You are on page 1of 14

Assignment 1 (a) Basic Inter-VLAN Routing Duration: (2 hours

)
Topology Diagram

Addressing Table
Device (Hostname) S1 S2 Interface VLAN 99 VLAN 99 IP Address 172.17.99.11 172.17.99.12 Subnet Mask 255.255.255.0 255.255.255.0 Default Gateway 172.17.99.1 172.17.99.1

All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.

Page 1 of 14

20.0 172.255.17.99.255.22 172.17.0 /24 172. Inc.1.20 Fa0/1.1 Fa0/1.17.1 /24 172.4.1q Trunks (Native VLAN 99) VLAN 30 – Guest (Default) VLAN 10 – Faculty/Staff VLAN 20 .23 172.17.30.1 N/A N/A 172.255. All rights reserved.0 255.0 255.17.20. You can use any current switches or routers in your lab as long as they have the required interfaces shown in the topology diagram.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.17.17.99.1: Basic Inter-VLAN Routing S3 R1 R1 PC1 PC2 PC3 Server VLAN 99 Fa 0/0 Fa 0/1 NIC NIC NIC NIC 172.254 255.1 See Interface Configuration Table Port Assignments – Switch 2 Ports Fa0/1 – 0/5 Fa0/6 – 0/10 Fa0/11 – 0/17 Fa0/18 – 0/24 Assignment 802.99.17.17.17.17.255.99 Assignment VLAN1 VLAN 10 VLAN 20 VLAN 30 VLAN 99 IP Address 172.0 /24 172.17. Note that Ethernet (10Mb) LAN interfaces on All contents are Copyright © 1992–2007 Cisco Systems.10.10 Fa0/1.10.13 172.10.0 255.0 /24 Interface Configuration Table – Router 1 Interface Fa0/1.Students Network 172.30.50.1 172.0 255.10.30 Fa0/1.30.1 172.30.255.1 172.255.1 /24 Learning Objectives Upon completion of this lab.255.1 /24 172.17. Other device types may produce different output.0 /24 172. This document is Cisco Public Information. Page 2 of 14 .255.50. you will be able to: • • • • • • • • Cable a network according to the topology diagram Clear configurations and reload a switch and a router to the default state Perform basic configuration tasks on a switched LAN and router Configure VLANs and VLAN Trunking Protocol (VTP) on all switches Demonstrate and explain the impact of Layer 3 boundaries imposed by creating VLANs Configure a router to support 802.50.255.20.17.17.21 172.1q trunking on a Fast Ethernet interface Configure a router with subinterfaces corresponding to the configured VLANs Demonstrate and explain inter-VLAN routing Task 1: Prepare the Network Step 1: Cable a network that is similar to the one in the topology diagram.99.17.1 /24 172.0 255.1 /24 172.17.255.1 172.17.20. The output shown in this lab is based on 2960 switches and an 1841 router.255.255.17.17.

Fa0/6. and reload the switches. Fa0/8 Fa0/9.1 if necessary for the procedure.2. Repeat these commands on each switch in the topology.4. Clear NVRAM.----------------------------1 default active Fa0/1. Step 2: Clear any existing configurations on the switches. Fa0/4 Fa0/5. S2.Fa0/24 Gig0/1. Disable DNS lookup. After the reload is complete.3 may not support trunking on Fast Ethernet router interfaces. Use the addressing table and the following guidelines: • • • • • • Configure the switch hostname. Configure an enable secret password of class. one per line. Switch#show vlan VLAN Name Status Ports ---. This document is Cisco Public Information. Switch(config)#interface range fa0/1-24 Switch(config-if-range)#shutdown Switch(config-if-range)#interface range gi0/1-2 Switch(config-if-range)#shutdown Task 2: Perform Basic Switch Configurations Step 1: Configure the S1.-------------------------------. Fa0/7. delete the vlan. use the show vlan command to confirm that only default VLANs exist and that all ports are assigned to VLAN 1. and S3 switches. and Cisco IOS software earlier than version 12. Fa0/12 Fa0/13. Fa0/2. Fa0/3.1: Basic Inter-VLAN Routing routers do not support trunking. Use the interface range command to simplify this task.dat file. Set up console connections to all three switches and to the router. Refer to lab 2.Fa0/20 Fa0/21. Configure a password of cisco for console connections. Fa0/18. Fa0/14. Fa0/11.Fa0/16 Fa0/17. Configure the default gateway on each switch Output for S1 shown Switch>enable Switch#configure terminal Enter configuration commands. Fa0/19. Gig0/2 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active Step 3: Disable all ports using the shutdown command. Configure a password of cisco for vty connections. Page 3 of 14 . All rights reserved. Fa0/22. Fa0/15. Switch(config)#hostname S1 End with CNTL/Z.--------. Ensure that the initial switch port states are inactive by disabling all ports. Inc. Fa0/10. All contents are Copyright © 1992–2007 Cisco Systems.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. Fa0/23.

Switch Name S1 S2 S3 S1: S1(config)#vtp mode server Device mode already VTP SERVER. Remember that VTP domain names and passwords are case-sensitive. Task 4: Configure VTP on the Switches Step 1: Configure VTP on the three switches using the following table.4.1 S1(config)#line console 0 S1(config-line)#password cisco S1(config-line)#login S1(config-line)#line vty 0 15 S1(config-line)#password cisco S1(config-line)#login S1(config-line)#end %SYS-5-CONFIG_I: Configured from console by console S1#copy running-config startup-config Destination filename [startup-config]? [enter] Building configuration.1: Basic Inter-VLAN Routing S1(config)#enable secret class S1(config)#no ip domain-lookup S1(config)#ip default-gateway 172. Step 2: Re-enable the active user ports on S2 in access mode. Page 4 of 14 . S1(config)#vtp domain Lab6 Changing VTP domain name from NULL to Lab6 S1(config)#vtp password cisco Setting device VLAN database password to cisco S1(config)#end VTP Operating Mode Server Client Client VTP Domain Lab6 Lab6 Lab6 VTP Password cisco cisco cisco All contents are Copyright © 1992–2007 Cisco Systems. Inc. S2(config)#interface fa0/6 S2(config-if)#switchport mode access S2(config-if)#no shutdown S2(config-if)#interface fa0/11 S2(config-if)#switchport mode access S2(config-if)#no shutdown S2(config-if)#interface fa0/18 S2(config-if)#switchport mode access S2(config-if)#no shutdown Task 3: Configure the Ethernet Interfaces on the Host PCs Configure the Ethernet interfaces of PC1.. All rights reserved. PC3 and the remote TFTP/Web Server with the IP addresses from the addressing table..99. This document is Cisco Public Information.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.17. PC2.

CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. Page 5 of 14 . All rights reserved. and designate VLAN 99 as the native VLAN for these trunks. Configure the following VLANS on the VTP server: VLAN VLAN 99 VLAN 10 VLAN 20 VLAN 30 S1(config)#vlan 99 S1(config-vlan)#name management VLAN Name management faculty-staff students guest All contents are Copyright © 1992–2007 Cisco Systems. This document is Cisco Public Information. Use the interface range command in global configuration mode to simplify this task. Configure Fa0/1 through Fa0/5 as trunking ports. Inc.1: Basic Inter-VLAN Routing S2: S2(config)#vtp mode client Setting device to VTP CLIENT mode S2(config)#vtp domain Lab6 Changing VTP domain name from NULL to Lab6 S2(config)#vtp password cisco Setting device VLAN database password to cisco S2(config)#end S3: S3(config)#vtp mode client Setting device to VTP CLIENT mode S3(config)#vtp domain Lab6 Changing VTP domain name from NULL to Lab6 S3(config)#vtp password cisco Setting device VLAN database password to cisco S3(config)#end Step 2: Configure trunking ports and designate the native VLAN for the trunks.4. S1(config)#interface range fa0/1-5 S1(config-if-range)#switchport mode trunk S1(config-if-range)#switchport trunk native vlan 99 S1(config-if-range)#no shutdown S1(config-if-range)#end S2(config)# interface range fa0/1-5 S2(config-if-range)#switchport mode trunk S2(config-if-range)#switchport trunk native vlan 99 S2(config-if-range)#no shutdown S2(config-if-range)#end S3(config)# interface range fa0/1-5 S3(config-if-range)#switchport mode trunk S3(config-if-range)#switchport trunk native vlan 99 S3(config-if-range)#no shutdown S3(config-if-range)#end Step 3: Configure VLANs on the VTP server.

Fa0/24.0 S2(config-if)#no shutdown S2(config-if)#end S3(config)#interface vlan 99 S3(config-if)#ip address 172. All rights reserved. This document is Cisco Public Information.0 S3(config-if)#no shutdown S3(config-if)#end Verify that the switches are correctly configured by pinging between them. Use the show vlan brief command on S2 and S3 to verify that the four VLANs have been distributed to the client switches. Fa0/11. Fa0/20. Fa0/7.12 255.17.4.--------.-------------------------------.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. Page 6 of 14 . Fa0/2.255. Gi0/1 Gi0/2 10 faculty-staff active 20 students active 30 guest active 99 management active Step 5: Configure the management interface address on all three switches.Fa0/17 Fa0/18.Fa0/13 Fa0/14.255. troubleshoot the switch configurations and try again.99.0 S1(config-if)#no shutdown S1(config-if)#end S2(config)#interface vlan 99 S2(config-if)#ip address 172. Fa0/4. All contents are Copyright © 1992–2007 Cisco Systems. ping the management interface on S3.99. Fa0/16. Fa0/19. ping the management interface on S2 and S3. From S2.11 255. Fa0/5 Fa0/6.255. Step 4: Verify that the VLANs created on S1 have been distributed to S2 and S3. From S1.99. Fa0/15. Fa0/12.255.1: Basic Inter-VLAN Routing S1(config-vlan)#exit S1(config)#vlan 10 S1(config-vlan)#name faculty-staff S1(config-vlan)#exit S1(config)#vlan 20 S1(config-vlan)#name students S1(config-vlan)#exit S1(config)#vlan 30 S1(config-vlan)#name guest S1(config-vlan)#end Verify that the VLANs have been created on S1 with the show vlan brief command.17. Fa0/8.255. Inc. S1(config)#interface vlan 99 S1(config-if)#ip address 172. Fa0/23.17. S2#show vlan brief VLAN Name Status Ports ---. Were the pings successful? YES_______________________________________________________________ If not.Fa0/21 Fa0/22.13 255. Fa0/9 Fa0/10.----------------------------1 default active Fa0/1.255.

4. Each of the switch ports used by the L3 device is configured in a different VLAN on the switch. is connected to a LAN switch with multiple connections—a separate connection for each VLAN that requires inter-VLAN connectivity. Configure a password of cisco for vty connections. Step 3: Configure the trunking interface on R1.21) to PC2 (172.23).17. Ping from PC1 (172. The first is something of a brute force approach. Configure a password of cisco for console connections. Are the pings successful? no____________________________________________________________________ If not. Save? [yes/no]: no Step 2: Create a basic configuration on the router. Open command windows on the three hosts connected to S2. You have demonstrated that connectivity between VLANs requires routing at the network layer.. This document is Cisco Public Information. Configure an EXEC mode password of cisco.10.17. [OK] Step 7: Check connectivity between VLANs. S2(config)#interface range fa0/6-10 S2(config-if-range)#switchport access vlan 30 S2(config-if-range)#interface range fa0/11-17 S2(config-if-range)#switchport access vlan 10 S2(config-if-range)#interface range fa0/18-24 S2(config-if-range)#switchport access vlan 20 S2(config-if-range)#end S2#copy running-config startup-config Destination filename [startup-config]? [enter] Building configuration.. Router#erase nvram: Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] Erase of nvram: complete Router#reload System configuration has been modified. • • • • • Configure the router with hostname R1. An L3 device. Refer to the port assignments table at the beginning of the lab to assign ports to VLANs on S2. Inc. the All contents are Copyright © 1992–2007 Cisco Systems.22).1: Basic Inter-VLAN Routing Step 6: Assign switch ports to VLANs on S2.17. Ping from PC2 to PC3 (172. After IP addresses are assigned to the interfaces on the L3 device. exactly like connectivity between any two remote networks.30. There are a couple of options for configuring routing between VLANs.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. Disable DNS lookup.20. Page 7 of 14 . why do these pings fail? Bacuse I have not configure the interface on the router______________________ ___________________________________________________________________________________________ ___________________________________________________________________________________________ Task 5: Configure the Router and the Remote Server LAN Step 1: Clear the configuration on the router and reload. either a router or a Layer 3 capable switch. All rights reserved.

but it is good practice to assign the number of the VLAN as the interface number.1: Basic Inter-VLAN Routing routing table has directly connected routes for all VLANS.17. and to configure these connections as dot1q trunks.17.255.255. Confirm creation and status of the subinterfaces with the show ip interface brief command: All contents are Copyright © 1992–2007 Cisco Systems.0 R1(config-if)#interface fastethernet 0/1.255. All rights reserved.99 R1(config-subif)#encapsulation dot1q 99 native R1(config-subif)#ip address 172. called subinterfaces. The virtual interfaces are up by default. Otherwise. An alternative approach is to create one or more Fast Ethernet connections between the L3 device (the router) and the distribution layer switch.0 Note the following points in this configuration: • • • The physical interface is enabled using the no shutdown command.255.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. This can be done by creating “virtual” interfaces.20 R1(config-subif)#encapsulation dot1q 20 R1(config-subif)#ip address 172. as has been done here.17. and inter-VLAN routing is enabled.1 R1(config-subif)#encapsulation dot1q 1 R1(config-subif)#ip address 172.1 255.17.20. The limitations to this approach are the lack of sufficient Fast Ethernet ports on routers.255.4.1 255. However.255. This allows all inter-VLAN traffic to be carried to and from the routing device on a single trunk.10. VLAN 1 would be the native VLAN by default.30.255.1 255.99.10 R1(config-subif)#encapsulation dot1q 10 R1(config-subif)#ip address 172. Inc.1 255. under-utilization of ports on L3 switches and routers. and excessive wiring and manual configuration.255. Page 8 of 14 . and there would be no communication between the router and the management VLAN on the switches. because router interfaces are down by default. The subinterface can use any number that can be described with 32 bits.0 R1(config-if)#interface fastethernet 0/1.0 R1(config-if)#interface fastethernet 0/1. it requires that the L3 interface be configured with multiple IP addresses.30 R1(config-subif)#encapsulation dot1q 30 R1(config-subif)#ip address 172.255. The topology used in this lab does not use this approach. on one of the router Fast Ethernet ports and configuring them to dot1q aware. This document is Cisco Public Information. The native VLAN is specified on the L3 device so that it is consistent with the switches. Using the subinterface configuration approach requires these steps: • • • • Enter subinterface configuration mode Establish trunking encapsulation Associate a VLAN with the subinterface Assign an IP address from the VLAN to the subinterface The commands are as follows: R1(config)#interface fastethernet 0/1 R1(config-if)#no shutdown R1(config-if)#interface fastethernet 0/1.0 R1(config-if)#interface fastethernet 0/1.1.1 255.17.255.

20 172.20. It may take a couple of pings before the end-to-end path is established. FastEthernet0/0 172.0 is directly connected.1 FastEthernet0/1.17.17. FastEthernet0/1. Why would packets from the router or hosts fail when trying to reach the switch management interfaces if the native VLAN were left in default? ___________________________________________________________________________________________ ___________________________________________________________________________________________ All contents are Copyright © 1992–2007 Cisco Systems.30.1.17.17.99 172.17.10.20.0 is directly connected.0 is directly connected. FastEthernet0/1.99 If your routing table does not show all six networks. troubleshoot your configuration and resolve the problem before proceeding. FastEthernet0/1.254) and the other two hosts (172.10 172.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.17.50. R1(config)# interface FastEthernet0/0 R1(config-if)#ip address 172.23).17.17.10 172.17.255.0/24 is subnetted. Page 9 of 14 .99 interface configuration.17.17.0 is directly connected.30. 6 subnets 172.99. the connected interface may go down.1 OK? YES YES YES YES YES YES YES Method unset unset manual manual manual manual manual Status Protocol administratively down down up up up up up up up up up up up up Step 4: Configure the server LAN interface on R1.30 172.17.17. R1#show ip route <output omitted> Gateway of last resort is not set C C C C C C 172. This document is Cisco Public Information. All rights reserved. verify that you can ping the remote server (172. Are the pings successful? Yes________________________________________________________________ If not.0 R1(config-if)#description server interface R1(config-if)#no shutdown R1(config-if)#end There are now six networks configured. Verify that you can route packets to all six by checking the routing table on R1.10. Check to make sure that the default gateways have been set on all PCs and all switches.50. Step 5: Verify Inter-VLAN routing.20 172. If any of the hosts have gone into hibernation.0 is directly connected. troubleshoot your configuration.99.20.1 FastEthernet0/1.30.30 172. FastEthernet0/1.0.1 FastEthernet0/1.1.1 172. From PC1.0 is directly connected. FastEthernet0/1.255.50. it was recommended that you configure VLAN 99 as the native VLAN in the router Fa0/0. Inc.22 and 172.1 255.1 172.17. Task 6: Reflection In Task 5.17.17.1: Basic Inter-VLAN Routing R1#show ip interface brief Interface IP-Address FastEthernet0/0 unassigned FastEthernet0/1 unassigned FastEthernet0/1.4.1 FastEthernet0/1.

255. Final Configurations Router 1 hostname R1 ! enable secret class ! no ip domain lookup ! interface FastEthernet0/0 ip address 172.30.255.0 ! interface FastEthernet0/1.255.20.30 encapsulation dot1Q 30 ip address 172. Inc. Disconnect and store the cabling.0 no shutdown ! interface FastEthernet0/1 no shutdown ! interface FastEthernet0/1.50.1 255.1 255.17.255.255. This document is Cisco Public Information. All rights reserved.17.1: Basic Inter-VLAN Routing ___________________________________________________________________________________________ ___________________________________________________________________________________________ Task 7: Clean Up Erase the configurations and reload the switches.20 encapsulation dot1Q 20 ip address 172.255.255. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet).0 ! <output omitted .255.serial interfaces not configured> ! line con 0 line aux 0 line vty 0 4 login password cisco ! All contents are Copyright © 1992–2007 Cisco Systems.17.255.17. reconnect the appropriate cabling and restore the TCP/IP settings. Page 10 of 14 .0 ! interface FastEthernet0/1.1 255.255.0 ! interface FastEthernet0/1.1 255.17.10 encapsulation dot1Q 10 ip address 172.255.1 255.99 encapsulation dot1Q 99 native ip address 172.1 encapsulation dot1Q 1 ip address 172.1.99.10.0 ! interface FastEthernet0/1.255.4.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.1 255.17.

0 no shutdown ! ip default-gateway 172. This document is Cisco Public Information.17. Page 11 of 14 .11 255.4.255.99.17.255. Inc.1: Basic Inter-VLAN Routing Switch 1 ! hostname S1 ! enable secret class ! no ip domain lookup ! interface FastEthernet0/1 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/2 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/3 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/4 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/5 switchport trunk native vlan 99 switchport mode trunk ! <output omitted . All rights reserved.all remaining ports in shutdown> ! interface Vlan1 no ip address no ip route-cache ! interface Vlan99 ip address 172.1 ip http server ! line con 0 logging synchronous line vty 0 4 login password cisco line vty 5 15 login password cisco Switch 2 ! hostname S2 ! enable secret class All contents are Copyright © 1992–2007 Cisco Systems.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.99.

Inc. This document is Cisco Public Information. Page 12 of 14 . All rights reserved.4.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.1: Basic Inter-VLAN Routing ! no ip domain lookup ! interface FastEthernet0/1 switchport trunk native vlan switchport mode trunk ! interface FastEthernet0/2 switchport trunk native vlan switchport mode trunk ! interface FastEthernet0/3 switchport trunk native vlan switchport mode trunk ! interface FastEthernet0/4 switchport trunk native vlan switchport mode trunk ! interface FastEthernet0/5 switchport trunk native vlan switchport mode trunk ! interface FastEthernet0/6 switchport access vlan 30 switchport mode access ! interface FastEthernet0/7 switchport access vlan 30 ! interface FastEthernet0/8 switchport access vlan 30 ! interface FastEthernet0/9 switchport access vlan 30 ! interface FastEthernet0/10 switchport access vlan 30 ! interface FastEthernet0/11 switchport access vlan 10 switchport mode access ! interface FastEthernet0/12 switchport access vlan 10 ! interface FastEthernet0/13 switchport access vlan 10 ! interface FastEthernet0/14 switchport access vlan 10 ! interface FastEthernet0/15 switchport access vlan 10 ! interface FastEthernet0/16 99 99 99 99 99 All contents are Copyright © 1992–2007 Cisco Systems.

12 255.255.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.99.1 ip http server ! line con 0 password cisco logging synchronous login line vty 0 4 password cisco login line vty 5 15 password cisco login ! end Switch 3 ! hostname S3 ! enable secret class All contents are Copyright © 1992–2007 Cisco Systems. Page 13 of 14 . This document is Cisco Public Information.4.255.17.17.99.0 no shutdown ! ip default-gateway 172. All rights reserved.1: Basic Inter-VLAN Routing switchport access vlan 10 ! interface FastEthernet0/17 switchport access vlan 10 ! interface FastEthernet0/18 switchport access vlan 20 ! interface FastEthernet0/19 switchport access vlan 20 ! interface FastEthernet0/20 switchport access vlan 20 ! interface FastEthernet0/21 switchport access vlan 20 ! interface FastEthernet0/22 switchport access vlan 20 ! interface FastEthernet0/23 switchport access vlan 20 ! interface FastEthernet0/24 switchport access vlan 20 ! interface Vlan1 no ip address no ip route-cache ! interface Vlan99 ip address 172. Inc.

All rights reserved.99. This document is Cisco Public Information.4.13 255.99.0 no shutdown ! ip default-gateway 172.1: Basic Inter-VLAN Routing ! no ip domain lookup ! interface FastEthernet0/1 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/2 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/3 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/4 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/5 switchport trunk native vlan 99 switchport mode trunk ! <output omitted .255. Inc.17.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. Page 14 of 14 .255.all remaining ports in shutdown> ! interface Vlan99 ip address 172.17.1 ip http server ! control-plane ! line con 0 password cisco login line vty 0 4 password cisco login line vty 5 15 password cisco login ! end All contents are Copyright © 1992–2007 Cisco Systems.