Hng dn thc hnh Thit k mng

Nhm bin son: Trn Don Thnh - L Bo Thin Ngy hon thnh: 20/3/200 Trng i hc khoa hc t nhin Thnh Ph H Ch Minh

Mc lc
1 Lm quen vi chng trnh Router Sim...........................................................................3 1.1 Thit lp mt mng trong Router Sim.......................................................................3 1.2 Kt ni cc thit b trong Router Sim........................................................................3 1.3 Net Detective.............................................................................................................4 2 Cu hnh Router................................................................................................................5 2.1 ng nhp vo router.................................................................................................5 2.2 Xem thng tin mt router...........................................................................................5 2.3 t Password cho router............................................................................................5 2.4 Cu hnh cho router....................................................................................................6 3 Ci t Routing.................................................................................................................6 3.1 Cu hnh Static routing..............................................................................................6 3.2 Cu hnh Default routing...........................................................................................7 3.3 Cu hnh RIP routing.................................................................................................7 3.4 Cu hnh IGRP routing..............................................................................................7 4 Cu hnh Switch................................................................................................................8 4.1 Kt ni n Switch v t password..........................................................................8 4.2 t hostname cho Switch...........................................................................................9 4.3 t IP Address cho Switch........................................................................................9 4.4 Cu hnh VLANs.....................................................................................................10 4.5 Cu hnh Trunk port.................................................................................................12 5 Backup v Restore Cisco Router IOS.............................................................................13 5.1 K thut hi phc mt khu.....................................................................................13 5.2 Sao chp d phng Cisco IOS.................................................................................13 5.3 Hi phc hoc nng cp IOS...................................................................................14 5.4 Sao lu d phng cu hnh Cisco............................................................................15 5.5 Hi phc Cu hnh Cisco Router t tftp server........................................................16 5.6 S dng Cisco Discovery Protocol ly thng tin v cc thit b lng ging.......16 5.7 S dng telnet..........................................................................................................17 5.8 To mt bng cc Host trn mt Router v ly IP ca mt Host.............................18 6 Cu hnh IPX Routing.....................................................................................................19 6.1 Cu hnh nh tuyn IPX c bn..............................................................................19 6.2 Cu hnh IPX cho Internetwork (mng o trong sim)..............................................19 6.3 Kim tra li IPX Internetwork.................................................................................19 6.4 Thm mt mng IPX ph.........................................................................................20 6.5 Thm mt mng IPX ph s dng Subinterface......................................................20 6.6 Kim tra li vi CDP v IPX ping...........................................................................21 7 Cu hnh Access-Lists.....................................................................................................21 7.1 Danh sch a ch IP chun cho php truy cp vo mng........................................21 7.2 Kim tra li Danh sch truy cp chun....................................................................21 1

7.3 Gn mt Danh sch IP truy cp mng vo mt dng VTY.....................................22 7.4 Danh sch IP truy cp mng m rng......................................................................22 7.5 Kim tra li danh sch truy cp IP m rng............................................................23 7.6 Danh sch truy cp IPX chun.................................................................................23 7.7 Kim tra li danh sch truy cp IPX chun..............................................................24 8 Cu hnh Truy cp t xa..................................................................................................24 8.1 Cu hnh PPP Encapsulation....................................................................................24 8.2 Kim tra PPP Encapsulation....................................................................................24 8.3 Cu hnh PPP Authentication dng CHAP..............................................................25 8.4 Kim tra PPP Authentication...................................................................................25 8.5 Tm hiu v Cu hnh Frame Relay.........................................................................26 8.6 Cu hnh Frame Relay Switching............................................................................27 8.7 Cu hnh Frame Relay vi Subinterface..................................................................28 8.8 Kim tra li Frame Relay.........................................................................................29

1 Lm quen vi chng trnh Router Sim

Chng trnh Router Sim l mt chng trnh gi lp dng cho vic thit lp mt mng my tnh vi cc thit b nh: Router, Switch v cc my tnh. Cc mn chnh trong trong RouterSim: Network Visualizer Screen L mn hnh giao din ho chnh trong Router Sim 3.0. y l ni bn s to v cu hnh cc thit b c ko, th vo trong mn hnh Network Visualizer. Nhn p chut ln thit b cu hnh mt thit b , khi s chuyn sang mn hnh Simulation. Simulation Screen L mn hnh gi lp cc thit b, dng cu hnh cc thit b nh router, switch, 1.1 Thit lp mt mng trong Router Sim 1. Nhp chut vo nt Net Visualizer, khi mn hnh li Network Visualizer s xut hin. 2. Ko cc thit b t ca s bn trn tri th vo mn hnh Net Visualizer. 3. Tip tc ko cc thit b cn thit to thnh mt mng my tnh. Ch :: C mt gii hn trong s lng cc thit b c th ko th vo trong mn hnh Network Visualizer: o 5 2501 Routers o 1 2600 Router o 6 1900A Switches o 8 Hosts Mun b mt thit b ra khi mn hnh Net Visualizer, chng ta ko thit b vo thng rc di tri mn hnh. Nu chng ta mun xa ton b cc thit b, click vo nt Clear Visualizer. 1.2 Kt ni cc thit b trong Router Sim Sau khi ko th cc thit b trong mn hnh Network Visualizer, chng ta phi kt ni chng li vi nhau. 1. Nhp chut phi trn thit b.

2. Nhp chut trn cc cng mun kt ni, v d: E0, S0, S1. 3. i vi cc cng S0, S1, s yu cu kt ni DTE hay DCE. Ch i vi DCE chng ta phi cu hnh clock rate cho cng . 4. Tng t chng ta nhn chut phi ln thit b cn kt ni ti v click chut tri ln port kt ni. Nu mun b cc kt ni chng ta lm tng t nh vic kt ni: 1. Click chut phi ln thit b. 2. Click chut tri ln kt ni mun b. 3. Chng trnh s hi chng ta mun b kt ni hay khng? OK 1.3 Net Detective

Nu bn khng thnh tho trong vic s dng router v switch , bn c th gp phi trng hp thc thi mt lnh no m n khng thc hin theo mnh mun, v bn khng bit mnh sai ch no. Chng ta s s dng Net Detective xem ti sao mng b li. V d: nu bn khng thnh cng trong vic ping gia 2501 A v 2501C, Net Detective s cung cp mng b li ch no.

2 Cu hnh Router
2.1 ng nhp vo router kt ni vo router chng ta nhn enter t mn hnh Network Visualizer, chng ta s vo user mode. Trong ch user mode chng ta ch c th s dng c mt s lnh nh: ping, traceroute, Mun cu hnh router chng ta vo trong ch privileged mode, bng cch s dng lnh enable vo privileged mode ( Router# ) Dng lnh logout, exit thot Cc du nhc trong Router: o Router # : ang ch privileged (enable) o Router (config) # : ang ch global config mode (config) o Router (config-if) # : ang ch config cc interface ca router (interface ethernet0) o Router (config-subif) # : subinterfacce (int f0/0.1) o Router (config-line) # : cu hnh trn cc line (line console 0) o Router (config-router) # : Cu hnh routing (router rip) Xem thng tin mt router ? : Xem cc lnh c th thc hin c ch ny command? : Xem cc lnh c cc k t bt u nh vy Command ? : Xem cc tham s ca mt lnh show version : Xem version ca HDH ca router show running-config (sh run), show startup-config (sh start) o Xem cu hnh ang chy ca router v cu hnh ca router c lu trong NVRAM. t Password cho router Trong router chng ta c 5 password bo v router. Hai password u tin bo v ch privileged mode, khi s dng lnh enable. V 3 password khc dng bo v router khi ngi dng ng nhp t console port, auxiliary port hoc l telnet ( mc user mode). 2.3.1 Password cho Privileged mode Config T : vo cu hnh router (Router(config)#) enable secret : t password cho router (1) enable password : t password cho router (2) o Ch : Khi t password theo lnh (1) th password trong lnh (2) s khng c tc dng na.

2.2

2.3

2.3.2 Password cho console port, auxiliary port v Telnet - S dng lnh line c password user mode cho cc cng ph nh:
Router(config)#line ? <0-6> First Line number aux Auxiliary line console Primary terminal line vty Virtual terminal

Trong : o aux: config router qua modem o console : config router thng qua console port o vty : config router qua telnet. (Nu khng c t password th khng th s dng Telnet cu hnh router) - Line [aux/console/vty] [0] - Login - Password <pass> 2.3.3 2.4 M ha mt m Config t Service password-encryption Bt u t password nh trn No service password-encryption Cu hnh cho router

2.4.1 Ci t cu thng bo khi logon vo router - banner motd # Cu thng bo # 2.4.2 Cu hnh cc giao tip ca router interface (int) e0/ s0/ s1 / [fastethernet 0/0] no shutdown (no shut) ip address A.B.C.D subnetmask ip address A.B.C.D subnetmask secondary description (desc) cu miu t

2.4.3 t Router hostname - con t - hostname Tn_ca_router

3 Ci t Routing
3.1 Cu hnh Static routing Chng ta s phi xy dng bng routing tnh cho mi router => c th dn ng cho ton mng. Chng ta phi cu hnh cho tt c cc router th vic tm ng mi c th hot ng c. 6

Cc lnh cu hnh router: - con t - ip route NetID Subnetmask DestIP - - exit - show ip route V d:
Router#con t Router(config)#ip route 172.16.20.0 255.255.255.0 172.16.20.1 Router(config)#ip route 172.16.30.0 255.255.255.0 172.16.20.1 Router(config)#ip route 172.16.40.0 255.255.255.0 172.16.20.1 Router(config)#exit Router#

3.2

Cu hnh Default routing Cu hnh Default routing th khng ging nh cu hnh default gate-way trtrn host. Nn nh rng router l dafault gateway v chng ta khng th t mt default gateway trn router. Default gateway s thc hin : nu mt packet cho mt mng khng nm trong routing table th router s chuyn packet ny n mt default route. Chng ta ch c th cu hnh default routing trn cc router gc, l cc router ch c mt ng in v out. Cu hnh default routing s dng cc lnh sau: - con t - no ip route NetID Subnetmask DestIP - ip route 0.0.0.0 0.0.0.0 DestIP - ip classless - exit V d:
Router>en Router#con t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#ip route 0.0.0.0 0.0.0.0 172.16.20.1 Router(config)#ip classless Router(config)#exit Router#

3.3 3.4

Cu hnh RIP routing con t router rip network 172.16.0.0 ^z

Cu hnh IGRP routing - con t - router IGRP 10 - network 172.16.0.0 7

^z

4 Cu hnh Switch
4.1 Kt ni n Switch v t password Nhp p vo switch cn cu hnh s nhn c cc thng tin sau:
Catalyst 1900 Management Console Copyright (c) Cisco Systems, Inc. 1993-1999 All rights reserved. Enterprise Edition Software Ethernet Address: 00-30-80-C7-BE-C0 PCA Number: 73-3122-04 PCA Serial Number: FAB033723WJ Model Number: WS-C1912-A System Serial Number: FAB0338S10A Power Supply S/N: APQ032404SA PCB Serial Number: FAB033723WJ,73-3122-04 ------------------------------------------------1 user(s) now active on Management Console. User Interface Menu [M] Menus [K] Command Line Enter Selection:K

Nhn K vo CLI (Command Line Interface)

CLI session with the switch is open. To end the CLI session, enter [Exit].

t password cho switch chng ta thi hnh cc lnh sau:

>enable #config t Enter configuration commands, one per line. (config)# (config)#enable password level 1 user (config)#enable password level 15 priv (config)#exit

End with CNTL/Z.

Level 1 : l password vo user mode Level 15: l password vo privilge mode

Chng ta s kim tra cc password bng cch thot ra ngoi v login vo li. Ban u s l password vo user mode v tip theo l password cho privileged mode.
Catalyst 1900 Management Console Copyright (c) Cisco Systems, Inc. All rights reserved. Enterprise Edition Software 1993-1999

Ethernet Address:

00-30-80-C7-BE-C0

PCA Number: 73-3122-04 PCA Serial Number: FAB033723WJ Model Number: WS-C1912-A System Serial Number: FAB0338S10A Power Supply S/N: APQ032404SA PCB Serial Number: FAB033723WJ,73-3122-04 ------------------------------------------------1 user(s) now active on Management Console. User Interface Menu [M] Menus [K] Command Line Enter Selection: Enter password: **** CLI session with the switch is open. To end the CLI session, enter [Exit]. >en Enter password:**** #

4.2

t hostname cho Switch Hostname trong switch cng ging nh trong router ch c ngha logic. C ngha l n khng gi mt chc nng no trong mng hay phn gii tn bt c ci g. Tuy nhin n cng c ch gip chng ta xc nh c l switch no khi kt ni vo n. Thng thng ngi ta t hostname cho switch da vo ci vng n phc v. Cc lnh t hostname cho Switch 1900 tng t nh trong router :
#con t Enter configuration commands, one per line. (config)#hostname PMMang01 PMMang01(config)# End with CNTL/Z.

4.3

t IP Address cho Switch Chng ta khng cn t IP cho Switch, ch cn gn vo l n s hot ng nh HUB. Nhng chng ta t IP cho Switch chng ta c th cu hnh n thng qua Telnet hay l cc cng trnh qun l khc. Hoc phc v cho VLAN hoc cc tnh nng khc. Mc nh Switch khng c IP v Default gateway. (s dng lnh show ip xem thng tin (trong ch privileged mode))
PMMang01#show ip IP Address: 0.0.0.0 Subnet Mask: 0.0.0.0 Default Gateway: 0.0.0.0 Management VLAN: 1 Domain name: Name server 1: 0.0.0.0 Name server 2: 0.0.0.0 HTTP server : Enabled HTTP port : 80 RIP : disabled

PMMang01#

S dng cc lnh sau ci t IP cho switch:

PMMang01#show ip IP Address: 0.0.0.0 Subnet Mask: 0.0.0.0 Default Gateway: 0.0.0.0 Management VLAN: 1 Domain name: Name server 1: 0.0.0.0 Name server 2: 0.0.0.0 HTTP server : Enabled HTTP port : 80 RIP : disabled PMMang01#con t Enter configuration commands, one per line. End with CNTL/Z. PMMang01(config)#ip address 172.16.10.16 255.255.255.0 PMMang01(config)#ip default-gateway 172.16.10.1 PMMang01(config)#exit PMMang01#sh ip IP Address: 172.16.10.16 Subnet Mask: 255.255.255.0 Default Gateway: 172.16.10.1 Management VLAN: 1 Domain name: Name server 1: 0.0.0.0 Name server 2: 0.0.0.0 HTTP server : Enabled HTTP port : 80 RIP : disabled PMMang01#

4.4

Cu hnh VLANs Chng ta c th cu hnh 64 VLAN trn Switch 1900. Chng ta s dng cc lnh sau: vlan [vlan#] name [vlan name] V d:
PMMang1#con t Enter configuration commands, one per line. PMMang1(config)#vlan 1 name sales PMMang1(config)#vlan 2 name marketing PMMang1(config)#vlan 4 name mis PMMang1(config)#exit End with CNTL/Z.

xem thng tin cc vlan trong switch, s dng lnh sh vlan

PMMang1#sh vlan VLAN Name Status Ports -------------------------------------1 sales Enabled 1-12, AUI, A, B 2 marketing Enabled 4 mis Enabled 1002 fddi-default Suspended 1003 token-ring-default Suspended 1004 fddinet-default Suspended 1005 trnet-default Suspended

10

-------------------------------------VLAN Type SAID MTU Parent RingNo BridgeNo Stp Trans1 Trans2 -------------------------------------------------------------------------1 Ethernet 100001 1500 0 0 0 Unkn 0 0 2 Ethernet 100002 1500 0 0 0 Unkn 0 0 4 Ethernet 100003 1500 0 0 0 Unkn 0 0 1002 FDDI 101002 1500 0 0 0 Unkn 0 0 1003 Token-Ring 101003 1500 0 0 0 Unkn 0 0 1004 FDDI-Net 101004 1500 0 0 0 IEEE 0 0 1005 Token-Ring-Net 101005 1500 0 0 0 IBM 0 0 -------------------------------------------------------------------------PMMang1#

rng tt c cc port u thuc VLAN 1 => Chng ta s cu hnh phn cc port v cc VLAN khc nhau.
PMMang1#con t Enter configuration commands, one per line. End with CNTL/Z. PMMang1(config)#int e0/1 PMMang1(config-if)#vlan-membership ? dynamic Set VLAN membership type as dynamic static Set VLAN membership type as static PMMang1(config-if)#vlan-membership static ? <1-1005> ISL VLAN index PMMang1(config-if)#vlan-membership static 1 PMMang1(config-if)#int e0/2 PMMang1(config-if)#vlan-membership static 2 PMMang1(config-if)#int e0/4 PMMang1(config-if)#vlan-membership static 4 PMMang1(config-if)#^Z %SYS-5-CONFIG_I: Configured from console by console PMMang1#show vlan VLAN Name Status Ports -------------------------------------1 sales Enabled 3,5-12, AUI, A, B 2 marketing Enabled 2 4 mis Enabled 4 1002 fddi-default Suspended 1003 token-ring-default Suspended 1004 fddinet-default Suspended 1005 trnet-default Suspended -------------------------------------PMMang1#

Chng ta c th xem cc thng tin cc port thuc VLAN no bng cch:

PMMang1#show vlan-membership Port VLAN Membership Type ----------------------------1 1 Static 2 2 Static 3 1 Static 4 4 Static 5 1 Static 6 1 Static

11

7 8 9 10 11 12 AUI A B PMMang1#

1 1 1 1 1 1 1 1 1

Static Static Static Static Static Static Static Static Static

4.5

Cu hnh Trunk port Trunk link l lin kt 100 hoc 1000Mbps gia 2 switch, gia switch v router hoc gia switch v server. Trunk link l cu ni cho nhiu VLANm t 1 1005 cng 1 lc. Chng ta khng th s dng trunk link cho lin kt 10Mbps. cu hnh port fast ethernet s dng lnh : trunk [parameter]
PMMang1#con t Enter configuration commands, PMMang1(config)#int f0/26 PMMang1(config-if)#trunk ? auto Set DISL state desirable Set DISL state nonegotiate Set DISL state off Set DISL state on Set DISL state PMMang1(config-if)#trunk on PMMang1(config-if)# one per line. to to to to to AUTO DESIRABLE NONEGOTIATE OFF ON End with CNTL/Z.

Trong : Interface tr thnh trunk ch khi thit b kt ni c cu hnh on hoc desirable. Nu thit b kt ni c cu hnh hoc on, desirable hoc auto n s dn xp tr thnh trunk port. Interface l cng ISL trunk th n s khng iu nh vi bt k thit b no gn vo n. kim tra cc trunk port chng ta s dng lnh show trunk [port_number]
PMMang1#sh trunk ? A Trunk A B Trunk B PMMang1#sh trunk a DISL state: On , Trunking: On , Encapsulation type: ISL PMMang1#

Trong Switch 1900 cng 26 c xc nh bi trunk A v cng f0/27 l trunk B.

12

5 Backup v Restore Cisco Router IOS

5.1 K thut hi phc mt khu Tt c cc Router Cisco u c mt thanh ghi mm 16 bit c lu trong NVRAM. Thanh ghi cu hnh c t mc nh khi ng t b nh flash v tm kim c file cu hnh t NVRAM. Bng cch thay i thanh ghi cu hnh ta c th hi phc mt khu. Bit 6 ca thanh ghi cu hnh c s dng xc nh cho Router bit l c cu hnh t NVRAM hay khng. Gi tr mc nh ca thanh ghi cu hnh l 0x2102 (bit 6 = 0). hi phc mt khu ta cn phi bt bit 6 ln tc l yu cu Router b qua khng c cu hnh t NVRAM. Gi tr cn t cho thanh ghi cu hnh bt bit 6 l 0x2142. 1. Ta c th xem gi tr ca thanh ghi cu hnh hin thi bng lnh show version.
2 show 5 0 0 A # version

Dng cui cho bit gi tr ca thanh ghi cu hnh. 2. Ta c th thay i gi tr bng lnh config-register. Lu l cc thay i trn router ch c tc dng sau khi router khi ng li. 3. Vi router 2500A ta g lnh reload ti du nhc c quyn (privileged mode)
2 reload 5 0 0 A #

4. Khi router ang khi ng nhn ctrl-delete, ta s vo ch qun l ROM Lu l i vi router thc th nhn ctrl-break 5. thay i thanh ghi cu hnh ca cc router 2500 nhn o. N s hin ra mt menu cc la chn ci t cho thanh ghi cu hnh. thay i thanh ghi cu hnh ta nhp lnh o/r sau l gi tr mi ca thanh ghi cu hnh. Sau khi thay i thanh ghi cu hnh bt bit 6. Ta nhn i khi to li router 6. Cho php router khi ng li hon ton, n s cho ta vo ch Setup 7. Chn No vo ch setup v g enable vo ch c quyn 8. G copy startup-config running-config, lnh ny s chp tp tin config sn ln b nh. Bi v ta vt qua im i mt khu nn ta by gi ang trong phn cu hnh. 9. i mt khu v lu cu hnh li 10. i thanh ghi cu hnh tr li 0x2102 nh vy l ta thnh cng trong vic hi phc mt khu trn Router 2500A 11. i vi cc router 2600 th c mt s thao tc hi khc sau khi khi ng ta nhn ctrl-delete 12. thay i thanh ghi cu hnh trn 2600 ta dng confreg sau khi ng li
r reset o

13. Sau khi khi ng li ta chn no vo ch setup, sau lm tng t cc bc nh 2500 5.2 Sao chp d phng Cisco IOS Trc khi nang cp hay hi phc mt Cisco IOS, bn nn sao chp mt bn c sn vo mt my c tftp d phng trong trng hp bn mi khng chy. Bn c th dng bt k my tftp no lm vic ny. Mc nh, b nh flash trong router c dng lu Cisco IOS. Sau y s m t phng php kim tra kch thc ca b nh flash, sao chp mt Cisco IOS t b nh flash vo mt my tftp, sau sao chp mt IOS t my tftp vo b nh.

13

1. Trc khi nng cp IOS trong router ca bn, cn phi kim tra la rng b nh flash lu file mi. Bn c th kim tra kch thc flash v cc file ang lu trong fn thng qua lnh show flash (sh fla). 2. Lu tn tp tin trong v d l c Tn 2 ca file xc nh nn v c cu thnh nh sau: - c2500 l nn. - j ch ta bit file l mt enterprise image - s ch ta bit bao gm c phn kh nng m rng. - l ch ta bit n c th xo khi flash v khng nn. - 11.2-18 l s xem li - .bin cho bit Cisco IOS l tp tin thi hnh c. 3. Dng cui cng cho bit flash c 16Mb tc l tha ch cho mt file 10Mb ca chng ta. Khi kim tra li dung lng ca b nh flash c th cha file ta mun, ta tin hnh cng vic sao chp d phng. 4. B quyt thnh cng l phi bo m phi c mt kt ni tt n my tftp. Ta c th kim tra iu ny bng cch ping n my t mn hnh console ca router nh sau: 5. Sau khi ping my tftp m bo IP ca n ang hot ng, bn c th dng lnh sao chp tftp sao chp IOS n my nh di y. Lu rng sau khi nhn enter tn ca tp tin trong b nh c hin th. iu ny lm bn d dng hn. trong v d trn, ton b b nh flash c chp thnh cng vo my tftp. a ch ca my xa chnh l a ch ca my tftp. Tp tin ngun chnh l tp tin trn b nh flash. 5.3 Hi phc hoc nng cp IOS Bn c th cn phi hi phc IOS vo b nh flash thay th mt tp tin c sn m b hng hoc l cn nng cp IOS. Bn c th download tp tin t mt my tftp n b nh flash bng lnh copy tftp flash lnh ny yu cu a ch IP ca my tftp v tn tp tin ta cn download vo b nh flash. 1. G copy tftp flash t du nhc lnh trng thi c quyn. bn s thy mt thng ip hng dn bn l router phi khi ng liv chy di ch ROM based IOS image thc hin qu trnh ny. 2. Sau khi nhn enter xc nhn l bn hiu v router cn phi khi ng li, router s hin th nh di y. Khi router s dng my tftp, n s nh a ch ny v ch yu cu bn khng nh li m thi.
Addressor (press return) nameofremote host [172.16.60.3] ?

3. Dng i lnh k l tn ca tp tin m bn mun chp vo flash. Tn tp tin cn nng cp l c2500-js65i-l.120-9.bin. 4. Sau khi bn cho router ng dn v tn tp tin, n s hi bn xc nhn rng bn hiu ni dung ca flash s b xo. Bn s c hi 3 ln m bo chc l bn thc s mun xo b nh flash. Nu bn cha thc hin lnh copy run start, bn s c yu cu lm iu bi v router cn phi khi ng li.
(press Erase flash return) devicebefore writing? [confirm ] (press return) Fl y S y a

14

5. Sau khi xc nhn xo b nh flash, router phi khi ng li chy mt h iu hnh IOS nh t ROM bi v bn khng th xo flash file nu n ang c s dng. Ton b nhng g cha trong flash s b xo v tp tin t my tftp s c chp vo b nh flash. Dng cha cc k t e cho bit ni dung ca flash ang c xo. Mi du chm than (!) tc alf mt phn ca UDP c truyn. 6. Mt khi chp xong, bn s nhn c thng ip sau: Sau khi tp tin c chp vo flash v checksum xong, router s khi ng li chy tp tin IOS mi. Lu l trong bi tp s khng c tp tin thc. y ch l bi tp th hin n thc hin nh th no. 5.4 Sao lu d phng cu hnh Cisco Bt k thay i no bn lm trn cu hnh router u c lu trong tp tin runningconfig. Nu bn khng thc hin lnh copy run start sau khi thay i running-config th cc thay i s mt nu router khi ng li hay b mt in. Bn c th cn to mt sao lu d phng khc cho thng tin cu hnh trong trng hp router hoc switch hon ton cht hay lm ti liu. Bi ny s m t lm cch no sao chp cu hnh ca router n mt my tftp. 1. chp cu hnh router t mt router n my tftp, bn c th dng lnh copy running-config tftp hoc copy starting-config tftp. C hai lnh u sao lu cu hnh router ang chy trn DRAM hoc c lu trn NVRAM. 2. kim tra li cu hnh trn DRAM, s dng lnh show running-config (sh run) nh sau: Thng tin cu hnh hin ti l ang chy phin bn 12.0 ca IOS. 3. Tip theo phi kim tra cu hnh lu trong NVRAM. xem ta dng lnh show starting-config (sh start) nh sau: dng th 2 cho bit cu hnh d phng chim ch bao nhiu. Trong v d ny, NVRAM l 32KB v ch c 366 bytes c s dng. Lu rng phin bn ca cu hnh trong NVRAM l 11.2 (bi v ta khng sao chp running-config vo startup-config t lc nng cp router). nu bn khng chc cc tp tin l ging nhau v tp tin running-config l ci m bn cn dng th dng lnh copy running-config startup-config cho hai tp tin u ging nhau. Bng cch sao lu d phng vo NVRAM nh di y, bn c bo m l running-config s lun c c ln nu router phi khi ng li. Trong h iu hnh IOS 12.0, bn c yu cu nhp tn tp tin mun dng. Tng t, trong v d ny, bi v IOS l 11.2 vo ln cui chy copy run start, router s cho bn bit n s thay th tp tin vi tp tin phin bn 12.0. 4. By gi khi bn chy show starting-config, phin bn l 12.0: 5. Khi tp tin c chp vo NVRAM, bn c th to mt sao lu d phng th hai vo my tftp bng cch dng lnh copy running-config tftp (copy run tftp) nh sau: 6. Lu l ch xut hin hai du chm than (!), tc l 2 UDP ack. Nu tn my cu hnh, lnh s t ng dng tn my cng vi confg nh l tn ca tp tin

15

5.5 Hi phc Cu hnh Cisco Router t tftp server Nu bn thay i cu hnh router trong running-config v mun hi phc li ging trong startup-config th dng lnh copy startup-config running-config (copy start run). Bn cng c th dng lnh c, config mem, hi phc cu hnh. Tt nhin, iu ny ch c khi bn chp running-config vo NVRAM trc khi thay i. 1. Nu bn chp cu hnh router vo my tftp nh l mt sao lu d phng th 2, bn c th hi phc cu hnh dng lnh copy tftp running-config (copy tftp run) hoc copy tftp startup-config (copy tftp start) nh sau: 5.6 S dng Cisco Discovery Protocol ly thng tin v cc thit b lng ging

CDP l mt giao thc thch ng c thit k bi Cisco gip cc nh qun tr thu thp cc thng tien v cc thit b gn ni b v cc thit b xa. Bn c th ly thng tin phn cng cng nh thng tin giao thc ca cc thit b lng ging. Thng tin ny rt hu dng i vi nhng rc ri v lm su liu v mng. 1. u tin ly thng tin CDP trn router ca bn bng cch ly CDP Timer v Holdtime Information. Dng lnh show cdp (sh cdp) s cho bit hai tham s CDP chung m c th cu hnh trn thit b ca Cisco. Kt qu xut ra ging nh sau:
R sh o u t cdp

- CDP Timer cho bit khong thi gian gia cc packet CDP c gi i n tt c cc cng hot ng. - CDP holdtime l khong thi gian m thit b s gi packet nhn c t thit b lng ging. C Cisco router v switch dng chung tham s. 2. S dng lnh chung xem cdp holdtime v cdp timer cu hnh chng trn router. 3. bn c th tt CDP hon ton trn router bng lnh no cdp run trong ch cu hnh chung ca router (global configuration mode). Bt CDP dng cdp run.
no R o u t e cdp r c run ( cdp run Router(config)# ^Z Router(config)#

4. tt hoc m CDP trn mt cng router, dng no cdp enable v cdp enable. 5. Lnh show cdp neighbor (sh cdp nei) cho bit thng tin v cc thit b kt ni trc tip. Cn phi nh cc CDP packet khng c gi thng qua Cisco switch v bn ch thy nhng g kt ni trc tip. Trn mt router kt ni n switch, bn s khong thy cc thit b kt ni n switch. Sau y l kt qu thc hin trn 2500A. Di y l bng gii thch cc ct hin th ca router Ct Gii thch Device ID Hostname ca thit b kt ni trc tip Local Interface Cng hoc giao din m bn nhn c CDP packet t n. Holdtime Thi gian Reuter gi thng tin nhn t thit b . Capability Chc nng ca cc lng ging nh router, switch, repeater. M kh nng c lit k ti phn u ca mn hnh kt qu Platform Loi ca thit b Cisco. Trong mn hnh xut trn, mt Cisco 2509, Cisco 2511 v Catalyst 5000 gn vo switch. 2509 ch thy switch v router 2501 qua cng tun t 0 ca n. 16

Port ID

Cng hoc giao din ca thit b lng ging m t CDP packet pht ra.

6. Mt lnh khc cung cp thng tin ca cc lng ging l show cdp neighbor detail (show cdp nei de) v c th chy trn router ln switch. Lnh ny cho bit thng tin chi tit v mi thit b kt ni vo n nh mt router xut sau: Trn y cho bit tn v a ch IP ca cc thit b kt ni trc tip. Ngoi mt s thng tin ging nh lnh sh cdp nei, cn c thm phin bn ca IOS. 7. Lnh show cdp entry * hin th thng tin tng t nh show cdp nei de. Sau y l v d ca lnh ny. 8. Lnh show cdp traffic hin th thng tin ng truyn ca interface, bao gm c s lng CDP packet gi v nhn v cc li vi CDP. Kt qu ca lnh trn router. 5.7 S dng telnet Telnet l mt giao thc u cui o v l mt phn ca b giao thc TCP/IP. Telnet cho php bn to kt ni n thit b xa v ly thng tin, chy chng trnh. Sau khi router v switch c cu hnh, bn c th s dng chng trnh Telnet cu hnh v kim tra router v switch thay v phi dng cng gn cp. Bn dng Telnet bng cch nh telnet t bt k du nhc i lnh no. Mt khu VTY phi c ci t trn router lm iu ny. Bn khng th dng CDP ly thng tin v router v switch m khng kt ni trc tip n thit b ca bn. Tuy nhin, bn c th dng telnet kt ni n cc thit b lng ging v dng CDP trn ly thng tin cc thit b xa. 1. Sau y l cch b telnet v mt khu t router 2600A. 2. Bn c th dng telnet t bt c du nhc lnh no ca router nh sau: Nh rng cng VTY trn router c cu hnh login tc l bn phi t mt khu VTY hoc s dng lnh no login. 3. Trong mt Cisco router, bn khng cn s dng telnet. Ch cn nhp mt a ch IP l router t hiu bn cn s dng telnet. 4. y l lc nhp mt khu VTY trn router m bn mun telnet vo. Sau y l v d 5. By gi kt ni vi router mt ln na (t 2500A) 6. Nh l mt khu VTY l mt khu ch ngi dng, khng phi mt khu enable Sau y l kt qu khi th chuyn sang ch c quyn sau khi telnet vo 2600A:
2 en 6 0 0 A >

y l mt chc nng bo mt tt. Bn khng mun ai ch telnet vo thit b ca bn v c th ch enable l vo c ch c quyn. Bn phi nhp mt khu enable hoc enable secret password s dng telnet cu hnh thit b ca bn t xa. 7. Nu bn telnet n mt router hoc switch, bn c th ct kt ni bng exit. Tuy nhin, nu bn mun vn gi kt ni trong khi quay li vi thit b ca mnh, nhn Ctrl-Shift-6, sau nhn X. Sau y l v d Theo trn, bn telnet vo router 2500E, sau nhp mt khu vo ch ngi dng. Tip theo nhn Ctrl-Shift-6, sau X, tr v 2500A.

17

8. Bn cng c th telnet vo switch 1900. Tuy nhin bn phi ci mt khu level 15 hoc enable secret trong switch trc khi c th truy cp vo thng qua ng dng telnet. Trong v d sau y l telnet vo switch 1900: 9. Lc ny nhn Ctrl-Shift-6, sau X, tr v router 2500A. 10. xem kt ni to t router n mt thit b xa, s dng lnh show sessions nh sau: 11. h du * bn cnh kt ni th 2 tc l session 2 l session cui. ta c th quay li session cui bng cch g Enter 2 ln. 12. Bn c th hin th tt c cc console hot ng v cc cng VTY ang dng trong Router ca mnh bng lnh show users nh sau: Trn mn hnh xut ta thy con i din cho console cc b. console ny kt ni n 2 IP hay thit b xa. 13. G lnh show users t router 2500E m 2500A telnet vo. Kt qu cho thy console ang hot ng v cng VTY2 ang c s dng. Du * cho bit session ang c s dng hin ti. 14. Bn c th kt thc mt session bng nhiu cch khc nhau. Exit hoc disconnect l hai cch nhanh nht kt thc t xa. 15. kt thc mt session telnet trn my cc b, s dng lnh disconnect nh sau: Trong v d trn ta dng kt ni s 1 v kt ni n router 2500e chnh l kt ni cn ng. Dng lnh show sessions xem cc kt ni. 5.8 To mt bng cc Host trn mt Router v ly IP ca mt Host Nhm mc ch s dng tn host thay v a ch IP kt ni n mt thit b t xa, thit b m bn s dng phi c kh nng chuyn tn host sang IP. Sau y l cch to mt bng host trn router ca bn chuyn tn host sang IP. 1. Mt bng host cung cp vic phn gii tn ch cho router m n c xy dng. Lnh to mt bng host l: 2. Sau y l v d v cu hnh mt bng host vi 2 phn t cung cp tn cho router 2500E v switch 1900C: 3. xem bng host, ta dng lnh show hosts nh sau: Trong kt qu trn, bn c th thy 2 tn host v a ch IP tng ng. Ch perm trong ct flag cho bit phn t ny c cu hnh bng tay. Nu l temp th n c cung cp bi DNS. 4. kim tra xem bng host c lm vic khng, ti du nhc i lnh g tn host tc l s dng telnet. Dng tn host telnet vo thit b xa, sau nhn Ctrl-Shift-6, sau X tr v mn hnh 2500A.
2500e 2 5 0 0 2 control+shift+6,then 5 0 0 x) 2 1900c 5 0 0 A # E control+shift+6,then n x)

5. Lu trong cc phn t xut ra bng lnh show session di y th tn host c hin th thay v a ch IP bi v a ch IP c x l. 6. Bn c th xo tn host t bng bng cch s dng lnh no ip host nh sau:

18

6 Cu hnh IPX Routing

6.1 Cu hnh nh tuyn IPX c bn 1. cu hnh nh tuyn IPX, ta s dng ipx routing global configuration. khi bn kch hot nh tuyn IPX trong router, RIP v SAP t ng kch hot. Tuy nhin s khng c g xy ra cho n khi bn cu hnh cng c nhn vi cc a ch IPX. 2. Khi bn kch hot nh tuyn IPX trn router, bc tip theo l kch hot IPX trn cng c nhn. y l mt v d cu hnh hon chnh IPX trn 2500A: Ch n gin vy thi. IPX l mt giao thc rt mau phc hi bi v n broadcast mi th. Tuy nhin chnh l vn trong mng ln hn. S nt mng c cung cp bi ngi qun tr. 6.2 Cu hnh IPX cho Internetwork (mng o trong sim)

Ta ch cu hnh IPX c bn tc l rt d dng cu hnh. S ca cc nt mng m ta s dng ph thuc vo s ca subnet m ta dng trong mi mng. Tuy nhin, IPX s khng nh hng g n IP nn ng lo lng. 1. Kt ni n router 2500A v cu hnh nh tuyn IPX sau thm s mng IPX vo c hai cng. Ethernet0 kt ni vo subnet 60 nn s mng IPX ca n l 60. Cng Serial 0 kt ni vo subnet 20 nn s mng IPX ca n l 20. 2. Kt ni n router 2500B, 2500C, 2500D, 2500E v cu hnh n nh sau: 3. Kt ni n router 2600A v cu hnh nh sau: 6.3 Kim tra li IPX Internetwork

Chng ta cu hnh IPX trn ton b internetwork. Nn nh l s mng IPX v s subnet khng cn phi ging nhau nh lm, vic lm nh vy ch nhm mc ch qun tr. 1. T router 2500A, s dng lnh show ipx route xem ton b cc tuyn IPX. Sau y s hin th cc tuyn IPX RIP tm c. ... Lu l c 11 tuyn trong bng nh tuyn ca 2500C. Hai ni trc tip vi router cn hai c xc nh bi IPX RIP. 2. Lm tng t vi cc router 2500B, C, D, E v 2600A 3. T router 2500A, dng lnh show protocols xem a ch IPX ca mi cng Bn phi nhn thanh space cho n khi thy cu hnh ca cng. Lnh ny hin th thng tin ca giao thc nh tuyn ca mi cng ang hot ng. 4. G lnh show ipx interface xem s mng IPX cho mi cng Nh rng s mng IPX lun c t ng phn cho s dng a ch MAC ca cng lin kt vi s mng . 5. Lnh show ipx server s hin th bng SAP xy dng bi router. Bi v chng ta khng c my dch v Novell no trn mng lc ny nn s khng c g c hin th. 6. Dng lnh debug ipx routing activity xem thng tin RIP c gi v nhn trn router.

19

6.4

Thm mt mng IPX ph

Phn ny s hng dn bn thm cc chc nng vo mng IPX sn c ca bn trn router 2500A -> 2500D. Bng cch dng lnh IPX verification c trnh by trn, bn s thy mng Ethernet ng s dng kiu frame IPX ca Novell-Ether(802.3). Nu bn mun h tr kiu frame khc ngoi Novell-Ether, bn c th dng lnh secondary trong mng Ethernet (bn khng th lm iu ny i vi cng serial. 1. Thm mt mng khc dng kiu frame 802.2 trn mng Ethernet kt ni n router 2500A, ta s dng s mng IPX l 60a. Nu bn khng s dng lnh secondary ti cui mi lnh, kiu frame 802.3 s c thay th bi 802.2 (SAP) 2. Kim tra li cu hnh ny bng lnh show running-config. Bn s nhn thy hai mng IPX chy trong cng Ethenet 0. 3. G lnh show ipx route. Lu l mng IPX 60a c hin th l kt ni trc tip nhng vi mt k t c tc l secondary. 4. Thm mt mng IPX ph chy theo kiu frame Ethernet_II trn router 2500B. Dng s mng IPX 70a. 5. Thm mt mng IPX ph chy theo kiu frame SNAP trn router 2500C. S dng s mng IPX l 70a. Vic ci t nhiu loi mng khc nhau nh vy l khng cn thit trong thc t. y ch l hng dn hiu v cch thc ci t cho 4 kiu frame khc nhau ca IPX. 6.5 Thm mt mng IPX ph s dng Subinterface. Subinterface l mt cch khc thc hin cc lnh secondary trn cng Ethernet. to mt subinterface, bn dng lnh interface vi mt chm v mt s. V d ethernet0.55. S subinterface ch quan trng trong qun tr v phi khc nhau trn mng internetwork. 1. Cho n lc ny, trn router 2500A, ta c hai kiu frame c cu hnh l 802.3 v 802.2. Ta cu hnh Ethernet_II v SNAP s dng hai subinterface. Vic cu hnh quan trng nht cn lu l s subinterface .1 v .2. Bn c th s dng bt k s no. Lu l lnh encapsulation c s dng trong subinterface thay v secondary v chng ta cng s dng s mng IPX khc. 2. Trn router 2500B, chng ta c 802.3 v Ethernet_II. Cu hnh 802.2 v SNAP s dng 2 subinterface. 3. Trn router 2500C, chng ta c 802.3 v SNAP. Cu hnh 802.2 v SNAP dng 2 subinterface. 4. Bi v ta khng thm mt mng ph trn router 2500D, by gi ta s ci t nh l bi luyn tp. Thrm 3 kiu frame cn li vo 2500D s dng s mng IPX 90a, 90b, 90c. To 802.2 s dng secondary v Ethernet_II, SNAP dng subinterface.

20

6.6

Kim tra li vi CDP v IPX ping

Bn c th kim tra li mng IPX bng cch s dng cc lnh CDP v IPX Ping. Lnh CDP c th s dng tm a ch IPX ca router lng ging v sau a ch c th s dng vi lnh IPX Ping. 1. Kt ni n 2500A v dng CDP tm a ch IPX ca 2500E. 2. Dng a ch IPX m CDP hin th Ping router 2500E
2 address 5 0 0

3. Telnet vo 2500E v ly a ch IPX ca 2500B, sau tr v 2500A console v ping 2500B vi IPX.
2 address 5

7 Cu hnh Access-Lists
7.1 Danh sch a ch IP chun cho php truy cp vo mng

Phn ny hng dn bn cm truy cp vo mng 172.16.60.0 t cc host G v H. Danh sch truy cp c th phc tp bi v nu bn khng to danh sch mt cch chnh xc, bn c th lm cho mng b down. 1. Kim tra l bn c th ping t 1900C v bn c th ping my E t my G v H. 2. Kt ni vo 2500A v to mt danh sch truy cp m cm truy cp t G v H khi mun vo 172.16.60.0 Lu l danh sch ny cn phi c to gn vi mng ch nht, v th m ta to ti 2500A. 3. Thm danh sch truy cp cho cng serial 0 ca 2500A. Dng lnh trn cp nht danh sch truy cp 10 vo serial 0 v lc tt c cc packet i vo. 4. Kim tra thy rng G v H khng th no ping 172.16.60.2 v 172.16.60.3 5. Nu danh sch truy cp chnh xc, tt c cc thit b khc s c th vo mng 172.16.60.0. Ping t 2500C v kim tra l c th thy 172.16.60.2 v 172.16.60.3 7.2 Kim tra li Danh sch truy cp chun

1. Kt ni n 2500A v xem danh sch truy cp bng lnh show access-list 2. Bn c th nhp show ip access-list hoc show-access-list 10 ly thng tin cu hnh danh sch. 3. xem cng no ng p dng danh sch, dng lnh show ip interface. 4. Lnh show running-config rt tt xem c danh sch truy cp v cng c p dng danh sch .

21

7.3

Gn mt Danh sch IP truy cp mng vo mt dng VTY

Bn s rt kh khn trong vic dng mt user telnet vo router bi v bt k cng hot ng no ca router u nh nhau cho vic truy cp VTY. Tuy nhin, bn c th dng danh sch IP truy cp chun iu khin bng cch t danh sch truy cp ln chnh cc dng VTY. 1. To mt danh sch IP truy cp m cho php ch mt s host c th telnet vo router. 2. p dng danh sch ny vo cc dng VTY vi lnh access-class. Chng ta s dng host G v H telnet vo router 2600A. 1. Kim tra rng G v H c th telnet vo 2600A. 2. Kt ni vo 2600A v cm telnet i vi G v H nhng cho php cc thit b khc telnet vo 2600A.
line 2 6 0 0 A ( c o g i f n vty 0 4 2 access-class 6 10 in 2 ^ lz

3. p dng danh sch truy cp trc tip vo cc dng VTY v khng phi interface.
2 line 6 vty 0 4 l 2 ccess-class 10 in a l 2z ^

4. Kim tra rng G v H khng th telnet vo 2600A. 5. Kitm tra rng 2500C vn c th telnet vo 2600A. 7.4 Danh sch IP truy cp mng m rng

Chng ta s xo danh sch truy cp IP chun trn 2500A v thay bng mt danh sch ngn gn hn. Chng ta cn G v H s dng cc dch v trong mng 172.16.60.0 nhng ta khng cho php telnet vo switch 1900C. 1. Xo danh sch truy cp khi 2500A 2. Xo danh sch truy cp khi cng serial 0 ca 2500A Lu ch cn nhp no access-list 10 on xo danh sch truy cp nhng bn phi nhp ton b lnh xo danh sch khi cng ca router. 3. Kim tra thy G v H c th ping 172.16.60.2 v 3. 4. To danh sch truy cp trong 2500A cm telnet vo 172.16.60.0 nhng vn cho G v H ping E. Danh sch truy cp ny cm a ch ngun l 172.16.80.3 v 172.16.90.3 khng c kt ni vo mng 172.16.60.0 5. Cp nhp danh sch ny vo serial 0 ca 2500A lc cc gi i vo. Danh sch tng t c th xy dng trn 2600A v 2500E. C th ni tt nht cu hnh danh sch ny l trn 2600A v lc cc gi c gng vt ra Fastethernet 0/0. iu ny cho php dng cc packet s b t chi khi n 172.16.60.0 nhng trc khi n c a vo mng xng sng.

22

6. Nu bn mun dng cc gi gn vi ngun, to danh sch truy cp IP m rng trn 2600A. u tin xo cu hnh trn 2500A. 7. Xo danh sch truy cp trn serial 0 ca 2500A. 8. To mt danh sch truy cp trn 2600A cm telnet vo 172.16.60.0 nhng vn cho php G v H ping E. 9. By gi p dng danh sch ny cho cng fastethernet 0/0 ca 2500A lc cc gi ra khi router n 172.16.60.0 10. Kim tra danh sch truy cp bng cch th telnet 172.16.60.2 Tt c cc thit b khc phi c th telnet vo 172.16.60.2. 7.5 Kim tra li danh sch truy cp IP m rng Chng ta dng cc lnh tng t nh lm kim tra danh sch truy cp IP chun. n 2600A v kim tra danh sch . Nn nh telnet thc s l mt cng c tt kim tra li mng ca mnh. 1. T 2600A, g show access-list xem danh sch cu hnh. 2. Dng lnh show access-list 110 xem mt mnh danh sch 110 3. Xem cc danh sch ch trn router. 4. Kim tra cng no c ci t mt danh sch truy cp bng show ip interface trn router 2600. 7.6 Danh sch truy cp IPX chun

Danh sch truy cp IPX c cu hnh tng t nh cc danh sch khc. Bn dng lnh access-list to cho mnh danh sch truy cp ca cc kim tra packet v sau p dng vo danh sch cho mt cng vi lnh access-group. Danh sch truy cp IPX chun s dng my ngun hoc ch hoc a ch mng lc. cch cu hnh rt ging vi cu hnh cho IP. Cc tham s cu hnh danh sch truy cp IPX chun l access-list 800-899 deny/permit source_address destination_address Ta s cu hnh danh sch truy cp IPX chun trn 2600A chn mng IPX 70 khng b hin th n 2500C v 2500D. iu ny rt ch li trong mt mng sn xut khi bn khng mun mng Lan ca phng ti chnh b hin ra trn mng. 1. Kt ni n 2600A v xy dng mt danh sch truy cp IPX cm mng IPX 70 vo fastethernet 0/0. Danh sch truy cp n gin ny cm cc packet IPX vi ngun l mng IPX hoc 70 vi mt ch l mng IPX bt k. 2. p dng danh sch truy cp ny cho cng fastethernet 0/0 vi lnh ipx access-group. Sau mt vi giy, 2600A, 2500C v 2500D s khng th thy mt tuyn no n IPX 70 trong bng nh tuyn IPX. Trong cc router thc cn phi mt n 60 giy.

23

7.7

Kim tra li danh sch truy cp IPX chun

Chng lm cc cng vic kim tra danh sch truy cp IPX hu nh tng t vi vic kim tra cho IP. 1. Kim tra li mng IPX 70 bit rng n khng xut hin trong bng nh tuyn ca 2600A. 2. Kim tra li mng IPX 70 bit n khng xut hin trong bng nh tuyn ca 2500D 3. Kim tra li mng IPX 70 bit n khng xut hin trong bng nh tuyn ca 2500E 4. Dng lnh show access-list kim tra li danh sch ca bn trn 2600A. 5. xem ring danh sch truy cp IPX, dng lnh show ipx access-list 6. Bn cng c th dng lnh show access-list 810 7. Kim tra li cng m danh sch truy cp ang p dng trn router 2600A bng cch dng lnh show ipx interface

8 Cu hnh Truy cp t xa
8.1 Cu hnh PPP Encapsulation Encapsulation l s kt hp mt cu trc bn trong mt cu trc khc (VD: d liu theo chun TCP/IP c ng gi bn trong mt frame ATM.). Tm dch l ng gi. PPP l mt giao thc tng data-link c s dng qua cc thit b truyn thng quay s tun t khng ng b v s dng LCP xy dng v duy tr kt ni data-link. Mc ch c bn ca PPP l vn chuyn cc packet tng th 3 thng qua mt lin kt imim ca tng Data Link. Giao thc HDLC (High-Level Data-Link Control) l mt giao thc im-im s dng trn cc ng leased line. Khng c s dng xc thc trong HDLC v l chun ng gi mc nh c dng bi cc router Cisco trn cc kt ni tun t ng b. Cisco HDLC l mt phng thc c quyn giao tip vi bt k nh cung cp h tr HDLC no. Nu bn mun hoc cho php xc thc trn kt ni tun t hoc kt ni t router Cisco n router ca cc nh cung cp khc, khi cn phi cu hnh PPP trn cng serial. Phn ny s hng dn bn cu hnh PPP trn 4 mng tun t v thay th HDLC thnh mt phng thc ng gi trn lin kt tun t. 1. Kt ni n 2500E v tahy i phng thc ng gi (encapsulation) trn kt ni serial t HDLC sang PPP. 2. Kt ni n 2600A v thay i nh trn. 3. Lm tng t vi cc router 2500A, 2500B, 2500C, 2500D. 8.2 Kim tra PPP Encapsulation

Mt khi thay th HDLC bng phng thc encapsulation tun t, bn cn kim tra li xem mng ca mnh c cn ang hot ng.

24

u tin phi kim tra bng lnh show ip route bo m tt c cc tuyn IP v IPX u n. 1. T cc router u s dng lnh show ip route kim tra mng vn hot ng. 2. T 2600A, dng lnh interface thy ng gi lin kt tun t. 3. T 2500E, kim tra encapsulation bng lnh show interface 8.3 Cu hnh PPP Authentication dng CHAP

By gi mng dng PPP v bn c th s dng xc thc PPP cm cc user khng cho php kt ni vo mng. Mc d, thng thng cch ny c dng vi dial-up, n vn c th dng vi serial. Phn ny hng dn bn cu hnh xc thc PPP trn tt c cc cng serial ca cc router s dng giao thc CHAP. Giao thc Challenge Authentication c dng ti thi im khi ng ca mt lin kt v ti thi im kim tra lin kt bo m router vn ang giao tip vi cng mt my ch. Sau khi PPP kt thc giai on khi to ca n, router cc b gi mt yu cu thch thc n thit b xa. Thit b kia gi mt gi tr tnh ton s dng mt hm bm mt chiu gi l MD5. Router cc b s kim tra gi tr bm m ho ny bo m n ng. Nu gi tr khng ng, lin kt s b ngt ngay lp tc. cu hnh xc thc PPP, u tin t tn ca router nu n cha c t (bt buc). Sau dng tn user v mt khu router xa kt ni c n router ca bn. V d, nu bn kt ni n 2500A v mun cu hnh xc thc, bn s t tn host v to tn user bao gm c router m bn s kt ni vo, trong v d sau l 2500E. Khi s dng lnh hostname, nh l tn user l tn ca router xa kt ni n router ca bn. Phn bit hoa thng. mt khu trn c hai router u phi ging nhau. l mt mt khu text v c th hin ra bng lnh show run. Bn phi c tn user v mt khu cu hnh cho mi h thng xa m bn s kt ni n. Router xa phi c cu hnh vi cc tn user v mt khu. Sau khi bn t tn my, tn user, mt khu th chn xc thc.
2 config 5 0 0 A # t 2 int 5 0 0 A ( c o # ) g i f ns0 2 ppp A 5 ( 0 0 authentication chap ^Z 2500A(config-if)#

1. Kt ni n 2500A v to tn user l 2500E v mt khu l cisco. Sau cu hnh cng serial 0 s dng xc thc PPP ca chap. 2. Kt ni n 2500B to 2500E vi mt khu cisco. 3. Kt ni n 2500C v to 2600A vi mk cisco. 4. Kt ni n 2500D v to 2600A vi mk cisco. 5. Kt ni n 2600A v to 2500C, 2500D vi mk cisco. 8.4 Kim tra PPP Authentication

25

Mt khi cu hnh xong PPP vi phn xc thc l mt phng thc ng gi tun t, bn cn phi kim tra li xem mng ca mnh c hot ng khng. Lnh u tin dng l show ip route bo m cc tuyn IP v IPX u hot ng. Tip theo l dng lnh show interface. 1. T cc router 2500A, 2500B, 2500C, 2500D, 2500E, 2600A g 2. T 2600A, dng lnh show interface xem ng gi lin kt tun t. 3. T 2500E, dng lnh show interface xem ng gi lin kt tun t. 8.5 Tm hiu v Cu hnh Frame Relay

Frame Relay cung cp mt cng giao tip gia DTE (data terminal equipment) v DCE (data circuit-terminating equipment, nh l switch). DTE bao gm cc thit b u cui, PC, router, bridgescustomer-owned end node v cc thit b mng. DCE bao gm cc thit b carrier-owned internetworking. Frame Relay s dng Virtual Circuit. Frame Relay cung cp kt ni nh hng, lin kt tng Data-Link thng qua virtual circuit(VC). Cc VC ny l cc kt ni logic to bi hai DTE thng qua mt mng chuyn mch gi (c xc nh bng mt DLCI, Data Link Connection Identifier). Tng t, Frame Relay s dng c PVC (Permanent Virtual Circuit) v SVC (Switched Virtual Circuit dnh cho dial up), mc d hu ht cc mng Frame Relay dng PVC. Virtual circuit ny cung cp mt ng dn y n mng ch trc khi gi frame u tin i. Cu hnh Frame Relay Encapsulation Khi cu hnh FR trn router Cisco, bn cn phi xc nh n nh l mt encapsulation trn cng serial. Ch c 2 loi encapsulation: Cisco v IETF (Internet Engineering Task Force). Kt qu xut di y th hin hai phng thc encapsulation khc nhau khi chn FR trn router cisco ca bn
int R o u t e r s0 ( A R encapsulation o frame-relay ?

Encapsulation mc nh l Cisco tr khi bn nhp bng tay IETF. Ngoi ra, Cisco l kiu dng kt ni gia hai thit b Cisco. Bn s c la chn s dng IETF encapsulation nu bn cn phi kt ni gia mt thit b Cisco v mt thit b khc khng phi ca Cisco. Frame Relay DLCI FR virtual circuit (PVC) c xc nh bi Data Link Connection Identifier (DLCI). Mt nh cung cp dch v Frame Relay nh cng ty in thoi thng thng s gn gi tr DLCI, gi tr c dng trong FR phn bit gia cc VC trn mng. Bi v rt nhiu VC c th b ngt trn mt cng FR nhiu im, nhiu DLCI thng c lin kt vi n. i vi thit b IP ti mi im cui ca mt VC, giao tip, a ch IP ca chng cn phi map n cc DLCI. Vic lin kt ny c th thc hin nh l mt mt thit b nhiu im m c th xc nh mng RT mt VC ch thch hp cho cc packet c gi qua thit b vt l. Vic lin kt ny cng c th thc hin t ng bi IARP (Inverse ARP) hoc bng tay thng qua lnh Frame Relay map. S DLCI dng ch nh mt PVC thng c gn bi nh cung cp v bt u l 16. 26

Cu hnh mt s DLCI p dng vo mt cng th hin di y: Frame Relay RMI Local Management Interface (LMI) c pht trin vo nm 1990 bi Cisco System, StrataCom, Northern Telecom v Digital Equipment Corporation, sau tr thnh Gangof-four LMI hay Cisco LMI. Nhm ny nhn giao thc Frame Relay c bn t CCIT v thm phn m rng vo cc tnh nng ca giao thc cho php thit b mng giao tip d dng vi mng Frame Relay. LMI l chun tn hiu gia mt thit b CPE (router) v mt frame switch. LMI chu trch nhim qun l v duy tr trng thi gia cc thit b ny. Nu bn khng dng tnh nng auto-sense ca LMI, bn phi kim tra nh cung cp Frame Relay xc nh kiu no c dng. Kiu mc nh l Cisco, tuy nhin bn c th i sang ANSI hay Q.933A. Ba kiu LMI khc nhau ny c m t trong phn kt qu di y: Bn c th c nhiu VC trn mt cng serial v coi chng nh l cc cng khc nhau, c th gi chng l subinterface. tng xem subinterface nh l mt hardware interface c nh ngha bi IOS. Mt thun li m ta t c thng qua s dng subinterface l kh nng gn cc c im ca cc tng mng khc nhau vo mi subinterface v VC nh l nh tuyn IP trn mt VC v IPX trn mt VC khc. Subinterface vi Frame Relay Bn nh ngha subinterface vi lnh int s0.subinterface numbet nh sau: u tin bn ci t encapsulation trn cng serial, sau bn c th nh ngha subinterface.
int 2 5 0 0 A ( c o # ) g i f ns0 2 encapsulation 5 0 0 A ( c o # ) g i f n frame-relay 2 int 5 s0.? 2 int 5 s0.16 ?

Bn c th nh ngha hu nh khng gii hn cc subinterface trn mt cng vt l. Trong v d trn, chng ta chn subinterface 16 bi v s i din cho s DLCI gn cho cng . Tuy nhin, bn c th chn bt k s no khc gia 0 v 4.292.967.295. 8.6 Cu hnh Frame Relay Switching By gi chng ta c nn tng cu hnh Frame Relay trn router Cisco. Phn ny s hng dn bn cu hnh 2500E v 2600A nh l mt Frame Relay Switch. Sau bn s cu hnh 2500A 2500D thnh cc kt ni Frame Relay t xa. Mng xng sng Ethernet s khng hot ng trong phn cu hnh ny. tin hnh iu ny, bn cn phi xo cu hnh trn 2 router u bi v cu hnh Frame Relay switching hon ton khc vi nhng g ta c. 1. T 2500E, g erase start sau reload 2. T 2600A lm tng t 3. Kt ni n 2500E v cu hnh hostname v mt khu
enable R o u t e r R config o t R hostname e o r u t 2500E enable secret todd 2500E(config)# 2 line 5 vty 0 4 2 login 5 password cisco 2

27

2 line 5 console 0 l 2 l ogin password cisco 2

4. Kt ni vi 2600A v cu hnh hostname v mt khu.

enable R o u t e r R config o u t e r t R hostname o u t er 2600A c ( enable secret todd 2600A(config)# 2 line 6 vty 0 4 2 login 6 password cisco 2 line console 0 2 login 2 password cisco 2

Mt khi router ca bn r rng, bn c th bin chng thnh mt frame relay switch vi lnh frame-relay switching. Tuy nhin, l phn d. Bn cn phi lin kt mi DLCI trn switch. C hai router ch c 2 kt ni, v th s khng tn nhiu thi gian nhng bn c c t PVC nn s phi mt cng mt cht. V 2500A v 2600A s khng kt ni vi mng xng sng, chng ta c th dng chung cu hnh Trn frame relay switch, s dng lnh frame relay route lin kt mi DLCI. V d: Lnh ny yu cu switch nu n nhn mt frame trn serial 0/0 vi PVC 16, gi n ra serial 0/1 dng PVC 17. Xin nhc li l mng ca chng ta vi cu hnh ny s ch c 2 tuyn nn n khng mt thi gian. 5. Kt ni n 2500E v cu hnh Frame Switching. Khng c a ch IP c gn cho cc cng ca router. Nn nh y l cc chc nng tng Data Link nn IP khng nh hng g n cu hnh ny. 6. Kt ni n 2600A v cu hnh Frame Switching By gi th c hai router frame-relay u c cu hnh, bn phi cu hnh router xa. 8.7 Cu hnh Frame Relay vi Subinterface

Phn ny s hng dn bn kt ni n 2500A 2500D v cu hnh chng cho frame relay s dng subinterface. V frame relay switch khng s dng nh a ch IP, kt ni t 2500A n 2500B s s dng mt subnet v xut hin nh l mt kt ni trc tip. Dng subnet 172.16.10.0 v s mng IPX l 10 gia cc router . 1. Kt ni n 2500A v cu hnh cng serial 0 vi Frame relay subinterface. thc hin iu ny bn phi xo a ch IP v s mng IPX trong cng serial. 2. Lm tng t vi 2500B 3. Kim tra li kt ni Frame-Relay ang chy. Ping t 2500A n 2500E. 4. Kt ni n 2500C v cu hnh cng serial 0 vi Frame Relay subinterface. S dng chung a ch IP v s mng IPX v Frame Relay switching router khng kt ni. 5. Kt ni n 2500D v lm tng t

28

6. Kim tra kt ni Frame-Relay ang hot ng. Ping t 2500C n 2500D 8.8 Kim tra li Frame Relay

C nhiu cch kim tra li trng thi ca cc cng v PVC ca bn khi b dng Frame Relay Encapsulation. Vn c th dng lnh show frame-relay vi du ? bit cc thng s ca lnh. 1. Lnh show frame-relay lmi s ho bit thng k ca mt giao thng LMI trao i gia router ni b v Frame Relay switch. Kt qu hin th cho bit cc li LMI cng vi loi LMI. 2. Lnh show frame pvc s lit k tt c cc PVC c cu hnh v s DLCI. N cung cp trng thi ca mi kt ni PVC v thng k truyn ti. N cng cho bn s lng packet BECN v FECN nhn c trn router. xem thng tin v PVC 16, g lnh show frame-relay pvc 16. 3. Bn cng c th dng lnh show interface kim tra thng lng LMI. Lnh ny hin th thng tin v encapsulation cng vi thng tin ca lp 2 v 3. LMI DLCI, in m trong lnh, c dng nh ngha kiu LMI c dng. Nu l 1023, l kiu mc inh Cisco. Nu LMI DLCI l 0, l ANSI LMI. Lnh show interface hin th thng tin dng, giao thc, DLCI v LMI. 4. Lnh show frame map cho bn bit vic lin kt tng mng vi DLCI (Network layerto-DLCI mapping) Lu l c hai loi lin kt, mt cho IP v 1 cho IPX. Thm vo , a ch ca tng mng c cung cp bi giao thc Inverse ARP (IARP). Nu mt ngi qun tr lin kt cc a ch ny, kt qu hin th s cho l static.

29