S4013588 Networking2 eJournal

Welcome to your Networking 2 eJournal ( this is Assessed!
) Note, this is weighted at 15/1

Fill with your details below: Pt1 - Entries for week 1-7 will be as
Name: Jalen Pt2 - Entries for week 8-14 will be assesse
Student ID: s4007495
Class ID: F3AF
**** YOU MUST share your eJournal with your class Teacher ( OneDrive or Googlesh ***When your Teac
Part 1 Score 254254

Part 2 Score 171171
YOUR Total Running total Marks at this stage = 425425
Completing your week to week eJournal entries supprots your ONline Session and
importantly verifies your Knowledge and Skills in the following Important Networking areas below:
****PLEASE Ensure you do the ONLINE and on Campus actual labs - according to Canvas weekly schedule
Revision related skills
CLI modes and navigation at different levels
Configure Router with basic setup
Address devices with an IPv4/v6 schemes
Verify and display successful configurations
Configure Router with static & dynamic routes
New skills
Configure Router with Dynamic Routing - EIGRP & OSPF
Interpreting Routing tables
Multilayer Swtich configuration
Etherchannels/ Link Aggregation
STP
VoIP
ACLs
IPv6
HSRP
PPP Tech
CONTENTS (Access your Weekly eJournal Packet Tracer Files from Canvas) ***Update contents pages
1-7 will be as
8-14 will be assesse
***When your Teacher has 'edit access' to your eJournal they will confirm by adding their name here:
date contents pages as you develop your SKILLs & KNOWLEDGE
g their name here:
if your teacher does not fill this cell above - Please let them knwo to do so!
EEDC00 RMIT Classification: Trusted#_x000D_
UNIVERSAL CO
Prompt & Full Command Syntax
Router>enable
Router#configure terminal
Router(config)#hostname xxx
xxx(config)#enable password cisco
xxx(config)#enable secret class
xxx(config)#banner motd %xxxx%
xxx(config)#no ip domain-lookup
xxx(config)#line vty 0 15
xxx(config-line)#password class
xxx(config-line)#login
xxx(config-line)#line con 0
xxx(config-line)#password class
xxx(config-line)#login
xxx(config-line)#logging synch
xxx(config-line)#exec-timeout 0
xxx(config)#service password-encryption
xxx#?
xxx(config)#do copy run start
CLI navigation Commands for Routers/Switches
Ctrl A – move cursor to beginning of the line

Ctrl E - move cursor to end of the line
Esc B - move cursor back one word
Esc F - move cursor forward by one word
Ctrl B - move cursor back by one character
Ctrl F – move cursor forward by one character
Ctrl D or Backspace – deletes a single character
Ctrl U – Erase a line
Ctrl R – redisplays a line
Ctrl W – erase a word
Ctrl Z – ends the configuration mode and returns to Exec mode
Tab – finishing typing a command
Ctrl P – shows last command typed ( or use UP error)
There's a lot more to the CLI than you think!

try these cmds to see a variation to outputs:
xxx#sh run | begin int
xxx#sh run | section int
Router # show history

Router # terminal history size 20
UNIVERSAL CONFIGURATION
Description/ purpose
Enter Privileged Exec Mode (from User-Exec mode)

Enter Global Configuration mode – not next line (..)#
Configure hostname ( modify to meet your specific naming needs
Set enable password to “cisco” – asked when enable is used
Set enable secret (MD5 hash) password to “class” (128 bit encrypted!!)
Set a message of the day – Warning!! NOTE: Must start and end with the same delimiting character.
Stops lookups for mistyped commands.
Configure virtual terminal lines 0-15 (16 sessions for Telnet)
Set the VTY(Telent) password to “class”
Instruct the router to use the password to gain access
Configure console port
Set the console port password as “class”
Instruct the router to use the password to gain access
Set the rter/switch to use synchronous command line entries
Set the rter/switch to not log-out ( note, not a safe practice but we're not focusing on Security as such!!)
Encrypt all plain text passwords to MD7
Question Mark (?) =Help command
SAVE config ............Notice 'DO' (do) option allows user to run a priveliege mode command from Global mode
uters/Switches
ng of the line
he line
rd
ne word
character
ne character
ngle character
de and returns to Exec mode

d
d ( or use UP error)
output the running config beginning from interfaces details = | character = pipe (above the enter/return key
output the running config for interface(s) section ONLY
sh run | inc int?? offer what?
Router2#sh run | ?
begin Begins unfiltered output of the show command with the first line that contains the regular expression.
exclude Displays output lines that do not contain the regular expression.
include Displays output lines that contain the regular expression.

section Filter a section of output
default display of previous 10 commands entered at CLI

change history size ( note up error key is used to locate previous cmds at the router prompt)
See preconfigured Paste Box below to copy and paste into your device
en
config t
ho xxx
ena password cisco
ena secret class
banner motd %xxx%
no ip domain-lookup User-friendly - stop device translating input errors (shwo)
line vty 0 15
password class
login
line con 0
password class
login
logging synch User friendly - stops console messages over-writing your CL
exec-timeout 0 User friendly - stops device logging out - save having to pas
service password-encryption
?
do copy run start
** Copy and Paste the above Script into the router ** for each time you start a new LAB!!
sh run | begin int

sh run | section int
p device translating input errors (shwo)
s console messages over-writing your CLI(cmd) input

s device logging out - save having to password in all time!
Review Configuration of interfaces NOTE, YOU ARE GRADED FROM THIS LAB ONWARDS
Download:
FIRST Paste Universal configuration in R1&2 (edit host names!)
ON R1 :Enter global configuration mode
Enter Fast Ethernet configuration mode /select fa0/0
Enter the IP address and subnet mask of the interface.
Enter the interface description – “links to ? “
Activate the interface
Enter interface configuration mode /select s0/0/0

Enter the IP address 10.10.10.1 and subnet mask.
Enter the interface description
Enter clock rate for the serial line, only on the DCE end
ON R2
Enter Serial configuration mode
Enter the interface description
Display contents running configuration of router's RAM - component

Display contents of NVRAM - startup configuration
Display IP addressing and Interface status
Display the version of Operating system
Display the route information (on Router R1)
Display details of ‘flash’ directory
HOW many bytes is the IOS image? _______________? 3359176
8
Paste & Edit* R1’s Running Configuration in below:

display what your relevent interfaces & console line are set to!
Paste screen capture of R1’s interface status information bel

sh ip int brief is more simple
Paste & Edit the contents on R1’s Routing Table

GRADED FROM THIS LAB ONWARDS
This column is filled / adjusted by you teacher - please do no

SPOT CHECK 1 ***FILL IN the Paste Box Below: Attempted Correct TRY AGAIN
Paste Box 1 1 0
Config t 1 TRUE
int f0/0 1 1 FALSE
ip address 192.168.1.1 255.255.255.0 1 1 FALSE
description f0/0 connects to the server 1 1 FALSE
no shutdown 1 1 FALSE
int s0/0/0 1 1 FALSE

ip address 10.10.10.1 255.255.255.252 1 1 FALSE
description R1 connects to R2 1 1 FALSE
clock rate 9600 1 1 FALSE
int s0/0/1 1 1 FALSE

ip address 172.16.0.1 255.255.0.0 1 1 FALSE
description R2 connects towards the PC 1 1 FALSE
show running-config 1 1 FALSE

show startup-config 1 1 FALSE
show interface 1 1 FALSE
show version 1 1 FALSE
show ip route 1 1 FALSE
show flash: 1 1 :-)
3359176 33591768 1 1 FALSE
8
Running total 22 out of 22
line are set to!
en
conf t
int f0/0
ip address 192.168.1.1 255.255.255.0
no shutdown
en
conf t
int s0/0/0
ip address 10.10.10.1 255.255.255.252
no shutdown
REMOVE default settings
1 1 FALSE
hint use cmd from A44 above
Images are shortened for easy of fitting.
1 1 FALSE
1 1 0
Running total 25 out 25

I am just working through it right now, I am not finished yet
ed / adjusted by you teacher - please do not edit

Comment
Note, if student is syntax/response is TRUE then assessor removes FALSE - if incorrect - leaves FALSE and remove TRUE where applicable
:-)
hint #dir f_____ - try it on the device to see the output Ethan for next ans below:
REMOVE default settings from output!

OVE default settings

FALSE
move TRUE where applicable

Configuring the Static routing:

Ensure you fill in blank lines below: this page constitutes spot check 2
Ensure you fill in blank lines below: Note this section continues on from Spot Check 2
Configure Router – R2 LAN Interface Fast Ethernet0/1:

Enter global configuration mode
Enter Fast Ethernet configuration mode / select fa0/0
Enter the interface description – “links to ? “
Activate the interface and return to Privileged mode
Use a command to verify that Link is operational
Backup configuration to NVRAM
Configure Router – R1 with a way to reach remote destination LAN network 172.16.0.0/16
Configure a static route in reference to outgoing interface

Configure a static route in reference to next-hop address
Verify via Routing Table the newly added paths
Configure Router – R2 with a way to reach remote destination network 192.168.1.0/24

Configure a static route in reference to outgoing interface
Configure a static route in reference to next-hop interface
Verify via Routing Table the newly added paths
Test via ping R1’s reachability to PC1
Important to VERIFY the device configuration

Paste & Edit(fit to space*) R2’s Running Config in region A below:
Paste & Edit R1’s Routing Table in region below:
Gateway of last resort is not set

10.0.0.0/30 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, Serial0/0/0
S 172.16.0.0/16 [1/0] via 10.10.10.2
is directly connected, Serial0/0/0
C 192.168.1.0/24 is directly connected, FastEthernet0/0
The prefix S indicates a ___________ route *** Replace ? with your answer
23. Paste & Edit R2’s Routing Table in region below:
24. For Static Route indicates [1/0] "1" = Administrative ______________?

25. Write the modification of the sh ip route cmd to just display ONLY static routes >>>>>>
Ensure you complete the PKT Lab found in week 1 in CANVAS

n blank lines below: this page constitutes spot check 2

lines below: Note this section continues on from Spot Check 2
This column is filled / adjusted by you teacher - please do not edit

Paste Box Attempted Correct TRY AGAIN
conf t 1 1 FALSE
int f0/0 1 1 FALSE
ip address 192.168.1.1 255.255.255.0 1 1 FALSE
description Router connects to Server 1 1 FALSE
no shutdown | exit 1 1 FALSE
1 1 FALSE
write memory 1 1 FALSE
/16
ip route 172.16.0.0 255.255.0.0 f0/0 1 1 FALSE

ip route 172.16.0.0 255.255.0.0 10.10.10.0 1 1 FALSE
y to reach remote destination network 192.168.1.0/24

ip route 192.168.1.0 255.255.255.0 FastEthernet0/1 1 1 FALSE
ip route 192.168.1.0 255.255.255.0 s0/0/1 1 1 FALSE
1 1 FALSE
ping 192.168.1.11 1 1 FALSE
Command needed to display this output:

? 1 1 FALSE

1 1 FALSE

1 1 FALSE
1 1 FALSE
Total on this sheet= 22 out of 22
Running Total 47 OUT OF 47

he PKT Lab found in week 1 in CANVAS

ed by you teacher - please do not edit

Comment
3 Configuring Dynamic routing:
Configure Router – R1 with a way to advertise it's directly connected networks 192.168.1.0/16 & 10.10.10.0 to R2
Remove static route on R1 ( use ‘no’ form )
Identify the networks to advertise ( display routing table)
Call out the Dynamic routing protocol RIP
Use RIP version 2
Advertise all directly connected networks (C’s)
“ “
Disable auto summarization
Configure R2 to advertise its directly connected ntwks 172.16.0.0/16 & 10.10.10.0 using RIPv2:
Remove static route on R1 ( use ‘no’ form )
Identify the networks to advertise (display routing table)
Call out the Dynamic routing protocol RIP
Use RIP version 2
Advertise all directly connected networks (C’s)
“ “
Disable auto summarization
Display routing table
Paste & Edit(fit to space* R2’s Running Config in region A below:

3 Configuring Dynamic routing:
tise it's directly connected networks 192.168.1.0/16 & 10.10.10.0 to R2 using RIPv2:
This columns are filled / adjusted by you teacher - pl
Fill in each cmommand below in this Paste Box Attempted Correct TRY AGAIN
no ip route 192.168.1.0 255.255.0.0 FastEthernet0/1 1 1 FALSE
show route 1 1 FALSE
router rip 1 1 FALSE
version 2 1 1 FALSE
network 192.168.2.0 1 1 FALSE
1 1 FALSE
no auto-summry 1 1 FALSE
write 1 1 FALSE
ected ntwks 172.16.0.0/16 & 10.10.10.0 using RIPv2:

no ip route 172.16.0.0 255.255.0.0 192.2.2 1 1 FALSE
router rip 1 1 FALSE
version 2 1 1 FALSE
network 172.16.0.0 network 10.10.10.0 1 1 FALSE
1 1 FALSE
no auto-summary 1 1 FALSE
write 1 1 :-)
space* R2’s Running Config in region A below:

1 1 FALSE
1 1 FALSE
The prefix R in the table indicates a _____? route (fill blank _ _ _) 1 1 FALSE
The interface used to exit R2 to reach R1’s LAN is: ________? se0/0/1 1 1 FALSE
Write the extension of the sh ip route cmd to just display RIP routes - fill for ? below
sh ip route rip? 1 1 FALSE

Running Total 69 out of 69

adjusted by you teacher - please do not edit

Comment
Online Class Lab 2a - Please see Canvas for PKT and continue to fill in your eJournal
Multilayer Switch Topology:
IP Addr 172.16.100.10/24
Completing this Activity verifies your Knowledge and Skills in the following areas
- CLI modes and navigation at different levels on a Multilayer Switch & Layer 2 Switch
- Configure MLS with basic setup
- Address devices with an IPv4 scheme
- configuring intervlan routing on a MLS
- Interpreting Switch verification outputs & tables
Complete the following tasks by filling in the required command syntax for each one:
(Refer to Week 2 Lab slides to guide you on your configurations.)
1. Paste you modified Universal Configuration into each of your Switches – according hostnames in the Logical topology
2. Configure Hosts A & B with IP addresses as shown in topology.
3. Configure SVI’s as shown in VLAN/SVI table above.
4. Configure all VLANs (1. 100 & 200) on all Switches as shown in VLAN/SVI table above.
5. Configure trunks on all Switches
6. Enable IP routing & Ripv2?
MLS - Lyr3 3560 Step 3 Configure SVI’s on MLS as shown in VLAN/SVI info table above
**Paste the universal config into each switch - modify hostnames as per Logical Topology above
Enter Int vlan configuration mode /select for vlan1
Enter the IP addr and subnet mask of the interface.
Enter the interface description – “SVI for __ ? VLAN
Activate the SVI - note, state of interface is down!!

Enter the IP address and subnet mask of the interface. (Note, this is the default gateway for vlan100 hosts
Enter the interface description – “SVI for __ ? VLAN “
Activate the SVI

Enter the IP address and subnet mask of the interface. (Note, this is the default gateway for vlan200 hosts
Enter the interface description – “SVI for __ ? VLAN “
Activate the SVI - note, state of interface is down!!
Display screen capture of the interface info section from show run output on MLS
Create VLANs on MLS

Create vlan 100
name = FINANCE
Create vlan 200
name = ENGINEERING
Select vlan 1
name = MANAGEMENT
************* Notice how the Data VLAN (100 & 200 ) now become active!!!! interfaces [change state to UP!]
REMOVE ALL PORTS except fa0/24 FROM vlan 1 - (this is a BEST Practice for Security purposes!!) - show CLI
command to move all Fast Ethernet Ports to VLAN 23 - use the RANGE command to select Fa01 thourgh to 23
Display the screen capture to show vlans in Brief info below

Create the SAME VLANs on Sw1 & 2

ON Sw1 Create vlan 100
name = FINANCE
Create vlan 200
name = ENGINEERING
Select vlan 1
name = MANAGEMENT
Move all fast ethernet ports except fa0/1 into VLAN 100 ( use range cmd!)
On Sw 2 Create vlan 100

name = FINANCE
Create vlan 200
name = ENGINEERING
Select vlan 1
name = MANAGEMENT
Move all fast ethernet ports except fa0/1 into VLAN 200
ensure MLS can perform Layer 3 forwarding.

Setting up Trunks on All switches
select Gigabit ints on MLS ( use range cmd)
set trunk encapsulation to dot1q ( note this required on MLS ( layer 2/3 swtiches)
set switchport mode to TRUNK
select appropriate ports on Sw1 to trunk
-
-
-
select appropriate ports on Sw2 to trunk
-
-
-
Display in cell B95 below the trunk info and status on MLS - cmd to do this step =
notice which vlans are automatically allowed in managemnet domain
Verify connectivity
Display successful end to end conectiviy from Host 1 to Host 2
Note - pings between Sw1 & 2 Layer 2 switch are not successfully - what task is required to achieve connectivity?
ur eJournal
IP Addr 172.16.200.20/24
mes in the Logical topology
RESULT
Attempted Correct TRY AGAIN Comment
1 1 FALSE
Fill in each command below in these Paste BOXes
int vlan 1 1 1 FALSE
ip add 172.16.1.1 255.255.255.0 1 1 FALSE
description SVI for Management 1 1 FALSE
Fill in each command below in this 1 1 FALSE

ip add 172.16.100.1 255.255.255.0 1 1 FALSE
description SVI for Finance 1 1 FALSE
Paste Box

ip add 172.16.200.1 255.255.255.0 1 1 FALSE
description SVI for Engineering 1 1 FALSE
sh running-config 1 1 FALSE
Paste Box
vlan 100 1 1 FALSE
name FINANCE 1 1 FALSE
vlan 200 1 1 FALSE
name ENGINEERING 1 1 FALSE
vlan 1 1 1 FALSE
name MANAGEMENT 1 1 FALSE
1
1 FALSE
int range f0/1-f0/23
no switchport 1 1 FALSE
sh vl br
vlan 100 1 1 FALSE

vlan 200 1 1 FALSE
vlan 1 1 1 FALSE
int range fa0/2-f0/24 1 1 FALSE
switchport access vlan 100 1 1 FALSE
vlan 100 1 1 FALSE
vlan 200 1 1 FALSE
vlan 1 1 1 FALSE
int range fa0/2-f0/24 1 1 FALSE
switchport access vlan (number) 1 1 FALSE
ip route 1 1 FALSE
Paste Box
int range g0/1-g0/2 1 1 FALSE
switchport trunk encapsulation dot1q 1 1 FALSE
switchport mode trunk 1 1 FALSE
int f0/1 1 1 FALSE
int g0/1 1 1 FALSE
int f0/1 1 1 FALSE
int g0/2 1 1 FALSE
1 1 FALSE
1 FALSE
1 1 FALSE
chieve connectivity? 1 1 FALSE

Assign hostname as used in Topology above
assign enable secret = cisco
Select all possible telnet lines
use password = cisco
ensure password is used at login
Select correct int (fa0/0 or g0/0/0 –depends on router in rack
ip add 10.10.10.1 255.255.255.252
no shutdown
c. Configure IP addrs on Router0 Loopback 1 (1.1.1.1/24).
Notice that there is not need to "NO shutdown" a Loopabck interface
d. On MLS set Fa0/24 as a routed port and address to match link with Router0
Step 3: Configure RIPv2 routing on Router0 & MLS

e. create Rip instance on Router
set to version 2
disable automatic summarization of route
Advertise Network 10.10.10.0
save config to NVRAM
f. Advertise VLAN 100 & 200 and Network connecting ot router on MLS
e. create Rip instance on Router
set to version 2
save config to NVRAM
Step 4: Configure Default route on the Multilayer switch towards loopback 1

*use both methods - next hop and outgoing interface on MLS
Display evidence below of successfully connectivity between host 1 & lo1 below
Fill in each command below in this Paste BOX Attempted Correct TRY AGAIN
hostname DLS1 1 TRUE
enable secret cisco 1 TRUE
line vty 0 4 1 TRUE
password cisco 1 TRUE
login 1 TRUE
Paste Box
int g0/0/0 1 1 FALSE
ip add 10.10.10.1 255.255.255.252 1 1 FALSE
Paste Box
int loopback 1 1 1 FALSE
ip add 1.1.1.1 255.255.255.0 1 1 FALSE
Paste Box
interface FastEthernet0/24 1 1 FALSE
switchport access vlan 1 1 1 FALSE
1 1 FALSE
1 1 FALSE
Paste Box
router rip 1 TRUE
version 2 1 TRUE
no auto-summary 1 TRUE
network 10.10.10.0 1 TRUE
write memory 1 TRUE
router rip 1 TRUE

version 2 1 TRUE
write memory 1 TRUE

Paste Box
ip route 1 TRUE
1 TRUE
1 1
FALSE

Comment
t of 147
Lab 3 Online Lab - STP
Part 1: Initial Settings

S1 SVI address settings:
Name Switch S1
Address management int VLAN 1

address 192.168.1.1 mask /24
Activate interface
Name Switch S2
address 192.168.1.2 mask /24
Activate interface
Name Switch S3
address 192.168.1.3 mask /24
Activate interface
b) Setup switches for remote access:

*Note to have a Telnet session you will need the make a enable password to use telnet on all switches
Select all vty lines for telnet access

Use password cisco
Use password cisco for privilege mode access
Verify that Sw1 can telnet Sw 2

Part 2: Determine the Root Bridge
Starting with Sw1 - use show spanning-tree cmd to establish the Root Bridge) Paste output of command below:
Show the spanning tree info on S2 info – Past output below:

Show the spanning tree info on S3 info – Past output below:

Which switch is elected as the Root Bridge

This the case because this Switch has the (lowest / highest?) MAC Address
Change the Priority on one of the other switches to make it the new ROOT Bridge.
Set the value to the lowest value to make S2 the Root Bridge.
Part 3: Configure Root Bridge security – incorporate ROOT Guard

When you enable root guard on a per-port basis, it is automatically applied to all of the active VLANs to which that port belongs.
When you disable root guard, it is disabled for the specified port and the port automatically goes into the listening state.
When a switch that has ports with root guard enabled detects a new root, the ports goes into
root-inconsistent state. Then, when the switch no longer detects a new root, its ports automatically go
into the listening state. Ports that are available and used for hosts can be disconnected (unplugged) and a rogue switch
can plugged and take over the role of Root Bridge and cause many issues to the switch topology so
those ports need to be protected. You must enable root guard on all ports where the root bridge should not appear.
Place ROOT Guard Select all unused ports on Switch Sw2
select interface fa0/3 to 24

apply root guard
1. Verify port settings for ports fa0/3 to fa0/5 via show run – paste below:
Test Root guard protection by plugging a switch with a lower priority into a protected port.
Part 4: Configure RSTP

Rapid Spanning-tree protocol is based on IEEE 802.1w standard.

RSTP offers faster convergence than standard STP when changes occur in a switch topology.
*note, RSTP is applied globally to a switch.
e.g on Switch S3 the command is simply:
S3(config)# spanning-tree mode
Part 5: Configure Port Fast on Server port on S3

Use PortFast only when connecting a single end station to a Layer 2 access port.
Otherwise, you might create a network loop.
Verify and display the portfast settings for S2 host port: paste output of your show command below
Paste box
Attempted Correct TRY AGAIN
hostname S1 1 TRUE
int vlan 1 1 TRUE

ip
noadd 192.168.1.1 255.255.255.0
shutdown 1 TRUE
1 TRUE
hostname S2 1 TRUE
int vlan 1 1 TRUE
ip
noadd 192.168.1.2 255.255.255.0
shutdown 1 TRUE
1 TRUE
hostname S3 1 TRUE
int vlan 1 1 TRUE
ip
noadd 192.168.1.3 255.255.255.0
shutdown 1 TRUE
1 TRUE
Paste Box
line vty 0 4 1 TRUE
password cisco 1 TRUE
exit 1 TRUE
enable password cisco 1 TRUE
1 TRUE
1 TRUE
1 TRUE
TRUE
1
Paste Box
1 TRUE
1 TRUE
1 TRUE
1 TRUE
ich that port belongs.

stening state.
rogue switch
t appear.
1 TRUE
1 TRUE
1 TRUE
1 TRUE
1 TRUE
1 TRUE
1 TRUE
Total on this sheet= 31

Comment
out of 31
Section D – Etherchannel(PAgP) and Link Aggregation Protocol (LACP):
The process used to bundle ports together in an ethernet switch to achieve higher bandwidth is known as EtherChannel or link aggregation.
EtherChannel is a port link aggregation technology or port-channel architecture used primarily on Cisco switches.
As you can see from the figure above, etherchannel/ Link Aggregation combines the switch ports and functions it like a one link.
We need to be able to configure both types of protocols
PAgP – Cisco flavor
LACP (Link Agg Protocol – open std 802.3AD)
PAgP and LACP do not interoperate with each other. Ports configured to use PAgP cannot form EtherChannels with ports configured to use
Ports configured to use LACP cannot form EtherChannels with ports configured to use PagP
On S1's connected interfaces create a channel group - set to PagP desirable mode PASTE BOX
interface range f0/1-f0/2
channel -group 1 mode desirable
Note the mode used implies which form etherchannel is being used – this example shows the mode desirable –
indicates Cisco’s PAGP is in being used for the channel group – channel group 1
We have one of 2 options to use at the other end of the Etherchannel on Switch S2:
Fill in both options below - Modes?
select S2 interfaces ( using range cmd) int range f0/1-f0/2
set to d____________ desirable channel-group 1 mode desirable
or
select S2 interfaces ( using range cmd) int range f0/1-f0/2
set to ? channel-group 1 mode auto
S2#show the status of these interfaces– paste screen capture below:
Switch#show interface status
S2#show etherchannel summary:
LACP – Link Agg (802.3ad)

To set up the Open standard LACP we use the follow commands
Select nterface range Fa0/1 - ? int range f0/1 -2

channel-group 1 mode desirable
channel-group 1 mode ?
Note the mode used implies which form is being used – this example shows the mode active –
and that indicates Link Aggregation Protocol is in being used for the channel group – channel group 1
We have one of 2 options to use at the other end of the Link Aggregation Protocol on Switch S2:
select S2 interfaces ( using range cmd) int range f0/1-2

set mode channel-group 1 mode desirable
select S2 interfaces ( using range cmd) int range f0/1-2

set mode channe;l-group 1 mode desirable
Whether you use PagP or LACP ensure that:

All ports should be on the same speed and duplex mode.
Ports that are using for etherchannel should be in same VLAN or configured trunk.
If you make a change in port-channel, that effects all the ports connected to it !
(LACP):
nel or link aggregation.
e a one link.
ports configured to use LACP.
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE

Part 1a Set up Router1 DHCP for ephone A & B PASTE BOX

Create dhcp pool called voice ip dhcp pool voice

config the network 192.168.10.0 /24 network 192.168.10.0 255.255.255.0
Set default gateway to IP used on fa0/0 default-gateway 192.168.10.1
config option 150 using 192.168.10.1 option 150 192.168.10.1
Exclude the defoult gateway IP exclude 192.168.10.1
option
Part 1b Telephony Service configuration on R1:

Telephony-service
max phone = 2 max-phone 2
max dial nuber = 2 max-dn 2
set router fa0/0 as the ip source address using port 2000 ip source-address fa0/0 2000
auto assign 1 to 2 auto-assign 1 to 2
set dn1 dn 1
number = 1001 number 1001
select ephone 1 ephone 1
set button 1:1 button 1:1
set dn2 dn 2
select ephone 2 ephone 2
set button 1:2 button 1:2
Part 1c Configuration on SW1

Select phone port on SW1 switchport mode voice
set switchport to voice vlan 1 voice vlan 1
exit
Part 2a Set up Router2 DHCP for ephone C & D

Create dhcp pool called voice ip dhcp pool voice

Config the network 192.168.20.0 /24 network 192.168.20.0 255.255.255.0
Set default gateway to IP used on fa0/0 default-gateway 192.168.20.1
Config option 150 using 192.168.20.1 option 150 192.168.20.1
Exclude the defoult gateway IP exclude 192.168.20.1
Part 2c Telephony Service configuration on R2:

telephony-service
max phone = 2 max-phone 2
max dial nuber = 2 max-dn 2
set router fa0/0 as the ip source address using port 2000 ip source-address fa0/0 2000
auto assign 1 to 2 auto assign 1 to 2
set dn1 dn 1
(select ephone 1 - set button to 1:1)
set dn2 dn 2
(select ephone 2 - set button to 1:2)
Part 3a config Dial-Peer configuration on R1:

Create dial-peer voice - number = 1 for voip dial-peer voice 1 voip
session target ip =address on R2's int fa0/1 session target ipv4 100.100.30.2
destination-pattern use first 2 digits for remote phones destination-pattern ^[0-9]{2}$
Part 3b config Dial-Peer configuration on R2:

Create dial-peer voice - number = 2 for voip dial-peer voice 2 voice-call-appearance 2
session target ip =address on R1's int fa0/1 session target ipv4 192.168.10.1
destination-pattern use first 2 digits for remote phones destination-pattern ^1[0-9]$
Total on this sheet= 40
Running Total 232


1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 :-)
1 1 :-)
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 TRUE
1 TRUE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
out of 40
out 232
#access-list {100-199} permit/deny {tcp/udp} source IP/network Wild-card Mask destination IP/network Wild-card eq {application
Configure an Extended Numbered IPV4 ACL to Block GATEWAY router from a TFTP service to PC B on VLAN20 – Us
Fill blank in below

PASTE BOX
Q.1 What is the ACL trying to do Permit or Deny? deny tftp
Q.2 Which protocol type is involved TCP or UDP? TCP
Q.3 What is the source IP who is sending traffic 192.168.10.1
Q.4 What is the Wild card Mask for this device 0.0.0.0
Q.5 What is the destination IP who is sending traffic 192.168.20.2
Q.6 What is the Wild card Mask for this VLAN 0.0.0.0
Q.7 What is the Application port number for TFTP 69
Permit/deny? protocol suite source

Copy CLI syntax to paste into MLS1 )# 1 2 3

access-list 111 deny tftp TCP 192.168.10.1
or HOST 192.168.1.1
access-list 111 deny udp 192.168.1.0 0.0.0.255 192.168.20.20
Q.8 What is the next line required? ( remember that there’s an

hidden (implicit) deny all in every ACL .. what protocol are you
allowing through? permit ip any
Q.9 Which interface is best place ACL 111? fa0/1

Q 10 How would you assigned th ACL 111 to that interface access group 111 in fa0/1
Answer to paste in same device

Note, it is NOT possible to place the ACL 111 on Gateway as a router cannot block itself
Part 2b) Configure an Extended Numbered IPV4 ACL 199 to Block access from PC A on Vlan 10 for Telnet GATEWAY rou
Note – this is not for blocking on vty lines via standard method
Fill blank
fill in the number assigned for this Extended IPv4 ACL 199
Q.1 What is the ACL trying to do Permit or Deny deny
Q.2 Which protocol type is involved TCP or UDP TCP
Q.3 What is the source IP who is sending traffic 192.168.10.1
Q.5 What is the destination IP who is sending traffic 192.168.10.1
Q.7 What is the Application port number for Telnet 23
Ans: to paste in device No. Permit/deny protocol suite

1 2 3
access-list 199 deny TCP
Copy and paste this syntax
access-list
into Gateway
199 deny Rtr
tcp 192.168.1.1 0.0.0.255 192.168.10.2 0.0.0.255 eq 23
PASTE BOX
Q.8 What is the next line required? (Remember that there’s an

hidden (implicit) deny all in every ACL what protocol are you
allowing through? access-list 199 permit ip any any
Q.9 Which interface is best place ACL 199? fa0/1
Q 10 How would you assigned th ACL 199 to that interface access-group 199 in fa0/1
Q11. how would you assign this ACL to VTY lines? line vty 0 15
rk Wild-card eq {application /port number}

to PC B on VLAN20 – Use ACL number 111
1 1 :-)
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
Wild/card Mask Destination Wild/card MasPort No

4 5 6 7
0.0.0.0 192.168.20.2 0.0.0.0 69 Correct
ST 192.168.1.1 or HOST 192.168.20.20
92.168.1.0 0.0.0.255 192.168.20.20 0.0.0.255 eq 69
1 1 FALSE
1 1 FALSE
1 1 FALSE
for Telnet GATEWAY router via its G0/1 interface
1 1 :-)
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
source Wild/card Mask Destination Wild/card Mask Port No

4 5 6 7 8
192.168.10.1 0.0.0.0 192.168.10.1 0.0.0.0 23
255 eq 23
1 1 FALSE
1 1 FALSE
1 1 FALSE
FALSE
1 1
Part 1 Completed Running Total 254 /out of 254

PART 2 start now: IPv6 Access Control Lists:
Device Interface IPv6 Address/Prefix Default Gateway

Server3 NIC 2001:DB8:1:30::30/64 FE80::30
Part 1: Configure, Apply, and Verify an IPv6 ACL
Logs indicate that a PC on the 2001:DB8:1:11::0/64 network is repeatedly refreshing the

Denial-of-Service (DoS) attack against Server3. Until the client can be identified and clea
you must block HTTP and HTTPS access to that network with an ACL.
Step 1: Configure an ACL that will block HTTP and HTTPS access.
Configure an ACL named BLOCK_HTTP on R1 and complete the following statements.
a. Block HTTP and HTTPS traffic from reaching Server3.

R1(config)# ipv6 access-list BLOCK_HTTP____________________________________
R1(config)# ____________________________________
R1(config)# ____________________________________
b. Allow all other IPv6 traffic to pass.
R1(config)#_______________________
Step 2: Apply the ACL to the correct interface.
Apply the ACL on the interface closest the source of the traffic to be blocked.
R1(config)___________________________
R1(config-if)# _____________________________
int s0/0/0 ipv6 traffic-filter BLOCK_HTTP out
Step 3: Verify the ACL implementation.
Verify the ACL is operating as intended by conducting the following tests:

∙ Open the web browser of PC1 to http:// 2001:DB8:1:30::30 or https://2001:DB8:1:30::30. The website
∙ Open the web browser of PC2 to http:// 2001:DB8:1:30::30 or https://2001:DB8:1:30::30. The website
∙ Ping from PC2 to 2001:DB8:1:30::30. The ping should be working
Part 2: Configure, Apply, and Verify a Second IPv6 ACL

The logs now indicate that your server is receiving pings from many different IPv6
addresses in a Distributed Denial of Service (DDoS) attack. You must filter ICMP ping requests to your server.
Step 1: Create an access list to block ICMP.
Configure an ACL named BLOCK_ICMP on R3 with the following statements:
a. Block all ICMP traffic from any hosts to any destination.

R3(config-if)# ____________________
R3(config-if)# ____________________
b. Allow all other IPv6 traffic to pass.

R3(config-if)# ____________________
Step 2: Apply the ACL to the correct interface.
In this case, ICMP traffic can come from any source. To ensure that ICMP traffic is blocked
regardless of its source or changes that occur to the network topology, apply the ACL closest to the des
closest to the destination(Server3).
R3(config-if)# ____________________
R3(config-if)# ____________________
int s0/0/1 ipv6 traffic-filter BLOCK_ICMP int
Step 3: Verify that the proper access list functions.
a. Ping from PC2 to 2001:DB8:1:30::30. The ping should fail.

b. Ping from PC1 to 2001:DB8:1:30::30. The ping should fail.
Open the web browser of PC1 to http:// 2001:DB8:1:30::30 or https://2001:DB8:1:30::30. The website sh
//week 8
IPv6IP tunnel
IPv6IP PKT – all IPv4 addressing, partial IPv6 addressing, RIPv2 & RIPng is preconfigured
An IPv6 address is manually configured on a tunnel interface, and manually configured IPv4 addresses
On Router R1
Paste Box
interface ________
tunnel source __________ use the label of serial interface on R1
tunnel destination _______ ipv4 address of the other end of tunnel at S0/0/0
ipv6 address __________ IPv6 address at R1’s end2009::?/64
tunnel mode _________ ipv6ip
below command is done in the tunnel
ipv6 rip_____? enable ( enable RIPng Process called tunnelv6
On Router R3
interface tunnel 0 Paste Box
tunnel source __________ use the label of serial interface on R3
tunnel destination _______ ipv4 address of the other end of tunnel at S0/0/1
ipv6 address __________ IPv6 address at R1’s end2009::?/64
tunnel mode _________ ipv6ip
ipv6 rip _____?enable ( enables RIPng Process called tunnelv6)

s repeatedly refreshing their web page causing a

t can be identified and cleaned,
an ACL.
llowing statements.
Paste Box
ipv6 access-list BLOCK_HTTP 1
1
deny tcp any host 2001:DB8:1:30::30 eq 443 1
1
cked.
int g0/? 1
ipv6 traffic-filter BLOCK_HTTP ___? 1
s:
001:DB8:1:30::30. The website should appear.
001:DB8:1:30::30. The website should be blocked
ACL
Pv6
MP ping requests to your server.
ments:
ipv6 access-list ________? 1

deny icmp any host 2001:DB8:1:30::? 1
permit 1
MP traffic is blocked
pply the ACL closest to the destination(Server3).
int 1
ipv6 traffic-filter BLOCK_ICMP ? 1
01:DB8:1:30::30. The website should display.

ng is preconfigured
ally configured IPv4 addresses are assigned to the tunnel source and the tunnel destination. The host or device a
HINTS
1
serial interface on R1 1
the other end of tunnel at S0/0/0 1
R1’s end2009::?/64 1
1
HINTS
serial interface on R3 1
the other end of tunnel at S0/0/1 1
R1’s end2009::?/64 1
1
Running Total
###
TRUE
1 FALSE
1 FALSE
1 FALSE
1 FALSE
1 FALSE
1 FALSE
1 FALSE
1 FALSE
1 FALSE
1 FALSE
. The host or device at each end of a configured tunnel must support both the IPv4 and IPv6 protocol stacks. We c
1 FALSE
1 FALSE
1 FALSE
1 FALSE
1 FALSE
1 FALSE
1 FALSE
1 FALSE
1 FALSE
1 FALSE
1 FALSE
22 /22
6 protocol stacks. We create the tunnel at the interface level

IPv6 EIGRP v3 - Topology
Part 1 Open PKT file - Configuring Basic EIGRP fo
Configure IPv6 addresses according to Address Table (hint copy
Part 2 Configure EIGRP for IPv6 Routing
Step 1 Enable IPv6 routing on the routers.

Fill BOX
ON R1 configure ipv6 unicast routing ipv6 ________-_________
Step 2 Assign a router ID to each router & Enable EIGRP for IPv6 routing on each router
To begin the EIGRP for IPv6 routing configuration process, issue the ipv6 router eigrp 1 command, where 1 is the AS number.
ipv6 router eigrp ?
EIGRP for IPv6 requires a 32-bit address for the router ID. Use the eigrp router-id cmd followed by the router ID in the router configuration m
R1
R2
R3
Step 3 Configure EIGRP for IPv6 using AS 1 on the Serial and Gigabit Ethernet interfaces on the routers.
Issue the ipv6 eigrp 1 command on the interfaces that participate in the EIGRP routing process. The AS number is 1 as assigned in Step 2. T
Repeat for R2 and R3

do undebug all
NOTE as you assign EIGRP participating interfaces on R2 and R3. You will see neighbor adjacency messages as interfaces are added to the EIGRP routing process. T
R1(config-if)#
*Apr 12 00:25:49.183: %DUAL-5-NBRCHANGE: EIGRP-IPv6 1: Neighbor FE80::2 (Serial0/0/0) is up: new adjacency
*Apr 12 00:26:15.583: %DUAL-5-NBRCHANGE: EIGRP-IPv6 1: Neighbor FE80::3 (Serial0/0/1) is up: new adjacency
Fill in below
What address is used to indicate the neighbor in the adjacency messages?
%DUAL-5-NBRCHANGE: IPv6-EIGRP 1: Neighbor FE80::290:21FF:FEE7:256D (Serial0/0/1) is up: new
Verify end-to-end connectivity. ping all locations – Troubleshoot if unsuccessful!!!pings do work
Part 3 Verify EIGRP for IPv6 Routing
Step 1 Examine the neighbor adjacencies.
On R1, issue the show ipv6 eigrp neighbors command to verify that the adjacency has been established with its neighboring routers. The link-local addresses of the nei
Display ipv6 eigrp neighbors below: show ipv6 eigrp neighbors sh ipv6 eigrp neighbors
FE80::2
Step 2 Examine the IPv6 EIGRP routing table.
Use the show ipv6 route eigrp command to display IPv6 specific EIGRP routes on all the route
Display below: sh ipv6 route D sh ipv6 route

What does the [90 / represent for each route?

90 indicates the________________-?
Step 3 Examine the EIGRP topology.

Display the ipv6 eigrp topology on R1 sh ipv6 eigrp topology
via Connected, Serial0/0/1

What can you conclude from the comparison?
EIGRP lists two paths with equal AD/FD out of each serial port for one destination
Step 4 Verify the parameters and current state of the active IPv6 routing protocol processes.
Issue the show ipv6 protocols command to verify the configured parameter. From the output, EIGRP is the configured IPv6 routing protocol with 1.1.1.1 as the router ID
do sh ipv6 protocols
Part 4 Configure and Verify Passive Interfaces
A passive interface does not allow outgoing and incoming routing updates over the configured interface. The passive-interface interface command causes the router to
Step 1 Configure interface G0/0 as passive on R1 and R2.
for R1 under EIGRP IPv6

use passive interface on LAN port

use passive interface on LAN port
Verify the passive interface configuration. Issue the show ipv6 protocols command on R1 and verify G0/0 status
Display passive interface setting below:
Step 2 Configure the G0/0 passive interface on R3.

If a few interfaces are configured as passive, use the passive-interface default command to configure all the interfaces on the router as passive. Use the
A. Configure all interfaces as passive on R3.
use passive interface on LAN port ipv6 router eigrp 1
passive-? g0/?
B. After you have issued the passive-interface default command, R3 no longer participates in the routing process. What command can you use to verify it?
R3# show ipv6 route do sh ipv6 route
C. Configure the serial interfaces to participate in the routing process.
for R3 under EIGRP IPv6 ipv6 router eigrp 1

Remove passive interface setting on R3 serial ports no passive-interface s0/0/?
no passive-interface s0/???
D. The neighbor relationships have been established again with R1 and R2. Verify that only G0/0 has been configured as passive.
R1# show ipv6 eigrp topology

R2# show ipv6 eigrp topology
This sheet out of
Running Total
Topology
Device Interface IP Address Default Gateway

2001:DB8:ACAD:A::1/64
R1 G0/0 FE80::1 link-local N/A
2001:DB8:ACAD:12::1/64
Router ID 1.1.1.1 S0/0/0 (DCE) FE80::1 link-local N/A
2001:DB8:ACAD:13::1/64
S0/0/1 FE80::1 link-local
2001:DB8:ACAD:B::1/64 N/A
R2 G0/0 FE80::2 link-local
2001:DB8:ACAD:12::2/64 N/A
Router ID 2.2.2.2 S0/0/0 FE80::2 link-local
2001:DB8:ACAD:23::2/64 N/A
S0/0/1 (DCE) FE80::2 link-local
2001:DB8:ACAD:C::1/64 N/A
R3 G0/0 FE80::3 link-local
2001:DB8:ACAD:13::3/64 N/A
Router ID 3.3.3.3 S0/0/0 (DCE) FE80::3 link-local
2001:DB8:ACAD:23::3/64 N/A
S0/0/1 FE80::3 link-local N/A
PC-A NIC 2001:DB8:ACAD:A::3/64 FE80::1
PC-B (pc1) NIC 2001:DB8:ACAD:B::3/64 FE80::2
PC-C NIC 2001:DB8:ACAD:C::3/64 FE80::3
ng Basic EIGRP for IPv6
dress Table (hint copy & paste!)
or IPv6 Routing
1 1 FALSE
1 1 FALSE
router configuration mode. Next enable the process globally
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
s assigned in Step 2. The configuration for R1 is displayed below as an example.
0 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
e EIGRP routing process. The messages on R1 are displayed below as an example.

1 1 FALSE
(Serial0/0/1) is up: new adjacency
-local addresses of the neighboring routers R2 is FE80::2 and R3 is FE80::3 are displayed in the adjacency table.
1 1 FALSE
1 1 FALSE
or each route?
1 1 FALSE
1 1 FALSE
ith 1.1.1.1 as the router ID for R1. This routing protocol is associated with autonomous system 1 with three active interfaces: G0/0, S0/0/0, and S0/0/1.
1 TRUE
mand causes the router to stop sending and receiving Hello packets over an interface.
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
uter as passive. Use the no passive-interface interface command to allow EIGRP Hello messages in and out of the router interface.
1 1 FALSE
1 1 FALSE
se to verify it?
1 1 FALSE
1 1 FALSE
1 1 :-)
1 1 FALSE
34 34
nning Total 56 out of 56

Uneven Load Balancing – using EIGRP Variance
Configure Eigrp v2 using Autonomous System number 1 so all networks are reachable across the network.
Router1
router eigrp 1
network 10.10.1?.? 0.0.0.? (wildcard mask)
network 1.1.?.? 0.0.0.? (wildcard mask)
network 4.4.?.? 0.0.?.3 (wildcard mask)
Repeat this process on all other routers

2. Ping to each destination to ensure successful connectivity between loopback interfaces. Are pings successful? _ ????
3. Display routing table on Router1 for eigrp routes specifically – Router1#sh ip ? ?

Paste output below (without legend):
4a. How many destinations are using equal load balancing:

4b. Which out-going interfaces are being used?
4c. What is the metric value 3712000 which represents the _____________ Distance to network 4.4.4.0
not sure if metric value is correct. to what is wanted. to match variance would be applied i think
5.. Set the bandwidth on both serial interfaces on the 4.4.4.0 network to 800 kbps
on S0/0/0
set Bandwidth to required setting
on S0/0/1
set Bandwidth to required setting
6. Display the routing table on Router 1 for eigrp routes specifically – Router1#sh ip r_____ e____
Paste the output below (without legend):
[90/3840000] via 4.4.4.2, 00:02:19, Serial0/0/1
7. Now how many destinations are being used for the network?
7a. Display the Topology Table – command equals sh ip eigrp topology and display output below:
Which command display the variance value currently used by Router1 for eigrp? answer: sh ip p________?
Variance is currently set to?
8. Change Eigrp variance from the default value 2 on Router1

1. Router eigrp ? 2. V_________________ ____?
ance
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
??
1 1 FALSE
Fill below!
1 1 FALSE
s0/0/? and s0/0/? 1 1 FALSE
Total Distance ? 1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
Fill Below
1 1 FALSE
sh ip eigrp ? 1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
This sheet out of 18 18

Configuring Basic OSPFv3 in a Single Area
Part 1: Configure OSPFv3 Routing on R1, R2 and R3.
Use the following requirements to configure OSPF routing on all three routers:
- Enable IPv6 routing ipv6 unicast-routing
- Process ID 10
- Router ID for each router: R1 = 1.1.1.1; R2 = 2.2.2.2; R3 = 3.3.3.3
- Enable OSPFv3 on each router interface
Insert the correct commands to complete Part 1:

R1
enable IPv6 routing
create proces number 10
Router ID = 1.1.1.1
select int g0??
activate ospf
select s0/?/?
activate ospf
select s0/?/?
activate ospf
R2
enable IPv6 routing Ipv6 unicast-routing
create proces number 10
Router ID = 1.1.1.1
select int g0??
activate ospf
select s0/?/?
activate ospf
select s0/?/?
ipv6 ospf 10 area ?
R3
ipv6 unicast-routing
Step 2: Verify OSPF routing is operational with the other two routers. Verify the routing table has a route to every network in the topology.
Each PC should be able to ping the other two PCs. Paste ipv6 routing table for each router below:
R1 R2
C 2001:DB8:CAFE:1::/64 [0/0]
R3

1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 TRUE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 TRUE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
work in the topology.
R2
1 1 FALSE
1 1 FALSE
1 1 FALSE
Running Total 104 /104

Muli-Area OSPF Set up OSPF for IPv4 - Fill in
Setup ospf as per areas shown on the topology and setup the routers with the router id shown on the topology.
OSPF set up on Router - Tom Paste Box
state the OSPF process id = ? router ospf ?
State ROUTER ID = 10.10.?.? router-id 10.10.?.?
Complete network statements to advertise:
netwk 192.168.1.0 0.0.0.255 area ? network 192.168.1.0 0.0.0.255 area ?
netwk 215.1.?.? 0.0.0.255 area ? network 215.1.1.0 0.0.0.? a_____ ?
Repeat same method on the other 2 routers:

On router Paul Paste Box
Configuration the OSPF process id = ?
State ROUTER ID =
Complete network statements with Wild card / to advertise:
netwk 192.168._._ ).0.0.?.? area ?
netwk 192.168.?.0 "" """ ????
On router Amada Paste Box

state the OSPF process id = _____
State ROUTER ID = ________
Complete network statements with CIDR / to advertise:
netwk _________
netwk ________
Note, Routing Table will not show remote networks until a OSPF virtual link is configured
Create virtual link: Setup a virtual link so that PC0 and

PC1 can get a IP addr from DHCP server (220.100.100.0) in OSPF area 2
Which area separates area 0 from area 2 ? Area 1
from ABR – Area Border Router Tom in area ? which router (id) connects to area 2 = Amanda’s router id 30.30.30.?
Therefore to configure Tom with other end of the virtual link
area ? virtual-link 30.30.30.?
for paul router ^

Which area separates area 0 from area 2 ? = area 1 = fill 3.
from ABR – Area Border Router Amanda in area 2 which router (id) connects to area 0 = Tom fill 4. with Tom’s router id 10.10.10.1
Therefore to configure Amanda with the other end of the virtual link
3. area 1 virtual-link 4. 10.10.10.1

for amanda router ^
Now check routing tables – look for the O IA entries - Test – so see if all end devices can ping each other - if not then troubleshoot
show table below:
up OSPF for IPv4 - Fill in blanks and cmd syntax and paste into PKT on each router
Attempted Correct TRY AGAINComment
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
0.10.1
oot
1 1 FALSE
This sheet out of 16 out of 16

WEEK 13 HSRP
In the activity, R1 is the current gateway router at 192.168.1.2.

Your task is to configure a virtual IP address on both router R1 and R2 G0/0 interfaces. You will configure R1 as
Once that is done you will change the default gateway address on PC-A to the new virtual IP address and test.
1. Configure router R1 G0/0 interface with the following hot standby attributes & fill paste box below:
Paste Box
Select interface G0/0
Create HSRP group one (1) with VIP =
Set HSRP priority =
Set R1 to regain Active role when it recovers standby 1 p______?
track interface g0/1 standby 0 track g0/?
2. Configure router R2 G0/0 interface with the following hot standby attributes:
Paste Box
a. Create HSRP using the same group number & VIP = ________
b. leave HSRP priority = ______ (this is the defailt value)
3. Change the default gateway on PC-A to 192.168.1.1 – apply test pings
3.a Verify HSRP status on R1 & R2 – using show standby brief - Paste output below.
note
R1 R2
4. Disable either of the Ethernet link to R1 and test to see if you can still ping the ISP. 1. xxx# config t
select int int g0/?
turn it off sh______?
Are pings from PC0 still successful? shorten to fit below:
4a . Verify HSRP status on R1 & R2 – using show standby brief :

R1
5. Analysis & Reflection:

5a. What has happened to the Priority level on R1 HSRP setting? The priority has been lowered to 105?
5b. While R1 int g0/0 is shutdown why is the Standby unknown? They are not communicating via switches
6. From PC-A Apply an continuous ping to Edge Router
as follows: C:\> ping -t 192.168.2.2 keep window open and in view - now re-activate R1’s int g0/0 (no shut).
Display evidence below:
is seen below is the full ping and trace
Notice that a short delay as R1 retakes the role as Active due to the use of PREEMPT
u will configure R1 as the active router and R2 as the standby.

P address and test.
Paste Box
1 1 FALSE
1 1 FALSE
1 1 FALSE
? 1 1 FALSE
0/? 1 1 FALSE
Paste Box
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 TRUE
iority has been lowered to 105? 1 TRUE
1 TRUE
0 (no shut).
1 TRUE

Running Total: 138 /138

PPP & 2 Way Route Re-distribution

Download the Online eJournal Lab to enter and test your configurations!
1. Configure the network with EIGRP AS 20 and OSPF 20 Area 0 and setup 2 way route redistribution between the Autonom
Show the command sequence to complete each task in PASTE box below:
Begin by setting up OSPF
ON Rtr LONDON PASTE Box
router ospf ??
router-id = 4.4.4.4
advertice WAN netwk in area 0

advertice LAN netwk in area 0
stop ospf update sent to the LAN network
On Rtr Germany
router ospf ??
router-id = 3.3.3.3
advertice WAN netwk in area 0 network 32.0.0.0 0.0.0.3 area ?
Display routing table of ONLY OSPF routes on Germany
2. Next setup EIGRP 20

On GERMANY set up EIGRP (note it only 1 route to advertise : PASTE Box
router eigrp ?? ipv6 needs no shut
router-id = 2.2.2.2
Advertise Germays WAN network
On ITALY set up EIGRP (note it only 2 C'' route to advertise :
router eigrp ?? router eigrp 2_?
router-id 5.5.5.5
Advertise Italy's WAN network connectjng Germany
Advertise Italy's WAN network connectjng India
On Indian set up EIGRP (note it only 2 C'' route to advertise :
router eigrp ??
router-id 6.6.6.6
Advertise Indian's WAN network connectjng Italy
Advertise Indian's LAN network

Display routing table of ONLY EIGRP route on Italy
italy#sh ip route e
36.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
D 196.10.20.0/24 [90/2172416] via 36.0.0.6, 00:01:57, Serial0/1/0
Set up Germany to be able redistribute the OSPF route into the EIGRP autonomous system
router eigrp ?? router eigrp 2?
redistribute ospf ?? metric _____ __ ___ _ ___ Use Default? redistribute ospf ? metric ? ? ? ? ?
Set up Germany to be able redistribute the EIGRP routes into the OSPF autonomous system
router ospf ??
redistribute eigrp ? s____________
2. Setup CHAP authentication ONLY between Germany and London router.

Show the command sequence to complete this task below:
GERMANY:
Set username as your name & password as your class name XXXX. username London password xxxx
select Germany Wan interface connecting to London

replace the HDLC wan encapsulation with PPP
enforce ppp authentication chap
LONDON:
username Germany password ethan username Germany password xxxx
select London Wan interface connecting to London int s0/1/?

replace the HDLC wan encapsulation with PPP encap ???
enforce ppp authentication chap ppp au____ _____?
Ping from Germany to London to verify PPP connectivity
3. Test that PC0 and PC1 can get to the web server
by using the URL address. if not then troubleshoot
This sheet total of
Total for Part 2:

END of eJournal - ensure you have SHARED this document with your C
tion between the Autonomous Systems.

FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 TRUE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
1 1 FALSE
This sheet total of 33 out of 33
r Part 2: 171 out 171

ent with your CLASS TEACHER & checked each lab is filled in Part 2
in Part 2
**** The following tabs are linked to the rest of your eJournal - please add notes to aid your in
INDEX TOPIC
A B C D E F G H I J K L MN O P Q R S T U V W
A
Address (valid/usable)
Addressing Ethernet Interface
Addressing Serial Interface
Administrative Distance
Autonomous System
Autonomous System Number
B
Banner [MOTD]
Binary Number Syst
BPDU
Broadcasts
C
CIDR/
Cables
CLI
Clock
Clock rate
Configure Terminal
configure-register
Console
D
Debug
DHCP
Do
E
enable
erase STARTUP-CONFIG
exit
F
FLASH
H
hostname
I
Interface
InterVLAN Routing
IPv4
IPv6
J
K
L
LAN
line console 0
line vty 0 - ?
Loopback
M Modes
O
OSI ( Open System Interconnect Model)
P
PING (ICMP)
PDU (Protocol data unit)
Privilege (mode)
Protocols
ROUTERS
Routes/Routing TABLE
S RIP Routing
Serial
SHOW
Subnetwork
Star topology
STP - Spanning-Tree Protocol
Straight thru cable
T
SWITCHES
Switch installation
TCP model
TCP protocol
Telnet
Topologies
Tracert (Traceroute)
Trunks
UDP
Unicast Address
User (mode)
V
VOIP phone
W
WAN
Wirelesss
Wireless Router
e add notes to aid your in your

Binary Number System : only uses 0's & 1's - indicating if a BIT (Binary digiT is set to ON or OFF and thus is Based 2 state sy
Important to note the BINARY sequence as shown below (highted in Blue of standard 8 bit patt
We can see that this sequence DOUBLES up from the L.S.B lest significant bit 1 (2^0)
We use the column weights to build number in binary which represent Decimal numbers - ideal fo
2^7 2^6 2^5 2^4 2^3 2^2 2^1 2^0
1024 512 256 128 64 32 16 8 4 2 1
0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 1
0 0 0 0 0 0 1 0
0 0 0 0 0 0 1 1
0 0 0 0 0 1 0 0
0 0 0 0 0 1 0 1
0 0 0 0 0 1 1 0
0 0 0 0 0 1 1 1
0 1 0 0 0
0 1 0 0 1
0 1 0 1 0
0 1 0 1 1
0 1 1 0 0
0 1 1 0 1
0 1 1 1 0
0 1 1 1 1
1 0 0 0 0
1 0 0 0 1
1 0 0 1 0
1 0 0 1 1
1 0 1 0 0
1 0 1 0 1
1 0 1 1 0
1 0 1 1 1
1 1 0 0 0
1 1 0 0 1
1 1 0 1 0
1 1 0 1 1
1 1 1 0 0
1 1 1 0 1
1 1 1 1 0
1 1 1 1 1
1 0 0 0 0 0
1 0 0 0 0 1
0 0 0
0 0 1
0 1 0
1
1 0 0 0 0 0 0 0
1 1 1 1 1 1 1 1
d thus is Based 2 state system
ue of standard 8 bit pattern
t bit 1 (2^0)
ecimal numbers - ideal for IP addressing
DecimaM (mim's) 10^3 10^2 10^1 10^0
Combo 1000 100 10 1 Combinations
= 0 0 No. of Bits How many rows!
= 1 2 1 1 2
= 2 2 2 4
= 3 4 3 3 8
= 4 4 4 16
= 5 5 5 32
= 6 6 6 64
= 7 8 7 7 128
= 8 8 8 256
= 9 9 9 512
= 10 1 0 10 1024
= 11 1 1 11 2048
= 12 How to convert from Binary to Decimal
= 13 13 = 1 lot of 8 + 1 lot of 4 + 0 lots of 2 1 lot of 1
= 14
= 15 16
= 16
= 17
= 18
= 19
= 20
= 21
= 22
= 23
= 24
= 25
= 26
= 27
= 28
= 29
= 30
= 31 32
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
255
CABLING & HARDWARE
CABLING /Media
Wireless Cableless
Ethernet CAT 5 CAT5e CAT6e
Serial Smart Serial cables (DCE to DCE)
CONSOLE
Light blue cable is called a console cable Used to initally configure a network device ( Rtr & sw)
Console cable (light blue) Connect to a Console Port on Routers and Switches - from a USB(ada
This type of connection is known as OUT of BAND - because it does n
Switch Operates a layer ____ of the OSI Model
24 fast Ethernet Port PLUS 2 Gigabit E

Bandwidth 100 Mbps
Switch installation
Cabling is far enough from sources of electrical noise
Air flow
Control Temp
Moisture
HWIC-2T image:
Serial interface Slot
HWIC-2T image:
HWIC-2T WAN card inserts here into slot 0 (Zero)

recognised as S0/0/0 or 1
Console port
Routers
Perform at Layer ____ of the OSI model

PDU - Protocol Data Unit = __________________
FLASH Router & witch component - that store Operating System
View version sh flash:
NVRAM
WIRELESS Router Operate at Layer 1 to 3 - because it is a 3 in 1 =
ICON
Protocol Uses 802.11 a

b
g
n
ac
ae Linksys - WRT300N series router
End Device? Integrated with a _______________
VOIP phone Operate at Layers 1 to ?- because it is a _____________________

•Wireless(sends electromagnetic waves)
Metal wires– Copper cable (sends
? Glass or plastic – Fibre/Optical cable (send

vice ( Rtr & sw)
ches - from a USB(adapted Serial RS232 COM type connection)
ND - because it does not use the data network
Console port is often found at the back of device
t Port PLUS 2 Gigabit Ethernet Uplinks

1000mbps
ole port
to 3 - because it is a 3 in 1 = Router, Switch and wireless AP
ISR – Integrated Service Router
Blue Port route module for internet access/(WAN),
Yellow ports 4 Switch ports for hard wired connections (non-wireless links)
d with a ______________________?
a _______________________
s electromagnetic waves)
Copper cable (sends electrical pulses) •
– Fibre/Optical cable (sends light pulses)

CONCEPTS Details
A represents the Trustworthiness of a route - where the lowest value (0) is best - router compare
Administrative Distance[AD] value to decide which route method goes into the Routing table
Directly connected networks have an AD equal to 0 (zero)

Static routes have an AD = 1
EIGRP routes = 90/170
OSPF route = 110
RIP = 120
Autonomous System - governed by an administration

Autonomous System Number it identifies _________________
B
Broadcast Hosts and Switches create Broadcast Traffic ( Routers will not!)
An ARPa (Address
When Resolution
Switch MAC addressProtocol)
table doesis initated
not holdby Hostsfor
lookup to aHosts
host to discover the
destination MACUNKNOWN MAC (physical) Address
that Switch
will Broadcast traffic out all ports to seek the unknown destination
A Broadcast MAC address = FF-FF-FF-FF-FF-FF
CLI Abrev' Command Line Interface - Text driven environment found on Routers & Switches
C
Command
Command Prompt
D
E
I
IP
ISP Internet Service Provider ( Telstra - Optus etc
J
K
L
LAN Local Area Network Image
SMALL scale network = LAN
commonly connected via a Switch
or Wireless Router (ISR)
M
Media ( See Cabling)
NVRAM Store the ___________________ configuration - known as Backup config file

N
OSI ( Open System Interconnect Model) = 7 layer model that describe each level of network activities as per traffic sent and rece
O Layer
7A=
6P
5S
4T
3N
2D
1P
P Protocol Rule for Behaviors
Router
Router on a Stick
Using a physical interface to spilit it into sub-interfaces which act a gateway (default-gateway) for
for each vlan - 4 vlnas = 4 subinterfaces
Also see vlan -
int fa0/0 - no shut - int fa0/0.1 , int fa0/0.10 etc - need dot1q encapsulation to tag vlan
S
TCP Protocol TCP operates at the Transport layer of the OSI /TCPmodel.
Used commonly by traffic crossing the internet - Reliable and
TELNET Used for remote access
T Topology/Topologies 2 types -
1. Physical topology image
TCP Model Def: 4 Layer NETWORK Model - like OSI - describes Protocols and behaviours at each level as traffic flow to and from a sender to
Layr 4:Application -3: Transport -2: Internetwork - 1: Network Access
2. Logical IMAGE of Logical Topology

Logical Topology
Should show:
Device names
PORTS used
IP Network Addresses
Tracert
UNICAST Address
UDP Def: User Data P

- STEAMING traffic commonly used by TFTP & gamers - IP phones/comm - DNS lookup
U Multiple messages are sent continuously until transmission ends.
TCP is connection oriented – once a connection is established, data can be sent bidirectional. UDP is a simpler, connectionless Internet protocol.
VLAN Def: Created on Switches to form separation of LANs viitrually - needs a router/route processer (MLS)
to allow one VLAN to communicate with another vlan
V
W
WAN Wide Area Network spans cities - states - countr
WIRELESS Traffic is carried of airways/ space as radio frequency

Used by Blue Tooth, Mobile phone and Personal devices- Laptops - Ipad - etc
MAC (physical) Address
Switch
es as per traffic sent and received

flow to and from a sender to receiver
IMAGE of Logical Topology

onless Internet protocol.
spans cities - states - countries - space
Command SYNTAX (full) Abbreviated Device Details
Note - you can copy paste in cmd syntax on Routers & Switches
D
Debug ip packets Router
Debug ip rip Router
DNS Router Domanin Name Service - to lookup and translate URL - e.g Google.com to a IP ad
E
enable Rtr & Sw Command typed at the user mode to move into PRIVILEGE mode
J
K
L Line console 0 is used for the direct access
Line console 0 lin con 0 Routers & Switches to a device via a console cable connection
password cisco pas cisco It should be password protected!
login login
M
R
router rip router RIP uses Hopcount to decide which path to take to a destination
AD = 120
S
Show sh Routers & Switches Use by default at the Privilege mode
T
Telnet
Tracert Rtr & Sw

U Traceroute PC
V
- e.g Google.com to a IP address:172.217.25.142
LEGE mode
Light blue cable is called a console cable

IP Addressing
IP = Internet Protocol IPv4= IP address that is represented in 32 Binary bits
= Dotted Decimal number X.X.X.X e.g 192.168.1.2
2* - two main functions: host or network interface identification and location addressing.
MAS- sometimes called subnet Mask ALWAYS accompany an IPv4 address
= also represented in 32 Binary bits and is Dotted Decimal number
e.g 192.168.1.2 255.255.255.0
Recognising IPv4 CLASSES A if the first eight bits(byte/octet) describes a number between 1 and 127 it is deemed class A
and it has a Network / Host structure N.H.H.H
B if the first byte describes a number between 128 and 191 it is deemed class B and it has a Network / Host structur
C if the first byte describes a number between 192 and 223 it is deemed class C and it has a Network / Host structur
This structure relates to the Network Mask written as 255 for every Network portion
Class A N.H.H.H is 255.0.0.0 * note by default CLASS A has only one portion set for Network - thus on on lot of 255' is se
Default Gateway The def-gateway is found on Routers - in particular, it relates to LAN ( Local Area Networks)
Public IP number
Private IP Starts 10 .x.x.x All private addresses can not carry in internet - they BANNED - not allowed ISPs
Starts 172 16-31.x.x
Starts 192.168.x.x Inputs OUTPUT
A B
ANDing The Boolean function 0 0 0

Series Circuit 0 1 0
1 0 0
A B ? 1 1 1
Network Mask the Network Mask is indicated by placing 1's in the Network(portion) - 8bits
Subnet Mask N.H.H.H255.0.0.0
N.N.H.H255.255.0.0
N.N.N.H255.255.255.0
N
CIDR / /8 - 8 NETWORK bit nnnnnnnn[Default Class A]
/16 - 16 NETWORK bit nnnnnnnnnnnnnnnn Class B
/24 - 2?
a Network / Host structure N.N.H.H
a Network / Host structure N.N.N.H
k - thus on on lot of 255' is seen in the mask

S4013588 Networking2 eJournal

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

S4013588 Networking2 eJournal

Uploaded by

Copyright:

Available Formats

Welcome to your Networking 2 eJournal ( this is Assessed!

) Note, this is weighted at 15/1

Part 1 Score 254254

CLI navigation Commands for Routers/Switches

Ctrl A – move cursor to beginning of the line

There's a lot more to the CLI than you think!

Router # show history

Enter Privileged Exec Mode (from User-Exec mode)

de and returns to Exec mode

include Displays output lines that contain the regular expression.

default display of previous 10 commands entered at CLI

sh run | begin int

p device translating input errors (shwo)

s console messages over-writing your CLI(cmd) input

Enter interface configuration mode /select s0/0/0

Activate the interface

Display contents running configuration of router's RAM - component

Paste & Edit* R1’s Running Configuration in below:

Paste screen capture of R1’s interface status information bel

Paste & Edit the contents on R1’s Routing Table

GRADED FROM THIS LAB ONWARDS

This column is filled / adjusted by you teacher - please do no

int s0/0/0 1 1 FALSE

int s0/0/1 1 1 FALSE

show running-config 1 1 FALSE

line are set to!

Running total 25 out 25

I am just working through it right now, I am not finished yet

ed / adjusted by you teacher - please do not edit

REMOVE default settings from output!

OVE default settings

move TRUE where applicable

Configuring the Static routing:

Configure Router – R2 LAN Interface Fast Ethernet0/1:

Configure a static route in reference to outgoing interface

Configure Router – R2 with a way to reach remote destination network 192.168.1.0/24

Important to VERIFY the device configuration

Paste & Edit R1’s Routing Table in region below:

Gateway of last resort is not set

23. Paste & Edit R2’s Routing Table in region below:

24. For Static Route indicates [1/0] "1" = Administrative ______________?

Ensure you complete the PKT Lab found in week 1 in CANVAS

n blank lines below: this page constitutes spot check 2

This column is filled / adjusted by you teacher - please do not edit

ip route 172.16.0.0 255.255.0.0 f0/0 1 1 FALSE

y to reach remote destination network 192.168.1.0/24

Command needed to display this output:

Command needed to display this output:

Command needed to display this output:

Running Total 47 OUT OF 47

he PKT Lab found in week 1 in CANVAS

ed by you teacher - please do not edit

3 Configuring Dynamic routing:

Paste & Edit(fit to space* R2’s Running Config in region A below:

3 Configuring Dynamic routing:

ected ntwks 172.16.0.0/16 & 10.10.10.0 using RIPv2:

space* R2’s Running Config in region A below:

Total on this sheet= 22 out of 22

Running Total 69 out of 69

adjusted by you teacher - please do not edit

Enter Int vlan configuration mode /select for vlan100

Enter Int vlan configuration mode /select for vlan200

Create VLANs on MLS

Display the screen capture to show vlans in Brief info below