DONATE


CCNA LAB SVI DHCP server VTP Root guard BPDU filter Inter VLAN routing 802.1q portfast and more

 

In this lab, we see the configuration of SVI DHCP server VTP Root guard BPDU filter Inter VLAN routing 802.1q  and more. This lab is good for CCNA and CCNP  students. let's see what we are going to configure. 


(For video please to our YouTube channel https://www.youtube.com/@internetworkss





  • A Trunk link is a point-to-point link between two network devices. Trunk links carry more than one VLAN. With VLAN trunking, we can extend our configured VLAN across the entire network. Remember, sending information from an access link on one VLAN to another VLAN is not possible without the additional device a router, or an external layer 2 bridge connected between the VLAN. A Trunk link can transport multiple VLAN traffic through a single switch port. A trunk link is not assigned to a specific VLAN in detail...

  • VLAN Trunking Protocol (VTP) is a Cisco proprietary protocol, as I already said VTP is used to share the VLAN configuration with other switches and maintain consistency throughout that network but information will be passed only if the switch is connected with fast Ethernet or higher ports and also it must be trunk links in detail...
  •  VLAN is a logical grouping of network users and resources connected to administratively defined ports on a switch. VLANs are given the ability to create smaller broadcast domains within layer 2 switched internetworks by assigning different service switches to different subnetworks. A VLAN is treated like its own subnet or broadcast domain, meaning that frames broadcast into the network are only switched between the ports logically grouped within the same VLAN. By default, hosts in a specific VLAN can’t communicate with hosts that are members of another VLAN, so if you want to communicate, we need a router or Inter-VLAN Routing (IVR) in detail...
  • DHCP (Dynamic Host Configuration Protocol) servers provide all the basic information the client wants to operate on the network, including DNS address, Default Gateway, IP addresses, and subnet. masks and many more in detail...
  • Spanning tree Portfast is a Cisco proprietary enhanced for spanning trees. Port-fast helps to speed up the network convergence on access ports. Portfast bypasses the listening and learning states 15 + 15 seconds timer and enters the spanning tree forwarding state immediately in detail...

  • Spanning-tree BPDU Guard is one of the features that help you protect your spanning-tree topology. BPDU Guard prevents loops if another switch is attached to a Portfast port. When BPDU Guard is enabled on an interface, it is put into an error-disable state basically shut down, if a BPDU is received on the interface. It can be enabled in either global configuration mode or interface mode. in detail...
  • The root guard prevents the wrong switch from becoming the spanning tree root. If a root guard port receives a superior BPDU that might cause it to become a root port, the port is put into a “root-inconsistent” state and does not pass traffic through it. If the port stops receiving these BPDUs, it automatically re-enables itself. in detail...

let's see the configuration:-


Topology:-





  • Configure the topology as per the diagram
  • Configure trunk 802.1q
  • Configure no negotiation and allow only VLAN 11,12,13,14 on the trunk
  • Configure VTP domain name internetworks password networks
  • Configure VTP version 2
  • Configure MLS switch as a Server and rest the switches clients
  • Configure VLAN_11 VLAN_12 VLAN_13 VLAN_14 on MLS
  • make sure rest of the switches will get this information  
  • Configure the ports into their VLAN as per the topology
  • Configure the IP address to VLANs for inter VLAN routing
  • IP 192.168.1.1/24 to VLAN 11
  • IP 192.168.2.1/24 to VLAN 12
  • IP 192.168.3.1/24 to VLAN 13
  • IP 192.168.4.1/24 to VLAN 14
  • Configure DHCP server for VLAN 11,12,13,14 on MLS 
  • Make sure all PC in different VLAN get their IP address and other information
  • Ping from PC-1 to PC in different VLANs
  • Configure port fast on all the access-ports
  • Configure MLS switch to become Root bridge for all the VLANs
  • Configure Root guard on trunk MLS switch
  • Configure BPDU filter


 

MSL-SW-(config)#interface range ethernet 1/0-3
MSL-SW-(config-if-range)#switchport trunk encapsulation dot1q
MSL-SW-(config-if-range)#switchport mode trunk
MSL-SW-(config-if-range)#switchport nonegotiate
MSL-SW-(config-if-range)#switchport trunk allowed vlan 11,12,13,14
MSL-SW-(config-if-range)#exit
 
MSL-SW-#show interface trunk
 
Port        Mode             Encapsulation  Status        Native vlan
Et1/0       on               802.1q         trunking      1
Et1/1       on               802.1q         trunking      1
Et1/2       on               802.1q         trunking      1
Et1/3       on               802.1q         trunking      1
 
Port        Vlans allowed on trunk
Et1/0       11-14
Et1/1       11-14
Et1/2       11-14
Et1/3       11-14
 
 
Switch-1(config)#interface range ethernet 1/0
Switch-1(config-if-range)#switchport trunk encapsulation dot1q
Switch-1(config-if-range)#switchport mode trunk
Switch-1(config-if-range)#switchport nonegotiate
Switch-1(config-if-range)#switchport trunk allowed vlan 11,12,13,14
Switch-1(config-if-range)#exit
Switch-1(config)#end
 
 
Switch-1#show interface trunk
 
Port        Mode             Encapsulation  Status        Native vlan
Et1/0       on               802.1q         trunking      1
 
Port        Vlans allowed on trunk
Et1/0       11-14
 
 
Switch-2(config)#interface range ethernet 1/1
Switch-2(config-if-range)#switchport trunk encapsulation dot1q
Switch-2(config-if-range)#switchport mode trunk
Switch-2(config-if-range)#switchport nonegotiate
Switch-2(config-if-range)#switchport trunk allowed vlan 11,12,13,14
Switch-2(config-if-range)#exit
Switch-2(config)#end
Switch-2#show interface trunk
 
Port        Mode             Encapsulation  Status        Native vlan
Et1/1       on               802.1q         trunking      1
 
Port        Vlans allowed on trunk
Et1/1       11-14
 
IOU3(config)#interface range ethernet 1/2
IOU3(config-if-range)#switchport trunk encapsulation dot1q
IOU3(config-if-range)#switchport mode trunk
IOU3(config-if-range)#switchport nonegotiate
IOU3(config-if-range)#switchport trunk allowed vlan 11,12,13,14
IOU3(config-if-range)#exit
IOU3(config)#end
IOU3#show interface trunk
 
Port        Mode             Encapsulation  Status        Native vlan
Et1/2       on               802.1q         trunking      1
 
Port        Vlans allowed on trunk
Et1/2       11-14
 
 
Switch-4(config)#interface range ethernet 1/3
Switch-4(config-if-range)#switchport trunk encapsulation dot1q
Switch-4(config-if-range)#switchport mode trunk
Switch-4(config-if-range)#switchport nonegotiate
Switch-4(config-if-range)#switchport trunk allowed vlan 11,12,13,14
Switch-4(config-if-range)#exit
Switch-4(config)#end

Switch-4#show interface trunk
 
Port        Mode             Encapsulation  Status        Native vlan
Et1/3       on               802.1q         trunking      1
 
Port        Vlans allowed on trunk
Et1/3       11-14
 
MSL-SW-(config)#VTP domain internetworks
Domain name already set to internetworks.
MSL-SW-(config)#VTP password networks
MSL-SW-(config)#VTP mode server
MSL-SW-(config)#VTP version 2
MSL-SW-(config)#end
 
MSL-SW-#show vtp status
VTP Version capable             : 1 to 3
VTP version running             : 2
VTP Domain Name                 : internetworks
VTP Pruning Mode                : Disabled
VTP Traps Generation            : Disabled
Device ID                       : aabb.cc00.0600

 
 
Switch-1(config)#VTP domain internetworks
Switch-1(config)#VTP password networks
Switch-1(config)#VTP mode client
Switch-1(config)#VTP version 2
Switch-1(config)#end
 
Switch-2(config)#VTP domain internetworks
Switch-2(config)#VTP password networks
Switch-2(config)#VTP mode client
Switch-2(config)#VTP version 2
Switch-2(config)#end
 
 
IOU3(config)#VTP domain internetworks
IOU3(config)#VTP password networks
IOU3(config)#VTP mode client
IOU3(config)#VTP version 2
IOU3(config)#end
 
Switch-4(config)#VTP domain internetworks
Switch-4(config)#VTP password networks
Switch-4(config)#VTP mode client
Setting device to VTP Client mode for VLANS.
Switch-4(config)#VTP version 2
Switch-4(config)#end
 
MSL-SW-(config)#VLAN 11
MSL-SW-(config-vlan)#name Go Green Team
MSL-SW-(config-vlan)#exit

MSL-SW-(config)#VLAN 12
MSL-SW-(config-vlan)#name Go Blue Team
MSL-SW-(config-vlan)#exit

MSL-SW-(config)#VLAN 13
MSL-SW-(config-vlan)#name Go Purple
MSL-SW-(config-vlan)#exit

MSL-SW-(config)#VLAN 14
MSL-SW-(config-vlan)#name Go Skey Blue
MSL-SW-(config-vlan)#exit


MSL-SW-#show vlan
 
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et0/0, Et0/1, Et0/2, Et0/3
                                                Et2/0, Et2/1, Et2/2, Et2/3
                                                Et3/0, Et3/1, Et3/2, Et3/3
11   Go Green Team                    active
12   Go Blue Team                     active
13   Go Purple                        active
14   Go Skey Blue                     active
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup
 
VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
 
 
Switch-1(config)#interface range ethernet 0/0-3
Switch-1(config-if-range)#switchport mode access
Switch-1(config-if-range)#switchport access vlan 11
Switch-1(config-if-range)#exit
Switch-1(config)#end
Switch-1#
*Oct  1 11:00:36.626: %SYS-5-CONFIG_I: Configured from console by console
Switch-1#
Switch-1#show vlan
 
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et1/1, Et1/2, Et1/3, Et2/0
                                                Et2/1, Et2/2, Et2/3, Et3/0
                                                Et3/1, Et3/2, Et3/3
11   Go Green Team                    active    Et0/0, Et0/1, Et0/2, Et0/3
12   Go Blue Team                     active
13   Go Purple                        active
14   Go Skey Blue                     active
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup
 
VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
 
 
 
Switch-2(config)#interface range ethernet 0/0-3
Switch-2(config-if-range)#switchport mode access
Switch-2(config-if-range)#switchport access vlan 12
Switch-2(config-if-range)#exit
Switch-2(config)#end

Switch-2#show vlan
 
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et1/0, Et1/2, Et1/3, Et2/0
                                                Et2/1, Et2/2, Et2/3, Et3/0
                                                Et3/1, Et3/2, Et3/3
11   Go Green Team                    active
12   Go Blue Team                     active    Et0/0, Et0/1, Et0/2, Et0/3
13   Go Purple                        active
14   Go Skey Blue                     active
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup
 
VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
 
 
 
Switch-3(config)#interface range ethernet 0/0-3
Switch-3(config-if-range)#switchport mode access
Switch-3(config-if-range)#switchport access vlan 13
Switch-3(config-if-range)#exit
Switch-3(config)#end

Switch-3#show vlan
 
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et1/0, Et1/1, Et1/3, Et2/0
                                                Et2/1, Et2/2, Et2/3, Et3/0
                                                Et3/1, Et3/2, Et3/3
11   Go Green Team                    active
12   Go Blue Team                     active
13   Go Purple                        active    Et0/0, Et0/1, Et0/2, Et0/3
14   Go Skey Blue                     active
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup
 
VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
 
Switch-4(config)#interface range ethernet 0/0-3
Switch-4(config-if-range)#switchport mode access
Switch-4(config-if-range)#switchport access vlan 14
Switch-4(config-if-range)#exit
Switch-4(config)#end

Switch-4#show vlan
 
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et1/0, Et1/1, Et1/2, Et2/0
                                                Et2/1, Et2/2, Et2/3, Et3/0
                                                Et3/1, Et3/2, Et3/3
11   Go Green Team                    active
12   Go Blue Team                     active
13   Go Purple                        active
14   Go Skey Blue                     active    Et0/0, Et0/1, Et0/2, Et0/3
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup
 
VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
 
MSL-SW-(config)#interface vlan 11
MSL-SW-(config-if)#ip address 192.168.1.1 255.255.255.0
MSL-SW-(config-if)#no shutdown
MSL-SW-(config-if)#exit
MSL-SW-(config)#
MSL-SW-(config)#interface vlan 12
MSL-SW-(config-if)#ip address 192.168.2.1 255.255.255.0
MSL-SW-(config-if)#no shutdown
MSL-SW-(config-if)#exit
MSL-SW-(config)#
MSL-SW-(config)#interface vlan 13
MSL-SW-(config-if)#ip address 192.168.3.1 255.255.255.0
MSL-SW-(config-if)#no shutdown
MSL-SW-(config-if)#exit
MSL-SW-(config)#
MSL-SW-(config)#interface vlan 14
MSL-SW-(config-if)#ip address 192.168.4.1 255.255.255.0
MSL-SW-(config-if)#no shutdown
MSL-SW-(config-if)#exit
 
 
 
MSL-SW-#show ip interface brief
Interface              IP-Address      OK? Method Status                Protocol
Vlan11                 192.168.1.1     YES manual up                    up
Vlan12                 192.168.2.1     YES manual up                    up
Vlan13                 192.168.3.1     YES manual up                    up
Vlan14                 192.168.4.1     YES manual up                    up
 
MSL-SW-(config)#service dhcp
MSL-SW-(config)#ip dhcp pool vlan11
MSL-SW-(dhcp-config)#network 192.168.1.2 255.255.255.0
MSL-SW-(dhcp-config)#default-router 192.168.1.1
MSL-SW-(dhcp-config)#dns-server 8.8.8.8
MSL-SW-(dhcp-config)#exit

MSL-SW-(config)#service dhcp
MSL-SW-(config)#ip dhcp pool vlan12
MSL-SW-(dhcp-config)#network 192.168.2.2 255.255.255.0
MSL-SW-(dhcp-config)#default-router 192.168.2.1
MSL-SW-(dhcp-config)#dns-server 8.8.8.8
MSL-SW-(dhcp-config)#exit

MSL-SW-(config)#service dhcp
MSL-SW-(config)#ip dhcp pool vlan13
MSL-SW-(dhcp-config)#network 192.168.3.2 255.255.255.0
MSL-SW-(dhcp-config)#default-router 192.168.3.1
MSL-SW-(dhcp-config)#dns-server 8.8.8.8
MSL-SW-(dhcp-config)#exit

MSL-SW-(config)#service dhcp
MSL-SW-(config)#ip dhcp pool vlan14
MSL-SW-(dhcp-config)#network 192.168.4.2 255.255.255.0
MSL-SW-(dhcp-config)#default-router 192.168.4.1
MSL-SW-(dhcp-config)#dns-server 8.8.8.8
MSL-SW-(dhcp-config)#exit
 
 
 
MSL-SW-#show ip dhcp binding
Bindings from all pools not associated with VRF:
IP address      Client-ID/              Lease expiration        Type       State      Interface
                Hardware address/
                User name
192.168.1.2     0100.5079.6668.00       Oct 02 2024 11:07 AM    Automatic  Active     Vlan11
192.168.1.3     0100.5079.6668.01       Oct 02 2024 11:07 AM    Automatic  Active     Vlan11
192.168.2.2     0100.5079.6668.04       Oct 02 2024 11:07 AM    Automatic  Active     Vlan12
192.168.2.3     0100.5079.6668.05       Oct 02 2024 11:08 AM    Automatic  Active     Vlan12
192.168.3.2     0100.5079.6668.08       Oct 02 2024 11:08 AM    Automatic  Active     Vlan13
192.168.3.3     0100.5079.6668.09       Oct 02 2024 11:08 AM    Automatic  Active     Vlan13
192.168.4.3     0100.5079.6668.0d       Oct 02 2024 11:08 AM    Automatic  Active     Vlan14
 
MSL-SW-(config)#ip routing
 
 
PC1> ip dhcp
DDORA IP 192.168.1.2/24 GW 192.168.1.1
 
PC1> ping 192.168.1.3
 
84 bytes from 192.168.1.3 icmp_seq=1 ttl=64 time=5.950 ms
84 bytes from 192.168.1.3 icmp_seq=2 ttl=64 time=1.285 ms
84 bytes from 192.168.1.3 icmp_seq=3 ttl=64 time=2.572 ms
84 bytes from 192.168.1.3 icmp_seq=4 ttl=64 time=2.253 ms
84 bytes from 192.168.1.3 icmp_seq=5 ttl=64 time=1.654 ms
 
PC1> ping 192.168.2.2
 
84 bytes from 192.168.2.2 icmp_seq=1 ttl=63 time=18.753 ms
84 bytes from 192.168.2.2 icmp_seq=2 ttl=63 time=5.606 ms
84 bytes from 192.168.2.2 icmp_seq=3 ttl=63 time=6.312 ms
84 bytes from 192.168.2.2 icmp_seq=4 ttl=63 time=5.498 ms
84 bytes from 192.168.2.2 icmp_seq=5 ttl=63 time=3.911 ms
 
PC1> ping 192.168.3.2
 
84 bytes from 192.168.3.2 icmp_seq=1 ttl=63 time=17.571 ms
84 bytes from 192.168.3.2 icmp_seq=2 ttl=63 time=5.690 ms
84 bytes from 192.168.3.2 icmp_seq=3 ttl=63 time=7.361 ms
84 bytes from 192.168.3.2 icmp_seq=4 ttl=63 time=4.170 ms
84 bytes from 192.168.3.2 icmp_seq=5 ttl=63 time=4.948 ms
 
PC1> ping 192.168.4.2
 
84 bytes from 192.168.4.2 icmp_seq=1 ttl=63 time=18.701 ms
84 bytes from 192.168.4.2 icmp_seq=2 ttl=63 time=5.275 ms
84 bytes from 192.168.4.2 icmp_seq=3 ttl=63 time=3.818 ms
84 bytes from 192.168.4.2 icmp_seq=4 ttl=63 time=5.806 ms
84 bytes from 192.168.4.2 icmp_seq=5 ttl=63 time=6.827 ms
 
Switch-1(config)#interface range ethernet 0/0-3
Switch-1(config-if-range)#spanning-tree portfast
Switch-1(config-if-range)#end

%Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface  when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION
 
%Portfast will be configured in 4 interfaces due to the range command
 but will only have effect when the interfaces are in a non-trunking mode.
 
 
Switch-2(config)#interface range ethernet 0/0-3
Switch-2(config-if-range)#spanning-tree portfast

%Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface  when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION
 
%Portfast will be configured in 4 interfaces due to the range command
 but will only have effect when the interfaces are in a non-trunking mode.
Switch-2(config-if-range)#exit
 
 
Switch-3(config)#interface range ethernet 0/0-3
Switch-3(config-if-range)#spanning-tree portfast

%Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface  when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION
 
%Portfast will be configured in 4 interfaces due to the range command
 but will only have effect when the interfaces are in a non-trunking mode.
Switch-3(config-if-range)#exit
 
 
 
Switch-4(config)#interface range ethernet 0/0-3
Switch-4(config-if-range)#spanning-tree portfast

%Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface  when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION
 
%Portfast will be configured in 4 interfaces due to the range command
 but will only have effect when the interfaces are in a non-trunking mode.
Switch-4(config-if-range)#exit
 
 
 
MSL-SW-(config)#spanning-tree vlan 11,12,13,14 root primary
MSL-SW-(config)#end

MSL-SW-#show spanning-tree

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    32769
             Address     aabb.cc00.0600
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

 
 
MSL-SW-(config)#interface range ethernet 1/0-3
MSL-SW-(config-if-range)#spanning-tree guard root
MSL-SW-(config-if-range)#end
 
*Oct  2 17:26:10.692: %SPANTREE-2-ROOTGUARD_CONFIG_CHANGE: Root guard enabled on port Ethernet1/0.
*Oct  2 17:26:10.693: %SPANTREE-2-ROOTGUARD_CONFIG_CHANGE: Root guard enabled on port Ethernet1/1.
*Oct  2 17:26:10.693: %SPANTREE-2-ROOTGUARD_CONFIG_CHANGE: Root guard enabled on port Ethernet1/2.
*Oct  2 17:26:10.693: %SPANTREE-2-ROOTGUARD_CONFIG_CHANGE: Root guard enabled on port Ethernet1/3. 


By at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

CCNP CCIE EBGP configuration

  Border Gateway Protocol (BGP) is the protocol underlying the global routing system of the internet. Here’s a detailed breakdown: Purpose:...

INSTAGRAM FEED

@Edger C Francis