Thứ Năm, 3 tháng 11, 2011

FinalLabSW-CCNP


CONFIG FINAL LAB SW
# DS1: Hostname, Etherchannel, Trunk, Native Vlan 100
# DS1: Hostname
enable
config terminal
hostname DS1
line console 0
loggin synch
no exec-timeout
no ip domain-lookup
end

# DS1: Etherchannel, Trunk, Native Vlan 100
config terminal
interface range f0/14 - 15
channel-group 1 mode on
exit
interface port-channel 1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 100
switchport trunk allowed vlan except 100
exit
interface range f0/12 - 13
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 100
switchport trunk allowed vlan except 100
exit
interface f0/11
switchport mode access
switchport access vlan 172
no shutdown
end

# DS1: VTPserver, Vlan
vlan database
vtp domain newstar
vtp password newstar
vtp server
vlan 2
vlan 3
vlan 10
vlan 100
vlan 172
vlan 192
exit
config terminal
vtp file nvram:vlan.dat
end
===========================

# DS2: Hostname, Etherchannel, Trunk, Native Vlan 100
# DS2: Hostname
enable
config terminal
hostname DS2
line console 0
loggin synch
no exec-timeout
no ip domain-lookup
end

# DS2: Etherchannel, Trunk, Native Vlan 100
config terminal
interface range f0/14 - 15
channel-group 1 mode on
exit
interface port-channel 1
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 100
switchport trunk allowed vlan except 100
exit
interface range f0/12 - 13
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 100
switchport trunk allowed vlan except 100
exit
interface f0/11
switchport mode access
switchport access vlan 172
no shutdown
end

# DS2: VTPserver, Vlan
vlan database
vtp domain newstar
vtp password newstar
vtp server
vlan 2
vlan 3
vlan 10
vlan 100
vlan 172
vlan 192
exit
config terminal
vtp file nvram:vlan.dat
end
======================================

# AC1: VTP Client, Trunk, Native vlan 100
# AC1: Hostname
enable
config terminal
hostname AC1
line console 0
loggin synch
no exec-timeout
no ip domain-lookup
end

# AC1: Trunk, Native Vlan 100
config terminal
interface f0/12
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 100
switchport trunk allowed vlan except 100
exit
interface f0/13
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 100
switchport trunk allowed vlan except 100
end

# AC1: VTPClient
vlan database
vtp domain newstar
vtp password newstar
vtp client
exit
config terminal
vtp file nvram:vlan.dat
end

# AC1: Switchport access vlan
config terminal
interface range f0/0 - 4
switchport mode access
switchport access vlan 2
exit
interface range f0/5 - 10
switchport mode access
switchport access vlan 3
exit
interface range f0/0 - 10
spanning-tree portfast
no shutdown
end
=========================

# SSW: VTP transparent, Trunk, Native vlan 100
# SSW: Hostname
enable
config terminal
hostname SSW
line console 0
loggin synch
no exec-timeout
no ip domain-lookup
end

# SSW: Trunk, Native vlan 100
config terminal
interface f0/12
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 100
switchport trunk allowed vlan except 100
exit
interface f0/13
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk native vlan 100
switchport trunk allowed vlan except 100
end

# SSW: VTP Transparent
vlan database
vtp domain newstar
vtp password newstar
vtp transparent
exit
config terminal
vtp file nvram:vlan.dat
end

# SSW: Create Vlan 192
vlan database
vlan 192
exit

# SSW: f0/15 access vlan 192
config terminal
interface f0/15
switchport mode access
switchport access vlan 192
no shutdown
end
==============================

# GSW: VTP transparent, Trunk, Native vlan 100
# GSW: Hostname
enable
config terminal
hostname GSW
line console 0
loggin synch
no exec-timeout
no ip domain-lookup
end

# GSW: Create Vlan 172
vlan database
vlan 172
exit

# GSW: Switchport access vlan
config terminal
interface f0/14
switchport mode access
switchport access vlan 172
no shutdown
exit
interface f0/15
switchport mode access
switchport access vlan 172
no shutdown
exit
interface f0/13
switchport mode access
switchport access vlan 172
no shutdown
end

# GSW: VTP Transparent
vlan database
vtp domain newstar
vtp password newstar
vtp transparent
exit
config terminal
vtp file nvram:vlan.dat
end
=============================

# DS1: STP is Root
config terminal
spanning-tree vlan 2 root primary
spanning-tree vlan 3 root primary
spanning-tree vlan 10 root primary
spanning-tree vlan 172 root primary
spanning-tree vlan 192 root primary
end
==============================

# DS2: STP is Secondary
config terminal
spanning-tree vlan 2 root secondary
spanning-tree vlan 3 root secondary
spanning-tree vlan 10 root secondary
spanning-tree vlan 172 root secondary
spanning-tree vlan 192 root secondary
end
================================

# Configuration HSRP; IP address for interface Vlan
# DS1: HSRP, IP address
config terminal
interface vlan 2
ip address 2.2.2.1 255.255.255.0
standby 1 ip 2.2.2.254
no shutdown
exit
interface vlan 3
ip address 3.3.3.1 255.255.255.0
standby 1 ip 3.3.3.254
no shutdown
exit
interface vlan 192
ip address 192.168.1.1 255.255.255.0
standby 1 ip 192.168.1.254
no shutdown
exit
interface vlan 10
ip address 10.10.10.1 255.255.255.0
no shutdown
exit
interface vlan 172
ip address 172.16.1.1 255.255.255.0
no shutdown
end
wr
===============================

# DS1: is active for Vlan 2, 3, 192
config terminal
interface vlan 2
standby 1 preempt
standby 1 priority 110
exit
interface vlan 3
standby 1 preempt
standby 1 priority 110
exit
interface vlan 192
standby 1 preempt
standby 1 priority 110
end
wr
===============================

# DS2: is standby for Vlan 2, 3, 192
config terminal
interface vlan 2
standby 1 preempt
exit
interface vlan 3
standby 1 preempt
exit
interface vlan 192
standby 1 preempt
end
wr
==================================

# When F0/11 of DS1 is down then DS2 is active
config terminal
interface vlan 2
standby 1 track f0/11 30
exit
interface vlan 3
standby 1 track f0/11 30
exit
interface vlan 192
standby 1 track f0/11 30
end
=============================================

# When F0/11 of DS1 is up then DS1 is active affter 30 seconds
config terminal
interface vlan 2
standby 1 preempt delay minimum 10
exit
interface vlan 3
standby 1 preempt delay minimum 30
exit
interface vlan 192
standby 1 preempt delay minimum 60
end
wr
========================================

# Configuration HSRP; IP address for interface Vlan
# DS2: HSRP, IP address
config terminal
interface vlan 2
ip address 2.2.2.2 255.255.255.0
standby 1 ip 2.2.2.254
no shutdown
exit
interface vlan 3
ip address 3.3.3.2 255.255.255.0
standby 1 ip 3.3.3.254
no shutdown
exit
interface vlan 192
ip address 192.168.1.2 255.255.255.0
standby 1 ip 192.168.1.254
no shutdown
exit
interface vlan 10
ip address 10.10.10.2 255.255.255.0
no shutdown
exit
interface vlan 172
ip address 172.16.1.2 255.255.255.0
no shutdown
end
================================

# Routing with EIGRP AS100 for DS1, DS2, GW
# Routing with EIGRP AS100 for DS1
config terminal
router eigrp 100
network 2.2.2.0
network 3.3.3.0
network 10.10.10.0
network 172.16.1.0
network 192.168.1.0
no auto-summary
end
=============================

# Passive interface
# (DS1 is neighbor DS2 of Vlan 172; Vlan 2,3,20,192 is not)
config terminal
router eigrp 100
passive-interface default
no passive-interface vlan 172
end
wr
==============================

# Routing with EIGRP AS100 for DS2
config terminal
router eigrp 100
network 2.2.2.0
network 3.3.3.0
network 10.10.10.0
network 172.16.1.0
network 192.168.1.0
no auto-summary
end
===========================

# GW: Hostname, IP address
enable
config terminal
hostname GW
line console 0
loggin synch
no exec-timeout
no ip domain-lookup
end
config terminal
interface f0/1
ip address 172.16.1.253 255.255.255.0
no shutdown
exit
interface f0/0
ip address dhcp
no shutdown
end
wr
===========================

# Routing with EIGRP AS100 for GW
config terminal
router eigrp 100
network 172.16.1.0
no auto-summary
end
wr
==============================

# DHCP server 2k3
Create Scope Vlan2 (create pool)
Ip address range: 2.2.2.50-2.2.2.100
Default gateway: 2.2.2.254
DNS servers: 8.8.8.8
Create Scope Vlan3 (create pool)
Ip address range: 3.3.3.50-3.3.3.100
Default gateway: 3.3.3.254
DNS servers: 8.8.8.8
Routing and remote access
Static routes: 0.0.0.0 0.0.0.0 Gateway: 192.168.1.254
==============================

# DS1: ip helper-address
config terminal
interface vlan 2
ip helper-address 192.168.1.253
exit
interface vlan 3
ip helper-address 192.168.1.253
end
wr
====================================

# DS2: ip helper-address
config terminal
interface vlan 2
ip helper-address 192.168.1.253
exit
interface vlan 3
ip helper-address 192.168.1.253
end
wr
======================================

# GW: NAT overload guarantee all host of vlan 2, 3 go to internet
config terminal
interface f0/0
ip address dhcp
no shutdown
exit
access-list 1 permit any
ip nat inside source list 1 interface f0/0 overload
interface f0/0
ip nat outside
exit
interface f0/1
ip nat inside
end
wr
===========================

# GW: redistribute static (quang ba default route)
config terminal
router eigrp 100
redistribute static
end
wr
===========================
THE END
Người đăng: vào lúc

Không có nhận xét nào:

Đăng nhận xét

Đăng ký: Đăng Nhận xét (Atom)