sábado, 26 de diciembre de 2009
Cargando una IOS al router
Posted by Nicolas | sábado, 26 de diciembre de 2009 | Category:
Misceláneos
|
Si se borra accidentalmente la IOS de la memoria flash o bien la nueva que se cargó presenta un error y no se dispone automáticamente de un backup en un servidor TFTP, al reiniciar el router se entrará a ROMmon (ROM monitor). Si bien qué hacer en estas circunstancias no está directamente relacionado con los contenidos del examen de CCIE®, es muy conveniente saberlo para todo aquel que trabaja con routers Cisco y así estar preparado, por ejemplo, si al hacer un upgrade de IOS algo sale mal.
Conviene hablar de configuration register, básicamente un valor almacenado en la NVRAM de 16 bits que define, entre otras cosas, de dónde se carga la IOS para iniciar el router. La siguiente tabla muestra qué significa activar algunos de sus bits.
Bit Number.......Hexadecimal Value....Meaning/Function
..00-03............0x0000-0x000F......Comprises the boot field for defining the source of a default Cisco IOS software image required to run the router.
...05.................0x0020..........Defines the console baud rate (the default setting is 9600 bps)
...06.................0x0040..........Causes system software to ignore the contents of NVRAM
...07.................0x0080..........Disable boot messages
...08.................0x0100..........Disables the Break function
...09.................0x0200..........Uses a secondary bootstrap
...10.................0x0400..........Broadcasts Internet Protocol (IP) with all zeros
..11-12............0x0800-0x1000......Defines the console baud rate (the default setting is 9600 bps)
...13.................0x2000..........Boots default ROM software if network boot fails
...14.................0x4000..........Excludes network numbers from IP broadcasts
...15.................0x8000..........Enables diagnostic messages and ignores the contents of NVRAM
En particular conviene poner atención al valor que toman los cuatro primeros bits del configuration register, que se define así:
Boot Field......Meaning
....00..........On power up, the system remains at the ROM monitor prompt (rommon>), awaiting a user command to boot the system manually.
....01..........On power up, the system automatically boots the first system image found in the onboard Flash memory SIMM on the RP.
...02-0F........On power up, the system boots automatically from a default Cisco IOS software image stored on a TFTP server in the network.
O sea que si los cuatro primeros bits son 0, el router siempre partirá en ROMmon. A su vez si los bits representan el valor decimal 2 (0010 en binario), que está seteado por defecto en los routers Cisco, se pondrá atención a lo que dicte el comando boot system en la configuración del equipo, que en caso de no estar presente se tratará de partir, entonces, desde un servidor TFTP con un nombre por defecto de archivo. Si esto falla el equipo intentará partir desde la memoria flash removible.
Cabe destacar que el configuration register es un número compuesto. Por ejemplo un valor muy común es el utilizado en la mayoría de los procedimientos de Password Recovery: 0x2142, el cual significa:
- 0x2000: Boots default ROM software if network boot fails
- 0x0100: Disables the Break function
- 0x0040: Causes system software to ignore the contents of NVRAM
- 02 to 0F : On power up, ...
Entonces qué hacer si el valor (por defecto) de 0x2102 está seteado, pero no se logra salir de ROMmon. Bueno, dependerá de qué recursos se tengan para cargar la IOS a la memoria flash del router. Si además del cable de consola se dispone de un cable ethernet cruzado, se puede conectar nuestro PC/laptop al router y actuar como TFTP server (se debe tener un software adecuado para estos propósitos), utilizando el comando tftpdnld en ROMmon como se verá en el ejemplo a continuación (tomé la idea del blog de David Sudjiman).
System Bootstrap, Version 12.3(8r)T9, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 2004 by cisco Systems, Inc.
PLD version 0x10
GIO ASIC version 0x127
c2801 processor with 262144 Kbytes of main memory
Main memory is configured to 64 bit mode with parity disabled
Readonly ROMMON initialized
rommon 1 > IP_ADDRESS=10.0.0.2
rommon 2 > IP_SUBNET_MASK=255.255.255.252
rommon 3 > DEFAULT_GATEWAY=10.0.0.1
rommon 4 > TFTP_SERVER=10.0.0.1
rommon 5 > TFTP_FILE=c2801-entbasek9-mz.124-20.T1.bin
rommon 6 > TFTP_VERBOSE=2
rommon 7 > FE_PORT=0
rommon 8 > TFTP_CHECKSUM=1
rommon 9 > tftpdnld
IP_ADDRESS: 10.0.0.2
IP_SUBNET_MASK: 255.255.255.252
DEFAULT_GATEWAY: 10.0.0.1
TFTP_SERVER: 10.0.0.1
TFTP_FILE: c2801-entbasek9-mz.124-20.T1.bin
TFTP_MACADDR: 00:18:18:76:22:8c
TFTP_VERBOSE: Verbose
TFTP_RETRY_COUNT: 18
TFTP_TIMEOUT: 7200
TFTP_CHECKSUM: Yes
FE_PORT: 0
FE_SPEED_MODE: Auto Detect
Invoke this command for disaster recovery only.
WARNING: all existing data in all partitions on flash will be lost!
Do you wish to continue? y/n: [n]: y
Performing tftpdnld over Fast Enet.
Initializing interface.
Interface link state up (100MB/HD).
ARPing for 10.0.0.1
ICMP: ignored unsupported ICMP type 0x0, code 0x0 from 10.0.0.1.
ARPing for 10.0.0.1
ARP reply for 10.0.0.1 received. MAC address 00:17:08:3f:54:47.
Receiving c2801-entbasek9-mz.124-20.T1.bin from 10.0.0.1 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! router
File reception completed.
Validating checksum.
Copying file c2801-entbasek9-mz.124-20.T1.bin to flash.
program load complete, entry point: 0x8000f000, size: 0xc100
Initializing ATA monitor library.......
Format: Drive communication & 1st Sector Write OK...
Writing Monlib sectors.
..................................................................................................
Monlib write complete
Format: All system sectors written. OK...
Format: Operation completed successfully.
Format of flash: complete
program load complete, entry point: 0x8000f000, size: 0xc100
Initializing ATA monitor library.......
rommon 10 > reset
System Bootstrap, Version 12.3(8r)T9, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 2004 by cisco Systems, Inc.
PLD version 0x10
GIO ASIC version 0x127
c2801 processor with 262144 Kbytes of main memory
Main memory is configured to 64 bit mode with parity disabled
Readonly ROMMON initialized
program load complete, entry point: 0x8000f000, size: 0xc100
Initializing ATA monitor library.......
program load complete, entry point: 0x8000f000, size: 0xc100
Initializing ATA monitor library.......
program load complete, entry point: 0x8000f000, size: 0x1c49710
Self decompressing the image : ###################################################################################################################################################### [OK]
Smart Init is enabled
smart init is sizing iomem
ID MEMORY_REQ TYPE
0X003AA110 public buffer pools
0X00211000 public particle pools
0X00020000 Crypto module pools
0X0002 0X0001A800 Card in slot 3
0X000021B8 Onboard USB
If any of the above Memory Requirements are
"UNKNOWN", you may be using an unsupported
configuration or there is a software problem and
system operation may be compromised.
Allocating additional 18197247 bytes to IO Memory.
PMem allocated: 241172480 bytes; IOMem allocated: 27262976 bytes
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, 2801 Software (C2801-ENTBASEK9-M), Version 12.4(20)T1, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Wed 24-Sep-08 15:25 by prod_rel_team
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Cisco 2801 (revision 6.0) with 235520K/26624K bytes of memory.
Processor board ID FTX1022W1SF
2 FastEthernet interfaces
1 Serial(sync/async) interface
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
62720K bytes of ATA CompactFlash (Read/Write)
Press RETURN to get started!
*Dec 16 22:41:12.727: %LINK-3-UPDOWN: Interface Serial0/3/0, changed state to down
*Dec 16 22:41:13.727: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/3/0, changed state to down
*Dec 16 22:41:14.243: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
*Dec 16 22:41:15.363: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
*Dec 16 22:41:17.359: %SYS-5-CONFIG_I: Configured from memory by console
*Dec 16 22:41:18.195: %SYS-5-RESTART: System restarted --
Cisco IOS Software, 2801 Software (C2801-ENTBASEK9-M), Version 12.4(20)T1, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Wed 24-Sep-08 15:25 by prod_rel_team
*Dec 16 22:41:18.203: %SNMP-5-COLDSTART: SNMP agent on host r0 is undergoing a cold start
*Dec 16 22:41:19.215: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down
*Dec 16 22:41:19.359: %LINK-5-CHANGED: Interface Serial0/3/0, changed state to administratively down
router>
router>sh flash
-#- --length-- -----date/time------ path
1 29661360 Feb 22 1907 17:31:44 c2801-entbasek9-mz.124-20.T1.bin
34357248 bytes available (29663232 bytes used)> router>en router#
Ahora si no se cuenta con un cable cruzado o bien el comando tftpdnld no funciona se puede cargar la IOS a través del cable de consola con el comando xmodem en ROMmon, para esto se recomienda leer: Xmodem Console Download Procedure Using ROMmon.... Eso sí, conviene cambiar la velocidad de la línea de típcamente de 9600 bps a 115.200 bps!!!.
Algunos links:
- ROMmon Recovery for the Cisco 2600 Series Router and the VG200
- ROMmon Recovery for the Cisco 3600/3700/3800 Series Routers
- ROMmon Recovery Procedure for the Cisco 7200, 7300, 7400, 7500, RSP7000, Catalyst 5500 RSM, uBR7100, uBR7200, uBR10000, and 12000 Series Routers
- How to Download a Software Image to a Cisco 2600 via TFTP Using the tftpdnld ROMMON Command
Suscribirse a:
Enviar comentarios (Atom)
Excelente, me sirvio de maravilla, muchas gracias por la aportacion