Tải bản đầy đủ (.pdf) (5 trang)
  1. Trang chủ
    2. >>
  2. Công Nghệ Thông Tin
    3. >>
  3. Quản trị mạng

Tài liệu Lab Exercise 2 - Inter-VLAN Routing and Multi-layer Switching pdf

Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (45.46 KB, 5 trang )

CertificationZone Page 1 of 5
/?Issue=36&IssueDate=05-01-2001&CP= 11/06/01
Date of Issue: 05-01-2001
Lab Exercise 2: Inter-VLAN Routing and
Multi-layer Switching
by Dan Farkas
Introduction
Equipment
Initial Configuration
Part 1: Inter-VLAN Routing
Goals
Task List
Solutions - Part 1
Answers
Configurations
Part 2: Multi-Layer Switching
Goals
Task List
Solutions - Part 2
Answers
Configurations
Introduction
This is the second lab exercise and should be attempted only after completing the first lab exercise. This lab has two
parts. In the first part, a link is configured as an ISL trunk and then inter-VLAN routing is configured. In the second
part, Multi-layer Switching is configured and an access list is added.
Equipment
l Two Catalyst 5xxx or 6xxx switches with Fast EtherChannel-capable line cards and Supervisor Engine III,
FSX, or III FLX module Supervisor engine software Release 4.1(1) or later, NetFlow Feature Card (NFFC), or
NFFC II
l Three PCs with NIC cards
l One Cisco 3620, 3640, 7500, 7200, 4500, or 4700 series router with Cisco IOS router software Release 11.3


(2)WA4(4) or later and a Fast Ethernet interface.
Initial Configuration
CertificationZone Page 2 of 5
/?Issue=36&IssueDate=05-01-2001&CP= 11/06/01
VTP Domain: lab
VLAN 1 name: vlan1
VLAN 2 name: vlan2
VLAN 3 name : vlan3
Warning: We assume that Lab Exercise 1 has been completed. If not go back and do it now.
Part 1: Inter-VLAN Routing
Goals
Reconfigure the link between the router and Switch A to be an ISL trunk. Configure inter-VLAN routing on the router.
Test with pings. Any device should be able to ping any other device.
Task List
1. On the PCs
a. Configure appropriate default gateways.
2. On Switch A
a. Configure the link that connects to the router with the set trunk on command.
b. Use the set ip route default command to set up a default gateway.
3. On Switch B
a. Use the set ip route default command to set up a default gateway
4. On the router
a. Remove the interface configuration from lab exercise 1.
b. Configure and address a sub-interface for each VLAN.
Device IP Addresses
Switch A 10.1.1.1/24
Switch B 10.1.1.2/24
PC-1 10.2.1.1/24
PC-2 10.2.1.2/24
PC-3 10.3.1.2/24

Router
VLAN 1 - 10.1.1.254/24
VLAN 2 - 10.2.1.1.254/24
VLAN 3 - 10.3.1.1.254/24
CertificationZone Page 3 of 5
/?Issue=36&IssueDate=05-01-2001&CP= 11/06/01
5. Ping between devices. Do intra-VLAN pings work? Do inter-VLAN pings work? If any pings fail, something is
not right in your configuration.
Solutions - Part 1
Answers
5) All pings should work.
Configurations
{Note: x/y represents slot and port numbers. On the router, 0/0 should be the actual slot and port numbers.}
SwitchA(enable)set ip default route 10.1.1.254
SwitchA(enable)set trunk x/y on
SwitchB(enable)set ip default route 10.1.1.254
Router(config)#int fa0/0
Router(config-if)#no ip address
Router(config-if)#int fa 0/0.1
Router(config-subif)#ip address 10.1.1.254 255.255.255.0
Router(config-subif)#encapsulation isl 1
Router(config-subif)#int fa 0/0.2
Router(config-subif)#ip address 10.2.1.254 255.255.255.0
Router(config-subif)#encapsulation isl 2
Router(config-subif)#int fa 0/0.3
Router(config-subif)#ip address 10.3.1.254 255.255.255.0
Router(config-subif)#encapsulation isl 3
Part 2: Multi-Layer Switching
Goals
Configure Multi-layer Switching on the router, Switch A, and Switch B. Ping between PC-2 and PC-3. Use show

commands to verify MLS operations. Add an access list to the router. Verify a change in flow masks with show
commands.
Task List
1. On Switch A and Switch B
a. Use the set mls enable and set mls include commands to configure MLS.
2. On the router
a. Use the mls rp ip, mls rp vtp-domain, and mls rp ip management-interface commands to configure
MLS. Make the VLAN 1 interface the management interface.
3. Ping between devices. Do intra-VLAN pings still work? Do inter-VLAN pings still work? If any pings fail,
something is not right in your configuration.
4. Wait 256 seconds for all flows to age out of the MLS cache on the switch.
5. Start a continuous stream of pings between PC-2 and PC-3.
a. Use the show mls rp command on the router and the show mls entry command on Switch B to verify
MLS operation. Note the cache entries on the switch.
CertificationZone Page 4 of 5
/?Issue=36&IssueDate=05-01-2001&CP= 11/06/01
6. Stop the pings.
7. On the router
a. Create Access List 101 with the command access-list 101 permit ip any any.
b. Apply it to all sub-interfaces as an outbound access list.
c. Use the show mls rp command on the router and the show mls entry command on Switch B to verify
MLS operation. Note the cache entries on the switch. Notice any differences?
8. Start a continuous stream of pings between PC-2 and PC-3.
a. Use the show mls rp command on the router and the show mls entry command on Switch B to verify
MLS operation. Note the cache entries on the switch. Notice any differences?
Solutions - Part 2
Answers
3) Yes, all pings should still work
5a) The show mls rp should show you that:
• mls is globally enabled

• the vtp-domain is lab
• the flow mask is destination-ip
The show mls entry should show flows from 10.2.1.2 to 10.3.1.2 and from 10.3.1.2 to 10.2.1.2
7c) The show mls rp should show you that the flow mask is source-destination-ip.
The show mls entry should show that the cache is empty because the access-list was applied and created MLSP
purge messages.
8a) The show mls entry should show flows from 10.2.1.2 to 10.3.1.2 and from 10.3.1.2 to 10.2.1.2
Configurations
SwitchA(enable)set mls enable
SwitchA(enable)set mls include 10.1.1.254
SwitchB(enable)set mls enable
SwitchB(enable)set mls include 10.1.1.254
Router(config)#mls rp ip
Router(config)#int fa 0/0.1
Router(config-subif)#mls rp vtp-domain lab
Router(config-subif)#mls rp ip
Router(config-subif)#mls rp ip management-interface
Router(config-subif)#int fa 0/0.2
Router(config-subif)#mls rp vtp-domain lab
Router(config-subif)#mls rp ip
Router(config-subif)#int fa 0/0.3
Router(config-subif)#mls rp vtp-domain lab
Router(config-subif)#mls rp ip
Router(config-subif)#exit
Router(config)#access-list 101 permit ip any any
Router(config)#int fa 0/0.1
Router(config-subif)#ip access-group 101
CertificationZone Page 5 of 5
/?Issue=36&IssueDate=05-01-2001&CP= 11/06/01
Router(config-subif)#int fa 0/0.2

Router(config-subif)#ip access-group 101
Router(config-subif)#int fa 0/0.3
Router(config-subif)#ip access-group 101
[IE-LANS2-LS2-F04]
[2001-04-20-02]
Copyright © 2001 Genium Publishing Corporation

Tài liệu liên quan

Tài liệu bạn tìm kiếm đã sẵn sàng tải về

Tải bản đầy đủ ngay
×