Monavathia's Blog

CCNA 4 Labskill Chapter 7

Posted on: January 5, 2011

Lab 7.1.6 Analyzing a Test Plan and Performing a Test

Task 1: Analyze the Test Plan

Analyze the test plan shown above and answer the following questions:

a. What are the four main sections of the test plan?

1) Introduction,

2) Equipment,

3) Design / Topology Diagram,

4) Test Descriptions and related testing information. (Test procedure, success criteria, and conclusions subsections repeat for each test within the test plan.)

How many tests are defined within the test plan in this lab?

2

In which testing subsection would you find the types of commands or analysis tools used to determine

if the test was successful?

Procedures

d. In which main test plan section would you find a description the devices and cabling used to build the

prototype for the test plan?

Equipment

e. In which main testing section would an overall description of the tests to be performed and the

reasons why they are being specified in the test plan?

Introduction

Task 2: Configure the PCs and switch VLANs and perform Test 1

Step 1: Connect devices and configure PC IP addresses

Connect the switch to the router as shown in the Test Plan topology diagram.

Connect the PC1 and PC2 hosts to the switch using the ports indicated in the Test Plan topology table.

Using the IP address information from the Test Plan table, configure PC1 and PC2.

Step 2: Prepare the switch for configuration

Connect a PC with a console cable to the switch to perform configurations using a terminal emulation

program. Confirm that the switch is ready for lab configuration by ensuring that all existing VLAN and general configurations are removed. Remove the switch startup configuration file from NVRAM.

Switch#erase startup-config

Erasing the nvram filesystem will remove all files! Continue? [confirm]

Press Enter to confirm. The response should be:

Erase of nvram: complete

If the switch has previously been configured with VLANs, it will necessary to delete the VLAN

database information file. From the privileged EXEC mode, issue the following commands:

Switch#delete vlan.dat

Delete filename [vlan.dat]?[Enter]

Delete flash:/vlan.dat? [confirm] [Enter]

If there was no VLAN file, this message is displayed.

%Error deleting flash:/vlan.dat (No such file or directory)

It is recommended that the delete command not be issued as: delete flash:vlan.dat.

Accidentally omitting vlan.dat from this command could lead to the complete IOS being deleted

from flash memory. Issuing the reload command to restart the switch may not always clear the previous VLAN configuration; for that reason, the power cycle (hardware restart) step is recommended.

Step 3: Configure VLANs on switch S1

Configure switch S1 with a hostname and passwords.

Switch(config)#hostname FC-ASW-1

FC-ASW-1(config)#enable password cisco

FC-ASW-1(config)#enable secret class

FC-ASW-1(config)#line console 0

FC-ASW-1(config-line)#password cisco

FC-ASW-1(config-line)#login

FC-ASW-1(config-line)#line vty 0 15

FC-ASW-1(config-line)#password cisco

FC-ASW-1(config-line)#login

FC-ASW-1(config-line)#exit

FC-ASW-1(config)#

Configure switch S1 with the VLAN 1 IP address of 10.0.1.2/24.

FC-ASW-1(config)#interface vlan1

FC-ASW-1(config-if)#ip address 10.0.1.2 255.255.255.0

FC-ASW-1(config-if)#no shutdown

FC-ASW-1(config-if)#exit

FC-ASW-1(config)#

Configure switch S1 with the default gateway address of 10.0.1.1.

FC-ASW-1(config)#ip default-gateway 10.0.1.1

FC-ASW-1(config)#

Create VLAN 10 named main-net and VLAN 20 named voice.

FC-ASW-1(config)#vlan 10

FC-ASW-1(config-vlan)#name main-net

FC-ASW-1(config-vlan)#exit

FC-ASW-1(config-vlan)#vlan 20

FC-ASW-1(config-vlan)#name voice

FC-ASW-1(config-vlan)#exit

FC-ASW-1(config)#

Assign interface range Fa0/2 through Fa0/12 to VLAN 10.

FC-ASW-1(config)#interface range fa0/2 – 12

FC-ASW-1(config-if-range)#switchport mode access

FC-ASW-1(config-if-range)#switchport access vlan 10

FC-ASW-1(config-if-range)#exit

FC-ASW-1(config)#

Assign interface range Fa0/13 through Fa0/24 to VLAN 20.

FC-ASW-1(config)#interface range fa0/13 – 24

FC-ASW-1(config-if-range)#switchport mode access

FC-ASW-1(config-if-range)#switchport access vlan 20

FC-ASW-1(config-if-range)#end

FC-ASW-1#

Step 4: Perform Test 1 to determine if the hosts can communicate between VLANs

a. Issue the show running-config commands from the switch and verify all basic configuration

settings. See output at end of lab.

b. Issue the show vlan brief command on the switch to verify what ports are in which VLANs.

Which switch ports are in VLAN 1?

Fa0/1 Gi0/1, Gi0/2

Which switch ports are in VLAN 10?

Fa0/2 – Fa0/12

Which switch ports are in VLAN 20?

Fa0/13 – Fa0/24

FC-ASW-1#show vlan brief

VLAN Name Status Ports

1 default active Fa0/1, Gi0/1, Gi0/2

10 main-net active Fa0/2, Fa0/3, Fa0/4, Fa0/5

Fa0/6, Fa0/7, Fa0/8, Fa0/9

Fa0/10, Fa0/11, Fa0/12

20 voice active Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/19, Fa0/20

Fa0/21, Fa0/22, Fa0/23, Fa0/24

<*** output omitted ***>

c. With PC1 connected to switch port 4 and PC2 attached to port 14, attempt to ping from PC1 to PC2.

Would you expect the ping to be successful?

Tidak

Why or why not?

PC IP addresses are on different networks (PC1 is on net 10.0.10.0/24 and PC2 is on net 10.0.20.0/24 and in different VLANs.

d. Change the IP address of PC2 to 10.0.10.5 so that the two PCs are on the same network and ping again. Would you expect the ping to be successful?

Tidak

Why or why not?

Alamat IP PC punya alamat jaringan yang sama tapi masih di VLAN yang berbeda

e. Move the cable for PC2 to a port that is in the VLAN 10 range (Fa0/2 to Fa0/12) and ping again.

Would you expect the ping to be successful?

Ya

Why or why not?

Alamat IP PC berada pada jaringan dan VLAN yang sama

f. Change the IP address for PC2 back to 10.0.20.2 and move the cable back to Fa0/14 in VLAN 20.

This test demonstrated that the PCs from the main-net cannot communicate with the PCs on the voice net without assistance from a Layer 3 device.

Task 3: Configure the switch and router for VLAN routing and perform Test 2

Step 1: Configure VLAN trunking on switch S1

Configure trunking between switch S1 and the router with 802.1 encapsulation on both devices.

FC-ASW-1#int fa0/1

FC-ASW-1(config-if)#switchport mode trunk

FC-ASW-1(config-if)#end

Step 2: Perform basic configuration of the router.

Connect a PC to the console port of the router to perform configurations using a terminal emulation

program. Configure router R1 with a hostname and console, Telnet, and privileged passwords according to the table diagram.

Router(config)#hostname FC-CPE-1

FC-CPE-1(config)#line con 0

FC-CPE-1(config-line)#password cisco

FC-CPE-1(config-line)#login

FC-CPE-1(config-line)#line vty 0 4

FC-CPE-1(config-line)#password cisco

FC-CPE-1(config-line)#login

FC-CPE-1(config-line)#exit

FC-CPE-1(config)#enable password cisco

FC-CPE-1(config)#enable secret class

FC-CPE-1(config)#no ip domain lookup

Step 3: Configure VLAN Trunking on the Router

Configure router R1 Fa0/0 interface to trunk for VLAN 1, VLAN 10, and VLAN 20 with 802.1Q

encapsulation.

FC-CPE-1(config)#interface fa0/0

FC-CPE-1(config-if)#no shutdown

FC-CPE-1(config-if)#interface fa0/0.1

FC-CPE-1(config-subif)#encapsulation dot1Q 1

FC-CPE-1(config-subif)#ip address 10.0.1.1 255.255.255.0

FC-CPE-1(config-subif)#exit

FC-CPE-1(config)#interface fa0/0.10

FC-CPE-1(config-subif)#encapsulation dot1Q 10

FC-CPE-1(config-subif)#ip address 10.0.10.1 255.255.255.0

FC-CPE-1(config-subif)#exit

FC-CPE-1(config)#interface fa0/0.20

FC-CPE-1(config-subif)#encapsulation dot1Q 20

FC-CPE-1(config-subif)#ip address 10.0.20.1 255.255.255.0

FC-CPE-1(config-subif)#end

FC-CPE-1#

On the router, issue the command show vlans.

What information is displayed?

The 802.1Q trunk subinterfaces, the address configured and the number of packet transmitted and received

FC-CPE-1#show vlans

Virtual LAN ID: 1 (IEEE 802.1Q Encapsulation)

vLAN Trunk Interface: FastEthernet0/0.1

This is configured as native Vlan for the following interface(s) :

FastEthernet0/0

Protocols Configured: Address: Received: Transmitted:

IP 10.0.1.1 21 43

Other 0 138

396 packets, 67954 bytes input

181 packets, 51149 bytes output

Virtual LAN ID: 10 (IEEE 802.1Q Encapsulation)

vLAN Trunk Interface: FastEthernet0/0.10

Protocols Configured: Address: Received: Transmitted:

IP 10.0.10.1 94 25

Other 0 12

94 packets, 15324 bytes input

37 packets, 3414 bytes output

Virtual LAN ID: 20 (IEEE 802.1Q Encapsulation)

vLAN Trunk Interface: FastEthernet0/0.20

Protocols Configured: Address: Received:

Transmitted:

IP 10.0.20.1 9781 113

Other 0 14

9781 packets, 939660 bytes input

127 packets, 9617 bytes output

From switch S1, issue the command show interfaces trunk.

What interface on switch S1 is in trunking mode?

Fa0/1

Which VLANs are allowed and active in the management domain?

1, 10, 20

FC-ASW-1#show interfaces trunk

Port Mode Encapsulation Status Native vlan

Fa0/1 on 802.1q trunking 1

Port Vlans allowed on trunk

Fa0/1 1-4094

c.

Port Vlans allowed and active in management domain

Fa0/1 1,10,20

Port Vlans in spanning tree forwarding state and not pruned

Fa0/1 1,10,20

Step 4: Perform Test 2 to determine if the hosts can communicate between VLANs through the use of inter-vlan routing provide by a router

a. Issue the show running-config commands from the switch and verify all basic configuration

settings. See output at end of lab.

b. Ping from the switch to the router default gateway for VLAN 1.

Was the ping successful?

Ya

c. Telnet from the switch to the router.

Where you successful?

Ya

d. With PC1 connected to switch port 4 and PC2 attached to port 14, attempt to ping from PC1 to PC2.

Would you expect the ping to be successful?

Ya

Why or why not?

PC IP addresses are on different networks (PC1 is on net 10.0.10.0/24 and PC2 is on net 10.0.20.0/24 and in different VLANs but the router is routing packet between the two independent subnets.

e. Telnet from PC1 to the switch and the router.

Would you expect the Telnet to be successful?

Ya

Why or why not?

Physical and IP connectivity has been previously verified. As long as there are no VTY restrictions or ACLs in place, each PC should be able to telnet to either the switch using the VLAN1 IP address or to the router using any of the router subinterface addresses.

f. Issue the show ip route command on the router to display the routing table. How many subnet

routes are there?

3 – All directly connected to the subinterfaces defined for Fa0/0.

(10.0.1.0, 10.0.10.0 and 10.0.20.0)

FC-CPE-1#show ip route

Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP

D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area

N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2

E1 – OSPF external type 1, E2 – OSPF external type 2

i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS

level-2

ia – IS-IS inter area, * – candidate default, U – per-user

static route

o – ODR, P – periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/24 is subnetted, 3 subnets

C 10.0.10.0 is directly connected, FastEthernet0/0.10

C 10.0.1.0 is directly connected, FastEthernet0/0.1

C 10.0.20.0 is directly connected, FastEthernet0/0.20

Task 4: Reflection

Why is it important to develop a test plan and prototype network behavior?

Sebuah rencana uji menyediakan dokumen terstruktur digunakan untuk menguji dan membutuhkan tester untuk berpikir dengan hati-hati tentang bagaimana fungsi jaringan untuk diuji dan dievaluasi. Ini membantu untuk membuktikan bahwa hasil yang diharapkan adalah nyata dan bahwa jaringan akan tampil seperti yang diharapkan. Ini berfungsi untuk mendokumentasikan hasil dari upaya pengujian.


Lab 7.2.2 Creating a Test Plan for the Campus Network

Task 1: Review the Supporting Documentation

Step 1: Refer to the proposed LAN Design Topology diagram created in Lab 5.2.4

a. Make a list of all the necessary equipment and cables required to build the LAN portion of the

proposed network design.

b. Make a list of all the VLANs required to implement the design.

Step 2: Review the proposed IP Address Allocation spreadsheet created in Lab 6.2.5

Determine the appropriate IP addressing for the devices identified in Step 1a.

Determine an appropriate IP address range for each VLAN identified in Step 1b.

Task 2: Create the LAN Design Test Plan

The format used to create the test plans may vary. The format used for this and subsequent labs is similar to the document used by the Cisco Customer Proof-of-Concept Labs. It is divided into sections to make it easier to read and understand. The test plan is a formal document that can be included in a proposal. It verifies that the design functions as expected. Many times, customer representatives are invited to view the prototype tests. In these cases, the customer can review the design and see for themselves that the network meets the requirements.

Step 1: Review the contents of the test plan document

Download and review the LAN Design Test Plan. Record a description of each section and what types of

information each section requires you to enter.

Introduction:

Equipment:

Design and Topology:

Test Description:

Test Procedures:

Test Expected Results and Success Criteria:

Test Results and Conclusions:

Appendix:

Step 2: Complete the Introduction section of the test plan

In this example test plan, much of the information has already been entered for you.

Enter the purpose of the test.

Think about why you want to test the LAN portion of the design.

Enter what functions of the LAN design you intend to test.

Three tests are entered for you to use with this test plan.

Test 1: Basic Connectivity

Test 2: VLAN Configuration

Test 3: VLAN Routing.

Step 3: Complete the Equipment Section of the test plan

Using the information you recorded in Task 1, Step 1a, fill in the chart in the equipment section. List

all network devices and cables. Two personal computers are already listed to assist in the testing of

the design. If your school lab does not include the required equipment for the design, discuss possible substitute models with your instructor.

Step 4: Complete the Design and Topology Section of the test plan

a. Copy the LAN topology from the diagram created previously in Lab 5.2.4

Enter the IP addressing information recorded in Task 1, Step 2a, in the IP Address Plan chart.

Enter the VLAN names and IDs recorded in Task 1, Steps 1b and 2b, in the VLAN plan.

Enter any additional information that you want the technician performing the test to be aware of

before the test begins.

Step 5: Complete the Test Description, Procedures, and Expected Results sections of the test plan

In the Test Description section, enter the goals for each of the three tests that you plan to perform.

Test 1 is completed as an example of how to fill in the information. In the Test Procedures section, enter the steps that are necessary to perform each planned test. In the Expected Results and Success Criteria section, enter what you expect the results to be if all the steps in the Test Procedures section are followed correctly. Determine what results need to be observed for the test to be considered a success.

Lab 7.2.5 Testing the FilmCompany Network

Step 1: Build the prototype network

  1. Select the necessary equipment and cables as specified in the Equipment section of the test plan.
  2. See your instructor for assistance in identifying the appropriate equipment.
  3. Using the topology diagram and IP address plan contained in the Design and Topology Diagram section of the test plan, connect and configure the prototype network.
  4. Following the procedures in the Test 1: Procedures section, console into one of the devices and verify that you can ping all of the other device addresses. If you are unsuccessful, verify each device configuration. Repeat the connectivity testing.
  5. Copy and paste the initial device configurations into a document using Notepad or a word processing program. Save or print the document to include with the completed test plan.

Step 2: Verify the functionality of the prototype network

Following the procedures in the Test 1: Procedures, execute the various commands and record the

results of the testing.

Copy and paste the output of the various commands into a document using Notepad or a word

processing program. Save or print the document to include with the completed test plan.

Step 3: Record the test results in the Results and Conclusions section of the test plan

Compare the results that you observed during the testing with the expected results listed in the Test

1: Expected Results and Success Criteria section.

Determine if the testing indicates that the network meets the success criteria. If it does, indicate that

the test is successful.

Task 2: Perform Test 2: VLAN Configuration Test

Step 1: Configure the prototype network

Step 2: Verify the VLAN configuration design

Step 3: Record the test results in the Results and Conclusions section of the test plan

Task 3: Perform Test 3: VLAN Routing Test

Step 1: Configure the prototype network

a. Follow the steps you created in the Test 3: Procedures section of the test plan to configure the router

to route between VLANs.

b. Using the topology diagram shown in the Design and Topology Diagram section of the test plan,

configure the appropriate router to route between the VLANs created in Task 2.

c. Following the steps you listed in the Test 3: Procedures section, console into the switch that is directly

connected to the router. Configure the link between the switch and the router as an 802.1q trunk link

and permit all VLANs across the trunk.

d. Console into the router and configure the router interface directly connected to the switch for 802.1q

encapsulation.

e. Configure the router with the appropriate IP addresses for the various VLANs. Verify that the routes

appear correctly in the routing table.

f. Copy and paste the initial device configurations into a document using Notepad or a word processing

program. Save or print the document to include with the completed test plan.

Step 2: Verify the VLAN routing design

a. Verify that the PCs are configured to be in different VLANs and that the IP address configuration on

the PCs is correct. Configure the IP addresses assigned to the router, in Step 1e, as the default

gateway addresses for the PCs. Verify that the default gateway addresses are on the same networks

as the addresses assigned to the PCs.

b. Following the procedures in the Test 3: Procedures, ping from PC1 to PC2. Copy and paste the

results into a document using Notepad or a word processing program. Save or print the document to

include with the completed test plan.

c. Execute the various show commands to verify that the routing is correct.

d. Record the results in the Test 3: Results and Conclusions section of the test plan.

Step 3: Record the test results in the Results and Conclusions section of the test plan

a. Compare the results that you observed during the testing with the expected results listed in the Test 3: Expected Results and Success Criteria section.

b. Determine if the testing indicates that the network meets the success criteria. If it does, indicate that

the test is successful.

Step 4: Reflection

Was the prototype testing of the FilmCompany LAN design successful? Did having a test plan to work from help you organize your testing?

 

Lab 7.2.6 Analyzing Results of Prototype Tests

Step 1: Identify if weaknesses are present in the design

Is the design able to scale to meet the growth, or do budget constraints limit the types of hardware and

infrastructure that can be included?

Secara umum, desain bersifat scalable. Prototipe menggunakan beberapa switch dan link yang berulang.

Do the IP addressing and VLAN configurations allow for the proposed growth?

Pengalamatan IP menggunakan skema swasta memanfaatkan ruang alamat 192.168.0.0/22 yang menyediakan ruang cukup untuk pertumbuhan. Ke-11 VLAN pasti semua memungkinkan untuk alamat tambahan yang akan ditambahkan. Melakukan pengujian dengan dua PC dan dua VLAN cukup untuk mencapai tujuan pengujian. Jika bekerja dengan dua PC dan dua VLAN itu akan bekerja dengan PC lebih banyak dan lebih VLAN, kecuali kesalahan konfigurasi diperkenalkan.

Can the selected hardware be upgraded easily without a major reconfiguration of the network?

Secara umum, ya. Stackable tetap 2960 konfigurasi switch digunakan dalam prototipe. IOS software dapat ditingkatkan dengan cukup mudah tapi upgrade perangkat keras mungkin tidak menjadi pilihan. Perluasan kepadatan pelabuhan dan penggunaan kecepatan link berbeda dan media yang dapat menyajikan isu-isu.

Can new Access Layer modules be integrated into the network without disrupting services to existing users?

Ya. Switch tambahan dapat ditambahkan untuk meningkatkan jumlah koneksi di desain dengan gangguan minimal.

Does the design provide for the smallest possible failure domains?

Ya, switch menyediakan segmentasi mikro dan VLAN berisi broadcast dengan menggunakan router dan subinterfaces.

Are there multiple paths and redundant devices to protect against losing connectivity to important services?

Ya. Switch memiliki hubungan yang berulang untuk memberikan cadangan.

Step 2: Determine what the risks are of not correcting the weaknesses

If, in Step 1, you identify weaknesses in the proposed design, what risks do these weaknesses present to

FilmCompany?

Sejak stackable switch dengan konfigurasi tetap digunakan dalam prototipe, perubahan kepadatan port, jenis media atau kecepatan link dapat menimbulkan masalah. Selain menambahkan lebih banyak switch, perluasan kepadatan port tidak mudah dilakukan.

Step 3: Suggest ways that the design can be improved to reduce the risk

In what ways could the proposed design be improved to reduce the areas of risk?

Step 4: Document the weaknesses and risks on the test plan

In the Results and Conclusions section of the test plan, record any weaknesses, risks, and suggested

improvements.

Step 5: Reflection

Why do you think it is important to identify weaknesses and risks in the proposed design before presenting it to the customer? What are some reasons that weaknesses cannot be corrected?

Penting untuk mengidentifikasi kelemahan dan risiko dalam desain yang diusulkan sebelum menyajikannya kepada pelanggan untuk memastikan bahwa pelanggan memahami keterbatasan prototipe dan tidak mengarah pada memiliki harapan yang tidak realistis berdasarkan prototipe. Mungkin mustahil untuk mengimbangi semua kelemahan yang dapat diidentifikasi karena masalah waktu, uang atau kendala personil. Risiko harus dianalisa dan seimbang terhadap variabel-variabel lainnya.


Lab 7.3.2 Creating a Server Farm Test Plan

Task 1: Review the Supporting Documentation

Step 1: Before completing the Server Farm Design Test Plan, review the following materials:

  • • The prototype topology diagram included at the top of this lab
  • • The IP Address Plan and VLAN Plan for the prototype topology in the Server Farm Design Test Plan provided with this lab
  • • The Prototype Network Installation Checklist created by the network designer and provided with this lab
  • • The partially completed Server Farm Design Test Plan provided with this lab

Step 2: Describe the functions of the network that the designer wants to test with this prototype

Konektivitas dasar, konfigurasi VLAN, operasi VTP, VLAN routing, penyaringan ACL.

Step 3: Using the topology diagram, create a list of the equipment necessary to complete the prototype tests

List any cables that are needed to connect the devices as shown in the topology diagram. Use the information from this list to fill out the chart in the Equipment section of the test plan document.

2 Router, 3 switch, 2 PC, 1 Server, 6 Cat 5 Straight-through kabel, 6 Cat 5 crossover kabel, 1 console cable.

Task 2: Determine the Testing Procedures

Using the information contained on the Prototype Network Installation Checklist and the partially completed Server Farm Design Test Plan document, determine what procedures should be followed to perform each test listed on the plan. Using Test 1 as an example, fill out the procedures sections for Tests 2, 3, and 4.

Think about which commands and tools (such as ping, traceroute, and show commands) you can use to verify that the prototype network is functioning as designed. Decide which outputs to save to prove the results of your tests.

Task 3: Document the Expected Results and Success Criteria

Carefully identify what you expect the results of each test to show. What results would indicate that the tests were a success?

Test 2: VLAN Configuration Test

Show vlans, show spanning-tree, show interface, failure of ping between VLANs

Test 3: VLAN Routing Test

Show vlans, show interface, show IP route, traceroute, and successful ping between VLANs.

Test 4: ACL Filtering Test

Show running config, show interface, show IP route, traceroute, attempts to access unauthorized resources denied.

a. Fill in the Expected Results and Success Criteria section for each test, using the information collected above.

b.Save the completed Server Farm Test Plan. It will be used in subsequent labs.

Reflection

Why is it important to think about and document the expected results and success criteria for each of the

individual tests?

 

Lab 7.3.3 Configuring and Testing the Rapid Spanning Tree Prototype

Task 1: Configure all devices

Step 1: Configure S1 and S2

Configure the host name, access, and command mode passwords on each switch.

Step 2: Configure interface VLAN 1

Configure the VLAN1 IP address and default gateway on each switch.

Step 3: Configure FC-ASW-1 for server and end user VLANs

VLAN Number VLAN Name
10 Servers
20 Users

Step 4: Configure ProductionSW for server and end user VLANs

VLAN Number VLAN Name
10 Servers
20 Users

Step 5: Assign ports to VLANs on FC-ASW-1

FC-ASW-1#configure terminal

FC-ASW-1(config)#interface Fa0/5

FC-ASW-1(config-if)#switchport mode access

FC-ASW-1(config-if)#switchport access VLAN10

FC-ASW-1(config-if)#interface Fa0/6

FC-ASW-1(config-if)#switchport mode access

FC-ASW-1(config-if)#switchport access VLAN20

Step 6: Assign ports to VLANs on ProductionSW

ProductionSW#configure terminal

ProductionSW(config)#interface Fa0/5

ProductionSW(config-if)#switchport mode access

ProductionSW(config-if)#switchport access VLAN10

ProductionSW(config-if)#interface Fa0/6

ProductionSW(config-if)#switchport mode access

ProductionSW(config-if)#switchport access VLAN20

Step 7: Configure trunk ports on FC-ASW-1 to the router and ProductionSW

FC-ASW-1(config)#interface Fa0/1

FC-ASW-1(config-if)#switchport mode trunk

FC-ASW-1(config-if)#interface Fa0/2

FC-ASW-1(config-if)#switchport mode trunk

FC-ASW-1(config-if)#interface Fa0/4

FC-ASW-1(config-if)#switchport mode trunk

Step 8: Configure trunk ports on ProductionSW to FC-ASW-1

ProductionSW(config)#interface Fa0/2

ProductionSW(config-if)#switchport mode trunk

ProductionSW(config-if)#interface Fa0/4

ProductionSW(config-if)#switchport mode trunk

Step 9: Configure VTP on both switches

FC-ASW-1#vlan database

FC-ASW-1(vlan)#vtp server

Step 10: Configure ProductionSW to be a VTP client

ProductionSW#vlan database

ProductionSW(vlan)#vtp client

ProductionSW(vlan)#vtp domain ServerFarm

Step 11: Configure Rapid Spanning Tree Protocol

On each switch, configure Per-VLAN Rapid Spanning Tree Protocol.

FC-ASW-1(config)#spanning-tree mode rapid-pvst

ProductionSW(config)#spanning-tree mode rapid-pvst

Step 12: Perform basic router configuration

Configure hostname, passwords, and line access on R1.

Step 13: Configure Subinterface Fa0/0

BR4#configure terminal

BR4(config)#interface Fa0/0

BR4(config-if)#no shut

BR4(config-if)#interface Fa0/0.1

BR4(config-subif)#description VLAN1

BR4(config-subif)#encapsulation dot1q 1

BR4(config-subif)#ip address 10.0.0.1 255.255.255.0

BR4(config-subif)#interface Fa0/0.10

BR4(config-subif)#description VLAN10

BR4(config-subif)#encapsulation dot1q 10.

BR4(config-subif)#ip address 10.10.10.254 255.255.255.0

BR4(config-subif)#interface Fa0/0.20

BR4(config-subif)#description VLAN20

BR4(config-subif)#encapsulation dot1q20

BR4(config-subif)#ip address 10.10.20.254 255.255.255.0

BR4(config-subif)#end

BR4#

Step 14: Configure two hosts for server VLAN, and two hosts for end user VLAN

a. H1 and H3 should be given IP addresses in the Servers VLAN, with a default gateway of

10.10.10.254.

b. H2 and H4 should be given IP addresses in the Users VLAN, with a default gateway of 10.10.20.254.

Task 2: Perform basic connectivity tests

Step 1: Test intra-VLAN connectivity

a. Ping from H1 to H3.

Is the ping successful?

Ya

If the ping fails, troubleshoot the configuration on the hosts and the VLAN configuration on the switches.

b. Ping from H2 to H4.

Is the ping successful?

Ya

If the ping fails, troubleshoot the configuration on the hosts and the VLAN configuration on the switches.

Step 2: Test inter-VLAN connectivity

Ping from a host on the Servers VLAN to a host on the Users VLAN.

Is the ping successful?

Ya

If the ping fails, troubleshoot the router and switch configurations.

Task 3: Introduce link and device failures into the network, and observe results

Step 1: Determine the port status of the spanning tree on the server switch

FC-ASW-1#show span

VLAN0010

Spanning tree enabled protocol ieee

Root ID Priority 32778

Address 0030.F2C9.90A0

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32778 (priority 32768 sys-id-ext 10)

Address 0090.21AC.0C10

Aging Time 300

Interface Role Sts Cost Prio.Nbr Type

—————- —- — ——— ——– ————————–

Fa0/1 Desg FWD 19 128.3 Shr

Fa0/2 Root FWD 19 128.3 Shr

Fa0/4 Altn BLK 19 128.3 Shr

Fa0/5 Desg FWD 19 128.3 Shr

VLAN0020

Spanning tree enabled protocol ieee

Root ID Priority 32788

Address 0030.F2C9.90A0

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32788 (priority 32768 sys-id-ext 20)

Address 0090.21AC.0C10

Aging Time 300

Interface Role Sts Cost Prio.Nbr Type

—————- —- — ——— ——– ————————–

Fa0/1 Desg FWD 19 128.3 Shr

Fa0/2 Root FWD 19 128.3 Shr

Fa0/4 Altn BLK 19 128.3 Shr

Fa0/6 Desg FWD 19 128.3 Shr

Which port is not currently participating in forwarding data?

Fa0/4 adalah alternatif

Step 2: Induce a link failure on the server switch

Remove the cable from one of the forwarding ports on FC-ASW-1.

Step 3: View the adjustment to the spanning-tree

Re-issue the show span command.

How long did it take the switches to determine and utilize a backup link?

Step 4: Induce a device failure on the network

Turn off the ProductionSW switch.

Ping from H1 to H2.

Was the ping successful?

Yes, both hosts are on the FC-ASW-1 switch and inter-VLAN

routing is still taking place.

Step 5: Reflect on the test results

In a network with multiple branch offices, why is the use of Rapid Spanning Tree Protocol important?

RSTP adalah penting untuk memastikan konektivitas perangkat pada layer akses di setiap kantor cabang dan bahwa sumber daya seperti server yang dapat diakses oleh pengguna di kantor-kantor lain yang bergantung pada mereka, dalam hal terjadi kegagalan switch-terkait setempat.

Why is it important when implementing a server farm?

RSTP akan membantu untuk memastikan bahwa switch dapat sembuh dengan cepat dan menyimpan server diakses oleh pengguna dalam hal link, switch atau kegagalan port.

 

Lab 7.3.5 Testing a Prototype Network

Task 1: Assemble and connect component devices

Step 1: Review the Topology Diagram and the Equipment section of the test plan

a. Determine which equipment or suitable substitutes will be required to meet the objectives of the lab.

b. Modify the topology diagram as necessary to fit available equipment.

Step 2: Review the Installation Checklist provided in lab 7.3.2.

Accommodate any equipment limitations with the use of loopback addresses.

Task 2: Perform Test 1: Basic Connectivity Test

Step 1: Using the Installation Checklist, perform the steps to connect and configure the

prototype network to perform Test 1.

Step 2: Perform the Test 1 procedures according to the Server Farm Design Test Plan and record the results in the Results and Conclusions section.

Determine if the test was successful. If not, discuss your results with your instructor and the other students in your class. Perform the test again if necessary.

Task 3: Perform Test 2: VLAN Configuration Test

Step 1: Using the Installation Checklist, perform the steps to connect and configure the

prototype network to perform Test 2.

Step 2: Perform the Test 2 procedures according to the Server Farm Design Test Plan and record the results in the Results and Conclusions section.

Determine if the test was successful. If not, discuss your results with your instructor and the other students in your class. Perform the test again if necessary.

Task 4: Perform Test 3: VLAN Routing Test

Step 1: Using the Installation Checklist, perform the steps to connect and configure the

prototype network to perform Test 3.

Step 2: Perform the Test 3 procedures according to the Server Farm Design Test Plan and record the results in the Results and Conclusions section.

Determine if the test was successful. If not, discuss your results with your instructor and the other students in your class. Perform the test again if necessary.

Task 5: Perform Test 4: ACL Filtering Test

Step 1: Review security goals for the FilmCompany network

Examine the test plan, checklist, and other documentation to determine how ACLs can support the security goals.

Step 2: Examine results of connectivity tests to determine targets for the ACLs

Decide which devices should be permitted, which protocols should be used, and where ACLs should be

placed.

Step 3: Create ACLs

Step 4: Using the Installation Checklist, perform the steps to connect and configure the

prototype network to perform Test 4.

Step 5: Perform the Test 4 procedures according to the Server Farm Design Test Plan and record the results in the Results and Conclusions section.

Determine if the test was successful. If not, discuss your results with your instructor and the other students in your class. Perform the test again if necessary

Task 6 Reflection

Examine the test results and conclusions. How this network would be affected if:

1. The number of servers was doubled?

Lalu lintas di S2 akan meningkat. Mungkin akan bermanfaat menambahkan saklar dan pemecahan server untuk menghindari single point of failure.

2. The S2 switch had a system failure?

Akses ke server akan hilang.

3. A new branch office with 25 new hosts was added?

Beban pada router R2 atau R1 akan meningkat tergantung pada akses apa yang dibutuhkan pengguna terhadap sumber daya.

Now that you have followed the process of prototyping from creating the plan through testing and recording results and conclusions, what are the advantages and disadvantages of using a simulation program, such as Packet Tracer, compared to building the prototype with physical devices?

Penggunaan program simulasi dapat sangat membantu dalam skenario pengujian berbagai koneksi, alamat IP dan isu-isu lainnya. Perangkat lain dapat dimasukkan ke dalam bermain daripada ketika membangun prototipe menggunakan peralatan yang nyata, namun tidak ada pengganti untuk menggunakan perlengkapan nyata, jika tersedia.

 

Lab 7.3.6 Identifying Risks and Weaknesses in the Design

Task 1: Identify areas of risk and weakness in the server farm implementation

Step 1: Analyze the physical topology

Examine the server farm topology as one entity and as a part of the entire FilmCompany topology. Look for each of the risks and weaknesses listed in the chart. Describe the devices, connections, and issues that you find, or record None found if the design appears to avoid risks in that area.

Weakness Risk Description of Location and Devices
Single point of failure If a device fails, a portion of the network will be inoperable.
Large failure domain If a device or link fails, a large portion of the network will be affected
Possible bottlenecks If the traffic volume increases, there

is a potential for response time to

degrade.

Limited scalability If the network grows more rapidly than expected, a costly upgrade will be needed.
Overly-complex design If the design is too complex, the current staff will not be able to support it properly.
Other possible

weaknesses (specify):

Step 2: Analyze the results and conclusions of the testing

Basic router and switch configurations were modified to support the following protocols and functions.

Evaluate the results and conclusions that were drawn from the testing. Identify any areas where modifications to the configuration would provide better results, both now and in the future.

No Change Needed Modifications Possible
VLAN port assignments
VTP client/server assignments
Root bridge designations
Switch security
Traffic filtering through ACLs
Other (specify):

Task 2: Suggest modifications to the design to address identified risks and weaknesses

From the analysis performed in Task 1, list each risk or weakness and suggest possible changes to the

design to minimize or eliminate it.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: