Laboration VLAN

Laborationen genomförs i två olika faser A och B. I konfigurationstabellen namnger jag kolumnerna som A-s1 och B-s1 för att skilja mellan dessa två faser. I fas A konfigureras tre switchar på vilka skapas tre VLAN, ansluts mellan via de portar som tilldelas till varje VLAN.

I fas B kopplas av s3 från s2. På switch s3 tas bort VLAN konfiguration:

Obs! På Packet Tracer är väl lätt att ta bort hela switchen och ersätta med en ny när man vill börja om konfigurationer, men inte i verkligheten. För att ta bort VLAN-konfiguration rekommenderas att återställa portar först och därefter radera VLAN.

Tre nya VLAN konfigureras på switch s3 och switchen ansluts till router R3.

I fas B ansluts också ihop tre routrar R1, R2 och R3 via seriella anslutningar. Routrar 1841 ska utrustas med en ny modul var och en. Router R1 kopplas ihop med switch s1 och konfigureras för inter-VLAN kommunikation, det samma gäller för routern R3.

Sammanfattning

  1. Konfigureras tre 2960 switchar och konfigureras tre VLAN på var och en. Därefter ersätts vanliga anslutningar med en kabel och portarna konfigureras som trunk.
  2. Nätverkstopologin ändras med tre 1841 routrar till.
    • Switcharna s1 och s2 fortsätter med samma konfiguration.
    • Switch s3 återställs och nya tre VLAN skapas.
    • Routrar koppas ihop med seriella kablar, vilket kräver att man lägger till en modul som stödjer seriell uppkoppling.

Nätverkstopologi

Bild 1: Laborations nätverkstopologi

Detta ingår i laborationen: 3 switchar modell 2960, 3 routrar modell 1841, 3 moduler för seriellt uppkoppling och 18 stationära datorer.

  • VLAN 10 HR 192.168.10.0 /24
  • VLAN 20 Sales 192.168.20.0 /24
  • VLAN 10 Production 192.168.30.0 /24
  • VLAN 40 Research 172.16.41.0 /24 ResearchIP, diginto.se, default-router 172.16.41.254
  • VLAN 50 Engineering 172.16.42.0 /24 EngineeringIP, tekniska.diginto.se, default-router 172.16.42.254
  • VLAN 60 Development 172.16.43.0 /24 DevelopmentIP, jensen.diginto.se, default-router 172.16.43.254

Konfigurationer

enable
configure terminal
!
!Basic configuration tasks
!
hostname s1
no ip domain-lookup
service password-encryption
enable secret enpass
banner motd # Unauthorized access is strictly prohibited. #
line console 0
password conpass
login
logging synchronous
exit
line vty 0 15
password vtypass
login
logging synchronous
exit
!
!Creating VLANs
!
vlan 10
name HR
vlan 20
name Sales
vlan 30
name Production
exit
!
!Assigning ports to vlans
!
interface range fa0/1 - 5
switchport mode access
switchport access vlan 10
exit
interface range fa0/6 - 10
switchport mode access
switchport access vlan 20
exit
interface range fa0/11 - 15
switchport mode access
switchport access vlan 30
exit
!
!Configuring trunk
!
interface Fa0/24
switchport mode trunk
end
show vlan brief
show interface trunk
!

enable
configure terminal
!
!Basic configuration tasks
!
hostname s2
no ip domain-lookup
service password-encryption
enable secret enpass
banner motd # Unauthorized access is strictly prohibited. #
line console 0
password conpass
login
logging synchronous
exit
line vty 0 15
password vtypass
login
logging synchronous
exit
!
!Creating VLANs
!
vlan 10
name HR
vlan 20
name Sales
vlan 30
name Production
exit
!
!Assigning ports to vlans
!
interface range fa0/1 - 5
switchport mode access
switchport access vlan 10
exit
interface range fa0/6 - 10
switchport mode access
switchport access vlan 20
exit
interface range fa0/11 - 15
switchport mode access
switchport access vlan 30
exit
!
!Configuring trunk
!
interface G0/1
switchport mode trunk
exit
interface G0/2
switchport mode trunk
end
show vlan brief
show interface trunk
!

enable
configure terminal
!
!Basic configuration tasks
!
hostname s3
no ip domain-lookup
service password-encryption
enable secret enpass
banner motd # Unauthorized access is strictly prohibited. #
line console 0
password conpass
login
logging synchronous
exit
line vty 0 15
password vtypass
login
logging synchronous
exit
!
!Creating VLANs
!
vlan 10
name HR
vlan 20
name Sales
vlan 30
name Production
exit
!
!Assigning ports to vlans
!
interface range fa0/1 - 5
switchport mode access
switchport access vlan 10
exit
interface range fa0/6 - 10
switchport mode access
switchport access vlan 20
exit
interface range fa0/11 - 15
switchport mode access
switchport access vlan 30
exit
!
!Configuring trunk
!
interface G0/2
switchport mode trunk
end
!
show vlan brief
show interface trunk
!

Switch s2 aktiveras av trunk på port G0/2
s1(config)# interface g0/2
s1(config-if)# no switchport mode trunk
s1(config-if)# exit
Switch s3 konfigurationer
enable
configure terminal
!
!Interface back to VLAN 1
!
interface range fa0/1 - 5
no switchport access vlan 10
exit
interface range fa0/6 - 10
no switchport access vlan 20
exit
interface range fa0/11 - 15
no switchport access vlan 30
exit
no vlan 10
no vlan 20
no vlan 30
!
!Creating new vlans
!
vlan 40
name Research
vlan 50
name Engineering
vlan 60
name Development
exit
!
!Assigning ports
!
interface range fa0/1 - 5
switchport mode access
switchport access vlan 40
exit
interface range fa0/6 - 10
switchport mode access
switchport access vlan 50
exit
interface range fa0/11 - 15
switchport mode access
switchport access vlan 60
exit
!
!Configuring trunk
!
interface fa0/24
switchport mode trunk
end
!
show vlan brief
show interface trunk
!

enable
configure terminal
!
!Basic configuration tasks
!
hostname R1
no ip domain-lookup
service password-encryption
enable secret enpass
line console 0
password conpass
login
logging synchronous
exit
line vty 0 4
password vtypass
login
logging synchronous
exit
!
!Configuring inter-vlan
!
interface fa0/0
shutdown
exit
interface fa0/0.10
encapsulation dot1q 10
ip address 192.168.10.254 255.255.255.0
exit
interface fa0/0.20
encapsulation dot1q 20
ip address 192.168.20.254 255.255.255.0
exit
interface fa0/0.30
encapsulation dot1q 30
ip address 192.168.30.254 255.255.255.0
exit
interface fa0/0
no shutdown
exit
!
!IP address configuration
!
interface s0/0/0
ip address 205.65.1.1 255.255.255.252
no shut
exit
!
!Routing
!
ip route 0.0.0.0 0.0.0.0 205.65.1.2
end
show ip interface brief
show ip route
!

enable
configure terminal
!
!Basic configuration tasks
!
hostname R2
no ip domain-lookup
service password-encryption
enable secret enpass
line console 0
password conpass
login
logging synchronous
exit
line vty 0 4
password vtypass
login
logging synchronous
exit
!
!Configuring IP address
!
interface s0/0/0
ip address 205.65.1.2 255.255.255.252
clock rate 128000
shutdown
exit
!
interface s0/0/1
ip address 205.65.1.5 255.255.255.252
clock rate 128000
shutdown
exit
!
!Routing
!
ip route 192.168.0.0 255.255.0.0 205.65.1.1
ip route 172.16.40.0 255.255.252.0 205.65.1.6
end
!
show ip int br
show ip route

enable
configure terminal
!
!Basic configuration tasks
!
hostname R3
no ip domain-lookup
service password-encryption
enable secret enpass
line console 0
password conpass
login
logging synchronous
exit
line vty 0 4
password vtypass
login
logging synchronous
exit
!
!Configuring inter-vlan
!
interface fa0/0
shutdown
exit
interface fa0/0.40
encapsulation dot1q 40
ip address 172.16.41.254 255.255.255.0
exit
interface fa0/0.50
encapsulation dot1q 50
ip address 172.16.42.254 255.255.255.0
exit
interface fa0/0.60
encapsulation dot1q 60
ip address 172.16.43.254 255.255.255.0
exit
interface fa0/0
no shutdown
exit
!
!IP address configuration
!
interface s0/0/1
ip address 205.65.1.6 255.255.255.252
no shut
exit
!
!Routing
!
ip route 0.0.0.0 0.0.0.0 205.65.1.5
end
show ip interface brief
show ip route
!

  • IP adresser som inte ska tilldelas
  • R3(config)# ip dhcp excluded-address 172.16.41.254
  • R3(config)# ip dhcp excluded-address 172.16.42.254
  • R3(config)# ip dhcp excluded-address 172.16.43.254
  • IP adresser för VLAN Research
  • R3(config)# ip dhcp pool ResearchIP
  • R3(dhcp-config)# network 172.16.41.0 255.255.255.0
  • R3(dhcp-config)# default-router 172.16.41.254
  • R3(dhcp-config)# domain-name diginto.se
  • R3(dhcp-config)# exit
  • IP adresser för VLAN Engineering
  • R3(config)# ip dhcp pool EngineeringIP
  • R3(dhcp-config)# network 172.16.42.0 255.255.255.0
  • R3(dhcp-config)# default-router 172.16.42.254
  • R3(dhcp-config)# domain-name tekniska.diginto.se
  • R3(dhcp-config)# exit
  • IP adresser för VLAN Development
  • R3(config)# ip dhcp pool DevelopmentIP
  • R3(dhcp-config)# network 172.16.43.0 255.255.255.0
  • R3(dhcp-config)# default-router 172.16.43.254
  • R3(dhcp-config)# domain-name jensen.diginto.se
  • R3(dhcp-config)# end
  • R3#

Klicka på DHCP och då bör datorn få en IP-konfiguration från DHCP servern. Varje VLAN har sin egen IP pool