Introduction to Enterprise SWITCHED NETWORKS
Added on 2022-08-14
32 Pages8619 Words177 Views
Running head: ENTERPRISE SWITCHED NETWORKS
Enterprise Switched Networks
Name of the Student
Name of the University
Author’s Note
Enterprise Switched Networks
Name of the Student
Name of the University
Author’s Note
1
ENTERPRISE SWITCHED NETWORKS
b
Introduction......................................................................................................................................2
Basic Configuration.........................................................................................................................3
VLANs, trunking and VTP..............................................................................................................4
Etherchannel....................................................................................................................................8
Inter-VLAN routing.......................................................................................................................18
STP................................................................................................................................................19
HRSP.............................................................................................................................................20
Layer 2 switch security..................................................................................................................21
VACLs for addressing access........................................................................................................26
Conclusion.....................................................................................................................................27
Bibliography..................................................................................................................................29
ENTERPRISE SWITCHED NETWORKS
b
Introduction......................................................................................................................................2
Basic Configuration.........................................................................................................................3
VLANs, trunking and VTP..............................................................................................................4
Etherchannel....................................................................................................................................8
Inter-VLAN routing.......................................................................................................................18
STP................................................................................................................................................19
HRSP.............................................................................................................................................20
Layer 2 switch security..................................................................................................................21
VACLs for addressing access........................................................................................................26
Conclusion.....................................................................................................................................27
Bibliography..................................................................................................................................29
2
ENTERPRISE SWITCHED NETWORKS
Introduction
The report is created for the demonstration of network protocol and technology that is
used for the development of the network solution for Trinidad Glogal Data Techologies PLC.
The company have its headquarters in UK and have the requirement of implementation of a
multi-layered switching network solution. The best practices that are needed to be followed for
the development of the solution is analyzed and documented in the report. The current network
topology of the organization is given below.
ENTERPRISE SWITCHED NETWORKS
Introduction
The report is created for the demonstration of network protocol and technology that is
used for the development of the network solution for Trinidad Glogal Data Techologies PLC.
The company have its headquarters in UK and have the requirement of implementation of a
multi-layered switching network solution. The best practices that are needed to be followed for
the development of the solution is analyzed and documented in the report. The current network
topology of the organization is given below.
3
ENTERPRISE SWITCHED NETWORKS
Basic Configuration
The basic switching configuration and trunking is needed to be configured in each of the
distribution and access level devices. The steps followed for the basic configuration are given
below:
Configuration of the management address in VLAN 99. Configuration of the hostname of
the device, password, Telnet access to the four switches. HRSP configuration would also be
needed for setting the IP address in management VLAN 99 on the MLS1 and MLS2. Since
192.168.1.1 is used as the virtual default gateway for the VLAN 99, .3 and .4 for the IP address
on MLS1 and MLS2 is used respectively.
Configuration of the default gateway on each of the access layer switches and the
distribution layer switches are the layer 3 devices and thus they do not need any
default gateway.
802.1q trunking is configured between the switches following the current
topology diagram. For the 2960 switches dot1q is only supported and thus
switchport trunk encapsulation command cannot be used. As an additional
security measure the native vlan on the trunk is changed to VLAN 666 (It is a
VLAN that is designated for NATIVE VLAN traffic). The command used for
changing the native vlan is switchport trunk native vlan 666. The switchport
negotiation is also needed to be turned off for the port that is utilizing switchport
nonegotiate command.
The basic switch configuration commands are given below:
Switch(config)# hostname ALS1
ALS1(config)# enable secret class
ALS1(config)# line vty 0 15
ENTERPRISE SWITCHED NETWORKS
Basic Configuration
The basic switching configuration and trunking is needed to be configured in each of the
distribution and access level devices. The steps followed for the basic configuration are given
below:
Configuration of the management address in VLAN 99. Configuration of the hostname of
the device, password, Telnet access to the four switches. HRSP configuration would also be
needed for setting the IP address in management VLAN 99 on the MLS1 and MLS2. Since
192.168.1.1 is used as the virtual default gateway for the VLAN 99, .3 and .4 for the IP address
on MLS1 and MLS2 is used respectively.
Configuration of the default gateway on each of the access layer switches and the
distribution layer switches are the layer 3 devices and thus they do not need any
default gateway.
802.1q trunking is configured between the switches following the current
topology diagram. For the 2960 switches dot1q is only supported and thus
switchport trunk encapsulation command cannot be used. As an additional
security measure the native vlan on the trunk is changed to VLAN 666 (It is a
VLAN that is designated for NATIVE VLAN traffic). The command used for
changing the native vlan is switchport trunk native vlan 666. The switchport
negotiation is also needed to be turned off for the port that is utilizing switchport
nonegotiate command.
The basic switch configuration commands are given below:
Switch(config)# hostname ALS1
ALS1(config)# enable secret class
ALS1(config)# line vty 0 15
4
ENTERPRISE SWITCHED NETWORKS
ALS1(config-line)# password cisco
ALS1(config-line)# login
ALS1(config-line)# exit
Switch(config)# hostname ALS2
ALS2(config)# enable secret class
ALS2(config)# line vty 0 15
ALS2(config-line)# password cisco
ALS2(config-line)# login
ALS2(config-line)# exit
Switch(config)# hostname MLS1
MLS1(config)# enable secret class
MLS1(config)# line vty 0 15
MLS1(config-line)# password cisco
MLS1(config-line)# login
MLS1(config-line)# exit
Switch(config)# hostname MLS2
MLS2(config)# enable secret class
MLS2(config)# line vty 0 15
MLS2(config-line)# password cisco
MLS2(config-line)# login
MLS2(config-line)# exit
VLANs, trunking and VTP
HRSP is needed for the network and VLAN 10, 20 and 30 are needed to be configured
for using HRSP for providing redundancy at the layer 3. The priority command is needed to be
used for making MLS1 the active router for the VLANs 1 and 10 and MLS2 the active router for
VLAN 20 and 30.
Configuration of VTP and VLAN
MLS1(config)# vtp domain SWPOD
MLS1(config)# vtp version 2
MLS1(config)# vlan 99
MLS1(config-vlan)# name Management
MLS1(config)# vlan 10
MLS1(config-vlan)# name blue
MLS1(config-vlan)# vlan 20
MLS1(config-vlan)# name red
MLS1(config-vlan)# vlan 30
MLS1(config-vlan)# name green
MLS1(config-vlan)# vlan 666
MLS1(config-vlan)# name NATIVEVLAN_DONOTUSE
MLS1(config-vlan)# vlan 999
MLS1(config-vlan)# name PARKING_LOT
ENTERPRISE SWITCHED NETWORKS
ALS1(config-line)# password cisco
ALS1(config-line)# login
ALS1(config-line)# exit
Switch(config)# hostname ALS2
ALS2(config)# enable secret class
ALS2(config)# line vty 0 15
ALS2(config-line)# password cisco
ALS2(config-line)# login
ALS2(config-line)# exit
Switch(config)# hostname MLS1
MLS1(config)# enable secret class
MLS1(config)# line vty 0 15
MLS1(config-line)# password cisco
MLS1(config-line)# login
MLS1(config-line)# exit
Switch(config)# hostname MLS2
MLS2(config)# enable secret class
MLS2(config)# line vty 0 15
MLS2(config-line)# password cisco
MLS2(config-line)# login
MLS2(config-line)# exit
VLANs, trunking and VTP
HRSP is needed for the network and VLAN 10, 20 and 30 are needed to be configured
for using HRSP for providing redundancy at the layer 3. The priority command is needed to be
used for making MLS1 the active router for the VLANs 1 and 10 and MLS2 the active router for
VLAN 20 and 30.
Configuration of VTP and VLAN
MLS1(config)# vtp domain SWPOD
MLS1(config)# vtp version 2
MLS1(config)# vlan 99
MLS1(config-vlan)# name Management
MLS1(config)# vlan 10
MLS1(config-vlan)# name blue
MLS1(config-vlan)# vlan 20
MLS1(config-vlan)# name red
MLS1(config-vlan)# vlan 30
MLS1(config-vlan)# name green
MLS1(config-vlan)# vlan 666
MLS1(config-vlan)# name NATIVEVLAN_DONOTUSE
MLS1(config-vlan)# vlan 999
MLS1(config-vlan)# name PARKING_LOT
5
ENTERPRISE SWITCHED NETWORKS
MLS1(config-vlan)# exit
The configuration commands used for configuring VLANs and trunking are given below:
ALS1(config)# interface vlan 99
ALS1(config-if)# ip address 192.168.99.101 255.255.255.0
ALS1(config-if)# no shutdown
ALS1(config-if)# exit
ALS1(config)# ip default-gateway 192.168.99.1
ALS1(config)# interface range fastethernet 0/7 - 12
ALS1(config-if-range)# switchport mode trunk
ALS1(config-if-range)# switchport trunk native vlan 666
ALS1(config-if-range)# switchport nonegotiate
ALS2(config)# interface vlan 99
ALS2(config-if)# ip address 192.168.99.102 255.255.255.0
ALS2(config-if)# no shutdown
ALS2(config-if)# exit
ALS2(config)# ip default-gateway 192.168.99.1
ALS2(config)# interface range fastethernet 0/7 - 12
ALS2(config-if-range)# switchport mode trunk
ALS2(config-if-range)# switchport trunk native vlan 666
ALS2(config-if-range)# switchport nonegotiate
MLS1(config)# interface vlan 99
MLS1(config-if)# ip address 192.168.99.3 255.255.255.0
MLS1(config-if)# no shutdown
MLS1(config-if)# exit
MLS1(config)# interface range fastethernet 0/7 - 12
MLS1(config-if-range)# switchport trunk encapsulation dot1q
MLS1(config-if-range)# switchport mode trunk
MLS1(config-if-range)# switchport trunk native vlan 666
MLS1(config-if-range)# switchport nonegotiate
MLS2(config)# interface vlan 99
MLS2(config-if)# ip address 192.168.99.4 255.255.255.0
MLS2(config-if)# no shutdown
MLS2(config-if)# exit
MLS2(config)# interface range fastethernet 0/7 - 12
MLS2(config-if-range)# switchport trunk encapsulation dot1q
MLS2(config-if-range)# switchport mode trunk
MLS2(config-if-range)# switchport trunk native vlan 666
MLS2(config-if-range)# switchport nonegotiate
For enabling VTP configuration on the switch the VLANs are set according to the
diagram. Three VLANs are used i.e. for the admin, staff and guests. The VLANs are created in
ENTERPRISE SWITCHED NETWORKS
MLS1(config-vlan)# exit
The configuration commands used for configuring VLANs and trunking are given below:
ALS1(config)# interface vlan 99
ALS1(config-if)# ip address 192.168.99.101 255.255.255.0
ALS1(config-if)# no shutdown
ALS1(config-if)# exit
ALS1(config)# ip default-gateway 192.168.99.1
ALS1(config)# interface range fastethernet 0/7 - 12
ALS1(config-if-range)# switchport mode trunk
ALS1(config-if-range)# switchport trunk native vlan 666
ALS1(config-if-range)# switchport nonegotiate
ALS2(config)# interface vlan 99
ALS2(config-if)# ip address 192.168.99.102 255.255.255.0
ALS2(config-if)# no shutdown
ALS2(config-if)# exit
ALS2(config)# ip default-gateway 192.168.99.1
ALS2(config)# interface range fastethernet 0/7 - 12
ALS2(config-if-range)# switchport mode trunk
ALS2(config-if-range)# switchport trunk native vlan 666
ALS2(config-if-range)# switchport nonegotiate
MLS1(config)# interface vlan 99
MLS1(config-if)# ip address 192.168.99.3 255.255.255.0
MLS1(config-if)# no shutdown
MLS1(config-if)# exit
MLS1(config)# interface range fastethernet 0/7 - 12
MLS1(config-if-range)# switchport trunk encapsulation dot1q
MLS1(config-if-range)# switchport mode trunk
MLS1(config-if-range)# switchport trunk native vlan 666
MLS1(config-if-range)# switchport nonegotiate
MLS2(config)# interface vlan 99
MLS2(config-if)# ip address 192.168.99.4 255.255.255.0
MLS2(config-if)# no shutdown
MLS2(config-if)# exit
MLS2(config)# interface range fastethernet 0/7 - 12
MLS2(config-if-range)# switchport trunk encapsulation dot1q
MLS2(config-if-range)# switchport mode trunk
MLS2(config-if-range)# switchport trunk native vlan 666
MLS2(config-if-range)# switchport nonegotiate
For enabling VTP configuration on the switch the VLANs are set according to the
diagram. Three VLANs are used i.e. for the admin, staff and guests. The VLANs are created in
6
ENTERPRISE SWITCHED NETWORKS
MLS1 and it is configured as a VTP server. The MLS2 device remains in the default mode of
VTP and would also act as a server. The ALS1 and ALS2 are configured as a client for the VTP.
The access ports of the users are needed to be configured on the ALS1 and ALS2 and the
ports are needed to be setup as a static access ports with activating the spanning tree PortFast.
The ports are configured according to the network topology diagram.
The command used for configuration of ALS1 for VTP client changes are given below:
ALS1(config)# vtp mode client
Setting device to VTP CLIENT mode.
ALS1(config)# interface range fa0/6, fa0/15 - 24
ALS1(config-if-range)# switchport mode access
ALS1(config-if-range)# switchport access vlan 100
ALS1(config-if-range)# spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc... to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION
%Portfast will be configured in 10 interfaces due to the range command
but will only have effect when the interfaces are in a non-trunking
mode.
The command used for configuration of ALS2 for VTP client changes are given below:
ALS2(config)# vtp mode client
Setting device to VTP CLIENT mode.
ALS2(config)# interface range fa0/6, fa0/15 - 24
ALS2(config-if-range)# switchport mode access
ALS2(config-if-range)# switchport access vlan 200
ALS2(config-if-range)# spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc... to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION
%Portfast will be configured in 10 interfaces due to the range command
but will only have effect when the interfaces are in a non-trunking
mode.
The show vlan brief command is used for the verification of VLAN configuration and the output
is shown below:
ENTERPRISE SWITCHED NETWORKS
MLS1 and it is configured as a VTP server. The MLS2 device remains in the default mode of
VTP and would also act as a server. The ALS1 and ALS2 are configured as a client for the VTP.
The access ports of the users are needed to be configured on the ALS1 and ALS2 and the
ports are needed to be setup as a static access ports with activating the spanning tree PortFast.
The ports are configured according to the network topology diagram.
The command used for configuration of ALS1 for VTP client changes are given below:
ALS1(config)# vtp mode client
Setting device to VTP CLIENT mode.
ALS1(config)# interface range fa0/6, fa0/15 - 24
ALS1(config-if-range)# switchport mode access
ALS1(config-if-range)# switchport access vlan 100
ALS1(config-if-range)# spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc... to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION
%Portfast will be configured in 10 interfaces due to the range command
but will only have effect when the interfaces are in a non-trunking
mode.
The command used for configuration of ALS2 for VTP client changes are given below:
ALS2(config)# vtp mode client
Setting device to VTP CLIENT mode.
ALS2(config)# interface range fa0/6, fa0/15 - 24
ALS2(config-if-range)# switchport mode access
ALS2(config-if-range)# switchport access vlan 200
ALS2(config-if-range)# spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc... to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION
%Portfast will be configured in 10 interfaces due to the range command
but will only have effect when the interfaces are in a non-trunking
mode.
The show vlan brief command is used for the verification of VLAN configuration and the output
is shown below:
7
ENTERPRISE SWITCHED NETWORKS
MLS1# show vlan brief
VLAN Name Status Ports
---- ------------------------------ ---------
-------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/13,
Fa0/14
Fa0/15, Fa0/16, Fa0/17,
Fa0/18
Fa0/19, Fa0/20, Fa0/21,
Fa0/22
Fa0/23, Fa0/24, Gi0/1,
Gi0/2
10 blue active
20 red active
30 green active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
The show vtp status command is used for the verification of VTP configuration and the output is
shown below:
MLS1# show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : SWPOD
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : e840.406f.8b80
Configuration last modified by 192.168.1.3 at 3-1-93 00:18:32
Local updater ID is 192.168.1.3 on interface Vl1 (lowest numbered VLAN
interface found)
Feature VLAN:
--------------
VTP Operating Mode : Server
Maximum VLANs supported locally : 1005
Number of existing VLANs : 7
Configuration Revision : 3
MD5 digest : 0xAE 0xEB 0x3A 0xEB 0x28 0x23 0x1D
0x85
0x7E 0x8C 0x70 0x56 0x03 0x70 0x29
0xB2
ENTERPRISE SWITCHED NETWORKS
MLS1# show vlan brief
VLAN Name Status Ports
---- ------------------------------ ---------
-------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/13,
Fa0/14
Fa0/15, Fa0/16, Fa0/17,
Fa0/18
Fa0/19, Fa0/20, Fa0/21,
Fa0/22
Fa0/23, Fa0/24, Gi0/1,
Gi0/2
10 blue active
20 red active
30 green active
1002 fddi-default act/unsup
1003 trcrf-default act/unsup
1004 fddinet-default act/unsup
1005 trbrf-default act/unsup
The show vtp status command is used for the verification of VTP configuration and the output is
shown below:
MLS1# show vtp status
VTP Version capable : 1 to 3
VTP version running : 2
VTP Domain Name : SWPOD
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : e840.406f.8b80
Configuration last modified by 192.168.1.3 at 3-1-93 00:18:32
Local updater ID is 192.168.1.3 on interface Vl1 (lowest numbered VLAN
interface found)
Feature VLAN:
--------------
VTP Operating Mode : Server
Maximum VLANs supported locally : 1005
Number of existing VLANs : 7
Configuration Revision : 3
MD5 digest : 0xAE 0xEB 0x3A 0xEB 0x28 0x23 0x1D
0x85
0x7E 0x8C 0x70 0x56 0x03 0x70 0x29
0xB2
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Assignment on Switching Technologieslg...
|35
|3345
|33
Secure Networks - Configure Basic Router Securitylg...
|10
|620
|24
Network Information Technologylg...
|9
|743
|270
Network Design Assessment (Doc)lg...
|26
|2054
|20
Cisco Network Proposal Part 1lg...
|5
|608
|192
Designing Primary School Network with DHCP, Access List and Server Configurationlg...
|17
|1280
|346