Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology

Computer Networks 2 - Labs

Contents
Lab 1: Introduction to networking materials and software tools Lab 2: Practice on Cisco network devices Lab 3: Building a complete network on Packet Tracer Lab 4: LAN-to-LAN Connections

Lab 5: Advanced LAN Switching Configuration - VLANs

Lab 6: Building Inter-VLAN Network with a Router and Layer-3 Switch Lab 7: Basic Router Configuration Lab 8: RIP Version 2 and Debugging Lab 9: Configure OSPF on a multi-access network Lab 10: BGP - inter-autonomous system routing protocol Lab 11: Wireless Network and AP Configuration Lab 12: Using a network management and monitoring tool
Computer Networks 2 Laboratories 1

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology

Lab 5: Advanced LAN Switching Configuration - VLANs .I Objectives:

This lab describes how to configure normal-range VLANs (VLAN IDs 1 to 1005) and extended-range VLANs (VLAN IDs 1006 to 4094) on the Catalyst 2960 Switches. It includes information about VLAN membership modes, VLAN configuration modes, VLAN trunks (Dynamic VLAN assignment from a VLAN Membership Policy Server (VMPS) is actually ignored). Describes the features and interfaces that can be configured on the VLANs assigned to the switch ports on Cisco 1801 Integrated-Services Router. Cisco devices (8-port Catalyst 2960 Switch, 1801 IS Router) will be given at Lab time.

.II Introduction to VLAN Configuration on Cisco devices

.1 Configuring VLANs on Cisco Catalyst 2960 Switch
Configuring VTP Domain

Before you create VLANs, you must decide whether to use VLAN Trunking Protocol (VTP) to maintain global VLAN configuration for your network. You use the vtp global configuration command to set the VTP password, the version, the VTP file name, the interface providing updated VTP information, the domain name, and the mode, and to disable or enable pruning.
Command
Step 1 configure terminal Step 2 vtp domain domain-name

Purpose
Enter global configuration mode. Configure the VTP administrative-domain name. The name can be 1 to 32 characters. All switches operating in VTP server or client mode under the same administrative responsibility must be configured with the same domain name. This command is optional for modes other than server mode. VTP server mode requires a domain name. If the switch has a trunk connection to a VTP domain, the switch learns the domain name from the VTP server in the domain. You should configure the VTP domain before configuring other VTP parameters.

Step 3 vtp mode{client|server|transparent|off} {vlan|mst|unknown}

Configure the switch for VTP mode (client, server, transparent or off). (Optional) Configure the database: vlan: the VLAN database is the default if none are configured. mst: the multiple spanning tree (MST) database. unknown: an unknown database type.

Computer Networks 2 Laboratories

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology
Step 4 vtp password yourpassword (ignore this step) Step 5 end Step 6 show vtp status Step 7 copy running-config startup-config (Optional) Set the password for the VTP domain. The password can be 8 to 64 characters. If you configure a VTP password, the VTP domain does not function properly if you do not assign the same password to each switch in the domain. Return to privileged EXEC mode. Verify your entries in the VTP Operating Mode and the VTP Domain Name fields of the display. (Optional) Save the configuration in the startup configuration file. Note Only VTP mode and domain name are saved in the switch running configuration and can be copied to the startup configuration file.

Enabling VTP Pruning

Pruning increases available bandwidth by restricting flooded traffic to those trunk links that the traffic must use to access the destination devices. You can only enable VTP pruning on a switch in VTP server mode.
Command
Step 1 Step 2 configure terminal vtp pruning

Purpose
Enter global configuration mode. Enable pruning in the VTP administrative domain. By default, pruning is disabled. You need to enable pruning on only one switch in VTP server mode.

Step 3 Step 4

end show vtp status

Return to privileged EXEC mode. Verify your entries in the VTP Pruning Mode field of the display.

Monitoring VTP

You monitor VTP by displaying VTP configuration information: the domain name, the current VTP revision, and the number of VLANs. You can also display statistics about the advertisements sent and received by the switch.
Command
show vtp counters show vtp devices[conflict]

Purpose
Display counters about VTP messages that have been sent and received. Display information about all VTP version 3 devices in the domain. Conflicts are VTP version 3 devices with conflicting primary servers. The show vtp devices command does not display information when the switch is in transparent or off mode. Display VTP status and configuration for all interfaces or the specified interface. Display the VTP password. The form of the password displayed depends on whether or not the hidden keyword was entered and if encryption is enabled on the switch. Display the VTP switch configuration information.

show vtp interface[interface-id] show vtp password show vtp status

Computer Networks 2 Laboratories

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology
Configuring VLANs

All the PCs in a particular IP subnet belong to the same VLAN. Interface VLAN membership on the switch is assigned manually on an interface-by-interface basis.
Configuring Normal-Range VLANs
Command
Step 1 Step 2 Step 3 configure terminal vlan vlan-id name vlan-name

Purpose
Enter global configuration mode. Enter a VLAN ID, and enter VLAN configuration mode. Enter a new VLAN ID to create a VLAN, or enter an existing VLAN ID to modify that VLAN. (Optional) Enter a name for the VLAN. If no name is entered for the VLAN, the default is to append the vlan-id with leading zeros to the word VLAN. For example, VLAN0004 is a default VLAN name for VLAN 4. (Optional) Change the MTU size (or other VLAN characteristic). (Optional) Configure the VLAN as the RSPAN VLAN for a remote SPAN session. Return to privileged EXEC mode. Verify your entries. (Optional) If the switch is in VTP transparent mode, the VLAN configuration is saved in the running configuration file as well as in the VLAN database. This saves the configuration in the switch startup configuration file.

Step 4 Step 5 Step 6 Step 7 Step 8

mtu mtu-size remote-span end show vlan{name vlan-name | id vlan-id} copy running-config startup config

Deleting a VLAN

When you delete a VLAN from a switch that is in VTP server mode, the VLAN is removed from the VLAN database for all switches in the VTP domain. When you delete a VLAN, any ports assigned to that VLAN become inactive.
Command
Step 1 Step 2 Step 3 Step 4 Step 5 configure terminal no vlan vlan-id end show vlan brief copy running-config startup config

Purpose
Enter global configuration mode. Remove the VLAN by entering the VLAN ID. Return to privileged EXEC mode. Verify the VLAN removal. (Optional) If the switch is in VTP transparent mode, the VLAN configuration is saved in the running configuration file as well as in the VLAN database. This saves the configuration in the switch startup configuration file.

Assigning Static-Access Ports to a VLAN

You can assign a static-access port to a VLAN without having VTP globally propagate VLAN configuration information by disabling VTP (VTP transparent mode). If you assign an interface to a VLAN that does not exist, the new VLAN is created.

Computer Networks 2 Laboratories

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology
Command
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 configure terminal interface interface-id switchport mode access switchport access vlan vlan-id end show running-config interface interface-id show interfaces interface-id switchport

Purpose
Enter global configuration mode Enter the interface to be added to the VLAN. Define the VLAN membership mode for the port (Layer 2 access port). Assign the port to a VLAN. Valid VLAN IDs are 1 to 4094. Return to privileged EXEC mode. Verify the VLAN membership mode of the interface. Verify your entries in the Administrative Mode and the Access Mode VLAN fields of the display. (Optional) Save your entries in the configuration file.

copy running-config startup-config

Configuring Extended-Range VLANs

Command
Step 1 configure terminal Step 2 vtp mode transparent

Purpose
Enter global configuration mode. Configure the switch for VTP transparent mode, disabling VTP. Note This step is not required for VTP version 3.

Step 3 vlan vlan-id Step 4 mtu mtu-size

Enter an extended-range VLAN ID and enter VLAN configuration mode. The range is 1006 to 4094. (Optional) Modify the VLAN by changing the MTU size. Note Although all VLAN commands appear in the CLI help, only the mtu mtu-size, and remote-span commands are supported for extended-range VLANs.

Step 5 remote-span Step 6 end Step 7 show vlan vlan-id Step 8 copy running-config startup config

(Optional) Configure the VLAN as the RSPAN VLAN. Return to privileged EXEC mode. Verify that the VLAN has been created. Save your entries in the switch startup configuration file. To save extendedrange VLAN configurations, you need to save the VTP transparent mode configuration and the extended-range VLAN configuration in the switch startup configuration file. Otherwise, if the switch resets, it will default to VTP server mode, and the extended-range VLAN IDs will not be saved. Note With VTP version 3, the VLAN configuration is also saved in the VLAN database.

Displaying VLANs
Command
show interfaces[vlan vlan-id]

Purpose
Display characteristics for all interfaces or for the specified VLAN configured on the switch.

Computer Networks 2 Laboratories

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology
show vlan [id vlan-id] Display parameters for all VLANs or the specified VLAN on the switch.

Mode
switchport mode access

Configuring VLAN Trunks

Function
Puts the interface (access port) into permanent nontrunking mode and negotiates to convert the link into a nontrunk link. The interface becomes a nontrunk interface regardless of whether or not the neighboring interface is a trunk interface. Makes the interface able to convert the link to a trunk link. The interface becomes a trunk interface if the neighboring interface is set to trunk or desirable mode. The default switchport mode for all Ethernet interfaces is dynamic auto. Makes the interface actively attempt to convert the link to a trunk link. The interface becomes a trunk interface if the neighboring interface is set to trunk, desirable, or auto mode. Puts the interface into permanent trunking mode and negotiates to convert the neighboring link into a trunk link. The interface becomes a trunk interface even if the neighboring interface is not a trunk interface. Prevents the interface from generating DTP frames. You can use this command only when the interface switchport mode is access or trunk. You must manually configure the neighboring interface as a trunk interface to establish a trunk link.

switchport mode dynamic auto

switchport mode dynamic desirable switchport mode trunk

switchport nonegotiate

Configuring an Ethernet Interface as a Trunk Port

Command
Step 1 Step 2 Step 3 configure terminal interface interface-id

Purpose
Enter global configuration mode. Specify the port to be configured for trunking, and enter interface configuration mode. Configure the interface as a Layer 2 trunk (required only if the interface is a Layer 2 access port or to specify the trunking mode). dynamic auto: Set the interface to a trunk link if the neighboring interface is set to trunk or desirable mode. This is the default. dynamic desirable: Set the interface to a trunk link if the neighboring interface is set to trunk, desirable, or auto mode. trunk: Set the interface in permanent trunking mode and negotiate to convert the link to a trunk link even if the neighboring interface is not a trunk interface.

switchport mode {dynamic{auto |desirable} | trunk}

Step 4 Step 5 Step 6 Step 7 Step 8

switchport access vlan vlan-id switchport trunk native vlan vlan-id end show interfaces interface-id switchport show interfaces interface-id trunk

(Optional) Specify the default VLAN, which is used if the interface stops trunking. (Optional) Specify the native VLAN for IEEE 802.1Q trunks. Return to privileged EXEC mode. Display the switchport configuration of the interface in the Administrative Mode and the Administrative Trunking Encapsulation fields of the display. Display the trunk configuration of the interface.

Computer Networks 2 Laboratories

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology
Step 9 copy running-config startup-config (Optional) Save your entries in the configuration file.

Defining the Allowed VLANs on a Trunk (Optional)

Command
Step 1 Step 2 Step 3 Step 4 configure terminal interfaceinterface-id switchport mode trunk

Purpose
Enter global configuration mode. Specify the port to be configured, and enter interface configuration mode. Configure the interface as a VLAN trunk port.

switchport trunk allowed vlan {add |all | (Optional) Configure the list of VLANs allowed on the trunk. except|remove} vlan-list The vlan-list parameter is either a single VLAN number from 1 to 4094 or a range of VLANs described by two VLAN numbers, the lower one first, separated by a hyphen. Do not enter any spaces between comma-separated VLAN parameters or in hyphen-specified ranges. All VLANs are allowed by default.

Step 5 Step 6 Step 7

end show interfaces interface-id switchport copy running-config startup-config

Return to privileged EXEC mode. Verify your entries in the Trunking VLANs Enabled field of the display. (Optional) Save your entries in the configuration file.

Beginning in privileged EXEC mode, follow these steps to remove VLANs from the pruning-eligible list on a trunk port:
Command
Step 1 Step 2 Step 3 configure terminal interface interface-id

Purpose
Enter global configuration mode. Select the trunk port for which VLANs should be pruned, and enter interface configuration mode. Configure the list of VLANs allowed to be pruned from the trunk. Separate nonconsecutive VLAN IDs with a comma and no spaces; use a hyphen to designate a range of IDs. Valid IDs are 2 to 1001. Extended-range VLANs (VLAN IDs 1006 to 4094) cannot be pruned. VLANs that are pruning-ineligible receive flooded traffic. The default list of VLANs allowed to be pruned contains VLANs 2 to 1001.

switchport trunk pruning vlan {add |except | none | remove} vlan-list [,vlan[,vlan[,,,]]

Step 4 Step 5 Step 6

end Show interfaces interface-id switchport copy running-config startup-config

Return to privileged EXEC mode. Verify your entries in the Pruning VLANs Enabled field of the display. (Optional) Save your entries in the configuration file.

Configuring the Native VLAN for Untagged Traffic (Optional)

A trunk port configured with IEEE 802.1Q tagging can receive both tagged and untagged traffic. By default, the switch forwards untagged traffic in the native VLAN configured for the port. The native VLAN is VLAN 1 by default. Computer Networks 2 Laboratories 7

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology
Command
Step 1 Step 2 Step 3 configure terminal interface interface-id switchport trunk native vlan vlan-id

Purpose
Enter global configuration mode. Define the interface that is configured as the IEEE 802.1Q trunk, and enter interface configuration mode. Configure the VLAN that is sending and receiving untagged traffic on the trunk port. For vlan-id, the range is 1 to 4094.

Step 4 Step 5 Step 6

end show interfaces interface-id switchport copy running-config startup-config

Return to privileged EXEC mode. Verify your entries in the Trunking Native Mode VLAN field. (Optional) Save your entries in the configuration file.

Configuring Trunk Ports for Load Sharing (Optional)

Command
Step 1 Step 2 configure terminal vtp domain domain-name

Purpose
Enter global configuration mode on Switch A. Configure a VTP administrative domain. The domain name can be 1 to 32 characters.

Step 3 Step 4 Step 5

vtp mode server end show vtp status

Configure Switch A as the VTP server. Return to privileged EXEC mode. Verify the VTP configuration on both Switch A and Switch B. In the display, check the VTP Operating Mode and the VTP Domain Name fields.

Step 6 Step 7 Step 8 Step 9 Step10

show vlan configure terminal interface interface-id_1

Verify that the VLANs exist in the database on Switch A. Enter global configuration mode. Define the interface to be configured as a trunk, and enter interface configuration mode. Configure the port as a trunk port. Return to privileged EXEC mode.

switchport mode trunk end

Computer Networks 2 Laboratories

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology
Step 11 show interfaces interface-id_1switchport Verify the VLAN configuration. Step 12 Step 13 Step14 Repeat Steps 7 through 10 on Switch A for a second port in the switch stack. Repeat Steps 7 through 10 on Switch B to configure the trunk ports that connect to the trunk ports configured on Switch A. show vlan When the trunk links come up, VTP passes the VTP and VLAN information to Switch B. Verify that Switch B has learned the VLAN configuration. Enter global configuration mode on Switch A. Define the interface to set the STP port priority, and enter interface configuration mode.

Step 15 configure terminal Step 16 interface interface-id_1

Step 17 spanning-tree vlan 8-10 port-priority 16 Assign the port priority of 16 for VLANs 8 through 10. Step 18 exit Step 19 interface interface-id_2 Step 20 spanning-tree vlan 3-6 port-priority 16 Step 21 end Step 22 show running-config Step 23 copy running-config startup-config Return to global configuration mode. Define the interface to set the STP port priority, and enter interface configuration mode. Assign the port priority of 16 for VLANs 3 through 6. Return to privileged EXEC mode. Verify your entries. (Optional) Save your entries in the configuration file.

Feature
Enable state Spanning-tree mode Switch priority

Default Spanning-Tree Configuration

Default Setting
Enabled on VLAN 1. PVST+. (Rapid PVST+ and MSTP are disabled.) 32768. 128. 1000 Mb/s: 4. 100 Mb/s: 19. 10 Mb/s: 100.

Spanning-tree port priority (configurable on a per-interface basis) Spanning-tree port cost (configurable on a per-interface basis)

Spanning-tree VLAN port priority (configurable on a per-VLAN basis) Spanning-tree VLAN port cost (configurable on a per-VLAN basis)

128. 1000 Mb/s: 4. 100 Mb/s: 19. 10 Mb/s: 100.

Spanning-tree timers

Hello time: 2 seconds. Forward-delay time: 15 seconds. Maximum-aging time: 20 seconds.

Computer Networks 2 Laboratories

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology
Transmit hold count: 6 BPDUs

Command
show spanning-tree active show spanning-tree detail show spanning-tree interface interface-id show spanning-tree summary [totals]

Displaying the Spanning-Tree Status

Purpose
Displays spanning-tree information on active interfaces only. Displays a detailed summary of interface information. Displays spanning-tree information for the specified interface. Displays a summary of interface states or displays the total lines of the STP state section.

.2 Configure VLANs on Cisco router 1801

Command
Step 1 vlan ? Example:
Router# config t Router(config)#vlan ? WORD ISL VLAN IDs 1-4094

Purpose
Enters VLAN configuration mode.

accounting VLAN accounting configuration ifdescr VLAN subinterface ifDescr

Step 2

ISL VLAN ID Example:

Router(config)#vlan 2 Router(config-vlan)#

Adds VLANs, with identifiers ranging from 1- 4094.

Step 3

exit Example:
Router(config-vlan)#exit Router(config)#

Updates the VLAN database, propagates it throughout the administrative domain, and returns to global configuration mode.

Verify Your VLAN Configuration

show: Entered

from VLAN database mode. Displays summary configuration information for all configured VLANs.

Computer Networks 2 Laboratories

10

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology
show vlan-switch: Entered

from privileged EXEC mode. Displays detailed configuration information for all configured VLANs.
Backup and Restore of vlan.dat File

1. Issue the show vtp status and show vlan commands to determine the original VTP/VLAN information. 2. Verify the vlan.dat file status by show flash:. 3. Back up the existing vlan.dat file.
Switch#copy flash:vlan.dat tftp: Destination filename [vlan.dat]? 976 bytes copied in 0.516 secs (1891 bytes/sec) 4. Remove the vlan.dat file from NVRAM. Switch#delete flash:vlan.dat Delete filename [vlan.dat]? Delete flash:vlan.dat? [confirm]

5. Restore the saved vlan.dat file to the FLASH.

Switch#copy tftp:vlan.dat flash: Destination filename [vlan.dat]? 976 bytes copied in 0.516 secs (1891 bytes/sec)

Computer Networks 2 Laboratories

11

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology

.III Lab practice

.1 Network Layout

Computer Networks 2 Laboratories

12

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology

.2 Lab steps Note: To avoid the conflict of IP address from manual configuration once two groups connecting together, each group will take the host address from range .x1 .x9, where x is group number. Ex: group 5 will dispose hosts from .51 to .59. Configure VTP domain netlab (mode server, no password) on Switch and Switching Router. Verify your entries in the VTP Operating Mode and the VTP Domain Name fields of the display. Create 3 VLANs matching the LAN1 Layout configured on Switch 2960 and LAN2 Layout configured on Router: Grouping BSD hosts into the VLAN id=11, name=bsd, subnet=10.10.11.0/24

Computer Networks 2 Laboratories

13

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology Grouping LINUX hosts into the VLAN id=12, name=linux, subnet=10.10.12.0/24 Grouping WINDOWS hosts into the VLAN id=13, name=windows, subnet=10.10.13.0/24

Assign Static-Access Ports to a VLAN, freely decided. Change the IP configuration on PC to adapt the VLAN port assignment (admin privilege). Configure Extended-Range VLAN id=1008, name=extended, subnet=10.0.10.0/24. Display and check the correctness of all VLAN Configuration. Configuring an Ethernet Interface as a Trunk Port on Switch and Switching Router. Trunking Switch to Router with the crossover cable. Check the connectivity by pinging to the hosts in the same VLAN. Define the Allowed-VLANs on a Trunk. Remove the BSD from the Allowed-VLANs list. Remove VLAN id=11 from the pruning-eligible list on a trunk port of Switch and Router. Configure the Native VLAN id=13 for Untagged Traffic. Configure another Trunk Ports for Load Sharing on Switch and Router. Connect them together. Re-check the connectivity of two hosts of the same VLAN. Trunking Switch to Switch with the neighbor group by setting one more port as trunk port. Check the connectivity. Monitor VTP by displaying VTP configuration information: the domain name, the current VTP revision, and the number of VLANs. Displaying the Spanning-Tree Status. Reset all devices to factory default.

Computer Networks 2 Laboratories

14

Faculty of Computer Science and Engineering Ho Chi Minh City University of Technology .3 Result Finish your work by reporting your network status and explaining your solution on place. Save your VLAN configuration file: yourstudentcode_CN2Lab5.dat to TFTP Server. Mark will be done by checking this file by your Lab Instructor.

Computer Networks 2 Laboratories

15