You are on page 1of 14

Assignment 1 (a) Basic Inter-VLAN Routing Duration: (2 hours

)
Topology Diagram

Addressing Table
Device (Hostname) S1 S2 Interface VLAN 99 VLAN 99 IP Address 172.17.99.11 172.17.99.12 Subnet Mask 255.255.255.0 255.255.255.0 Default Gateway 172.17.99.1 172.17.99.1

All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.

Page 1 of 14

255.17.255.254 255.17.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. you will be able to: • • • • • • • • Cable a network according to the topology diagram Clear configurations and reload a switch and a router to the default state Perform basic configuration tasks on a switched LAN and router Configure VLANs and VLAN Trunking Protocol (VTP) on all switches Demonstrate and explain the impact of Layer 3 boundaries imposed by creating VLANs Configure a router to support 802.1q trunking on a Fast Ethernet interface Configure a router with subinterfaces corresponding to the configured VLANs Demonstrate and explain inter-VLAN routing Task 1: Prepare the Network Step 1: Cable a network that is similar to the one in the topology diagram.22 172.0 /24 Interface Configuration Table – Router 1 Interface Fa0/1.1 172.50.17.1 172.17.17.0 255.255.0 255.17.23 172.20.Students Network 172.1q Trunks (Native VLAN 99) VLAN 30 – Guest (Default) VLAN 10 – Faculty/Staff VLAN 20 .20 Fa0/1.13 172.17.50. Other device types may produce different output.17.20.10.1 /24 172.50.99.30. You can use any current switches or routers in your lab as long as they have the required interfaces shown in the topology diagram.1 /24 172.10.0 255.20.1 N/A N/A 172.1 172.17. All rights reserved.255.255.4.21 172.0 255.17.255.10.10 Fa0/1.255.255.17.17.1 /24 Learning Objectives Upon completion of this lab.1 /24 172.0 172.20.10. Page 2 of 14 .255.1 172.0 /24 172.17.0 /24 172.1: Basic Inter-VLAN Routing S3 R1 R1 PC1 PC2 PC3 Server VLAN 99 Fa 0/0 Fa 0/1 NIC NIC NIC NIC 172.30.99.99.0 /24 172.17. Inc. This document is Cisco Public Information.30.17.1 Fa0/1.99 Assignment VLAN1 VLAN 10 VLAN 20 VLAN 30 VLAN 99 IP Address 172.17.17.255.1. Note that Ethernet (10Mb) LAN interfaces on All contents are Copyright © 1992–2007 Cisco Systems. The output shown in this lab is based on 2960 switches and an 1841 router.1 See Interface Configuration Table Port Assignments – Switch 2 Ports Fa0/1 – 0/5 Fa0/6 – 0/10 Fa0/11 – 0/17 Fa0/18 – 0/24 Assignment 802.99.17.0 255.17.1 /24 172.17.30.255.30 Fa0/1.255.

Repeat these commands on each switch in the topology. Inc. S2.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. Clear NVRAM. and reload the switches.Fa0/20 Fa0/21. Fa0/18. Fa0/8 Fa0/9. Fa0/19. Fa0/22. one per line. use the show vlan command to confirm that only default VLANs exist and that all ports are assigned to VLAN 1. All rights reserved. Fa0/12 Fa0/13. Configure a password of cisco for console connections. Switch(config)#interface range fa0/1-24 Switch(config-if-range)#shutdown Switch(config-if-range)#interface range gi0/1-2 Switch(config-if-range)#shutdown Task 2: Perform Basic Switch Configurations Step 1: Configure the S1. Refer to lab 2.4. Fa0/3.dat file. Configure the default gateway on each switch Output for S1 shown Switch>enable Switch#configure terminal Enter configuration commands. This document is Cisco Public Information.2. Fa0/23. Fa0/11. Fa0/7.--------. Fa0/2. Switch#show vlan VLAN Name Status Ports ---. Page 3 of 14 . Gig0/2 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active Step 3: Disable all ports using the shutdown command. delete the vlan. Set up console connections to all three switches and to the router. Fa0/15.3 may not support trunking on Fast Ethernet router interfaces. Disable DNS lookup. All contents are Copyright © 1992–2007 Cisco Systems. Ensure that the initial switch port states are inactive by disabling all ports. Fa0/14.-------------------------------. Fa0/6.----------------------------1 default active Fa0/1. and S3 switches. and Cisco IOS software earlier than version 12.1 if necessary for the procedure.Fa0/24 Gig0/1. Switch(config)#hostname S1 End with CNTL/Z.1: Basic Inter-VLAN Routing routers do not support trunking. Use the addressing table and the following guidelines: • • • • • • Configure the switch hostname. Configure a password of cisco for vty connections. After the reload is complete. Fa0/4 Fa0/5. Configure an enable secret password of class. Fa0/10.Fa0/16 Fa0/17. Step 2: Clear any existing configurations on the switches. Use the interface range command to simplify this task.

Remember that VTP domain names and passwords are case-sensitive. Inc.99. Switch Name S1 S2 S3 S1: S1(config)#vtp mode server Device mode already VTP SERVER. Step 2: Re-enable the active user ports on S2 in access mode.17. PC3 and the remote TFTP/Web Server with the IP addresses from the addressing table.4.1 S1(config)#line console 0 S1(config-line)#password cisco S1(config-line)#login S1(config-line)#line vty 0 15 S1(config-line)#password cisco S1(config-line)#login S1(config-line)#end %SYS-5-CONFIG_I: Configured from console by console S1#copy running-config startup-config Destination filename [startup-config]? [enter] Building configuration..CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.1: Basic Inter-VLAN Routing S1(config)#enable secret class S1(config)#no ip domain-lookup S1(config)#ip default-gateway 172.. Page 4 of 14 . All rights reserved. S2(config)#interface fa0/6 S2(config-if)#switchport mode access S2(config-if)#no shutdown S2(config-if)#interface fa0/11 S2(config-if)#switchport mode access S2(config-if)#no shutdown S2(config-if)#interface fa0/18 S2(config-if)#switchport mode access S2(config-if)#no shutdown Task 3: Configure the Ethernet Interfaces on the Host PCs Configure the Ethernet interfaces of PC1. S1(config)#vtp domain Lab6 Changing VTP domain name from NULL to Lab6 S1(config)#vtp password cisco Setting device VLAN database password to cisco S1(config)#end VTP Operating Mode Server Client Client VTP Domain Lab6 Lab6 Lab6 VTP Password cisco cisco cisco All contents are Copyright © 1992–2007 Cisco Systems. Task 4: Configure VTP on the Switches Step 1: Configure VTP on the three switches using the following table. PC2. This document is Cisco Public Information.

CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. and designate VLAN 99 as the native VLAN for these trunks. Page 5 of 14 . Inc. All rights reserved. S1(config)#interface range fa0/1-5 S1(config-if-range)#switchport mode trunk S1(config-if-range)#switchport trunk native vlan 99 S1(config-if-range)#no shutdown S1(config-if-range)#end S2(config)# interface range fa0/1-5 S2(config-if-range)#switchport mode trunk S2(config-if-range)#switchport trunk native vlan 99 S2(config-if-range)#no shutdown S2(config-if-range)#end S3(config)# interface range fa0/1-5 S3(config-if-range)#switchport mode trunk S3(config-if-range)#switchport trunk native vlan 99 S3(config-if-range)#no shutdown S3(config-if-range)#end Step 3: Configure VLANs on the VTP server. Configure Fa0/1 through Fa0/5 as trunking ports.1: Basic Inter-VLAN Routing S2: S2(config)#vtp mode client Setting device to VTP CLIENT mode S2(config)#vtp domain Lab6 Changing VTP domain name from NULL to Lab6 S2(config)#vtp password cisco Setting device VLAN database password to cisco S2(config)#end S3: S3(config)#vtp mode client Setting device to VTP CLIENT mode S3(config)#vtp domain Lab6 Changing VTP domain name from NULL to Lab6 S3(config)#vtp password cisco Setting device VLAN database password to cisco S3(config)#end Step 2: Configure trunking ports and designate the native VLAN for the trunks. Use the interface range command in global configuration mode to simplify this task. This document is Cisco Public Information. Configure the following VLANS on the VTP server: VLAN VLAN 99 VLAN 10 VLAN 20 VLAN 30 S1(config)#vlan 99 S1(config-vlan)#name management VLAN Name management faculty-staff students guest All contents are Copyright © 1992–2007 Cisco Systems.4.

Fa0/23. Fa0/19. Fa0/20.255.255. S1(config)#interface vlan 99 S1(config-if)#ip address 172. Fa0/11.0 S2(config-if)#no shutdown S2(config-if)#end S3(config)#interface vlan 99 S3(config-if)#ip address 172.17.11 255. This document is Cisco Public Information.255. S2#show vlan brief VLAN Name Status Ports ---.0 S1(config-if)#no shutdown S1(config-if)#end S2(config)#interface vlan 99 S2(config-if)#ip address 172.17. Page 6 of 14 .Fa0/13 Fa0/14. ping the management interface on S3.0 S3(config-if)#no shutdown S3(config-if)#end Verify that the switches are correctly configured by pinging between them. Fa0/12.255. Fa0/16. Fa0/9 Fa0/10.99.255. From S1. Gi0/1 Gi0/2 10 faculty-staff active 20 students active 30 guest active 99 management active Step 5: Configure the management interface address on all three switches.99. Fa0/7.17. ping the management interface on S2 and S3. troubleshoot the switch configurations and try again. Fa0/15. Step 4: Verify that the VLANs created on S1 have been distributed to S2 and S3.13 255.Fa0/17 Fa0/18. Fa0/2.----------------------------1 default active Fa0/1. Were the pings successful? YES_______________________________________________________________ If not. Inc.Fa0/21 Fa0/22. Use the show vlan brief command on S2 and S3 to verify that the four VLANs have been distributed to the client switches. From S2. All contents are Copyright © 1992–2007 Cisco Systems. All rights reserved.-------------------------------. Fa0/4.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. Fa0/24.4. Fa0/8.255.--------.99. Fa0/5 Fa0/6.1: Basic Inter-VLAN Routing S1(config-vlan)#exit S1(config)#vlan 10 S1(config-vlan)#name faculty-staff S1(config-vlan)#exit S1(config)#vlan 20 S1(config-vlan)#name students S1(config-vlan)#exit S1(config)#vlan 30 S1(config-vlan)#name guest S1(config-vlan)#end Verify that the VLANs have been created on S1 with the show vlan brief command.12 255.

why do these pings fail? Bacuse I have not configure the interface on the router______________________ ___________________________________________________________________________________________ ___________________________________________________________________________________________ Task 5: Configure the Router and the Remote Server LAN Step 1: Clear the configuration on the router and reload. Each of the switch ports used by the L3 device is configured in a different VLAN on the switch.4.17.30. either a router or a Layer 3 capable switch. After IP addresses are assigned to the interfaces on the L3 device.21) to PC2 (172.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. Configure a password of cisco for vty connections. Open command windows on the three hosts connected to S2. All rights reserved.17. Step 3: Configure the trunking interface on R1. Configure an EXEC mode password of cisco. the All contents are Copyright © 1992–2007 Cisco Systems. is connected to a LAN switch with multiple connections—a separate connection for each VLAN that requires inter-VLAN connectivity.22). Inc.. The first is something of a brute force approach.23). Are the pings successful? no____________________________________________________________________ If not. This document is Cisco Public Information.1: Basic Inter-VLAN Routing Step 6: Assign switch ports to VLANs on S2. Refer to the port assignments table at the beginning of the lab to assign ports to VLANs on S2. Ping from PC2 to PC3 (172. An L3 device. exactly like connectivity between any two remote networks. S2(config)#interface range fa0/6-10 S2(config-if-range)#switchport access vlan 30 S2(config-if-range)#interface range fa0/11-17 S2(config-if-range)#switchport access vlan 10 S2(config-if-range)#interface range fa0/18-24 S2(config-if-range)#switchport access vlan 20 S2(config-if-range)#end S2#copy running-config startup-config Destination filename [startup-config]? [enter] Building configuration.20.10. Page 7 of 14 .. There are a couple of options for configuring routing between VLANs. Save? [yes/no]: no Step 2: Create a basic configuration on the router. [OK] Step 7: Check connectivity between VLANs. Configure a password of cisco for console connections. • • • • • Configure the router with hostname R1. Disable DNS lookup. Ping from PC1 (172. Router#erase nvram: Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] Erase of nvram: complete Router#reload System configuration has been modified. You have demonstrated that connectivity between VLANs requires routing at the network layer.17.

1: Basic Inter-VLAN Routing routing table has directly connected routes for all VLANS. and inter-VLAN routing is enabled.1 255.255.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. under-utilization of ports on L3 switches and routers.0 Note the following points in this configuration: • • • The physical interface is enabled using the no shutdown command. as has been done here. it requires that the L3 interface be configured with multiple IP addresses.255.255.30.255.0 R1(config-if)#interface fastethernet 0/1.1 255.255. This can be done by creating “virtual” interfaces.1 R1(config-subif)#encapsulation dot1q 1 R1(config-subif)#ip address 172. Confirm creation and status of the subinterfaces with the show ip interface brief command: All contents are Copyright © 1992–2007 Cisco Systems. This allows all inter-VLAN traffic to be carried to and from the routing device on a single trunk. Otherwise. but it is good practice to assign the number of the VLAN as the interface number.255.99.17.0 R1(config-if)#interface fastethernet 0/1. Inc. and excessive wiring and manual configuration.10. and to configure these connections as dot1q trunks.17. VLAN 1 would be the native VLAN by default.20.99 R1(config-subif)#encapsulation dot1q 99 native R1(config-subif)#ip address 172.255. The virtual interfaces are up by default. The topology used in this lab does not use this approach.1 255. Page 8 of 14 .30 R1(config-subif)#encapsulation dot1q 30 R1(config-subif)#ip address 172. because router interfaces are down by default. This document is Cisco Public Information.0 R1(config-if)#interface fastethernet 0/1. called subinterfaces. However. on one of the router Fast Ethernet ports and configuring them to dot1q aware.4.255.17.255. The subinterface can use any number that can be described with 32 bits.10 R1(config-subif)#encapsulation dot1q 10 R1(config-subif)#ip address 172.20 R1(config-subif)#encapsulation dot1q 20 R1(config-subif)#ip address 172.1.255. Using the subinterface configuration approach requires these steps: • • • • Enter subinterface configuration mode Establish trunking encapsulation Associate a VLAN with the subinterface Assign an IP address from the VLAN to the subinterface The commands are as follows: R1(config)#interface fastethernet 0/1 R1(config-if)#no shutdown R1(config-if)#interface fastethernet 0/1. All rights reserved.17. The native VLAN is specified on the L3 device so that it is consistent with the switches. and there would be no communication between the router and the management VLAN on the switches. The limitations to this approach are the lack of sufficient Fast Ethernet ports on routers.0 R1(config-if)#interface fastethernet 0/1.17.1 255.1 255. An alternative approach is to create one or more Fast Ethernet connections between the L3 device (the router) and the distribution layer switch.

FastEthernet0/0 172.255. R1(config)# interface FastEthernet0/0 R1(config-if)#ip address 172.10.20.23).17.1.4.99. FastEthernet0/1. It may take a couple of pings before the end-to-end path is established. it was recommended that you configure VLAN 99 as the native VLAN in the router Fa0/0.1 FastEthernet0/1. If any of the hosts have gone into hibernation.20 172.99.99 172.17. FastEthernet0/1. 6 subnets 172. verify that you can ping the remote server (172.17. FastEthernet0/1.1 172.50. Inc.17.1 FastEthernet0/1. Page 9 of 14 . Verify that you can route packets to all six by checking the routing table on R1. FastEthernet0/1.1 FastEthernet0/1.1 OK? YES YES YES YES YES YES YES Method unset unset manual manual manual manual manual Status Protocol administratively down down up up up up up up up up up up up up Step 4: Configure the server LAN interface on R1.10.0 is directly connected.22 and 172. R1#show ip route <output omitted> Gateway of last resort is not set C C C C C C 172. From PC1.0 is directly connected.30 172.17.0 is directly connected.0 is directly connected.254) and the other two hosts (172. Why would packets from the router or hosts fail when trying to reach the switch management interfaces if the native VLAN were left in default? ___________________________________________________________________________________________ ___________________________________________________________________________________________ All contents are Copyright © 1992–2007 Cisco Systems.10 172.99 If your routing table does not show all six networks.10 172.1: Basic Inter-VLAN Routing R1#show ip interface brief Interface IP-Address FastEthernet0/0 unassigned FastEthernet0/1 unassigned FastEthernet0/1.30 172. troubleshoot your configuration and resolve the problem before proceeding.0.20. Are the pings successful? Yes________________________________________________________________ If not.30.0 R1(config-if)#description server interface R1(config-if)#no shutdown R1(config-if)#end There are now six networks configured. This document is Cisco Public Information.17.17. Step 5: Verify Inter-VLAN routing.30. Check to make sure that the default gateways have been set on all PCs and all switches.30.17.17. FastEthernet0/1.99 interface configuration.17.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.0 is directly connected.17.255.17.0/24 is subnetted.17.20 172. troubleshoot your configuration.17.1.1 FastEthernet0/1.17. All rights reserved.1 255.50.17. the connected interface may go down.50.1 172.20. Task 6: Reflection In Task 5.0 is directly connected.

1 255.17. All rights reserved.99 encapsulation dot1Q 99 native ip address 172.99. Disconnect and store the cabling.0 no shutdown ! interface FastEthernet0/1 no shutdown ! interface FastEthernet0/1.10 encapsulation dot1Q 10 ip address 172.17.17.4.0 ! <output omitted .1: Basic Inter-VLAN Routing ___________________________________________________________________________________________ ___________________________________________________________________________________________ Task 7: Clean Up Erase the configurations and reload the switches.1 255.255.1 255.50. reconnect the appropriate cabling and restore the TCP/IP settings.0 ! interface FastEthernet0/1.30 encapsulation dot1Q 30 ip address 172.17.0 ! interface FastEthernet0/1.255.255.255.1 255. This document is Cisco Public Information.255.17.17. Final Configurations Router 1 hostname R1 ! enable secret class ! no ip domain lookup ! interface FastEthernet0/0 ip address 172.1 255.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.30. For PC hosts that are normally connected to other networks (such as the school LAN or to the Internet). Inc.255.1 255.0 ! interface FastEthernet0/1.serial interfaces not configured> ! line con 0 line aux 0 line vty 0 4 login password cisco ! All contents are Copyright © 1992–2007 Cisco Systems.255.10.255.255.255.255.1. Page 10 of 14 .1 encapsulation dot1Q 1 ip address 172.20 encapsulation dot1Q 20 ip address 172.0 ! interface FastEthernet0/1.255.20.

255.99.17. This document is Cisco Public Information.all remaining ports in shutdown> ! interface Vlan1 no ip address no ip route-cache ! interface Vlan99 ip address 172.4. All rights reserved. Inc.255.17. Page 11 of 14 .1: Basic Inter-VLAN Routing Switch 1 ! hostname S1 ! enable secret class ! no ip domain lookup ! interface FastEthernet0/1 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/2 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/3 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/4 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/5 switchport trunk native vlan 99 switchport mode trunk ! <output omitted .CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.0 no shutdown ! ip default-gateway 172.11 255.99.1 ip http server ! line con 0 logging synchronous line vty 0 4 login password cisco line vty 5 15 login password cisco Switch 2 ! hostname S2 ! enable secret class All contents are Copyright © 1992–2007 Cisco Systems.

Inc.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. This document is Cisco Public Information. All rights reserved.1: Basic Inter-VLAN Routing ! no ip domain lookup ! interface FastEthernet0/1 switchport trunk native vlan switchport mode trunk ! interface FastEthernet0/2 switchport trunk native vlan switchport mode trunk ! interface FastEthernet0/3 switchport trunk native vlan switchport mode trunk ! interface FastEthernet0/4 switchport trunk native vlan switchport mode trunk ! interface FastEthernet0/5 switchport trunk native vlan switchport mode trunk ! interface FastEthernet0/6 switchport access vlan 30 switchport mode access ! interface FastEthernet0/7 switchport access vlan 30 ! interface FastEthernet0/8 switchport access vlan 30 ! interface FastEthernet0/9 switchport access vlan 30 ! interface FastEthernet0/10 switchport access vlan 30 ! interface FastEthernet0/11 switchport access vlan 10 switchport mode access ! interface FastEthernet0/12 switchport access vlan 10 ! interface FastEthernet0/13 switchport access vlan 10 ! interface FastEthernet0/14 switchport access vlan 10 ! interface FastEthernet0/15 switchport access vlan 10 ! interface FastEthernet0/16 99 99 99 99 99 All contents are Copyright © 1992–2007 Cisco Systems. Page 12 of 14 .4.

1: Basic Inter-VLAN Routing switchport access vlan 10 ! interface FastEthernet0/17 switchport access vlan 10 ! interface FastEthernet0/18 switchport access vlan 20 ! interface FastEthernet0/19 switchport access vlan 20 ! interface FastEthernet0/20 switchport access vlan 20 ! interface FastEthernet0/21 switchport access vlan 20 ! interface FastEthernet0/22 switchport access vlan 20 ! interface FastEthernet0/23 switchport access vlan 20 ! interface FastEthernet0/24 switchport access vlan 20 ! interface Vlan1 no ip address no ip route-cache ! interface Vlan99 ip address 172.1 ip http server ! line con 0 password cisco logging synchronous login line vty 0 4 password cisco login line vty 5 15 password cisco login ! end Switch 3 ! hostname S3 ! enable secret class All contents are Copyright © 1992–2007 Cisco Systems.4.255.0 no shutdown ! ip default-gateway 172. All rights reserved.CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6.99.17.12 255. This document is Cisco Public Information.255. Page 13 of 14 .99.17. Inc.

255.4. Inc.0 no shutdown ! ip default-gateway 172. All rights reserved. This document is Cisco Public Information.99.1 ip http server ! control-plane ! line con 0 password cisco login line vty 0 4 password cisco login line vty 5 15 password cisco login ! end All contents are Copyright © 1992–2007 Cisco Systems.1: Basic Inter-VLAN Routing ! no ip domain lookup ! interface FastEthernet0/1 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/2 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/3 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/4 switchport trunk native vlan 99 switchport mode trunk ! interface FastEthernet0/5 switchport trunk native vlan 99 switchport mode trunk ! <output omitted .CCNA Exploration LAN Switching and Wireless: Inter-VLAN Routing Lab 6. Page 14 of 14 .99.all remaining ports in shutdown> ! interface Vlan99 ip address 172.13 255.17.17.255.