Understanding the Configuration Register Bits
The 16 bits of the configuration register are read from 15 to 0, from left to right. The default configuration setting on Cisco routers is 0×2102. This means that bits 13, 8, and 1 are on, as shown in Table as below. Notice that each set of 4 bits is read in binary with a value of 8, 4, 2, 1:
Below table is lists of software configuration bit meanings. Notice that bit 6 can be used to ignore the NVRAM contents. This bit is used for password recovery.
The boot field, which consists of bits 0–3 in the configuration register, controls the router boot sequence. Table as below describes the boot field bits.
Checking the Current Configuration Register Value
You can see the current value of the configuration register by using the show version command (sh version or show ver for short), as demonstrated here:
Router#sh version
Cisco Internetwork Operating System Software
IOS ™ C2600 Software (C2600-I-M), Version 12.1(8)T3,
RELEASE SOFTWARE (fc1)
[output cut]
Configuration register is 0×2102
The last information given from this command is the value of the configuration register. In this example, the value is 0×2102—the default setting. The configuration register setting of 0×2102 tells the router to look in NVRAM for the boot sequence.
Notice that the show version command also provides the IOS version, and in the example above, it shows the IOS version as 12.1(8)T3.
Changing the Configuration Register
You can change the configuration register value to modify how the router boots and runs. Following are the possible reasons for changing the configuration register:
- To force the system into the ROM monitor mode.
- To select a boot source and default boot filename.
- To enable or disable the Break function.
- To control broadcast addresses.
- To set the console terminal baud rate.
- To load operating software from ROM.
- To enable booting from a Trivial File Transfer Protocol (TFTP) server.
And you can change the configuration register by using the config-register command.
Here’s an example. The following commands tell the router to boot a small IOS from ROM monitor mode and then show the current configuration register value:
Router(config)#config-register 0×101
Router(config)#^Z
Router#sh ver
[output cut]
Configuration register is 0×2102 (will be 0×0101 at next reload)
Notice that the show version command shows the current configuration register value, as well as what it will be when the router reboots. Any change to the configuration register won’t take effect until the router is reloaded. The 0×0101 will load the IOS from ROM the next time the router is rebooted. You may see it listed as 0×101; that’s basically the same thing, and it can be written either way.
Recovering Passwords
If you’re locked out of a router because you forgot the password, you can change the configuration register to help you get back on your feet. Bit 6 in the configuration register is used to tell the router whether to use the contents of NVRAM to load a router configuration.
The default configuration register value is 0×2102, meaning that bit 6 is off. With the default setting, the router will look for and load a router configuration stored in NVRAM (startup-config). To recover a password, you need to turn on bit 6. Doing this will tell the router to ignore the NVRAM contents. The configuration register value to turn on bit 6 is 0×2142.
Here are the main steps to password recovery:
1. Boot the router and interrupt the boot sequence by performing a break.
2. Change the configuration register to turn on bit 6 (with the value 0×2142).
3. Reload the router.
4. Enter privileged mode.
5. Copy the startup-config file to running-config.
6. Change the password.
7. Reset the configuration register to the default value.
8. Save the router configuration.
9. Reload the router.
Interrupting the Router Boot Sequence
Your first step is to boot the router and perform a break. This is usually done by pressing the Ctrl+Break key combination when using HyperTerminal and while the router first reboots.
After you’ve performed a break, you should see something like this:
System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
Copyright (c) 1999 by cisco Systems, Inc.
TAC:Home:SW:IOS:Specials for info
PC = 0xfff0a530, Vector = 0×500, SP = 0×680127b0
C2600 platform with 32768 Kbytes of main memory
PC = 0xfff0a530, Vector = 0×500, SP = 0×80004374
monitor: command “boot” aborted due to user interrupt
rommon 1 >
Notice the line command “boot” aborted due to user interrupt. At this point, you will be at the rommon 1> prompt on some routers.
Changing the Configuration Register
You can change the configuration register by using the config-register command. To turn on bit 6, use the configuration register value 0×2142. This example will change on Cisco 2600 Series and Cisco 2500 Series.
Cisco 2600 Series Commands
To change the bit value on a Cisco 2600 series router, you just enter the command at the rommon 1> prompt:
rommon 1 > confreg 0×2142
You must reset or power cycle for new config to take effect
Cisco 2500 Series Commands
To change the configuration register on a 2500 series router, type o after creating a break sequence on the router. This brings up a menu of configuration register option settings. To change the configuration register, enter the command o/r, followed by the new register value.
Here’s an example of turning on bit 6 on a 2501 router:
System Bootstrap, Version 11.0(10c), SOFTWARE
Copyright (c) 1986-1996 by cisco Systems
2500 processor with 14336 Kbytes of main memory
Abort at 0×1098FEC (PC)
>o
Configuration register = 0×2102 at last boot
Bit# Configuration register option settings:
15 Diagnostic mode disabled
14 IP broadcasts do not have network numbers
13 Boot default ROM software if network boot fails
12-11 Console speed is 9600 baud
10 IP broadcasts with ones
08 Break disabled
07 OEM disabled
06 Ignore configuration disabled
03-00 Boot file is cisco2-2500 (or ‘boot system’ command)
>o/r 0×2142
Notice that the last entry in the router output is 03-00. This tells the router what the IOS boot file is. By default, the router will use the first file found in the flash memory, so if you want to boot a different file name, you can either change the configuration register or use the boot system ios_name command.
Reloading the Router and Entering Privileged Mode
At this point, you need to reset the router like this:
- From the 2600 series router, type reset.
- From the 2500 series router, type I (for initialize).
The router will reload and ask if you want to use setup mode (because no startup-config is used). Answer No to entering setup mode, press Enter to go into user mode, and then type enable
Viewing and Changing the Configuration
Now you’re past the point where you would need to enter the user-mode and privileged-mode passwords in a router. Copy the startup-config file to the running-config file:
copy startup-config running-config
or use the shortcut
copy start run
The configuration is now running in random access memory (RAM), and you’re in privileged mode, meaning that you can now view and change the configuration. But you can’t view the enable secret setting for the password.
To change the password, do this:
config t
enable secret your-password
Resetting the Configuration Register and Reloading the Router
After you’re finished changing passwords, set the configuration register back to the default value with the config-register command:
config t
config-register 0×2102
Finally, save the new configuration with a copy running-config startup-config and reload the router. Done!
The 16 bits of the configuration register are read from 15 to 0, from left to right. The default configuration setting on Cisco routers is 0×2102. This means that bits 13, 8, and 1 are on, as shown in Table as below. Notice that each set of 4 bits is read in binary with a value of 8, 4, 2, 1:
Below table is lists of software configuration bit meanings. Notice that bit 6 can be used to ignore the NVRAM contents. This bit is used for password recovery.
Bit | Hex | Description |
0–3 | 0×0000–0×000F | Boot field (see Table 9.4). |
6 | 0×0040 | Ignore NVRAM contents. |
7 | 0×0080 | OEM bit enabled. |
8 | 0×101 | Break disabled. |
10 | 0×0400 | IP broadcast with all zeros. |
5, 11–12 | 0×0800–0×1000 | Console line speed. |
13 | 0×2000 | Boot default ROM software if network boot fails. |
14 | 0×4000 | IP broadcasts do not have net numbers. |
15 | 0×8000 | Enable diagnostic messages and ignore NVRAM contents. |
Boot Field | Meaning | Use |
00 | ROM monitor mode | To boot to ROM monitor mode, set the configuration register to 2100. You must manually boot the router with the b command. The router will show the rommon> prompt. |
01 | Boot image from ROM | To boot an IOS image stored in ROM, set the configuration register to 2101. The router will show the router(boot)> prompt. |
02–F | Specifies a default boot file name | Any value from 2102 through 210F tells the router to use the boot commands specified in NVRAM. |
You can see the current value of the configuration register by using the show version command (sh version or show ver for short), as demonstrated here:
Router#sh version
Cisco Internetwork Operating System Software
IOS ™ C2600 Software (C2600-I-M), Version 12.1(8)T3,
RELEASE SOFTWARE (fc1)
[output cut]
Configuration register is 0×2102
The last information given from this command is the value of the configuration register. In this example, the value is 0×2102—the default setting. The configuration register setting of 0×2102 tells the router to look in NVRAM for the boot sequence.
Notice that the show version command also provides the IOS version, and in the example above, it shows the IOS version as 12.1(8)T3.
Changing the Configuration Register
You can change the configuration register value to modify how the router boots and runs. Following are the possible reasons for changing the configuration register:
- To force the system into the ROM monitor mode.
- To select a boot source and default boot filename.
- To enable or disable the Break function.
- To control broadcast addresses.
- To set the console terminal baud rate.
- To load operating software from ROM.
- To enable booting from a Trivial File Transfer Protocol (TFTP) server.
And you can change the configuration register by using the config-register command.
Here’s an example. The following commands tell the router to boot a small IOS from ROM monitor mode and then show the current configuration register value:
Router(config)#config-register 0×101
Router(config)#^Z
Router#sh ver
[output cut]
Configuration register is 0×2102 (will be 0×0101 at next reload)
Notice that the show version command shows the current configuration register value, as well as what it will be when the router reboots. Any change to the configuration register won’t take effect until the router is reloaded. The 0×0101 will load the IOS from ROM the next time the router is rebooted. You may see it listed as 0×101; that’s basically the same thing, and it can be written either way.
Recovering Passwords
If you’re locked out of a router because you forgot the password, you can change the configuration register to help you get back on your feet. Bit 6 in the configuration register is used to tell the router whether to use the contents of NVRAM to load a router configuration.
The default configuration register value is 0×2102, meaning that bit 6 is off. With the default setting, the router will look for and load a router configuration stored in NVRAM (startup-config). To recover a password, you need to turn on bit 6. Doing this will tell the router to ignore the NVRAM contents. The configuration register value to turn on bit 6 is 0×2142.
Here are the main steps to password recovery:
1. Boot the router and interrupt the boot sequence by performing a break.
2. Change the configuration register to turn on bit 6 (with the value 0×2142).
3. Reload the router.
4. Enter privileged mode.
5. Copy the startup-config file to running-config.
6. Change the password.
7. Reset the configuration register to the default value.
8. Save the router configuration.
9. Reload the router.
Interrupting the Router Boot Sequence
Your first step is to boot the router and perform a break. This is usually done by pressing the Ctrl+Break key combination when using HyperTerminal and while the router first reboots.
After you’ve performed a break, you should see something like this:
System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1)
Copyright (c) 1999 by cisco Systems, Inc.
TAC:Home:SW:IOS:Specials for info
PC = 0xfff0a530, Vector = 0×500, SP = 0×680127b0
C2600 platform with 32768 Kbytes of main memory
PC = 0xfff0a530, Vector = 0×500, SP = 0×80004374
monitor: command “boot” aborted due to user interrupt
rommon 1 >
Notice the line command “boot” aborted due to user interrupt. At this point, you will be at the rommon 1> prompt on some routers.
Changing the Configuration Register
You can change the configuration register by using the config-register command. To turn on bit 6, use the configuration register value 0×2142. This example will change on Cisco 2600 Series and Cisco 2500 Series.
Cisco 2600 Series Commands
To change the bit value on a Cisco 2600 series router, you just enter the command at the rommon 1> prompt:
rommon 1 > confreg 0×2142
You must reset or power cycle for new config to take effect
Cisco 2500 Series Commands
To change the configuration register on a 2500 series router, type o after creating a break sequence on the router. This brings up a menu of configuration register option settings. To change the configuration register, enter the command o/r, followed by the new register value.
Here’s an example of turning on bit 6 on a 2501 router:
System Bootstrap, Version 11.0(10c), SOFTWARE
Copyright (c) 1986-1996 by cisco Systems
2500 processor with 14336 Kbytes of main memory
Abort at 0×1098FEC (PC)
>o
Configuration register = 0×2102 at last boot
Bit# Configuration register option settings:
15 Diagnostic mode disabled
14 IP broadcasts do not have network numbers
13 Boot default ROM software if network boot fails
12-11 Console speed is 9600 baud
10 IP broadcasts with ones
08 Break disabled
07 OEM disabled
06 Ignore configuration disabled
03-00 Boot file is cisco2-2500 (or ‘boot system’ command)
>o/r 0×2142
Notice that the last entry in the router output is 03-00. This tells the router what the IOS boot file is. By default, the router will use the first file found in the flash memory, so if you want to boot a different file name, you can either change the configuration register or use the boot system ios_name command.
Reloading the Router and Entering Privileged Mode
At this point, you need to reset the router like this:
- From the 2600 series router, type reset.
- From the 2500 series router, type I (for initialize).
The router will reload and ask if you want to use setup mode (because no startup-config is used). Answer No to entering setup mode, press Enter to go into user mode, and then type enable
Viewing and Changing the Configuration
Now you’re past the point where you would need to enter the user-mode and privileged-mode passwords in a router. Copy the startup-config file to the running-config file:
copy startup-config running-config
or use the shortcut
copy start run
The configuration is now running in random access memory (RAM), and you’re in privileged mode, meaning that you can now view and change the configuration. But you can’t view the enable secret setting for the password.
To change the password, do this:
config t
enable secret your-password
Resetting the Configuration Register and Reloading the Router
After you’re finished changing passwords, set the configuration register back to the default value with the config-register command:
config t
config-register 0×2102
Finally, save the new configuration with a copy running-config startup-config and reload the router. Done!
No comments:
Post a Comment