nqdinh dtcm th 2012
TRANSCRIPT
-
7/29/2019 Nqdinh Dtcm Th 2012
1/44
1
Introduction to Routing and Switching
Simulate with GNS3
Nguyn Quc nhFaculty of IT, Ho Chi Minh City University of Industry
Sept 2012
-
7/29/2019 Nqdinh Dtcm Th 2012
2/44
2
Schedule
Part 1: Starting with GNS3 Part 2: Static routing Part 3: VLAN
Part 4: LAN with STP Part 5: RIP (v2, ng) Part 6: OSPF Part 7: BGP Part 8: Multicasting Part 9: Access Control List Part 10: Review (Oh great)
-
7/29/2019 Nqdinh Dtcm Th 2012
3/44
3
Part 1
Starting with GNS3
Nguyn Quc nh
-
7/29/2019 Nqdinh Dtcm Th 2012
4/44
4
Why not Packet Tracer?
How different? Packet Tracer: simulation program GNS3: emulation program
On PT, you just can't fully operate BGP, STP,multicast
But the upside of PT (so it'd be there) Lightweight Easily to configure and see the result
-
7/29/2019 Nqdinh Dtcm Th 2012
5/44
5
To get started with GNS3see
GNS3: Graphical Network Simulatorby Mike Fuszner, v1.0
-
7/29/2019 Nqdinh Dtcm Th 2012
6/44
6
Notes: Setup
For this part and also later parts, use IOS 3640 Make sure to have virtual PC (vpc) for your testing
(i.e. ping)
GNS3 and its components run faster under Linuxthan under Windows Above all, always set IDLE PC to save your computer
computation
Try to remember all commands may overload yourlittle brain, use ? for commands supported
-
7/29/2019 Nqdinh Dtcm Th 2012
7/44
8
Note: Saving configuration
Configurations in two locations - RAM and NVRAM.
The running configuration is stored in RAM.
Any configuration changes to the router are made to therunning-configuration and take effect immediately after thecommand is entered.
The startup-configuration is saved in NVRAM and is loaded intothe router's running-configuration when the router boots up.
To save the running-configuration to the startup configuration,
type the following from privileged EXEC mode (i.e. at the"Router#" prompt.)
#copy running-config startup-config
-
7/29/2019 Nqdinh Dtcm Th 2012
8/44
9
Tip: Save your working frequently with
#copy running-config startup-config
-
7/29/2019 Nqdinh Dtcm Th 2012
9/44
10
Target:
Read (and do) up to page #40 of Mike's tutorial You have to setup and configure IP address of PCs
in this network
PC1 PC2PC1 PC3
-
7/29/2019 Nqdinh Dtcm Th 2012
10/44
11
Q: Could PC1 ping F0/0 of West? Why
Q: Could PC1 ping S0/1 of West? Why
Q: Could PC1 ping PC2? Why
-
7/29/2019 Nqdinh Dtcm Th 2012
11/44
12
Part 2
Static RoutingNguyn Quc nh
-
7/29/2019 Nqdinh Dtcm Th 2012
12/44
13
Why static routing?
Static routing vs Dynamic routing How different? What scale?
Static routing: toy game for tiny network
-
7/29/2019 Nqdinh Dtcm Th 2012
13/44
14
Commands
config t interface Fa0/0 ip address [ip-address] [subnet-mask] show ip route: displace routing table in a router ip route [destination-network-address] [subnet-
mask] [next-hop-IP-address]: configure static
route statement sh ip int brief: displace brief interfaces
information
-
7/29/2019 Nqdinh Dtcm Th 2012
14/44
15
Lab 1
Target: Use static routing to connect all PCs in this networkIP addresses of interface and PCs are shown in the picture
-
7/29/2019 Nqdinh Dtcm Th 2012
15/44
16
Hint: configure static routing table in each
(config)#ip route 192.168.1.0 255.255.255.0 10.0.0.2(config)#ip route 192.168.2.0 255.255.255.0 10.0.0.2
(config)#ip route 192.168.0.0 255.255.255.0 10.0.0.1(config)#ip route 192.168.2.0 255.255.255.0 10.0.1.2
(config)#ip route 192.168.0.0 255.255.255.0 10.0.1.1(config)#ip route 192.168.1.0 255.255.255.0 10.0.1.1
West
Central
East
-
7/29/2019 Nqdinh Dtcm Th 2012
16/44
17
Command show ip route on West, East, andCentral
Does it reveal something? Try to explain the
resultsSee more results with ping, traceroute
(router), and tracert (PC)
-
7/29/2019 Nqdinh Dtcm Th 2012
17/44
18
Check your understanding by configure following network
1 2 3
4 5
6
7 8
-
7/29/2019 Nqdinh Dtcm Th 2012
18/44
19
Grand addresses 172.(15+X).0.0/16 for X-thsubnet.
User static routing All PCs could communicate through the network
Checking (always checking) show ip route
ping to the internet tracert from PC
Requirements for previous scenario
-
7/29/2019 Nqdinh Dtcm Th 2012
19/44
20
Part 3
VLANNguyn Quc nh
-
7/29/2019 Nqdinh Dtcm Th 2012
20/44
21
Notes on VLAN
VLANs are assigned on the switch port. There is noVLAN assignment done on the host (usually).
Assigning a host to the correct VLAN is a 2-stepprocess:
1.Connect the host to the correct port on the switch.
2.Assign to the host the correct IP address depending onthe VLAN memebership
Remember: VLAN = Subnet
Following labs, we use static VLANs
-
7/29/2019 Nqdinh Dtcm Th 2012
21/44
22
To use switch @GNS3
GNS3 doesn't include layer-2 and layer-3switches. we could utilize router as switch instead
by using NM-16ESW module in router. In this wayyou can configure switching protocols like VLAN,STP, VTP ect.
How? To make a switch symbol, see following slide
-
7/29/2019 Nqdinh Dtcm Th 2012
22/44
23
To use switch @GNS3
1
23
You got a switch symbol from c3600 (c3640)Use it in the following VLAN labs
-
7/29/2019 Nqdinh Dtcm Th 2012
23/44
24
Commands Related to VLAN
To add more items to vlan database:#vlan database
(vlan)#vlan 20 name engineering
To make a host connect to current port belong to vlan 20:(config-if)#switchport mode access
(config-if)#switchport acess vlan 20
To turn current port to trunking mode:(config-if)#switchport mode trunk
(config-if)#switchport trunk allowed vlan all
-
7/29/2019 Nqdinh Dtcm Th 2012
24/44
25
Commands Related to VLAN (cont)
And to show vlan summary:#show vlan?
#show vlan-switch
#show interfaces fa0/1 switchport#sh vtp status
Following slides explain more in few commands
-
7/29/2019 Nqdinh Dtcm Th 2012
25/44
26
Configure Ranges of VLANs
Switch(config)#interface rangefastethernet 0/8, fastethernet 0/12
Switch(config-if)#switchport access vlan 3
Switch(config-if)#exit
vlan 3
-
7/29/2019 Nqdinh Dtcm Th 2012
26/44
27
Mode Acess
Switch(config)#interface fastethernet 0/1
Switch(config-if)#switchport mode access
Switch(config-if)#exit
Note: The switchport mode access command should beconfigured on all ports that the network administratordoes not want to become a trunk port.
-
7/29/2019 Nqdinh Dtcm Th 2012
27/44
28
Face Mistake, to Remove
Deleting a Port VLAN MembershipSwitch(config-if)#no switchport access vlanvlan_number
Deleting a VLAN
Switch#vlan database
Switch(vlan)#no vlan Switch(vlan)#exit
-
7/29/2019 Nqdinh Dtcm Th 2012
28/44
29
VLAN Tagging
To turn current port to trunking mode:
(config-if)#switchport mode trunk
(config-if)#switchport trunk allowed vlan all
Or more selective
(config-if)#switchport trunk allowed vlan 10 20
No VLAN Tagging
VLAN Tagging
-
7/29/2019 Nqdinh Dtcm Th 2012
29/44
30
Lab 1: Assign VLAN Port
Target: Create this VLAN table @R1:VLAN 1: defaultVLAN 10: engineeringVLAN 20: r-d
VLAN 30: accountingVLAN 40: sale
VLAN 10 owns 172.168.10.0/24 subnetVLAN 20 owns 172.168.11.0/24 subnet
VLAN 30 owns 172.168.12.0/24 subnetVLAN 40 owns 172.168.13.0/24 subnet
-
7/29/2019 Nqdinh Dtcm Th 2012
30/44
31
Lab 1: Assign VLAN Port (cont)
Assign following:C0 owned by an engineerC1 owned by an engineerC2 owned by a seller
Their IP addresses assigned byyour own
Configure the network. Then answer: Can C0 ping C1? Why? Can C0 ping C2? Why?
-
7/29/2019 Nqdinh Dtcm Th 2012
31/44
32
Lab 2: VLAN Trunking
switchport mode trunk
switchport mode access
-
7/29/2019 Nqdinh Dtcm Th 2012
32/44
33
Lab 2: VLAN Trunking (cont)
Assign following:
C0 owned by an engineerC1 owned by an engineerC2 owned by a seller
C3 owned by an engineer
C4 owned by a seller
Their IP addresses assigned by your own
Check if all engineers/sellers assigned to the same subnet
Lab 3 (option): Testing your
-
7/29/2019 Nqdinh Dtcm Th 2012
33/44
34
Lab 3 (option): Testing yourunderstanding with VLAN Trunking
For guidance, see attached documentation (part3-lab3.pdf)from TruongTan Inst.
Lab 4 (option): Routing between VLANs
-
7/29/2019 Nqdinh Dtcm Th 2012
34/44
35
Lab 4 (option): Routing between VLANs
For guidance, see attached documentation (part3-lab4.pdf)from TruongTan Inst.
-
7/29/2019 Nqdinh Dtcm Th 2012
35/44
36
Part 4
LAN with STP
Nguyn Quc nh
-
7/29/2019 Nqdinh Dtcm Th 2012
36/44
37
Objective
Learn how to identify which switch is elected asthe root bridge.
Learn how to determine the optimum bridge
placement. Learn to optimize Spanning Tree convergence. Learn to change connection cost.
-
7/29/2019 Nqdinh Dtcm Th 2012
37/44
38
(1) Network scenario
Put the switch in orderas shown in the picture. Inwhich the R4 is put in the last
1
2
3
4
By default, STP is build in VLAN 1. And R1 is the root. Why?
-
7/29/2019 Nqdinh Dtcm Th 2012
38/44
39
R1#show spanning-tree
VLAN1 is executing the ieee compatible Spanning Tree protocol
Bridge Identifier has priority 32768, address cc00.597e.0000Configured hello time 2, max age 20, forward delay 15
We are the root of the spanning tree
Topology change flag not set, detected flag not set
Port 1 (FastEthernet0/0) of VLAN1 is forwardingPort path cost 19, Port priority 128, Port Identifier 128.1.
Designated root has priority 32768, address cc01.60ce.0000
Designated bridge has priority 32768, address cc01.60ce.0000
Designated port id is 128.1, designated path cost 0
BPDU: sent 24, received 0
Port 2 (FastEthernet0/1) of VLAN1 is forwarding
Port path cost 19, Port priority 128, Port Identifier 128.2.
R1#show spanning-tree
-
7/29/2019 Nqdinh Dtcm Th 2012
39/44
40
p g
VLAN1 is executing the ieee compatible Spanning Tree protocol
Bridge Identifier has priority 32768, address cc00.597e.0000
Configured hello time 2, max age 20, forward delay 15
We are the root of the spanning tree
Topology change flag not set, detected flag not set
R2#show spanning-tree
VLAN1 is executing the ieee compatible Spanning Tree protocol
Bridge Identifier has priority 32768, address cc01.597e.0000
Configured hello time 2, max age 20, forward delay 15
Current root has priority 32768, address cc00.597e.0000
Root port is 2 (FastEthernet0/1), cost of root path is 38
Wh ' h
-
7/29/2019 Nqdinh Dtcm Th 2012
40/44
41
Where's the root
R1 is the root. By default a Root Bridge is elected, and the one has
slowest Bridge ID (determined by the Bridge Priorityand the MAC address) is the winner.
Want to make
R4 to be the root bridge
Ch th t b id
-
7/29/2019 Nqdinh Dtcm Th 2012
41/44
42
Change the root bridge
By default, all bridge has priority of32768 To change priority of one bridge:
Switch (config)# spanning-tree vlan
priority
To make one bridge be root-bridge (priority = 8192)
Switch (config)# spanning-tree vlan
root primary
To make one bridge be secondary root-bridge forredundancy (priority = 16384)
Switch (config)# spanning-tree vlan
root secondary
L t' k h
-
7/29/2019 Nqdinh Dtcm Th 2012
42/44
43
Let's make some changes
Make R4 become the root:R4(config)# spanning-tree vlan 1 root
primary
Make R3 has one port to be blocked (why wehas following setting?)
R3(config)#spanning-tree vlan 1 priority
61440
(2) Ch th t f h li k
-
7/29/2019 Nqdinh Dtcm Th 2012
43/44
44
(2) Change the cost of each link
Default path costs10BaseT: 100
100BaseT: 19
1000Baset: 4 To change the cost in each link
switch (config-if)# spanning-tree vlan cost
What happens when the port of R4 which links toR2 has the cost of 15?
(3) S i t
-
7/29/2019 Nqdinh Dtcm Th 2012
44/44
45
(3) Spanning tree convergence
STP uses several timers to recover fromtopology changes
Modifying STP timers
spanning-tree vlan vlan-listhello-timeseconds
spanning-tree vlan vlan-listforward-time seconds
spanning-tree vlan vlan-listmax-age seconds