International Journal of Scientific Research Engineering &Technology (IJSRET)

Volume 1 Issue1 pp 008-0013 March 2012 www. ijsret.org ISSN 2278 - 0882

FIRST BOOT OF THE ROUTER & STORING ITS CONFIGURATION

Gyan Prakash Pal Faculty of Electronics & Communication Engineering Department, Shanti Institute of Technology, Meerut (India), 2 Sadhana Pal Faculty of Electronics & Communication Engineering Department, Vishveshwarya Institute of Engineering & Technology, Greater Noida (India)
1

Abstract: Communication devices have become one

of the most important instruments to stay in touch with each other. Router is a most important device, used to connect different networks together and route packets of data from one network to another. So its really important to manage a router. If you are locked out of a router because you forgot the password, this paper will be helpful to re-inter the router. This paper also shows the main components of a router, the router boot sequence and the configuration register, including how to use the configuration register for password recovery. After reading this paper, a new user will understand how to bring up a router and how to crack its password, after that save the running configuration as a backup for future use.

example) it will start in setup mode and it will ask if you want to enter the initial configuration dialog. If you answer with No, you'll be taken to the command prompt and you'll be able to configure the router manually. If you answer with Yes, you'll be taken through a list of questions allowing you to configure the router e.g. set a hostname and enable password and secret, configure routed and routing protocols, and assign addresses to interfaces. You can initiate this configuration dialog at any time by using the setup command.

II. THE ROUTER BOOT SEQUENCE

When a router boots up, it performs a series of steps, called the boot sequence, which test the hardware and load the necessary software. The boot sequence consists of the following steps: a)The router performs a POST. The POST tests the hardware to verify that all the components of the device are operational and present. For example, the POST checks for the different interfaces on the router. The POST is stored in and run from ROM. b) The bootstrap then looks for and loads the IOS software. The bootstrap is a program in ROM that is used to execute programs. The bootstrap program is responsible for finding where each IOS program is located and then loading the file. By default, the IOS software is loaded from flash memory in all routers. The default order of an IOS loading in a router is Flash, TFTP server, then ROM. c)The IOS software looks for a valid configuration file stored in NVRAM. This file is called startupconfiguration. An administrator copies the running-configuration file into NVRAM as a startup-configuration.

Keywords: Router, Configuration register, IOS, RAM,

ROM, NVRAM and CLI commands.

I. INTRODUCTION
A router boots similar to a regular computer as it first performs a power on self test (POST) for the hardware, next loads bootstrap code from ROM, loads the IOS image from Flash into RAM and finally the router locates and loads a configuration file. You can reboot a router by using the power switch or the reload command. The Internetwork Operating System (IOS) and configuration files reside in different locations in a router. So it is very important to understand both where these files are located and how they work. The router configuration is stored in NVRAM. This is the place where the router will search for a configuration file. Alternatively, you can configure the router to load a configuration file from a TFTP server. If the router cannot locate a configuration file (on a new router for

IJSRET @ 2012

International Journal of Scientific Research Engineering &Technology (IJSRET)

Volume 1 Issue1 pp 008-0013 March 2012 d) If a startup-configuration file found in NVRAM, the router will copy this file and place it in RAM and call the file running-configuration. Then the router will use this file to run the router. 14 15 www. ijsret.org ISSN 2278 - 0882 04000 08000 IP broadcasts do not have net numbers Enable diagnostic message and ignore NVRAM contents

III. CONFIGURATION REGISTER

All Cisco routers have a 16-bit (2 bytes) configuration register thats written into NVRAM. By default, the configuration register is set to load the Cisco IOS from flash memory and load the startup- configuration file from NVRAM. The16-bit (2 bytes) of the configuration register is read from 15 to 0, from left to right. The default configuration setting on Cisco routers is 02102. This means that bits 13, 8 and 1 are on, as shown in Table 1. Notice that each set of 4 bits is read in binary with a value of 8, 4, 2, 1. Table 1: The Configuration Register Bit Number Configur ation Register Bit number Binary 2 1 0 2

The boot field, which consists of bits 0-3 in the configuration register, controls the router boot sequence. Table 3 describes the boot field bits. Table 3: The Boot Field Use Boot Field 00 To boot in ROM monitor mode, set the Configuration register to 2100 01 To boot an IOS image stored in ROM, set the Configuration register to 2101 02-F Any value from 2102 through 210F tells the router to use the boot commands specified in NVRAM IV.

CHECKING THE CURRENT CONFIGURATION REGISTER VALUE

register,

1 1 1 1 1 1 9 8 7 6 5 4 3 2 1 0 5 4 3 2 1 0 0 0 1 0 0 0 0 1 0 0 0 0 0 0 1 0

To see the current value of the configuration use the show version command:

Note: The prefix 0 to the configuration register address means that the digits that follow are in hexadecimal. Table 2 lists the configuration register bit meanings. Notice that bit 6 can be used to ignore the NVRAM contents, so this bit is used for password recovery. Table 2: configuration register bit meanings Bit Hex Description 0-3 00000Boot field (see table 3) 0000F 6 00040 Ignore NVRAM contents 7 00080 OEM bit enabled 8 00100 break disabled 10 00400 IP broadcast with all zeros 5, 11- 00800Console line speed 12 01000 13 02000 Boot default ROM software if network boot fails IJSRET @ 2012

Router# show version Cisco IOS Software, 2800 Software (C2800NMIPBASE-M), Version 12.3(14)T7, RELEASE SOFTWARE (fc2) ROM: System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1) Copyright (c) 2000 by cisco Systems, Inc. System returned to ROM by power-on System image file is "flash:c2800nm-ipbasemz.123-14.T7.bin" cisco 2811 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory Processor board ID JAD05190MTZ (4292891495) M860 processor: part number 0, mask 49 1 Ethernet/IEEE 802.3 interface(s) 3 FastEthernet/IEEE 802.3 interface(s) 7 Low-speed serial(sync/async) network interface(s) 239K bytes of NVRAM.

International Journal of Scientific Research Engineering &Technology (IJSRET)

Volume 1 Issue1 pp 008-0013 March 2012 62720K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 Router# The last line of this command gives the value of the configuration register. In the example, the value is 02102-the default setting. Notice that the show version command also provides the details of IOS version, ROM, RAM, NVRAM, Flash memory and all interfaces in the preceding example. www. ijsret.org ISSN 2278 - 0882 which will be when the router reboots. Any change to the configuration register wont take effect until the router is reloaded. The 02101 will load the IOS from ROM the next time the router is rebooted. Here is our router after setting the configuration register to 02101 and reloading: Router#show version 2800 Software (C2800NM-IPBASE-M), Version 12.3(14)T7, RELEASE SOFTWARE (fc2)Cisco IOS Software, [output cut] ROM: System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1) Copyright (c) 2000 by cisco Systems, Inc. System returned to ROM by power-on System image file is "flash:c2800nm-ipbasemz.123-14.T7.bin" [output cut] Configuration register is 0x2101 A router has full IOS in flash. To set the configuration register back to the default, just type this: Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#config-register 0x2102 Router(config)#^Z %SYS-5-CONFIG_I: Configured from console by console Router#reload Proceed with reload? [confirm]y [output cut] Router#show version [output cut] Configuration register is 0x2102

V. CHANGING THE CONFIGURATION REGISTER

You can change the configuration register value to modify how the router boots and runs. There are the main reasons you would want to change the configuration register: To force the system into the ROM monitor mode To select a boot source and default boot filename To enable or disable the Break function To control broadcast addresses To set the console terminal baud rate To load operating software from ROM To enable booting from a Trivial File Transfer Protocol (TFTP) server Before changing the configuration register, make sure you know the current configuration register value. Use the show version command to get this information. You can change the configuration register by using the config-register command: Router(config)#config-register 02101 Router(config)#^z Router# Router#show version [Output cut] Configuration register is 02102 (will be 02101 at next reload) Notice that the show version command displays the current configuration register value and also that value

VI. RECOVERING PASSWORDS

If you forgot the router password, you can change the configuration register to login the router. As I said earlier, bit 6 in the configuration register is used to tell the router whether to use the contents of NVRAM to load a router configuration (startupconfig). The default configuration register value is 0x2102; meaning that bit 6 is off. With the default setting, the

IJSRET @ 2012

International Journal of Scientific Research Engineering &Technology (IJSRET)

Volume 1 Issue1 pp 008-0013 March 2012 router will look for and load a router configuration stored in NVRAM (startup-config). To recover a password, you need to turn on the bit 6. Doing this will tell the router to ignore the NVRAM contents. The configuration register value after turn on bit 6 is 0x2142. Here are the main steps to password recovery: 1. Boot the router and interrupt the boot sequence by performing a break, which will take the router into ROM monitor mode. 2. Change the configuration register to turn on bit 6 (with the value 0x2142). 3. Reload the router. 4. Enter privileged mode. 5. Copy the startup-configuration file to runningconfiguration. 6. Change the password. 7. Reset the configuration register to the default value. 8. Save the router configuration. 9. Reload the router (optional). Interrupting the Router Boot Sequence: Your first step is to boot the router and perform a break. This is usually done by pressing the Ctrl+Break key combination when using HyperTerminal while the router first reboot. Router#reload Proceed with reload? [confirm]y %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command. System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1) Copyright (c) 2000 by cisco Systems, Inc. cisco 2811 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory Self decompressing the image : ########## monitor: command "boot" aborted due to user interrupt rommon 1 > Notice the line monitor: command "boot" aborted due to user interrupt. At this point, you will be at the rommon 1 > prompt, which is called ROM monitor mode. Changing the Configuration Register: www. ijsret.org ISSN 2278 - 0882 You can change the configuration register by using the config-register command. To turn on bit 6, use the configuration register value 0x2142. Remember that if you change the configuration register to 0x2142, the startup-configuration will be bypassed and the router will load into setup mode. To change the bit value on a Cisco ISR/2800 series router, you just enter the command: rommon 1 > confreg 0x2142 You must reset or power cycle for new configuration to take effect rommon 2 > reset System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1) Copyright (c) 2000 by cisco Systems, Inc. cisco 2811 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory Self decompressing the image : ########################################### ############################### [OK] Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco IOS Software, 2800 Software (C2800NMIPBASE-M), Version 12.3(14)T7, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2006 by Cisco Systems, Inc. Compiled Wed 22-Mar-06 18:40 by pt_team Image text-base: 0x40095498, data-base: 0x414E0000 cisco 2811 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory Processor board ID JAD05190MTZ (4292891495) M860 processor: part number 0, mask 49 1 Ethernet/IEEE 802.3 interface(s) 3 FastEthernet/IEEE 802.3 interface(s)

IJSRET @ 2012

International Journal of Scientific Research Engineering &Technology (IJSRET)

Volume 1 Issue1 pp 008-0013 March 2012 7 Low-speed serial(sync/async) network interface(s) 239K bytes of non-volatile configuration memory. 62720K bytes of processor board System flash (Read/Write) Cisco IOS Software, 2800 Software (C2800NMIPBASE-M), Version 12.3(14)T7, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2006 by Cisco Systems, Inc. Compiled Wed 22-Mar-06 18:40 by pt_team --- System Configuration Dialog --Continue with configuration dialog? [yes/no]: n Press RETURN to get started! Router>en Router# The router will reload and ask if you want to use setup mode (because no startup-config is used). Answer NO to entering setup mode; press Enter to go into user mode and then type enable to go into privileged mode. Viewing and Changing the Configuration: Now you are past the point where you would need to enter the user-mode and privileged-mode password in a router. Copy the startup-config file to the runningconfig file: Router#copy startup-config running-config or use the shortcut: Router#copy start run The configuration is now running in random access memory (RAM), and you are in privileged mode, meaning that you can now view and change the configuration. But you cant view the enable secret setting for the password since it is encrypted. To change the password, do this Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#enable secret Gyan Router(config)# www. ijsret.org ISSN 2278 - 0882 Resetting the Configuration Register and Reloading the Router: After you are finished changing password, set the configuration register back to the default value with the config-register command: Router#config t Router(config)#config-register 0x2102 Router(config)# Finally, save the new configuration with a copy running-config startup-config and reload the router. Router#copy running-config startup-config Destination filename [startup-config]? Building configuration... [OK] Router# Router#reload Proceed with reload? [confirm] %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command. System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1) Copyright (c) 2000 by cisco Systems, Inc. cisco 2811 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory Self decompressing the image : ########################################### ############################### [OK] Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (c) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco IOS Software, 2800 Software (C2800NMIPBASE-M), Version 12.3(14)T7, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport

IJSRET @ 2012

International Journal of Scientific Research Engineering &Technology (IJSRET)

Volume 1 Issue1 pp 008-0013 March 2012 Copyright (c) 1986-2006 by Cisco Systems, Inc. Compiled Wed 22-Mar-06 18:40 by pt_team Image text-base: 0x40095498, data-base: 0x414E0000 cisco 2811 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory Processor board ID JAD05190MTZ (4292891495) M860 processor: part number 0, mask 49 1 Ethernet/IEEE 802.3 interface(s) 3 FastEthernet/IEEE 802.3 interface(s) 7 Low-speed serial(sync/async) network interface(s) 239K bytes of non-volatile configuration memory. 62720K bytes of processor board System flash (Read/Write) Cisco IOS Software, 2800 Software (C2800NMIPBASE-M), Version 12.3(14)T7, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2006 by Cisco Systems, Inc. Compiled Wed 22-Mar-06 18:40 by pt team %LINK-5-CHANGED: Interface Vlan1, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up %LINK-5-CHANGED: Interface FastEthernet1/0, changed state to up %LINK-5-CHANGED: Interface Ethernet1/1/0, changed state to up %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down %LINK-5-CHANGED: Interface FastEthernet1/0, changed state to administratively down %LINK-5-CHANGED: Interface Ethernet1/1/0, changed state to administratively down %LINK-5-CHANGED: Interface Vlan1, changed state to administratively down Press RETURN to get started! Router> Router>enable Password: Router# www. ijsret.org ISSN 2278 - 0882

By the help of changing configuration register, you can bypass the booting sequence to enter the router. Now you can recover the password of the router and save the running-configuration file to the startup-configuration for future use. Have a pleasant stay in your router.

REFERENCES
[1] Comer, D. Internetworking with TCP/IP, Volume 1:

Principles, Protocols and Architecture. Upper Saddle River, NJ: Prentice Hall, 2000. [2] Comer, D. Computer Networks. Upper Saddle River, NJ: Prentice Hall, 2004. [3] Huitema, C. Routing in the Internet. Upper Saddle River, NJ: Prentice Hall, 2000. [4] Perlman, R. Interconnection: Bridges, Routers, Switches and Internetworking Protocols. Reading, MA: Addison-Wesley, 2000. [5] Stallings, W. Data and Computer Communications. Upper Saddle River, NJ: Prentice Hall, 2004. [6] Stallings, W. High Speed Networks. Upper Saddle River, NJ: Prentice Hall, 1998. [7] Yuan R. and Strayer, W. Virtual Private Network. Reading, MA: Addison-Wesley, 2001. [8] Tanenbaum, A. Computer Networks. Upper Saddle River, NJ: Prentice Hall, 2003. [9] Peterson, L. and Davie B. Computer Networks: A System Approach. San Francisco, CA: Morgan, Kaufmans, 2000. [10]Moy, J. OSPF: Anatomy of an Internet Routing Protocol. Reading, MA: Addison-Wesley, 1998.

VII. CONCLUSION

IJSRET @ 2012