Nqdinh Dtcm Th 2012

7/29/2019 Nqdinh Dtcm Th 2012

1/44

1

Introduction to Routing and Switching

Simulate with GNS3

Nguyn Quc nhFaculty of IT, Ho Chi Minh City University of Industry

Sept 2012


2/44

2

Schedule

Part 1: Starting with GNS3 Part 2: Static routing Part 3: VLAN

Part 4: LAN with STP Part 5: RIP (v2, ng) Part 6: OSPF Part 7: BGP Part 8: Multicasting Part 9: Access Control List Part 10: Review (Oh great)


3/44

3

Part 1

Starting with GNS3

Nguyn Quc nh


4/44

4

Why not Packet Tracer?

How different? Packet Tracer: simulation program GNS3: emulation program

On PT, you just can't fully operate BGP, STP,multicast

But the upside of PT (so it'd be there) Lightweight Easily to configure and see the result


5/44

5

To get started with GNS3see

GNS3: Graphical Network Simulatorby Mike Fuszner, v1.0


6/44

6

Notes: Setup

For this part and also later parts, use IOS 3640 Make sure to have virtual PC (vpc) for your testing

(i.e. ping)

GNS3 and its components run faster under Linuxthan under Windows Above all, always set IDLE PC to save your computer

computation

Try to remember all commands may overload yourlittle brain, use ? for commands supported


7/44

8

Note: Saving configuration

Configurations in two locations - RAM and NVRAM.

The running configuration is stored in RAM.

Any configuration changes to the router are made to therunning-configuration and take effect immediately after thecommand is entered.

The startup-configuration is saved in NVRAM and is loaded intothe router's running-configuration when the router boots up.

To save the running-configuration to the startup configuration,

type the following from privileged EXEC mode (i.e. at the"Router#" prompt.)

#copy running-config startup-config


8/44

9

Tip: Save your working frequently with

#copy running-config startup-config


9/44

10

Target:

Read (and do) up to page #40 of Mike's tutorial You have to setup and configure IP address of PCs

in this network

PC1 PC2PC1 PC3


10/44

11

Q: Could PC1 ping F0/0 of West? Why

Q: Could PC1 ping S0/1 of West? Why

Q: Could PC1 ping PC2? Why


11/44

12

Part 2

Static RoutingNguyn Quc nh


12/44

13

Why static routing?

Static routing vs Dynamic routing How different? What scale?

Static routing: toy game for tiny network


13/44

14

Commands

config t interface Fa0/0 ip address [ip-address] [subnet-mask] show ip route: displace routing table in a router ip route [destination-network-address] [subnet-

mask] [next-hop-IP-address]: configure static

route statement sh ip int brief: displace brief interfaces

information


14/44

15

Lab 1

Target: Use static routing to connect all PCs in this networkIP addresses of interface and PCs are shown in the picture


15/44

16

Hint: configure static routing table in each

(config)#ip route 192.168.1.0 255.255.255.0 10.0.0.2(config)#ip route 192.168.2.0 255.255.255.0 10.0.0.2



West

Central

East


16/44

17

Command show ip route on West, East, andCentral

Does it reveal something? Try to explain the

resultsSee more results with ping, traceroute

(router), and tracert (PC)


17/44

18

Check your understanding by configure following network

1 2 3

4 5

6

7 8


18/44

19

Grand addresses 172.(15+X).0.0/16 for X-thsubnet.

User static routing All PCs could communicate through the network

Checking (always checking) show ip route

ping to the internet tracert from PC

Requirements for previous scenario


19/44

20

Part 3

VLANNguyn Quc nh


20/44

21

Notes on VLAN

VLANs are assigned on the switch port. There is noVLAN assignment done on the host (usually).

Assigning a host to the correct VLAN is a 2-stepprocess:

1.Connect the host to the correct port on the switch.

2.Assign to the host the correct IP address depending onthe VLAN memebership

Remember: VLAN = Subnet

Following labs, we use static VLANs


21/44

22

To use switch @GNS3

GNS3 doesn't include layer-2 and layer-3switches. we could utilize router as switch instead

by using NM-16ESW module in router. In this wayyou can configure switching protocols like VLAN,STP, VTP ect.

How? To make a switch symbol, see following slide


22/44

23

To use switch @GNS3

1

23

You got a switch symbol from c3600 (c3640)Use it in the following VLAN labs


23/44

24

Commands Related to VLAN

To add more items to vlan database:#vlan database

(vlan)#vlan 20 name engineering

To make a host connect to current port belong to vlan 20:(config-if)#switchport mode access

(config-if)#switchport acess vlan 20

To turn current port to trunking mode:(config-if)#switchport mode trunk

(config-if)#switchport trunk allowed vlan all


24/44

25

Commands Related to VLAN (cont)

And to show vlan summary:#show vlan?

#show vlan-switch

#show interfaces fa0/1 switchport#sh vtp status

Following slides explain more in few commands


25/44

26

Configure Ranges of VLANs

Switch(config)#interface rangefastethernet 0/8, fastethernet 0/12

Switch(config-if)#switchport access vlan 3

Switch(config-if)#exit

vlan 3


26/44

27

Mode Acess

Switch(config)#interface fastethernet 0/1

Switch(config-if)#switchport mode access

Switch(config-if)#exit

Note: The switchport mode access command should beconfigured on all ports that the network administratordoes not want to become a trunk port.


27/44

28

Face Mistake, to Remove

Deleting a Port VLAN MembershipSwitch(config-if)#no switchport access vlanvlan_number

Deleting a VLAN

Switch#vlan database

Switch(vlan)#no vlan Switch(vlan)#exit


28/44

29

VLAN Tagging

To turn current port to trunking mode:

(config-if)#switchport mode trunk

(config-if)#switchport trunk allowed vlan all

Or more selective

(config-if)#switchport trunk allowed vlan 10 20

No VLAN Tagging

VLAN Tagging


29/44

30

Lab 1: Assign VLAN Port

Target: Create this VLAN table @R1:VLAN 1: defaultVLAN 10: engineeringVLAN 20: r-d

VLAN 30: accountingVLAN 40: sale

VLAN 10 owns 172.168.10.0/24 subnetVLAN 20 owns 172.168.11.0/24 subnet

VLAN 30 owns 172.168.12.0/24 subnetVLAN 40 owns 172.168.13.0/24 subnet


30/44

31

Lab 1: Assign VLAN Port (cont)

Assign following:C0 owned by an engineerC1 owned by an engineerC2 owned by a seller

Their IP addresses assigned byyour own

Configure the network. Then answer: Can C0 ping C1? Why? Can C0 ping C2? Why?


31/44

32

Lab 2: VLAN Trunking

switchport mode trunk

switchport mode access


32/44

33

Lab 2: VLAN Trunking (cont)

Assign following:

C0 owned by an engineerC1 owned by an engineerC2 owned by a seller

C3 owned by an engineer

C4 owned by a seller

Their IP addresses assigned by your own

Check if all engineers/sellers assigned to the same subnet

Lab 3 (option): Testing your


33/44

34

Lab 3 (option): Testing yourunderstanding with VLAN Trunking

For guidance, see attached documentation (part3-lab3.pdf)from TruongTan Inst.

Lab 4 (option): Routing between VLANs


34/44

35

Lab 4 (option): Routing between VLANs

For guidance, see attached documentation (part3-lab4.pdf)from TruongTan Inst.


35/44

36

Part 4

LAN with STP

Nguyn Quc nh


36/44

37

Objective

Learn how to identify which switch is elected asthe root bridge.

Learn how to determine the optimum bridge

placement. Learn to optimize Spanning Tree convergence. Learn to change connection cost.


37/44

38

(1) Network scenario

Put the switch in orderas shown in the picture. Inwhich the R4 is put in the last

1

2

3

4

By default, STP is build in VLAN 1. And R1 is the root. Why?


38/44

39

R1#show spanning-tree

VLAN1 is executing the ieee compatible Spanning Tree protocol

Bridge Identifier has priority 32768, address cc00.597e.0000Configured hello time 2, max age 20, forward delay 15

We are the root of the spanning tree

Topology change flag not set, detected flag not set

Port 1 (FastEthernet0/0) of VLAN1 is forwardingPort path cost 19, Port priority 128, Port Identifier 128.1.

Designated root has priority 32768, address cc01.60ce.0000

Designated bridge has priority 32768, address cc01.60ce.0000

Designated port id is 128.1, designated path cost 0

BPDU: sent 24, received 0

Port 2 (FastEthernet0/1) of VLAN1 is forwarding

Port path cost 19, Port priority 128, Port Identifier 128.2.



39/44

40

p g


Bridge Identifier has priority 32768, address cc00.597e.0000

Configured hello time 2, max age 20, forward delay 15

We are the root of the spanning tree

Topology change flag not set, detected flag not set



Bridge Identifier has priority 32768, address cc01.597e.0000

Configured hello time 2, max age 20, forward delay 15

Current root has priority 32768, address cc00.597e.0000

Root port is 2 (FastEthernet0/1), cost of root path is 38

Wh ' h


40/44

41

Where's the root

R1 is the root. By default a Root Bridge is elected, and the one has

slowest Bridge ID (determined by the Bridge Priorityand the MAC address) is the winner.

Want to make

R4 to be the root bridge

Ch th t b id


41/44

42

Change the root bridge

By default, all bridge has priority of32768 To change priority of one bridge:

Switch (config)# spanning-tree vlan

priority

To make one bridge be root-bridge (priority = 8192)


root primary

To make one bridge be secondary root-bridge forredundancy (priority = 16384)


root secondary

L t' k h


42/44

43

Let's make some changes

Make R4 become the root:R4(config)# spanning-tree vlan 1 root

primary

Make R3 has one port to be blocked (why wehas following setting?)

R3(config)#spanning-tree vlan 1 priority

61440

(2) Ch th t f h li k


43/44

44

(2) Change the cost of each link

Default path costs10BaseT: 100

100BaseT: 19

1000Baset: 4 To change the cost in each link

switch (config-if)# spanning-tree vlan cost

What happens when the port of R4 which links toR2 has the cost of 15?

(3) S i t


44/44

45

(3) Spanning tree convergence

STP uses several timers to recover fromtopology changes

Modifying STP timers

spanning-tree vlan vlan-listhello-timeseconds

spanning-tree vlan vlan-listforward-time seconds

spanning-tree vlan vlan-listmax-age seconds

Documents

Nqdinh Dtcm Th 2012