You are on page 1of 14

Assignment 1 (a) Basic Inter-VLAN Routing Duration: (2 hours

)
Topology Diagram

Addressing Table
Device (Hostname) S1 S2 Interface VLAN 99 VLAN 99 IP Address 172.17.99.11 172.17.99.12 Subnet Mask 255.255.255.0 255.255.255.0 Default Gateway 172.17.99.1 172.17.99.1

All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.

Page 1 of 14

0 /24 172.1q Trunks (Native VLAN 99) VLAN 30 – Guest (Default) VLAN 10 – Faculty/Staff VLAN 20 .17.1 See Interface Configuration Table Port Assignments – Switch 2 Ports Fa0/1 – 0/5 Fa0/6 – 0/10 Fa0/11 – 0/17 Fa0/18 – 0/24 Assignment 802.17.0 255.17.17.99.255.1 /24 172.17.10. Other device types may produce different output.1 /24 172.255.1 /24 Learning Objectives Upon completion of this lab.17.1 172.17. Page 2 of 14 .17.20.17.20.255.0 /24 Interface Configuration Table – Router 1 Interface Fa0/1.30.23 172.99.0 255.1 172.4.99.0 255.17.30 Fa0/1.17.255.99 Assignment VLAN1 VLAN 10 VLAN 20 VLAN 30 VLAN 99 IP Address 172.22 172.0 /24 172.1 Fa0/1.17.1 N/A N/A 172.20.0 172.20. You can use any current switches or routers in your lab as long as they have the required interfaces shown in the topology diagram.255.99.50.17.30. All rights reserved.1 /24 172.17.17.17. you will be able to: • • • • • • • • Cable a network according to the topology diagram Clear configurations and reload a switch and a router to the default state Perform basic configuration tasks on a switched LAN and router Configure VLANs and VLAN Trunking Protocol (VTP) on all switches Demonstrate and explain the impact of Layer 3 boundaries imposed by creating VLANs Configure a router to support 802.30.254 255. This document is Cisco Public Information.255.50.1: Basic Inter-VLAN Routing S3 R1 R1 PC1 PC2 PC3 Server VLAN 99 Fa 0/0 Fa 0/1 NIC NIC NIC NIC 172.21 172.17.1 172. The output shown in this lab is based on 2960 switches and an 1841 router.255.255.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.10.10.0 255.0 /24 172.255. Note that Ethernet (10Mb) LAN interfaces on All contents are Copyright © 1992–2007 Cisco Systems.Students Network 172.20 Fa0/1.1.50.13 172.10.255.255.30.1 /24 172.17.17.17.0 255. Inc.1 172.1q trunking on a Fast Ethernet interface Configure a router with subinterfaces corresponding to the configured VLANs Demonstrate and explain inter-VLAN routing Task 1: Prepare the Network Step 1: Cable a network that is similar to the one in the topology diagram.10 Fa0/1.255.

Fa0/16 Fa0/17. and S3 switches. Step 2: Clear any existing configurations on the switches. Fa0/10. Fa0/11. Switch(config)#hostname S1 End with CNTL/Z. Switch(config)#interface range fa0/1-24 Switch(config-if-range)#shutdown Switch(config-if-range)#interface range gi0/1-2 Switch(config-if-range)#shutdown Task 2: Perform Basic Switch Configurations Step 1: Configure the S1.dat file.--------.1 if necessary for the procedure. and Cisco IOS software earlier than version 12. Configure the default gateway on each switch Output for S1 shown Switch>enable Switch#configure terminal Enter configuration commands. Fa0/23.Fa0/24 Gig0/1.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.----------------------------1 default active Fa0/1. Repeat these commands on each switch in the topology. Fa0/3.4. and reload the switches.1: Basic Inter-VLAN Routing routers do not support trunking. Set up console connections to all three switches and to the router. Ensure that the initial switch port states are inactive by disabling all ports. Fa0/18. Inc. Fa0/19. Configure an enable secret password of class. This document is Cisco Public Information. Refer to lab 2. Fa0/15. All rights reserved. Configure a password of cisco for vty connections. one per line.Fa0/20 Fa0/21. Fa0/12 Fa0/13. Fa0/8 Fa0/9. delete the vlan. Page 3 of 14 . Fa0/22. Fa0/14. use the show vlan command to confirm that only default VLANs exist and that all ports are assigned to VLAN 1. Disable DNS lookup.-------------------------------. Clear NVRAM. After the reload is complete. Gig0/2 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active Step 3: Disable all ports using the shutdown command. Use the interface range command to simplify this task. S2. Use the addressing table and the following guidelines: • • • • • • Configure the switch hostname. Fa0/4 Fa0/5.3 may not support trunking on Fast Ethernet router interfaces. Fa0/7. Fa0/6.2. Switch#show vlan VLAN Name Status Ports ---. All contents are Copyright © 1992–2007 Cisco Systems. Fa0/2. Configure a password of cisco for console connections.

All rights reserved.1: Basic Inter-VLAN Routing S1(config)#enable secret class S1(config)#no ip domain-lookup S1(config)#ip default-gateway 172. S1(config)#vtp domain Lab6 Changing VTP domain name from NULL to Lab6 S1(config)#vtp password cisco Setting device VLAN database password to cisco S1(config)#end VTP Operating Mode Server Client Client VTP Domain Lab6 Lab6 Lab6 VTP Password cisco cisco cisco All contents are Copyright © 1992–2007 Cisco Systems.. Task 4: Configure VTP on the Switches Step 1: Configure VTP on the three switches using the following table.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. S2(config)#interface fa0/6 S2(config-if)#switchport mode access S2(config-if)#no shutdown S2(config-if)#interface fa0/11 S2(config-if)#switchport mode access S2(config-if)#no shutdown S2(config-if)#interface fa0/18 S2(config-if)#switchport mode access S2(config-if)#no shutdown Task 3: Configure the Ethernet Interfaces on the Host PCs Configure the Ethernet interfaces of PC1.4.99. Page 4 of 14 .. Switch Name S1 S2 S3 S1: S1(config)#vtp mode server Device mode already VTP SERVER. PC2. Remember that VTP domain names and passwords are case-sensitive.17. Step 2: Re-enable the active user ports on S2 in access mode. PC3 and the remote TFTP/Web Server with the IP addresses from the addressing table. Inc.1 S1(config)#line console 0 S1(config-line)#password cisco S1(config-line)#login S1(config-line)#line vty 0 15 S1(config-line)#password cisco S1(config-line)#login S1(config-line)#end %SYS-5-CONFIG_I: Configured from console by console S1#copy running-config startup-config Destination filename [startup-config]? [enter] Building configuration. This document is Cisco Public Information.

S1(config)#interface range fa0/1-5 S1(config-if-range)#switchport mode trunk S1(config-if-range)#switchport trunk native vlan 99 S1(config-if-range)#no shutdown S1(config-if-range)#end S2(config)# interface range fa0/1-5 S2(config-if-range)#switchport mode trunk S2(config-if-range)#switchport trunk native vlan 99 S2(config-if-range)#no shutdown S2(config-if-range)#end S3(config)# interface range fa0/1-5 S3(config-if-range)#switchport mode trunk S3(config-if-range)#switchport trunk native vlan 99 S3(config-if-range)#no shutdown S3(config-if-range)#end Step 3: Configure VLANs on the VTP server. All rights reserved.4. Use the interface range command in global configuration mode to simplify this task. Configure the following VLANS on the VTP server: VLAN VLAN 99 VLAN 10 VLAN 20 VLAN 30 S1(config)#vlan 99 S1(config-vlan)#name management VLAN Name management faculty-staff students guest All contents are Copyright © 1992–2007 Cisco Systems. This document is Cisco Public Information. Page 5 of 14 . Inc.1: Basic Inter-VLAN Routing S2: S2(config)#vtp mode client Setting device to VTP CLIENT mode S2(config)#vtp domain Lab6 Changing VTP domain name from NULL to Lab6 S2(config)#vtp password cisco Setting device VLAN database password to cisco S2(config)#end S3: S3(config)#vtp mode client Setting device to VTP CLIENT mode S3(config)#vtp domain Lab6 Changing VTP domain name from NULL to Lab6 S3(config)#vtp password cisco Setting device VLAN database password to cisco S3(config)#end Step 2: Configure trunking ports and designate the native VLAN for the trunks. and designate VLAN 99 as the native VLAN for these trunks.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. Configure Fa0/1 through Fa0/5 as trunking ports.

troubleshoot the switch configurations and try again. From S1. Fa0/2.----------------------------1 default active Fa0/1.255. Inc. S1(config)#interface vlan 99 S1(config-if)#ip address 172.99.255.4.13 255. Fa0/12. Gi0/1 Gi0/2 10 faculty-staff active 20 students active 30 guest active 99 management active Step 5: Configure the management interface address on all three switches.Fa0/17 Fa0/18.99. Fa0/15.0 S2(config-if)#no shutdown S2(config-if)#end S3(config)#interface vlan 99 S3(config-if)#ip address 172.255. All rights reserved.255. Fa0/19.255. S2#show vlan brief VLAN Name Status Ports ---. Fa0/8. Were the pings successful? YES_______________________________________________________________ If not. Fa0/24.1: Basic Inter-VLAN Routing S1(config-vlan)#exit S1(config)#vlan 10 S1(config-vlan)#name faculty-staff S1(config-vlan)#exit S1(config)#vlan 20 S1(config-vlan)#name students S1(config-vlan)#exit S1(config)#vlan 30 S1(config-vlan)#name guest S1(config-vlan)#end Verify that the VLANs have been created on S1 with the show vlan brief command. Fa0/5 Fa0/6. Fa0/23. Page 6 of 14 . Fa0/20.0 S3(config-if)#no shutdown S3(config-if)#end Verify that the switches are correctly configured by pinging between them. All contents are Copyright © 1992–2007 Cisco Systems. Fa0/16. ping the management interface on S2 and S3.Fa0/21 Fa0/22.17.Fa0/13 Fa0/14. Fa0/4.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.12 255. Fa0/11. Fa0/7. Use the show vlan brief command on S2 and S3 to verify that the four VLANs have been distributed to the client switches.99.-------------------------------.11 255.--------. From S2. This document is Cisco Public Information.17. Step 4: Verify that the VLANs created on S1 have been distributed to S2 and S3. ping the management interface on S3. Fa0/9 Fa0/10.0 S1(config-if)#no shutdown S1(config-if)#end S2(config)#interface vlan 99 S2(config-if)#ip address 172.17.255.

The first is something of a brute force approach. Configure a password of cisco for console connections. Ping from PC2 to PC3 (172. either a router or a Layer 3 capable switch. This document is Cisco Public Information. why do these pings fail? Bacuse I have not configure the interface on the router______________________ ___________________________________________________________________________________________ ___________________________________________________________________________________________ Task 5: Configure the Router and the Remote Server LAN Step 1: Clear the configuration on the router and reload. After IP addresses are assigned to the interfaces on the L3 device. the All contents are Copyright © 1992–2007 Cisco Systems.. Save? [yes/no]: no Step 2: Create a basic configuration on the router.21) to PC2 (172. There are a couple of options for configuring routing between VLANs. You have demonstrated that connectivity between VLANs requires routing at the network layer.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. Page 7 of 14 . Are the pings successful? no____________________________________________________________________ If not. Configure a password of cisco for vty connections. All rights reserved. [OK] Step 7: Check connectivity between VLANs. Open command windows on the three hosts connected to S2.17. Inc. An L3 device. Step 3: Configure the trunking interface on R1.17.. is connected to a LAN switch with multiple connections—a separate connection for each VLAN that requires inter-VLAN connectivity.10.17.30. Configure an EXEC mode password of cisco. exactly like connectivity between any two remote networks.23).4. Router#erase nvram: Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] Erase of nvram: complete Router#reload System configuration has been modified. Refer to the port assignments table at the beginning of the lab to assign ports to VLANs on S2.1: Basic Inter-VLAN Routing Step 6: Assign switch ports to VLANs on S2. Each of the switch ports used by the L3 device is configured in a different VLAN on the switch.20. • • • • • Configure the router with hostname R1.22). Ping from PC1 (172. Disable DNS lookup. S2(config)#interface range fa0/6-10 S2(config-if-range)#switchport access vlan 30 S2(config-if-range)#interface range fa0/11-17 S2(config-if-range)#switchport access vlan 10 S2(config-if-range)#interface range fa0/18-24 S2(config-if-range)#switchport access vlan 20 S2(config-if-range)#end S2#copy running-config startup-config Destination filename [startup-config]? [enter] Building configuration.

and inter-VLAN routing is enabled.20 R1(config-subif)#encapsulation dot1q 20 R1(config-subif)#ip address 172.0 R1(config-if)#interface fastethernet 0/1.4.30 R1(config-subif)#encapsulation dot1q 30 R1(config-subif)#ip address 172. The native VLAN is specified on the L3 device so that it is consistent with the switches. This document is Cisco Public Information.99 R1(config-subif)#encapsulation dot1q 99 native R1(config-subif)#ip address 172. All rights reserved. The limitations to this approach are the lack of sufficient Fast Ethernet ports on routers. The subinterface can use any number that can be described with 32 bits.17.1 255. under-utilization of ports on L3 switches and routers. The topology used in this lab does not use this approach.255.0 R1(config-if)#interface fastethernet 0/1. called subinterfaces.30. because router interfaces are down by default. on one of the router Fast Ethernet ports and configuring them to dot1q aware.255.255.1 255. it requires that the L3 interface be configured with multiple IP addresses.0 Note the following points in this configuration: • • • The physical interface is enabled using the no shutdown command.255.17.0 R1(config-if)#interface fastethernet 0/1.17. as has been done here.1 255. An alternative approach is to create one or more Fast Ethernet connections between the L3 device (the router) and the distribution layer switch.1 255.1: Basic Inter-VLAN Routing routing table has directly connected routes for all VLANS.20.255.255.255.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. and excessive wiring and manual configuration.10.255.10 R1(config-subif)#encapsulation dot1q 10 R1(config-subif)#ip address 172.255.1. The virtual interfaces are up by default.1 255.17. but it is good practice to assign the number of the VLAN as the interface number.255. Inc. Page 8 of 14 . This allows all inter-VLAN traffic to be carried to and from the routing device on a single trunk. Using the subinterface configuration approach requires these steps: • • • • Enter subinterface configuration mode Establish trunking encapsulation Associate a VLAN with the subinterface Assign an IP address from the VLAN to the subinterface The commands are as follows: R1(config)#interface fastethernet 0/1 R1(config-if)#no shutdown R1(config-if)#interface fastethernet 0/1.0 R1(config-if)#interface fastethernet 0/1. Confirm creation and status of the subinterfaces with the show ip interface brief command: All contents are Copyright © 1992–2007 Cisco Systems. VLAN 1 would be the native VLAN by default. This can be done by creating “virtual” interfaces. and to configure these connections as dot1q trunks. Otherwise. However.17.99.1 R1(config-subif)#encapsulation dot1q 1 R1(config-subif)#ip address 172. and there would be no communication between the router and the management VLAN on the switches.

4.99 172. Inc.0 is directly connected. This document is Cisco Public Information.0 is directly connected.50.20 172.22 and 172.254) and the other two hosts (172.1 FastEthernet0/1. FastEthernet0/0 172.1: Basic Inter-VLAN Routing R1#show ip interface brief Interface IP-Address FastEthernet0/0 unassigned FastEthernet0/1 unassigned FastEthernet0/1.255.30. From PC1.17.0.50.23).17. Task 6: Reflection In Task 5.0 R1(config-if)#description server interface R1(config-if)#no shutdown R1(config-if)#end There are now six networks configured.17. Why would packets from the router or hosts fail when trying to reach the switch management interfaces if the native VLAN were left in default? ___________________________________________________________________________________________ ___________________________________________________________________________________________ All contents are Copyright © 1992–2007 Cisco Systems. troubleshoot your configuration and resolve the problem before proceeding. R1(config)# interface FastEthernet0/0 R1(config-if)#ip address 172.30. FastEthernet0/1.0 is directly connected. FastEthernet0/1. R1#show ip route <output omitted> Gateway of last resort is not set C C C C C C 172.255.1 OK? YES YES YES YES YES YES YES Method unset unset manual manual manual manual manual Status Protocol administratively down down up up up up up up up up up up up up Step 4: Configure the server LAN interface on R1. FastEthernet0/1.1.0/24 is subnetted. troubleshoot your configuration.17. Step 5: Verify Inter-VLAN routing.17.17.0 is directly connected.20 172. Are the pings successful? Yes________________________________________________________________ If not.17.50.0 is directly connected.17. If any of the hosts have gone into hibernation.30 172.20.17.10 172.17. it was recommended that you configure VLAN 99 as the native VLAN in the router Fa0/0.99 If your routing table does not show all six networks.17.17.0 is directly connected.1 255.20.1 FastEthernet0/1.99.30.1 FastEthernet0/1. 6 subnets 172.1 FastEthernet0/1.10 172.17.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.30 172. verify that you can ping the remote server (172. Page 9 of 14 . Verify that you can route packets to all six by checking the routing table on R1.17. FastEthernet0/1. Check to make sure that the default gateways have been set on all PCs and all switches.17.10.1 172. It may take a couple of pings before the end-to-end path is established.20. the connected interface may go down.10.1.17.99 interface configuration.99. All rights reserved.1 172. FastEthernet0/1.

255.0 ! interface FastEthernet0/1.30. All rights reserved.99.1 255.17.4.0 ! interface FastEthernet0/1.255.255.255.255. This document is Cisco Public Information.1.1 255.255.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.20. reconnect the appropriate cabling and restore the TCP/IP settings.1 255.1: Basic Inter-VLAN Routing ___________________________________________________________________________________________ ___________________________________________________________________________________________ Task 7: Clean Up Erase the configurations and reload the switches.17.255. Page 10 of 14 .17. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet).10.0 ! <output omitted .1 255.1 255. Final Configurations Router 1 hostname R1 ! enable secret class ! no ip domain lookup ! interface FastEthernet0/0 ip address 172.99 encapsulation dot1Q 99 native ip address 172.255. Inc.17.255.17.20 encapsulation dot1Q 20 ip address 172.30 encapsulation dot1Q 30 ip address 172.1 255.serial interfaces not configured> ! line con 0 line aux 0 line vty 0 4 login password cisco ! All contents are Copyright © 1992–2007 Cisco Systems.17.10 encapsulation dot1Q 10 ip address 172. Disconnect and store the cabling.255.0 no shutdown ! interface FastEthernet0/1 no shutdown ! interface FastEthernet0/1.1 encapsulation dot1Q 1 ip address 172.50.0 ! interface FastEthernet0/1.255.255.0 ! interface FastEthernet0/1.

1 ip http server ! line con 0 logging synchronous line vty 0 4 login password cisco line vty 5 15 login password cisco Switch 2 ! hostname S2 ! enable secret class All contents are Copyright © 1992–2007 Cisco Systems.255.99.4.17.0 no shutdown ! ip default-gateway 172.11 255.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. This document is Cisco Public Information. Page 11 of 14 .1: Basic Inter-VLAN Routing Switch 1 ! hostname S1 ! enable secret class ! no ip domain lookup ! interface FastEthernet0/1 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/2 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/3 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/4 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/5 switchport trunk native vlan 99 switchport mode trunk ! <output omitted .255. Inc. All rights reserved.17.99.all remaining ports in shutdown> ! interface Vlan1 no ip address no ip route-cache ! interface Vlan99 ip address 172.

4. Inc.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. All rights reserved.1: Basic Inter-VLAN Routing ! no ip domain lookup ! interface FastEthernet0/1 switchport trunk native vlan switchport mode trunk ! interface FastEthernet0/2 switchport trunk native vlan switchport mode trunk ! interface FastEthernet0/3 switchport trunk native vlan switchport mode trunk ! interface FastEthernet0/4 switchport trunk native vlan switchport mode trunk ! interface FastEthernet0/5 switchport trunk native vlan switchport mode trunk ! interface FastEthernet0/6 switchport access vlan 30 switchport mode access ! interface FastEthernet0/7 switchport access vlan 30 ! interface FastEthernet0/8 switchport access vlan 30 ! interface FastEthernet0/9 switchport access vlan 30 ! interface FastEthernet0/10 switchport access vlan 30 ! interface FastEthernet0/11 switchport access vlan 10 switchport mode access ! interface FastEthernet0/12 switchport access vlan 10 ! interface FastEthernet0/13 switchport access vlan 10 ! interface FastEthernet0/14 switchport access vlan 10 ! interface FastEthernet0/15 switchport access vlan 10 ! interface FastEthernet0/16 99 99 99 99 99 All contents are Copyright © 1992–2007 Cisco Systems. Page 12 of 14 . This document is Cisco Public Information.

99.1: Basic Inter-VLAN Routing switchport access vlan 10 ! interface FastEthernet0/17 switchport access vlan 10 ! interface FastEthernet0/18 switchport access vlan 20 ! interface FastEthernet0/19 switchport access vlan 20 ! interface FastEthernet0/20 switchport access vlan 20 ! interface FastEthernet0/21 switchport access vlan 20 ! interface FastEthernet0/22 switchport access vlan 20 ! interface FastEthernet0/23 switchport access vlan 20 ! interface FastEthernet0/24 switchport access vlan 20 ! interface Vlan1 no ip address no ip route-cache ! interface Vlan99 ip address 172.255.255. This document is Cisco Public Information.0 no shutdown ! ip default-gateway 172.99. Inc.1 ip http server ! line con 0 password cisco logging synchronous login line vty 0 4 password cisco login line vty 5 15 password cisco login ! end Switch 3 ! hostname S3 ! enable secret class All contents are Copyright © 1992–2007 Cisco Systems.17.17.12 255. Page 13 of 14 .4.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. All rights reserved.

This document is Cisco Public Information.1: Basic Inter-VLAN Routing ! no ip domain lookup ! interface FastEthernet0/1 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/2 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/3 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/4 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/5 switchport trunk native vlan 99 switchport mode trunk ! <output omitted .4.17.13 255.255. All rights reserved.17.99.255. Inc.0 no shutdown ! ip default-gateway 172.1 ip http server ! control-plane ! line con 0 password cisco login line vty 0 4 password cisco login line vty 5 15 password cisco login ! end All contents are Copyright © 1992–2007 Cisco Systems.99.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. Page 14 of 14 .all remaining ports in shutdown> ! interface Vlan99 ip address 172.