CCNP switching Experiment (VLAN/VTP/DHCP)

Last Update:2013-12-27 Source: Internet

Author: User

Tags md5 digest

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Lab requirements:
The topology is simulated based on the typical C3550-Headquarters-branch structure. The core route of the headquarters is C3550. The Extranet network uses the OSPF protocol and the Intranet is deployed through the VTP protocol to achieve network-wide interconnection.
1, the headquarters core switch C3550-1 to create VLAN10/20/30/40, of which VLAN40 only for device management, do not port access, VLAN division.
2, The C3550-1 is VTP Server, the domain name sovand.com, the password sovand, C2950 and the C3550-2 is the client, view the VLAN transmission.
3. The C3550-2 establishes the DHCP Server, the address pool can see the topology, the requirement Terminal 1/2/3 can obtain the address normally and realize the Intranet interconnection.
4. The OSPF protocol is established for the Internet, and the whole network is interconnected. C2950 and C3550-2 configuration management address are used for remote management.
5. Due to security requirements, VLAN20 must be disconnected from other switches, but local access and communication between other VLANs are not affected.
6. To meet service requirements, create a new VLAN100 on C2950 for local communication without changing the topology and VTP deployment.
7. As a result of business expansion, the C3550-2 as VTP-Server should be divided into a new domain "full", but the domain network is not interrupted.
Experiment topology:

650) this. width = 650; "style =" border-bottom: 0px; border-left: 0px; display: block; float: none; margin-left: auto; border-top: 0px; margin-right: auto; border-right: 0px "title =" clip_image002 "border =" 0 "alt =" clip_image002 "height =" 370 "src =" http://www.bkjia.com/uploads/allimg/131227/023135K13-0.jpg "/>

Tutorial steps:
1. Configure VLAN and VTP on the Intranet
C3550-1:
C3550-1 (config) # vlan 10
C3550-1 (config-vlan) # vlan 20
C3550-1 (config-vlan) # vlan 30
C3550-1 (config-vlan) # vlan 40
C3550-1 (config-vlan) # exit
C3550-1 (config) # int f0/7
C3550-1 (config-if) # switchport trunk encapsulation dot1q // encapsulate 802.1Q protocol on a layer-3 Interface
C3550-1 (config-if) # switchport mode trunk
C3550-1 (config-if) # int f0/9
C3550-1 (config-if) # switchport mode access
C3550-1 (config-if) # switchport access vlan 10
C3550-1 (config) # vtp domain sovand.com // configure VTP domain name to sovand.com
C3550-1 (config) # vtp password sovand // set VTP password C3550-1 (config) # vtp mode server // set VTP server mode C3550-2:
C3550-2 (config) # vlan 30
C3550-2 (config-vlan) # exit
C3550-2 (config) # int f0/11
C3550-2 (config-if) # switchport trunk encapsulation dot1q
C3550-2 (config-if) # switchport mode trunk
C3550-2 (config-if) # int f0/10
C3550-2 (config-if) # switchport mode access
C3550-2 (config-if) # switchport access vlan 30
C3550-2 (config) # vtp domain sovand.com C3550-2 (config) # vtp password sovand C3550-2 (config) # vtp mode client
C2950:
C2950 (config) # vlan 20
C2950 (config-vlan) # exit
C2950 (config) # int f0/1
C2950 (config-if) # switchport mode trunk
C2950 (config) # int f0/2
C2950 (config-if) # switchport mode trunk
C2950 (config-if) # int f0/3
C2950 (config-if) # switchport mode access
C2950 (config-if) # switchport access vlan 20
C2950 (config) # vtp domain sovand.com
C2950 (config) # vtp password sovand
C2950 (config) # vtp mode client
View the trunk interface:
Sw-2 # show int trunk

Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1
Fa0/2 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/1 1-19,21-4094
Fa0/2 1-19,21-4094

Port Vlans allowed and active in management domain
Fa0/1 100, 30, 40
Fa0/2 100, 30, 40

Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 100, 30, 40
Fa0/2 100, 30, 40

SW3 # show int trunk

Port
Fa0/11 Mode Encapsulation Status
On 802.1q trunking Native vlan
1

Port
Fa0/11
Vlans allowed on trunk
1-4094

Port
Fa0/11
Vlans allowed and active in management domain
1, 10, 20, 30, 40

Port
Fa0/11
Vlans in spanning tree forwarding state and not pruned
1

2. Configure the DHCP server on the C3550-2
When each VLAN client sends a broadcast request to the DHCP server, the DHCP server must be able to direct to the gateway, which is the corresponding VLAN address configured in the core switch. Because the DHCP server belongs to VLAN30, the host of VLAN30 does not need to use a transit address when sending DHCP broadcasts. When VLAN20 and VLAN10 send broadcasts, they must configure a transit address through the netoff to reach the DHCP server in VLAN30.
C3550-1:
C3550-1 (config) # ip routing // enable Layer-3 Switch routing
C3550-1 (config) # int vlan 10
C3550-1 (config-if) # ip add 172.16.1.1 255.255.255.0 // configure the gateway IP
C3550-1 (config-if) # ip help-address 172.16.3.2 // configure the transit address to a DHCP server address
C3550-1 (config-if) # no shut
C3550-1 (config) # int vlan 20
C3550-1 (config-if) # ip add 172.16.2.1 255.255.255.0
C3550-1 (config-if) # ip help-address 172.16.3.2
C3550-1 (config-if) # no shut
C3550-1 (config) # int vlan 30
C3550-1 (config-if) # ip add 172.16.3.1 255.255.255.0
C3550-1 (config-if) # no shut
C3550-2:
C3550-2 (config) # no ip routing
C3550-2 (config) # int vlan 30
C3550-2 (config-if) # ip add 172.16.3.2 255.255.255.0 // configure the IP address of the DHCP server
C3550-2 (config) # ip dhcp pool vlan10 // create a DHCP address pool
C3550-2 (dhcp-config) # network 172.16.1.0 255.255.255.0 // configure the address pool
C3550-2 (dhcp-config) # default-router 172.16.1.1 // default Gateway pointing to VLAN10
C3550-2 (config) # ip dhcp pool vlan20
C3550-2 (dhcp-config) # network 172.16.2.0 255.255.255.0
C3550-2 (dhcp-config) # default-router 172.16.2.1
C3550-2 (config) # ip dhcp pool vlan30
C3550-2 (dhcp-config) # network 172.16.3.0 255.255.255.0
C3550-2 (dhcp-config) # default-router 172.16.3.1
C3550-2 (config) # ip dhcp exclude-address 172.16.3.1 172.16.3.10 // Add DHCP exclusion address
C3550-2 (config) # ip dhcp exclude-address 172.16.2.1 172.16.2.10
C3550-2 (config) # ip dhcp exclude-address 172.16.1.1 172.16.1.10
View DHCP information:
SW3 # show ip dhcp bin
IP address Client-ID/Lease expiration Type
Hardware address
172.16.1.12 0063.6973.636f.2d30. Mar 02 1993 AM Automatic
3030.352e.3332.6363.
2e31. 3132.302d.4661.
302f. 30
172.16.2.12 0063.6973.636f.2d30. Mar 02 1993 AM Automatic
3030.342e.20.1.6362.
2e39. 6134.302d.4661.
302f. 30
172.16.3.13 0063.6973.636f.2d30. Mar 02 1993 AM Automatic
3030.632e.3330.6361.
2e31. g03.302d.4661.
302f. 30

3. Enable OSPF for external networks
C3550-1:
C3550-1 (config) # int f0/8
C3550-1 (config-if) # no switchport // enable Layer-3 Port
C3550-1 (config-if) # ip add 195.1.11.2 255.255.255.252
C3550-1 (config-if) # no shut
C3550-1 (config) # router ospf 88
C3550-1 (config-router) # net 195.1.11.2 0.0.0.0 a 0
C3550-1 (config-router) # net 172.16.0.0 0.0.3.255 a 0
R4:
R4 (config) # router ospf 88
R4 (config-router) # net 195.1.11.1 0.0.0.0 a 0
R4 (config-router) # net 195.2.11.1 0.0.0.0 a 0
R5:
R5 (config) # router ospf 88
R5 (config-router) # net 10.1.11.1 0.0.0.0 a 1
R5 (config-router) # net 195.2.11.2 0.0.0.0 a 0
4. configure remote management VLAN
C3550-1:
C3550-1 (config) # int vlan 40
C3550-1 (config-if) # ip add 172.16.4.1 255.255.255.0 // configure the gateway for the management VLAN
C3550-1 (config) # line vty 0 4
C3550-1 (config-line) # password cisco
C3550-1 (config-line) # login
C3550-2:
C3550-2 (config) # int vlan 40
C3550-2 (config-if) # ip add 172.16.4.100 255.255.255.255.0 // manage VLAN addresses
C3550-2 (config) # ip default-gateway 172.16.4.1 // The gateway C3550-2 pointing to the core router (config) # line vty 0 4
C3550-2 (config-line) # password cisco
C3550-2 (config-line) # login
C2950:
C2950 (config) # int vlan 40
C2950 (config-if) # ip add 172.16.4.99 255.255.255.0
C2950 (config) # ip default-gateway 172.16.4.1
C2950 (config) # line vty 0 4
C2950 (config-line) # password cisco
C2950 (config-line) # login
5. Disconnect VLAN20 from other vswitches
C2950 (config) # int f0/3
C2950 (config-if) # switchport trunk allowed vlan remove 20 // disconnect the trunk link of VLAN20
6. Create a New VLAN100 in C2950 for local communication.
Because C2950 is in VTP client mode, you cannot add or delete VLANs. Therefore, you must change the mode before configuring C2950. If it is changed to the server mode, once the revision number is higher than other switches, it is easy to overwrite the original VLAN. Therefore, only the transparent mode can be configured. You can add or delete VLANs without updating them.
C2950 (config) # vtp mode transparent
C2950 (config) # vlan 100
C2950 (config-vlan) # exit
View VLAN information:
Sw-2 # show vlan
VLAN Name Status Ports
----------------------------------------------------------------------------
1 default active Fa0/4, Fa0/5, Fa0/6, Fa0/7
Fa0/8, Fa0/9, Fa0/10, Fa0/11
Fa0/12, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24
10 VLAN0010 active
20 VLAN0020 active Fa0/3
30 VLAN0030 active
40 VLAN0040 active
100 VLAN0100 active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
SW3 # show vlan
VLAN Name Status Ports
----------------------------------------------------------------------------
1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gi0/1, Gi0/2
10 VLAN0010 active
20 VLAN0020 active
30 VLAN0030 active Fa0/12
40 VLAN0040 active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
7. Divide the C3550-2 as a VTP Server into a new domain "full"
In the case of port self-negotiation, if The VTP domain names of the two switches are different, trunk cannot be formed between them. To configure two different domain names on two vswitches and enable trunk successfully, you must disable port self-negotiation.
C3550-2 (config) # int f0/11
C3550-2 (config-if) # switchport nonegotiate // close the port self-Negotiation
C2950 (config) # int f0/2
C2950 (config-if) # switchport nonegotiate
C3550-2 (config) # vtp mode server
C3550-2 (config) # vtp domain full
View VTP status:
SW3 # show vtp st
VTP Version: 2
Configuration Revision: 0
Maximum VLANs supported locally: 1005
Number of existing VLANs: 9
VTP Operating Mode: Server VTP Domain Name: full VTP Pruning Mode: Enabled
VTP V2 Mode: Enabled
VTP Traps Generation: Disabled
MD5 digest: 0xD3 0xCF 0x2B 0xCD 0x7A 0x73 0x6C 0x01

Sw-2 # show vtp st
VTP Version: 2
Configuration Revision: 0
Maximum VLANs supported locally: 64
Number of existing VLANs: 10
VTP Operating Mode: Transparent VTP Domain Name: sovand.com VTP Pruning Mode: Enabled
VTP V2 Mode: Enabled
VTP Traps Generation: Disabled
MD5 digest: 0xBE 0x71 0x40 0x86 0xE1 0x48 0x5A 0x36
Configuration last modified by 172.16.4.99 at 3-1-93 01:19:26

This article is from the "Searching" blog. For more information, contact the author!

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More