SlideShare uma empresa Scribd logo

Uccn1003 -may10_-_lab_05_-_vlan_and_vtp-updated-14.7.2010

Shu Shin
Shu Shin
1 de 14
Baixar para ler offline
UCCN1003 Data Communications and Networks Lab 05: Virtual LAN (VLAN) and VLAN Trunking Protocol (VTP) Instructions: 1. Read the “Introduction” section for the background. 2. Perform all the lab exercises, starting with exercise 1. 3. Follow all the steps. 4. Record the results in all italic bold actions (by screen capture or copying). 5. Paste your screen captures on a Word Document and save it. 6. Answer all the questions in italic. 7. Write your answer in the same Word Document. 8. Please follow the sequence of the exercises, and don’t skip any step. 9. Please keep your word document. You will need it for your tests and exam. 10. Please try to understand the exercises and the commands, and don’t just type the commands “blindly” without much studies and understanding. Introduction to VLAN and VTP This lab introduces the configuration for Cisco managed switch. One of the major function provided by managed switch is the configuration of virtual LAN. A virtual LAN, commonly known as a VLAN, is a group of hosts with a common set of requirements that communicate as if they were attached to the “broadcast domain”, regardless of their physical location. A VLAN has the same attributes as a physical LAN, but it allows for end stations to be grouped together even if they are not located on the same network switch. Network reconfiguration can be done through software instead of physically relocating devices. VLANs are created to provide the segmentation services traditionally provided by routers in LAN configurations. VLANs address issues such as scalability, security, and network management. Routers in VLAN topologies provide broadcast filtering, security, address summarization, and traffic flow management. By definition, switches may not bridge IP traffic between VLANs as it would violate the integrity of the VLAN broadcast domain. VLAN Trunking Protocol (VTP) is a Cisco proprietary Layer 2 messaging protocol that manages the addition, deletion, and renaming of Virtual Local Area Networks (VLAN) on a network-wide basis. Cisco's VLAN Trunk Protocol reduces administration in a switched network. When a new VLAN is configured on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere. Exercise 1: Some Introductory Switch Commands 1
A managed switch, such as Cisco 2950 and 2960 series switch, can be configured to suit certain LAN requirement. 1. Drag a Cisco 2960 switch (not 2950-24) and a PC into the Packet Tracer workspace. 2. Connect a rollover cable between PC0 (RS-232) and Swich0 (console port). 3. Double click on PC0, click on “Desktop” tab, and then click on “Terminal”. Set the parameters as the following figure and click “OK”. 4. Again, this is to remind you that, as in router, CLI tab of switch does not exist in the real world. To configure a managed switch such Cisco 2960, you have to use Hyperterminal (or similar software) to access the switch console port with a rollover cable. Now, you are ready for some basic switch commands 2
5. Some of the switch commands are quite similar to the router commands. Please try out some of the following commands. Switch>en Switch#show flash: Switch#show version Switch#show run Switch#show history 6. As in router, you can also put the “enable” password in the switch. Switch#conf t Switch(config)#hostname Switch0 Switch0(config)#enable password uccn1003 Switch0(config)#exit Switch0#disable Switch0>en Password: (type in “uccn1003”) Switch0#show run Exercise 2: Checking MAC Address Table 1. Connect 4 PCs to Switch0 as shown in the following figure. Connect PC1 to Fa0/1 of Switch0. Then connect PC2 to Fa0/2. Connect PC3 to Fa0/3 and PC4 to Fa0/4. Set the IP address and subnet mask to PCs according to the figure. 3
2. Type the following commands in Switch0. What do you observe? Switch0#clear mac-address-table Switch0#show mac-address-table 3. Ping all other PCs from PC1. If the pings are not successful, troubleshoot the network. If the pings are successful, type “show mac-address-table” at Switch0 again. What do you observe this time? Switch0#show mac-address-table 4. Now check the MAC addresses of all the PCs and compare the MAC addresses with the MAC addresses of the MAC table of Switch0. Do the MAC addresses match with switch ports? PC>ipconfig /all Exercise 3: Configuring Static VLANs If you create 2 VLANs within a managed switch, you have actually two LANs that do not communicate with each other though 2 LANs share the same switch physically. 1. Type the following command to check the current status of VLANs in Switch0. Switch0#show vlan 2. Type the following to create two VLANs with names. Switch0#config t Switch0(config)#vlan 2 Switch0(config-vlan)#name Finance Switch0(config-vlan)#exit 4
Switch0(config)#vlan 3 Switch0(config-vlan)#name Marketing Switch0(config-vlan)#exit Switch0(config)#exit 3. Type the following commands in Switch0 and compare the output with ex3.1. You should observe the two “new” VLANs. Switch0#show vlan 4. Assign switch port fa0/1 and fa0/2 to VLAN 2 by typing the following commands. Switch0#config t Switch0(config)#int fa0/1 Switch0(config-if)#switchport access vlan 2 Switch0(config-if)#exit Switch0(config)#int fa0/2 Switch0(config-if)#switchport access vlan 2 Switch0(config-if)#exit 5. Type “show vlan” again. Recording the difference. 6. If you feel that assigning switch ports one by one to a particular VLAN is rather tedious and inconvenient. The following commands provide “batch assigning” of switch ports to a particular VLAN. We assign Fa0/3 to Fa0/5 to VLAN 3. Switch0(config)#int range fa0/3–5 Switch0(config-if-range)#switchport access vlan 3 Switch0(config-if-range)#end 5
7. Type “show vlan” again. Recording the difference. You should observe that various switch ports have been assigned to VLAN 2 and VLAN 3. 8. Ping all other PCs with PC1. Do you successfully ping all the PCs? If not, use PC3 to ping all other PCs too. What have you noticed with the pings? 9. Type “show mac-address-table” to check the status of MAC address table. Switch0#show mac-address-table Exercise 4: Routing between VLANs You need a router for the VLANs to communicate with each other. However, to do that, we have to make a few changes to the original configuration. Please note that routing of VLANs DO NOT VIOLATE the subnet rules. On the contrary, VLANs follow all the subnet rules. 1. Drag a Cisco 2811 router into the workspace. Connect Fa0/1 of Router0 to Fa0/5 of Switch0. Then, connect Fa0/0 of Router0 to Fa0/6 of Switch0. 2. Set switch Fa0/6 of Switch0 to VLAN 2 (from VLAN 1). Now Fa0/1, Fa0/2, and Fa0/6 belong to VLAN 2. Fa0/5 of Switch0 has already been set to VLAN 3. Switch0#config t Switch0(config)#int fa0/6 Switch0(config-if)#switchport access vlan 2 Switch0(config-if)#exit 6
3. Change the IP address of PC3 to 192.168.2.3, and the IP of PC4 to 192.168.2.4. Set the default gateway of both PCs to 192.168.2.254. (Note: We have to change the IP addresses of PC3 and PC4 so that they have a different network ID as compared to PC1 and PC2. Remember the subnet rule that stated clearly that router won’t accept IP address of different router ports with the same network ID). 4. Also, set the default gateway of PC1 and PC2 to 192.168.1.254. 5. For Router0, set the IP of Fa0/1 to 192.168.2.254. Set the IP of Fa0/0 to 192.168.1.254. 6. Use PC1 to ping all other PCs. You should be able to ping them. If not, please troubleshoot the network. Exercise 5: Routing with Trunking Mode Instead of connecting 2 cables from Switch0 to the router, we will use only 1 cable to connect between Switch0 and router. By using a special “trunk”, we are able to “link” all the VLANs to the router with just 1 cable. You can imagine a “trunk” as a big pipe loaded with a few Ethernet cables. 1. Erase the two cables connecting between Switch0 and Router0. 2. Connect Fa0/24 of Switch0 to Fa0/0 of Router0 3. Change Fa0/5 and Fa0/6 of Switch0 back to VLAN 1. Use “show vlan brief” to check and to make sure these two switch ports have been assigned to VLAN 1. Switch0(config)#int range fa 0/5 – 6 Switch0(config-range)#switchport access vlan 1 Switch0(config-range)#end 7
Switch0#show vlan brief 4. In Router0, type the following command to “clean up” the IP addresses. Router(config)#int fa0/0 Router(config-if)#no ip addr Router(config-if)#int fa0/1 Router(config-if)#no ip addr Router(config-if)#exit 5. Now, we need to set the connection between Switch0 and Router0 to trunk mode. It comes in two parts: the switch and the router. 6. In Switch0, type the following command to turn Fa0/24 into trunk mode. Switch0#conf t Switch0(config)#int fa0/24 Switch0(config-if)#switchport mode trunk Switch0(config-if)#exit 7. At Router0, type in the following commands. Router#config t Router(config)#int fa0/0 Router(config-if)#no shutdown Router(config-if)#int fa0/0.1 Router(config-subif)#encapsulation dot1q 2 Router(config-subif)#ip address 192.168.1.254 255.255.255.0 Router(config-subif)#int fa0/0.2 Router(config-subif)#encapsulation dot1q 3 Router(config-subif)#ip address 192.168.2.254 255.255.255.0 Router(config-subif)#end Router#show run 8. Explanation for the router commands: i) “int fa0/0.1” and “int fa0/0.2” = sub-interfaces of the physical port “fa0/0”. One physical port can have many sub-interfaces (e.g “int fa0/0.3” to “int fa0/0.100”). ii) “encapsulation dot1q 3” = “encapsulation dot1q” is the command for the special trunking mode in router. “3” = VLAN number. iii) Since we have two “virtual” cable in 1 physical cable, we still require two gateway IP addresses for two VLANs. 9. Use PC1 to ping all other PCs. PC1 should be able to ping all other PCs. If not, please troubleshoot the network. 10. After you have successfully ping all the PCs. Type “show mac-address-table” to examine the status of the MAC address table of Switch0. 8
Switch0#show mac-address-table Exercise 6: Integrated VLAN with other Switches We use 2 switches to form an integrated VLAN 2 and VLAN 3. 1. Add another switch (2960) to the network according to the above diagram. (Note: Though Router0 has been moved, the function still remains as in Exercise 5). 2. Connect Gig1/1 (GigabitEthernet, 1000Mbps) of Switch0 to Gig1/1 of Switch1. Connect PC5 to Fa0/12 of Switch1. Connect PC6 to Fa0/13 of Switch1. (Note: We can connect a trunk between the FastEthernet ports of two switches. However, GigabitEthernet ports provide better bandwidth for a trunk.) 3. Set the IP address, subnet mask, and gateway IP of PC5 and PC6. 4. Set Gig1/1 of both Switch1 and Switch0 to trunk mode. As in the trunk of Switch0 and Router0. This trunk of Switch0 and Switch1 will act like a “big” pipe that carries a few virtual cables for the VLANs. Switch0#conf t Switch0(config)#int gig1/1 Switch0(config-if)#switchport mode trunk Switch0(config-if)#exit switch#conf t switch(config)#hostname Switch1 Switch1(config)#int gig1/1 9
Switch1(config-if)#switchport mode trunk Switch1(config-if)#exit 5. Set VLAN 2 and VLAN 3 in Switch1. Set the Fa0/12 to VLAN 2 and Fa0/13 to VLAN 3. Type “show vlan brief” to check whether the VLANs and the port assignment have been done properly. Switch1#conf t Switch1(config)#vlan 2 Switch1(config-vlan)#exit Switch1(config)#vlan 3 Switch1(config-vlan)#exit Switch1(config)#int fa0/12 Switch1(config-if)#switchport access VLAN 2 Switch1(config-if)#exit Switch1(config)#int fa0/13 Switch1(config-if)#switchport access VLAN 3 Switch1(config-if)#end Switch1#show vlan brief 6. Use PC5 to ping all other PCs. PC5 should be able to ping all other PCs. If not, please troubleshoot the network. 7. Use the “simulation mode” (as shown in the following figure) to trace how the ICMP data packet travel from PC6 to PC5. Exercise 7: VLAN Trunking Protocol (VTP) 10
VTP is a Cisco proprietary Layer 2 messaging protocol that manages the addition, deletion, and renaming of Virtual Local Area Networks (VLAN) on a network-wide basis. Which means if you add (or delete or rename) a VLAN in a switch, and every other switch will have the new VLAN. Without VTP, the addition and deletion of VLAN have to be done one switch by one switch. VTP only works with switches linking together via trunk mode. 1. Add a third switch (2960) to the network according to the above diagram. (Note: Though PC6 has been moved, the function still remains as in Exercise 6). 2. Connect Gig1/2 of Switch1 to Gig1/2 of Switch2. Connect PC7 to Fa0/20 of Switch1. Connect PC8 to Fa0/2 of Switch2. Connect PC9 to Fa0/10 of Switch2. 3. Set Gig1/2 of Switch1 and Switch2 to trunk mode. 4. Set the IP address of PC7 and PC9 according to the above figure. Put the gateway IP of PC7 and PC9 to be 192.168.10.254. Set IP address and gateway IP of PC8 too. 5. Check the VLAN status of three switches (“show vlan brief”) and make a record. Switch0#show vlan brief Switch1#show vlan brief Switch2#show vlan brief 6. Check the VTP status of three switches and make a record. Switch0#show vtp status 11
Switch1#show vtp status Switch2#show vtp status 7. Set VTP client and VTP domain name in Switch2. (Note: A VTP client in a particular domain can’t add, delete or rename VLAN. Only a VTP server of the domain can perform the task of adding, deleting and renaming VLAN. VTP clients just “follow” VTP server of the same domain. Same domain means both VTP server and VTP client must have the same VTP domain name.) Switch2#conf t Switch2(config)#vtp mode client Switch2(config)#vtp domain uccn1003 8. Set VTP client and VTP domain name in Switch1. Switch1#conf t Switch1(config)#vtp mode client Switch1(config)#vtp domain uccn1003 9. Set VTP server and VTP domain name in Switch0. (Note: Switch0 may have automatically been set to domain uccn1003. Please type the commands just to make sure…) Switch0#conf t Switch0(config)#vtp mode server Switch0(config)#vtp domain uccn1003 10. Check the VLAN status of three switches (“show vlan brief”) and make a record. Compare this record with the record you have made in ex7.5. Switch0#show vlan brief Switch1#show vlan brief Switch2#show vlan brief 11. You should have notice that Switch1 and Switch2 have the “additional” VLAN (VLAN 2 and VLAN 3) as in Switch0. However, the “switch port assignment” is different. (Please note that VTP does not perform the switch port assignment to VLAN for you. VTP ONLY perform addition, deletion, and rename of VLAN, NOT switch port assignment). 12. Add VLAN 10 and VLAN 20 to Switch0. Switch0#conf t Switch0(config)#vlan 10 Switch0(config-vlan)#exit Switch0(config)#vlan 20 Switch0(config-vlan)#end 12
13. Check the VLAN status of three switches again. Switch0#show vlan brief Switch1#show vlan brief Switch2#show vlan brief 14. Delete VLAN 20 and rename VLAN 10 to “Technical”. Switch0#conf t Switch0(config)#no VLAN 20 Switch0(config)#vlan 10 Switch0(config-vlan)#name Technical Switch0(config-vlan)#end 15. Check the VLAN status of three switches again. VLAN 20 should be deleted and the name VLAN 10 has been changed to “Technical” for all three switches. Switch0#show vlan brief Switch1#show vlan brief Switch2#show vlan brief 16. Assign Fa0/20 of Switch1 to VLAN 10. Switch1#conf t Switch1(config)#int fa0/20 Switch1(config-if)#switchport access vlan 10 Switch1(config-if)#end Switch1#show vlan brief 17. Assign Fa0/2 of Switch2 to VLAN 2. Assign Fa0/10 of Switch2 to VLAN 10 Switch2#conf t Switch2(config)#int fa0/2 Switch2(config-if)#switchport access vlan 2 Switch2(config-if)#exit Switch2(config)#int fa0/10 Switch2(config-if)#switchport access vlan 10 Switch2(config-if)#end Switch2#show vlan brief 18. VLAN 10 is still unknown to Router0. Type in the following commands in Router0 so that VLAN 10 will have the gateway IP in Router0. Router#config t 13
Router(config)#int fa0/0.3 Router(config-subif)#encapsulation dot1q 10 Router(config-subif)#ip address 192.168.10.254 255.255.255.0 Router(config-subif)#end Router#show ip int brief 8. Use PC9 to ping all other PCs. PC9 should be able to ping all other PCs. If not, please troubleshoot the network. 9. Use the “simulation mode” to trace how the ICMP data packet travel from PC9 to PC8. Exercise 8: VLAN Routing with 2 Routers (Homework) Build and configure the following network so that PC13 can ping any PC in the network (Add on top of what you have finished in Exercise 7). Use RIP for dynamic routing. Configure the appropriate gateway IP, VLANs, trunking, and subnets based on your own design choice, if it is not indicated in the following figure. 14

Recomendados

Uccn1003 -may2010_-_mid_term_01_-_part1of2
Uccn1003 -may2010_-_mid_term_01_-_part1of2Uccn1003 -may2010_-_mid_term_01_-_part1of2
Uccn1003 -may2010_-_mid_term_01_-_part1of2Shu Shin
 
Acc week 5 a
Acc week 5 aAcc week 5 a
Acc week 5 aShu Shin
 
Cp web sitedesigndoc
Cp web sitedesigndocCp web sitedesigndoc
Cp web sitedesigndocShu Shin
 
Uccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressing
Uccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressingUccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressing
Uccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressingShu Shin
 
02 Information System Security
02 Information System Security02 Information System Security
02 Information System SecurityShu Shin
 
Information System Security introduction
Information System Security introductionInformation System Security introduction
Information System Security introductionShu Shin
 
Chap12 part 1_
Chap12 part 1_Chap12 part 1_
Chap12 part 1_Shu Shin
 
Chap11
Chap11Chap11
Chap11Shu Shin
 

Recomendados

Uccn1003 -may2010_-_mid_term_01_-_part1of2
Uccn1003 -may2010_-_mid_term_01_-_part1of2Uccn1003 -may2010_-_mid_term_01_-_part1of2
Uccn1003 -may2010_-_mid_term_01_-_part1of2Shu Shin
 
Acc week 5 a
Acc week 5 aAcc week 5 a
Acc week 5 aShu Shin
 
Cp web sitedesigndoc
Cp web sitedesigndocCp web sitedesigndoc
Cp web sitedesigndocShu Shin
 
Uccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressing
Uccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressingUccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressing
Uccn1003 -may10_-_lect01b_-_intro_to_network_devices_addressingShu Shin
 
02 Information System Security
02 Information System Security02 Information System Security
02 Information System SecurityShu Shin
 
Information System Security introduction
Information System Security introductionInformation System Security introduction
Information System Security introductionShu Shin
 
Chap12 part 1_
Chap12 part 1_Chap12 part 1_
Chap12 part 1_Shu Shin
 
Chap11
Chap11Chap11
Chap11Shu Shin
 
Chap10
Chap10Chap10
Chap10Shu Shin
 
Chap9
Chap9Chap9
Chap9Shu Shin
 
Chap8
Chap8Chap8
Chap8Shu Shin
 
Chap7
Chap7Chap7
Chap7Shu Shin
 
Chap6
Chap6Chap6
Chap6Shu Shin
 
Chap5
Chap5Chap5
Chap5Shu Shin
 
Chap4
Chap4Chap4
Chap4Shu Shin
 
Chap3
Chap3Chap3
Chap3Shu Shin
 
Chap2
Chap2Chap2
Chap2Shu Shin
 
Chap1
Chap1Chap1
Chap1Shu Shin
 
Chap13
Chap13Chap13
Chap13Shu Shin
 
Chap13
Chap13Chap13
Chap13Shu Shin
 
Chap11
Chap11Chap11
Chap11Shu Shin
 
Chap10
Chap10Chap10
Chap10Shu Shin
 
Chap9
Chap9Chap9
Chap9Shu Shin
 
Chap7
Chap7Chap7
Chap7Shu Shin
 
Chap6
Chap6Chap6
Chap6Shu Shin
 
Chap5
Chap5Chap5
Chap5Shu Shin
 
Chap4
Chap4Chap4
Chap4Shu Shin
 
Chap3
Chap3Chap3
Chap3Shu Shin
 

Mais conteúdo relacionado

Mais de Shu Shin

Mais de Shu Shin (20)

Chap10
Chap10Chap10
Chap10
 
Chap9
Chap9Chap9
Chap9
 
Chap8
Chap8Chap8
Chap8
 
Chap7
Chap7Chap7
Chap7
 
Chap6
Chap6Chap6
Chap6
 
Chap5
Chap5Chap5
Chap5
 
Chap4
Chap4Chap4
Chap4
 
Chap3
Chap3Chap3
Chap3
 
Chap2
Chap2Chap2
Chap2
 
Chap1
Chap1Chap1
Chap1
 
Chap13
Chap13Chap13
Chap13
 
Chap13
Chap13Chap13
Chap13
 
Chap11
Chap11Chap11
Chap11
 
Chap10
Chap10Chap10
Chap10
 
Chap9
Chap9Chap9
Chap9
 
Chap7
Chap7Chap7
Chap7
 
Chap6
Chap6Chap6
Chap6
 
Chap5
Chap5Chap5
Chap5
 
Chap4
Chap4Chap4
Chap4
 
Chap3
Chap3Chap3
Chap3
 

Uccn1003 -may10_-_lab_05_-_vlan_and_vtp-updated-14.7.2010

  • 1. UCCN1003 Data Communications and Networks Lab 05: Virtual LAN (VLAN) and VLAN Trunking Protocol (VTP) Instructions: 1. Read the “Introduction” section for the background. 2. Perform all the lab exercises, starting with exercise 1. 3. Follow all the steps. 4. Record the results in all italic bold actions (by screen capture or copying). 5. Paste your screen captures on a Word Document and save it. 6. Answer all the questions in italic. 7. Write your answer in the same Word Document. 8. Please follow the sequence of the exercises, and don’t skip any step. 9. Please keep your word document. You will need it for your tests and exam. 10. Please try to understand the exercises and the commands, and don’t just type the commands “blindly” without much studies and understanding. Introduction to VLAN and VTP This lab introduces the configuration for Cisco managed switch. One of the major function provided by managed switch is the configuration of virtual LAN. A virtual LAN, commonly known as a VLAN, is a group of hosts with a common set of requirements that communicate as if they were attached to the “broadcast domain”, regardless of their physical location. A VLAN has the same attributes as a physical LAN, but it allows for end stations to be grouped together even if they are not located on the same network switch. Network reconfiguration can be done through software instead of physically relocating devices. VLANs are created to provide the segmentation services traditionally provided by routers in LAN configurations. VLANs address issues such as scalability, security, and network management. Routers in VLAN topologies provide broadcast filtering, security, address summarization, and traffic flow management. By definition, switches may not bridge IP traffic between VLANs as it would violate the integrity of the VLAN broadcast domain. VLAN Trunking Protocol (VTP) is a Cisco proprietary Layer 2 messaging protocol that manages the addition, deletion, and renaming of Virtual Local Area Networks (VLAN) on a network-wide basis. Cisco's VLAN Trunk Protocol reduces administration in a switched network. When a new VLAN is configured on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere. Exercise 1: Some Introductory Switch Commands 1
  • 2. A managed switch, such as Cisco 2950 and 2960 series switch, can be configured to suit certain LAN requirement. 1. Drag a Cisco 2960 switch (not 2950-24) and a PC into the Packet Tracer workspace. 2. Connect a rollover cable between PC0 (RS-232) and Swich0 (console port). 3. Double click on PC0, click on “Desktop” tab, and then click on “Terminal”. Set the parameters as the following figure and click “OK”. 4. Again, this is to remind you that, as in router, CLI tab of switch does not exist in the real world. To configure a managed switch such Cisco 2960, you have to use Hyperterminal (or similar software) to access the switch console port with a rollover cable. Now, you are ready for some basic switch commands 2
  • 3. 5. Some of the switch commands are quite similar to the router commands. Please try out some of the following commands. Switch>en Switch#show flash: Switch#show version Switch#show run Switch#show history 6. As in router, you can also put the “enable” password in the switch. Switch#conf t Switch(config)#hostname Switch0 Switch0(config)#enable password uccn1003 Switch0(config)#exit Switch0#disable Switch0>en Password: (type in “uccn1003”) Switch0#show run Exercise 2: Checking MAC Address Table 1. Connect 4 PCs to Switch0 as shown in the following figure. Connect PC1 to Fa0/1 of Switch0. Then connect PC2 to Fa0/2. Connect PC3 to Fa0/3 and PC4 to Fa0/4. Set the IP address and subnet mask to PCs according to the figure. 3
  • 4. 2. Type the following commands in Switch0. What do you observe? Switch0#clear mac-address-table Switch0#show mac-address-table 3. Ping all other PCs from PC1. If the pings are not successful, troubleshoot the network. If the pings are successful, type “show mac-address-table” at Switch0 again. What do you observe this time? Switch0#show mac-address-table 4. Now check the MAC addresses of all the PCs and compare the MAC addresses with the MAC addresses of the MAC table of Switch0. Do the MAC addresses match with switch ports? PC>ipconfig /all Exercise 3: Configuring Static VLANs If you create 2 VLANs within a managed switch, you have actually two LANs that do not communicate with each other though 2 LANs share the same switch physically. 1. Type the following command to check the current status of VLANs in Switch0. Switch0#show vlan 2. Type the following to create two VLANs with names. Switch0#config t Switch0(config)#vlan 2 Switch0(config-vlan)#name Finance Switch0(config-vlan)#exit 4
  • 5. Switch0(config)#vlan 3 Switch0(config-vlan)#name Marketing Switch0(config-vlan)#exit Switch0(config)#exit 3. Type the following commands in Switch0 and compare the output with ex3.1. You should observe the two “new” VLANs. Switch0#show vlan 4. Assign switch port fa0/1 and fa0/2 to VLAN 2 by typing the following commands. Switch0#config t Switch0(config)#int fa0/1 Switch0(config-if)#switchport access vlan 2 Switch0(config-if)#exit Switch0(config)#int fa0/2 Switch0(config-if)#switchport access vlan 2 Switch0(config-if)#exit 5. Type “show vlan” again. Recording the difference. 6. If you feel that assigning switch ports one by one to a particular VLAN is rather tedious and inconvenient. The following commands provide “batch assigning” of switch ports to a particular VLAN. We assign Fa0/3 to Fa0/5 to VLAN 3. Switch0(config)#int range fa0/3–5 Switch0(config-if-range)#switchport access vlan 3 Switch0(config-if-range)#end 5
  • 6. 7. Type “show vlan” again. Recording the difference. You should observe that various switch ports have been assigned to VLAN 2 and VLAN 3. 8. Ping all other PCs with PC1. Do you successfully ping all the PCs? If not, use PC3 to ping all other PCs too. What have you noticed with the pings? 9. Type “show mac-address-table” to check the status of MAC address table. Switch0#show mac-address-table Exercise 4: Routing between VLANs You need a router for the VLANs to communicate with each other. However, to do that, we have to make a few changes to the original configuration. Please note that routing of VLANs DO NOT VIOLATE the subnet rules. On the contrary, VLANs follow all the subnet rules. 1. Drag a Cisco 2811 router into the workspace. Connect Fa0/1 of Router0 to Fa0/5 of Switch0. Then, connect Fa0/0 of Router0 to Fa0/6 of Switch0. 2. Set switch Fa0/6 of Switch0 to VLAN 2 (from VLAN 1). Now Fa0/1, Fa0/2, and Fa0/6 belong to VLAN 2. Fa0/5 of Switch0 has already been set to VLAN 3. Switch0#config t Switch0(config)#int fa0/6 Switch0(config-if)#switchport access vlan 2 Switch0(config-if)#exit 6
  • 7. 3. Change the IP address of PC3 to 192.168.2.3, and the IP of PC4 to 192.168.2.4. Set the default gateway of both PCs to 192.168.2.254. (Note: We have to change the IP addresses of PC3 and PC4 so that they have a different network ID as compared to PC1 and PC2. Remember the subnet rule that stated clearly that router won’t accept IP address of different router ports with the same network ID). 4. Also, set the default gateway of PC1 and PC2 to 192.168.1.254. 5. For Router0, set the IP of Fa0/1 to 192.168.2.254. Set the IP of Fa0/0 to 192.168.1.254. 6. Use PC1 to ping all other PCs. You should be able to ping them. If not, please troubleshoot the network. Exercise 5: Routing with Trunking Mode Instead of connecting 2 cables from Switch0 to the router, we will use only 1 cable to connect between Switch0 and router. By using a special “trunk”, we are able to “link” all the VLANs to the router with just 1 cable. You can imagine a “trunk” as a big pipe loaded with a few Ethernet cables. 1. Erase the two cables connecting between Switch0 and Router0. 2. Connect Fa0/24 of Switch0 to Fa0/0 of Router0 3. Change Fa0/5 and Fa0/6 of Switch0 back to VLAN 1. Use “show vlan brief” to check and to make sure these two switch ports have been assigned to VLAN 1. Switch0(config)#int range fa 0/5 – 6 Switch0(config-range)#switchport access vlan 1 Switch0(config-range)#end 7
  • 8. Switch0#show vlan brief 4. In Router0, type the following command to “clean up” the IP addresses. Router(config)#int fa0/0 Router(config-if)#no ip addr Router(config-if)#int fa0/1 Router(config-if)#no ip addr Router(config-if)#exit 5. Now, we need to set the connection between Switch0 and Router0 to trunk mode. It comes in two parts: the switch and the router. 6. In Switch0, type the following command to turn Fa0/24 into trunk mode. Switch0#conf t Switch0(config)#int fa0/24 Switch0(config-if)#switchport mode trunk Switch0(config-if)#exit 7. At Router0, type in the following commands. Router#config t Router(config)#int fa0/0 Router(config-if)#no shutdown Router(config-if)#int fa0/0.1 Router(config-subif)#encapsulation dot1q 2 Router(config-subif)#ip address 192.168.1.254 255.255.255.0 Router(config-subif)#int fa0/0.2 Router(config-subif)#encapsulation dot1q 3 Router(config-subif)#ip address 192.168.2.254 255.255.255.0 Router(config-subif)#end Router#show run 8. Explanation for the router commands: i) “int fa0/0.1” and “int fa0/0.2” = sub-interfaces of the physical port “fa0/0”. One physical port can have many sub-interfaces (e.g “int fa0/0.3” to “int fa0/0.100”). ii) “encapsulation dot1q 3” = “encapsulation dot1q” is the command for the special trunking mode in router. “3” = VLAN number. iii) Since we have two “virtual” cable in 1 physical cable, we still require two gateway IP addresses for two VLANs. 9. Use PC1 to ping all other PCs. PC1 should be able to ping all other PCs. If not, please troubleshoot the network. 10. After you have successfully ping all the PCs. Type “show mac-address-table” to examine the status of the MAC address table of Switch0. 8
  • 9. Switch0#show mac-address-table Exercise 6: Integrated VLAN with other Switches We use 2 switches to form an integrated VLAN 2 and VLAN 3. 1. Add another switch (2960) to the network according to the above diagram. (Note: Though Router0 has been moved, the function still remains as in Exercise 5). 2. Connect Gig1/1 (GigabitEthernet, 1000Mbps) of Switch0 to Gig1/1 of Switch1. Connect PC5 to Fa0/12 of Switch1. Connect PC6 to Fa0/13 of Switch1. (Note: We can connect a trunk between the FastEthernet ports of two switches. However, GigabitEthernet ports provide better bandwidth for a trunk.) 3. Set the IP address, subnet mask, and gateway IP of PC5 and PC6. 4. Set Gig1/1 of both Switch1 and Switch0 to trunk mode. As in the trunk of Switch0 and Router0. This trunk of Switch0 and Switch1 will act like a “big” pipe that carries a few virtual cables for the VLANs. Switch0#conf t Switch0(config)#int gig1/1 Switch0(config-if)#switchport mode trunk Switch0(config-if)#exit switch#conf t switch(config)#hostname Switch1 Switch1(config)#int gig1/1 9
  • 10. Switch1(config-if)#switchport mode trunk Switch1(config-if)#exit 5. Set VLAN 2 and VLAN 3 in Switch1. Set the Fa0/12 to VLAN 2 and Fa0/13 to VLAN 3. Type “show vlan brief” to check whether the VLANs and the port assignment have been done properly. Switch1#conf t Switch1(config)#vlan 2 Switch1(config-vlan)#exit Switch1(config)#vlan 3 Switch1(config-vlan)#exit Switch1(config)#int fa0/12 Switch1(config-if)#switchport access VLAN 2 Switch1(config-if)#exit Switch1(config)#int fa0/13 Switch1(config-if)#switchport access VLAN 3 Switch1(config-if)#end Switch1#show vlan brief 6. Use PC5 to ping all other PCs. PC5 should be able to ping all other PCs. If not, please troubleshoot the network. 7. Use the “simulation mode” (as shown in the following figure) to trace how the ICMP data packet travel from PC6 to PC5. Exercise 7: VLAN Trunking Protocol (VTP) 10
  • 11. VTP is a Cisco proprietary Layer 2 messaging protocol that manages the addition, deletion, and renaming of Virtual Local Area Networks (VLAN) on a network-wide basis. Which means if you add (or delete or rename) a VLAN in a switch, and every other switch will have the new VLAN. Without VTP, the addition and deletion of VLAN have to be done one switch by one switch. VTP only works with switches linking together via trunk mode. 1. Add a third switch (2960) to the network according to the above diagram. (Note: Though PC6 has been moved, the function still remains as in Exercise 6). 2. Connect Gig1/2 of Switch1 to Gig1/2 of Switch2. Connect PC7 to Fa0/20 of Switch1. Connect PC8 to Fa0/2 of Switch2. Connect PC9 to Fa0/10 of Switch2. 3. Set Gig1/2 of Switch1 and Switch2 to trunk mode. 4. Set the IP address of PC7 and PC9 according to the above figure. Put the gateway IP of PC7 and PC9 to be 192.168.10.254. Set IP address and gateway IP of PC8 too. 5. Check the VLAN status of three switches (“show vlan brief”) and make a record. Switch0#show vlan brief Switch1#show vlan brief Switch2#show vlan brief 6. Check the VTP status of three switches and make a record. Switch0#show vtp status 11
  • 12. Switch1#show vtp status Switch2#show vtp status 7. Set VTP client and VTP domain name in Switch2. (Note: A VTP client in a particular domain can’t add, delete or rename VLAN. Only a VTP server of the domain can perform the task of adding, deleting and renaming VLAN. VTP clients just “follow” VTP server of the same domain. Same domain means both VTP server and VTP client must have the same VTP domain name.) Switch2#conf t Switch2(config)#vtp mode client Switch2(config)#vtp domain uccn1003 8. Set VTP client and VTP domain name in Switch1. Switch1#conf t Switch1(config)#vtp mode client Switch1(config)#vtp domain uccn1003 9. Set VTP server and VTP domain name in Switch0. (Note: Switch0 may have automatically been set to domain uccn1003. Please type the commands just to make sure…) Switch0#conf t Switch0(config)#vtp mode server Switch0(config)#vtp domain uccn1003 10. Check the VLAN status of three switches (“show vlan brief”) and make a record. Compare this record with the record you have made in ex7.5. Switch0#show vlan brief Switch1#show vlan brief Switch2#show vlan brief 11. You should have notice that Switch1 and Switch2 have the “additional” VLAN (VLAN 2 and VLAN 3) as in Switch0. However, the “switch port assignment” is different. (Please note that VTP does not perform the switch port assignment to VLAN for you. VTP ONLY perform addition, deletion, and rename of VLAN, NOT switch port assignment). 12. Add VLAN 10 and VLAN 20 to Switch0. Switch0#conf t Switch0(config)#vlan 10 Switch0(config-vlan)#exit Switch0(config)#vlan 20 Switch0(config-vlan)#end 12
  • 13. 13. Check the VLAN status of three switches again. Switch0#show vlan brief Switch1#show vlan brief Switch2#show vlan brief 14. Delete VLAN 20 and rename VLAN 10 to “Technical”. Switch0#conf t Switch0(config)#no VLAN 20 Switch0(config)#vlan 10 Switch0(config-vlan)#name Technical Switch0(config-vlan)#end 15. Check the VLAN status of three switches again. VLAN 20 should be deleted and the name VLAN 10 has been changed to “Technical” for all three switches. Switch0#show vlan brief Switch1#show vlan brief Switch2#show vlan brief 16. Assign Fa0/20 of Switch1 to VLAN 10. Switch1#conf t Switch1(config)#int fa0/20 Switch1(config-if)#switchport access vlan 10 Switch1(config-if)#end Switch1#show vlan brief 17. Assign Fa0/2 of Switch2 to VLAN 2. Assign Fa0/10 of Switch2 to VLAN 10 Switch2#conf t Switch2(config)#int fa0/2 Switch2(config-if)#switchport access vlan 2 Switch2(config-if)#exit Switch2(config)#int fa0/10 Switch2(config-if)#switchport access vlan 10 Switch2(config-if)#end Switch2#show vlan brief 18. VLAN 10 is still unknown to Router0. Type in the following commands in Router0 so that VLAN 10 will have the gateway IP in Router0. Router#config t 13
  • 14. Router(config)#int fa0/0.3 Router(config-subif)#encapsulation dot1q 10 Router(config-subif)#ip address 192.168.10.254 255.255.255.0 Router(config-subif)#end Router#show ip int brief 8. Use PC9 to ping all other PCs. PC9 should be able to ping all other PCs. If not, please troubleshoot the network. 9. Use the “simulation mode” to trace how the ICMP data packet travel from PC9 to PC8. Exercise 8: VLAN Routing with 2 Routers (Homework) Build and configure the following network so that PC13 can ping any PC in the network (Add on top of what you have finished in Exercise 7). Use RIP for dynamic routing. Configure the appropriate gateway IP, VLANs, trunking, and subnets based on your own design choice, if it is not indicated in the following figure. 14