Share Everything to Everyone

Senin, 12 Januari 2015

Identifying Cisco Router & Switch IOS

11.05 Posted by ROSYID'S BLOG , No comments
There are several ways to identify which Cisco IOS your Cisco device is running. First way being to examine the boot dispatch, this will display the image name that is loaded from flash which in return can be used to identify the IOS Version and Feature Set of the image.
Provided below is an example of the required dispatch from the boot process which can be used to identify which IOS Version and Feature Sets the router is currently loading.
Cisco Internetwork Operating System Software
IOS (tm) 3600 Software (C3620-IK9O3S7-M), Version 12.3(25), RELEASE SOFTWARE (fc1)
Turn your attention to line 2 where you see C3620-IK9O3S7-M; this displays the features that are included in the image and the loading type (which will be discussed later) for the image that is currently be loaded by the Router. Following the feature set being loaded you can also see the Version of the IOS. As shown in this example, the router is currently booting IOS Version 12.3(25)
The most common way of obtaining IOS identification information is by using the show version command. This command shows various information pertaining to the Cisco IOS Version and Feature Set as well as hardware information about the router.
The textbox below shows the dispatch of the show version command.
Router#show version
Cisco Internetwork Operating System Software
IOS (tm) 3600 Software (C3620-IK9O3S7-M), Version 12.3(25), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2008 by cisco Systems, Inc.
Compiled Mon 28-Jan-08 20:16 by alnguyen

ROM: System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)

Router uptime is 23 minutes
System returned to ROM by reload
System image file is "flash:c3620-ik9o3s7-mz.123-25.bin"

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco 3620 (R4700) processor (revision 0x81) with 60416K/5120K bytes of memory.
Processor board ID 24807256
R4700 CPU at 80MHz, Implementation 33, Rev 1.0
Bridging software.
X.25 software, Version 3.0.0.
2 FastEthernet/IEEE 802.3 interface(s)
32 terminal line(s)
DRAM configuration is 32 bits wide with parity disabled.
29K bytes of non-volatile configuration memory.
32768K bytes of processor board System flash (Read/Write)

Configuration register is 0x2102

Router#
As you can see lines 2, 3 & 4 are identical to previously discussed boot dispatch information. However take look at line 13 and you’ll see System image file is “flash:c3620-ik9o3s7-mz.123-25.bin” This is the actual image file name that is currently running on the router. This image name is very helpful in identifying the IOS Version and Feature set.
Prior to Cisco IOS Version 12.4, Cisco had a very complex naming convention for their Feature Sets. This naming convention consisted of letters identifying certain features in the image.
Below is a chart comprised of common pre-standing naming convention identification letters;
Image Letter Feature Set
I IP
Y IP on 1700 Series Platforms
S IP Plus
S6 IP Plus – No ATM
S7 IP Plus – No Voice
J Enterprise
O IOS Firewall/Intrusion Detection
K Cryptorgaphy/IPSEC/SSH
K8 56Bit DES Encryption (Weak Cryptography)
K9 3DES/AES Encryption (Strong Cryptography)
X H323
G Services Selection Gateway (SSG)
C Remote Access Server or Packet Data Serving Node (PDSN)
B Apple Talk
N Novel IP/IPX
V Vox
R IBM
U Unlawful Intercept
P Service Provider
Telco Telecommunications Feature Set
Boot Boot Image (Used on high end routers/switches)
Now let’s break down the naming convention of the image name for our previous image; flash:c3620-ik9o3s7-mz.123-25.bin;
Now let’s break down the Features included with this image as shown below;
i = IP k9 = Strong Cryptography (3DES / AES) o3 = IOS Firewall/Intrusion Detection s7 = Plus (7 = No Voice)
Official Image Name: Cisco 3620 12.3(25) IP/FW/IDS PLUS 3DES IPSEC NO VOICE
Many images differ in how they load and their compression. As these features are also identified in the image name below, the following chart will identify execution types and compression formats.
Image Letter IOS Boot Location
f The image executes from Flash memory.
m The image executes from RAM.
r The image executes from ROM
l The image is relocatable.
z The image is compressed using ZIP format.
x The image is compressed using MZIP format.
w The image is compressed using STAC format.
The example 3620 image used in this lab executes from RAM and uses ZIP compression.
As of 2006, Cisco has introduced a new naming convention for feature sets. This new naming convention started in 12.3 and was implemented as the feature set naming standard in 12.4
Below is a feature tree comprised of the new naming convention used for Cisco router images 12.3T and greater;
You can see that IP Base is the basic image, from this image it branches off into IP Voice, Advanced Security or Enterprise Base.
IP Voice also has an upgrade to Service Provider Services, which includes SP Services Features, IP Voice Features and IP Base features.
Only “Advanced” Images contain Advanced Encryption Standard (AES) Cryptography
The following categories summarize the new naming convention:
Feature Set Description
Base Entry level image (IP Base, Enterprise Base)
Services addition of IP Telephony Service, MPLS, Voice over IP, Voice over Frame Relay and ATM (Included in SP Services, Enterprise Services)
Advanced Addition of VPN, Cisco IOS Firewall, 3DES encryption, SSH, Cisco IOS IPSec and Intrusion Detection Systems (IDS) (Advanced Security, Advanced IP Services)
Enterprise Addition of multi-protocols, including IBM, IPX, AppleTalk (Enterprise Base, Enterprise Services)
Just like the new naming convention for Cisco Router IOS, Cisco has given the Switch IOS a new naming convention as well. This naming convention is very similar to the router IOS naming convention. Shown below is a feature tree of the new switch IOS naming convention;
Below are some examples of images using the new Cisco naming convention;
Example images for a Cisco 2800 Series Router:   c2800nm-adventerprisek9-mz.124-21.bin   c2800nm-ipbase-mz.124-21.bin
Example Images for a Cisco Catalyst 3750 Series Switch:   c3750-advipservicesk9-mz.122-44.SE.bin   c3750-ipservicesk9-mz.122-44.SE.bin   c3750-ipbase-mz.122-44.SE.bin
IP Base; formally known as Standard Multilayer Image (SMI) on Cisco Catalyst 3550 Series switches includes advanced quality of service, rate limiting, access control lists (ACL’s) and basic static and RIP routing functionality.
IP Services; formally known as Enhanced Multilayer Image (EMI) on Cisco Catalyst 3550 Series Switches has a more feature rich set of enterprise-class routing functionality as well as advanced hardware-based IP Unicast and IP Multicast routing, policy based routing (PBR).
Advanced IP Services is not available as a pre-installed license but is available as an upgrade license. This feature set includes IPv6 routing and IPv6 ACL support.
Enterprise Services & Advanced Enterprise Services are the cream of the crop. The images includes all features available to the platform; also these license(s) are the most expensive. These license(s) are only supported on various modular switches such as the Catalyst 4500, 4900, 6500 and others.
Below are a few examples of switch models you can purchase and the software license that’s bundled with the platform(s).
C3560-24PS-S = Cisco 3560 Series 24 Ports PoE with Standard Image (IP Base) C3750-48TS-E = Cisco 3750 Series 48 Port Non-PoE with Enhanced Image (IP Services)
The Cisco Catalyst 2960 Series has a different license model due to the switch being strictly layer 2. The Catalyst 2960 Series license model is similar to the Catalyst 2950 Series which includes two separate feature sets, Standard Image and Enhanced Image however, the new feature sets are called LAN LITE & LAN BASE. These new feature sets do have a significant difference including Quality of Services (QoS), Gigabit Ethernet Support, RPS, Rapid Spanning Tree, Link State Tracking, 802.1x enhancements, DHCP Snooping and many more features which can be found on the Cisco website.
Cisco IOS 15.0 was released October 1st 2009 and with this new mainline IOS release, we’ll see the use of the Universal Image. The feature sets have not changed but now with the use of these new universal images, image feature sets have to be licensed using a license file stored in NVRAM. Upon boot, the IOS looks at this license file and activates the features specified in the license; that of which you’ve purchased.
Each license file is specific to each platform serial number so therefore license files will not be swappable. No doubt with all the Cisco IOS piracy that occurs in the Cisco networking world today, Cisco systems is losing millions if not billions in license profit.
The next generation Integrated Services Routers which include the 1900 Series, 2900 Series and 3900 Series will use a single universal image file and require feature sets to be licensed. As part of the license management suite, Cisco offers a license management server as well as an IOS feature that can automatically download the license file from Cisco if your router is able to access the internet.
Cisco also utilized this technology with the 3560E and 3750E Switches. Example IOS IMAGE names shown below;   c3560e-universalk9-mz.122-50.SE2.bin   c3750e-universalk9-mz.122-50.SE2.bin   c3900-universalk9-mz.150-1M.bin [/text]

0 komentar:

Posting Komentar