CCNA

Routing & Switching

Agenda

Course Introduction
1.Intro to Switch & VLAN
2.Switch Trunking
3.Inter VLAN Routing
4.Redundancy
5.Network Services
6.IP Addressing (Refresh)
7.Static Routing
8.EIGRP / OSPF

First Day
Second Day
Second Day ( If time permits)

2
Course Introduction

About this Crash Course:

•Covers basic Switching and Routing, mostly for LAN
usage
•Expectation: 30% theories, 70% practical

Rules in this course:

•Be proactive !
•Follow & complete the Lab Practices (will be taken as
Quiz mark).

3
1. Intro to Switch & VLAN
LAN Hierarchical Network

4
How Switch Forward Packet
Broadcast Domain
What is VLAN?
Controlling Broadcast Domain with VLAN
Lab 1 Topology

9
 Lab 1 - About

Switch intro

7. set line vty & line con 0

Goal:
8. set banner motd
1. Configure switch basic
9. create vlan 10, 20, and 99
2. access switch via telnet/ssh from PC
10. set ip addss on interface vlan 99

11. set sw access vlan on respected interface

Step:
12. set static IP on PC
1. Deploy 1 L2 Switch
13. try telnet / SSH
2. Connect to CLI

3. Set username & password, enable secret

Test scenario:
4. set hostname
1. test telnet / ssh from admin PC
5. set ip domain-name
2. PC to PC can't communicate
6. Generate SSH key

10
 Lab 1 – Config Reference
Save Device Config: Generate key for SSH: contoh:
write | copy run start Crypto key generate rsa
interface fa0/1
Enable Logging:
service timestamps log datetime msec create VLAN: switchport access vlan 10

vlan <vlan-no> switchport mode access

Set Hostname:
hostname <hostname> name <vlan-name>

contoh: hostname Acc-Sw01 interface range fa0/1-10

contoh: switchport access vlan 10

Set Enable Password: vlan 10 switchport mode access

enable secret <password>
name Accounting
contoh: enable secret P@ssw0rd
Set IP on VLAN Interface:

Show available VLAN: interface Vlan<vlan-no>

Set Clock:
clock timezone GMT+7 7 show vlan brief ip address <ip address> <subnet mask>

Set Domain name: Show available interfaces: contoh:

ip domain-name <domain-name>
show ip interface brief interface Vlan99
contoh: ip domain-name ibm-jti.com
ip address 192.168.99.11 255.255.255.0

Set Admin Username & Password Set switchport to access mode:

username <user> pri 15 secret <password>
interface <interface-name>
contoh: username admin pri 15 secret pas5word
switchport access vlan <vlan-no>

switchport mode access

11
 Set Banner: Show running configuration:

banner motd & Show run

<Message> &

contoh:

banner motd &

UNAUTHRORIZED ACCESS WILL BE SUED!! &

Apply login local on console connection:

line con 0

login local

Apply login local on telnet/SSH connection:

line vty 0 4

transport input all

exec-timeout 15 0

login local

12
2. Switch Trunking
Multiple VLAN on one connection
Virtual Trunking Protocol (VTP)
Lab 2 Topology

15
 Lab 2 - About

Switch Trunk

Goal:

1. PC in different switch but with same VLAN able to

communicate

Steps:

1. Add 1 more L2 Switch (Copy)

2. Change interface vlan 99 ip address

3. Connect Sw1 & SW2

4. Set Trunk on that interface

Test Scenarion:

1. Ping PC0 to PC2

16
 Lab 2 – Config Reference

Show available trunk: Show ARP:

show interface trunk show ip arp

Set switchport to trunk mode: Show mac address table:

Show mac address-table
interface <interface-name>

switchport mode trunk Show device information:

Show version
Show tech-support

contoh:

interface fa0/1

switchport mode trunk

17
3. Inter-VLAN Routing
Router on a Stick
Switch-based inter-VLAN Routing
Lab 3 Topology

20
 Lab 3 - About

Inter VLAN Routing

Goal:

1. PC with different VLAN able to communicate

Steps:

1. Add 1 L3 Switch

2. add connection to the access switch (2)

3. configure hostname, username, password, remote access

4. create vlan 10, 20, 99

5. set ip address on int vlan 10, 20, 99

6. configure trunk on core switch & access switch

7. activate ip routing on core switch

8. set default gateway on all PCs

Scenario Test:

21 1. Ping any PC to any PC

 Set L3S switchport to trunk mode: Show routing table:

interface <interface-name> show ip route

switchport trunk encapsulation dot1q

switchport mode trunk

contoh:

interface fa0/1

switchport trunk encapsulation dot1q

switchport mode trunk

Enable Routing on L3S:

ip routing

Set IP Address (gateway) on L3S:

interface Vlan<vlan-no>

ip address <ip address> <subnet mask>

contoh:

interface Vlan10

ip address 192.168.10.1 255.255.255.0

22
4. Redundancy
Promote High Availability
Problem with unmanaged Switch – Broadcast Storm
Spanning Tree Protocol (STP)
Prevent L2 Looping by Blocking Port(s)
Spanning Tree Portfast & BPDU Guard
To Optimize and Harden your Access Port

How BPDU-guard works

How Portfast works

Portfast in short: Faster uptime for BPDU-guard in short: Prevent

endpoint connection unauthorized switch to connect
Etherchannel – Link Aggregation Control Protocol (LACP)
Bundle Multi-physical link to single logical link

How etherchannel works

Etherchannel in short: Provide more availability and bandwidth by

bundling multiple physical link into one logical link
First Hop Redundancy
Using Hot Standby Router Protocol (HSRP)

How HSRP works

HSRP in short: Provide single gateway IP Address for endpoints,

which actually point into 2 gateway devices to provide gateway
redudancy
Lab 4 Topology

30
 Lab 4 - About

Redundancy

Goal: Test Scenario:

1. PC with different VLAN can still communicate upon a gateway 1. From a PC, Ping -t another-PC
failure
2. terminate access switch uplink

Step: 3. From Core SW-1, shutdown interface vlan xxx

1.Add 1 more L3 Switch (copy)

2. change hostname & ip address on int vlan 10, 20, 99

3. add connection to the access switch (2), set trunk

4. set spanning tree mode rapid-pvst on every switch

5. set spanning tree portfast & BPDU guard on access port

7. Connect each core switch with 2 cable, Configure ether-

channel on each core switch

8. set HSRP on gateway (interface vlan 10, 20, 99)

9. change default gateway on all PCs

31
 Lab 4 – Config Reference
Show Spanning-tree condition: Set Etherchannel Trunk using LACP: Show etherchannel condition:

show spanning-tree interface <member-int-name> show etherchannel summary

no <existing-config>

Set Spanning Tree to mode Rapid PVST: channel-group >group-no> mode active

spanning-tree mode rapid-pvst

interface port-channel <group no>

Set access switchport to use portfast & switchport trunk encap dot1q
BPDU Guard:
switchport mode trunk
interface <interface-name>

spanning-tree portfast
spanning-tree bpduguard enable contoh:

interface range fa0/1-2

contoh: no sw mode

interface fastethernet0/1 no sw trunk encap dot1q

spanning-tree portfast channel-group 1 mode active

spanning-tree bpduguard enable

interface port-channel 1

switchport trunk encap dot1q

switchport mode trunk

32
 set HSRP for a gateway: contoh:

Gateway 1 - Primary: Core-SW1:

interface <interface-name> interface Vlan10

standby <group-no> ip <virtual gateway ip> standby 1 ip 192.168.10.254

standby <group-no> priority <number >100> standby 1 priority 150

standby <group-no> preempt standby 1 preempt

Core-SW2 - Secondary: Core-SW2:

interface <interface-name> interface Vlan10

standby <group-no> ip <virtual gateway ip> standby 1 ip 192.168.10.254

Show HSRP condition:

show standby brief

33
5. Network Services
DHCP Operation
DNS Operation
Lab 5 Topology

36
 Lab 5 - About
Network Services
Goal:
1. Deploy Web Server to be accessible from internal user
2. Deploy network segment for guest with wireless & DHCP IP
Assignment
Steps:
1. on Core Switch, create vlan 100 (svr), set interface vlan 100:
IP address and HSRP
2. on Core Switch, create vlan 200 (guest), set interface vlan
200: IP address, HSRP, ip helper-address
3. Add 1 L2 Switch as Server Switch (copy)
4. Connect SVR switch to 2 Core Switch, set Trunk switchport
on Core Switch and SVR switch
5. change hostname, ip address on Server Switch
6. Add VLAN 100 as SVR Vlan on SVR Switch
7. Set SVR switch fa0/0-10 as access vlan 100
37
8. Deploy 3 Servers: Web, DNS, DHCP, and connect it to server
switch
9. Configure Web Server: IP Address, Gateway, HTML
10. Configure DNS Server: IP Address, Gateway, DNS entry for
www.ibm-jti.com, disable web
11. Configure DHCP Server: IP Adresss, Gateway, DHCP Pool
for GUEST
12. On 1 access switch, create vlan 200 (guest), set fa0/24 to
access vlan 200
13. Deploy Access Point, connect the uplink fo that access port
of access switch
14. Config access point -> SSID guest
15. Deploy Laptop, add wireless card, connect to SSID, set IP to
Dynamic
16. For all PC, set DNS Parameter
Test Scenario:
1. From Laptop and PC, open web browser www.ibm-jti.com
 Lab 5 – Config Reference

Set DHCP Relay / Helper Address:

interface <interface-name-where-broadcast-from-client-
received>

ip helper-address <dhcp-server-ip>

contoh:

interface vlan200

ip helper-address 192.168.100.103

38
6. IP Addressing
IP Address Class
IPv4 Calculation – IPv4 and Subnet Mask

• IPv4 Consist of 4 octets of 8 bits binary. Total = 32 bits

Example: 192.168.1.0

1100 0000 . 1010 1000 . 0000 0001 . 0000 0000

• To determine how many host supported, refer to the subnet mask,

Example: 255.255.255.0 (or can be noted as /24)

1111 1111. 1111 1111. 1111 1111. 0000 0000

n = number of 0 bits
num of hosts available= 2 n
usable host = available host – 2
Usable Host = 28 – 2 = 254 Host
 IPv4 Calculation – Determine Network & Broadcast Address

• Network Address :
Convert both the IP address and subnet into binary, and use logical AND

• Broadcast Address :
Convert both the Network address and subnet into binary, use logical EQUALITY

Complex
way and
take long
time !
IPv4 Calculation – Determine Network & Broadcast Address – Quick Way
Class C

Prefix /24 /25 /26 /27 /28 /29 /30 /31 /32
4th Octet 0 128 192 224 240 248 252 254 255
Mask
Host 128 64 32 16 8 4 2 1
Differenc
e
Host 256 128 64 32 16 8 4 2 1

Usable 256 - 128 – 64 - 2 32 – 2 16 – 2 8–2 4–2 2 1

Host 2 2
Example:
IP Address: 192.168.22.40 /27
Subnet Mask: 255.255.255.224

Network Address: (Look at Host, Find the closest Low multiplier from the IP Address)
192.168.22.32

Broadcast Address: (Look at Net Address, Add the Host, and minus 1 address)
192.168.2.2.63
IPv4 Calculation – Determine Network & Broadcast Address – Quick Way
Class A & B, still refer to this table! – assume +8 prefix for class B, and +16 prefix for class A

Prefix /24 /25 /26 /27 /28 /29 /30 /31 /32
4th Octet 0 128 192 224 240 248 252 254 255
Mask
Host 128 64 32 16 8 4 2 1
Differenc
e
Host 256 128 64 32 16 8 4 2 1

Usable 256 - 128 – 64 - 2 32 – 2 16 – 2 8–2 4–2 2 1

Host 2 2
Example:
IP Address: 118.97.67.115 /20 (Class B)
Subnet Mask: 255.255.240.0

Network Address: (Refer to Class C way, Take 3 rd Octet)

118.97.64.0

Broadcast Address: (Look at Net Address, Add the Host, and minus 1 address)
=118.97.80.0 - 1
=118.97.79.255
Variable Length Subnet Mask (VLSM)
7. Static Route
What is static routing?

Tells routers which way to go to a

particular destination:
•Tell the Destination Network
•Tell the Next-Hop / Exit interface

Require round-trip routes

Static route require manual entry for

every route in every router
How to read routing table
Routing Decision
Route Summary
Lab 7 Topology

49
 Lab 7 - About

Static Route

5. On Router Senayan & Blok-M: Set Hostname & IP Address,

Goal:
1. Senayan & Blok-M service point able to access
www.ibm-jti.com through WAN
2. Admin at HO can reach computer at SP through WAN
set static route so every LAN is reachable, set default route to
Core-SW2
6. On Core-SW1 and Core-SW2: set static route to SP Senayan
& Blok-M LAN

7. Deploy PC on SP Senayan & Blok-M, set IP Address &

Gateway
Steps:

1. Deploy Router for SP Senayan & SP Blok M

2. Deploy Switch for simulating WAN JAK PUS (no need to

configure) Test scenario,
3. Connect Core-SW1, Core-SW2, Senayan, Blok-M to WAN 1. PC at SP Senayan and Blok-M can access www.ibm-jti.com
JAK PUS
2. Admin-PC can ping PC at SP Senayan & Blok-M
4. On Core-SW1 and Core-SW2: on interface connected to WAN
JAK PUS, set no switchport, set IP Address

50
 Lab 7 – Config Reference

Set L3S Switchport to a L3 interface:

show routing table:
interface <interface-name>
show ip route
no switchport

ip address <ip-address> <subnet mask>

contoh:

interface fa0/3

no switchport

ip address 10.0.0.4 255.255.255.224

Add Static Route:

ip route <destination network> <subnet mask> <next hop

| exit interface>

contoh:

ip route 192.168.52.0 255.255.255.0 10.0.0.3

Add default route:

ip route 0.0.0.0 0.0.0.0 <next hop | exit interface>

contoh:
51
ip route 0.0.0.0 0.0.0.0 10.0.0.4
8. Dynamic Routing - EIGRP
Type of Dynamic Routing Protocols
How EIGRP Replicate Routing Tables
EIGRP Metric – used to determine the best route
Mostly based on bandwidth and delay
EIGRP Topology Table
To determine the best route and the backup route
Lab 8 Topology

56
 Lab 8 - About

EIGRP

Test scenario,
Goal: 1. PC in service point can access www.ibm-jti.com
2. Admin-PC can ping PC at SP
1. PC in service point able to access www.ibm-jti.com through
WAN

2. Admin at HO can reach computer at SP through WAN

Steps:

1. Deploy Device as Pictured

2. On Core-SW, Reconfigure Etherchannel as L3 link

3. Delete all static route on Core-SW and Router SP

4. Delete static route on Router-inet expect the default route

5. On Router-Inet, activate router eigrp, no auto-summary,

include networks, redistribute static

6. On Rest of L3 Devices, activate router eigrp, no auto-

summary, include networks

57
 Lab 8 – Config Reference

Set L3S etherchannel to a L3 etherchannel: Delete Static Route:

no port-channel <port-channel no.> ip route <destination network> <subnet mask> <next hop | exit interface>

interface range <interface-name>

contoh:
no switchport
no ip route 192.168.52.0 255.255.255.0 10.0.0.3
no <existing config>

channel-group <port-channel no.> mode active

port-channel <port-channel no.>

no sw

ip address <ip-address> <subnet-mask>

contoh:

no interface port-channel 1

interface range fa0/1-2

no switchport

no switchport mode

no trunk encap

channel-group 1 mode active

port-channel 1

no sw

58
ip address 192.168.254.1 255.255.255.252
 show routing table:
Activate EIGRP:
show ip route
router eigrp <AS-no>

no auto-summary
show EIGRP topology:
network <network-address> [<wildcard>]
show ip eigrp topology

contoh:

router eigrp 1

no auto-summary

network 192.168.10.1

network 192.168.20.1

Redisdribute static / default route to EIGRP:

router eigrp <AS-no.>

redistribute static

contoh:

router eigrp 1

redistribute static

59
9. Dynamic Routing - OSPF
How OSPF Replicate Routing Tables
OSPF Metric – used to determine the best route
OSPF Metric – used to determine the best route
Lab 9 Topology

63
 Lab 9 - About

OSPF

Goal:

1. PC in service point able to access www.ibm-jti.com through

WAN

2. Admin at HO can reach computer at SP through WAN

Steps:

1. On L3 Devices, deactivate router eigrp

2. On Router-Inet, activate router ospf, include networks, default-

information originate

3. On Rest of L3 Devices, activate router ospf, include networks

Test scenario,

1. PC in service point can access www.ibm-jti.com

2. Admin-PC can ping PC at SP

64
 Lab 9 – Config Reference

Deactivate EIGRP: Redisdribute default route to OSPF:

no router eigrp <AS-no> router ospf <PID>

default-information originate

contoh:

no router eigrp 1 contoh:

router ospf 1

default-information originate

Activate OSPF:

router ospf <PID> show routing table:

network <network-address> <wildcard> area <area no.> show ip route

contoh:

router ospf 1

network 192.168.10.0 0.0.0.255 area 0

network 192.168.20.0 0.0.0.255 area 0

65