Maluk sira iha establésementu rede ne'ebé utiliza teknolojia hanesan DTP, VTP, EtherChannel, OSPF no NAT. Teknolojia hirak ne'e komúnmente utiliza iha ambiente rede ne'ebé komplexu hodi asegura transmisaun dadus ne'ebé efisiente no gestaun ba VLAN. Tuir mai espikasaun konaba Protocolo Sira:
DTP (Dynamic Trunking Protocol):
- Deskrisaun: DTP mak protokolu proprietariu husi Cisco ne'ebé utiliza hodi negosia trunking entre switch rua.
- Uzu: DTP utiliza hodi permite interkoneksaun entre VLAN sira iha switch sira. Trunking permite tráfiku múltiplu VLAN atu pasa entre switx sira ho efisiénsia.
VTP (VLAN Trunking Protocol):
- Deskrisaun: VTP mak protokolu seluk ne'ebé propriedade husi Cisco no utiliza hodi halo gestaun ba konfigurasaun VLAN iha rede hanesan sinkronizasaun informasaun VLAN entre switx sira.
- Uzu: VTP ajuda iha sinkronizasaun informasaun VLAN entre switx sira ne'ebé simplifika administrasaun VLAN iha ambiente switx sira.
EtherChannel:
- Deskrisaun: EtherChannel mak técnika ida ne'ebé utiliza hodi agrupa ligasaun Ethernet fisiku múltiplu iha ligasaun lógiku ida.
- Uzu: Ho EtherChannel, bele fornese banda aumentadu, redundánsia, no kapasidade balansu tráfiku.
OSPF (Open Shortest Path First):
- Deskrisaun: OSPF mak protokolu roteamentu ne'ebé utiliza iha rede IP atu determina kaminhu di'ak liu ba pakote sira.
- Uzu: OSPF troka informasaun kona-ba kustu no alkatrás de'it (link-state) entre rutór sira hodi haforsa komunikasaun efetivu no seguru iha rede.
NAT (Network Address Translation):
- Deskrisaun: NAT mak prosesu ne'ebé utiliza iha rutór sira hodi muda informasaun endereçu rede iha kabeál IP pakote sira wainhira iha tranzitu.
- Uzu: Uzadu komúnmente atu permite dispozitivu múltiplu iha rede lokál atu kompartilha endereçu IP públiku ida de'it.
- Atu Kompriende liu tan mai ita Aprende Topologia ida tuir mai ne'e :
Etapa-etapa halo Configurasaun :
Keta haluha Konfigura uluk Hostname ba Kada host :
Tuir mai etapa sira ne'ebe ita sei halo tuir mak ne'e :
1. Kria Port-Channel( Ether-Channel ) iha SW-Distribution1 ho SW-Distribution2
============================================================
SW-Distribution1(config-if-range)#channel-group 10 mode on !(Static mode)
SW-Distribution1(config-if-range)#no shutdown
!
SW-Distribution2(config-if-range)#channel-group 10 mode on !(Static mode)
SW-Distribution2(config-if-range)#no shutdown
!
2. Creat IP address on interface port channel 10
SW-Distribution1(config)#interface port-channel 10
SW-Distribution1(config-if)#no switchport !(to Active port for configure the ip on interface)
SW-Distribution1(config-if)#ip address 11.1.1.1 255.255.255.0
!
SW-Distribution2(config)#interface port-channel 10
SW-Distribution2(config-if)#no switchport
!
Verifika lai interface port-channel 10 iha SW-1 and sw2
Ex:
SW-Distribution1#sh interfaces port-channel 10
Port-channel10 is up, line protocol is up (connected
!
SW-Distribution2#sh interfaces port-channel 10
Port-channel10 is up, line protocol is up (connected)
Koko test ping ip Peering Entre SW-Distribusaun1 ho SW-Distribusaun2
SW-Distribution1#ping 11.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 11.1.1.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 0/0/0 ms
3..Kria Vlan iha SW-Distribution1
========================================================
SW-Distribution1(config)#
Switch(config)#vlan 10
Switch(config-vlan)#vlan 20
Switch(config-vlan)#vlan 30
Switch(config-vlan)#vlan 40
========================================================
4. Kria vtp domain (cisco123) iha switchs hotu
SW-Access1(config)#vtp domain cisco123
Changing VTP domain name from NULL to cisco123
!
SW-Access2(config)#vtp domain cisco123
Changing VTP domain name from NULL to cisco123
!
SW-Access3(config)#vtp domain cisco123
Changing VTP domain name from NULL to cisco123
!
SW-Access3(config)#vtp domain cisco123
Changing VTP domain name from NULL to cisco123
!
SW-Access4(config)#vtp domain cisco123
Changing VTP domain name from NULL to cisco123
!
Verifika VTP Status iha switchs hotu
SW-Access1#sh vtp status
VTP Version capable : 1 to 2
VTP version running : 1
VTP Domain Name : cisco123
5. Depois de Konfigura VTP iha Switch Distribusaun1/2 no Switch Access sira keta haluha Portu ligasaun Peering entre Switch sei Konfigura sai trunking hotu.
====================================================================
SW-Distribution1(config)#interface range gigabitEthernet 1/0/2 -5
SW-Distribution1(config-if-range)#switchport trunk allowed vlan 10,20,30,40
SW-Distribution1(config-if-range)#switchport mode trunk
!
SW-Distribution2(config)#interface range gigabitEthernet 1/0/2 -5
SW-Distribution1(config-if-range)#switchport trunk allowed vlan 10,20,30,40
SW-Distribution1(config-if-range)#switchport mode trunk
Exit
!
SW-Access1(config)#interface range gigabitEthernet 0/1 -2
SW-Access1(config-if-range)#switchport trunk allowed vlan 10,20,30,40
SW-Access1(config-if-range)#switchport mode trunk
Exit
!
SW-Access2(config)#interface range gigabitEthernet 0/1 -2
SW-Access2(config-if-range)#switchport trunk allowed vlan 10,20,30,40
SW-Access2(config-if-range)#switchport mode trunk
Exit
!
Se kuando Konfigursaun VTP iha Switch sira hanesan hotu Automatikamente Switch sira seluk sei hetan Vlan hirak ne'ebe ita Kria ona iha Switch Distribution1:
Koko Verifika fila fali iha Sw-Access sira:
Ex:
SW-Access4#sh vtp status
VTP Version capable : 1 to 2
VTP version running : 1
VTP Domain Name : cisco123
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 000C.85DA.5500
Configuration last modified by 0.0.0.0 at 3-1-93 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
Feature VLAN :
--------------
VTP Operating Mode : Server
Maximum VLANs supported locally : 255
Number of existing VLANs : 9
Configuration Revision : 20
MD5 digest : 0xA2 0x52 0x00 0x64 0x31 0x3A 0xB0 0x58
0x92 0xFC 0x6B 0x5B 0xBC 0x93 0xDE 0x85
SW-Access4#
6. Kria int vlan 10 - 40 ho ip address iha Sw-Distribution1 ho SW-Distribution2
=========================================================
SW-Distribution1(config)#interface vlan 10
SW-Distribution1(config-if)#ip address 10.1.1.254 255.255.255.0
!
SW-Distribution1(config)#interface vlan 20
SW-Distribution1(config-if)#ip address 20.1.1.254 255.255.255.0
!
SW-Distribution1(config)#interface vlan 30
SW-Distribution1(config-if)#ip address 30.1.1.254 255.255.255.0
!
exit
SW-Distribution1(config)#interface vlan 40
SW-Distribution1(config-if)#ip address 40.1.1.254 255.255.255.0
!
exit
!
SW-Distribution2(config)#interface vlan 10
SW-Distribution2(config-if)#ip address 10.1.1.253 255.255.255.0
!
SW-Distribution2(config)#interface vlan 20
SW-Distribution3(config-if)#ip address 20.1.1.253 255.255.255.0
!
SW-Distribution3(config)#interface vlan 30
SW-Distribution3(config-if)#ip address 30.1.1.253 255.255.255.0
!
exit
SW-Distribution4(config)#interface vlan 40
SW-Distribution4(config-if)#ip address 40.1.1.253 255.255.255.0
!
exit
7. Koko Teste ping Husi VPCs1 : ho ip 10.1.1.1 to VPCs 20.1.1.1) sei lae repply tamba diferente Gateway) ita tenki Kria ip Virtual hanesan tuir mai ne'e:
===================================================================
Configura HSRP (Hot Standby Router Protocol) iha SW-Distribution1 Ita normalmente sei uza komandu sira ne'e hanesan iha Kraik Hodi kria IP virtual ba SW-Distribution1.
SW-Distribution1#
int vlan 10
standby 10 ip 10.1.1.100 ! (10=Group Number ip 10.1.1.100=virtual IP)
exit
!
int vlan 20
standby 10 ip 20.1.1.100 ! (10=Group Number ip 10.1.1.100=virtual IP)
exit
!
int vlan 30
standby 10 ip 30.1.1.100 (10=Group Number ip 10.1.1.100=virtual IP)
exit
!
int vlan 40
standby 10 ip 40.1.1.100 (10=Group Number ip 10.1.1.100=virtual IP)
exit
!
Configura mos HSRP (Hot Standby Router Protocol) iha SW-Distribution2 Ita normalmente sei uza komandu sira ne'e hanesan iha Koraik Hodi kria IP virtual ba SW-Distribution1. SW-Distribution2
SW-Distribution2#
int vlan 10
standby 10 ip 10.1.1.100 ! (10=Group Number ip 10.1.1.100=virtual IP)
exit
!
int vlan 20
standby 10 ip 20.1.1.100 ! (10=Group Number ip 10.1.1.100=virtual IP)
exit
!
int vlan 30
standby 10 ip 30.1.1.100 (10=Group Number ip 10.1.1.100=virtual IP)
exit
!
int vlan 40
standby 10 ip 40.1.1.100 (10=Group Number ip 10.1.1.100=virtual IP)
exit
!
Verify/Verifika :
PC1> ping 10.1.1.100 (ip virtual for int vlan 10)
84 bytes from 10.1.1.100 icmp_seq=1 ttl=255 time=15.807 ms
84 bytes from 10.1.1.100 icmp_seq=2 ttl=255 time=15.483 ms
84 bytes from 10.1.1.100 icmp_seq=3 ttl=255 time=14.746 ms
84 bytes from 10.1.1.100 icmp_seq=4 ttl=255 time=15.364 ms
84 bytes from 10.1.1.100 icmp_seq=5 ttl=255 time=16.840 ms
PC1> ping 20.1.1.100 (ip virtual for int vlan 20)
84 bytes from 20.1.1.100 icmp_seq=1 ttl=255 time=16.169 ms
84 bytes from 20.1.1.100 icmp_seq=2 ttl=255 time=15.188 ms
PC1> ping 30.1.1.100 (ip virtual for int vlan 30)
84 bytes from 30.1.1.100 icmp_seq=1 ttl=255 time=15.329 ms
84 bytes from 30.1.1.100 icmp_seq=2 ttl=255 time=16.125 ms
PC1> ping 40.1.1.100 (ip virtual for int vlan 40)
84 bytes from 40.1.1.100 icmp_seq=1 ttl=255 time=15.975 ms
84 bytes from 40.1.1.100 icmp_seq=2 ttl=255 time=15.908 ms
8.Now configure ip peer between SW-Distribution1,2 to R1 and Router Internet.
================================================================
9. Configure ip peer Entre R1liga ba Internet
=================================================================
10. Konfigure routing ospf iha R1 (Advertise network iha R1)
=================================================================
R1(config)#router ospf 1
R1(config-router)#network 1.1.1.0 0.0.0.3 area 0
R1(config-router)#network 12.1.1.0 0.0.0.255 area 0
R1(config-router)#network 13.1.1.0 0.0.0.255 area 0
11.Konfigura routing ospf iha SW-Distribution1 (Advertise network Sira SW-Distribution1)
==================================================================
SWT-Distribution1(config)#ip routing
SWT-Distribution1(config)#router ospf 1
SWT-Distribution1(config-router)#network 12.1.1.0 0.0.0.255 area 0
SWT-Distribution1(config-router)#network 10.1.1.0 0.0.0.255 area 0
SWT-Distribution1(config-router)#network 20.1.1.0 0.0.0.255 area 0
SWT-Distribution1(config-router)#network 30.1.1.0 0.0.0.255 area 0
SWT-Distribution1(config-router)#network 40.1.1.0 0.0.0.255 area 0
12. Konfigura routing ospf iha SW-Distribution1 (Advertise network Sira SW-Distribution1)
==================================================================
SWT-Distribution1(config)#ip routing
SWT-Distribution1(config)#router ospf 1
SWT-Distribution1(config-router)#network 13.1.1.0 0.0.0.255 area 0
SWT-Distribution1(config-router)#network 10.1.1.0 0.0.0.255 area 0
SWT-Distribution1(config-router)#network 20.1.1.0 0.0.0.255 area 0
SWT-Distribution1(config-router)#network 30.1.1.0 0.0.0.255 area 0
SWT-Distribution1(config-router)#network 40.1.1.0 0.0.0.255 area 0
Ou ita bele Konfigure uja passive interface iha Router OSPF 1 nia laran
Ex : SWT-Distribution1(config)#ip routing
SWT-Distribution1(config)#router ospf 1
SWT-Distribution1(config)#passive-interface vlan 10
SWT-Distribution1(config)#passive-interface vlan 20
SWT-Distribution1(config)#passive-interface vlan 30
SWT-Distribution1(config)#passive-interface vlan 40
Verifika Prefixes sira iha R1
13.Konfigura Router Internet
=============================================================
Internet(config)#interface loopback 0
Internet(config-if)#ip address 8.8.8.8 255.255.255.255
exit
!
Internet(config)#interface gigabitEthernet 0/0
Internet(config-if)#ip address 1.1.1.2 255.255.255.252
exit
!
Ita Konfigura Ona ip peer iha R1 liga ba Internet maibe sei dauk bele ping from R1 to 8.8.8.8
Ex:
R1#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R1#
14. Husi R1 atu bele ping ba 8.8.8.8 ita tenki Kria default route iha R1
===========================================================
R1(config)#ip route 0.0.0.0 0.0.0.0 gigabitEthernet 3/0 1.1.1.2
Agora bele Koko test ping husi R1 ba 8.8.8.8
R1#ping 8.8.8.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/29/40 ms
R1#
Maibe ita mos sei dauk bele ping 8.8.8.8 source gi1/0 (LAN interface)
R1#ping 8.8.8.8 source gigabitEthernet 1/0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 12.1.1.2
.....
Success rate is 0 percent (0/5)
R1#
ita mos persija Konfigure NAT ( Network address translation) no Konfigura mos Acl (Access Control List ) iha R1
17.Konfigurea Acl no NAT iha R1
R1#R1(config)#R1(config)#ip access-list standard 10
R1(config-std-nacl)#permit any
!
R1(config)#ip nat inside source list 10 interface gigabitEthernet 3/0
!
R1(config)#interface gigabitEthernet 1/0
R1(config-if)#ip nat inside
R1(config-if)#exit
!
R1(config)#interface gigabitEthernet 3/0
R1(config-if)#ip nat outside
R1(config-if)#exit
Bele koko test ping 8.8.8.8 source gi1/0
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 12.1.1.2
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/28/40 ms
R1#
18. Koko Teste ping 8.8.8.8 husi VPCs Sei dauk reply tamba switch Sw-Distribution Layer sei dauk iha default route.
Antes Konfigura Default Route ( 0.0.0.0/0) :
======================================================
Verifika lai Default route iha SW-Distribution1 no SW-Distribution2
SWT-Distribution1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/30 is subnetted, 1 subnets
O 1.1.1.0 [110/11] via 12.1.1.2, 00:21:26, FastEthernet0/0
20.0.0.0/24 is subnetted, 1 subnets
C 20.1.1.0 is directly connected, Vlan20
40.0.0.0/24 is subnetted, 1 subnets
C 40.1.1.0 is directly connected, Vlan40
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Vlan10
12.0.0.0/24 is subnetted, 1 subnets
C 12.1.1.0 is directly connected, FastEthernet0/0
13.0.0.0/24 is subnetted, 1 subnets
O 13.1.1.0 [110/11] via 40.1.1.253, 00:21:38, Vlan40
[110/11] via 30.1.1.253, 00:21:38, Vlan30
[110/11] via 20.1.1.253, 00:21:38, Vlan20
[110/11] via 10.1.1.253, 00:21:38, Vlan10
30.0.0.0/24 is subnetted, 1 subnets
C 30.1.1.0 is directly connected, Vlan30
SWT-Distribution1#
========================================================
Konfigure Default Route iha R1#
R1(config)#router ospf 1
R1(config-router)#default-information originate
Depois de Konfigurea Default Route iha R1# router ospf 1 (Default-information originate).
Verifika fila fali default Route (0.0.0.0/0) iha SW-Distribution1- SW-Distribution2
SWT-Distribution1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 12.1.1.2 to network 0.0.0.0
1.0.0.0/30 is subnetted, 1 subnets
O 1.1.1.0 [110/11] via 12.1.1.2, 00:24:40, FastEthernet0/0
20.0.0.0/24 is subnetted, 1 subnets
C 20.1.1.0 is directly connected, Vlan20
40.0.0.0/24 is subnetted, 1 subnets
C 40.1.1.0 is directly connected, Vlan40
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Vlan10
12.0.0.0/24 is subnetted, 1 subnets
C 12.1.1.0 is directly connected, FastEthernet0/0
13.0.0.0/24 is subnetted, 1 subnets
O 13.1.1.0 [110/11] via 40.1.1.253, 00:24:52, Vlan40
[110/11] via 30.1.1.253, 00:24:52, Vlan30
[110/11] via 20.1.1.253, 00:24:52, Vlan20
[110/11] via 10.1.1.253, 00:24:56, Vlan10
30.0.0.0/24 is subnetted, 1 subnets
C 30.1.1.0 is directly connected, Vlan30
O*E2 0.0.0.0/0 [110/1] via 12.1.1.2, 00:01:01, FastEthernet0/0
SWT-Distribution1#
Agora bele test ping husi VPCs to 8.8.8.8
Ex:
PC1> ping 8.8.8.8
8.8.8.8 icmp_seq=1 timeout
84 bytes from 8.8.8.8 icmp_seq=2 ttl=253 time=77.905 ms
84 bytes from 8.8.8.8 icmp_seq=3 ttl=253 time=77.226 ms
84 bytes from 8.8.8.8 icmp_seq=4 ttl=253 time=76.389 ms
84 bytes from 8.8.8.8 icmp_seq=5 ttl=253 time=74.970 ms
PC1>
Success All.
Keta Haluha bele koko Test ping husi VPCs hotu hetan ona ligasaun ba Cloud Google ona ka sei dauk.
To iha ne'e deit ita nia Materia Konaba Protokolu Sira hanesan DTP,VTP, Ether-Channel, OSPF no NAT, Karik iha Duvidas ruma bele rai hela komentario iha Pagina ne'e.
