Scenario1_LAN_Switching_V1.7.

pptx

HET424/HET708 Scenario 1 LAN Switching - V1.7

Network Topology

LAN C as Loopback Melbourne Router

OSPF SW/W DCE WAN D SX/X Sydney Router

Fa F 0/1 (default gateway)

Fa 0/1 (default gateway)

Corporate Network Address 152.10.0.0/22

Fa 0/1 Melbourne Switch Fa 0/24 LAN A Use Virtual Connection U Vi t l C ti Melbourne PC

Fa 0/1 Sydney Switch Fa 0/2 LAN B Use LAN Connection Sydney PC

Note: The Scenario should be started in the Lab using the Lab Kits. The Lab is a Packet Tracer free zone.
1

The Scenario Approach

The aim of this approach is to allow you to integrate the different topics (theory and practical) covered in the Unit, into building the network platform. Each scenario requires you to first build a working network then add new network network, services and functionality to the network platform. Is designed to be self re-enforcing as what you have learnt in previous scenarios is re-enforcing, required in future scenarios. Emphasizes a step-by-step procedure to building the network platform configure, test, step by step troubleshoot. This approach will p p pp prepare y well for the Skills Exam you

Scenario 1 -Tasks
1. 1 On each router ensure router config-register is set to 0x2142: router(config)# config-register 0x2142 , Why would you do this refer page 8 router, config register config register this, 2. Do not configure enable passwords OR line console passwords on router and switches, unless specified by the task 3. VLSM Design a) Design IP VLSM Addressing Scheme with subnets: LAN A 150 hosts, LAN B 100 hosts, LAN C 50 hosts, WAN D Serial link 2 hosts b) D Document assignment of ip addresses t router interfaces and PC H t t i t f i dd to t i t f d Hosts 4. Cable Connection a) Connect routers to switches b) Check routers are connected via serial link c) Connect PCs to switch ports according to the network topology diagram 5. Line Console Configuration Configure the line console on each router and switch, as shown below: line console 0 logging synchronous exec-timeout 0 0 6. Message of the Day (MOTD) Configuration Configure a MOTD, recording your name and student id, only on the Melbourne router, as shown below: banner motd & Welcome to Melbourne <Your Family Name> <Your Student Id> & 7. Network IP Address Configuration

a) Configure router interfaces with ip addresses b) Configure PC Hosts with specified i) IP address and subnet mask. ii) D f lt G t Default Gateway IP address. dd

Scenario 1 -Tasks
8. Trouble Shooting Point-to-Point Single Link Testing Point to Point a) This test is to check that each individual link in the network is working. b) Ping (command) - ensure you can ping from one end of each link to the other: PC to Router in same subnet (network). PC to PC in same subnet (network). Router t R t to each di t neighbour R t over a serial li k h direct i hb Router i l link. c) Link NOT working ? - Common problems: Physical connection not made. The clock rate is not configured on DCE interface of a serial link. An incorrect IP address or subnet mask is configured on one interface of a link The interface is shutdown. 9. Routing Protocol Configuration Configure OSPF on both Routers, advertise each subnet separately using wildcards 10. Trouble Shooting OSPF Neighbor Adjacency a) Verify that the routers have formed an adjacency with each other, use- show ip ospf neighbor b) If the router ID of the neighboring router is not displayed, or the state is not shown as FULL, the two routers have not formed an OSPF adjacency. This will stop link-state information from being exchanged , leading to inaccurate SPF trees and routing tables c) If an adjacency has not formed it could be due to: i) subnet masks on each end of link do not match ii) hello or dead timers do not match iii) there is a missing/incorrect OSPF network command d) Other trouble shooting commands: show ip protocols, show ip ospf, show ip ospf interface 11. Trouble Shooting End-to-End Path Testing a) Thi t t i t check th t th routing - static and dynamic, i working. ) This test is to h k that the ti t ti dd i is ki b) Ping from a PC Host to all other PC Hosts in the different subnets c) Use traceroute to pin point problems d) Check if a subnet is missing from a routing table, use - show ip route e) Common problems: Default gateway IP address not configured on a PC. PC connected to incorrect interface. 4

Scenario 1 -Tasks
12. Refer LabC3 2-1_2.5.1 Basic Switch Configuration P63 for Switch Configuration Commands 13. Switch Configuration On each Switch: a) Delete the vlan.dat file to remove old VLANs from the Switch, use - delete vlan.dat b) Create a new VLAN 99 ) c) Make VLAN 99 the Management VLAN d) Assign all ports to VLAN 99 e) Assign Interface VLAN99 an IP address for management purposes as required from LAN A or LAN B f) Set the default gateway (ip address on router Fa0/1) g) Configure enable password cisco and Line vty with password cisco and login so each switch can be configured via Telnet login, h) On Sydney Switch set Port Security mac address sticky on Fa 0/3 to 6, max 1, with violation protect (refer Switch Configuration) i) On Melbourne Switch set a static mac address on Fa 0/24 to the MAC address of the Melbourne PC Why would you do this ? 14. Trouble Shooting Port Security To check port security is enabled use - show port-security port security 15. Trouble Shooting Testing Switch Port Security a) Sydney Switch Move Sydney PC from Fa0/2 to Fa 0/3 switch port Ping d f lt t Pi default gateway to trigger mac address sticky t ti dd ti k Show run, to confirm mac address has stuck b) Sydney Switch Move Melbourne PC (and change its IP address accordingly) to Sydney Switch Fa 0/3 Ping default gateway from PC, What happens? Change port security to violation shutdown Ping default gateway from PC, What happens? show port-security, What information is provided? c) To re-activate a switch port - do a shutdown then a no shutdown on the port d) Telnet from Melbourne PC to each switch (interface VLAN99 IP address) to demonstrate remote configuration is possible

Scenario 1 - Submission and Completion

1. Scenarios can be completed individually or as a group 2. If a scenario is completed as a group, each member of the group must make a separate submission via Blackboard 3. Scenarios should be started in the lab using the lab kits. The Lab is a Packet Tracer free zone. 4. If you do not complete the scenario in the lab, you can take the configurations and complete the scenario using NetLab or Packet Tracer

5.Submission 5 Submission
Submit ONE file ONLY (each member of a group must make a separate submission) via Blackboard by Sunday 11.59pm 21/08/2011 (Please ensure you are using the Internet Explorer Browser when you are submitting !)
Two options: a) Configuration details (as one text file: s<Student Id>.txt) i) Routers - show run, show ip route, show ip interface brief, show access-lists ii) Switches show run, show vlan, show port-security, show vtp status b) Packet Tracer V5.3 file as s<Student Id>.pkt Note: Note No s bmissions will be will be accepted b email Can onl s bmit once submissions ill ill by email, only submit once.

Switch Configuration
Configure a switch port (or range of switch ports): interface fa 0/3 (or interface range fa 0/3 6) switchport access vlan <number> (assigns port to a vlan) it h t l b switchport mode access (sets port to access, for PCs) OR switchport mode trunk (sets port to trunk, for connection to a router or switch) switchport port-security (turns security on) switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation shutdown (default when turn security on) OR switchport port-security violation protect

Switch Commands
Managing the MAC Address Table show mac address-table (displays entries in
table)

show mac address-table dynamic (displays only dynamic entries in clear mac address-table (deletes all entries from table) l dd t bl

table)

clear mac address-table dynamic (deletes only dynamic entries from table)

By passing the startup-configuration on boot up

I would ask all students to change the configuration register on each router via: router(config)# config-register 0x2142 Example: ! Router configured with hostname Sydney Sydney# ! To change the router's register so that it bypasses the startup-configure config t Sydney(config)# config-register 0x2142 Sydney(config)#end ! To check that the register will be changed Sydney# show version ! When you turn off the router, the next time it is turned on it will b Wh t ff th t th t ti i t d ill bypass startup-configure an will b t t t fi ill bootup un-configured eg fi d router> ! To reload startup-configure from NVRAM, if you DO want to use it router>enable router# # router#copy startup-configure running-configure Sydney# ! Changing the config register will ensure that from then on the router will bypass the startup-configuration on boot up. ! This means you will not have to first erase someone else's config or do a password recovery, saving time and hassle. ! However you can still get the startup configuration if you want to use it.