Configuring EtherChannel-CISCO ROUTER

Configuring EtherChannel (Instructor Version)

Completed Topology

Objectives

View the default Layer 2 configuration. Configure EtherChannel.

Background/Scenario

EtherChannel enables the switch administrator to increase bandwidth between switches by bundling together between 2 and 8 links. In this scenario, you will bundle two Fast Ethernet links to form a single logical link with an effective full-duplex bandwidth of 400 Mb/s.

NOTE: This activity is for observation purposes only and does not require configuration, thus grading will not be conducted.

Task 1: View the Default Configuration.

Step 1. Verify the trunking and VLAN configuration on the switches.

a. On the two switches, enter privileged EXEC mode.

b. Perform a show run to view the current configuration.

c. Issue the show interfaces trunk and show interfaces switchport commands.

Observation: The show interface truck command displayed no output, hence there are no trunk ports configured. The show interfaces switchport command displayed all ports in dynamic auto mode.

d. Issue the show vlan command to verify proper VLAN configuration.

Observation: VLAN 10 is the only non-default VLAN appearing. Currently, all ports are associated with VLAN 1.

Step 2. Verify the VTP configuration on the switches.

e. From privileged EXEC mode on both DLS1 and DLS2 access layer switches, issue the show vtp status command to verify VTP modes and VLAN information.

Observation: Both DLS1 and DLS2 are VTP servers with no VTP domain name configured.

Step 3. Verify IEEE 802.1D spanning-tree.

a. From each switch, issue the show spanning-tree command.

All contents are Copyright © 1992–2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 32

CCNA Exploration

LAN Switching and Wireless

b. Verify that all switches are running IEEE 802.1D spanning-tree.

c. Verify that S1 is the root bridge for VLANs 1-1001.

Observation: Both switches are running IEEE 802.1D. DLS1 is the spanning-tree root bridge for all VLANs.

Task 2: Configure EtherChannel on the switches.

Step 1. Add EtherChannel functionality to DLS1 and DLS2.

a. To enable EtherChannel on DLS1, enter the interface range mode for ports F0/11 and F0/12 on with the command interface range f0/11 - 12.

b. Enter the command switchport mode trunk.

c. Enter the command channel-group 1 mode desirable.

d. Repeat steps a through c on DLS2.

Step 2. Add a logical Port Channel associated with the physical interfaces.

a. Create Port Channel 1 with the interface port-channel 1 command.

b. Enter the switchport mode trunk command.

Task 3: Verify the EtherChannel configuration.

a. Enter the command show etherchannel summary and observe the output.

Observation: Ports F0/11 and F0/12 appear under Group 1, associated with a Port Channel labeled Po1.The default port bundling protocol is PAgP.

b. Enter the command show interface switchport.

Observation: The physical ports F0/11 and F0/12, and the logical port Po1 all appear as 802.11Q trunk ports.

c. On DLS1, enter the command ping 10.10.10.2. The ping should be successful.

d. Enter the command show running-config to determine the EtherChannel load-balancing mechanism.

Observation: The output displays “port-channel load-balance src-mac”, indicating that load balancing across the logical EtherChannel is based on the source MAC address of the data.


CCNA Exploration


PT: Configuring Frame Relay

Objectives

View the default internetwork configuration. Configure Frame Relay connectivity. Configure Static and Default routing. Verify connectivity.

Background/Scenario

Four routers must be interconnected in a hub-and-spoke Frame Relay configuration. Router R1 is the hub, and routers R2, R3, and R4 are spoke routers. The Frame Relay connections will be established using Frame Relay point-to-point connections over subinterfaces from R1 to each spoke router. Routing will be established using static routes on the hub router and default routes on all spoke routers. The frame relay switch(es) have already been configured within the cloud. Remote administrative access is established using SSH with the username admin and password cisco.

Task 1: Configure Frame Relay and Static Routing on the Hub Router (R1).

Step 1. Verify Default Configurations.

e. On all four routers, enter privileged EXEC mode with the password cisco.

f. From privileged EXEC mode on all four routers, issue the show running-config command to verify running configurations.

Note: All routers have been preconfigured with hostnames, enable password, and SSH connectivity. All LAN interfaces have also been configured with IP addresses and are currently active.

g. Use the show ip route command to verify routing tables.

Step 2. Configure the Physical Frame Relay Interface on R1.

When configuring frame-relay subinterfaces, the main physical interface must be enabled for Frame Relay connectivity; therefore, configure Frame Relay on the serial 0/0/0 interface of router R1. The Frame Relay LMI type is autosensed and will not be manually configured.

h. From privileged EXEC mode on R1, enter global configuration mode.

i. Enter the following commands on R1 to enable Frame Relay on the physical interface.

R1(config)# interface serial0/0/0R1(config-if)# encapsulation frame-relayR1(config-if)# no shutdown


CCNA Exploration


Step 3. Configure the Subinterfaces on R1.

Frame Relay subinterfaces will be configured using point-to-point Frame Relay. Configure the point-to-point connections to the three spoke routers via subinterfaces and assign the appropriate dlci number to each frame relay connection, see the table below:

S0/0/0.102 IP: 10.0.1.1 SM: 255.255.255.252

DLCI: 102

S0/0/0.103 IP: 10.0.1.5SM: 255.255.255.252

DLCI: 103

S0/0/0.104 IP: 10.0.1.9SM: 255.255.255.252

DLCI: 104

j. Create and configure subinterface s0/0/0.102. From global configuration mode, enter the following commands:

R1(config)# interface Serial0/0/0.102 point-to-pointR1(config-subif)# ip address 10.0.1.1 255.255.255.252R1(config-subif)# frame-relay interface-dlci 102R1(config-subif)# exit

k. Repeat the above steps to create and configure subinterface s0/0/0.103 and s0/0/0.104.

R1(config)# interface Serial0/0/0.103 point-to-pointR1(config-subif)# ip address 10.0.1.5 255.255.255.252R1(config-subif)# frame-relay interface-dlci 103R1(config-subif)# exitR1(config)# interface Serial0/0/0.104 point-to-pointR1(config-subif)# ip address 10.0.1.9 255.255.255.252R1(config-subif)# frame-relay interface-dlci 104R1(config-subif)# exit

Step 4. Configure Static Routing on R1 to reach the LANs of each spoke router.

Routing between sites could be configured using dynamic or static routing. In this activity, you will configure static routes to each remote LAN sites.

l. From global configuration mode, enter the following static routes.

R1(config)# ip route 10.20.20.0 255.255.255.0 10.0.1.2R1(config)# ip route 10.30.30.0 255.255.255.0 10.0.1.6R1(config)# ip route 10.40.40.0 255.255.255.0 10.0.1.10

m. Exit out of configuration mode and issue the show running-config command to view the final configuration on R1.

Task 2: Configure Frame Relay and Default routing on the Spoke Routers.

Step 1. Configure the Physical Frame Relay Interface on the spoke routers.

Just as we configured the hub router for Frame Relay, the spoke routers must also be configured.


CCNA Exploration


n. From privileged EXEC mode on R2, enter global configuration mode.

o. Configure the main physical interface for Frame Relay connectivity. Enter the following commands on R2.

R2(config)# interface serial0/0/0R2(config-if)# encapsulation frame-relayR2(config-if)# no shutdown

Step 2. Configure the Subinterfaces on R2.

From global configuration mode, enter the following commands to create and configure the subinterface. Assign DLCI number 101 to the connection.

R2(config)# interface Serial0/0/0.101 point-to-pointR2(config-subif)# ip address 10.0.1.2 255.255.255.252R2(config-subif)# frame-relay interface-dlci 101R2(config-subif)# exit

Step 3. Configure Default Routing on R2.

From global configuration mode, enter the following static routes.

R2(config)# ip route 0.0.0.0 0.0.0.0 10.0.1.1

Step 4. Repeat Steps 1 – 3 on R3 and R4.

p. On router R3, configure the following commands. Assign DLCI 101 to the frame relay connection

R3(config)# interface serial0/0/0R3(config-if)# encapsulation frame-relayR3(config-if)# no shutdownR3(config)# interface Serial0/0/0.101 point-to-pointR3(config-subif)# ip address 10.0.1.6 255.255.255.252R3(config-subif)# frame-relay interface-dlci 101R3(config-subif)# exitR3(config)# ip route 0.0.0.0 0.0.0.0 10.0.1.5

q. On router R4, configure the following commands. Assign DCLI 101 to the frame-relay connection.

R4(config)# interface serial0/0/0R4(config-if)# encapsulation frame-relayR4(config-if)# no shutdownR4(config)# interface Serial0/0/0.101 point-to-pointR4(config-subif)# ip address 10.0.1.10 255.255.255.252R4(config-subif)# frame-relay interface-dlci 101R4(config-subif)# exitR4(config)# ip route 0.0.0.0 0.0.0.0 10.0.1.9


CCNA Exploration


Task 4: Verify Connectivity.

Step 1. Verify the Frame Relay network.

After configuring Frame Relay on all routers, verify the Frame Relay configuration on R1.

r. Issue the show frame-relay map command on R1 to verify the connections to the spoke routers.

R1# show frame-relay mapSerial0/0/0.102 (up): point-to-point dlci, dlci 102, broadcast, status defined, activeSerial0/0/0.103 (up): point-to-point dlci, dlci 103, broadcast, status defined, activeSerial0/0/0.104 (up): point-to-point dlci, dlci 104, broadcast, status defined, active

s. Next, issue the show frame-relay lmi command on R1.

R1# show frame-relay lmiLMI Statistics for interface Serial0/0/0 (Frame Relay DTE) LMI TYPE = CISCO Invalid Unnumbered info 0 Invalid Prot Disc 0 Invalid dummy Call Ref 0 Invalid Msg Type 0 Invalid Status Message 0 Invalid Lock Shift 0 Invalid Information ID 0 Invalid Report IE Len 0 Invalid Report Request 0 Invalid Keep IE Len 0 Num Status Enq. Sent 26 Num Status msgs Rcvd 26 Num Update Status Rcvd 0 Num Status Timeouts 16

LMI Statistics for interface Serial0/0/0.102 (Frame Relay DTE) LMI TYPE = CISCO Invalid Unnumbered info 0 Invalid Prot Disc 0 Invalid dummy Call Ref 0 Invalid Msg Type 0 Invalid Status Message 0 Invalid Lock Shift 0 Invalid Information ID 0 Invalid Report IE Len 0 Invalid Report Request 0 Invalid Keep IE Len 0 Num Status Enq. Sent 0 Num Status msgs Rcvd 0 Num Update Status Rcvd 0 Num Status Timeouts 16 LMI Statistics for interface Serial0/0/0.103 (Frame Relay DTE) LMI TYPE = CISCO Invalid Unnumbered info 0 Invalid Prot Disc 0 Invalid dummy Call Ref 0 Invalid Msg Type 0 Invalid Status Message 0 Invalid Lock Shift 0 Invalid Information ID 0 Invalid Report IE Len 0 Invalid Report Request 0 Invalid Keep IE Len 0 Num Status Enq. Sent 0 Num Status msgs Rcvd 0 Num Update Status Rcvd 0 Num Status Timeouts 16 LMI Statistics for interface Serial0/0/0.104 (Frame Relay DTE) LMI TYPE = CISCO Invalid Unnumbered info 0 Invalid Prot Disc 0 Invalid dummy Call Ref 0 Invalid Msg Type 0 Invalid Status Message 0 Invalid Lock Shift 0 Invalid Information ID 0 Invalid Report IE Len 0 Invalid Report Request 0 Invalid Keep IE Len 0 Num Status Enq. Sent 0 Num Status msgs Rcvd 0 Num Update Status Rcvd 0 Num Status Timeouts 16

t. Finally, issue the show frame-relay pvc command on R1.

R1# show frame-relay pvc


CCNA Exploration


PVC Statistics for interface Serial0/0/0 (Frame Relay DTE)DLCI = 102, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/0/0.102 input pkts 14055 output pkts 32795 in bytes 1096228out bytes 6216155 dropped pkts 0 in FECN pkts 0in BECN pkts 0 out FECN pkts 0 out BECN pkts 0in DE pkts 0 out DE pkts 0out bcast pkts 32795 out bcast bytes 6216155 DLCI = 103, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/0/0.103 input pkts 14055 output pkts 32795 in bytes 1096228out bytes 6216155 dropped pkts 0 in FECN pkts 0in BECN pkts 0 out FECN pkts 0 out BECN pkts 0in DE pkts 0 out DE pkts 0out bcast pkts 32795 out bcast bytes 6216155 DLCI = 104, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/0/0.104 input pkts 14055 output pkts 32795 in bytes 1096228out bytes 6216155 dropped pkts 0 in FECN pkts 0in BECN pkts 0 out FECN pkts 0 out BECN pkts 0in DE pkts 0 out DE pkts 0out bcast pkts 32795 out bcast bytes 6216155

NOTE: PC1 and PC3 should now be able to successfully ping each other and the web server. If not, make sure that you entered all the commands exactly as specified in the previous steps.

Step 2. Verify connectivity to the spoke LANs.

From the R1 router, ping the LAN interfaces of routers R2, R3, and R4. You should be able to successfully ping.

Step 3. Check results.

Your completion percentage should be 100%. If not, click Check Results to see which required components are not yet completed.


CCNA Exploration


Configuring Inter-VLAN Routing with Multilayer Switches

Instructor Version

Completed Topology

Objectives

View the default Layer 2 configuration. Configure the switch virtual interfaces (SVIs). Verify inter-VLAN routing.

Background/Scenario

Inter-VLAN routing on distribution layer switches is made possible with switch virtual interfaces (SVIs). Multilayer switches, such as Cisco Catalyst 3560 switches, are capable of wirespeed IP routing in addition to traditional Layer 2 switching. In this case, distribution layer bound IP subnets with hosts pointing to the SVIs as default gateways for the respective IP subnets. Full IP communications, previously available only with dedicated routers, are made available with these multilayer switches.

In this configuration, two distribution layer switches, DLS1 and DLS2 are connected in a partial-mesh topology with the access layer switches, ALS1 and ALS2. DLS1 and DLS2 load balance the traffic at Layer 2 on a per-VLAN basis. SVIs are configured for each VLAN to enable inter-VLAN IP communication.



u. On all four switches, enter privileged EXEC mode with the enable command.

v. From privileged EXEC mode, issue the show interfaces trunk and show interfaces switchport commands.

w. On the two distribution switches, issue the show vlan command to verify proper VLAN configuration.


CCNA Exploration


Observation: Fa0/1, Fa0/2, and Fa0/3 are configured for 802.1q trunking. Additionally, all three are configured to trunk VLANs 1, 10, 20, 30, 99 and all default vlans. The native management VLAN is VLAN99.


From privileged EXEC mode on the access layer switches, issue the show vtp status command to verify the propagation of VLAN information. DLS1 and DLS2 should be VTP servers. ALS1 and ALS2 should be VTP clients.


x. From each switch, issue the show spanning-tree command.

y. Verify that all switches are running IEEE 802.1D spanning-tree.

z. For VLANs 1, 10, 20, 30 and 99, which switch is the root bridge?

Observation: DLS1 is the root bridge for VLANs 1, 20, and 99. DLS2 is the root bridge for VLANs 10 and 30.

Task 2: Configure inter-VLAN routing on the switches.

Step 1. Create the SVIs on the distribution layer switches.

a. To create SVIs switches, enter the global configuration command interface vlan x on DLS1 and DLS2 for VLANs 10, 20, 30, and 99.

b. On DLS1, configure IP addresses for each SVI. VLAN10: 10.0.10.1/24, VLAN20: 10.0.20.1/24, VLAN30: 10.0.30.1/24, and VLAN99: 10.0.99.1/24.

ExampleDLS1(config)# interface vlan 10DLS1(config-if)# ip address 10.0.10.1 255.255.255.0

c. On DLS2, configure IP addresses for each SVI. VLAN10: 10.0.10.2/24, VLAN20: 10.0.20.2/24, VLAN30: 10.0.30.2/24, VLAN99: 10.0.99.2/24.

Task 3: Verify inter-VLAN routing.

Step 1. Configure IP addressing on the access layer switches.

a. Enter interface vlan 1 mode on ALS1 and ALS2 and enter the shutdown command.

b. Issue the interface vlan 99 command followed by the no shutdown command on ALS1 and ALS2.

c. Give ALS1 the management interface IP address of 10.0.99.3/24.

d. Give ALS2 the management interface IP address of 10.0.99.4/24.

e. On ALS1, configure the default gateway to be 10.0.99.1/24.

f. On ALS2, configure the default gateway to be 10.0.99.2/24.

Step 2. Test ICMP connectivity from the access layer switches to the distribution layer SVIs.

aa. On ALS1, issue the privileged EXEC command ping 10.0.10.1. Repeat for 10.0.10.2, 10.0.20.1, 10.0.20.2, 10.0.30.1, 10.0.30.2, 10.0.99.1, and 10.0.99.2. The ping tests should all be successful.

bb. On ALS2, issue the privileged EXEC command ping 10.0.10.1. Repeat for 10.0.10.2, 10.0.20.1, 10.0.20.2, 10.0.30.1, 10.0.30.2, 10.0.99.1, and 10.0.99.2. The ping tests should all be successful.


CCNA Exploration




PT: IPv6 and RIPng Configuration

Objectives Enable IPv6 Unicast Routing. Configure IPv6 addresses. Enable RIPng on appropirate interfaces. Verify the IPv6 configuration.

Background/ScenarioThree routers must be interconnected in a simple IPv6 configuration. Routing will be established using RIPng.

Task 1: Configure Router R1 to Support IPv6.

Step 1. Enable IPv6 Unicast Routing on R1.

All IPv6 routers must be enabled to support IPv6 unicast routing.a. From privileged EXEC mode on R1, enter global configuration mode.b. Enter the ipv6 unicast-routing command.

Step 2. Configure an IPv6 Address and RIPng on S0/0/0.On the Serial 0/0/0 interface of router R1, configure an EUI IPv6 address, enable the RIPng process called "PROCESS1" and configure a clock rate of 64000 using the following commands.

R1(config)# interface Serial0/0/0R1(config-if)# ipv6 address 2001:410:1:10::/65 eui-64R1(config-if)# ipv6 rip PROCESS1 enableR1(config-if)# clock rate 64000R1(config-if)# no shutdownR1(config-if)# exit

Step 3. Check Results.Your completion percentage should be 25%. If not, click Check Results to see which required components are not yet completed.


CCNA Exploration


Task 2: Configure Router R2 and R3 to Support IPv6.

Step 1. Configure Router R2.Just as we configured the router R1 to support IPv6, we must also configure routers R2 and R3 as well. On router R2, enable IPv6 unicast routing, configure an EUI IPv6 address and enable the RIPng process called "PROCESS1" on interfaces Serial 0/0/0 and Serial 0/0/1 using the following commands. Note that only the S0/0/1 interface requires the clock rate.

R2# conf tR2(config)# ipv6 unicast-routingR2(config)# interface Serial0/0/0R2(config-if)# ipv6 address 2001:410:1:10::/65 eui-64R2(config-if)# ipv6 rip PROCESS1 enableR2(config-if)# no shutdownR2(config-if)# exitR2(config)# interface Serial0/0/1R2(config-if)# ipv6 address 2001:410:2:10::/65 eui-64R2(config-if)# ipv6 rip PROCESS1 enableR2(config-if)# clock rate 64000R2(config-if)# no shutdownR2(config-if)# exit


Step 3. Configure Router R3.Only interface S0/0/1 on R3 needs to be configured. Repeat Step 1 on router R3 using the following commands:

R3# conf tR3(config)# ipv6 unicast-routingR3(config)# interface Serial0/0/1R3(config-if)# ipv6 address 2001:410:2:10::/65 eui-64R3(config-if)# ipv6 rip PROCESS1 enableR3(config-if)# no shutdownR3(config-if)#end



CCNA Exploration


Task 3: Verify the IPv6 Configuration.

Step 1. Verify the IPv6 Configuration on R1. There are several commands available to verify the IPv6. IPv6 retains the same common commands as IPv4 with the exception that we must specify that these are IPv6 commands. The following are several IPv6 commands.

a. First, verify which interfaces have been configured to support IPv6 using the show ipv6 interface brief command on R1, R2 and R3.

Note: On R1, only Serial 0/0/0 displays any IPv6 addresses. To get more information on these addresses use the show ipv6 interface s0/0/0 command. R2 and R3 will be different. The address beginning with FE80 is the link local address and the address beginning with 2001 is the global unicast address. Both were created when the ipv6 address with the EUI-64 option specified. Recall that the EUI-64 inserts the hex digits FFE in the IPv6 address. Write down the global unicast address for each of the interfaces.

b. Issue the show ipv6 rip database command to verify the specifics of the IPv6 RIP database.

c. Next, verify the routing IPv6 table using the show ipv6 route command on R1.

d. Finally, test connectivity by pinging the R3 serial0/0/0 interface from R1. Use the address that you wrote down as the global unicast address (starting with 2001). When asked for the outgoing interface, specify serial0/0/0.


CCNA Exploration


Configuring Port-Security (Instructor Version)

Completed Topology

Objectives

View the default Layer 2 configuration. Configure port security.

Background/Scenario

Port security enables the switch administrator to prevent unauthorized devices from gaining access to the network. Port security is normally enabled on access layer switches for this purpose.

NOTE: This activity is for observation purposes only and does not require configuration, thus grading will not be conducted.



cc. On the three switches, enter privileged EXEC mode using the console password cisco and the secret password class.

dd. From privileged EXEC mode, issue the show interfaces trunk and show interfaces switchport commands.


CCNA Exploration


Observation: On S1, ports F0/1 and F0/2 are 802.1Q trunk ports. On S2, port F0/1 is an 802.1Q trunk port. On S3, port F0/2 is an 802.1Q trunk port. The native VLAN is 99 for all trunk ports.

ee. Issue the show vlan command to verify proper VLAN configuration.

Observation: VLANs 10 (faculty/staff), 20 (students), 30 (guest), and 99 (management) are configured on the three switches: VLAN 1 is the default VLAN on each switch.

S1 VLAN 1: all ports except for trunk ports F0/1 and F0/2.

S2 VLAN 1: ports F0/2-5, G1/1-2.

S2 VLAN 10: ports F0/11-17



S3 VLAN 1: ports F0/1, F0/3-5, G1/1-2





ff. From privileged EXEC mode on the access layer switches, issue the show vtp status command to verify VTP modes and VLAN information.

Observation: S1 is a VTP server. S2 is a VTP client. S3 is in VTP transparent mode. The VLANs configured on S1 successfully propagated to S2.


gg. From each switch, issue the show spanning-tree command.

hh. Verify that all switches are running IEEE 802.1D spanning-tree.

ii. Verify that S1 is the root bridge for VLANs 1-1001.

Observation: All switches are running IEEE 802.1D. S1 is the spanning-tree root bridge for the topology.

Task 2: Configure port security on the switches.

Step 1. Enable port security on S2 and enforce a maximum number of MAC addresses.

jj. To enable port security on S2, enter the interface mode for port F0/6 and issue the command switchport port-security.

kk. Repeat step 1.a. on ports F0/11 and F0/18 of S2.

ll. On ports F0/6, F0/11, and F0/18 of S2, enter the command switchport port-security maximum

mm. Enter the show run command in privileged EXEC mode to see the effect of step 2.a.

Observation: The command switchport port-security maximum 1 does not appear under the interfaces F0/6, F0/11, and F0/18. This is because the default maximum for port security on an interface


CCNA Exploration


is 1. The command switchport port-security maximum # will only appear if a value higher than 1 is configured.

nn. Repeat steps a through d on ports F0/6, F0/11, and F0/18 of switch S3.

Step 2. Configure dynamic learning for port security and verify operation.

oo. On ports F0/6, F0/11, and F0/18 of S2 and S3, enter the command switchport port-security mac-address sticky. Issue the show run command to view the final configuration on both S2 and S3.

pp. Click on PC6. PC6 is currently connected to Fa0/6 on S3. From the command prompt on PC6, issue the command ping 172.17.30.23. This will ping PC3, which is connected to Fa0/6 on S2. The ping should be successful.

qq. On S2 and S3, enter the command show run and check to see if anything has changed in the output.

Observation: On S2, the entry “switchport port-security mac-address sticky 0001.C7CA.E31C” now appears under the configuration for port F0/6. On S3, the entry “switchport port-security mac-address sticky 0030.A3A5.A8C2” now appears under the configuration for port F0/6.

rr. On S3, enter the command show port-security interface fa0/6.

Observation: Port security is enabled, port-status is secure-up, security violation count is 0.

Step 3. Observe what happens when a security violation occurs.

ss. Click on the red x button on the right hand portion of the PT window. This will allow you to delete a connection in the topology. Place the x over the connection between PC6 and S3 and click. The connection should disappear.

tt. Select the lightening bolt button on the bottom left-hand corner of the PT window to pull up connection types. Click the “copper straight-through” connection. Click the TestPC device and select the fastethernet port. Next, click on S3 and select port Fa0/6.

uu. From the command prompt of TestPC type the command ping 172.17.30.23. The ping should fail.

vv. On S3, enter the command show port-security interface fa0/6.

Observation: Port security is enabled, port-status is secure-shutdown, security violation count is 1.

ww.Delete the connection between TestPC and S3. Place a new connection between PC6 and S3 using port Fa0/6. Remember that once a port is shutdown due to a security violation, the port must be administratively shutdown and re-enabled to bring the port back online. On Fa0/6 on S3, issue the command no shutdown.


CCNA Exploration


xx. From the command prompt on PC6, type the command ping 172.17.30.23. The ping should succeed. On S3, issue the command show port-security interface Fa0/6. The status of the port should be back to normal.

You have completed this configuration/observation activity.

Configuring RSTP

Objectives View the default Layer 2 configuration. Enable RSTP. Configure primary and secondary root bridges.

Background/ScenarioSpanning tree modes other than PVST+ are available. One of these modes is RSTP (rapid spanning tree protocol), which greatly reduces the time between a port coming up and changing to forwarding, while still preventing bridging loops. During the transition period between RSTP states, rapid spanning tree falls back to regular spanning tree on links that have regular spanning tree on one side.

In this configuration, two distribution layer switches, DLS1 and DLS2 are connected in a full-mesh topology with the access layer switches, ALS1 and ALS2. DLS1 and DLS2 load balance the traffic at Layer 2 on a per-VLAN basis.


Step 1. Verify the trunking and VLAN configuration on the switches. a. On all four switches, enter privileged EXEC mode with the enable command.

b. From privileged EXEC mode, issue the show interfaces trunk and show interfaces switchport commands.

Observation: Fa0/7, Fa0/9 and Fa0/11 have all been configured as trunk ports.

c. On the two distribution switches (DLS1 and DLS2), issue the show vlan command to verify proper VLAN configuration.

Observation: Ports Fa0/7, Fa0/9 and Fa0/11 are not listed within a specific vlan. Also VLAN100, 110, 120 and 130 are created and active:

100 Server-Farm-1 active 110 Server-Farm-2 active 120 Net-Eng active 130 Staff active

Step 2. Verify the VTP configuration on the switches. From privileged EXEC mode on the DLS1, DLS2, ALS1, and ALS2, issue the show vtp status command to verify the propagation of VLAN information.


CCNA Exploration


Observation: In DLS1 and DLS2, the operating mode is set to “server”. In ALS1 and ALS2, the operating mode is set to “client”.

Step 3. Verify IEEE 802.1D spanning-tree and Root configuration on DLS1. a. On switch DLSI, issue the show spanning-tree command and the show spanning-tree summary command.

b. Verify that it is running IEEE 802.1D spanning-tree.

c. Verify that DLS1 is the root bridge for all the VLANs.

Observation: In the show spanning-tree output the line “This bridge is the root” indicates the current switch is the root bridge. Additionally, the show spanning-tree summary output indicates: Root bridge for: default Server-Farm-1 Server-Farm-2 Net-Eng Staff

d. Verify that ports F0/7, F0/9, and F0/11 are designated forwarding ports on DLS1.

Observation: In the output, each interface is listed with the status set to forward. Example: Fa0/7 Desg FWD

Step 4. Verify IEEE 802.1D spanning-tree and port status on DLS2, ALS1, and ALS2.a. On each switch, issue the show spanning-tree command.

b. On DLS2, verify that port F0/7 is designated forwarding, port F0/9 is non-designated blocking, and F0/11 is root forwarding.

c. On ALS1, verify that port F0/7 is root forwarding and ports F0/9 and F0/11 are designated forwarding.

d. On ALS2, verify that ports F0/7 and F0/11 are non-designated blocking and port F0/9 is root forwarding.

Observation: in the show spanning-tree output, you should see each interface listed with the status set. Example: Fa0/9 Altn BLK (meaning non-designated blocking)

Task 2: Configure RSTP on the switches and load balance.

Step 1. Enable RSTP.To enable RSTP on the switches, enter the global configuration command spanning-tree mode rapid-pvst on each switch.

Step 2. Configure DLS1 as the primary root bridge for VLANs 1, 100, and 120 and as the secondary root bridge for VLANs 110 and 130.a. On DLS1, issue the spanning-tree vlan 1,100,120 root primary command.

b. On DLS1, issue the spanning-tree vlan 110,130 root secondary command.


CCNA Exploration


Step 3. Configure DLS2 as the primary root bridge for VLANs 110 and 130 and as the secondary root bridge for VLANs 1, 100, and 120.a. On DLS2, issue the spanning-tree vlan 110,130 root primary command.

b. On DLS2, issue the spanning-tree vlan 1,100,120 root secondary command.

Step 4. Save the configuration and power cycle all devices.a. On each swich, issue the command copy run start .

b. On PT, below the topology, click on the button “power cycle devices”.

Task 3: Verify RSTP output.

Step 1. Verify the RSTP configuration.After configuring RSTP on all switches, verify the RSTP configuration on DLS1.

a. Issue the show spanning-tree summary command to verify which version of spanning tree protocol is running on DLS1 and to observe the VLANs for which DLS1 is the root bridge.

Observation: DLS1# show spanning-tree summary Switch is in rapid-pvst modeRoot bridge for: default Server-Farm-1 Net-Eng

b. Next, issue the show spanning-tree summary command to verify which version of spanning tree protocol is running on DLS2 and to observe the VLANs for which DLS2 is the root bridge.

Observation: DLS2# show spanning-tree summary Switch is in rapid-pvst modeRoot bridge for: Server-Farm-2 Staff

Note: If this output does not appear, go back and ensure that all commands from Task 2 were performed on all switches. Also, be sure to power cycle the devices to allow for quicker convergence in PT.

You have completed this observation activity.


CCNA Exploration


Configuring SSH

Objectives View the default internetwork configuration. Enable SSH. Interconnect using SSH.

Background/ScenarioTraditionally, remote administrative access on routers was configured using Telnet on TCP port 23. However, Telnet was developed in the days when security was not an issue. For this reason, all Telnet traffic is forwarded in plain text. SSH has replaced Telnet as the best practice for providing remote router administration with connections that support strong privacy and session integrity. SSH uses port TCP 22. It provides functionality that is similar to that of an outbound Telnet connection, except that the connection is encrypted. With authentication and encryption, SSH allows for secure communications over an insecure network. In this configuration, four routers are interconnected in a hub-and-spoke Frame Relay configuration. Router R1 is the hub, and routers R2, R3, and R4 are the spokes. Dynamic routing has been configured using multiarea OSPF.


Step 1. Verify the Frame Relay configuration on the routers. a. On all four routers, enter user EXEC mode with the password cisco.

b. Enter privileged EXEC mode with the password cisco.

c. From privileged EXEC mode on all four routers, issue the show frame-relay map command to verify Frame Relay connectivity.

Step 2. Verify the routing tables.

From privileged EXEC mode on all four routers, issue the show ip route command to verify the all network segments are being advertised.

Step 3. Verify connectivity between routers.

a. From R1, ping all LAN interfaces to verify connectivity.

b. Again from router R1, Telnet to R2 using it’s LAN interface IP address. Exit and repeat the step for routers R3 and R4.Ping other PCs on the same network.

Task 2: Configure SSH on the Hub Router (R1).

Step 1. Enable and configure SSH on R1.

To enable SSH on the router, the following parameters must be configured:- Hostname- Domain name- Asymmetrical keys- Local authentication


CCNA Exploration


a. The hostname on R1 is pre-configured. Therefore configure the domain name cisco.com using the ip domain-name domain-name command.

b. The asymmetrical RSA keys must be generated on R1 using the crypto key generate rsa command. When prompted for a modulus size, specify a modulus of 1024 bits.

c. SSH will prompt for a username and password combination when enabled. Therefore, a local username database entry must be configured using the username name password password command. Create a local account for the user admin and password cisco.

d. Configure the SSH version using the ip ssh version command. In this lab, we will be configuring to use version 2.

e. Next, we need to disable Telnet and enable SSH communication to the VTY lines. To do so, enter the following commands on R1.

R1(config)# line vty 0 4R1(config-line)# no transport input allR1(config-line)# transport input sshR1(config-line)# login localR1(config-line)# end

f. Save the configuration.



Task 3: Configure SSH on the Spoke Routers R2, R3 and R4.

Step 1. Configure SSH on routers R2, R3, and R4. Repeat the Steps from Task 2 on routers R2, R3 and R4.



Task 4: Verify SSH.

Step 1. Verify the SSH configuration.

After configuring SSH on all routers, verify the SSH configuration on R1.

a. Issue the show ip ssh command to verify which version of SSH is configured, and what the default settings are.


CCNA Exploration


R1# sho ip sshSSH Enabled - version 1.99Authentication timeout: 120 secs; Authentication retries: 3

b. Next, issue the show ip ssh command to verify if SSH is currently running.

R1#show ssh %No SSHv2 server connections running.%No SSHv1 server connections running.

Step 2. connect to R2.ext.

a. Now Telnet to router R2.ext, to issue the show ip ssh command to verify if SSH is currently running.

R1# telnet 10.20.20.1Trying 10.20.20.1 ...[Connection to 10.20.20.1 closed by foreign host]

Recall that Telnet was deactivated using the no transport input all command. Only SSH can be used to establish a remote connection.

b. Using R1 as the SSH client, SSH to router R2 using the ssh –l username ip-address command.

R1#ssh –l admin 10.20.20.1

Password:

c. When prompted for a password, enter cisco. You should now be connected to router R2.


CCNA Exploration


Configuring STP (Instructor Version)

Objectives

View the default configuration of the spanning tree protocol. Select and enable the root bridge. Enable portfast on ports connected directly to host devices View how these configurations change the way in which traffic is forwarded.

Background/Scenario

The spanning-tree protocol is useful in ensuring that loops do not exist in the network. However, it can introduce increased latency and unintended inefficiencies if left to auto negotiate the root bridge. In this activity, observe how the spanning-tree protocol affects path selection and how that path selection can change based on the configuration of the root bridge.


Step 1. Wait for STP convergence to occur.

Spanning-tree must converge before connectivity occurs on a network. Wait for all link lights to turn either green or orange (green for forwarding, orange for blocking).

Observation: All ports take equally as long to converge, including those ports that are connected to host devices.

Step 2. Determine the root bridge.

yy. On the Central switches, enter privileged EXEC mode using the console password cisco and the secret password class.

zz. From privileged EXEC mode, issue the show spanning-tree command and observe the output.

Observation: Central is NOT the root bridge. Notice that Fa0/13 is placed in designated forwarding, Gi0/2 is placed in alternate blocking, and Gi0/1 is specified as Root Fwd. Gi0/1 is connected to Switch1.

aaa. On Switch1, from the privileged EXEC mode, issue the show spanning-tree command.

Observation: Switch1 is NOT the root bridge. Notice that all ports are forwarding, and fa0/22 is specified as Root Fwd. Fa0/22 is connected to SW-B.

bbb. On SW-B, from the privileged EXEC mode, issue the show spanning-tree command.

Observation: SW-B is the root bridge. This is evident by the line “This bridge is the root”.

Step 3. View how traffic is forwarded based on SW-B as root.

ccc.Click on the simulation button. The simulation button can be found on the lower right-hand corner of the PT window, behind the Realtime clock.


CCNA Exploration


ddd. Close the Event List window by selecting the x in the upper right-hand corner, just below the Viewport button. This will allow you to see then entire topology.

eee. Notice the Auto Capture / Play button and the Capture / Forward button on the bottom screen of the PT window. Below these buttons is a drop down box with Scenario 0 and Scenario 1. Be sure that Scenario 0 is selected. Scenario 0 is a ping originating from PC-PT E1 and destined to Server-PT Workgroup Server 1. Click the Auto Capture / Play button to view the path that the packet will take to reach that server. When the Buffer Full message appears, click on view previous events.

fff. Is the path that the packet took to reach that destination the most efficient path? Why did the packet take that path?

ggg. Next, in the drop down box, select Scenario 1. Scenario 1 is a ping originating from PC-PT E2 and destined for Server-PT Workgroup Server 2. Click the Auto Capture / Play button to view the path that the packet will take to reach that server. When the Buffer Full message appears, click on view previous events.

hhh. Is the path that the packet took to reach that destination the most efficient path? Why did the packet take that path?

Step 4. Manually configure the root bridge.

iii. Click on the real time button. The real time button can be found on the lower right-hand corner of the PT window, behind the simulation timed clock.

jjj. Select Central switch.

kkk.From the EXEC priviledge mode, enable the central switch as the root bridge by typing the command spanning-tree vlan 1 root primary.

lll. Save the configuration with the command copy run start.

mmm. Select Switch 2.

nnn. From the EXEC priviledge mode, enable the Switch 2 as the secondary root bridge by typing the command spanning-tree vlan 1 root secondary.

ooo. Save the configuration with the command copy run start.

Step 5. Enable Portfast.

To speed up convergence, it is also good practice to enable portfast on ports that are known to connect to servers and workstations. When an interface is configured with portfast, the STP for that port assumes


CCNA Exploration


that the port is not part of a loop and immediately moves to the forwarding state and does not go through the blocking, listening, or learning states. For this exercise, enable portfast on ports that are connected to servers.

ppp. Click on SW-A

qqq. Using the interface range command, enable portfast on ports Fa0/1 – Fa0/4. Additionally enable portfast on the port connected to Workgroup Server 2 (Fa0/13)

Example:

Switch(config)# interface range fa0/1 – fa0/4

Switch(config-if-range)# spanning-tree portfast

Switch(config-if-range)# interface fa0/13

Switch(config-if)# spanning-tree portfast

rrr. Save the configuration with the copy run start command.

sss.Repeat steps a and b on switches SW-B, SW-C, SW-D, SW-E, and SW-F. In addition, on switch Central, enable portfast on port fa0/13

ttt. Once you have completed the configuration, click the button “power cycle devices”. This will reboot all devices and allow you to watch the spanning-tree convergence. Be sure that you saved all configurations before rebooting devices.

Step 6. View how traffic is forwarded based on Central as the root.

uuu. Click on the simulation button.

vvv.Close the Event List window by selecting the x in the upper right-hand corner, just below the Viewport button. This will allow you to see then entire topology.

www. In the drop down box, select Scenario 0. Scenario 0 is a ping originating from PC-PT E1 and destined to Server-PT Workgroup Server 1. Click the Auto Capture / Play button to view the path that the packet will take to reach that server. When the Buffer Full message appears, click on view previous events.

xxx.How has the path changed? Is the path more efficient? Is there more efficient paths available?

yyy.Next, in the drop down box, select Scenario 1. Scenario 1 is a ping originating from PC-PT E2 and destined for Server-PT Workgroup Server 2. Click the Auto Capture / Play button to view the path that the packet will take to reach that server. When the Buffer Full message appears, click on view previous events.

zzz.How has the path changed? Is the path more efficient? Is there more efficient paths available?


CCNA Exploration


Step 7. Reflection.

aaaa. How does specifying the root bridge affect efficiencies in the network? Changing the root bridge affects how packets are forwarded. With the root bridge, all ports are placed to forwarding. Whereas on other switches, certain ports may be placed in blocking, preventing traffic from taking the most “efficient” path.

bbbb. What are some factors that may be important to consider when selecting the root bridge? The decision varies on several factors. In this case, Central is the connection to the Internet and the Workgroup Server 1 and may be the most important or commonly accessed path for all devices. In addition, the speed of the connections to Central is Gigabit, versus Fastethernet. So packets taking that path have faster connection times.

cccc. In this topology there is only one VLAN and 1 root bridge. There is a separate instance of spanning-tree for each VLAN. How can specifying multiple VLANS and different root bridges for each VLAN improve efficiency? If there are several devices that must reach a specific server, such as workgroup server 2, it is possible to place all of these devices and the server in a separate VLAN. The root bridge for that VLAN can then be specified based on the most efficient path to reach that server.

dddd. How does enabling portfast increase efficiency in the network? The STP for that port assumes that the port is not part of a loop and immediately moves to the forwarding state and does not go through the blocking, listening, or learning states. For a switch that is newly connected to the network, this means that host devices connected to portfast enabled ports will be able to start sending and receiving traffic immediately.


CCNA Exploration


Multi-User Activity: ACL Requirements

External Network Requirements:1) Permit the management host with the IP address 10.100.1.1(located on the external network) to access, including ping and telnet, any host on the internal network.

2) All other ping and telnet traffic from the external network to internal devices should be denied.

3) External html traffic should be permitted to access Ext Web Serv.Any other external traffic to the Ext Web Serv should be denied.

4) All established traffic (traffic from the external network in response to a request from a host on the internal network) should be permitted.

5) All traffic originating from the external network 10._.2.0 (the second value will vary depending on the number of students participating in the multi-user activity. Examples include: 10.1.2.0, 10.20.2.0, 10.30.2.0, 10.40.2.0, 10.50.2.0.) should be able to access Int. Web Serv with html traffic only.

6) All other external traffic to the Int Web Serv should be denied.

6) All external EIGRP traffic required to ensure routing should be permitted.

7) All other external traffic should be denied.

Internal Network Requirements:1) All internal html traffic to the Ext Web Serv should be permitted.

2) All traffic originating from the external network 10._.2.0 (the second value will vary depending on the number of students participating in the multi-user activity. Examples include: 10.1.2.0, 10.10.2.0, 10.20.2.0, 10.30.2.0, 10.40.2.0, 10.50.2.0.) should be able to access Int. Web Serv with html traffic only.

3) All internal traffic originating from the 10._.2.0/24 network (second value based on internal network number) should be able to access Int Web Serv with all services.

3) On the 10._.4.0/24 network, only host 10._.4.2 (second value based on internal network number) should be able to access Int Web Serv with all services

4) All other internal hosts on the 10._.4.0 network should be able to access the Int Web Serv with html traffic only.

4) All other internal traffic should be denied access to Int Web Serv.

5) All other internal traffic destined for internal hosts (including ping, telnet) should be permitted.


CCNA Exploration


Multi-User Activity: ACL Solution

Solutions can vary. One possible solution for Peer0:

Router0:hostname Router!!!!!ip ssh version 1!!interface FastEthernet0/0 ip address 10.1.4.1 255.255.255.0 duplex auto speed auto!interface FastEthernet0/1 no ip address duplex auto speed auto shutdown!interface Serial0/0 ip address 10.1.5.2 255.255.255.0 ip access-group 101 in!interface Serial0/1 ip address 10.1.3.2 255.255.255.0 clock rate 56000!interface Serial0/2 no ip address shutdown!interface Serial0/3 no ip address shutdown!interface FastEthernet1/0 no ip address duplex auto speed auto shutdown!interface FastEthernet1/1 no ip address duplex auto speed auto shutdown!


CCNA Exploration


router eigrp 101 network 10.0.0.0 auto-summary!ip classless!!access-list 101 permit ip host 10.100.1.1 anyaccess-list 101 deny tcp any any eq telnetaccess-list 101 deny icmp any any echoaccess-list 101 permit tcp any any establishedaccess-list 101 permit tcp any host 10.1.4.3 eq wwwaccess-list 101 permit tcp 10.10.2.0 0.0.0.255 host 10.1.1.2 eq wwwaccess-list 101 permit tcp 10.20.2.0 0.0.0.255 host 10.1.1.2 eq www! assuming that peer1 and peer2 users are also participatingaccess-list 101 permit eigrp any any!!!no cdp run!line con 0line vty 0 4 login!!end

Router#

Router1:Current configuration : 1188 bytes!version 12.2no service password-encryption!hostname Router!!enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0!!!!ip ssh version 1!!interface FastEthernet0/0 ip address 10.1.1.1 255.255.255.0 ip access-group 101 out duplex auto speed auto!interface FastEthernet0/1 ip address 10.1.2.1 255.255.255.0


CCNA Exploration


duplex auto speed auto!interface Serial0/0 ip address 10.1.3.1 255.255.255.0!interface Serial0/1 no ip address shutdown!interface Serial0/2 no ip address shutdown!interface Serial0/3 no ip address shutdown!interface FastEthernet1/0 no ip address duplex auto speed auto shutdown!interface FastEthernet1/1 no ip address duplex auto speed auto shutdown!router eigrp 101 network 10.0.0.0 auto-summary!ip classless!!access-list 101 permit ip host 10.100.1.1 anyaccess-list 101 permit tcp 10.10.2.0 0.0.0.255 host 10.1.1.2 eq wwwaccess-list 101 permit tcp 10.20.2.0 0.0.0.255 host 10.1.1.2 eq www! assuming that peer1 and peer2 users are also participatingaccess-list 101 permit ip 10.1.2.0 0.0.0.255 host 10.1.1.2access-list 101 permit ip host 10.1.4.2 host 10.1.1.2access-list 101 permit tcp 10.1.4.0 0.0.0.255 host 10.1.1.2 eq www!!!no cdp run!line con 0line vty 0 4 login!!end


CCNA Exploration


PT: Troubleshoot a Multipoint Frame Relay Connection with OSPF

Addressing Table

Device Interface IP Address Subnet Mask DLCI

Router0

S0/0/0 (DTE) 192.168.0.1 255.255.255.252192.168.0.2 - 401192.168.0.3 - 402

Fa0/0 10.1.2.1 255.255.255.0

Router 1

S0/0/0 (DTE) 192.168.0.2 255.255.255.252192.168.0.1 - 410 192.168.0.3 - 412

Fa0/0 10.1.1.1 255.255.255.0

Router2

S0/0/0 (DTE) 192.168.0.3 255.255.255.0192.168.0.1 - 420192.168.0.2 - 421

Fa0/0 10.1.3.1 255.255.255.0 exparis (webserver) NIC 10.1.3.50 255.255.255.0 exlond (webserver) NIC 10.1.2.50 255.255.255.0

Objectives

Use various tools and show commands to troubleshoot connectivity issues.

Scenario

A network administrator recently implemented a frame relay connection from the New York office to the offices in Paris and London. Users at the New York location are complaining that they are unable to reach the web server www.exlond.com. Information located on both the Paris and London servers are time sensitive. Determine the cause of the connectivity issue and fix the problem as quickly as possible.

Step 1: Verify connectivity to both the Paris and London web servers

a. On NY admin, use the web browser to attempt to access both www.exlond.com and www.exparis.com.

Observation: www.exparis.com connects, however when attempting to connect to www.exlond.com, the request times out.

b. From the command prompt, ping the IP address of the exlond server (10.1.2.50)

Observation: By pinging the server by the IP address, this confirms whether the problem is with the DNS server (name translation) or if connectivity is truely down. The ping fails, therefore, the problem is with the connection between NY admin and the server. This could be a frame-relay connection issue or an OSPF issue.


CCNA Exploration


Step 2: Verify the frame relay and OSPF configurations and make any necessary configuration changes.

a. On NY admin, use the terminal window to access Router1 via the console cable.

b. Use the show ip route command to view the routes that are available

Observation: OSPF has discovered a route to the 10.1.3.0 network, but not the 10.1.2.0 network.

c. Ping the inside interface on Router0 (192.168.0.1). Does the ping pass or fail?

d. Ping the outside interface on Router0 (10.1.2.1). Does the ping pass or fail?

Observation: The ping to 192.168.0.1 passes. This indicates that the frame-relay connection is operational. However, the ping to 10.1.2.1 fails, indicating that routing is not operating as expected.

e. Use various tools and show commands to verify the OSPF configuration on Router1 and Router0 (this requires telnetting to Router0). Make any necessary configuration changes.

NOTE: In Packet Tracer, OSPF convergence across a frame relay network may take up to a minute. After making a configuration change, save the configuration and select the button "power cycle devices" to speed up convergence times.

Step 3: Verify connectivity.

a. Use show commands and the web browser to verify connectivity.

b. When finished, Click Check Results.

Reflection

1. Why would an administrator attempt to connect to both the www.exparis.com and www.exlond.com web servers as a first step, even though www.exparis.com is not on the same network as www.exlond.com? This confirms that the issue is only with the network connection that contains the exlond server and narrows down where the administrator must troubleshoot.

2. List the steps that you took to solve the problem. Looking at them again, was there a more efficient way to determine the problem? Answers vary

3. What is the purpose of the ip ospf network broadcast command? This command is used to define the network type as broadcast. The network type is defined on nonbroadcast networks to avoid configuring the neighbors explicitly


http://www.exparis.com/

http://www.exlond.com/

http://www.exparis.com/

http://www.exlond.com/

CCNA Exploration



Documents

Configuring EtherChannel-CISCO ROUTER