Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology

Computer Networks 2 - Labs

Contents
Lab 1: Introduction to networking materials and software tools Lab 2: Practice on Cisco network devices Lab 3: Building a complete network on Packet Tracer Lab 4: LAN-to-LAN Connections Lab 5: Advanced LAN Switching Configuration - VLANs Lab 6: Building Inter-VLAN Network with a Router or Layer-3 Switch Lab 7: Basic Router Configuration Lab 8: RIP Version 2 and Debugging Lab 9: Configure OSPF on a multi-access network Lab 10: BGP - inter-autonomous system routing protocol Lab 11: Wireless Network and AP Configuration Lab 12: Using a network management and monitoring tool

Computer Networks 2 Laboratories

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology

Lab 6: Building Inter-VLAN Network with a Router and Layer-3 Switch

I. Objectives:
Understanding how VLANs create logically separate networks and the need for routing between VLANs. Practicing how to configure IP routing between VLANs (inter-VLAN routing) for full Layer 3 routing, or fallback bridging (VLAN bridging) on the Catalyst 3560 switch. Cisco Switch Catalyst 3560, Catalyst 2960 and Router 1801 will be given at Lab time.

II. Introduction
This part consists of these sections: Understanding IP Routing between VLANs Layer 3 Features of Cisco Switch Catalyst 3560 series Steps for Configuring Routing Configuring IP Addressing Assigning IP Addresses to Network Interfaces Configuring Address Resolution Methods Routing assistance when IP Routing is disabled Configuring Broadcast Packet Handling (Optional) Monitoring and Maintaining IP Network Configuring Fallback Bridging (extra reading, check documentation in variable sources) Understanding Fallback Bridging Configuring Fallback Bridging Monitoring and Maintaining Fallback Bridging 1. Understanding IP Routing between VLANs As with all IP subnets, for a host in one subnet to forward packets to a host in another subnet, at least one router must be involved. The router receives the frame, with a VLAN header that implies the frame is part of, for example, VLAN 1. The router makes a forwarding decision, sending the frame back out the same physical link, but this time with a VLAN trunking header that lists, for example, VLAN 2. The switch receives and forwards the frame in VLAN 2. It might seem a bit inefficient to send the packet from the switch to the router, and right back to the switchand it is. A more likely option in real campus LANs today is to use a switch called either a multilayer switch or a Layer 3 switch. These switches can perform both Layer 2 switching and Layer 3 routing. With fallback bridging configured in these switches, you can forward non-IP packets that the switch does not route between VLAN bridge domains and routed ports.

Computer Networks 2 Laboratories

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology 2. Layer 3 Features of Cisco Switch Catalyst 3560 series (reading reference) IP routing protocols for load balancing and for constructing scalable, routed backbones: RIP Versions 1 and 2. Full OSPF (requires the IP services feature set). Enhanced Interior Gateway Routing Protocol (EIGRP) IPv6 to utilize IPv6 transport, communicate with IPv6 peers, and advertise IPv6 routes. Border Gateway Protocol (BGP) Version 4 (requires the IP services image). Intermediate System-to-Intermediate System (IS-IS) routing supports dynamic routing protocols for Connectionless Network Service (CLNS) networks. IP routing between VLANs (inter-VLAN routing) for full Layer 3 routing between two or more VLANs, allowing each VLAN to maintain its own autonomous data-link domain. Policy-based routing (PBR) for configuring defined policies for traffic flows. Multiple VPN routing/forwarding (multi-VRF) instances in customer edge devices to allow service providers to support multiple virtual private networks (VPNs) and overlap IP addresses between VPNs (requires the IP services image). Fallback bridging for forwarding non-IP traffic between two or more VLANs (requires the IP services image). Static IP routing for manually building a routing table of network path information. Equal-cost routing for load balancing and redundancy. Internet Control Message Protocol (ICMP) and ICMP Router Discovery Protocol (IRDP) for using router advertisement and router solicitation messages to discover the addresses of routers on directly attached subnets. Protocol-Independent Multicast (PIM) for multicast routing within the network, allowing for devices in the network to receive the multicast feed requested and for switches not participating in the multicast to be pruned. Includes support for PIM sparse mode (PIM-SM), PIM dense mode (PIM-DM), and PIM sparse-dense mode (requires the IP services image). Multicast Source Discovery Protocol (MSDP) for connecting multiple PIM-SM domains (requires the IP services image). Distance Vector Multicast Routing Protocol (DVMRP) tunneling for interconnecting two multicast-enabled networks across nonmulticast networks (requires the IP services image). DHCP relay for forwarding UDP broadcasts, including IP address requests, from DHCP clients. DHCP for IPv6 relay, client, server address assignment and prefix delegation. IPv6 unicast routing capability for forwarding IPv6 traffic through configured interfaces (requires the IP services image). IPv6 default router preference (DRP) for improving the ability of a host to select an appropriate router. The specified interface must be one of these Layer 3 interfaces: A routed port: a physical port configured as a Layer 3 port by using the no switchport interface configuration command. A switch virtual interface (SVI): a VLAN interface created by using the interface vlan <vlan_id> global configuration command and by default a Layer 3 interface. A SVI represents a VLAN of switch ports as one interface to the routing or bridging function in the router. Only one SVI can be associated with a VLAN; it is necessary to configure an SVI for a VLAN only when you wish to route between VLANs. Computer Networks 2 Laboratories 3

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology 3. Steps for configuring Routing Configuring routing consists of several main procedures: To support VLAN interfaces, create and configure VLANs on the switch, and assign VLAN membership to Layer 2 interfaces. For more information, see CN2_Lab5, Advanced LAN Switching Configuration VLANs. Configure a VLAN interface (SVI) for each VLAN for which you want to route traffic, and assign it an IP address Configure the Switch port connected to the router as a VLAN trunk port Configure Layer 3 interfaces. Enable IP routing on the Layer 3 Switch or Router. Assign IP addresses to the Layer 3 interfaces. Enable selected routing protocols on the switch or router. Configure routing protocol parameters (optional, subjects to next Labs). Monitoring and Maintaining IP Addressing. 4. Configuring IP Addressing Assigning IP Addresses to Network Interfaces Manually Assigning IP Information on SVIs Configuring Address Resolution Methods (Optional) Enabling IP Unicast Routing Routing assistance when IP Routing is disabled (if needed) Configuring Broadcast Packet Handling (Optional) Monitoring and Maintaining IP Addressing a. Assigning IP Addresses to Network Interfaces Command Step 1 configure terminal Step 2 interface interface-id Step 3 no switchport Step 4 ip address ip-addresssubnetmask Step 5 no shutdown Step 6 end Step 7 show interfaces [interface-id] show ip interface [interface-id] Purpose Enter global configuration mode. Enter interface configuration mode, and specify the Layer 3 interface to configure. Remove the interface from Layer 2 configuration mode (if it is a physical interface). Configure the IP address and IP subnet mask. Enable the interface. Return to privileged EXEC mode. Verify your entries.

Computer Networks 2 Laboratories

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology show running-config interface [interface-id] Step 8 copy running-config startupconfig (Optional) Save your entries in the configuration file.

b. Manually Assigning IP Information on SVIs Command Step 1 Router#configure terminal Purpose Enters global configuration mode.

Step 2 Router(config)#interface vlan 1 Enters interface configuration mode, and enter the VLAN to which the IP information is assigned. VLAN 1 is the management VLAN, but you can configure any VLAN from IDs 1 to 1001. Step 3 Router(config)#ip address ipaddress subnet-mask Step 4 Router(config)#exit Step 5 Router#ip default-gateway ipaddress Step 6 Router#end Enters the IP address and subnet mask. Returns to global configuration mode. Enters the IP address of the default router. Returns to privileged EXEC mode.

c. Configuring Address Resolution Methods (Optional) Define a Static ARP Cache

Command Step 1 Step 2 configure terminal arp ip-address hardware-address type Purpose Enter global configuration mode. Globally associate an IP address with a MAC (hardware) address in the ARP cache, and specify encapsulation type as one of these: arpaARP encapsulation for Ethernet interfaces snapSubnetwork Address Protocol encapsulation for Token Ring and FDDI interfaces sapHP's ARP type Step 3 Step 4 arp ip-address hardware-address type[alias] interface interface-id (Optional) Specify that the switch respond to ARP requests as if it were the owner of the specified IP address. Enter interface configuration mode, and specify the interface to configure.

Computer Networks 2 Laboratories

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology
Step 5 arp timeout seconds (Optional) Set the length of time an ARP cache entry will stay in the cache. The default is 14400 seconds (4 hours). The range is 0 to 2147483 seconds. Return to privileged EXEC mode. Verify the type of ARP and the timeout value used on all interfaces or a specific interface. View the contents of the ARP cache.

Step 6 Step 7 Step 8

end show interfaces [interface-id] show arp or show ip arp

Step 9

copy running-config startup-config

(Optional) Save your entries in the configuration file.

Enable Proxy ARP

Command Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 configure terminal interface interface-id ip proxy-arp end show ip interface [interface-id] copy running-config startup-config Purpose Enter global configuration mode. Enter interface configuration mode, and specify the Layer 3 interface to configure. Enable proxy ARP on the interface. Return to privileged EXEC mode. Verify the configuration on the interface or all interfaces. (Optional) Save your entries in the configuration file.

d. Enabling IP Unicast Routing

By default, the switch is in Layer 2 switching mode and IP routing is disabled. To use the Layer 3 capabilities of the switch, you must enable IP routing.

Command Step 1 configure terminal Step 2 ip routing Step 3 router rip network 10.0.0.0

Purpose Enter global configuration mode. Enable IP routing. Specify an IP routing protocol. This step might include other commands, such as specifying the networks to route with the network (RIP) router configuration command. Note The IP base image supports only RIP as a routing protocol

Step 4 end

Return to privileged EXEC mode.

Computer Networks 2 Laboratories

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology Step 5 show running-config Step 6 copy running-config startupconfig Verify your entries. (Optional) Save your entries in the configuration file.

Routing Assistance When IP Routing is Disabled

Command Step 1 Step 2 Step 3 Step 4 Step 5 configure terminal ip default-gateway ip-address end show ip redirects copy running-config startup-config

Default Gateway
Purpose Enter global configuration mode. Set up a default gateway (router). Return to privileged EXEC mode. Display the address of the default gateway router to verify the setting. (Optional) Save your entries in the configuration file.

Command Step 1 Step 2 Step 3 Step 4

ICMP Router Discovery Protocol (IRDP) (Optional)

Purpose Enter global configuration mode. Enter interface configuration mode, and specify the Layer 3 interface to configure. Enable IRDP processing on the interface. (Optional) Send IRDP advertisements to the multicast address (224.0.0.1) instead of IP broadcasts. Note This command allows for compatibility with Sun Microsystems Solaris, which requires IRDP packets to be sent out as multicasts. Many implementations cannot receive these multicasts; ensure end-host ability before using this command.

configure terminal interface interface-id ip irdp ip irdp multicast

Step 5

ip irdp holdtime seconds

(Optional) Set the IRDP period for which advertisements are valid. The default is three times the maxadvertinterval value. It must be greater than maxadvertinterval and cannot be greater than 9000 seconds. If you change the maxadvertinterval value, this value also changes. (Optional) Set the IRDP maximum interval between advertisements. The default is 600 seconds. (Optional) Set the IRDP minimum interval between advertisements.

Step 6 Step 7

ip irdp maxadvertinterval seconds ip irdp minadvertinterval seconds

Computer Networks 2 Laboratories

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology
The default is 0.75 times the maxadvertinterval. If you change the maxadvertinterval, this value changes to the new default (0.75 of maxadvertinterval). Step 8 ip irdp preference number (Optional) Set a device IRDP preference level. The allowed range is -231 to 231. The default is 0. A higher value increases the router preference level. (Optional) Specify an IRDP address and preference to proxyadvertise. Return to privileged EXEC mode. Verify settings by displaying IRDP values. (Optional) Save your entries in the configuration file.

Step 9 Step 10 Step 11 Step 12

ip irdp address address [number] end show ip irdp copy running-config startup-config

Configuring Broadcast Packet Handling

Command Step 1 Step 2 Step 3 configure terminal interface interface-id ip directed-broadcast [access-listnumber]

Enabling Directed Broadcast-to-Physical Broadcast Translation

Purpose Enter global configuration mode. Enter interface configuration mode, and specify the interface to configure. Enable directed broadcast-to-physical broadcast translation on the interface. You can include an access list to control which broadcasts are forwarded. When an access list, only IP packets permitted by the access list can be translated Note The ip directed-broadcast interface configuration command can be configured on a VPN routing/forwarding(VRF) interface and is VRF-aware. Directed broadcast traffic is routed only within the VRF.

Step 4 Step 5

exit

Return to global configuration mode.

ip forward-protocol {udp [port] | nd | Specify which protocols and ports the router forwards when sdns} forwarding broadcast packets. udpForward UPD datagrams. port: (Optional) Destination port that controls which UDP services are forwarded. ndForward ND datagrams. sdnsForward SDNS datagrams

Step 6 Step 7

end show ip interface [interface-id] or

Return to privileged EXEC mode. Verify the configuration on the interface or all interfaces.

Computer Networks 2 Laboratories

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology
show running-config Step 8 copy running-config startup-config (Optional) Save your entries in the configuration file.

Command Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 configure terminal interface interface-id

Forwarding UDP Broadcast Packets and Protocols

Purpose Enter global configuration mode. Enter interface configuration mode, and specify the Layer 3 interface to configure. Enable forwarding and specify the destination address for forwarding UDP broadcast packets, including BOOTP. Return to global configuration mode.

ip helper-address address exit

ip forward-protocol {udp [port] | nd | Specify which protocols the router forwards when forwarding sdns} broadcast packets. end show ip interface [interface-id] or show running-config Return to privileged EXEC mode. Verify the configuration on the interface or all interfaces.

Step 8

copy running-config startup-config

(Optional) Save your entries in the configuration file.

Command Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 configure terminal interface interface-id

Establishing an IP Broadcast Address

Purpose Enter global configuration mode. Enter interface configuration mode, and specify the interface to configure. Enter a broadcast address different from the default, for example 128.1.255.255. Return to privileged EXEC mode. Verify the broadcast address on the interface or all interfaces. (Optional) Save your entries in the configuration file.

ip broadcast-address ip-address end show ip interface [interface-id] copy running-config startup-config

Monitoring and Maintaining IP Addressing

Purpose Clear the IP ARP cache and the fast-switching cache.

Command clear arp-cache

Computer Networks 2 Laboratories

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology
clear host {name | *} clear ip route {network[mask] |*} Remove one or all entries from the hostname and the address cache. Remove one or more routes from the IP routing table.

Command show arp show hosts

Purpose Display the entries in the ARP table. Display the default domain name, style of lookup service, name server hosts, and the cached list of hostnames and addresses. Display IP addresses mapped to TCP ports (aliases). Display the IP ARP cache. Display the IP status of interfaces. Display IRDP values. Display the masks used for network addresses and the number of subnets using each mask. Display the address of a default gateway. Display the current state of the routing table. Display the current state of the routing table in summary form.

show ip aliases show ip arp show ip interface [interface-id] show ip irdp show ip masks address show ip redirects show ip route [address [mask]] | [protocol] show ip route summary

Monitoring and Maintaining the IP Network Purpose Clear one or more routes from the IP routing table. Display the parameters and state of the active routing protocol process. Display the current state of the routing table. Display the current state of the routing table in summary form. Display supernets.

Command clear ip route {network [mask | *]} show ip protocols show ip route [address [mask] [longerprefixes]] | [protocol [process-id]] show ip route summary show ip route supernets-only

Computer Networks 2 Laboratories

10

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology show ip cache show route-map [map-name] Display the routing table used to switch IP traffic. Display all route maps configured or only the one specified.

Computer Networks 2 Laboratories

11

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology

III. Lab practice

1. Network Layout

Computer Networks 2 Laboratories

12

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology 2. Lab steps Reuse scheme of creating VLANs on Switch with the precedent Lab: CN2_Lab5 Note: To avoid the conflict of IP address from manual configuration once two groups connecting together, each group will take the host address from range .x1 .x9, where x is group number. Ex: group 5 will dispose hosts from .51 to .59. Configure VTP domain netlab (mode server, no password) on Switch and Switching Router. Verify your entries in the VTP Operating Mode and the VTP Domain Name fields of the display. Create 3 VLANs matching the LAN1 Layout configured on Switch 2960 and LAN2 Layout configured on Router: Grouping BSD hosts into the VLAN id=11, name=bsd, subnet=10.10.11.0/24 Grouping LINUX hosts into the VLAN id=12, name=linux, subnet=10.10.12.0/24 Grouping WINDOWS hosts into the VLAN id=13, name=windows, subnet=10.10.13.0/24 Assign Static-Access Ports to a VLAN, freely decided on Switch and Router. Change the IP configuration on PC to adapt the VLAN port assignment (admin privilege). Display and check the correctness of all VLAN Configuration. Connecting Switch to Router by a Trunk Link. Check the connectivity by pinging to the hosts in the same VLAN. Configuring IP routing consists of several main procedures: o Configure interfaces as Layer 3 interfaces (in Layer 3 Switch). o Enable IP routing on the Layer 3 Switch o Assign IP addresses to the Layer 3 interfaces and SVI for VLAN. o Configure another layer 3 ports on Layer 3 Switch (or Router) as Trunk port for connecting Switch of different groups to Router. o Configuring routing protocol on Router or Layer 3 Switch to support routing between VLANs (by enabling RIP) o Re-check the connectivity of two hosts of the same VLAN and between two hosts of different VLANs. o Trunking Switch to Switch with the neighbor group by setting one more port as trunk port. Check the connectivity. Reset all devices to factory default. Re-establish of normal IP configuration (all PCs take IP configuration from DHCP server)

IV.Result
Finish your work by reporting your network status and explaining your solution on place.

Computer Networks 2 Laboratories

13