Context Navigation

← Previous Change
Wiki History
Next Change →

NetworkSetup

Timestamp:: Feb 19, 2022, 9:38:43 AM (3 years ago)
Author:: geethike
Comment:: --

Legend:

: Unmodified
: Added
: Removed
: Modified

Cnbp2022/Agenda/NetworkSetup

               v1
+= Campus Network Design - Network Setup =
+----
+In this tutorial, we will establish dual-stack network connectivity within all nodes of the network given below.
+[[Image(vlans.png,85%,border=1, center)]]
+== IP Address Plan ==
+||=     **Device**      =||=    **Management IP Address**       =||=    **MGT Network** =||=    **MGT VLAN**    =||
+||      FAC1    ||      10.1.2.1        ||              10.XY.2.0/24    ||      VLAN 2    ||
+||      FAC1-BLD1-FL0   ||      ~~10.XY.2.2~~ Ignore(LAB only)  ||              10.XY.2.0/24    ||      VLAN 2    ||
+||      FAC1-BLD1-FL1   ||      ~~10.XY.2.3~~ Ignore(LAB only)  ||              10.XY.2.0/24    ||      VLAN 2    ||
+||      FAC1-BLD1-FL2   ||      10.XY.2.4       ||              10.XY.2.0/24    ||      VLAN 2    ||
+||      FAC1-BLD2-FL0   ||      ~~10.XY.2.5~~ Ignore(LAB only)  ||              10.XY.2.0/24    ||      VLAN 2    ||
+||      FAC2    ||      10.1.3.1        ||              10.XY.3.0/24    ||      VLAN 3    ||
+||      FAC2-BLD1-FL1   ||      ~~10.XY.3.2~~ Ignore(LAB only)  ||              10.XY.3.0/24    ||      VLAN 3    ||
+||      FAC2-BLD2-FL1   ||      ~~10.XY.3.3~~ Ignore(LAB only)  ||              10.XY.3.0/24    ||      VLAN 3    ||
+||      FAC2-BLD2-FL3   ||      ~~10.XY.3.4~~ Ignore(LAB only)  ||              10.XY.3.0/24    ||      VLAN 3    ||
+----
+[=#point1]
+||=     **FAC1**        =||=    **Type**        =||=    **VLANS/IP**    =||=    **Native VLAN** =||
+||      F0/0    ||      Routed Link     ||      10.XY.0.6/30[[br]]2401:DD00:20XY:2::FFFF/64     ||      -       ||
+||      F0/1    ||      Routed Link     ||      10.XY.0.1/30[[br]]2401:DD00:20XY:1::FFFE/64     ||      -       ||
+||      F1/0    ||      Trunk   ||      10, 20  ||      2       ||
+||      F1/1    ||      Trunk   ||      20, 30  ||      2       ||
+||      F1/15   ||      Access  ||      5       ||      -       ||
+----
+||=     **FAC2**        =||=    **Type**        =||=    **VLANS/IP**    =||=    **Native VLAN** =||
+||      F0/1    ||      Routed Link     ||      10.XY.0.5/30[[br]]2401:dd00:20XY:2::FFFE/64     ||      -       ||
+||      F1/0    ||      Trunk   ||      60, 70  ||      3       ||
+||      F1/1    ||      Trunk   ||      70, 80  ||      3       ||
+=== Log in to the the devices ===
+In dynagen console type command "list" and it will show you the running devices and console port associated with them.Use terminal emulator (putty) to login to device using local host ip with associated port.
+=== Initial Configurations ===
+Before configuring the devices for the network setup. Let's configure some initial settings in the Core Network Devices.
+Press the '''Enter''' key to go to the user mode of the FAC1 switch. Prompt will look as follows.
+{{{
+FAC1#
+}}}
+In this privileged mode, you can check the router configuration by the following command. The configuration you see will be the default configuration
+{{{
+FAC1#show run
+}}}
+To add configurations you have to go configuration mode. Type '''config terminal'''. Note the prompt change.
+{{{
+FAC1(config)#
+}}}
+> '''note:''' If you get following error,
+> `%Error opening tftp://255.255.255.255/AccessRt-confg (Timed out)`
+> Give the following command in the config mode, `no service config`
+You can now start making configurations.
+ - The first thing you have to add is the hostname of the device. The hostname is the device's identification. In this Lab, device name or the hostname is automatically configured based on the GUI edits we did previously. If you want to change it you may use
+{{{
+hostname <device name>
+}}}
+ - Then let's give a enable secret. Which is a password you set when you go to the privileged mode from the user mode? Make sure to use the '''<class password>''' as the enable secret
+{{{
+enable secret <class password>
+}}}
+ - Add the DNS server
+{{{
+ip name-server 10.XY.0.2
+}}}
+> In your production environment you may use your internal DNS resolver if needed.
+ - Next, you can add a banner to your device. This will display every time you log in to the device
+{{{
+banner motd @ Unauthorized Access is Prohibited! @
+}}}
+ - Add more security by encrypting passwords in your config file
+{{{
+service password-encryption
+}}}
+ - Then lets's configure the line console which is the console port settings
+    * Go to line console config mode
+{{{
+line console 0
+}}}
+    * Enable login authentication. Make sure not to save or exit the router after this command without executing the next command.
+{{{
+login
+}}}
+    * Set the password
+{{{
+password <class password>
+}}}
+ - Finally let's enable ssh (version 2) in the device. Type '''exit''' to go back to previous mode (config mode) from line console config mode
+    * Configure a domain name. Use '''instXY.ac.lk''' for this lab where XY is your group id.
+{{{
+ip domain name instXY.ac.lk
+}}}
+    * Create an ssh user with a password. In here we will use the username admin with the class password
+{{{
+username admin secret <class password>
+}}}
+    * Create a certificate which will use for encryption
+{{{
+crypto key generate rsa
+}}}
+    * Give the size of key as 768 (minimum size needed to activate ssh version 2)
+    * Then Configure the line vty
+{{{
+line vty 0 4
+login local
+transport input ssh
+exit
+}}}
+   * Add SNMP community and location details
+{{{
+snmp-server community CNBP2019 ro
+snmp-server ifindex persist
+snmp-server contact NOC
+snmp-server location Faculty_One
+}}}
+ - Now '''save the configurations'''. you have to Go to privileged mode and give the following command
+{{{
+#copy running-config startup-config
+}}}
+ - Check the configuration by '''show run''' command.
+''' Apply these settings in FAC2 and FAC1-BLD1-FL2 as well'''
+== Core Network Layer ==
+Let's start Configuring the connectivity between the core network (FAC1 and Fac2). We will start with Fac1.
+- Remember, the core network runs on routed ports. Get the IP from the [#point1 table]
+   * Link to Firewall
+{{{
+FAC1(config)# interface fastEthernet 0/1
+FAC1(config-if)# description Link to Firewall
+FAC1(config-if)# ip address 10.XY.0.1 255.255.255.252
+FAC1(config-if)#ipv6 address 2401:dd00:20XY:1::fffe/64
+FAC1(config-if)#no shutdown
+FAC1(config-if)#exit
+}}}
+  * Link to FAC2
+{{{
+FAC1(config)# interface fastEthernet 0/0
+FAC1(config-if)# description Link to FAC2
+FAC1(config-if)# ip address 10.XY.0.6 255.255.255.252
+FAC1(config-if)#ipv6 address 2401:dd00:20XY:2::ffff/64
+FAC1(config-if)#no shutdown
+FAC1(config-if)#exit
+}}}
+* On switch FAC2 we have only one routed port. Get the IP from the [#point1 table]
+   * Link to FAC1
+{{{
+FAC2(config)# interface fastEthernet 0/1
+FAC2(config-if)# description Link to FAC1
+FAC2(config-if)# ip address 10.XY.0.5 255.255.255.252
+FAC2(config-if)#ipv6 address 2401:dd00:20XY:2::fffe/64
+FAC2(config-if)#no shutdown
+FAC2(config-if)#exit
+}}}
+ - Next, we need to configure routing among Core devices. We will configure dynamic routing / OSPF to distribute routing.
+    * On FAC1, Define OSPF process and Process ID. In this lab use process ID as 1
+{{{
+FAC1(config)#ip routing
+FAC1(config)#router ospf 1
+}}}
+    * Give the router ID
+{{{
+FAC1(config-router)#router-id 10.XY.2.1
+}}}
+    * You are announcing the core network and connected subnets. Use this command for this
+{{{
+FAC1(config-router)#redistribute connected subnets
+FAC1(config-router)#network 10.XY.0.0 0.0.0.255 area 2
+FAC1(config-router)#exit
+}}}
+    * Now you have enable OSPF on FAC1 Switch. Now lets add the default Route.
+{{{
+FAC1(config)# ip route 0.0.0.0 0.0.0.0 10.XY.0.2
+}}}
+   * Now let's enable routing for IPv6.
+{{{
+FAC1(config)# ipv6 unicast-routing
+}}}
+    * Create a OSPF v3 instance, Define OSPF process and Process ID. In this lab use process ID as 1
+{{{
+FAC1(config)#ipv6 router ospf 1
+}}}
+    * Give the router ID, this will be the same as ipv4 ospf router ID for simplicity
+{{{
+FAC1(config-rtr)#router-id 10.XY.2.1
+}}}
+    * You are going to redistribute the connected networks. Use this command for that,
+{{{
+FAC1(config-rtr)#redistribute connected
+FAC1(config-rtr)#exit
+}}}
+    * Create the default route
+{{{
+FAC1(config)ipv6 route ::/0 2401:DD00:20XY:1::FFFF
+}}}
+   * Assign ospf to Ports on FAC1
+{{{
+FAC1(config)#int fa 0/0
+FAC1(config-if)#ip ospf 1 area 2
+FAC1(config-if)#ipv6 ospf 1 area 2
+FAC1(config-if)#exit
+}}}
+   * Configure routing on FAC2
+{{{
+FAC2(config)#ip routing
+FAC2(config)#router ospf 1
+FAC2(config-router)#router-id 10.XY.3.1
+FAC2(config-router)#redistribute connected subnets
+FAC2(config-router)#network 10.XY.0.0 0.0.0.255 area 2
+FAC2(config-router)#exit
+FAC2(config)# ip route 0.0.0.0 0.0.0.0 10.XY.0.6
+FAC2(config)# ipv6 unicast-routing
+FAC2(config)#ipv6 router ospf 1
+FAC2(config-rtr)#router-id 10.XY.3.1
+FAC2(config-rtr)#exit
+FAC2(config)#int fa 0/1
+FAC2(config-if)#ip ospf 1 area 2
+FAC2(config-if)#ipv6 ospf 1 area 2
+FAC2(config-if)#exit
+FAC2(config)ipv6 route ::/0 2401:DD00:20XY:2::FFFF
+}}}
+== VLAN Structure ==
+Now we need to create VLANs in each L3 device and configure inter-VLAN routing. We will start with FAC1.
+=== VLANs for FAC1===
+||=     **FAC1**        =||= **VLAN Name**  =||=        **IPv4**        =||=    **IPv6**        =||
+||      VLAN02  ||  FAC1_MGT  ||        10.XY.02.1/24   ||      -       ||
+||      VLAN05  ||  Servers  || 10.XY.05.254/24 ||      2401:DD00:20XY:5::FFFF/64       ||
+||      VLAN10  ||  Dept1  ||   10.XY.10.254/24 ||      2401:DD00:20XY:1110::FFFF/64    ||
+||      VLAN20  ||  Dept2  ||   10.XY.20.254/24 ||      2401:DD00:20XY:1120::FFFF/64    ||
+||      VLAN30  ||  Dept3  ||   10.XY.30.254/24 ||      2401:DD00:20XY:1230::FFFF/64    ||
+* First Create VLANs and provide a suitable description.
+{{{
+Fac1# vlan database
+Fac1(vlan)# vlan 2 name FAC1_MGT
+}}}
+Repeat the same for all other VLAN's in FAC1.
+* Then we need to create vlan interfaces and assign routing.
+{{{
+Fac1(vlan)# exit
+Fac1# config t
+Fac1(config)# interface vlan 2
+Fac1(config-if)# ip address 10.XY.2.1 255.255.255.0
+Fac1(config-if)# ip ospf 1 area 2
+Fac1(config-if)# exit
+}}}
+Following illustrates the dual stack connectivity.
+{{{
+Fac1(config)# interface vlan 5
+Fac1(config-if)# ip address 10.XY.5.254 255.255.255.0
+Fac1(config-if)# ip ospf 1 area 2
+Fac1(config-if)# ipv6 address 2401:DD00:20XY:5::FFFF/64
+Fac1(config-if)# ipv6 ospf 1 area 2
+Fac1(config-if)# exit
+}}}
+* Continue same for the VLAN 10, 20 and 30.
+=== VLANs for FAC2===
+* Configure above same configurations on FAC2 switch for the following VLAN data
+||=     **FAC2**        =||= **VLAN Name**   =||=  **IPv4**     =||=    **IPv6**        =||
+||      VLAN03  ||  FAC2_MGT  ||        10.XY.03.1/24   ||      -       ||
+||      VLAN60  ||  Dept4  ||   10.XY.60.254/24 ||      2401:DD00:20XY:2160::FFFF/64    ||
+||      VLAN70  ||  Dept5  ||   10.XY.70.254/24 ||      2401:DD00:20XY:2270::FFFF/64    ||
+||      VLAN80  ||  Dept6  ||   10.XY.80.254/24 ||      2401:DD00:20XY:2280::FFFF/64    ||
+=== Assign Interfaces  ===
+On L3 devices we can have three types of links,
+* L3 routed ports
+* Trunk ports
+* L2 Access Ports
+We have already configured routed ports and now we need to assign ports to our VLAN's created above.
+* Create Trunk Ports,
+   * First make the interface a trunk port. This is for the link between FAC1 and Building 1
+{{{
+FAC1(config)#interface FastEthernet 1/0
+FAC1(config-if)#switchport mode trunk
+}}}
+   * Define the encapsulation
+{{{
+FAC1(config-if)#switchport trunk encapsulation dot1q
+}}}
+   * Give the Description of the interface
+{{{
+FAC1(config-if)#description link to Building 1
+}}}
+   * Allow the VLAN's that we only need.
+{{{
+FAC1(config-if)#switchport trunk allowed vlan 1,2,10,20,1002-1005
+}}}
+   * Change the Native VLAN
+{{{
+FAC1(config-if)#switchport trunk native vlan 2
+}}}
+Do the same for the other trunk link
+{{{
+FAC1(config)#interface FastEthernet 1/1
+FAC1(config-if)#switchport mode trunk
+FAC1(config-if)#switchport trunk encapsulation dot1q
+FAC1(config-if)#description link to Building 2
+FAC1(config-if)#switchport trunk allowed vlan 1,2,20,30,1002-1005
+FAC1(config-if)#switchport trunk native vlan 2
+FAC1(config-if)#exit
+}}}
+* Create Access ports.
+   * Assign the interface to be in Access Mode
+{{{
+FAC1(config)#interface FastEthernet 1/15
+FAC1(config-if)#switchport mode access
+}}}
+   * Assign the VLAN
+{{{
+FAC1(config-if)#switchport access vlan 5
+}}}
+   * Assign a suitable description
+{{{
+FAC1(config-if)#description link to Monitoring Server
+FAC1(config-if)#exit
+}}}
+Make sure to save your setting with `FAC1#write` and `FAC2#write`
+== Distribution Layer ==
+For the lab purposes, we are using an L3 capable switch platform to illustrate a manageable L2 switch. We need to configure following on the '''FAC1-BLD1-FL2''',
+* Management Network
+* Trunk Ports
+*  Access Ports
+Details of the switch as follows,
+----                                                            ||
+||=     **FAC1-BLD1-FL2**       =||=    **Type**        =||=    **VLANS**       =||=    **Native VLAN** =||
+||      Fa1/0   ||      Access  ||      20      ||      -   ||
+||      Fa1/13  ||      Trunk   ||      20      ||      2   ||
+||      Fa1/14  ||      Trunk   ||      10      ||      2   ||
+||      Fa1/15  ||      Trunk   ||      10,20   ||      2   ||
+=== Configure Management Network ===
+* Create VLAN 2 which is the MGT Network for Faculty 1. Then assign an IP address for the VLAN 2 interface.
+{{{
+FAC1-BLD1-FL2# vlan database
+FAC1-BLD1-FL2(vlan)# vlan 2 name FAC1_MGT
+FAC1-BLD1-FL2(vlan)# exit
+FAC1-BLD1-FL2# config t
+FAC1-BLD1-FL2(config)# interface vlan 2
+FAC1-BLD1-FL2(config-if)# ip address 10.XY.2.4 255.255.255.0
+FAC1-BLD1-FL2(config-if)# exit
+}}}
+*  apply default routing for the subnet.
+{{{
+FAC1-BLD1-FL2(config)#ip route 0.0.0.0 0.0.0.0 10.XY.2.1
+}}}
+=== Configure Trunk Ports ===
+* Before configuring trunks we need to define the vlans first.
+{{{
+FAC1-BLD1-FL2# vlan database
+FAC1-BLD1-FL2(vlan)# vlan 10 name DEPT1
+FAC1-BLD1-FL2(vlan)# vlan 20 name DEPT2
+FAC1-BLD1-FL2(vlan)#exit
+}}}
+* This FAC1-BLD1-FL2 has three trunk ports configure them to allow VLAN 10,20 to fa1/15 and VLAN 10 on fa1/14 and VLAN 20 on fa1/15. We need to configure Native VLAN to VLAN 2 as well.
+{{{
+FAC1-BLD1-FL2(config)#interface FastEthernet 1/15
+FAC1-BLD1-FL2(config-if)#switchport mode trunk
+FAC1-BLD1-FL2(config-if)#switchport trunk encapsulation dot1q
+FAC1-BLD1-FL2(config-if)#description link to FAC1_L3
+FAC1-BLD1-FL2(config-if)#switchport trunk allowed vlan 1,2,10,20,1002-1005
+FAC1-BLD1-FL2(config-if)#switchport trunk native vlan 2
+FAC1-BLD1-FL2(config-if)#exit
+FAC1-BLD1-FL2(config)#interface FastEthernet 1/14
+FAC1-BLD1-FL2(config-if)#switchport mode trunk
+FAC1-BLD1-FL2(config-if)#switchport trunk encapsulation dot1q
+FAC1-BLD1-FL2(config-if)#description link to FAC1-BLD1-FL1A
+FAC1-BLD1-FL2(config-if)#switchport trunk allowed vlan 1,2,10,1002-1005
+FAC1-BLD1-FL2(config-if)#switchport trunk native vlan 2
+FAC1-BLD1-FL2(config-if)#exit
+FAC1-BLD1-FL2(config)#interface FastEthernet 1/13
+FAC1-BLD1-FL2(config-if)#switchport mode trunk
+FAC1-BLD1-FL2(config-if)#switchport trunk encapsulation dot1q
+FAC1-BLD1-FL2(config-if)#description link to FAC1-BLD1-FL1B
+FAC1-BLD1-FL2(config-if)#switchport trunk allowed vlan 1,2,20,1002-1005
+FAC1-BLD1-FL2(config-if)#switchport trunk native vlan 2
+FAC1-BLD1-FL2(config-if)#exit
+}}}
+=== Configure Access Ports ===
+* We have only one access port
+{{{
+FAC1-BLD1-FL2(config)#interface FastEthernet 1/0
+FAC1-BLD1-FL2(config-if)#switchport mode access
+FAC1-BLD1-FL2(config-if)#switchport access vlan 20
+FAC1-BLD1-FL2(config-if)#description link to PC3
+FAC1-BLD1-FL2(config-if)#exit
+}}}
+Make sure to save your setting with `FAC1-BLD1-FL2#write`
+== Configuring the rest L2 network ==
+||=     **FAC1-BLD1-FL1A**      =||=    **Type**        =||=    **VLANS**       =||
+||      e0      ||      Access  ||      10      ||
+||      e7      ||      dot1q   ||              ||
+* Right-click on FAC1-BLD1-FL1A and select '''Configure'''
+* Under Settings, Select
+   * Port: 7
+   * VLAN: 2
+   * Type: dot1q
+* Click Add
+* Repeat again and select,
+   * Port: 0
+   * VLAN: 10
+   * Type: access
+* Click Add
+* Click Apply and OK
+Repeat the same procedure for all other L2 switches but make sure you change the ports as per the tables below,
+----
+||=     **FAC1-BLD1-FL1B**      =||=    **Type**        =||=    **VLANS**       =||
+||      e0      ||      Access  ||      20      ||
+||      e7      ||      dot1q   ||      2       ||
+----                                                            ||
+||=     **FAC1-BLD2-FL0**       =||=    **Type**        =||=    **VLANS**       =||
+||      e0      ||      Access  ||      20      ||
+||      e1      ||      Access  ||      30      ||
+||      e7      ||      dot1q   ||      2       ||
+----
+||=     **FAC2-BLD1-FL1**       =||=    **Type**        =||=    **VLANS**       =||
+||      e0      ||      Access  ||      60      ||
+||      e1      ||      Access  ||      70      ||
+||      e7      ||      dot1q   ||      3       ||
+----
+||=     **FAC2-BLD2-FL1**       =||=    **Type**        =||=    **VLANS**       =||
+||      e0      ||      Access  ||      70      ||
+||      e6      ||      dot1q   ||      3       ||
+||      e7      ||      dot1q   ||      3       ||
+----
+||=     **FAC2-BLD2-FL3**       =||=    **Type**        =||=    **VLANS**       =||
+||      e0      ||      Access  ||      80      ||
+||      e7      ||      dot1q   ||      3       ||
+----
+||=     **DMC** =||=    **Type**        =||     **VLANS**       ||
+||      e0      ||      Access  ||      1       ||
+||      e1      ||      Access  ||      1       ||
+||      e7      ||      Access  ||      1       ||
+== Configure End Devices ==
+=== Configure PC's ===
+* Right click on '''PC-1''' and select '''Console''', this will open a terminal or putty session on your '''User A''' host machine.
+  * Enter following commands,
+{{{
+PC-1> ip 10.XY.10.1 24 10.XY.10.254
+PC-1> ip dns 10.XY.0.1
+PC-1> ip 2401:DD00:20XY:1110::1/64 2401:DD00:20XY:1110::ffff
+PC-1> ip dns6 2401:DD00:20XY:1::FFFE
+PC-1> save
+}}}
+>We will use the DNS forwarder installed in pfsense.
+> On some GNS3 installations on Windows hosts may not support dns6 command, thereofore ignore it
+  * For troubleshooting and configuration verification, we can use:
+{{{
+PC-1> show ip
+PC-1> show ipv6
+}}}
+* Based on the following table configure all other end-user PC's just as above. You may need to change IP addresses.
+||=     **Host Devices**        =||=    **IPv4**        =||=    **IPv6**        =||
+||      PC-1    ||  10.XY.10.1  ||      2401:DD00:20XY:1110::1/64       ||
+||      PC-2    ||              10.XY.20.1      ||      2401:DD00:20XY:1120::1/64       ||
+||      PC-3    ||              10.XY.20.2      ||      2401:DD00:20XY:1120::2/64       ||
+||      PC-4    ||              10.XY.20.3      ||      2401:DD00:20XY:1120::3/64       ||
+||      PC-5    ||      10.XY.30.1      ||      2401:DD00:20XY:1230::1/64       ||
+||      PC-6    ||      10.XY.60.1      ||      2401:DD00:20XY:2160::1/64       ||
+||      PC-7    ||      10.XY.70.1      ||      2401:DD00:20XY:2270::1/64       ||
+||      PC-8    ||      10.XY.70.2      ||      2401:DD00:20XY:2270::2/64       ||
+||      PC-9    ||      10.XY.80.1      ||      2401:DD00:20XY:2280::1/64       ||
+||      Monitoring-Server       ||              10.XY.5.10      ||      2401:DD00:20XY:5::AAAA/64       ||
+||      Web-Server      ||      192.168.XY.100  ||      2401:DD00:20XY:1::PQRW/64       ||
+||      GUI-PC  ||||            via DHCP                ||
+* On '''User B''' switch on '''Monitoring-Server''' and  '''Web-Server'''. Log-in as user '''wsuser''' with the class password.
+   * Edit the following file to insert ip details according to the above table, you may also need to check the [wiki:Cnbp2019/Agenda/IpAllocation IP allocation table].
+{{{
+sudo vi /etc/netplan/50-cloud-init.yaml
+}}}
+   * Edit details as follows on Monitoring Server
+{{{
+# This file describes the network interfaces available on your system
+# For more information, see netplan(5).
+network:
+    ethernets:
+         enp0s3:
+            addresses:
+            - 10.XY.5.10/24
+            - 2401:dd00:20XY:5::AAAA/64
+            dhcp4: false
+            dhcp6: false
+            gateway4: 10.XY.5.254
+            gateway6: 2401:dd00:20XY:5::FFFF
+            nameservers:
+                addresses:
+                - 2401:dd00:20XY:1::FFFF
+                search:
+                - instXY.ac.lk
+    version: 2
+}}}
+   * Restart servers.
+{{{
+sudo init 6
+}}}
+>You need to modify the above settings to suit the IP detail when applying to the webserver
+* Test end-user connectivity using ping command on each.
+== Some commands to check your setup ==
+* Check VLAN Setup
+{{{
+FAC1#show vlan-switch
+}}}
+* Check IP address details
+{{{
+FAC1#show ip interface brief
+FAC1#show ipv6 interface brief
+}}}
+* Check OSPF details
+{{{
+FAC1#show ip ospf
+FAC1#show ipv6 ospf
+}}}
+* Check IP routing details
+{{{
+FAC1#show ip route
+FAC1#show ipv6 route
+}}}
+* Check Interface details
+{{{
+FAC1#show interface switchport
+}}}
+* Check all config
+{{{
+FAC1#show run