sábado, 26 de diciembre de 2009

Cargando una IOS al router

Posted by Nicolas | sábado, 26 de diciembre de 2009 | Category: |

Si se borra accidentalmente la IOS de la memoria flash o bien la nueva que se cargó presenta un error y no se dispone automáticamente de un backup en un servidor TFTP, al reiniciar el router se entrará a ROMmon (ROM monitor). Si bien qué hacer en estas circunstancias no está directamente relacionado con los contenidos del examen de CCIE®, es muy conveniente saberlo para todo aquel que trabaja con routers Cisco y así estar preparado, por ejemplo, si al hacer un upgrade de IOS algo sale mal.

Conviene hablar de configuration register, básicamente un valor almacenado en la NVRAM de 16 bits que define, entre otras cosas, de dónde se carga la IOS para iniciar el router. La siguiente tabla muestra qué significa activar algunos de sus bits.

Bit Number.......Hexadecimal Value....Meaning/Function
..00-03............0x0000-0x000F......Comprises the boot field for defining the source of a default Cisco IOS software image required to run the router.
...05.................0x0020..........Defines the console baud rate (the default setting is 9600 bps)
...06.................0x0040..........Causes system software to ignore the contents of NVRAM
...07.................0x0080..........Disable boot messages
...08.................0x0100..........Disables the Break function
...09.................0x0200..........Uses a secondary bootstrap
...10.................0x0400..........Broadcasts Internet Protocol (IP) with all zeros
..11-12............0x0800-0x1000......Defines the console baud rate (the default setting is 9600 bps)
...13.................0x2000..........Boots default ROM software if network boot fails
...14.................0x4000..........Excludes network numbers from IP broadcasts
...15.................0x8000..........Enables diagnostic messages and ignores the contents of NVRAM

En particular conviene poner atención al valor que toman los cuatro primeros bits del configuration register, que se define así:

Boot Field......Meaning
....00..........On power up, the system remains at the ROM monitor prompt (rommon>), awaiting a user command to boot the system manually.
....01..........On power up, the system automatically boots the first system image found in the onboard Flash memory SIMM on the RP.
...02-0F........On power up, the system boots automatically from a default Cisco IOS software image stored on a TFTP server in the network.

O sea que si los cuatro primeros bits son 0, el router siempre partirá en ROMmon. A su vez si los bits representan el valor decimal 2 (0010 en binario), que está seteado por defecto en los routers Cisco, se pondrá atención a lo que dicte el comando boot system en la configuración del equipo, que en caso de no estar presente se tratará de partir, entonces, desde un servidor TFTP con un nombre por defecto de archivo. Si esto falla el equipo intentará partir desde la memoria flash removible.

Cabe destacar que el configuration register es un número compuesto. Por ejemplo un valor muy común es el utilizado en la mayoría de los procedimientos de Password Recovery: 0x2142, el cual significa:
  • 0x2000: Boots default ROM software if network boot fails
  • 0x0100: Disables the Break function
  • 0x0040: Causes system software to ignore the contents of NVRAM
  • 02 to 0F : On power up, ...
Entonces lo más relevante aquí es que se saltará los contenidos de la NVRAM, por ende no leerá la startup-config , por lo que se iniciará con una configuración por defecto o "en blanco". Para modificar este valor se puede utilizar el comando confreg en ROMmon o config-register en modo privilegiado de configuración. Para más detalles revisar: Configuring the Software Configuration Register.

Entonces qué hacer si el valor (por defecto) de 0x2102 está seteado, pero no se logra salir de ROMmon. Bueno, dependerá de qué recursos se tengan para cargar la IOS a la memoria flash del router. Si además del cable de consola se dispone de un cable ethernet cruzado, se puede conectar nuestro PC/laptop al router y actuar como TFTP server (se debe tener un software adecuado para estos propósitos), utilizando el comando tftpdnld en ROMmon como se verá en el ejemplo a continuación (tomé la idea del blog de David Sudjiman).

System Bootstrap, Version 12.3(8r)T9, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 2004 by cisco Systems, Inc.
PLD version 0x10
GIO ASIC version 0x127
c2801 processor with 262144 Kbytes of main memory
Main memory is configured to 64 bit mode with parity disabled


Readonly ROMMON initialized
rommon 1 > IP_ADDRESS=10.0.0.2
rommon 2 > IP_SUBNET_MASK=255.255.255.252
rommon 3 > DEFAULT_GATEWAY=10.0.0.1
rommon 4 > TFTP_SERVER=10.0.0.1
rommon 5 > TFTP_FILE=c2801-entbasek9-mz.124-20.T1.bin
rommon 6 > TFTP_VERBOSE=2
rommon 7 > FE_PORT=0
rommon 8 > TFTP_CHECKSUM=1
rommon 9 > tftpdnld

IP_ADDRESS: 10.0.0.2
IP_SUBNET_MASK: 255.255.255.252
DEFAULT_GATEWAY: 10.0.0.1
TFTP_SERVER: 10.0.0.1
TFTP_FILE: c2801-entbasek9-mz.124-20.T1.bin
TFTP_MACADDR: 00:18:18:76:22:8c
TFTP_VERBOSE: Verbose
TFTP_RETRY_COUNT: 18
TFTP_TIMEOUT: 7200
TFTP_CHECKSUM: Yes
FE_PORT: 0
FE_SPEED_MODE: Auto Detect

Invoke this command for disaster recovery only.
WARNING: all existing data in all partitions on flash will be lost!
Do you wish to continue? y/n: [n]: y

Performing tftpdnld over Fast Enet.
Initializing interface.
Interface link state up (100MB/HD).
ARPing for 10.0.0.1
ICMP: ignored unsupported ICMP type 0x0, code 0x0 from 10.0.0.1.
ARPing for 10.0.0.1
ARP reply for 10.0.0.1 received. MAC address 00:17:08:3f:54:47.
Receiving c2801-entbasek9-mz.124-20.T1.bin from 10.0.0.1 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
File reception completed.
Validating checksum.
Copying file c2801-entbasek9-mz.124-20.T1.bin to flash.
program load complete, entry point: 0x8000f000, size: 0xc100

Initializing ATA monitor library.......

Format: Drive communication & 1st Sector Write OK...
Writing Monlib sectors.
..................................................................................................
Monlib write complete

Format: All system sectors written. OK...
Format: Operation completed successfully.

Format of flash: complete
program load complete, entry point: 0x8000f000, size: 0xc100

Initializing ATA monitor library.......

rommon 10 > reset

System Bootstrap, Version 12.3(8r)T9, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 2004 by cisco Systems, Inc.
PLD version 0x10
GIO ASIC version 0x127
c2801 processor with 262144 Kbytes of main memory
Main memory is configured to 64 bit mode with parity disabled


Readonly ROMMON initialized
program load complete, entry point: 0x8000f000, size: 0xc100

Initializing ATA monitor library.......
program load complete, entry point: 0x8000f000, size: 0xc100

Initializing ATA monitor library.......

program load complete, entry point: 0x8000f000, size: 0x1c49710
Self decompressing the image : ###################################################################################################################################################### [OK]

Smart Init is enabled
smart init is sizing iomem
ID MEMORY_REQ TYPE
0X003AA110 public buffer pools
0X00211000 public particle pools
0X00020000 Crypto module pools
0X0002 0X0001A800 Card in slot 3
0X000021B8 Onboard USB

If any of the above Memory Requirements are
"UNKNOWN", you may be using an unsupported
configuration or there is a software problem and
system operation may be compromised.

Allocating additional 18197247 bytes to IO Memory.
PMem allocated: 241172480 bytes; IOMem allocated: 27262976 bytes

Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706



Cisco IOS Software, 2801 Software (C2801-ENTBASEK9-M), Version 12.4(20)T1, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Wed 24-Sep-08 15:25 by prod_rel_team

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco 2801 (revision 6.0) with 235520K/26624K bytes of memory.
Processor board ID FTX1022W1SF
2 FastEthernet interfaces
1 Serial(sync/async) interface
DRAM configuration is 64 bits wide with parity disabled.
191K bytes of NVRAM.
62720K bytes of ATA CompactFlash (Read/Write)

Press RETURN to get started!


*Dec 16 22:41:12.727: %LINK-3-UPDOWN: Interface Serial0/3/0, changed state to down
*Dec 16 22:41:13.727: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/3/0, changed state to down
*Dec 16 22:41:14.243: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
*Dec 16 22:41:15.363: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
*Dec 16 22:41:17.359: %SYS-5-CONFIG_I: Configured from memory by console
*Dec 16 22:41:18.195: %SYS-5-RESTART: System restarted --
Cisco IOS Software, 2801 Software (C2801-ENTBASEK9-M), Version 12.4(20)T1, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Wed 24-Sep-08 15:25 by prod_rel_team
*Dec 16 22:41:18.203: %SNMP-5-COLDSTART: SNMP agent on host r0 is undergoing a cold start
*Dec 16 22:41:19.215: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down
*Dec 16 22:41:19.359: %LINK-5-CHANGED: Interface Serial0/3/0, changed state to administratively down
router>
router>sh flash
-#- --length-- -----date/time------ path
1 29661360 Feb 22 1907 17:31:44 c2801-entbasek9-mz.124-20.T1.bin

34357248 bytes available (29663232 bytes used)

router>
router>en
router#

Ahora si no se cuenta con un cable cruzado o bien el comando tftpdnld no funciona se puede cargar la IOS a través del cable de consola con el comando xmodem en ROMmon, para esto se recomienda leer: Xmodem Console Download Procedure Using ROMmon.... Eso sí, conviene cambiar la velocidad de la línea de típcamente de 9600 bps a 115.200 bps!!!.

Algunos links:

En total 1 comentarios:

  1. Excelente, me sirvio de maravilla, muchas gracias por la aportacion


Leave a Reply