Scribd Logo
Cargar

¡Te damos la bienvenida a Scribd!

  • Cauhinhsw

    Cargado por

    Tuấn
    14 vistas23 páginas

    Título original

    cauhinhsw

    Derechos de autor

    © Attribution Non-Commercial (BY-NC)

    Formatos disponibles

    DOC, PDF, TXT o lea en línea desde Scribd

    ¿Le pareció útil este documento?

    ¿Este contenido es inapropiado?

    Denunciar este documento

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Descargue como DOC, PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    14 vistas23 páginas

    Cauhinhsw

    Cargado por

    Tuấn

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Descargue como DOC, PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    de 23

    Cu hnh Routing trn Switch Layer 3 2:18 PM tuan Switch layer 2 ch hot ng trn layer 2 ca mt hnh TCP/IP tc l n xa l cc frame

    d trn cc thng s ca Frame, Vi dng switch layer 3 ca cisco, ngoi cc tnh nng ca mt switch bnh thng th n c tnh nng nng cao l routing v hot ng ging nh mt Router, Switch layer 3 l mt la chn hon ho cho nhng doanh nghip cn nhu cu kt ni nhiu. Cc Rouer c s lng cng kt ni hn ch, cn vi switch th s cng l rt ln vi dng switch cao cp ca Cisco 6500 series s cng m rng ln ti hn 200 cng nh vy n p ng tt cho nhu cu kt ni. H thng Internet cng s dng loi switch a lp ny lm chuyn mch, ngoi tnh nng a lp n cn cung cp nhng tnh nng bo mt tt. Nh vy qun l v vn hnh hiu qu h thng Switch layer 3 chng ta cn phi nm r nguyn l ca switch layer 2 v ca Router. bi ny ti s hng dn cc bn cu hnh Switch layer 3 y l hng dn c bn, v cc bn c th p dng vo thc t. Nu cc bn cn cha chc chn v kin thc lin quan, mi cc bn tham kho trn website ny ca ti. Tnh hung t ra i vi doanh nghip nh sau: Cng ty ti c 60 my tnh v thuc nhiu phong ban khc nhau, phng k ton ca ti c 10 my, phong nhn s c 20 my, phong kinh doanh c 30 my. Mt hm gim c ca ti yu cu, phi thit lp h thng mng ca cc phong ban sao cho may tnh ca cc phng truy cp ln nhau v internet ,m bo h thng mng lun hot ng tt khng b gin on v trong tng khi cng ty m rng khng phi mua thm thit b. cc thit b ca cng ty hin c 1 ng truyn internet tc cao, 1 modem(1 cng internet, 1 cng lan), 3 switch 2960G - 24port. V thc ti cc my tnh ca cng ty ang s dng chung mt VLAN. Gi quyt yu cu ca Gim c. -u tin s to mi phng thuc mt VLAN khc nhau - Phi c mt thit b nh tuyn gia cc VLAN Nu mua 1 Router dng nh tuyn cc VLAN th cng c nhng chng ta phi cu hnh sub-interface cho Router nh vy nu khi cng ty m rng nhiu VLAN th chng ta phi chia nhiu sub-interface cho Router nh vy d b tnh trng tht nt c chai ti Router. Nu chng ta mua mt thit b Switch layer 3 th s nh tuyn c cc VLAN v trong tng lai khi cng ty m rng th cht lng mng vn m bo tt. Sau y l m hnh lab ca ti.

    Modem c ip: 192.168.1.1 interface F0/4 switch 3560 kt ni Modem c ip :192.168.1.2 Vlan 2: ketoan ip: 192.168.2.0/24 default-gateway: 192.168.2.1 Vlan 3: nhansu ip: 192.168.3.0/24 default-gateway: 192.168.3.1 Vlan 4: kinhdoanh ip: 192.168.4.0/24 default-gateway: 192.168.4.1 Vlan 2: PC c ip : 192.168.2.2 Vlan 3: PC c ip : 192.168.3.2 Vlan 4: PC c ip : 192.168.4.2 interface f0/1 switch 1 kt ni f0/1 switch layer 3 interface f02 switch 2 kt ni f0/2 switch layer 3 interface f0/3 switch 3 kt ni f0/3 switch layer 3 Chng ta bt u cu hnh: Bc 1: Cu hnh Switch layer 3. - Mc nh tt c cc cng ca swtich hot ng layer 2, c th t c ip chng ta disable mode switch ca interface chng ta mun t ip trong bi lab ny l Interface: F0/4 3560(config)#interface f0/4 3560(config-if)#no switchport %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to up 3560(config-if)#ip address 192.168.1.1 255.255.255.0 3560(config-if)#no shutdown 3560(config-if)#exit 3560(config)# - Cu hnh Vlan:

    3560#conf t Enter configuration commands, one per line. End with CNTL/Z. 3560(config)#vlan 2 3560(config-vlan)#name ketoan 3560(config-vlan)#exit 3560(config)#vlan 3 3560(config-vlan)#name nhansu 3560(config-vlan)#exit 3560(config)#vlan 4 3560(config-vlan)#name kinhdoanh 3560(config-vlan)#exit 3560(config)# - Cu hnh interface VLAN 3560(config)#inter vlan 2 3560(config-if)#ip address 192.168.2.1 255.255.255.0 3560(config-if)#no shutdown 3560(config-if)#exit 3560(config)#int vlan 3 3560(config-if)#ip address 192.168.3.1 255.255.255.0 3560(config-if)#no shutdown 3560(config-if)#exit 3560(config)#int vlan 4 3560(config-if)#ip address 192.168.4.1 255.255.255.0 560(config-if)#no shutdown 3560(config-if)#exit 3560(config)# - Cu hnh gn Vlan tng ng ti inerface tng ng 3560(config)#int f0/1 3560(config-if)#switchport access vlan 2 %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan2, changed state to up 3560(config-if)# 3560(config-if)#exit 3560(config)#interface f0/2 3560(config-if)#switchport access vlan 3 %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan3, changed state to up 3560(config-if)#exit 3560(config)#int f0/3 3560(config-if)#switchport access vlan 4 %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan4, changed state to up 3560(config-if)#exit 3560(config)# -Cu hnh routing kch hot tnh nng Routing trn switch layer 3 chng ta ch cn dng cu lnh:

    3560(config)#ip routing - Kim tra Vlan 3560#show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Fa0/4, Fa0/5, Fa0/6, Fa0/7 Fa0/8, Fa0/9, Fa0/10, Fa0/11 Fa0/12, Fa0/13, Fa0/14, Fa0/15 Fa0/16, Fa0/17, Fa0/18, Fa0/19 Fa0/20, Fa0/21, Fa0/22, Fa0/23 Fa0/24, Gig0/1, Gig0/2 2 ketoan active Fa0/1 3 nhansu active Fa0/2 4 kinhdoanh active Fa0/3 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active 3560# -Kim tra Bng nh tuyn 3560#sho ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set C 192.168.1.0/24 is directly connected, FastEthernet0/4 C 192.168.2.0/24 is directly connected, Vlan2 C 192.168.3.0/24 is directly connected, Vlan3 C 192.168.4.0/24 is directly connected, Vlan4 3560# Nh vy chng ta cu hnh thnh cng Switch layer 3 nh tuyn gia cc phng trong cng ty, nhng ch dng li y th cc my tnh cha th truy cp c internet bi switch layer 3 khi nhn c packet i internet n cha bit chuyn i u kt qu l gi tin s b drop. n gin thi gi chng ta s cu hnh mt tuyn default-ruote ti

    modem v trn modem chng ta cng add thm mt route tr vo mng bn trong. 3560(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1 V bng nh tuyn ca chng ta by gi s c thm mt tuyn S* 3560#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is 192.168.1.1 to network 0.0.0.0 C 192.168.1.0/24 is directly connected, FastEthernet0/4 C 192.168.2.0/24 is directly connected, Vlan2 C 192.168.3.0/24 is directly connected, Vlan3 C 192.168.4.0/24 is directly connected, Vlan4 S* 0.0.0.0/0 [1/0] via 192.168.1.1 3560# Bc 2: Cu hnh PC v kim tra Cu hnh a ch ip cho cc my tnh theo thng tin trn. Sau khi cu hnh xong PC chng ta tin hnh kim tra xem cc my tnh cc vlan kt ni c vi nhau cha bng cch ping. Chc cc bn nghin cu tt ! Guidance configure VLAN 10:13 AM tuan

    B OC 1: Normal been Chung ta will configure 3 VLAN

    Vlan 2: teacher VLAN3: student

    Subnet: 192.168.2.0 / 24 PC1: 192.168.2.11 PC2: 192.168.2.12 Subnet: 192.168.3.0/24 PC1: 192.168.3.11 PC2: 192.168.3.12 Subnet: 192.168.4.0/24 PC1: 192.168.4.11 PC2: 192.168.4.12 Subinterface VLAN2: 192.168.2.1 Subinterface VLAN3: 192.168.3.1 Subinterface VLAN4: 192.168.4.1

    VLAN 4: manager Router

    Devices Vlan Giao din PC Chuyn Chuyn Chuyn sang giao din PC1 Truy cp F0 / 1 2 F0 / 7 PC2 Truy cp F0 / 2 2 PC3 Truy cp F0 / 6 3 Pc4 Truy cp F0 / 5 3 PC5 Truy cp F0 / 3 4 PC6 Truy cp F0 / 4 4

    Router F0 / 0 (F0/0.2) (F0/0.3) (F0/0.4)

    Step 2: Connect the device has been through giao din have preparation above.

    Step 3: Configure Configuration Switch: Truy cp Trng now config switch / Router of you get an query when typing sai command something then enter thi chuyn i / Router appear to lines Dch "n" ... my ch tn min (255.255.255.255) and the you must wait take a while Th Mi continues to configure tip. to Khc recover the you to ch config, type a command sau: khng c ip min-tra cu . Configuration hostname: Chuyn # cho php Switch # conf t Switch (config) # hostname Truy cp Access (config) # Configuration VLAN: Access (config) # vlan 2 Access (config-vlan) # tn gio vin Access (config-vlan) # exit Access (config) # vlan 3 Access (config-vlan) # tn sinh vin Access (config-vlan) # exit Access (config) # vlan 4 Access (config-vlan) # tn ngi qun l Access (config-vlan) # exit Access (config) # Giao din Configure vlan: Access (config) # interface vlan 2 Access (config-if) # ip a ch 192.168.2.100 255.255.255.0 / / ip administrator vlan 2 Access (config-if) # no shutdown / / activate giao din vlan 2 Access (config) # exit Access (config) # -------------------------------------------------- -------------------------

    Access (config) # interface vlan 3 Access (config-if) # ip a ch 192.168.3.100 255.255.255.0 / / ip administrator vlan 3 Access (config-if) # no shutdown / / activate giao din VLAN 3 Access (config) # exit Access (config) # -------------------------------------------------- ------------------------Access (config) # interface vlan 4 Access (config-if) # ip a ch 192.168.4.100 255.255.255.0 / / ip administrator vlan 4 Access (config-if) # no shutdown / / activate giao din vlan 4 Access (config) # exit Access (config) # Assigned vlan cho per giao din matching with step preparation on: Assigned giao din f0 / 1 v f0 / 2 to the vlan 2 Access (config) # int phm vi f0 / 1 - 2 Access (config-if-range) # switchport ch truy cp Access (config-if-range) # switchport access vlan 2 Access (config-if-range) # exit Access (config) # Assigned giao din f0 / 3 v f0 / 4 to the vlan 4: Access (config) # int phm vi f0 / 3 - 4 Access (config-if-range) # switchport ch truy cp Access (config-if-range) # switchport access vlan 4 Access (config-if-range) # exit Access (config) # Assigned giao din f0 / 5 and f0 / 6 forward vlan 3: Access (config) # int phm vi f0 / 5 - 6 Access (config-if-range) # switchport ch truy cp Access (config-if-range) # switchport access vlan 3 Access (config-if-range) # exit Access (config) # Configuration ip for your tinh matching: Step 4: Kim tra After config xong ip for your computer matching with step preparation above, we progress check for: check for switch truy cp: using a command check for info vlan above chuyn i: Truy cp # show vlan ngn gn VLAN Name Status Ports -------------------------------------------------- -------------------------1 default hot ng Fa0 / 7, Fa0 / 8, Fa0 / 9, Fa0/10

    Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/20, Fa0/21, Fa0/22 Fa0/23, Fa0/24, Gig1 / 1, Gig1 / 2 2 thy hot ng Fa0 / 1, Fa0 / 2 3 sinh vin hot ng Fa0 / 5, Fa0 / 6 4 qun l hot ng Fa0 / 3, Fa0 / 4 1002 FDDI mc nh hot ng 1003 token-ring-default active 1004 fddinet-mc nh hot ng 1005 trnet mc nh hot ng check for the configuration on switch: show running-config Truy cp # show running-config Xy dng cu hnh ... Cu hnh hin ti: 1445 byte ! phin bn 12,2 khng c dch v timestamps log datetime msec khng c dch v timestamps debug datetime msec khng c dch v m ha mt khu ! tn my truy cp ! khng c ip min-tra cu ! ! interface FastEthernet0 / 1 switchport access vlan 2 switchport ch truy cp ! interface FastEthernet0 / 2 switchport access vlan 2 switchport ch truy cp ! interface FastEthernet0 / 3 switchport access vlan 4 switchport ch truy cp ! interface FastEthernet0 / 4 switchport access vlan 4 switchport ch truy cp

    ! interface FastEthernet0 / 5 switchport access vlan 3 switchport ch truy cp ! interface FastEthernet0 / 6 switchport access vlan 3 switchport ch truy cp ! interface FastEthernet0 / 7 ! interface FastEthernet0 / 8 ! interface FastEthernet0 / 9 ! giao din FastEthernet0/10 ! giao din FastEthernet0/11 ! giao din FastEthernet0/12 ! giao din FastEthernet0/13 ! giao din FastEthernet0/14 ! giao din FastEthernet0/15 ! giao din FastEthernet0/16 ! giao din FastEthernet0/17 ! giao din FastEthernet0/18 ! giao din FastEthernet0/19 ! giao din FastEthernet0/20 ! giao din FastEthernet0/21 ! giao din FastEthernet0/22 ! giao din FastEthernet0/23 !

    giao din FastEthernet0/24 ! giao din GigabitEthernet1 / 1 ! giao din GigabitEthernet1 / 2 ! giao din VLAN1 khng c a ch ip tt my Check from their from your computer PC1 ping to the pc 2 PC1> ping 192.168.2.12 Ping 192.168.2.12 vi 32 byte d liu: Tr li t 192.168.2.12: bytes = 32 time = 43ms TTL = 128 Tr li t 192.168.2.12: bytes = 32 time = 7ms TTL = 128 Tr li t 192.168.2.12: bytes = 32 time = 7ms TTL = 128 Tr li t 192.168.2.12: bytes = 32 time = 7ms TTL = 128 Ping from pc1 to the PC4 PC> ping 192.168.3.12 Ping 192.168.3.12 vi 32 byte d liu: Yu cu time out. Yu cu time out. Yu cu time out. Yu cu time out. Ping s liu thng k 192.168.3.12: Gi: Sent = 4, Received = 0, Lost = 4 (100% mt), Kt too ping on to PC1 and PC4 tuy the connection to the same chuyn i but part hai VLAN different not th ping been with nhau. So on pc1 and will not be ping been to the PC5 v PC6. Step 5: Sau step 4 we have the configuration switch and the machine in the same VLAN have been found nhau, but do not th see are the machine in the vlan khc. Step of this we se Configuration Default gateway for VLAN and Configuration routing for VLAN above Router. "Trng model execute t Trin khai, Thng lp chuyn i using 3 instead cho Router working Nay". + We will configure on the giao din the switch to connect to the Router intoch thn cy. Access (config) # interface f0 / 7 Access (config-if) # switchport mode trunk Access (config-if) # no shutdown

    Access (config-if) # exit + Configuration on Router. B1: Router (config) # int f0 / 0 Router (config-if) # no shu Router (config-if) # no shutdown Router (config-if) # exit Router (config) # B2: Router (config) # int f0/0.4 Router (config-subif) # encapsulation dot1q 4 Router (config-subif) # ip a ch 192.168.4.1 255.255.255.0 Router (config-subif) # exit Router (config) # B3: Router (config) # int f0 / 0 2 Router (config-subif) # encapsulation dot1q 2 Router (config-subif) # ip a ch 192.168.2.1 255.255.255.0 Router (config-subif) # exit Router (config) # B4: Router (config) # int f0/0.3 Router (config-subif) # encapsulation dot1q 3 Router (config-subif) # ip a ch 192,168. 3 0,1 255.255.255.0 Router (config-subif) # exit Router (config) # B5: verify see the giao din is already up to all no: Router # sh ip int ngn gn Giao din a ch IP-OK? Phng php trng Ngh nh th FastEthernet0 / 0 unassigned YES unset up up FastEthernet0/0.2 192.168.2.1 YES dn up up FastEthernet0/0.3 192.168.3.1 YES dn up up FastEthernet0/0.4 192.168.4.1 YES dn up up FastEthernet0 / 1 unassigned YES unset hnh chnh xung xung VLAN1 unassigned YES unset hnh chnh xung xung Time we will the configuration address ch cng for your computer in the following VLAN match. PC1, PC2: 192.168.2.1 PC3, PC4: 192.168.3.1 PC5, PC6: 192.168.4.1 That after complete the steps of the you are trying to ping from pc1 to the PC3, 4 v PC5, 6 xem link is NAO. Tt Natural be ok then PC2> ping 192.168.3.11 Ping 192.168.3.11 vi 32 byte d liu: Tr li t 192.168.3.11: bytes = 32 time = 18ms TTL = 127

    Tr li t 192.168.3.11: bytes = 32 time = 16ms TTL = 127 Tr li t 192.168.3.11: bytes = 32 time = 10ms TTL = 127 Tr li t 192.168.3.11: bytes = 32 time = 10ms TTL = 127 Ping s liu thng k 192.168.3.11: Gi: Sent = 4, Received = 4, Lost = 0 (0% loss), Khong chuyn i vng ln trong milli-giy: Ti thiu = 10ms, Maximum = 18ms, Average = 13ms

    cu hnh vlan trunking, vtp (vlan trunking protocal)


    11:21 AM tuan

    I. Gii thiu - VLAN l cch thc cho php chng ta a mt nhm cc my tnh c cng tiu ch: chc nng, v tr a l vo mt subnet ring nng cao hiu qu hot ng ca mng, qun l mng, - Trunk cho php chung ta truyn ti thng tin ca nhiu VLAN trn mt kt ni, nu cc kt ni m khng c Trunk th chng ch cho thng tin va mt VLAN c truyn ti qua - VTP l giao thc hot ng Layer 2 trong m hnh OSI. VTP gip cho vic cu hnh VLAN lun ng nht khi thm, xa, sa thng tin v VLAN trong h thng mng. - VTP flood thng ip qung b (advertisement) qua VTP domain 5 pht mt ln, hoc khi c s thay i xy ra trong cu hnh VLAN. Mt VTP advertisement bao gm c rivision-number, tn VLAN (vlan name), s hiu VLAN (vlan number), v thng tin v cc switch c port gn vi mi VLAN. Bng s cu hnh VTP Server v vic truyn b thng tin thng qua cc advertisement, tt c cc switch u bit v tn VLAN v s hiu VLAN ca tt c cc VLAN. - Mt trong nhng thnh phn quan trng ca VTP advertisement l tham s revision number. Mi ln VTP server iu chnh thng tin VLAN, n tng revision-number ln 1, ri sau VTP Server mi gi VTP advertisement i. Khi mt switch nhn mt VTP advertisement vi revision-number ln hn, n s cp nht cu hnh VLAN. II. M hnh

    III. Yu cu 1. Cu hnh khi to cho cc thit b mng. - t tn - Cu hnh Banner motd - Cu hnh IP Address managerment - Cu hnh password cho console, telnet, Privileged. Password console: itn Password telnet: itn Password Privileged: itn 2. Cu hnh - VLAN 2: k ton - VLAN 3: kinh doanh Trn SW1: VLAN 2: cc port t Fa0/1 Fa0/10 VLAN 3: cc Interface t F0/11 24 Trn Sw2: VLAN 2: Cc interface t F0/1 16 VLAN 3: Cc interface t F0/17 24 IV. Cu hnh chi tit 1. Cu hnh khi to 1.1 Switch 1 Switch(config)#hostname Switch1 Switch1(config)#enable secret itn Switch1(config)#banner motd ' switch server' Switch1(config)#line console 0 Switch1(config-line)#password itn Switch1(config-line)#login Switch1(config-line)#exit Switch1(config)#line vty 0 15 Switch1(config-line)#password itn Switch1(config-line)#login Switch1(config-line)#exit // cu hnh a ch IP qun l, mc nh tt c cc port ca Switch l thuc VLAN 1 Switch1(config)#interface vlan 1 Switch1(config-if)#ip add 192.168.1.1 255.255.255.0 Switch1(config-if)#no shut 1.2 Switch 2

    Switch(config)#hostname Switch2 Switch2(config)#enable secret itn Switch2(config)#banner motd ' switch client' Switch2(config)#line console 0 Switch2(config-line)#password itn Switch2(config-line)#login Switch2(config-line)#exit Switch2(config)#line vty 0 15 Switch2(config-line)#password itn Switch2(config-line)#login Switch2(config-line)#exit // cu hnh a ch IP qun l, mc nh tt c cc port ca Switch l thuc VLAN 1 Switch1(config)#interface vlan 1 Switch1(config-if)#ip add 192.168.1.1 255.255.255.0 Switch1(config-if)#no shut 2. Cu hnh - Chng ta thy yu cu u bi l trn c 2 Switch u c thng tin ca cc VLAN tng t nhau, tc l thng tin VLAN trn hai Switch l ging nhau, nh vy chng phi c cng database VLAN, c th trin khai c yu cu chng ta phi cu hnh VTP trn Switch, gia Sw1 v Sw2 c kt ni vi nhau mt interface, thng tin ca cc VLAN c th truyn ti qua kt ni th kt ni gia chng phi c Trunk vi nhau - Cc bc cu hnh khi trin khai + u tin cc bn phi cu hnh VTP, Trunk + To cc VLAN trn Switch ng vai tr l VTP Server + Gn cc port ca Switch vo cc VLAN 2.1 Cu hnh VTP, Trunk 2.1.1 Cu hnh Switch 1 a. Cu hnh trunk. Switch1(config)#int fastEthernet 0/1 Switch1(config-if)#switchport mode trunk b. Cu hnh VTP, VLAN. Switch1#conf t Switch1(config)#vtp mode server // mode server Switch c th to mi, chnh sa, xo thng tin ca VLAN Switch1(config)#vtp domain itn // tt c cc Switch phi cng VTP Domain, password mi chia s c thng tin VLAN

    Switch1(config)#vtp password cisco Switch1(config)#vtp pruning c. Kim tra cu hnh + Kim tra VTP Switch1#show vtp status VTP Version : 2 Configuration Revision : 20 Maximum VLANs supported locally : 250 Number of existing VLANs : 8 VTP Operating Mode : Server VTP Domain Name : itn VTP Pruning Mode : Enabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x18 0xC7 0x05 0x84 0x7E 0x67 0xEA 0xD1 Configuration last modified by 0.0.0.0 at 3-1-93 00 54 Local updater ID is 0.0.0.0 (no valid interface found + Kim tra Interface Trunk Switch1#sh int trunk Port Mode Encapsulation Status Native vlan Fa0/1 on 802.1q trunking 1 Port Vlans allowed on trunk Fa0/1 1-1005 Port Vlans allowed and active in management domain Fa0/1 1 Port Vlans in spanning tree forwarding state and not pruned Fa0/1 1 2.1.2 Cu hnh Switch 2 d. Cu hnh trunk. Switch1(config)#int fastEthernet 0/1 Switch1(config-if)#switchport mode trunk e. Cu hnh VTP, VLAN. Switch2#conf t Switch2(config)#vtp mode server // mode client Switch cp nht thng tin VLAN t Switch Server v cc Switch khc Switch2(config)#vtp domain itn Switch2(config)#vtp password cisco

    Switch1(config)#vtp pruning f. Kim tra cu hnh VTP SWitch2#show vtp status VTP Version : 2 Configuration Revision : 20 Maximum VLANs supported locally : 250 Number of existing VLANs : 8 VTP Operating Mode : Client VTP Domain Name : itn VTP Pruning Mode : Enabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x18 0xC7 0x05 0x84 0x7E 0x67 0xEA 0xD1 Configuration last modified by 0.0.0.0 at 3-1-93 00 + Kim tra Interface Trunk Switch2#show interfaces trunk Port Mode Encapsulation Status Native vlan Fa0/1 on 802.1q trunking 1 Port Vlans allowed on trunk Fa0/1 1-1005 Port Vlans allowed and active in management domain Fa0/1 1 Port Vlans in spanning tree forwarding state and not pruned Fa0/1 none 54

    // Sau khi kim tra cu hnh VTP, Trunk cc bn thy thng tin v domain, mode, interface trunk ng chng ta chuyn sang bc tip theo 2.2 Cu hnh to VLAN trn Switch VTP Server 2.2.1 Cu hnh to cc VLAN Switch1(config)#vlan 2 Switch1(config-vlan)#name ketoan Switch1(config)#vlan 3 Switch1(config-vlan)#name kinhdoanh 2.2.2 Kim tra thng tin VLAN ng nht cha

    g. Trn Switch 1 Switch1#show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/5 Fa0/6, Fa0/7, Fa0/8, Fa0/9 Fa0/10, Fa0/11, Fa0/12, Fa0/13 Fa0/14, Fa0/15, Fa0/16, Fa0/17 Fa0/18, Fa0/19, Fa0/20, Fa0/21 Fa0/22, Fa0/23, Fa0/24, Gi0/1 Gi0/2 2 keotan active 3 kinhdoanh active 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ -----1 enet 100001 1500 - - - - - 0 0 10 enet 100010 1500 - - - - - 0 0 20 enet 100020 1500 - - - - - 0 0 VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ -----30 enet 100030 1500 - - - - - 0 0 1002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - srb 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0 h. Trn Switch 2 SWitch2#show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/5 Fa0/6, Fa0/7, Fa0/8, Fa0/9 Fa0/10, Fa0/11, Fa0/12, Fa0/13 Fa0/14, Fa0/15, Fa0/16, Fa0/17 Fa0/18, Fa0/19, Fa0/20, Fa0/21

    Fa0/22, Fa0/23, Fa0/24, Gi0/1 Gi0/2 2 ketoan active 3 kinhdoanh active 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ -----1 enet 100001 1500 - - - - - 0 0 10 enet 100010 1500 - - - - - 0 0 20 enet 100020 1500 - - - - - 0 0 VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ -----30 enet 100030 1500 - - - - - 0 0 1002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - srb 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0 // Cu lnh show vlan trn cc Switch nh trn cho ta bit thng tin VLAN trn hai Switch c ng nht, lc ny chng ta mi chuyn sang bc tip theo

    2.3 Gn cc Interface vo cc VLAN theo yu cu 2.3.1 Cu hnh trn switch 1 Switch1(config)#int range fastEthernet 0/1 - 10 Switch1(config-if-range)#switchport mode access Switch1(config-if-range)#switchport access vlan 2 Switch1(config)#int range fastEthernet 0/11 24 Switch1(config-if-range)#switchport mode access Switch1(config-if-range)#switchport access vlan 3 2.3.2 Cu hnh trn Switch 2 Switch1(config)#int range fastEthernet 0/1 - 16 Switch1(config-if-range)#switchport mode access Switch1(config-if-range)#switchport access vlan 2

    Switch1(config)#int range fastEthernet 0/17 24 Switch1(config-if-range)#switchport mode access Switch1(config-if-range)#switchport access vlan 3 3. Kim tra cu hnh 3.1.1 Kim tra trn Switch 1 Switch1#show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Gi0/1, Gi0/2 2 ketoan active Fa0/2, F0/3, F0/4, F0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, F0/10 3 kinhdoanh active Fa0/11, Fa0/12, Fa0/13, Fa0/13, F0/14, F0/15 Fa0/16, F0/17, F0/18, F0/19, F0/20, F0/21, F0,22 F0/23, F0,24 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ -----1 enet 100001 1500 - - - - - 0 0 10 enet 100010 1500 - - - - - 0 0 20 enet 100020 1500 - - - - - 0 0 30 enet 100030 1500 - - - - - 0 0 VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ -----1002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - srb 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0 3.1.2 Kim tra trn Switch 2 Switch2#show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Gi0/1, Gi0/2 2 ketoan active Fa0/2, F0/3, F0/4, F0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, F0/10, F0/11, F0/12, F0,13, F0/14

    F0/15, F0,16 3 kinhdoanh active F0/17, F0/18, F0/19, F0/20, F0/21, F0,22 F0/23, F0,24 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ -----1 enet 100001 1500 - - - - - 0 0 10 enet 100010 1500 - - - - - 0 0 20 enet 100020 1500 - - - - - 0 0 30 enet 100030 1500 - - - - - 0 0 VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ -----1002 fddi 101002 1500 - - - - - 0 0 1003 tr 101003 1500 - - - - srb 0 0 1004 fdnet 101004 1500 - - - ieee - 0 0 1005 trnet 101005 1500 - - - ibm - 0 0 // Sau khi s dng cu lnh Show vlan kim tra thng tin vlan cng nh cc interface thuc VLAN, trng thi ca VLAN, chng ta thy trn Switch 1, Switch 2 thng tin VLAN cng nh cc Interface thuc VLAN ng theo yu cu u bi. Nh vy vic cu hnh hon tt, lc chng ta mi thc hin lu cu hnh vo NVRAM 4. lu cu hnh vo NVRam Switch1#copy running-config startup-config Switch2#copy running-config startup-config

    Cu hnh port-security
    12:02 PM tuan

    Trc khi cu hnh bi lab ny ta nn hiu xem Port Security c dng trong trng hp no. Gi s ta a ra mt ng cnh nh sau, port Fastethernet 0/1 ca Switch 1 hot ng c khi my tnh c Physical Address l 00d0.bc52.90ca Cc my tnh c Physial Address khc trn nu nh cm vo port ny th n s b shutdown trn cng Fastethernet. Ta s thc hin bi lab c m hnh nh sau:

    1.Cu hnh vlan 2 trn swith: swith# conf t swith(config)# vlan 2 swith(config-vlan)#name test swith(config-vlan)#exit swith(config)# 2.Cu hnh i ch ip cho PC v chointerface vlan 2 Cu hnh ip cho pc theo nh hnh trn. Cu hnh interface vlan 2: swith(config)# interface vlan 2 swith(config-if)# ip address 192.168.1.1 255.255.255.0 swith(config-if)# no shutdown swith(config-if)#exit swith(config)# 3.Gn interface Fa0/1 v Fa0/2 vo VLAn2 swith(config)#interface range Fa0/1 - 2 swith(config-if)# switchport mode access swith(config-if)#switchport access VLAN 2 swith(config-if)#exit swith(config)# 4. Kim tra Ping t PC 1 ti PC 2 kt qu kim tra ok th s chuyn sang bc 5. 5. Kim tra Kim tra a ch MAC ca PC 1 trn cng Fa0/1 swith# show mac-address-table interface fa0/1

    Vlan -----2

    Mac address Table ---------------------------------------------------------------------------Mac Address Type Port ------------------------------00d0.bc52.90ca Dynamic Fa0/1

    Now. chng ta s cu hnh port-securit trn cng Fa0/1, sao cho ch my tnh pc 1 c MAC 00d0.bc52.90ca l s dng c, cn cc my tnh khc cm vo cng Fa0/1 s b shutdown. swith# conf t swith(config)#interface fa0/1 swith(config-if)# switchport port-security swith(config-if)#switchport port-security maximum 1// ch cho php ti a mt PC swith(config-if)#switchport port-security mac-address 00d0.bc52.90ca// ch cho php PC c a ch MAC ny. swith(config-if)# switchport port-security violation shutdown // mc nh l s shutdown khi c a ch MAC khc cm vo port ny. swith(config-if)# exit swith(config)# Cc bn lm tng t vi port Fa0/2 cho pc 2 nh. Sau khi cc bn cu hnh xong, cc bn th ly PC 1 cm vo port Fa0/2 v PC 2 cm vo port Fa0/1, xem cc port c b shutdown khng. Chc cc bn lab tt. Thank you !

    También podría gustarte