!!!I used real Cisco 3550 switch *4 to do this lab. I did not use Dynamips to do this lab.!!!
Objective:
Configure inter-VLAN routing with HSRP to provide redundant, fault tolerant
routing to the internal network.
Scenario:
HSRP provides a transparent failover mechanism to the end stations on the
network.
Basic Configuration:
All Switches:
enable
configure terminal
!
no ip domain lookup
!
line console 0
logging synchronous
exec-timeout 0 0
!
hostname
Step 1
Start by deleting the vlan.dat file, erasing the startup config, and reloading all your switches.
All Switches:
Clearing all Switches
Step 2
Configure management IP addresses in VLAN 1, hostname, password, and
telnet access on all four switches.
DLS1(config)#hostname DLS1
DLS1(config)#enable secret cisco
DLS1(config)#line vty 0 15
DLS1(config-line)#password cisco
DLS1(config-line)#logging synchronous
DLS1(config-line)#exit
DLS1(config)#interface vlan 1
DLS1(config-if)#ip address 172.16.1.3 255.255.255.0
DLS1(config-if)#no shutdown
DLS2(config)#hostname DLS2
DLS2(config)#enable secret cisco
DLS2(config)#line vty 0 15
DLS2(config-line)#password cisco
DLS2(config-line)#login
DLS2(config-line)#logging synchronous
DLS2(config-line)#exit
DLS2(config)#interface vlan 1
DLS2(config-if)#ip address 172.16.1.4 255.255.255.0
DLS2(config-if)#no shutdown
ALS1(config)#hostname ALS1
ALS1(config)#enable secret cisco
ALS1(config)#line vty 0 15
ALS1(config-line)#password cisco
ALS1(config-line)#login
ALS1(config-line)#logging synchronous
ALS1(config-line)#exit
ALS1(config)#interface vlan 1
ALS1(config-if)#ip address 172.16.1.101 255.255.255.0
ALS1(config-if)#no shutdown
ALS2(config)#hostname ALS2
ALS2(config)#enable secret cisco
ALS2(config)#line vty 0 15
ALS2(config-line)#password cisco
ALS2(config-line)#login
ALS2(config-line)#logging synchronous
ALS2(config-line)#exit
ALS2(config)#interface vlan 1
ALS2(config-if)#ip address 172.16.1.102 255.255.255.0
ALS2(config-if)#no shutdown
Configure default gateways on the access layer switches.
ALS1(config)#ip default-gateway 172.16.1.1
ALS2(config)#ip default-gateway 172.16.1.1
Step 3
Configure trunks and EtherChannels between switches according to the diagram.
DLS1(config)#interface range fastEthernet 0/7 - 8
DLS1(config-if-range)#switchport trunk encapsulation dot1q
DLS1(config-if-range)#switchport mode trunk
DLS1(config-if-range)#channel-group 3 mode desirable
DLS1(config)#interface range fastEthernet 0/9 - 10
DLS1(config-if-range)#switchport trunk encapsulation dot1q
DLS1(config-if-range)#switchport mode trunk
DLS1(config-if-range)#channel-group 4 mode desirable
DLS1(config)#interface range fastEthernet 0/11 - 12
DLS1(config-if-range)#switchport trunk encapsulation dot1q
DLS1(config-if-range)#switchport mode trunk
DLS1(config-if-range)#channel-group 2 mode desirable
DLS2(config)#interface range fastEthernet 0/7 - 8
DLS2(config-if-range)#switchport trunk encapsulation dot1q
DLS2(config-if-range)#switchport mode trunk
DLS2(config-if-range)#channel-group 4 mode desirable
DLS2(config)#interface range fastEthernet 0/9 - 10
DLS2(config-if-range)#switchport trunk encapsulation dot1q
DLS2(config-if-range)#switchport mode trunk
DLS2(config-if-range)#channel-group 3 mode desirable
DLS2(config)#interface range fastEthernet 0/11 - 12
DLS2(config-if-range)#switchport trunk encapsulation dot1q
DLS2(config-if-range)#switchport mode trunk
DLS2(config-if-range)#channel-group 1 mode desirable
ALS1(config)#interface range fastEthernet 0/7 - 8
ALS1(config-if-range)#switchport trunk encapsulation dot1q
ALS1(config-if-range)#switchport mode trunk
ALS1(config-if-range)#channel-group 1 mode desirable
ALS1(config)#interface range fastEthernet 0/9 - 10
ALS1(config-if-range)#switchport trunk encapsulation dot1q
ALS1(config-if-range)#switchport mode trunk
ALS1(config-if-range)#channel-group 2 mode desirable
ALS1(config)#interface range fastEthernet 0/11 - 12
ALS1(config-if-range)#switchport trunk encapsulation dot1q
ALS1(config-if-range)#switchport mode trunk
ALS1(config-if-range)#channel-group 4 mode desirable
ALS2(config)#interface range fastEthernet 0/7 - 8
ALS2(config-if-range)#switchport trunk encapsulation dot1q
ALS2(config-if-range)#switchport mode trunk
ALS2(config-if-range)#channel-group 2 mode desirable
ALS2(config)#interface range fastEthernet 0/9 - 10
ALS2(config-if-range)#switchport trunk encapsulation dot1q
ALS2(config-if-range)#switchport mode trunk
ALS2(config-if-range)#channel-group 1 mode desirable
ALS2(config)#interface range fastEthernet 0/11 - 12
ALS2(config-if-range)#switchport trunk encapsulation dot1q
ALS2(config-if-range)#switchport mode trunk
ALS2(config-if-range)#channel-group 3 mode desirable
DLS1#show etherchannel summary
Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
M - not in use, minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
Number of channel-groups in use: 3
Number of aggregators: 3
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
2 Po2(SU) PAgP Fa0/11(P) Fa0/12(P)
3 Po3(SU) PAgP Fa0/7(P) Fa0/8(P)
4 Po4(SU) PAgP Fa0/9(P) Fa0/10(P)
DLS1#
Step 4
Change the VTP mode of ALS1 and ALS2 to client.
ALS1(config)#vtp mode client
ALS2(config)#vtp mode client
ALS2#show vtp status
VTP Version : running VTP1 (VTP2 capable)
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
VTP Operating Mode : Client
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
ALS2#
Step 5
Create the VTP domain on DLS1 and create VLANs 100, 200, 300, and 400 for
the domain.
DLS1(config)#vtp domain SWPOD
DLS1(config)#vlan 10
DLS1(config-vlan)#name Finance
DLS1(config-vlan)#exit
DLS1(config)#vlan 20
DLS1(config-vlan)#name Engineering
DLS1(config-vlan)#exit
DLS1(config)#vlan 30
DLS1(config-vlan)#name Server-Farm1
DLS1(config-vlan)#exit
DLS1(config)#vlan 40
DLS1(config-vlan)#name Server-Farm2
Step 6
Configure your hosts with IP addresses and default gateways according to the
diagram. Configure the host ports of all four switches.
DLS1(config)#interface fastEthernet 0/6
DLS1(config-if)#switchport access vlan 30
DLS1(config-if)#switchport mode access
DLS2(config)#interface fastEthernet 0/6
DLS2(config-if)#switchport access vlan 40
DLS2(config-if)#switchport mode access
ALS1(config)#interface fastEthernet 0/6
ALS1(config-if)#switchport access vlan 10
ALS1(config-if)#switchport mode access
ALS2(config)#interface fastEthernet 0/6
ALS2(config-if)#switchport access vlan 20
ALS2(config-if)#switchport mode access
Step 7
In the following configurations, the priority for VLANs 1, 10, and 20 is 150 on
DLS1, making it the active router for those VLANs. VLANs 30 and 40 have a
priority of 100 on DLS1, making DLS1 the standby router for these VLANs.
DLS2 is configured to be the active router for VLANs 30 and 40, and the
standby router for VLANs 1, 10, and 20. The "ip routing" command is used on
DLS1 and DLS2 to activate routing capabilities on the switch.
DLS1(config)#ip routing
DLS1(config)#interface vlan 1
DLS1(config-if)#standby 1 ip 172.16.1.1
DLS1(config-if)#standby 1 preempt
DLS1(config-if)#standby 1 priority 150
DLS1(config)#interface vlan 10
DLS1(config-if)#ip address 172.16.10.3 255.255.255.0
DLS1(config-if)#no shutdown
DLS1(config-if)#standby 1 ip 172.16.10.1
DLS1(config-if)#standby 1 preempt
DLS1(config-if)#standby 1 priority 150
DLS1(config)#interface vlan 20
DLS1(config-if)#ip address 172.16.20.3 255.255.255.0
DLS1(config-if)#no shutdown
DLS1(config-if)#standby 1 ip 172.16.20.1
DLS1(config-if)#standby 1 preempt
DLS1(config-if)#standby 1 priority 150
DLS1(config)#interface vlan 30
DLS1(config-if)#ip address 172.16.30.3 255.255.255.0
DLS1(config-if)#no shutdown
DLS1(config-if)#standby 1 ip 172.16.30.1
DLS1(config-if)#standby 1 preempt
DLS1(config-if)#standby 1 priority 100
DLS1(config)#interface vlan 40
DLS1(config-if)#ip address 172.16.40.3 255.255.255.0
DLS1(config-if)#no shutdown
DLS1(config-if)#standby 1 ip 172.16.40.1
DLS1(config-if)#standby 1 preempt
DLS1(config-if)#standby 1 priority 100
DLS2(config)#ip routing
DLS2(config)#interface vlan 1
DLS2(config-if)#standby 1 ip 172.16.1.1
DLS2(config-if)#standby 1 preempt
DLS2(config-if)#standby 1 priority 100
DLS2(config)#interface vlan 10
DLS2(config-if)#ip address 172.16.10.4 255.255.255.0
DLS2(config-if)#no shutdown
DLS2(config-if)#standby 1 ip 172.16.10.1
DLS2(config-if)#standby 1 preempt
DLS2(config-if)#standby 1 priority 100
DLS2(config)#interface vlan 20
DLS2(config-if)#ip address 172.16.20.4 255.255.255.0
DLS2(config-if)#no shutdown
DLS2(config-if)#standby 1 ip 172.16.20.1
DLS2(config-if)#standby 1 preempt
DLS2(config-if)#standby 1 priority 100
DLS2(config)#interface vlan 30
DLS2(config-if)#ip address 172.16.30.4 255.255.255.0
DLS2(config-if)#no shutdown
DLS2(config-if)#standby 1 ip 172.16.30.1
DLS2(config-if)#standby 1 preempt
DLS2(config-if)#standby 1 priority 150
DLS2(config)#interface vlan 40
DLS2(config-if)#ip address 172.16.40.4 255.255.255.0
DLS2(config-if)#no shutdown
DLS2(config-if)#standby 1 ip 172.16.40.1
DLS2(config-if)#standby 1 preempt
DLS2(config-if)#standby 1 priority 150
Step 8
Issue the "show standby" command on both DLS1 and DLS2.
DLS1#show standby brief
P indicates configured to preempt.
|
Interface Grp Prio P State Active Standby Virtual IP
Vl1 1 150 P Active local 172.16.1.4 172.16.1.1
Vl10 1 150 P Active local 172.16.10.4 172.16.10.1
Vl20 1 150 P Active local 172.16.20.4 172.16.20.1
Vl30 1 100 P Standby 172.16.30.4 local 172.16.30.1
Vl40 1 100 P Standby 172.16.40.4 local 172.16.40.1
DLS1#
DLS1#show standby
Step 9
Verify connectivity between VLANs using the ping command from the SQL
Server (VLAN 40) to the other hosts and servers on the network.
Host:
C:\> ping 172.16.20.100 >>>OK
Step 10
Verify HSRP by disconnecting the trunks to DLS2. If you have physical access
to the routers, unplug the cables to FastEthernet0/7 through FastEthernet0/12.
If you do not have physical access, use the shutdown command on those
interfaces.
Final Configurations
DLS1:
hostname DLS1
!
enable secret 5 $1$H8md$wNoJWqHsdeyAcAdw4/Dhk1
!
ip routing
!
no ip domain-lookup
!
interface Port-channel3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Port-channel4
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Port-channel2
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/6
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/7
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 3 mode desirable
!
interface FastEthernet0/8
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 3 mode desirable
!
interface FastEthernet0/9
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 4 mode desirable
!
interface FastEthernet0/10
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 4 mode desirable
!
interface FastEthernet0/11
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode desirable
!
interface FastEthernet0/12
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode desirable
!
interface Vlan1
ip address 172.16.1.3 255.255.255.0
standby 1 ip 172.16.1.1
standby 1 priority 150
standby 1 preempt
no shutdown
!
interface Vlan10
ip address 172.16.10.3 255.255.255.0
standby 1 ip 172.16.10.1
standby 1 priority 150
standby 1 preempt
no shutdown
!
interface Vlan20
ip address 172.16.20.3 255.255.255.0
standby 1 ip 172.16.20.1
standby 1 priority 150
standby 1 preempt
no shutdown
!
interface Vlan30
ip address 172.16.30.3 255.255.255.0
standby 1 ip 172.16.30.1
standby 1 preempt
no shutdown
!
interface Vlan40
ip address 172.16.40.3 255.255.255.0
standby 1 ip 172.16.40.1
standby 1 preempt
no shutdown
!
line con 0
exec-timeout 0 0
logging synchronous
line vty 0 4
password cisco
logging synchronous
login
line vty 5 15
password cisco
logging synchronous
login
!
end
DLS2:
hostname DLS2
!
enable secret 5 $1$l9Qc$AZnJewwtZsW7YQvj4ZTC4.
!
ip routing
!
no ip domain-lookup
!
interface Port-channel4
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Port-channel3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/6
switchport access vlan 40
switchport mode access
!
interface FastEthernet0/7
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 4 mode desirable
!
interface FastEthernet0/8
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 4 mode desirable
!
interface FastEthernet0/9
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 3 mode desirable
!
interface FastEthernet0/10
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 3 mode desirable
!
interface FastEthernet0/11
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode desirable
!
interface FastEthernet0/12
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode desirable
!
interface Vlan1
ip address 172.16.1.4 255.255.255.0
standby 1 ip 172.16.1.1
standby 1 preempt
no shutdown
!
interface Vlan10
ip address 172.16.10.4 255.255.255.0
standby 1 ip 172.16.10.1
standby 1 preempt
no shutdown
!
interface Vlan20
ip address 172.16.20.4 255.255.255.0
standby 1 ip 172.16.20.1
standby 1 preempt
no shutdown
!
interface Vlan30
ip address 172.16.30.4 255.255.255.0
standby 1 ip 172.16.30.1
standby 1 priority 150
standby 1 preempt
no shutdown
!
interface Vlan40
ip address 172.16.40.4 255.255.255.0
standby 1 ip 172.16.40.1
standby 1 priority 150
standby 1 preempt
no shutdown
!
line con 0
exec-timeout 0 0
logging synchronous
line vty 0 4
password cisco
logging synchronous
login
line vty 5 15
password cisco
logging synchronous
login
!
end
ASL1:
hostname ALS1
!
enable secret 5 $1$k37v$0VNwLI2CDADpcg.1AaNqE.
!
no ip domain-lookup
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Port-channel2
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Port-channel4
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/6
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/7
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode desirable
!
interface FastEthernet0/8
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode desirable
!
interface FastEthernet0/9
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode desirable
!
interface FastEthernet0/10
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode desirable
!
interface FastEthernet0/11
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 4 mode desirable
!
interface FastEthernet0/12
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 4 mode desirable
!
interface Vlan1
ip address 172.16.1.101 255.255.255.0
no shutdown
!
ip default-gateway 172.16.1.1
!
line con 0
exec-timeout 0 0
logging synchronous
line vty 0 4
password cisco
logging synchronous
login
line vty 5 15
password cisco
logging synchronous
login
!
end
ALS2:
hostname ALS2
!
enable secret 5 $1$ZowE$8yLQPANSbZn4.uiq4VWsj.
!
no ip domain-lookup
!
interface Port-channel2
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Port-channel1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Port-channel3
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/6
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/7
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode desirable
!
interface FastEthernet0/8
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode desirable
!
interface FastEthernet0/9
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode desirable
!
interface FastEthernet0/10
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode desirable
!
interface FastEthernet0/11
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 3 mode desirable
!
interface FastEthernet0/12
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 3 mode desirable
!
interface Vlan1
ip address 172.16.1.102 255.255.255.0
no shutdown
!
ip default-gateway 172.16.1.1
!
line con 0
exec-timeout 0 0
logging synchronous
line vty 0 4
password cisco
logging synchronous
login
line vty 5 15
password cisco
logging synchronous
login
!
end
Reference:
Cisco Networking Academy
http://www.cisco.com/web/learning/netacad/index.html
CCNP Version 5.0: Building Multilayer Switched Networks
Student Lab Manual
最初發表 / 最後更新: 2008.10.12 / 20018.06.12
0 comments:
張貼留言