Switch

Download as txt, pdf, or txt
Download as txt, pdf, or txt
You are on page 1of 7

Switch(config)# Switch(config)# Switch(config)# Switch(config)#

hostname hostname hostname hostname

DLS1 DLS2 ALS1 ALS2

/*Disable the links between ALS1 and ALS2*/ Switch(config-if-range)# interface range GigabitEthernet 0/1 - 2 Switch(config-if-range)# shutdown /* 3. Configure the Fa0/11 link between DLS1 and DLS2 as a Layer 3 link and assi gn a network to it. */ [DLS1] [DLS1] [DLS1] [DLS1] [DLS2] [DLS2] [DLS2] [DLS2] Switch(config)# interface Fa0/11 Switch(config-if)# no switchport Switch(config-if)# ip address 192.168.0.1 255.255.255.0 Switch(config-if)# exit Switch(config)# interface Fa0/11 Switch(config-if)# no switchport Switch(config-if)# ip address 192.168.0.2 255.255.255.0 Switch(config-if)# exit

/* 4. Configure the Fa0/12 link between DLS1 and DLS2 as an ISL trunk, and stati cally set all other interswitch links as 802.1q trunks. */ [DLS1] Switch(config)# interface FastEthernet 0/12 [DLS1] Switch(config-if)# switchport trunk encapsulation isl1 [DLS1] Switch(config-if)# switchport mode trunk [DLS1] Switch(config)# interface range fastEthernet 0/7 - 11 [DLS1] Switch(config-if-range)# switchport trunk encapsulation dot1q [DLS1] Switch(config-if-range)# switchport mode trunk /**Opcional BestPractice**/ [DLS1] [DLS1] [DLS1] [DLS1] Switch(config-if)# Switch(config-if)# Switch(config-if)# Switch(config-if)# switchport nonegotiate optional switchport trunk allowed vlan 1-100 no shutdown end

/**End BestPractice**/ [DLS2] Switch(config)# interface FastEthernet 0/12 [DLS2] Switch(config-if)# switchport trunk encapsulation isl1 [DLS2] Switch(config-if)# switchport mode trunk [DLS2] Switch(config)# interface range fastEthernet 0/7 - 11 [DLS2] Switch(config-if-range)# switchport trunk encapsulation dot1q [DLS2] Switch(config-if-range)# switchport mode trunk /* Switches ASL1 y 2 aplicar la siguiente configuracin */ ALS1(config)# interface range fastEthernet 0/7 ALS1(config-if)# switchport mode trunk ALS2(config)# interface range fastEthernet 0/7 ALS2(config-if)# switchport mode trunk 12 12

/* Verificar trunk configuration */ ALS2# show interfaces fastEthernet 0/7 switchport DLS1# show interfaces trunk /* 5. Bind the links between DLS1 and ALS1 in an EtherChannel and configure the two switches to actively negotiate a PAgP link. */ ALS1# show interfaces trunk ALS1(config-if-range)# interface range GigabitEthernet 0/7 - 8 ALS1(config-if-range)# shutdown ALS1(config)# interface range fastEthernet 0/7 - 8 ALS1(config-if-range)# channel-group 1 mode desirable ALS1(config)# interface port-channel 1 ALS1(config-if)# switchport mode trunk DLS1(config)# interface range fastEthernet 0/7 - 8 DLS1(config-if-range)# channel-group 1 mode desirable /* Creating a port-channel interface Port-channel 1 DLS1(config)# interface port-channel 1 DLS1(config-if)# switchport mode trunk /*En ambos switches verificar configuracin con el comando */ #show etherchannel summary /* 6. Place all switches in the VTP domain CISCO with DLS1 as the VTP server usi ng VTP version 2. Configure all other switches as VTP clients. */ DLS1# show vtp status DLS1(config)# vtp domain CISCO Changing VTP domain name from NULL to CISCO DLS1(config)# vtp version 2 DLS1(config)# vtp mode server Device mode already VTP SERVER. DLS2(config)# vtp Setting device to ALS1(config)# vtp Setting device to ALS2(config)# vtp Setting device to mode client VTP CLIENT mode. mode client VTP CLIENT mode. mode client VTP CLIENT mode.

/* 7. On DLS1, create VLAN 10 named CLIENT, VLAN 20 named VOICE, VLAN 30 named S ERVER and VLAN 99 named MGMT. Choose a 192.168.X.0/24 network for each VLAN for use in sub sequent steps. */ DLS1(config)# vlan 10 DLS1(config-vlan)# name CLIENT

DLS1(config-vlan)# DLS1(config)# vlan DLS1(config-vlan)# DLS1(config-vlan)# DLS1(config)# vlan DLS1(config-vlan)# DLS1(config-vlan)# DLS1(config)# vlan DLS1(config-vlan)# DLS1(config-vlan)#

exit 20 name VOICE exit 30 name SERVER exit 99 name MGMT exit

/* 8. Ensure that the VLAN 1 interface on all switches is not used for administr ative management or user traffic. */ ALS1(config)# vlan 1 ALS1(config-vlan)# shutdown ALS1# show vlan brief ALS2(config)# vlan 1 ALS2(config-vlan)# shutdown ALS2# show vlan brief DLS1(config)# vlan 1 DLS1(config-vlan)# shutdown DLS1# show vlan brief DLS2(config)# vlan 1 DLS2(config-vlan)# shutdown DLS2# show vlan brief /* 9. Configure the Rapid PVST (PVRST+) protocol on all switches. Ensure that DL S1 becomes the spanning tree root of VLANs 10 and 20 and DLS2 becomes the backup. Ensure that D LS2 becomes the spanning tree root of VLANs 30 and 99 and DLS1 becomes the backup. */ ALS1(config)# ALS2(config)# DLS1(config)# DLS2(config)# spanning-tree spanning-tree spanning-tree spanning-tree mode mode mode mode rapid-pvst rapid-pvst rapid-pvst rapid-pvst

/* Para comprovar configuracin: DLS1# show spanning-tree */ DLS1(config)#spanning-tree DLS1(config)#spanning-tree DLS2(config)#spanning-tree DLS2(config)#spanning-tree vlan vlan vlan vlan 10,20 30,99 30,99 10,20 root root root root primary secondary primary secondary

/* 10. On DLS1 and DLS2 configure SVIs and HSRP to provide gateway redundancy fo r access layer clients in VLANs 10, 20, 30 and 99. Create an SVI in VLANs 10, 20, 30 and 99, ea ch with an IP address and mask from their respective networks chosen in Step 7. */ DLS1(config)# interface vlan 10 DLS1(config-if)# ip address 192.168.10.3 255.255.255.0 DLS1(config-if)# no shutdown DLS1(config)# interface vlan 20 DLS1(config-if)# ip address 192.168.20.3 255.255.255.0

DLS1(config-if)# no shutdown DLS1(config)# interface vlan 30 DLS1(config-if)# ip address 192.168.30.3 255.255.255.0 DLS1(config-if)# no shutdown DLS1(config)# interface vlan 99 DLS1(config-if)# ip address 192.168.99.3 255.255.255.0 DLS1(config-if)# no shutdown /* Activar routing para permitir al switch actuar como layer 3 */ DLS1(config)# ip routing DLS1(config)# sh ip route /*Configuracin interface DLS2*/ DLS2(config)# interface vlan 10 DLS2(config-if)# ip address 192.168.10.4 DLS2(config-if)# no shutdown DLS2(config)# interface vlan 20 DLS2(config-if)# ip address 192.168.20.4 DLS2(config-if)# no shutdown DLS2(config)# interface vlan 30 DLS2(config-if)# ip address 192.168.30.4 DLS2(config-if)# no shutdown DLS2(config)# interface vlan 99 DLS2(config-if)# ip address 192.168.99.4 DLS2(config-if)# no shutdown 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0

/* No se si es necesario activarlo tambin en el DLS2 */ DLS2(config)# ip routing /* 11. Configure DLS1 as the active HSRP router for VLANs 10 and 20 and configur e DLS2 as backup. Configure DLS2 as the active router for VLANs 30 and 99 and configure DLS1 as ba ckup. */ **** HSRP Configuration for DLS1 **** DLS1(config)# ip routing DLS1(config)# interface vlan 10 DLS1(config-if)# standby 1 ip 192.168.10.1 DLS1(config-if)# standby 1 preempt DLS1(config-if)# standby 1 priority 150 DLS1(config-if)# exit DLS1(config)# interface vlan 20 DLS1(config-if)# standby 1 ip 192.168.20.1 DLS1(config-if)# standby 1 preempt DLS1(config-if)# standby 1 priority 150 DLS1(config-if)# exit DLS1(config)# interface vlan 30 DLS1(config-if)# standby 1 ip 192.168.30.1 DLS1(config-if)# standby 1 preempt DLS1(config-if)# standby 1 priority 100 DLS1(config-if)# exit DLS1(config)# interface vlan 20 DLS1(config-if)# standby 1 ip 192.168.99.1 DLS1(config-if)# standby 1 preempt DLS1(config-if)# standby 1 priority 100 DLS1(config-if)# exit **** HSRP Configuration for DLS2 **** DLS2(config)# ip routing

DLS2(config)# interface vlan 10 DLS2(config-if)# standby 1 ip 192.168.10.1 DLS2(config-if)# standby 1 preempt DLS2(config-if)# standby 1 priority 100 DLS2(config-if)# exit DLS2(config)# interface vlan 20 DLS2(config-if)# standby 1 ip 192.168.20.1 DLS2(config-if)# standby 1 preempt DLS2(config-if)# standby 1 priority 100 DLS2(config-if)# exit DLS2(config)# interface vlan 30 DLS2(config-if)# standby 1 ip 192.168.30.1 DLS2(config-if)# standby 1 preempt DLS2(config-if)# standby 1 priority 150 DLS2(config-if)# exit DLS2(config)# interface vlan 99 DLS2(config-if)# standby 1 ip 192.168.99.1 DLS2(config-if)# standby 1 preempt DLS2(config-if)# standby 1 priority 150 DLS2(config-if)# exit DLS1# show standby DLS1# show standby brief DLS2# show standby brief /* Si quisiera verificar la configuracin de HSRP */ DLS2(config)# interface range fastEthernet 0/7 - 12 DLS2(config-if-range)# shutdown /* 12. On ALS1 and ALS2 create an SVI for MGMT VLAN 99 with an IP address from t he VLAN 99 network assigned in Step 7. */ ALS1(config)# interface vlan 99 ALS1(config-if)# ip address 192.168.99.5 255.255.255.0 ALS1(config-if)# no shutdown ALS2(config)# interface vlan 99 ALS2(config-if)# ip address 192.168.99.6 255.255.255.0 ALS2(config-if)# no shutdown /* 13. For ALS1 and ALS2, specify the HSRP gateway address of VLAN 99 as the def ault gateway. */ ALS1(config)# ip default-gateway 192.168.99.1 ALS2(config)# ip default-gateway 192.168.99.1 /* 14. Enable PortFast on all access layer switch ports. */ ALS1(config)# interface fa0/6 ALS1(config-if)# spanning-tree portfast default ALS1(config-if)# no shutdown ALS2(config)# interface fa0/6 ALS2(config-if)# spanning-tree portfast default ALS2(config-if)# no shutdown /* 15. Permit the links between DLS2 and ALS2 to carry traffic only for the VLAN

s created in Step 7. */ ALS2(config)# (config)#interface ALS2(config-if)#switchport trunk DLS2(config)# (config)#interface DLS2(config-if)#switchport trunk range fastEthernet 0/7 - 8 allowed vlan 10,20,30,99 range fastEthernet 0/7 8 allowed vlan 10,20,30,99

/* 16. Enable QoS globally on all switches. */ DLS1#set DLS2#set ALS1#set ALS2#set qos qos qos qos enable enable enable enable qos qos qos qos

ALS1(config)#mls ALS2(config)#mls DLS1(config)#mls DLS2(config)#mls

/* 17. On ALS1 configure Fa0/6 as an access port in CLIENT VLAN 10 and to trust Cisco IP phones CoS using AutoQoS. Use VOICE VLAN 20 as the voice VLAN. */ ALS1(config)# interface fastEthernet 0/6 ALS1(config-if)# switchport mode access ALS1(config-if)# switchport access vlan 10 ALS1(config-if)# switchport voice vlan 20 ALS1(config-if)# mls qos trust device cisco-phone ALS1(config-if)# auto qos voip cisco-phone /* verify configuration */ ALS1# show mls qos interface fastEthernet 0/15 ALS1# show run interface fastEthernet 0/15 /* 18. On ALS1, configure port Fa0/6 with port security. Allow up to two MAC add resses to be learned for IP phone support. Enable sticky learning. Shut down the port if a violation occurs. */ ALS1(config-if)# ALS1(config-if)# ALS1(config-if)# ALS1(config-if)# ALS1(config-if)# switchport switchport switchport switchport exit port-security port-security maximum 2 port-security mac-address sticky port-security violation shutdown

/* 19. On ALS2 configure port Fa0/6 as an access port in SERVER VLAN 30. */ ALS2(config)# interface fastEthernet 0/6 ALS2(config-if)# switchport mode access ALS2(config-if)# switchport access vlan 30 /* 20. Configure IP routing on DLS1 and DLS2, and use EIGRP to advertise 192.168 .0.0/16 with automatic summarization disabled. */ DLS1(config)#router EIGRP 1 DLS1(config-router)#no auto-summary DLS1(config-router)#network 192.168.0.0

DLS2(config)#router EIGRP 1 DLS2(config-router)#no auto-summary DLS2(config-router)#network 192.168.0.0 /* 21. Configure client PC-A with an IP address in the VLAN 10 network and speci fy the VLAN 10 HSRP virtual address as the default gateway. Configure server PC-B with an IP address in VLAN 30 and specify the VLAN 30 HSRP virtual address as the default gateway. */ Done!

You might also like