Inter-VLAN Routing and Static Routes
Statement of the Problem:
A network engineer is required to create a new network according the following information.
There are 3 site locations: one in Melbourne, one in Sydney and a data centre which houses a server farm. Restrictions on access is not important, except that all machines should be able to access FS4 and PC5 and each PC should only be able to access its own respective FS (File Server). For example: PC1 should be able to access FS1, but not FS2 or FS3. PC2 should only be to access FS2 etc.
The network should be addressed as below:
Before you begin, cable the network as shown in the diagram.
Step 1: Erase all configurations on the switches.
Switch>enable
Switch#delete flash:vpn.dat
Delete filename [vpn.dat]?
Delete flash:/vpn.dat? [confirm]
%Error deleting flash:/vpn.dat (No such file or directory)
Switch#erase startup-config
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
Switch#reload
Proceed with reload? [confirm]
Step 2: Set the 3 Melbourne switches with a basic default setup (S1,S2,S3).
The purpose of the commands below is to set the console and telnet to require a password ,cisco, its hostname and not to do IP domain lookup if a command has been mistyped.
Switch>enable
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname S1
S1(config)#line console 0
S1(config-line)#logging synchronous
S1(config-line)#password cisco
S1(config-line)#login
S1(config-line)#line vty 0 15
S1(config-line)#password cisco
S1(config-line)#login
S1(config-line)#exit
S1(config)#enable secret cisco
S1(config)#no ip domain-lookup
S1(config)#ip default-gateway 192.168.99.1
S1(config)#int range fa0/1-24
S1(config-if-range)#shutdown
S1(config-if-range)#end
S1#
%SYS-5-CONFIG_I: Configured from console by console
S1#wr
Building configuration…
[OK]
Step 3: Reopen the switch ports on S3 to allow our computers access to the network.
S2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
S2(config)#int range fa0/6, fa0/11, fa0/18
S2(config-if-range)#switchport mode access
S2(config-if-range)#no shutdown
Step4: Set up VTP on the Melbourne switches according to the information provided in the table – VTP switch configurations
S1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
S1(config)#vtp mode server
Device mode already VTP SERVER.
S1(config)#vtp domain Widgets
Changing VTP domain name from NULL to Widgets
S1(config)#vtp password cisco
Setting device VLAN database password to cisco
S3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
S3(config)#vtp mode client
Setting device to VTP CLIENT mode.
S3(config)#vtp domain Widgets
Changing VTP domain name from NULL to Widgets
S3(config)#vtp password cisco
Setting device VLAN database password to cisco
S2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
S2(config)#vtp mode client
Setting device to VTP CLIENT mode.
S2(config)#vtp domain Widgets
Changing VTP domain name from NULL to Widgets
S2(config)#vtp password cisco
Setting device VLAN database password to cisco
Step 5: Set all interface fa0/1-5 to trunking mode on S1,S2 and S3.
This will allow all Virtual LANs (VLAN) to access the trunk routes as well as untagged traffic.
S1(config)#int range fa0/1-5
S1(config-if-range)#switchport mode trunk
S1(config-if-range)#switchport trunk native vlan 99
S1(config-if-range)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down
%LINK-5-CHANGED: Interface FastEthernet0/2, changed state to down
%LINK-5-CHANGED: Interface FastEthernet0/3, changed state to down
%LINK-5-CHANGED: Interface FastEthernet0/4, changed state to down
%LINK-5-CHANGED: Interface FastEthernet0/5, changed state to down
S1(config-if-range)#end
S1#
%SYS-5-CONFIG_I: Configured from console by console
Step 6: Set up the VLANs according to the table which is at the top of this post.
S1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
S1(config)#vlan 99
S1(config-vlan)#name management
S1(config-vlan)#exit
S1(config)#vlan 10
S1(config-vlan)#name sales
S1(config-vlan)#exit
S1(config)#vlan 20
S1(config-vlan)#name engineering
S1(config-vlan)#exit
S1(config-vlan)#vlan 30
S1(config-vlan)#name administration
S1(config-vlan)#exit
Step 7: Verify that the VLAN’s have been distrubuted accross S2 and S3.
S3#show vlan brief
VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gig1/1
Gig1/2
10 sales active
20 engineering active
30 administration active
99 management active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Step 8: Configure the management VLAN interfaces on S1, S2 and S3 according to the addressing table.
S1(config)#int vlan 99
S1(config-if)#
%LINK-5-CHANGED: Interface Vlan99, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan99, changed state to up
S1(config-if)#ip address 192.168.99.2 255.255.255.0
S1(config-if)#end
S2(config)#int vlan 99
S2(config-if)#
%LINK-5-CHANGED: Interface Vlan99, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan99, changed state to up
S2(config-if)#ip address 192.168.99.3 255.255.255.0
S2(config-if)#end
S3(config)#int vlan 99
%LINK-5-CHANGED: Interface Vlan99, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan99, changed state to up
S3(config-if)#
S3(config-if)#ip address 192.168.99.4 255.255.255.0
S3(config-if)#end
Step 9: Configure the switchports on S2 to the intended VLANs – check the switchport assignment table.
S2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
S2(config)#int range fa0/6-10
S2(config-if-range)#switchport access vlan 10
S2(config-if-range)#interface range fa0/11-17
S2(config-if-range)#switchport access vlan 20
S2(config-if-range)#interface range fa0/18-24
S2(config-if-range)#switchport access vlan 30
S2(config-if-range)#end
S2#
%SYS-5-CONFIG_I: Configured from console by console
S2#wr
Building configuration…
[OK]
Step 10: Erase all three routers settings.
Router#erase startup
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
Router#reload
Proceed with reload? [confirm]
Step 11: Configure the Melbourne Router (MEL) with hostname, priveledged exec mode password, console and Telnet passwords.
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#enable secret cisco
Router(config)#hostname MEL
MEL(config)#no ip domain-lookup
MEL(config)#line console 0
MEL(config-line)#logging synchronous
MEL(config-line)#password cisco
MEL(config-line)#login
MEL(config-line)#line vty 0 4
MEL(config-line)#password cisco
MEL(config-line)#login
MEL(config-line)#end
MEL#
%SYS-5-CONFIG_I: Configured from console by console
MEL#wr
Building configuration…
[OK]
Step 12: Configure the subinterfaces on the MEL router according to the table above.
Once this has been configured- PC1, PC2 and PC3 will be able to ping each other.
MEL#conf t
Enter configuration commands, one per line. End with CNTL/Z.
MEL(config)#int fa0/0
MEL(config-if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
MEL(config-if)#
MEL(config-if)#int fa0/0.10
MEL(config-subif)#
%LINK-5-CHANGED: Interface FastEthernet0/0.10, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.10, changed state to up
MEL(config-subif)#encapsulation dot1q 10
MEL(config-subif)#ip address 192.168.10.1 255.255.255.0
MEL(config-subif)#int fa0/0.20
MEL(config-subif)#
%LINK-5-CHANGED: Interface FastEthernet0/0.20, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.20, changed state to up
MEL(config-subif)#encapsulation dot1q 20
MEL(config-subif)#ip address 192.168.20.1 255.255.255.0
MEL(config-subif)#int fa0/0.30
%LINK-5-CHANGED: Interface FastEthernet0/0.30, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.30, changed state to up
MEL(config-subif)#
MEL(config-subif)#encapsulation dot1q 30
MEL(config-subif)#ip address 192.168.30.1 255.255.255.0
MEL(config-subif)#int fa0/0.99
%LINK-5-CHANGED: Interface FastEthernet0/0.99, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.99, changed state to up
MEL(config-subif)#
MEL(config-subif)#encapsulation dot1q 99 native
MEL(config-subif)#ip address 192.168.99.1 255.255.255.0
MEL(config-subif)#end
MEL#
%SYS-5-CONFIG_I: Configured from console by console
MEL#wr
Building configuration…
[OK]
Step 13: Configure the Serial interface on the MEL router which connects to the DATA router. This side of the cable has the DCE.
MEL#conf t
Enter configuration commands, one per line. End with CNTL/Z.
MEL(config)#int serial 0/1/0
MEL(config-if)#ip address 192.168.0.2 255.255.255.252
MEL(config-if)#clock rate 64000
MEL(config-if)#no shutdown
Step 14: Configure the DATA router. It has the DTE end of the serial cable with the MEL router and the DCE end with the SYD router.
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname DATA
DATA(config)#enable secret cisco
DATA(config)#line console 0
DATA(config-line)#logging synchronous
DATA(config-line)#password cisco
DATA(config-line)#login
DATA(config-line)#line vty 0 4
DATA(config-line)#password cisco
DATA(config-line)#login
DATA(config-line)#exit
DATA(config)#int serial 1/0
DATA(config-if)#ip address 192.168.0.1 255.255.255.252
DATA(config-if)#no shutdown
%LINK-5-CHANGED: Interface Serial1/0, changed state to up
DATA(config-if)#int serial 1/1
DATA(config-if)#clock rate 64000
DATA(config-if)#ip address 192.168.0.5 255.255.255.252
DATA(config-if)#no shut
%LINK-5-CHANGED: Interface Serial1/1, changed state to down
DATA(config-if)end
DATA#
%SYS-5-CONFIG_I: Configured from console by console
DATA#wr
Building configuration…
[OK]
Step 15: Configure the SYD Router. This router has both ends of serial connections with DTE.
Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname SYD
SYD(config)#enable secret cisco
SYD(config)#no ip domain-lookup
SYD(config)#line console 0
SYD(config-line)#logging syn
SYD(config-line)#logging synchronous
SYD(config-line)#password cisco
SYD(config-line)#login
SYD(config-line)#line vty 0 4
SYD(config-line)#password cisco
SYD(config-line)#login
SYD(config-line)#exit
SYD(config)#int serial 1/1
SYD(config-if)#ip address 192.168.0.6 255.255.255.252
SYD(config-if)#no shutdown
%LINK-5-CHANGED: Interface Serial1/1, changed state to up
SYD(config-if)#int serial 1/0
SYD(config-if)#ip address 192.168.0.10 255.255.255.252
SYD(config-if)#no shutdown
%LINK-5-CHANGED: Interface Serial1/0, changed state to down
SYD(config-if)#end
SYD#
%SYS-5-CONFIG_I: Configured from console by console
Step 16: Configure the MEL router Serial Interface to the SYD Router. This end has the DCE so the clock rate must be set.
MEL(config)#int serial 0/1/1
MEL(config-if)#clock rate 64000
MEL(config-if)#ip address 192.168.0.9 255.255.255.252
MEL(config-if)#no shut
%LINK-5-CHANGED: Interface Serial0/1/1, changed state to up
MEL(config-if)#
MEL(config-if)#end
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1/1, changed state to up
Step 17: Configure the Data Switch (DS) with the hostname, default-gateway and appropriate passwords.
Switch>enable
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname DS
DS(config)#enable secret cisco
DS(config)#no ip domain-lookup
DS(config)#ip default-gateway 192.168.199.1
DS(config)#line console 0
DS(config-line)#logging synchronous
DS(config-line)#password cisco
DS(config-line)#login
DS(config-line)#line vty 0 15
DS(config-line)#password cisco
DS(config-line)#login
DS(config-line)#exit
DS(config)#end
DS#
%SYS-5-CONFIG_I: Configured from console by console
DS#wr
Building configuration…
[OK]
Step 18: Configure the DS switch with the vlan information and addressing information that was supplied above.
DS#conf t
Enter configuration commands, one per line. End with CNTL/Z.
DS(config)#vlan 10
DS(config-vlan)#name sales
DS(config-vlan)#exit
DS(config)#vlan 20
DS(config-vlan)#name engineering
DS(config-vlan)#exit
DS(config)#vlan 30
DS(config-vlan)#name administration
DS(config-vlan)#exit
DS(config)#int fa0/1
DS(config-if)#switchport mode trunk
DS(config-if)#switchport trunk native vlan 99
DS(config-if)#no shutdown
DS(config-if)#exit
DS(config)#vlan 99
DS(config-vlan)#name management
DS(config-vlan)#exit
DS(config)#int vlan 99
DS(config-if)#
%LINK-5-CHANGED: Interface Vlan99, changed state to up
DS(config-if)#ip address 192.168.199.2 255.255.255.0
DS(config-if)#exit
DS(config)#int fa0/6
DS(config-if)#switchport access vlan 10
DS(config-if)#int fa0/11
DS(config-if)#switchport access vlan 20
DS(config-if)#int fa0/18
DS(config-if)#switchport access vlan 30
DS(config-if)#end
DS#
%SYS-5-CONFIG_I: Configured from console by console
Step 19: Configure the subinterfaces on the DATA router.
This will allow FS1, FS2,FS3 to ping each other.
DATA(config)#int fa0/0
DATA(config-if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
DATA(config-if)#int fa0/0.10
DATA(config-subif)#
%LINK-5-CHANGED: Interface FastEthernet0/0.10, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.10, changed state to up
DATA(config-subif)#encapsulation dot1q 10
DATA(config-subif)#ip address 192.168.110.1 255.255.255.0
DATA(config-subif)#int fa0/0.20
%LINK-5-CHANGED: Interface FastEthernet0/0.20, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.20, changed state to up
DATA(config-subif)#
DATA(config-subif)#encapsulation dot1q 20
DATA(config-subif)#ip address 192.168.120.1 255.255.255.0
DATA(config-subif)#int fa0/0.30
%LINK-5-CHANGED: Interface FastEthernet0/0.30, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.30, changed state to up
DATA(config-subif)#
DATA(config-subif)#encapsulation dot1q 30
DATA(config-subif)#ip address 192.168.130.1 255.255.255.0
DATA(config-subif)#int fa0/0.99
%LINK-5-CHANGED: Interface FastEthernet0/0.99, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.99, changed state to up
DATA(config-subif)#encapsulation dot1q 99 native
DATA(config-subif)#ip address 192.168.199.1 255.255.255.0
DATA(config-subif)#end
DATA#
%SYS-5-CONFIG_I: Configured from console by console
Step 20: Add in static routes to route traffic between the MEL router and the DATA router
After this setp PC1,PC2, PC3, PC4 will be able to access FS1,FS2 and FS3 – plus all interfaces (except for the unconfigured devices behind SYD router)
DATA(config)#ip route 192.168.10.0 255.255.255.0 serial 1/0
DATA(config)#ip route 192.168.20.0 255.255.255.0 serial 1/0
DATA(config)#ip route 192.168.30.0 255.255.255.0 serial 1/0
DATA(config)#ip route 192.168.99.0 255.255.255.0 serial 1/0
MEL(config)#ip route 192.168.110.0 255.255.255.0 serial 0/1/0
MEL(config)#ip route 192.168.120.0 255.255.255.0 serial 0/1/0
MEL(config)#ip route 192.168.130.0 255.255.255.0 serial 0/1/0
MEL(config)#ip route 192.168.199.0 255.255.255.0 serial 0/1/0
Posted on June 21, 2012, in Networking. Bookmark the permalink. 1 Comment.
Maligawa 
Nice work bro…This is very important configuration!!!!
All the best bro:)