Context Navigation

NetworkSetup

Timestamp:: Feb 27, 2019, 8:48:17 AM (5 years ago)
Author:: admin
Comment:: --

Legend:

: Unmodified
: Added
: Removed
: Modified

Cnbp2019/Agenda/NetworkSetup

-              v19
+              v20
 FAC1(config-router)#router-id 10.XY.2.1
 }}}
+    * You are announcing to the default route via FAC1. Use this command for this
+{{{
+FAC1config-router)#default-information originate
+    * You are announcing the core network and connected subnets. Use this command for this
+{{{
+FAC1(config-router)#redistribute connected subnets
+FAC1(config-router)#network 10.XY.0.0 0.0.0.255 area 2
 FAC1(config-router)#exit
 }}}
 …
 FAC1(config-rtr)#router-id 10.XY.2.1
 }}}
     * You are going to originate the default route too. Use this command for that,
 {{{
 FAC1(config-rtr)#default-information originate
+    * You are going to redistribute the connected networks. Use this command for that,
+{{{
+FAC1(config-rtr)#redistribute connected
 FAC1(config-rtr)#exit
 }}}
 …
 FAC2(config)#router ospf 1
 FAC2(config-router)#router-id 10.XY.3.1
+FAC2(config-router)#redistribute connected subnets
+FAC2(config-router)#network 10.XY.0.0 0.0.0.255 area 2
 FAC2(config-router)#exit
 FAC2(config)# ip route 0.0.0.0 0.0.0.0 10.0.0.6
 FAC1(config)# ipv6 unicast-routing
 FAC1(config)#ipv6 router ospf 1
+FAC2(config)# ipv6 unicast-routing
+FAC2(config)#ipv6 router ospf 1
 FAC2(config-rtr)#router-id 10.XY.3.1
 FAC2(config-rtr)#exit
 …
 FAC2(config-if)#ipv6 ospf 1 area 2
 FAC2(config-if)#exit
+FAC2(config)ipv6 route ::/0 2401:DD00:20XY:2::FFFF
 }}}
 …
 }}}
 Repeat the same for other VLAN's as well.
+Repeat the same for all other VLAN's in FAC1.
 * Then we need to create vlan interfaces and assign routing.
 …
 == Assign Interfaces  ==
+=== Assign Interfaces  ===
 On L3 devices we can have three types of links,
 …
 FAC1(config-if)#switchport trunk encapsulation dot1q
 FAC1(config-if)#description link to Building 2
 FAC1(config-if)#
 FAC1(config-if)#
+FAC1(config-if)#switchport trunk allowed vlan 1,2,20,30,1002-1005
+FAC1(config-if)#switchport trunk native vlan 2
 FAC1(config-if)#exit
 }}}
 …
 }}}
+== Distribution Layer ==
+For the lab purposes, we are using an L3 capable switch platform to illustrate a manageable L2 switch. We need to configure following on the '''FAC1-BLD1-FL2''',
+* Management Network
+* Trunk Ports
+*  Access Ports
+=== Configure Management Network ===
+* Create VLAN 2 which is the MGT Network for Faculty 1. Then assign an IP address for the VLAN 2 interface.
+{{{
+FAC1-BLD1-FL2# vlan database
+FAC1-BLD1-FL2(vlan)# vlan 2 name FAC1_MGT
+FAC1-BLD1-FL2(vlan)# exit
+FAC1-BLD1-FL2# config t
+FAC1-BLD1-FL2(config)# interface vlan 2
+FAC1-BLD1-FL2(config-if)# ip address 10.XY.2.4 255.255.255.0
+FAC1-BLD1-FL2(config-if)# exit
+}}}
+*  apply default routing for the subnet.
+{{{
+FAC1-BLD1-FL2(config)#ip route 0.0.0.0 0.0.0.0 10.0.2.1
+}}}
+=== Configure Trunk Ports ===
+* Before configuring trunks we need to define the vlans first.
+{{{
+FAC1-BLD1-FL2# vlan database
+FAC1-BLD1-FL2(vlan)# vlan 10 name DEPT1
+FAC1-BLD1-FL2(vlan)# vlan 20 name DEPT2
+FAC1-BLD1-FL2(vlan)#exit
+}}}
+* This FAC1-BLD1-FL2 has two trunk ports configure them to allow VLAN 10,20 to fa1/15 and VLAN 20 on fa1/14. We need to configure Native VLAN to VLAN 2 as well.
+{{{
+FAC1-BLD1-FL2(config)#interface FastEthernet 1/15
+FAC1-BLD1-FL2(config-if)#switchport mode trunk
+FAC1-BLD1-FL2(config-if)#switchport trunk encapsulation dot1q
+FAC1-BLD1-FL2(config-if)#description link to FAC1_L3
+FAC1-BLD1-FL2(config-if)#switchport trunk allowed vlan 1,2,10,20,1002-1005
+FAC1-BLD1-FL2(config-if)#switchport trunk native vlan 2
+FAC1-BLD1-FL2(config-if)#exit
+FAC1-BLD1-FL2(config)#interface FastEthernet 1/14
+FAC1-BLD1-FL2(config-if)#switchport mode trunk
+FAC1-BLD1-FL2(config-if)#switchport trunk encapsulation dot1q
+FAC1-BLD1-FL2(config-if)#description link to FAC1-BLD1-FL2
+FAC1-BLD1-FL2(config-if)#switchport trunk allowed vlan 1,2,20,1002-1005
+FAC1-BLD1-FL2(config-if)#switchport trunk native vlan 2
+FAC1-BLD1-FL2(config-if)#exit
+}}}
+=== Configure Access Ports ===
+* We have only one access port
+{{{
+FAC1-BLD1-FL2(config)#interface FastEthernet 1/0
+FAC1-BLD1-FL2(config-if)#switchport mode access
+FAC1-BLD1-FL2(config-if)#switchport access vlan 20
+FAC1-BLD1-FL2(config-if)#description link to PC2
+FAC1-BLD1-FL2(config-if)#exit
+}}}
+== Configuring the rest L2 network ==
+* Right-click on FAC1-BLD1-FL1 and select '''Configure'''
+* Under Settings, Select
+   * Port: 7
+   * VLAN: 2
+   * Type: dot1q
+* Click Add
+* Repeat again and select,
+   * Port: 0
+   * VLAN: 10
+   * Type: access
+* Click Add
+* Click Apply and OK
+Repeat the same procedure for all other L2 switches but make sure you change the ports as per the tables below,
+||=     **FAC1-BLD1-FL1**       =||=    **Type**        =||=    **VLANS**       =||
+||      e0      ||      Access  ||      10      ||
+||      e7      ||      dot1q   ||      2       ||
+----
+||=     **FAC1-BLD1-FL2**       =||=    **Type**        =||=    **VLANS**       =||
+||      e0      ||      Access  ||      20      ||
+||      e6      ||      dot1q   ||      2       ||
+||      e7      ||      dot1q   ||      2      ||
+----                                                            ||
+||=     **FAC1-BLD2-FL0**       =||=    **Type**        =||=    **VLANS**       =||=    **Native VLAN** =||
+||      e0      ||      Access  ||      20      ||      -       ||
+||      e1      ||      Access  ||      30      ||      -       ||
+||      e7      ||      Trunk   ||      20, 30  ||      2       ||
+----
+||=     **FAC2-BLD1-FL1**       =||=    **Type**        =||=    **VLANS**       =||=    **Native VLAN** =||
+||      e0      ||      Access  ||      60      ||      -       ||
+||      e1      ||      Access  ||      70      ||      -       ||
+||      e7      ||      Trunk   ||      60, 70  ||      3       ||
+----
+||=     **FAC2-BLD2-FL1**       =||=    **Type**        =||=    **VLANS**       =||=    **Native VLAN** =||
+||      e0      ||      Access  ||      70      ||      -       ||
+||      e6      ||      Trunk   ||      80      ||      3       ||
+||      e7      ||      Trunk   ||      70, 80  ||      3       ||
+----
+||=     **FAC2-BLD2-FL3**       =||=    **Type**        =||=    **VLANS**       =||
+||      e0      ||      Access  ||      80      ||
+||      e7      ||      Trunk   ||      3       ||
+----
+||=     **DMC** =||=    **Type**        =||     **VLANS**       ||
+||      e0      ||      Access  ||      1       ||
+||      e1      ||      Access  ||      1       ||
+||      e7      ||      Access  ||      1       ||
 …
- - Next configure fast ethernet interface which connects to the Core device and give a description
-{{{
-Dept1Sw(config)#interface FastEthernet 1/15
-Dept1Sw(config-if)#switchport mode trunk
-Dept1Sw(config-if)#switchport trunk encapsulation dot1q
-Dept1Sw(config-if)#description link to FacACore
-Dept1Sw(config-if)#exit
-}}}
- - Configure fast ethernet interface, which connects to the User PC to an access port of VLAN 10 and give a description
-{{{
-Dept1Sw(config)#interface FastEthernet 1/0
-Dept1Sw(config-if)#switchport mode access
-Dept1Sw(config-if)#switchport access vlan 10
-Dept1Sw(config-if)#description link to Dept1PC
-Dept1Sw(config-if)#exit
-}}}
- - Follow the same steps for Dept2Sw
-{{{
-Dept2Sw(config)# vlan 20
-Dept2Sw(config-vlan)# name Dept2
-Dept2Sw(config-vlan)# exit
-Dept2Sw(config)#interface FastEthernet 1/15
-Dept2Sw(config-if)#switchport mode trunk
-Dept2Sw(config-if)#switchport trunk encapsulation dot1q
-Dept2Sw(config-if)#description link to FacBCore
-Dept2Sw(config-if)#exit
-Dept2Sw(config)#interface FastEthernet 1/0
-Dept2Sw(config-if)#switchport mode access
-Dept2Sw(config-if)#switchport access vlan 20
-Dept2Sw(config-if)#description link to Dept2PC
-Dept2Sw(config-if)#exit
-}}}
- - You have configured your distribution layer. Check and verify the connectivity
     * Go to Dept1PC and try ping the gateway (VLAN 10 Interface IP of FacACore)
 {{{
 …
     * Try the same in Dept2PC
+==== Connecting LAN to the Router ====
+Your Campus LAN is connecting to the outside through a border router. Your !CampusCore switch connects to this border router. In this link router's fast ethernet interface IP connects with the Core switch's vlan interface IP. Let's start configuring this link starting from the !CampusCore.
+ - Login to !CampusCore switch and switch to config mode
+ - Create VLAN 255 and name it Public
+{{{
+CampusCore(config)# vlan 255
+CampusCore(config-vlan)# name Public
+CampusCore(config-vlan)# exit
+}}}
+ - Then assign the IP Address to the VLAN interface. Get the IP from the [#point1 table]. In the real situation this VLAN could be a public IP range which is assign to your Institute. In this Lab we are using a private IP block.
+{{{
+CampusCore(config)#interface vlan 255
+CampusCore(config-if)# ip address 10.0.255.253 255.255.255.0
+CampusCore(config-if)# exit
+}}}
+ - Next configure fast ethernet interface which connects to the Core device and give a description.You can find then from the [#point2 table]
+{{{
+CampusCore(config)#interface FastEthernet 1/15
+CampusCore(config-if)#switchport mode access
+CampusCore(config-if)#switchport access vlan 255
+CampusCore(config-if)#description link to Border Router
+CampusCore(config-if)#speed 100
+CampusCore(config-if)#duplex full
+CampusCore(config-if)#exit
+}}}
+'''Note''': In the real environment you might not need Duplex and Speed. It will be negotiate automatically
+ - Now you have done !CampusCore configuration. Let's start routers Configuration.
+ - Login to !BorderRt Router and switch to config mode
+ - Router's IP allocation is as follows. You can get your Router's IP address from [wiki:2017Ipv6ipallocation here]
+||= Interface Name =||= IP Address =||
+||Fast Ethernet 0/0 ||10.0.255.254/24||
+||Fast Ethernet 0/1 ||<Your Routers WAN IP>||
+ - Let's configure the LAN port (fa 0/0)
+{{{
+BorderRt(config)#interface fastEthernet 0/0
+BorderRt(config-if)#ip address 10.0.255.254 255.255.255.0
+BorderRt(config-if)#description LAN Port connects to CampusCore
+BorderRt(config-if)#no shutdown
+BorderRt(config-if)#speed 100
+BorderRt(config-if)#duplex full
+BorderRt(config-if)#exit
+}}}
+ - Configure the WAN port (fa 0/1)
+{{{
+BorderRt(config)#interface fastEthernet 0/1
+BorderRt(config-if)#ip address x.x.x.x 255.255.255.0
+BorderRt(config-if)#description WAN Port Bridged with CampusLAN host
+BorderRt(config-if)#no shutdown
+BorderRt(config-if)#exit
+}}}
+ - You have successfully finished connecting !CampusCore to the !BorderRt router. Let's verify the connectivity using the ping command.
+ - Go to !BorderRt and ping to !CampusCore switch's VLAN 255 Interface IP
+{{{
+ping 10.0.255.253
+}}}
+ - Now Check the routers connectivity in WAN port. Ping to the WAN Gateway
+{{{
+ping 192.248.6.254
+}}}
+ - Both these ping commands should give you a reply
+==== Routing ====
+If You go to the Dept1PC and try a Ping to Dept2PC (10.0.20.1) and !BorderRt router LAN port(10.0.255.254), you will not get a reply. That is because you don't have inter VLAN routing yet. In this Lab we will enable OSPF in all the Layer 3 devices and we will add default routes as following table.
+ - Following are the default routes of the devices
+||= Device =||= Default Route Destination IP =||= Default Route Destination Description =||
+|| !BorderRt || 192.248.6.254 || This is Configured in the router in the Lab ||
+|| !CampusCore || 10.0.255.254 || !BorderRt routers LAN interface IP ||
+|| FacACore || 10.0.2.1 || !CampusCore Switches VLAN2 Interface IP ||
+|| FacBCore || 10.0.2.1 || !CampusCore Switches VLAN2 Interface IP ||
+|| Dept1PC || none || This is a L2 device ||
+|| Dept2PC || none || This is a L2 device ||
+|| Dept1PC || 10.0.10.254 || FacACore Switches VLAN10 Interface IP ||
+|| Dept2PC || 10.0.20.254 || FacBCore Switches VLAN20 Interface IP ||
+ - Now let's enable OSPF on Core devices. Starting from !CampusCore
+    * Login to !CampusCore switch and switch to config mode
+    * Define OSPF process and Process ID. In this lab use process ID as 1
+{{{
+CampusCore(config)#router ospf 1
+}}}
+    * Give the router ID
+{{{
+CampusCore(config-router)#router-id 10.0.2.1
+}}}
+    * You are going to announce the subnets which are directly connects to you. Use this command for that
+{{{
+CampusCore(config-router)#redistribute connected subnets
+}}}
+    * You are announcing to the core network (10.0.2.0/24) in area 2. Use this command for this
+{{{
+CampusCore(config-router)#network 10.0.2.0 0.0.0.255 area 2
+CampusCore(config-router)#exit
+}}}
+    * You are enabling OSPF on VLAN 2. Use this command for that.
+{{{
+CampusCore(config)#interface vlan 2
+CampusCore(config-if)# ip ospf 1 area 2
+CampusCore(config-if)# exit
+}}}
+    * Now you have enable OSPF on !CampusCore Switch. Now lets add the default Route.
+{{{
+CampusCore(config)# ip route 0.0.0.0 0.0.0.0 10.0.255.254
+}}}
+ - Follow the same steps in FacACore and FacBCore
+    * FacACore
+{{{
+FacACore(config)#router ospf 1
+FacACore(config-router)#router-id 10.0.2.2
+FacACore(config-router)#redistribute connected subnets
+FacACore(config-router)#network 10.0.2.0 0.0.0.255 area 2
+FacACore(config-router)#exit
+FacACore(config)#interface vlan 2
+FacACore(config-if)# ip ospf 1 area 2
+FacACore(config-if)# exit
+FacACore(config)# ip route 0.0.0.0 0.0.0.0 10.0.2.1
+}}}
+    * FacBCore
+{{{
+FacBCore(config)#router ospf 1
+FacBCore(config-router)#router-id 10.0.2.3
+FacBCore(config-router)#redistribute connected subnets
+FacBCore(config-router)#network 10.0.2.0 0.0.0.255 area 2
+FacBCore(config-router)#exit
+FacBCore(config)#interface vlan 2
+FacBCore(config-if)# ip ospf 1 area 2
+FacBCore(config-if)# exit
+FacBCore(config)# ip route 0.0.0.0 0.0.0.0 10.0.2.1
+}}}
+ - Now you have enable Routing in your Core network. Let's verify whether it is working.
+   * Go to Dept1PC and try a Ping to Dept2PC
+{{{
+ping 10.0.20.1
+}}}
+   * It should give you a reply
+ - add the !BorderRt Routers default gateway
+    * Go to !BorderRt and switch to config mode
+    * Add the default route
+{{{
+BorderRt(config)# ip route 0.0.0.0 0.0.0.0 192.248.6.254
+}}}
     * Verify the route by ping a known host from the !BorderRt router
 {{{