Cisco IOS and CLI Basics

# CHAPTER 10

Cisco IOS and CLI Basics #

1. Introduction #

When you unpack a new $10,000 Cisco router, plug it in, and connect it to your laptop, you will not see a beautiful graphical user interface with a mouse cursor. You will see a stark, black terminal screen with a blinking cursor. Cisco networking hardware is driven entirely by Cisco IOS (Internetwork Operating System), and the only way to interact with it is through the Command Line Interface (CLI). If you cannot navigate the CLI, you cannot be a network engineer. In this chapter, we will transition from theory to practice. We will explore the hierarchical modes of the Cisco CLI, master the universal show commands, and learn how to save our configurations so they survive a power outage.

2. Learning Objectives #

By the end of this chapter, you will be able to:

• Identify the three primary modes of the Cisco CLI (User, Privileged, Global Config).

• Navigate smoothly between different CLI modes using enable and exit.

• Utilize the ? (Help) command and the Tab auto-completion feature.

• Execute basic operational checks using show commands.

• Save the active configuration to persistent memory using copy running-config startup-config.

3. The Hierarchical CLI Modes #

Cisco IOS is designed like a high-security building. You start in the lobby (low permissions) and must type passwords to access the server room (high permissions). The CLI prompt changes to tell you exactly which room you are in.

1. User EXEC Mode (Router>)

• *The Prompt:* Ends with a >.

• *Access:* This is where you start. You have almost zero power. You can ping, but you cannot view configurations or make changes.

2. Privileged EXEC Mode (Router#)

• *The Prompt:* Ends with a # (Hash).

• *How to get there:* Type enable.

• *Access:* This is "Admin View" mode. You can view the entire system configuration (show running-config), restart the router, and view routing tables. However, you *still* cannot make changes to the network.

3. Global Configuration Mode (Router(config)#)

• *The Prompt:* Says (config)#.

• *How to get there:* Type configure terminal (from Privileged mode).

• *Access:* This is "God Mode." Anything you type here immediately alters the behavior of the entire router.

4. CLI Shortcuts and Survival Skills #

You do not have to memorize every single command perfectly. Cisco IOS wants to help you.

• The Question Mark (?): If you are lost, type ?. The router will print a list of every possible command you are allowed to type in your current mode. If you type show ?, it will list all the things you can "show".

• Tab Completion: Network engineers are lazy. They never type configure terminal. They type conf and press the Tab key. The router automatically finishes the word configure. They type t and press Tab. The router finishes terminal.

• Command Abbreviation: You don't even need to use Tab. You can just type conf t and hit Enter. As long as the letters are unique, the router will understand it.

5. The "Show" Commands (Your Diagnostic Tools) #

90% of a network engineer's job is not configuring routers; it is looking at them to figure out why they are broken. This is done from Privileged EXEC mode (#) using show commands.

• show ip interface brief (The most important command in Cisco. It prints a clean table showing every port on the device, its IP address, and if the cable is plugged in [Up/Up]).

• show ip route (Displays the Layer 3 Routing Table we learned about in Chapter 8).

• show mac address-table (Displays the Layer 2 MAC table we learned about in Chapter 6).

• show running-config (Prints the entire text file of every setting currently active on the device).

6. Saving Your Work (Running vs. Startup Config) #

When you are in Global Configuration mode and you change an IP address, the change happens *instantly* in the router's RAM (Memory). This active state is called the Running Configuration. However, RAM is volatile. If the janitor accidentally unplugs the router, your changes are permanently deleted.

To make changes permanent, you must copy the active RAM file into the router's permanent NVRAM hard drive (the Startup Configuration).

• *The Command:* copy running-config startup-config

• *The Abbreviation:* copy run start

*Always type this command before you log out for the day!*

7. Beginner Cisco Command Labs (Mental Walkthrough) #

Imagine you are logged into a brand new router.

1. 1. Router> (You are in User mode).

1. 2. Router> enable -> Press Enter.

1. 3. Router# (You are now in Privileged mode).

1. 4. Router# show ip interface brief (You check the ports. They are all empty).

1. 5. Router# configure terminal -> Press Enter.

1. 6. Router(config)# (You are now in Global Config mode. You are ready to build the network).

1. 7. Router(config)# exit (You drop back down to Privileged mode).

8. Best Practices #

• Do not use write memory on the exam: Older network engineers use the legacy command wr mem to save the configuration instead of copy run start. While it still works on hardware, Cisco officially deprecated it. On the CCNA exam, always use copy running-config startup-config.

9. Common Mistakes #

• Typing "Show" in Config Mode: A beginner enters Global Config mode (config)# and tries to type show ip route. The router throws an error: Invalid input detected. The show commands only work in Privileged EXEC mode (#). You must type exit to drop down a level, OR put the word do in front of it (do show ip route) to force the router to execute it from config mode.

10. Mini Project: Download Packet Tracer #

You cannot master the CLI by reading. You must type.

1. 1. Download Cisco Packet Tracer.

1. 2. Open a blank workspace. Drag a 2911 Router onto the screen.

1. 3. Click the router, go to the CLI tab.

1. 4. It will ask: Would you like to enter the initial configuration dialog? [yes/no]:. Always type no.

1. 5. Press Enter. You will see Router>.

1. 6. Practice typing enable, then conf t, then exit, then copy run start. Congratulations, you are navigating IOS!

11. Practice Exercises #

1. 1. Explain the operational difference between Privileged EXEC Mode (#) and Global Configuration Mode ((config)#).

1. 2. Why is the copy running-config startup-config command absolutely critical before rebooting a Cisco device?

12. MCQs with Answers #

13. Interview Questions #

• Q: Explain the functional difference between the running-config and the startup-config files in Cisco IOS. Where is each file physically stored on the router's hardware?

• Q: You are in Global Configuration mode Router(config)# and need to quickly check the routing table without exiting your current mode. What specific syntax must you use?

• Q: Walk me through the exact CLI commands required to log into a device, enter the mode required to make system changes, and then save those changes permanently.

14. FAQs #

Q: What if I make a massive mistake in Global Config mode and break the network? A: Because changes happen instantly in the running-config, you cannot just click "Undo." However, if you haven't typed copy run start yet, you can simply pull the power cord out of the router. When it reboots, it will load the last saved startup-config, erasing your mistake completely. (This is called "reloading" a router).

15. Summary #

In Chapter 10, we breached the command line interface of Cisco IOS. We mapped the hierarchical security modes: utilizing User EXEC mode as the lobby, utilizing enable to access the diagnostic power of Privileged EXEC mode (#), and commanding the system via configure terminal to reach Global Configuration mode ((config)#). We learned to leverage the ? and Tab shortcuts to accelerate our workflows, and identified show ip interface brief as the ultimate diagnostic command. Finally, we cemented the golden rule of network engineering: always save your running-config to the startup-config.

16. Next Chapter Recommendation #

You know how to navigate the command line. Now it is time to actually build the network. Proceed to Chapter 11: Configuring Cisco Routers and Switches.