You want to save and use the first subent (subnet zero).
    > This sybnet has the same network address what main network (the subnetted
    > one) but longer subnet mask
    > For example:
    >
    > 10.0.0.0/8 is main network
    > 10.0.0.0/24 is subnet zero of this network.
    > With the commands "no ip subnet-zero" You are not allowed to use this
    > subnet.
    > Then You can use 10.0.1.0/24 subnet as the first usable subnet.
    >
    >
    >
    >>no file verify auto

    >
    >
    > switch off automatic verification of cisco files.
    > When You copy some files to your router its safe to verify theirs control
    > sum.
    > For example:
    >
    > copy /verify tftp://10.1.1.1/jdoe/c7200-js-mz disk0:
    > verify disk0:c7200-js-mz
    > reload /verify
    >
    > With this feature switch on You do not need to do this, insted router do
    > this automatically.
    >
    >
    >
    >>spanning-tree mode pvst

    >
    >
    > You want to run pvst (per-Vlan spannig tree) mode od spanning tree protocol.
    > It means that in every vlan throughout your switched network
    > seperate instance of STP frames will be running. Its good only for small
    > number of vlans. In other cases its safe to use MST (multiple spanning tree)
    >
    >
    >>spanning-tree extend system-id

    >
    >
    > Enable the extended system ID feature on a chassis that supports 1024 MAC
    > addresses.Releases 12.1(13)E and later support chassis with 64 or 1024 MAC
    > addresses. For chassis with 64 MAC addresses, STP uses the extended system
    > ID plus a MAC address to make the bridge ID unique for each VLAN.
    >
    >
    >>vlan internal allocation policy ascending

    >
    > It configures the Internal Vlan allocation policy. You can choose between
    > "ascending" and "descending".
    > Enter the ascending keyword to allocate internal VLANs from 1006 and up.
    > Enter the descending keyword to allocate internal VLAN from 4094 and down.
    > 1006-4094 - this is extended range of etherenet-only vlans, they are not
    > propagated by vtp protocol.
    >
    >
    >
    >>control-plane

    >
    >
    > switch on control plane policing.
    > The Control Plane Policing feature allows users to configure a quality of
    > service (QoS) filter that manages the traffic flow of control plane packets
    > to protect the control plane of Cisco IOS routers and switches against
    > reconnaissance and denial-of-service (DoS) attacks. In this way, the control
    > plane (CP) can help maintain packet forwarding and protocol states despite
    > an attack or heavy traffic load on the router or switch.
    >
    > ***
    > More about these you can find on cisco.com in public area without CCO
    > access.
    >
    > http://www.cisco.com/univercd/home/home.htm
    >
    >
    > Regards,
    > Wlodek.
    >
    >
    >
    >
    >


    Great :)
    Thank you Wlodek

    Best Regards
    Martin
     
    Martin, Oct 11, 2006
    #3
  4. Martin

    Manie1982

    Joined:
    Apr 15, 2014
    Messages:
    1
    Good Day guys

    I am given this assignment to complete the switch setup for 2960

    To tell the truth, I am lost between lines of command and I cant seem to make them up and complete my assignment.

    o service pad
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    !
    hostname Campus-Core-SW01
    !
    boot-start-marker
    boot-end-marker
    !
    enable secret Kuboma82
    enable password P@ssw0rd
    !
    !
    !

    !
    !
    ip name-server 172.16.254.2
    !
    !
    spanning-tree mode pvst
    spanning-tree extend system-id
    !
    !
    !
    !
    vlan internal allocation policy ascending
    !
    !
    !
    interface FastEthernet0
    no ip address
    shutdown
    !
    !
    interface GigabitEthernet1/0/2
    description Cyberoam_LAN
    switchport mode trunk
    spanning-tree portfast
    !
    interface GigabitEthernet1/0/6
    description Connected to Ruckus Wireless Director
    switchport mode trunk
    spanning-tree portfast
    !
    interface Vlan1
    ip address 172.16.254.8 255.255.255.0
    no ip redirects
    !
    !
    ip default-gateway 172.16.254.1
    ip http server
    ip http secure-server
    !
    !
    line con 0
    password P@ssw0rd

    login
    line vty 0 4
    password P@ssw0rd
    login
    line vty 5 15
    password P@ssw0rd
    login
    !
    !
    end

    Can someone please make up the commands for this? I am getting a lot of errors on my packet tracer.

    Thank you
     
    Manie1982, Apr 15, 2014
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. BUZZ

    VLAN and TRUNK on a c2960

    BUZZ, Apr 12, 2006, in forum: Cisco
    Replies:
    6
    Views:
    5,632
  2. martin
    Replies:
    1
    Views:
    1,101
    Everyman
    Oct 9, 2006
  3. Martin

    c2960 and GLC-SX-MM, no link

    Martin, Dec 10, 2007, in forum: Cisco
    Replies:
    6
    Views:
    1,045
    Martin
    Dec 13, 2007
  4. Thrill5
    Replies:
    2
    Views:
    2,136
    Thrill5
    Apr 20, 2009
  5. Michael T. Davis

    VLAN trunking protocol on C2960-S switches

    Michael T. Davis, Feb 10, 2012, in forum: Cisco
    Replies:
    2
    Views:
    1,505
    Markus Marquardt
    Feb 10, 2012
Loading...

Share This Page