Re: Self-configuration when plug the provider's cable

msbassols · ‎01-21-2008

Hi all

I've a 1801 router with a recently erased NVRAM with command "write erase".

When i plug the ethernet cable of my internet provider and i reload it, it autocinfigures with some config that my provider sends, including the hostname, the fastethernet 0 interface with dhcp configuration, etc.

Anyone can explain me what happens here?

Attached you can find the "sh run" and "sh ip int brief" outputs

Thanks

Miquel

patrickvanham · ‎01-21-2008

Actually, this looks like the default configuration, and is always present. Your ISP isn't doing anything. Please see http://www.cisco.com/en/US/docs/routers/access/1800/1801/software/configuration/guide/routconf.html

msbassols · ‎01-21-2008

Thank you patrick but i don't think so

Look at my fastethernet0 interface, the default state is in shutdown and no ip address but in my case, selfs configure at ip address dhcp, no shutdown and i obtain public address from my provider with no command issued after the write erase command. The Same for the hostname, look at my router's name (cliente-32520) i never issued this name and is in spanish language like my provider...

patrickvanham · ‎01-21-2008

Sorry, as you were discussing your ISP I mistakenly looked at the ATM interface. What happens if you go into global configuration mode and type in "default interface FastEthernet0"?

If the configuration is still dhcp, I'd say the ISP has made some changes to the default configuration. I was also going to suggest unplugging all cables except console and do write erase again and reload, still with only the console cable.

Pavel Bykov · ‎01-21-2008

All is because "ip address dhcp" command on the interface.

Delete that. Try erasing nvram, and then rebooting the router with the ISP cable unplugged.

Remember, if port was down when router boots, it would have NO WAY of getting the infromation from outside. Therefore the theory of it receiving the configuration from the provider could be the work of Configuration Register.

Check "show version" to see if it is 0x2102. Otherwise try rebooting it with no config with cables unplugged. After boot is ok, you can connect to the ISP and see, that if there is no dhcp command, it will not be configured.

Also, what do you think is DHCP is for? PCs are configured by DHCP just like that. That's how it works.

pcameron · ‎01-21-2008

It's actually happening because this command is in the system config -

service config

This enables autoloading of configuration files from a network server. Normally it would look at the IP address configured under the boot host or boot network commands, but as these are not configured, the router sends a tftp broadcast request for a file called 'router-config' to 255.255.255.255.

It looks like the ISP has is picking this up and responding with a basic config template, which also includes the ip address dhcp' under the FE port.

If you plug a console into the router during the boot you will probably see a reference as the config request is accepted and a file is sent in response.

The solution - put in 'no service config' to prevent the router from broadcasting the config request.

Refer here for more background -

http://www.cisco.com/en/US/products/sw/iosswrel/ps1826/products_command_reference_chapter09186a00800d9c3b.html#xtocid109669

amolwaghmare · ‎01-21-2008

if wanna hack his router simply be in his network and send wrong configuration file !

Richard Burts · ‎01-21-2008

Amol

If you can be connected to the network on the interface that sends the request at the time that the request is sent, and if you respond to the request before the provider does, then you could tftp your own version of the config file. Once the router has received the tftp of the original config file it does not continue to accept tftp of more config files. So while there is some security risk in this, it is probably not a great risk.

HTH

Rick

HTH

Rick