CCNA Layer 2 Switching - Virtual Local Area Networks Lab Scenario

[K] Command Line [I] IP Configuration [P] Console Password Enter Selection: Set up the switches using the following configuration information: If you do not require step-by-step informa

Trang 1

Date of Issue: 04-01-2001

CCNA Layer 2 Switching - Virtual Local Area Networks

Lab Scenario

by Leigh Anne Chisholm

Introduction

Preparing Your Switches

Section 1 - Configuring VLAN Trunk Protocol (VTP)

Section 2 - Creating VLANs

Section 3 - Verifying VLAN Functionality

Section 4 - Configuring an ISL Trunk Link

Section 5 - More VTP Configuration

Section 6 - Viewing Spanning Tree Protocol Information

Section 7 - Configuring ISL Routing

The VLAN Wrap-Up

Introduction

This lab is designed to walk you through a basic VLAN configuration using two Catalyst 1900 (or 2820) series

switches

This lab shows you step-by-step what commands to type in and how to check that you have configured things

correctly Each switch must be configured with the Enterprise edition software The Cisco IOS software CLI is not

available if the switch has been configured with the Standard edition software

While it is possible to complete most of this lab using a single Catalyst 1900/2820 series switch, a second Catalyst 1900/2820 series switch (or Cisco switch that supports ISL) is required to complete Section 4, "Configuring an ISL Trunk Link."

Section 3, "Verifying VLAN Functionality" and Section 4, "Configuring an ISL Trunk Link," require access to two PCs that can be connected directly to the switch ports of the primary switch that you will use for the lab To successfully complete these sections, you must be able to alter the IP address configuration information on each of these PCs

To complete Section 4, "Configuring an ISL Trunk Link," you need one crossover cable to connect the switches

Section 7, "Configuring ISL Routing," requires access to a Cisco router that supports ISL trunking and that is

equipped with a FastEthernet port

Preparing Your Switches

Processes currently executing on the Catalyst switches involved in

this lab may interfere with the expected outcome from each section

of this lab Therefore, it is recommended you begin working

through these labs only after resetting the configuration of each

switch to the factory defaults To complete this process, issue the

privileged exec mode command delete nvram on each switch.

Once you have restored the settings on your switches to their

original configuration, establish a console connection with each switch You should see the following menu:

1 user(s) now active on Management Console

User Interface Menu

[M] Menus

IMPORTANT! Ensure you have the capability

of configuring each switch via the console port

prior to resetting the switch to its factory

defaults All configuration information

including IP address assignment and IP default gateway will be reset You will be

unable to telnet to your switches

Trang 2

[K] Command Line

[I] IP Configuration

[P] Console Password

Enter Selection:

Set up the switches using the following configuration information:

If you do not require step-by-step information on how to complete this process, then proceed to Section 1,

"Configuring VLAN Trunk Protocol (VTP)."

To configure the Primary Catalyst switch:

1 From the "User Interface Menu", select option "[K] Command Line".

A ">" prompt will be displayed, indicating you have entered the user exec mode of the switch

2 Enter privileged exec mode by issuing the command

enable

A "# "prompt will be displayed

3 To begin configuring the switch name, IP information, and password; enter global configuration mode by issuing the command

configure terminal

The prompt "(config)#" will be displayed, indicating that you have entered global configuration mode

4 To set the name of the switch to "SwitchA," issue the command

hostname SwitchA

You will notice that the prompt now displays the name of the switch as well as the global configuration mode prompt: "SwitchA(config)#."

5 To set the IP address and subnet mask for the switch, issue the command

ip address 172.16.1.200 255.255.255.0

6 To set the default gateway for the switch, issue the command

ip default-gateway 172.16.1.1

7 To set the enable password to "secret," issue the command

enable secret secret

Primary Switch:

Switch Name: SwitchA

IP Address: 172.16.1.200

Subnet Mask: 255.255.255.0

Default Gateway: 172.16.1.1

Enable Password: secret

Secondary Switch:

Switch Name: SwitchB

IP Address: 172.16.1.201 Subnet Mask: 255.255.255.0 Default Gateway: 172.16.1.1 Enable Password: secret

Trang 3

8 To end the configuration process, type exit.

9 Confirm your configuration by issuing the command show running-config You should see only:

¡ the hostname of the switch (SwitchA)

¡ IP address and default gateway information (ip address 172.16.1.200 255.255.255.0, ip

default-gateway 172.16.1.1)

¡ privileged exec mode password encrypted (enable secret 5 $1$FMFQ$6meDTvWbwHZeuIPKLt7Rh/)

¡ each individual interface on your switch (Ethernet 0/1 through 0/27)

¡ "line console"

There should not be any configuration information under the Ethernet interfaces nor line console

Repeat this procedure on SwitchB, substituting the appropriate values for configuring the switch

Once you have completed configuring SwitchB, you are ready to begin working through the basic VLAN configuration

of this lab

Section 1 - Configuring VLAN Trunk Protocol (VTP)

In this section, you will set SwitchA to operate in VTP transparent mode

Recall that once a switch has been configured with a VTP domain name, its default mode of operation is that of VTP server In order to ensure that this information is not propagated throughout the network, the VTP mode must be set

to transparent before a VTP domain name is assigned

Begin this part of the lab by configuring SwitchA

1 On SwitchA, enter global configuration mode from the privileged exec mode prompt by issuing the command configure terminal

The prompt "SwitchA(config)#" will be displayed, indicating that you have entered global configuration mode

2 To set the VTP mode to transparent, issue the command

vtp transparent

3 To set the VTP domain name to "CertZone," issue the command

vtp domain CertZone

5 Confirm your configuration by issuing the command

show vtp

You should see the following output:

SwitchA#show vtp

VTP version: 1

Configuration revision: 0

Maximum VLANs supported locally: 1005

Number of existing VLANs: 6

VTP domain name : CertZone

Trang 4

VTP password :

VTP operating mode : Transparent VTP pruning mode : Disabled VTP traps generation : Enabled Configuration last modified by: 172.16.1.200 at 00-00-0000 00:00:00 SwitchA# 6 Optional: Issue the command show vtp ? Note that the only keyword available with the show vtp command is "statistics". 7 Optional: Issue the command show vtp statistics You should see the following output: SwitchA#show vtp statistics Receive Statistics Transmit Statistics -

-Summary Adverts 0 -Summary Adverts 0

Subset Adverts 0 Subset Adverts 0

Advert Requests 0 Advert Requests 0

Configuration Errors: Revision Errors 0

Digest Errors 0

VTP Pruning Statistics: Port Join Received Join Transmitted Summary Adverts received with no pruning support - -

-A 0 0 0

B 0 0 0

SwitchA# If the switch were operating in a mode other than VTP transparent, these counters would increment according to the information transmitted/received If a switch were operating as a VTP client, it would be expected that "Transmit Statistics" counters would not increment since the switch would be set up to only receive VTP information but not to transmit it 8 Optional: On SwitchB, issue the command show vtp You should see the following output: SwitchB#show vtp VTP version: 1 Configuration revision: 0 Maximum VLANs supported locally: 1005 Number of existing VLANs: 5 VTP domain name :

VTP password :

VTP operating mode : Server

VTP pruning mode : Disabled

VTP traps generation : Enabled

Configuration last modified by: 0.0.0.0 at 00-00-0000 00:00:00

SwitchB#

SwitchB has not received any VTP information from SwitchA (which is to be expected)

Note that SwitchB's VTP operating mode is set to "Server." Recall that once a Catalyst 1900 series switch is configured with a VTP domain name, its default VTP mode of operation is "Server."

Trang 5

Section 2 - Creating VLANs

In this section, you will create three VLANs: Engineering, Marketing, and Production Once these VLANs have been created, you will assign two ports to each VLAN using the static membership configuration option

Begin this part of the lab by configuring SwitchA

1 On SwitchA, enter global configuration mode from the privileged exec mode prompt by issuing the command configure terminal

The prompt "SwitchA(config)#" will be displayed, indicating you have entered global configuration mode

2 To create VLAN 2 - Engineering, issue the command

vlan 2 name Engineering

Note: When typing in the names of VLANs, remember that name information is case sensitive

3 To create VLAN 3 - Marketing, issue the command

vlan 3 name Marketing

4 To create VLAN 4 - Production, issue the command

vlan 4 name Production

show vlan

SwitchA#show vlan

VLAN Name Status Ports

-1 default Enabled -1-24, AUI, A, B

2 Engineering Enabled

3 Marketing Enabled

4 Production Enabled

1002 fddi-default Suspended

1003 token-ring-defau Suspended

1004 fddinet-default Suspended

1005 trnet-default Suspended

-VLAN Type SAID MTU Parent RingNo BridgeNo Stp Trans1 Trans2

-1 Ethernet -10000 -1 -1500 0 0 0 Unkn -1002 -1003

2 Ethernet 100002 1500 0 1 1 Unkn 0 0

3 Ethernet 100003 1500 0 1 1 Unkn 0 0

4 Ethernet 100004 1500 0 1 1 Unkn 0 0

1002 FDDI 101002 1500 0 0 0 Unkn 1 1003

1003 Token-Ring 101003 1500 1005 1 0 Unkn 1 1002

1004 FDDI-Net 101004 1500 0 0 1 IEEE 0 0

1005 Token-Ring-Net 101005 1500 0 0 1 IEEE 0 0

-SwitchA#

7 Optional: Issue the command

Trang 6

show vlan-membership

SwitchA#show vlan-membership

Port VLAN Membership Type Port VLAN Membership Type

1 1 Static 13 1 Static

AUI 1 Static

A 1 Static

B 1 Static

SwitchA#

Note that all ports belong to VLAN 1 by default and that the membership type of each port is static

8 Enter global configuration mode from the privileged exec mode prompt by issuing the command

configure terminal

9 Assign Ethernet ports 0/1 and Ethernet 0/2 to VLAN 2 - Engineering To assign an Ethernet port membership

in a VLAN, you must enter interface configuration mode

Enter interface configuration mode for Ethernet 0/1 by issuing the command

interface Ethernet 0/1

10 To assign Ethernet 0/1 to VLAN 2, issue the command

vlan-membership static 2

11 Repeat this process, assigning ports to VLANs as follows:

Ethernet 0/2 to VLAN 2

show vlan

Trang 7

-1 default Enabled 8-24, AUI, A, B

2 Engineering Enabled 1-2

3 Marketing Enabled 3-4

4 Production Enabled 5-6

-1 Ethernet -10000 -1 -1500 0 0 0 Unkn -1002 -1003

2 Ethernet 100002 1500 0 1 1 Unkn 0 0

3 Ethernet 100003 1500 0 1 1 Unkn 0 0

4 Ethernet 100004 1500 0 1 1 Unkn 0 0

1002 FDDI 101002 1500 0 0 0 Unkn 1 1003

1003 Token-Ring 101003 1500 1005 1 0 Unkn 1 1002

More 1004 FDDI-Net 10 More 1004 1500 0 0 1 IEEE 0 0

-SwitchA#

Ethernet ports 0/1 through 0/6 appear in the VLANs as configured; however, Ethernet port 0/7 does not show

it belonging to any VLAN Why?

14 Issue the privileged exec mode command

show interface ethernet 0/7

SwitchA#show int e 0/7

Ethernet 0/7 is Disabled-no-vlan

Hardware is Built-in 10Base-T

Address is 00B0.64D1.F747

MTU 1500 bytes, BW 10000 Kbits

802.1d STP State: Disabled Forward Transitions: 1

Port monitoring: Disabled

Unknown unicast flooding: Enabled

Unregistered multicast flooding: Enabled

Description:

Duplex setting: Half duplex

Back pressure: Disabled

Notice that Ethernet port 0/7 is reporting that it is "Disabled-no-vlan" This message appears when a port has been assigned to a VLAN that has not yet been created

15 Issue the privileged-exec mode command

show vlan-membership

SwitchA#show vlan-m

Port VLAN Membership Type Port VLAN Membership Type

Trang 8

AUI 1 Static

A 1 Static

B 1 Static

SwitchA#

From the output of the command show vlan-membership, we can determine that Ethernet port 0/7 has been

assigned to VLAN 5

16 Enter global configuration mode from the privileged exec mode prompt by issuing the command

configure terminal

17 Create VLAN 5, naming it "Accounting."

18 Issue the privileged exec mode command

show vlan

-1 default Enabled 8-24, AUI, A, B

2 Engineering Enabled 1-2

3 Marketing Enabled 3-4

4 Production Enabled 5-6

5 Accounting Enabled 7

-1 Ethernet -10000 -1 -1500 0 0 0 Unkn -1002 -1003

2 Ethernet 100002 1500 0 1 1 Unkn 0 0

3 Ethernet 100003 1500 0 1 1 Unkn 0 0

4 Ethernet 100004 1500 0 1 1 Unkn 0 0

5 Ethernet 100005 1500 0 1 1 Unkn 0 0

More 1002 FDDI 10 More 1002 1500 0 0 0 Unkn 1 1003

1003 Token-Ring 101003 1500 1005 1 0 Unkn 1 1002

1004 FDDI-Net 101004 1500 0 0 1 IEEE 0 0

-SwitchA#

Notice that Port 7 now appears in VLAN 5 - Accounting

Section 3 - Verifying VLAN Functionality

In this section you will test the connectivity between two end-systems connected to ports that have been configured

Trang 9

as members of the same VLAN and then to ports that are configured as members of different VLANs.

1 Connect one of your two PCs to SwitchA's Ethernet port labeled "1x"

2 On this PC, set the following IP configuration information:

IP address: 172.16.1.20

Subnet mask: 255.255.255.0

3 Connect the second PC to SwitchA's Ethernet port labeled "2x."

4 On this PC, set the following IP configuration information:

IP address: 172.16.1.21

Subnet mask: 255.255.255.0

5 From the PC plugged into SwitchA's Ethernet port 1x, ping IP address 172.16.1.21 Were you successful? Yes or No? Why?

7 You should have been able to ping between each PC because each is a member of the same VLAN

Now without changing IP address information on the PCs, move the network cable from SwitchA's Ethernet port 2x to 4x

10 You should not have been able to ping between PCs The PC attached to port 1x is a member of VLAN 2, while the PC attached to port 4x is a member of VLAN 3 Note that they both exist in the same subnet

11 Do you think you will be able to ping the IP address of the switch from either connected PC?

Why or why not?

12 Try to ping the IP address of SwitchA from the PC plugged into SwitchA's Ethernet port 1x Were you

successful?

Yes or No? Why?

13 Try to ping the IP address of SwitchA from the PC plugged into SwitchA's Ethernet port 4x Were you

successful?

Yes or No? Why?

14 The IP address of the switch is assigned membership to VLAN 1 by default Only a PC that resides in the

Trang 10

same subnet as the switch that is also a member of VLAN 1 will be able to ping the switch.

Now without changing IP address information on the PCs, move the network cable from SwitchA's Ethernet port 4x to 10x

15 From the PC that is connected to SwitchA's Ethernet port 10x, attempt to ping the switch Were you

successful?

Yes or No? Why?

16 You should have been able to ping the switch when you were plugged into SwitchA's Ethernet port 10x

Ethernet port 10x is configured as a member of VLAN 1 Both the switch and the PC belong to the same subnet

If two end-systems were located in the same VLAN but were located on different subnets, would they still be able to communicate?

Yes or No? Why?

Section 4 - Configuring an ISL Trunk Link

In this section, you will create an ISL trunk link that will carry VLAN traffic between your primary and your secondary switch

To demonstrate the functionality gained by using a trunk port rather than a dedicated link, you will begin this section

of the lab using a point-to-point configuration to forward VLAN traffic between the two switches Once you have

become familiar with how to configure a standard single-VLAN link between the two switches, you will configure an ISL trunk link

Before you begin, connect the two FastEthernet A ports using a crossover cable To ensure this lab will work as expected, first test the connection between both switches Ping the IP address of SwitchA (172.16.1.200) You should

be successful If not, check the cable between the FastEthernet ports of both switches Do not proceed further until

you can successfully ping between switches

Begin this part of the lab by configuring SwitchB

1 On SwitchB, enter global configuration mode from the privileged exec mode prompt by issuing the command configure terminal

The prompt "SwitchB(config)#" will be displayed, indicating you have entered global configuration mode

2 Create VLAN 2, specifying the name for the VLAN as "Engineering."

Note: When typing in the names of VLANs, remember that name information is case sensitive

3 Create VLAN 3, specifying the name for the VLAN as "marketing." USE ALL lower CASE.

4 Assign Ethernet ports 0/1 and 0/2 to VLAN 2

5 Assign Ethernet ports 0/3 and 0/4 to VLAN 3

6 Disconnect the cable plugged into SwitchA's port labeled "10x." Connect it to SwitchB's Ethernet port labeled 1x

7 From either PC, attempt to ping the corresponding PC Were you successful?

Yes or No? Why?

8 You should not have been successful When the switch received a ping for an end-system that was not

directly connected to it, it flooded the frame out all ports that belonged to the same VLAN as the originating end-system What is missing (but required) are ports on each switch that have been configured as a member

Tiêu đề	CCNA Layer 2 Switching - Virtual Local Area Networks Lab Scenario
Tác giả	Leigh Anne Chisholm
Trường học	CertificationZone
Chuyên ngành	Networking
Thể loại	bài tập
Năm xuất bản	2001
Thành phố	Unknown

Định dạng
Số trang	17
Dung lượng	52,3 KB