Icnd210lg Cracked

8/3/2019 Icnd210lg Cracked

1/120

ICND2

Interconnecting CiscoNetworking Devices

Part 2Version 1.0

Lab Guide

Editorial, Production, and Web Services (EPWS): 07.25.07

The PDF files and any printed representation for this material are the property of Cisco Systems, Inc.,for the sole use by Cisco employees for personal study. The files or printed representations may not beused in commercial training, and may not be distributed for purposes other than individual self-study.


2/120

DISCLAIMER WARRANTY: THIS CONTENT IS BEING PROVIDED AS IS. CISCO MAKES AND YOU RECEIVE NO WARRANTIES IN

CONNECTION WITH THE CONTENT PROVIDED HEREUNDER, EXPRESS, IMPLIED, STATUTORY OR IN ANY OTHER PROVISION OF

THIS CONTENT OR COMMUNICATION BETWEEN CISCO AND YOU. CISCO SPECIFICALLY DISCLAIMS ALL IMPLIED

WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR

PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE. This learning product may contain early release

content, and while Cisco believes it to be accurate, it falls subject to the disclaimer above.



3/120

ICND2

Lab Guide

OverviewThis guide presents the instructions and other information concerning the activities for thiscourse. You can find the solutions in the Lab Activity Answer Key.

Outline

This guide includes these activities:

Lab 1-1: Implementing a Small Network (Review Lab)

Lab 2-1: Configuring Expanded Switched Networks

Lab 2-2: Troubleshooting Switched Networks

Lab 4-1: Implementing OSPF

Lab 4-2: Troubleshooting OSPF

Lab 5-1: Implementing EIGRP

Lab 5-2: Troubleshooting EIGRP

Lab 6-1: Implementing and Troubleshooting ACLs

Lab 7-1: Configuring NAT and PAT

Lab 7-2: Implementing IPv6

Lab 8-1: Establishing a Frame Relay WAN

Lab 8-2: Troubleshooting Frame Relay WANs

Answer Key



4/120

2 Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 2007 Cisco Systems, Inc.

Lab 1-1: Implementing a Small Network(Review Lab)

Complete this lab activity to practice what you reviewed in the related module.

Activity Objective

In this activity, you will use the skills and knowledge that you acquired prior to taking thiscourse to implement a small network. You will use the commands reviewed in the related

module to provide your workgroup switch and router with a basic configuration for IP

connectivity.

After completing this activity, you will be able to meet these objectives:

Return your workgroup switch and router to their default configurations

Configure your workgroup switch and router with their proper identities and IP addressing

Provide basic security with passwords and port security

Visual ObjectiveThe figure illustrates what you will accomplish in this activity.

2007 Cisco Systems, Inc. All rights reserved. ICND2 v1.04

Visual Objective 1-1: Implementing aSmall Network Review Lab

WG Switch Routerfa0/0

A 10.1.1.10 10.1.1.11B 10.1.1.20 10.1.1.21C 10.1.1.30 10.1.1.31

D 10.1.1.40 10.1.1.41E 10.1.1.50 10.1.1.51F 10.1.1.60 10.1.1.61G 10.1.1.70 10.1.1.71H 10.1.1.80 10.1.1.81

Required Resources

These are the resources and equipment required to complete this activity:

PC connected to an onsite lab or PC with an Internet connection to access the remote lab

Terminal server connected to a console port of each lab device if using a remote lab

ICND workgroup assigned by your instructor



5/120

2007 Cisco Systems, Inc. Lab Guide

Your instructor will provide setup information that you need to complete this and the

subsequent lab activities. Your instructor will also assign you to a workgroup, identified by the

letters A through H. Complete the following information as provided by your instructor:

Value Information Provided by Your Instructor

Your workgroup

IP address of your terminal

Subnet mask

IP address of the default gateway

IP address of the terminal server

Username to access the terminal server

Password to access the terminal server

IP address of the TFTP server



6/120


Command List

The table describes the commands used in this activity. The commands are listed in

alphabetical order so that you can easily locate the information you need. Refer to this list if

you need configuration command assistance during the lab activity.

Review Commands

Command Description

banner motd Configures the message-of-the-day banner.

configure terminal Enters global configuration mode.

copy running-configstartup-config

Saves the running configuration into NVRAM as the startupconfiguration.

description Adds a descriptive comment to the configuration of aninterfacevery useful with complex configurations.

duplex full Enables full duplex on an interface.

enable Enters the privileged EXEC mode command interpreter.

enable secretpassword Sets an enable secret password to enter privilege EXEC.

erase startup-configuration

Erases the startup configuration from NVRAM.

hostname name Assigns your device a hostname.

interface interface Specifies an interface and enters interface configurationmode.

ip address addressmask Sets the IP address and mask of the device.

ip default-gateway address Sets the default gateway of the switch.

line console 0 Specifies the console line and enters line configurationmode.

line vty 0 4 Specifies the vty lines and enters line configuration mode.

login Sets password checking at login.

logging synchronous Enables synchronous logging of messages.

passwordpassword Sets a password on a line.

ping ip_address Uses ICMP echo requests and ICMP echo replies todetermine whether a remote host is reachable.

reload Reboots the device to make your changes take effect.

show cdp neighbors Displays the Cisco Discovery Protocol updates received oneach local interface of the device.

show interfaces Displays information on all of the device interfaces.

show port-security[interface interface-id][address]

Displays the administrative and operational status of allsecure ports on a switch. Optionally displays specificinterface security settings or all secure MAC addresses.

show running-configuration Displays the active configuration.

show startup-configuration Displays the startup configuration settings that are saved inNVRAM.

shutdown/no shutdown Disables or enables an interface.



7/120


Command Description

speed speed Sets the speed of the port.

switchport mode access Sets the port to access mode. Use the no version of thiscommand to reset default values.

switchport port-security Enables port security on an interface. Entered withoutkeywords.

switchport port-security

mac-addressmac-address

Assigns a secure MAC address on a port. Use the no form

of this command to remove it.

switchport port-securitymaximum value

Sets the maximum number of secure MAC addresses forthe interface.

Job Aids

These job aids are available to help you complete the lab activity.

Workgroup

(WG)

Router

Name

Router Fa0/0

Interface

(RouterX)

Switch

Name

Switch Interface

VLAN 1

(SwitchX)

SwitchXPort

to Core

Core Switch A

Port to (WG)

A RouterA 10.1.1.11/24 SwitchA 10.1.1.10/24 Fa0/11 Fa0/1

B RouterB 10.1.1.21/24 SwitchB 10.1.1.20/24 Fa0/11 Fa0/2

C RouterC 10.1.1.31/24 SwitchC 10.1.1.30/24 Fa0/11 Fa0/3

D RouterD 10.1.1.41/24 SwitchD 10.1.1.40/24 Fa0/11 Fa0/4

E RouterE 10.1.1.51/24 SwitchE 10.1.1.50/24 Fa0/11 Fa0/5

F RouterF 10.1.1.61/24 SwitchF 10.1.1.60/24 Fa0/11 Fa0/6

G RouterG 10.1.1.71/24 SwitchG 10.1.1.70/24 Fa0/11 Fa0/7

H RouterH 10.1.1.81/24 Switch H 10.1.1.80/24 Fa0/11 Fa0/8

Task 1: Setting Up the Workgroup Router

In this task, you will use the commands reviewed in the related module to provide your

workgroup router with a basic configuration for IP connectivity.

Activity Procedure

Complete these steps:

Step 1 From your PC, establish a connection to the lab equipment.

Step 2 Select your workgroup from the Main menu.

Step 3 Select your workgroup router from the Pod menu. If you are prompted for a console

password, try a password ofcisco (or consult the instructor for a password).



8/120


Step 4 Enter privileged EXEC mode. If you are prompted for a privileged EXEC password,

try a password ofsanfran. If a password ofsanfran does not work, please consult

with your instructor.

Step 5 Erase the startup configuration of your workgroup router.

Step 6 Reload your workgroup router. If you are prompted to save modifications, answer N.

When you are prompted to confirm reload, answer Y.

Step 7 After your workgroup router reboots, you will be asked if you want to enter theConfiguration Dialog. Answer N. If you are asked if you want to terminate

AutoInstall, answer Y.

Step 8 Configure your workgroup router with a hostname. Use the name listed in the Job

Aids table for this lab activity.

Step 9 Configure an enable secret password ofsanfran, which will be used to gain access

to privileged EXEC mode.

Step 10 Assign an IP address to the first Ethernet interface (Fa0/0) of your workgroup router.

The IP address is listed in the Job Aids table for this lab.

Step 11 Enable the first Ethernet interface (Fa0/0) of your workgroup router.

Step 12 Provide a description for the interface configuration describing the connected

destination.

Step 13 Configure a message of the day banner warning unauthorized users not to log in.

Step 14 Configure the router to require a password when accessing the router through the

console port. Use the password cisco.

Step 15 Configure the router to require a password when accessing the router through the

first five vty lines, 0 through 4. Use a password ofsanjose.

Step 16 Configure the console port with the logging synchronous command.

Step 17 Save your running configuration to NVRAM.

Step 18 Utilize the following commands to verify your configuration settings:

show interfaces

What is the MAC address of the first Ethernet interface of the router (Fa0/0)

which connects to your workgroup switch? (You will need this information for

the next task.)

show running-configuration

show startup-configuration

Activity Verification

You have completed this task when you attain these results:

Your workgroup router has the proper identity and IP addresses.

Your workgroup router has basic security configured with passwords.



9/120


Task 2: Setting Up the Workgroup SwitchIn this task, you will use the commands reviewed in the related module to provide your

workgroup switch with a basic configuration for IP connectivity.

Activity Procedure




Step 3 Select your workgroup switch from the Pod menu. If you are prompted with a

console password, try a password ofcisco (or consult the instructor).

Step 4 Enter privileged EXEC mode. If you are prompted with a privileged EXEC

password, try a password ofsanfran, or consult your instructor if this password does

not work.

Step 5 Erase your workgroup switch startup configuration.

Step 6 Delete the workgroup switch VLAN database using the following command:

delete flash:vlan.dat.

Note When asked Delete filename [vlan.dat]? press the Enter key.

When asked Delete flash:vlan.dat? [confirm] press the Enter key.

Step 7 Reload your switch. If you are prompted to save modifications, answer N. When you

are prompted to confirm reload, answer Y.

Step 8 After your switch reboots, you will be asked if you want to enter Configuration

Dialog. Answer N.

Step 9 Configure your switch with a hostname. Use the name listed in the Job Aids table

for this lab activity.

Step 10 Configure an enable secret password ofsanfran, which will be used to gain access

to privileged EXEC mode.

Step 11 Assign an IP address to the management VLAN interface of your workgroup switch.

Use the IP address listed in the Job Aids table for this lab activity.

Step 12 Enable the management VLAN interface of your workgroup switch.

Step 13 Assign a default gateway to your workgroup switch. Use the address of the core

router, 10.1.1.3.Step 14 Configure a message-of-the-day banner warning unauthorized users not to log in.

Step 15 Set the speed of port Fa0/11 on your workgroup switch to 100Mb/s.

Step 16 Set the duplex setting of port Fa0/11 on your workgroup switch to full duplex.

Step 17 Provide a description for the Fa0/11 interface describing the connected destination.



10/120


Step 18 Configure port security on switchport Fa0/2 to allow only your workgroup router to

be able to use the port.

Make sure the port is an access port.

Allow only a maximum of one device to use the port (may be the default).

Specify the MAC address of the router (found in Task 1) to be the one device

allowed.

Enable port security on the port.

Step 19 Provide a description for the Fa0/2 interface describing the connected destination.

Step 20 Configure the switch to require a password when accessing the switch through the

console port. Use the password cisco.

Step 21 Configure the console port with the logging synchronous command.

Step 22 Configure the switch to require a password when accessing the switch using the first

five vty lines, 0 through 4. Use a password ofsanjose.


Step 24 Utilize the following commands to verify your configuration settings:

show interfaces

show port-security

show running-configuration

show startup-configuration



The workgroup switch has the proper identity and IP address.

The workgroup switch has basic security with passwords and port security.

Task 3: Verifying Workgroup Connectivity

In this task, you will use the commands reviewed in the related module to verify your

workgroup switch and router connectivity.

Activity Procedure

Complete these steps from your workgroup switch:

Step 1 Use Cisco Discovery Protocol to identify your workgroup router and core switch A

as neighbors.

Step 2 Ping the first Ethernet interface (Fa0/0) of your workgroup router.

Step 3 Ping the TFTP server address of 10.1.1.1.

Complete these steps from your workgroup router:

Step 4 Use Cisco Discovery Protocol to identify your workgroup switch as a neighbor.



11/120


Step 5 Ping the VLAN 1 interface of your workgroup switch.

Step 6 Ping the TFTP server address of 10.1.1.1.

Step 7 Notify your instructor that you have completed the activity.



You have successfully viewed your directly connected Cisco Discovery Protocol neighborsfrom you workgroup router and switch.

All of the pings from your workgroup router and switch were successful.



12/120


Lab 2-1: Configuring Expanded SwitchedNetworks

Complete this lab activity to practice what you learned in the related module.

Activity Objective

In this activity, you will configure a switch to meet the specific VLAN requirements. After

completing this activity, you will be able to meet these objectives:

Configure the switch to participate in a VTP domain and configure the switch for

transparent mode

Configure trunking on a trunk port to provide access to a router on the network

Configure separate VLANs for separate logical networks

Enable RSTP and configure the root switch and backup root switch

Visual Objective

The figure illustrates what you will accomplish in this activity.


Visual Objective 2-1: ConfiguringExpanded Switched Networks

Subnet VLAN Devices10.1.1.0 1 Core Switches, CoreRouter, SwitchX10.2.2.0 2 CoreRouter, RouterA10.3.3.0 3 CoreRouter, RouterB10.4.4.0 4 CoreRouter, RouterC10.5.5.0 5 CoreRouter, RouterD10.6.6.0 6 CoreRouter, RouterE10.7.7.0 7 CoreRouter, RouterF10.8.8.0 8 CoreRouter, RouterG10.9.9.0 9 CoreRouter, RouterH



13/120


Required Resources





Command List




Commands

Command Description

ping Executes an extended ping command. You will set the pingcount and other options manually. (Use this command in

privileged EXEC mode.)

switchport mode trunk Interface configuration mode to set a Fast Ethernet or GigabitEthernet port to trunk mode.

switchport access vlanvlan#

Interface configuration mode to assign a port to a VLAN.

ping ip-address Common tool used to troubleshoot the accessibility ofdevices. It uses ICMP echo requests and ICMP echo repliesto determine whether a remote host is active. The pingcommand also measures the amount of time it takes toreceive the echo reply.

show interface interface Displays the trunk parameters.

show spanning-tree vlanvlan#

Displays spanning-tree information for a particular VLAN.

show interfacesinterface switchport

Displays VLAN and trunk information.

show vlan Displays information on all configured VLANs.

show vtp status Displays the VTP status.


vlan vlan-id Global configuration mode to add a VLAN and enter config-vlansubconfiguration mode. Use the no form of thiscommand to delete the VLAN.

name vlan-name Defines a VLAN name from config-vlansubconfigurationmode.



14/120


Command Description

spanning-tree moderapid-pvst

Global configuration mode to enable the Rapid-PVSTprotocol

spanning-tree portfast Enables PortFast on an interface.

spanning-tree vlan vlan-IDroot primary

Global configuration mode to designate a switch to be theprimary root for a particular VLAN.

spanning-tree vlan vlan-

IDroot secondary

Global configuration mode to designate a switch to be the

secondary root for a particular VLAN.

vtp mode {server |client | transparent}

Sets the VTP mode; use the no form of this command toreturn to the default setting.

vtp domain domain Sets the VTP administrative domain.



15/120


Job Aids

These job aids are available to help you complete the lab activities. Here are the steps to

prepare for this lab activity:

Verify that you have a single connection between the workgroup switch and core switch A

by using the show cdp neighbors command. Verify that the only core neighbor you see is

core switch A.

Your instructor needs to load new configurations on the core switches. Check with theinstructor to be certain the new configurations have been loaded.

This table lists the Fast Ethernet connections that are necessary to complete this lab activity.

WG Port Core A Port Port Core B Port

A Fa0/11 Fa0/1 Fa0/12 Fa0/1

B Fa0/11 Fa0/2 Fa0/12 Fa0/2

C Fa0/11 Fa0/3 Fa0/12 Fa0/3

D Fa0/11 Fa0/4 Fa0/12 Fa0/4

E Fa0/11 Fa0/5 Fa0/12 Fa0/5

F Fa0/11 Fa0/6 Fa0/12 Fa0/6

G Fa0/11 Fa0/7 Fa0/12 Fa0/7

H Fa0/11 Fa0/8 Fa0/12 Fa0/8

Task 1: Configure VTP and VTP Domains

In this activity, you will configure your workgroup switch to participate in a VTP domain in the

transparent mode. This will prevent VLAN changes made on the workgroup switch from

propagating to other switches in the lab.

Activity Procedure

Complete the following steps on your workgroup switch:



Step 3 Select your workgroup switch from the Pod menu.

Step 4 Use the enable command to enter privileged EXEC mode.

Step 5 Shut down the Fa0/12 interface on your workgroup switch.

Step 6 Set the VTP domain name to ICND.

Step 7 Set the VTP mode to transparent.

What command sequence do you use to set the domain name and VTP mode on

your workgroup switch?



16/120


Step 8 Verify the VTP configuration using the show vtp status command. Your output

should look similar to the following display:

SwitchA# sh vtp status

VTP Version : 2

Configuration Revision : 0

Maximum VLANs supported locally : 255

Number of existing VLANs : 6

VTP Operating Mode : Transparent

VTP Domain Name : ICND

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0x68 0x9E 0x44 0xAC 0xFE0xA4 0xFF 0xD6

Configuration last modified by 10.1.1.10 at 0-0-00 00:00:00

Is the domain name the same that you entered? Are you in transparent mode?

Step 9 Proceed to Task 2.


You have completed this task when you attain this result:

Configured your workgroup switch to participate in a VTP domain in the transparent mode

so that any VLAN changes made on the workgroup switch are prevented from propagating

to other switches.

Task 2: Assign a Switch Port to Perform TrunkingThe instructor has configured the core switches to trunk to the workgroup switches from their

previous nontrunking mode. This configuration effectively shuts off frames from passing

between the core switches and the workgroup switches and blocks your access to the core

devices. You will configure trunking on one of the trunk ports so that you can reach the core

router again.

Activity Procedure

Complete the following steps to configure trunking mode on your workgroup switch:

Step 1 Set port Fa0/11 on your workgroup switch to trunk mode.

What command do you use to set the port to trunk mode?



17/120


Step 2 Verify the trunk configuration.

What command do you use to display a trunk configuration?

Your output should look similar to the following display:

SwitchA#show interface FastEthernet 0/11 switchport

Name: Fa0/11Switchport: Enabled

Administrative Mode: trunk

Operational Mode: trunk

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: dot1q

Negotiation of Trunking: On

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 1 (default)

Voice VLAN: noneAdministrative private-vlan host-association: none

Administrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: none

Administrative private-vlan trunk encapsulation: dot1q

Administrative private-vlan trunk normal VLANs: none

Administrative private-vlan trunk private VLANs: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

Protected: false

Appliance trust: none

Step 3 To verify trunking, ping the core router at 10.1.1.3 from the workgroup switch. (If it

does not work, make sure that your Fa0/12 interface is shut down.)



You have completed this task when you attain these results.

Configured trunking on one trunk port

Pinged the core router to verify trunking and connectivity



18/120


Task 3: Configure Separate VLANs on the Switch

In this task, you will configure a VLAN for the switch port that is connected to your workgroup

router and change the IP address of the first Ethernet interface on your workgroup router. The

new address is in the VLAN that is assigned to your workgroup, and it can only reach other

devices in the workgroup (in a different VLAN) via the core router. Your instructor has

configured the core router to support inter-VLAN routing.

The table, or VLAN assignment chart, provides information you need to complete this task.

WG VLAN Number VLAN Name Core Router RouterX Fa0/0

(in which xis the

workgroup letter)

A 2 VLAN0002 10.2.2.3 10.2.2.12

B 3 VLAN0003 10.3.3.3 10.3.3.12

C 4 VLAN0004 10.4.4.3 10.4.4.12

D 5 VLAN0005 10.5.5.3 10.5.5.12

E 6 VLAN0006 10.6.6.3 10.6.6.12

F 7 VLAN0007 10.7.7.3 10.7.7.12

G 8 VLAN0008 10.8.8.3 10.8.8.12

H 9 VLAN0009 10.9.9.3 10.9.9.12

Activity Procedure

Complete the following steps to configure separate VLANs on your workgroup switch:

Step 1 Using the VLAN assignment chart, create a VLAN only for your workgroup.

What command do you use to create a VLAN on your switch?

Step 2 Using the show vlan command from the EXEC mode, verify that the correct VLAN

has been added.


SwitchA# sh vlan

VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8Fa0/9, Fa0/10, Fa0/12, Fa0/13Fa0/14, Fa0/15, Fa0/16, Fa0/17Fa0/18, Fa0/19, Fa0/20, Fa0/21Fa0/22, Fa0/23, Fa0/24, Gi0/1Gi0/2

2 VLAN0002 active1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup



19/120


Step 3 Set the workgroup switch port (port Fa0/2) that is connected to your workgroup

router to your assigned VLAN number.

What command do you use to set the port to your assigned VLAN number?

Step 4 Configure spanning-tree portfast on the workgroup switch port that is connected to

your workgroup router (port Fa0/2).

Step 5 Enter the proper show command for verifying that port Fa0/2 is now in the correct

VLAN.


SwitchA# sh vlan brief

VLAN Name Status Ports---- -------------------------------- --------- ------------------------------1 default active Fa0/1, Fa0/3, Fa0/4, Fa0/5

Fa0/6, Fa0/7, Fa0/8, Fa0/9

Fa0/10, Fa0/12, Fa0/13, Fa0/1Fa0/15, Fa0/16, Fa0/17, Fa0/1Fa0/19, Fa0/20, Fa0/21, Fa0/2Fa0/23, Fa0/24, Gi0/1, Gi0/2

2 VLAN0002 active Fa0/21002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup

Step 6 Access the console port of your workgroup routerrouterX, in whichx is the

workgroup letter assigned to you for this lab activity.

Step 7 From your workgroup router, enter interface configuration mode for your first

Ethernet interface (Fa0/0).

Step 8 Change the primary Ethernet interface in your workgroup router to 10.x.x.12 (in

whichx is your assigned VLAN number) and assign a subnet mask of

255.255.255.0.

Step 9 Ping the core router at 10.x.x.3, in whichx is your assigned VLAN number, from

your workgroup router.

Your ping should be successful. Why?

Step 10 Ping your workgroup switch from your workgroup router.

Your ping should notbe successful. Why?



20/120


Step 11 Enable inter-VLAN communications by configuring a default route on your

workgroup router that points to the core router using the ip route 0.0.0.0 0.0.0.0

10.x.x.3 command, in whichx is your assigned VLAN number. Now ping your

workgroup switch.

Your ping should be successful? Why?

Note Notice that the default gateway on your workgroup switch is set to 10.1.1.3 so that your

workgroup switch can ping devices in other VLANs via the core router. If the default gateway

is not present in your configuration, add it by using the ip default-gateway 10.1.1.3

command in global configuration mode.




Configured a VLAN and assigned that VLAN to the switch port that is connected to your

workgroup router

Changed the IP address of the first Ethernet interface on your workgroup router

Assigned a default route to your workgroup router

Pinged devices in other VLANs to verify connectivity



21/120


Task 4: Configure the Rapid-PVST Protocol

In this task, you will configure the Rapid-PVST protocol, configure the second trunk port on

your workgroup switch so that it trunks to core switch B, and observe the Rapid-PVST

convergence when a loop is created.

Activity Procedure

Complete the following steps to configure the Rapid-PVST protocol on your workgroupswitch:

Step 1 Have the instructor verify that the interface on core switch B that connects to your

workgroup switch is configured properly for trunking. (The instructor may need to

enter the no shutdown command on this interface.) Make sure that the Fa0/12

interface on your workgroup switch is still shut down.

Step 2 Enable the Rapid-PVST protocol on your workgroup switch.

Step 3 Set the speed of port Fa0/12 on your workgroup switch to 100Mb/s.

Step 4 Set the duplex setting of port Fa0/12 on your workgroup switch to full duplex.

Step 5 Set the port Fa0/12 on your workgroup switch to trunk mode.

What command do you use to set the port to trunk mode?

What command do you use to display a trunk configuration?


SwitchA# show interfaces Fa0/12 switchportName: Fa0/12Switchport: Enabled

Administrative Mode: trunkOperational Mode: down

Administrative Trunking Encapsulation: dot1qNegotiation of Trunking: On

Access Mode VLAN: 1 (default)Trunking Native Mode VLAN: 1 (default)

Administrative Native VLAN tagging: enabledVoice VLAN: none

Administrative private-vlan host-association: noneAdministrative private-vlan mapping: none

Administrative private-vlan trunk native VLAN: noneAdministrative private-vlan trunk Native VLAN tagging: enabledAdministrative private-vlan trunk encapsulation: dot1qAdministrative private-vlan trunk normal VLANs: noneAdministrative private-vlan trunk private VLANs: noneOperational private-vlan: noneTrunking VLANs Enabled: ALLPruning VLANs Enabled: 2-1001Capture Mode DisabledCapture VLANs Allowed: ALL



22/120


Step 6 Enter the no shutdown command on the Fa0/12 interface on your workgroup

switch.

Step 7 Enter the command to determine the spanning-tree state of the VLAN you created

earlier.

Which interfaces are in the forwarding state for the VLAN you created?

Note Port Fa0/2 and Fa0/11 on your workgroup switch should be in the forwarding state.

Step 8 Keep your workgroup switch console session active and open a second console

session to the workgroup router. (You need two open sessions to the lab equipment

to accomplish this step.)

Step 9 From your workgroup router, use Telnet to connect to the core switches and repeat

Step 6from core switch A and core switch B.

Note The IP address for core switch A is 10.1.1.2 and the IP address for core switch B is 10.1.1.4.

The vty password for the core switches is cisco. You do not need enable mode privileges

on the core switches.

Step 10 Use the output of the show spanning-tree vlanx command that you performed on

the core switches and your workgroup switch in the previous steps to answer the

following questions:

What is the MAC address of the root bridge for the VLAN you created earlier?

Which switch is the root bridge?

What is the priority of the root bridge?

Which port is in the blocking state?



23/120



CoreSwitchA>show spanning-tree vlan 2

VLAN0002Spanning tree enabled protocol rstpRoot ID Priority 24578

Address 001a.6dd7.1880This bridge is the rootHello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 24578 (priority 24576 sys-id-ext 2) Address 001a.6dd7.1880Hello Time 2 sec Max Age 20 sec Forward Delay 15 secAging Time 300

Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- --------------------------------Fa0/1 Desg FWD 19 128.1 P2pFa0/2 Desg FWD 19 128.2 P2pFa0/3 Desg FWD 19 128.3 P2pFa0/4 Desg FWD 19 128.4 P2pFa0/5 Desg FWD 19 128.5 P2pFa0/6 Desg FWD 19 128.6 P2pFa0/23 Desg FWD 19 128.23 P2pPo1 Desg FWD 12 128.72 P2p Peer(STP)

CoreSwitchB>sh spanning-tree vlan 2

VLAN0002Spanning tree enabled protocol ieeeRoot ID Priority 24578

Address 001a.6dd7.1880Cost 12Port 72 (Port-channel1)Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 28674 (priority 28672 sys-id-ext 2) Address 001a.6de6.d800

Hello Time 2 sec Max Age 20 sec Forward Delay 15 secAging Time 300

Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- --------------------------------Fa0/1 Desg FWD 19 128.1 P2pFa0/2 Desg FWD 19 128.2 P2pFa0/3 Desg FWD 19 128.3 P2pFa0/4 Desg FWD 19 128.4 P2pFa0/5 Desg FWD 19 128.5 P2pFa0/6 Desg FWD 19 128.6 P2pPo1 Root FWD 12 128.72 P2p

Step 11 While keeping the two console sessions active, (one to your switch and one to your

router), from your workgroup router, perform an extended ping to the core router(10.x.x.3, in whichx is your assigned VLAN number) with a count of 45000.

Is the ping successful?


RouterA# ping

Protocol [ip]:

Target IP address: 10.1.1.3



24/120


Repeat count [5]: 45000

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]:

Sending 45000, 100-byte ICMP Echos to 10.1.1.3, timeout is 2seconds:

Note You should see continuous successful ping replies from the core router. The current path

from your switch to the core router should be via your FastEthernet0/11 port. If not, do not

proceed to the next step; instead, troubleshoot the problem or ask your instructor for help.

Step 12 At your workgroup switch, shut down interface Fa0/11.

What happened to the extended ping to the core router?

Is the ping successful after a few seconds?

Step 13 At your workgroup switch, re-enable interface Fa0/11.

What happened to the extended ping to the core router?

Is the ping successful after a few seconds?

Step 14 Stop the extended ping from your workgroup router to the core router by pressing

Ctrl-Shift-6, then Ctrl-Shift-6 again.

Step 15 Save your configuration to NVRAM, using copy run start.



You have completed this activity when you attain these results:

Configured a second trunk port on your workgroup switch to trunk to core switch B

Observed an extended ping to the core router and shut down the forwarding trunking portto observe a break in the pings



25/120


Task 5: Configure Primary and Secondary Root Bridges(Optional)

In this task, you will work with a student in another workgroup. You will configure two more

VLANs, a primary and secondary. Your workgroup switch will become the root bridge for your

primary VLAN and the secondary root bridge for the primary VLAN of your partner.

Group Assignments: A-B, C-D, E-F, G-H

Primary and Secondary VLAN Assignment

WG Primary VLAN

Number

Secondary VLAN

Number

A 20 30

B 30 20

C 40 50

D 50 40

E 60 70

F 70 60

G 80 90

H 90 80

Activity Procedure

Complete the following steps to configure the primary and secondary root bridge on your

workgroup switch:

Step 1 Using the Primary and Secondary VLAN Assignment table, create only the primary

VLAN for your workgroup.

Step 2 Using the Primary and Secondary VLAN Assignment table, create only the

secondary VLAN for your workgroup.

What command do you use to create a VLAN on your switch?

Step 3 Using the show vlan command from the EXEC mode, verify that the correct

VLANs have been added.

Step 4 Configure your workgroup switch to be the root bridge for your primary VLAN.

What command do you use to make a switch the root bridge for a particular

VLAN?

Step 5 Configure your workgroup switch to be the secondary root bridge for the primary

VLAN of your partner.

What command do you use to make a switch the secondary root bridge?



26/120


Step 6 Enter the command to determine the spanning-tree state of the VLANs you created

earlier in this task.

Which interfaces are in the forwarding state for the VLANs you created?

Step 7 Keep your workgroup switch console session active and open a second consolesession to the workgroup router. (You need two open sessions to the lab equipment

to accomplish this step.)

Step 8 From your workgroup router, establish a Telnet session to the core switches and

enter the command to determine the spanning-tree state of your primary VLAN and

your secondary VLAN on core switch A and core switch B.

Note The IP address for core switch A is 10.1.1.2, and the IP address for core switch B is

10.1.1.4. The vty password for the core switches is cisco. You do not need enable mode

privileges on the core switches.

Step 9 From the output of the show spanning-tree vlanx command performed on the core

switches and your workgroup switch in the previous steps, answer the following

questions:

What is the MAC address of the root bridge for the primary VLAN you created

earlier? What is the MAC address of the secondary VLAN?

Which switch is the root bridge for the primary VLAN? Which switch is the rootbridge for the secondary VLAN?

What is the priority of the root bridge for the primary VLAN? What is the

priority of the secondary VLAN?

Which port is in the blocking state for the primary VLAN? Which port is in the

blocking state for the secondary VLAN?



27/120



SwitchA# sh spanning-tree vlan 20


Address 0017.596d.2a00This bridge is the rootHello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 24596 (priority 24576 sys-id-ext 20) Address 0017.596d.2a00Hello Time 2 sec Max Age 20 sec Forward Delay 15 secAging Time 300

Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- ----------------------------Fa0/11 Desg FWD 19 128.11 P2pFa0/12 Desg FWD 19 128.12 P2p Peer(STP)

SwitchA# sh spanning-tree vlan 30


Address 0017.596d.1580Cost 38Port 11 (FastEthernet0/11)Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 28702 (priority 28672 sys-id-ext 30) Address 0017.596d.2a00Hello Time 2 sec Max Age 20 sec Forward Delay 15 secAging Time 300

Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- ----------------------------Fa0/11 Root FWD 19 128.11 P2pFa0/12 Altn BLK 19 128.12 P2p Peer(STP)

CoreSwitchA> sh spanning-tree vlan 20


Address 0017.596d.2a00Cost 19Port 1 (FastEthernet0/1)Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32788 (priority 32768 sys-id-ext 20) Address 001a.6dd7.1880

Hello Time 2 sec Max Age 20 sec Forward Delay 15 secAging Time 300

Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- ----------------------------Fa0/1 Root FWD 19 128.1 P2pFa0/2 Desg FWD 19 128.2 P2pFa0/3 Desg FWD 19 128.3 P2pFa0/4 Desg FWD 19 128.4 P2pFa0/5 Desg FWD 19 128.5 P2pFa0/6 Desg FWD 19 128.6 P2pFa0/23 Desg FWD 19 128.23 P2p



28/120


Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- ----------------------------

Po1 Desg FWD 12 128.72 P2p Peer(STP)

CoreSwitchB> show spanning-tree vlan 30

VLAN0030Spanning tree enabled protocol ieeeRoot ID Priority 24606

Address 0017.596d.1580

Cost 19Port 2 (FastEthernet0/2)Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32798 (priority 32768 sys-id-ext 30) Address 001a.6de6.d800Hello Time 2 sec Max Age 20 sec Forward Delay 15 secAging Time 300

Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- ------------------------Fa0/1 Desg FWD 19 128.1 P2pFa0/2 Root FWD 19 128.2 P2pFa0/3 Desg FWD 19 128.3 P2pFa0/4 Desg FWD 19 128.4 P2p

Fa0/5 Desg FWD 19 128.5 P2pFa0/6 Desg FWD 19 128.6 P2pPo1 Altn BLK 12 128.72 P2p


You have completed this activity when you attain these results:

Configured and verified a primary and secondary VLAN

Configured and verified a root and secondary root bridge for the primary and secondary

VLANs



29/120


Lab 2-2: Troubleshooting Switched NetworksComplete this lab activity to practice what you learned in the related module.

Activity Objective

In this activity, you will use the troubleshooting guidelines discussed in the corresponding

module to gather symptoms and isolate and correct problems commonly found in a switchednetwork. After completing this activity, you will be able to meet these objectives:

Discover switched network connectivity issues, follow troubleshooting guidelines to

ascertain switched connectivity problems, and re-establish switched network connectivity

Visual Objective



Visual Objective 2-2:

Troubleshooting Switched NetworksWG Switch Router

fa0/0

A 10.1.1.10 10.2.2.12B 10.1.1.20 10.3.3.12C 10.1.1.30 10.4.4.12D 10.1.1.40 10.5.5.12E 10.1.1.50 10.6.6.12F 10.1.1.60 10.7.7.12G 10.1.1.70 10.8.8.12H 10.1.1.80 10.9.9.12

Required Resources


PC connected to an onsite lab or PC with an Internet connection to access the remote lab Terminal server connected to a console port of each lab device if using a remote lab




30/120


Command List




Commands

Command Description

copy tftp running-configuration

Merges a file on the TFTP server with device running-config

ping 10.1.1.1 Tests Layer 3 connectivity

show interface Displays interface status and statistics

show interface switchport Displays switching-related interface statistics

show interface trunk Displays interfaces configured to be trunk ports

show port-security Displays interfaces configured with port security

show port-security address Displays the MAC addresses found on a secure port

show spanning-tree vlan # Displays spanning tree statusshow vlan Displays a switch VLAN database

show vtp status Displays VTP settings

Job Aids

These job aids are available to help you complete the lab activity. Use the table to document the

troubleshooting process.

Troubleshooting Steps

Command to Gather

Symptoms

Isolate the Problem Command to Correct the Problem

Example:

ping 172.16.2.2 fails -----

show ip interface brief int Fa0/1 is administrativelydown

no shutdown

ping 172.16.2.2 still fails -----

show interface Fa0/1 has incorrect ip address ip address 192.168.1.2

ping 172.16.2.2 succeeds



31/120


Task 1: Update Your Workgroup Configurations

In this task, you will download new supplemental configurations to your workgroup switch and

router from the TFTP server. These supplemental configurations may introduce a problem that

will prevent you from completing the task, so you will troubleshoot to isolate and correct the

problem.

Activity Procedure


Step 1 Shutdown the port Fa0/12 of your workgroup switch.

Step 2 Ping the TFTP server (10.1.1.1) from your workgroup router.

Step 3 Ensure connectivity with the TFTP server. Ping the TFTP server (10.1.1.1) from

your workgroup switch.

Note If either of the pings is unsuccessful, contact your instructor.

Step 4 From your workgroup switch, download the supplemental configuration from the

TFTP server into the running configuration of your workgroup switch. The name of

the file to download is i2-wg_sw-config-lab2-2.txt.

Step 5 Type exit from the privilege EXEC prompt and ensure your switch banner reads:

************** wg_sw-config-lab2-2 ***********************

Step 6 From your workgroup router, download the supplemental configuration from the

TFTP server into the running configuration of your workgroup router. The name of

the file to download is i2-wg_ro-config-lab2-2.txt.

Was the download successful?

Can you ping the TFTP server from your workgroup router?

Step 7 Without utilizing the show run command, use the troubleshooting guidelines and

commands discussed in the corresponding module to gather symptoms, isolate the

problem, and correct the problem. Use the Job Aids table on the previous page to

document the troubleshooting process.

Step 8 Once you have re-established connectivity, download the supplemental

configuration from the TFTP server into the running configuration of your

workgroup router. The name of the file to download is i2-wg_ro-config-lab2-2.txt.

Step 9 Type exit from the privilege EXEC prompt and ensure your switch banner reads:

****** Congratulations! You have successfully completed the lab. ******





32/120




Both your workgroup switch and workgroup router are able to ping the TFTP server.

Both your workgroup switch and workgroup router have downloaded their lab2-2

configuration into their running configuration.



33/120


Lab 4-1: Implementing OSPFComplete this lab activity to practice what you learned in the related module.

Activity Objective

In this activity, you will determine IP routes with the OSPF routing protocol. After completing

this activity, you will be able to meet these objectives: Disable the LAN connections to the core

Enable the serial connections on a workgroup router

Configure OSPF on a workgroup router

Configure plain text authentication for OSPF

Verify the correct operation and configuration of OSPF routing and OSPF plain text

authentication

Visual Objective

The figure illustrates what you will accomplish in this lab activity.


Visual Objective 4-1: Implementing OSPF

Required Resources







34/120


Command List




Cisco Catalyst Switch Commands

Command Description

interface vlan1ip address ip-addressmask

Defines the IP address and subnet mask for the Cisco Catalystswitch.

ip default-gateway ip-address

Defines a default gateway on the Cisco Catalyst switch.

ping ip-address Common tool used to troubleshoot the accessibility of devices.This tool uses ICMP echo requests and ICMP echo replies todetermine whether a remote host is active. The ping commandalso measures the amount of time it takes to receive the echoreply.

show interfaces vlan 1 Displays IP configuration on the Cisco Catalyst switch.

show vlan Displays VLAN information on the Cisco Catalyst switch.

switchport access vlan 1 Defines the VLAN membership of an interface

Cisco Router Commands

Command Description

bandwidth Configures the bandwidth on serial interfaces.

clock rate Configures the clock rate on serial interfaces.

debug ip ospf events Displays a summary of OSPF transaction information.

interface loopbackUses the interface global configuration command to configure aninterface type and enter interface configuration mode.

ip ospf authentication-keypassword

Assigns a password to be used for OSPF authentication.

ip ospf authentication Enables plain text OSPF authentication.

network network-numberwildcard-maskarea area-id

Starts the routing protocol on all interfaces that the router has inthe specified network; specifies the number of bits significant forthis network and the OSPF area with which the network isassociated.

ping ip-address Common tool used to troubleshoot the accessibility of devices.This tool uses ICMP echo requests and ICMP echo replies todetermine whether a remote host is active. The ping commandalso measures the amount of time it takes to receive the echo

reply.

router ospf router-process-id

Enables the OSPF routing protocol.

show controllers type Displays the controller state that is specific to the controllerhardware.

show interfaces type Displays statistics for interfaces configured on the router.

show ip ospf neighbor Determines the state of an OSPF neighbor.

show ip protocols Displays values about routing protocols and routing protocol timerinformation associated with the router.



35/120


Command Description

show ip route Displays the IP routing table.


undebug all Turns off all debugging displays.

Job Aids

These job aids are available to help you complete the lab activity.

In this activity, you will use the default encapsulation for a serial link, HDLC, to distribute

routing protocol traffic from your workgroup to the core. This requires shutting down the

uplinks to the core switches on your workgroup switch and assigning an IP address to the first

serial interface of your router.

You will also configure the OSPF routing protocol, implementing OSPF authentication to

ensure routing update authenticity. Then you will verify the configuration and operation of

OSPF.

The following table lists the IP addresses that you will use in this lab activity. Subnet masks are

designated with /bits to indicate the number of network bits in the mask.

IP Addresses

WG Switch

Interface

VLAN 1

(SwitchX)

Router

Fa0/0

Interface

(RouterX)

Router

Loopback 0

Interface

(RouterX)

Router

S0/0/0

Interface

(RouterX)

Router

S0/0/1

Interface

(RouterX)

Core Router

Serial

Interface

(Core

Router)

A 10.2.2.11/24 10.2.2.3/24 192.168.1.65/28 10.140.1.2/24 10.23.23.1/24 10.140.1.1/24

B 10.3.3.11/24 10.3.3.3/24 192.168.1.81/28 10.140.2.2/24 10.23.23.2/24 10.140.2.1/24

C 10.4.4.11/24 10.4.4.3/24 192.168.2.65/28 10.140.3.2/24 10.45.45.1/24 10.140.3.1/24

D 10.5.5.11/24 10.5.5.3/24 192.168.2.81/28 10.140.4.2/24 10.45.45.2/24 10.140.4.1/24

E 10.6.6.11/24 10.6.6.3/24 192.168.3.65/28 10.140.5.2/24 10.67.67.1/24 10.140.5.1/24

F 10.7.7.11/24 10.7.7.3/24 192.168.3.81/28 10.140.6.2/24 10.67.67.2/24 10.140.6.1/24

G 10.8.8.11/24 10.8.8.3/24 192.168.4.65/28 10.140.7.2/24 10.89.89.1/24 10.140.7.1/24

H 10.9.9.11/24 10.9.9.3/24 192.168.4.81/28 10.140.8.2/24 10.89.89.2/24 10.140.8.1/24



36/120


Task 1: Disable LAN Connections to the Core

This task requires that you shut down the LAN connection from your workgroup to the core.

You will also change the IP address on your workgroup switch and the first Ethernet interface

on your router.

Activity Procedure

Complete the following steps to disable the LAN connections between the workgroup and core:



Step 3 Select your workgroup switch from the Pod menu.

Step 4 Shut down the ports (Fa0/11 and Fa0/12) that connect to core switch A and core

switch B.

Step 5 Change the IP address on the VLAN 1 interface of your workgroup switch to the

address listed in the Job Aids table for this lab activity.

Step 6 Change the default gateway on the switch to be the first Ethernet interface of your

workgroup router. Check the address listed in the Job Aids table for this lab activity.

For example, for workgroup A, the default gateway for the workgroup switch is

10.2.2.3.

Step 7 Change the workgroup switch port that is connected to your workgroup router

(Fa0/2) to VLAN 1 by entering interface configuration mode and issuing the

appropriate command.

Step 8 Exit global configuration mode.

Step 9 Enter the show interface vlan 1 command to verify that you have configured thecorrect IP address.


SwitchA# sh interface vlan 1Vlan1 is up, line protocol is upHardware is EtherSVI, address is 0017.596d.2a40 (bia

0017.596d.2a40)Internet address is 10.2.2.11/24MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,

reliability 255/255, txload 1/255, rxload 1/255Encapsulation ARPA, loopback not setARP type: ARPA, ARP Timeout 04:00:00Last input 00:11:45, output 00:11:45, output hang never

Last clearing of "show interface" counters neverInput queue: 0/75/0/0 (size/max/drops/flushes); Total output drops:

0Queueing strategy: fifoOutput queue: 0/40 (size/max)5 minute input rate 0 bits/sec, 0 packets/sec5 minute output rate 0 bits/sec, 0 packets/sec

280 packets input, 28716 bytes, 0 no bufferReceived 0 broadcasts (0 IP multicast)0 runts, 0 giants, 0 throttles0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored142 packets output, 15568 bytes, 0 underruns



37/120


0 output errors, 1 interface resets0 output buffer failures, 0 output buffers swapped out

Step 10 Show the running configuration to verify that the default gateway is properly

configured.

Step 11 Enter the proper show vlan command to verify that the port to the workgroup router

is now in VLAN 1.


SwitchA# sh vlan

VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8Fa0/9, Fa0/10, Fa0/12, Fa0/13Fa0/14, Fa0/15, Fa0/16, Fa0/17Fa0/18, Fa0/19, Fa0/20, Fa0/21Fa0/22, Fa0/23, Fa0/24, Gi0/1Gi0/2

2 VLAN0002 active1002 fddi-default act/unsup1003 token-ring-default act/unsup1004 fddinet-default act/unsup1005 trnet-default act/unsup

Step 12 Move to your workgroup router console connection. On the workgroup router,

change the address of the Ethernet interface of the workgroup router to the address

listed in the Job Aids table for this lab activity.

Step 13 Verify the first Ethernet interface of the workgroup router. Your output should look

similar to the following display:

RouterA# sh ip int fa0/0

FastEthernet0/0 is up, line protocol is up

Internet address is 10.2.2.3/24Broadcast address is 255.255.255.255Address determined by setup commandMTU is 1500 bytesHelper address is not setDirected broadcast forwarding is disabledOutgoing access list is not setInbound access list is not setProxy ARP is enabledLocal Proxy ARP is disabledSecurity level is defaultSplit horizon is enabledICMP redirects are always sent

ICMP unreachables are always sentICMP mask replies are never sentIP fast switching is enabledIP fast switching on the same interface is disabledIP Flow switching is disabledIP CEF switching is enabledIP CEF Fast switching turbo vectorIP multicast fast switching is enabledIP multicast distributed fast switching is disabled

Step 14 From your workgroup router, ping your workgroup switch to test connectivity. The

ping should be successful.



38/120





Shut down the LAN connection from your workgroup to the core

Changed the IP address on your workgroup switch and the first Ethernet interface on your

router

Task 2: Enable Serial Connections on the Workgroup Router

This task requires that you remove the default route configured previously on the router, assign

an IP address to your serial interfaces, and verify that you only have connectivity with directly

connected devices. Also this task will have you verify that you cannot reach the core router IP

address of 10.1.1.3. You will establish connectivity in the next task.

Activity Procedure

Complete the following steps on the workgroup router to enable a serial connection:

Step 1 Enter global configuration mode.

Step 2 Remove the default route using the no ip route 0.0.0.0 0.0.0.0 10.x.x.3 command,

which you configured in an earlier lab.

Step 3 Verify that the first two serial interfaces, S0/0/0 and S0/0/1, are configured for

HDLC by using the show interfaces serialinterface command. The fourth line in

the output should indicate your encapsulation type.

Step 4 On the workgroup router, change the address of the first serial interface (S0/0/0) of

the workgroup router to the address listed in the Job Aids table for this lab activity.

For example, for workgroup A, the address is 10.140.1.2.

Step 5 Enter the no shutdown command on your first serial interface (S0/0/0).

Step 6 Ping the core router serial interface that is directly connected to your workgroup

router. Refer to the Job Aids table of this lab activity for the correct IP address. For

example, for workgroup A, the address is 10.140.1.1.

The ping should work. Why?

Step 7 Ping the core router at 10.1.1.3.

The ping did not work. Why not?



39/120


Step 8 View your IP routing table to see all of the paths listed in the table. Which command

do you enter to view the IP routing table? Your output should look similar to the

following display:

RouterA# sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS

level-2

ia - IS-IS inter area, * - candidate default, U - per-userstatic route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/24 is subnetted, 2 subnets

C 10.2.2.0 is directly connected, FastEthernet0/0

C 10.140.1.0 is directly connected, Serial0/0/0

Step 9 Verify whether a DCE or DTE cable is connected on your second serial interface

(S0/0/1) by using the show controllers serial interfacecommand. (Notice there is a

space between the word serial and the interface parameter.)

Step 10 If your second serial interface (S0/0/1), which connects to your partner workgroup

router, is DCE, assign a clock rate of 64000.

Note DTE interfaces do not require a clock rate to be set.

Step 11 Configure the IP address of the second serial interface (S0/0/1) to the IP addresslisted in the Job Aids table for this lab activity.

Step 12 Enter the no shutdown command on your second serial interface.

Step 13 Ping the second serial interface (S0/0/1) of your partner router that is directly

connected to your workgroup router. Refer to the Job Aids table of this lab activity

for the correct IP address.

The ping should work. Why?

Note A successful ping requires the S0/0/1 interface of your partner router S0/0/1 to be configured

correctly.




40/120




Removed the default route configured previously on the router

Assigned an IP address to your serial interfaces

Verified connectivity with your directly connected serial interface neighbor routers

Verified that you cannot reach the core router IP address of 10.1.1.3 by unsuccessfully

pinging the router

Task 3: Enable Routing with OSPFThe purpose of this task is to configure OSPF on the router. You will do this by assigning the

routing process ID and identifying the networks that will participate in the OSPF routing

process.

Activity Procedure

Complete the following steps on the workgroup router:

Step 1 Configure the loopback 0 interface with the address indicated in the Job Aids tableof this lab activity.

Step 2 Enable the OSPF routing protocol. Use an OSPF process ID of 100.

Step 3 Enable OSPF on your loopback 0 interface, Fa0/0 interface, and two serial

interfaces, S0/0/0 and S0/0/1. Refer to the Job Aids table of this lab activity. All of

the interfaces should be in area 0. Use four network statements with a wildcard mask

of 0.0.0.0 for each. For example:

RouterA(config)#router ospf 100

RouterA(config-router)#network 192.168.1.65 0.0.0.0 area 0

RouterA(config-router)#network 10.2.2.3 0.0.0.0 area 0RouterA(config-router)#network 10.140.1.2 0.0.0.0 area 0

RouterA(config-router)#network 10.23.23.1 0.0.0.0 area 0

Step 4 Configure a bandwidth of 64 Kb on both serial interfaces, S0/0/0 and S0/0/1.




Assigned the routing process ID

Identified the networks that will participate in the OSPF routing process



41/120


Task 4: Enable OSPF Plain Text AuthenticationThe purpose of this task is to configure OSPF authentication on the router. The OSPF protocol

will not advertise routes between neighbors until they have correctly identified themselves.

Activity Procedure


Step 1 Assign a password to be used with all neighboring routers that use OSPF plain textpassword authentication (core router and partner router). Use san-fran as a

password.

Step 2 Enable your workgroup router to utilize plain text OSPF authentication with each of

your neighbor OSPF routers.




Assigned an authentication password

Enabled authentication

Task 5: Verify OSPF Routing and Plain Text Authentication

In this topic, you will verify the operation and configuration of the OSPF routing protocol and

plain text authentication. You will do this using several show commands.

Activity Procedure


Step 1 Use the show ip route command to verify the routes learned from the OSPF routingprotocol. Your output should look similar to the following display:

RouterA# sh ip routeCodes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaN1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2E1 - OSPF external type 1, E2 - OSPF external type 2i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS

level-2ia - IS-IS inter area, * - candidate default, U - per-user static

routeo - ODR, P - periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/24 is subnetted, 5 subnetsC 10.23.23.0 is directly connected, Serial0/0/1C 10.2.2.0 is directly connected, FastEthernet0/0O 10.1.1.0 [110/1563] via 10.140.1.1, 00:03:15, Serial0/0/0O 10.140.2.0 [110/3124] via 10.140.1.1, 00:03:15, Serial0/0/0

[110/3124] via 10.23.23.2, 00:03:15, Serial0/0/1C 10.140.1.0 is directly connected, Serial0/0/0

192.168.1.0/24 is variably subnetted, 2 subnets, 2 masksC 192.168.1.64/28 is directly connected, Loopback0O 192.168.1.81/32 [110/1563] via 10.23.23.2, 00:03:17, Serial0/0/1



42/120


Step 2 Use the show ip protocols command to verify that the OSPF routing protocol is

enabled and that the routing process ID that you assigned in Task 1 are recognized

by OSPF (the router ID should be the IP address of the loopback interface of your

workgroup router). Your output should look similar to the following display:

RouterA# sh ip protocol

Routing Protocol is "ospf 100"

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Router ID 192.168.1.65

Number of areas in this router is 1. 1 normal 0 stub 0 nssa

Maximum path: 4

Routing for Networks:

10.2.2.3 0.0.0.0 area 0

10.23.23.1 0.0.0.0 area 0

10.140.1.2 0.0.0.0 area 0

192.168.1.65 0.0.0.0 area 0

Reference bandwidth unit is 100 mbps

Routing Information Sources:

Gateway Distance Last Update

192.168.1.81 110 00:04:52

172.16.31.100 110 00:04:52

Distance: (default is 110)

Step 3 Use the show ip ospf neighbor command to display the neighbor status. Your

output should look similar to the following display:

RouterA# sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface172.16.31.100 0 FULL/ - 00:00:31 10.140.1.1 Serial0/0/0192.168.1.81 0 FULL/ - 00:00:31 10.23.23.2 Serial0/0/1

What is the neighbor state to the core and adjacent workgroup router?

What is the neighbor ID used by these routers?

Note You will not see your neighbors until they complete the preceding tasks of this lab activity.

Step 4 Ping the TFTP server at 10.1.1.1. Ping the Ethernet interface of another workgroup

router. Use the Job Aids table for this lab activity to find an address to ping. If the

other workgroup also has OSPF successfully configured, these pings should be

successful.



43/120


Step 5 Use the debug ip ospf events command to display the OSPF hello messages sent to

the router. Your output should look similar to the following display:

RouterA# debug ip ospf events

OSPF events debugging is on

RouterA#

*Feb 28 18:48:54.039: OSPF: Send hello to 224.0.0.5 area 0 onSerial0/0/0 from 10.140.1.2

*Feb 28 18:48:54.039: OSPF: Send hello to 224.0.0.5 area 0 onFastEthernet0/0 from 10.2.2.3


*Feb 28 18:48:56.979: OSPF: Rcv hello from 192.168.1.81 area 0from Serial0/0/1 10.23.23.2

*Feb 28 18:48:56.979: OSPF: End of hello processing

*Feb 28 18:48:57.187: OSPF: Rcv hello from 172.16.31.100 area0 from Serial0/0/0 10.140.1.1



*Feb 28 18:49:04.039: OSPF: Send hello to 224.0.0.5 area 0 onFastEthernet0/0 from 10.2.2.3

*Feb 28 18:49:04.039: OSPF: Send hello to 224.0.0.5 area 0 onSerial0/0/1 from 10.23.23.1u a

*Feb 28 18:49:06.979: OSPF: Rcv hello from 192.168.1.81 area 0from Serial0/0/1 10.23.23.2


Step 6 Turn debugging off. Your output should look similar to the following display:

RouterA# undebug allAll possible debugging has been turned off





Verified the operation and configuration of the OSPF routing protocol by using the

appropriate show and debug commands Verified connectivity by pinging remote addresses that are not directly connected to your

workgroup router



44/120


Lab 4-2: Troubleshooting OSPFComplete this lab activity to practice what you learned in the related module.

Activity Objective

In this activity, you will use the troubleshooting guidelines discussed in the corresponding

module to gather symptoms, isolate problems, and correct problems commonly found in anOSPF network. After completing this activity, you will be able to meet these objectives:

Discover OSPF network connectivity issues and follow troubleshooting guidelines to

isolate and fix OSPF connectivity problems

Visual Objective



Visual Objective 4-2:

Troubleshooting OSPF

Required Resources

These are

Icnd210lg Cracked

Text of Icnd210lg Cracked

Cracked Gas Compressor

Cracked Pot (BG)

Fracture of Cracked Members

Ethylene Cracked Gas Compressor - KLM Technology Groupklmtechgroup.com/PDF/Articles/articles/Cracked-Gas-Compressor.pdf · Ethylene Unit Cracked Gas Compressor Case Studies on Fouling

Cracked bits for scjp

Cracked Tooth Presentation

Cracked Sketch Contest

Detecting Cracked Shafts

Inverted & Cracked Nipple

95796642 Prometheus Cracked

Cracked mcs

Vertically cracked tooth

Welding Fabrication Standards Cracked

Cracked - Manual - A78

Cracked, 1953

Shareable Munchies Cracked Stacks EGGstravaganza...Cracked Stacks Cracked Stack Flight Make it a Flight by choosing your three favorite Cracked Stack flavors below! | 12.5 Berry Burst

Eigenvalue buckling analysis of cracked functionally ...imechanica.org/files/2016-Eigenvalue buckling analysis of cracked... · Eigenvalue buckling analysis of cracked functionally

Lcf cracked pot

Cracked Tooth Syndrome

Vibration Analysis of Cracked Composite Bending-torsion ... · PDF filecracked composite wing, flutter and ... The cracked composite wing is modeled by a cracked composite cantilever

shear strengthening of pre-cracked and non pre- cracked reinforced

Cracked pot

XFEM buckling analysis of cracked composite platesimechanica.org/files/XFEM buckling analysis of cracked composite... · XFEM buckling analysis of cracked composite plates Amir Nasirmanesh,

Cracked words

Story cracked pot

1990-01-03 - jasbc.or.jp · 1- B— c— c— 313 317 536 518 656 685 490 668 546 39 x 104 400 no cracked no cracked no cracked no cracked no cracked no cracked no cracked no cracked

XFEM buckling analysis of cracked composite plateschpc.ut.ac.ir/download/paper1/XFEM buckling analysis of cracked... · XFEM buckling analysis of cracked composite plates ... Linear

Ethylene Cracked Gas Compressor - Kolmetz.comkolmetz.com/pdf/articles/Cracked-Gas-Compressor.pdf · Identification of Turbine Fouling? ... Compressor System Flow Diagram Cracked Gas

Cracked * Easily

THE CHURCH CRACKED OPEN

Documents

Icnd210lg Cracked

Text of Icnd210lg Cracked