Lab 7.1.6 Analyzing a Test Plan and Performing a Test
Task 1: Analyze the Test Plan
Analyze the test plan shown above and answer the following questions:
a. What are the four main sections of the test plan?
1) Introduction,
2) Equipment,
3) Design / Topology Diagram,
4) Test Descriptions and related testing information. (Test procedure, success criteria, and conclusions subsections repeat for each test within the test plan.)
How many tests are defined within the test plan in this lab?
2
In which testing subsection would you find the types of commands or analysis tools used to determine
if the test was successful?
Procedures
d. In which main test plan section would you find a description the devices and cabling used to build the
prototype for the test plan?
Equipment
e. In which main testing section would an overall description of the tests to be performed and the
reasons why they are being specified in the test plan?
Introduction
Task 2: Configure the PCs and switch VLANs and perform Test 1
Step 1: Connect devices and configure PC IP addresses
Connect the switch to the router as shown in the Test Plan topology diagram.
Connect the PC1 and PC2 hosts to the switch using the ports indicated in the Test Plan topology table.
Using the IP address information from the Test Plan table, configure PC1 and PC2.
Step 2: Prepare the switch for configuration
Connect a PC with a console cable to the switch to perform configurations using a terminal emulation
program. Confirm that the switch is ready for lab configuration by ensuring that all existing VLAN and general configurations are removed. Remove the switch startup configuration file from NVRAM.
Switch#erase startup-config
Erasing the nvram filesystem will remove all files! Continue? [confirm]
Press Enter to confirm. The response should be:
Erase of nvram: complete
If the switch has previously been configured with VLANs, it will necessary to delete the VLAN
database information file. From the privileged EXEC mode, issue the following commands:
Switch#delete vlan.dat
Delete filename [vlan.dat]?[Enter]
Delete flash:/vlan.dat? [confirm] [Enter]
If there was no VLAN file, this message is displayed.
%Error deleting flash:/vlan.dat (No such file or directory)
It is recommended that the delete command not be issued as: delete flash:vlan.dat.
Accidentally omitting vlan.dat from this command could lead to the complete IOS being deleted
from flash memory. Issuing the reload command to restart the switch may not always clear the previous VLAN configuration; for that reason, the power cycle (hardware restart) step is recommended.
Step 3: Configure VLANs on switch S1
Configure switch S1 with a hostname and passwords.
Switch(config)#hostname FC-ASW-1
FC-ASW-1(config)#enable password cisco
FC-ASW-1(config)#enable secret class
FC-ASW-1(config)#line console 0
FC-ASW-1(config-line)#password cisco
FC-ASW-1(config-line)#login
FC-ASW-1(config-line)#line vty 0 15
FC-ASW-1(config-line)#password cisco
FC-ASW-1(config-line)#login
FC-ASW-1(config-line)#exit
FC-ASW-1(config)#
Configure switch S1 with the VLAN 1 IP address of 10.0.1.2/24.
FC-ASW-1(config)#interface vlan1
FC-ASW-1(config-if)#ip address 10.0.1.2 255.255.255.0
FC-ASW-1(config-if)#no shutdown
FC-ASW-1(config-if)#exit
FC-ASW-1(config)#
Configure switch S1 with the default gateway address of 10.0.1.1.
FC-ASW-1(config)#ip default-gateway 10.0.1.1
FC-ASW-1(config)#
Create VLAN 10 named main-net and VLAN 20 named voice.
FC-ASW-1(config)#vlan 10
FC-ASW-1(config-vlan)#name main-net
FC-ASW-1(config-vlan)#exit
FC-ASW-1(config-vlan)#vlan 20
FC-ASW-1(config-vlan)#name voice
FC-ASW-1(config-vlan)#exit
FC-ASW-1(config)#
Assign interface range Fa0/2 through Fa0/12 to VLAN 10.
FC-ASW-1(config)#interface range fa0/2 – 12
FC-ASW-1(config-if-range)#switchport mode access
FC-ASW-1(config-if-range)#switchport access vlan 10
FC-ASW-1(config-if-range)#exit
FC-ASW-1(config)#
Assign interface range Fa0/13 through Fa0/24 to VLAN 20.
FC-ASW-1(config)#interface range fa0/13 – 24
FC-ASW-1(config-if-range)#switchport mode access
FC-ASW-1(config-if-range)#switchport access vlan 20
FC-ASW-1(config-if-range)#end
FC-ASW-1#
Step 4: Perform Test 1 to determine if the hosts can communicate between VLANs
a. Issue the show running-config commands from the switch and verify all basic configuration
settings. See output at end of lab.
b. Issue the show vlan brief command on the switch to verify what ports are in which VLANs.
Which switch ports are in VLAN 1?
Fa0/1 Gi0/1, Gi0/2
Which switch ports are in VLAN 10?
Fa0/2 – Fa0/12
Which switch ports are in VLAN 20?
Fa0/13 – Fa0/24
FC-ASW-1#show vlan brief
VLAN Name Status Ports
1 default active Fa0/1, Gi0/1, Gi0/2
10 main-net active Fa0/2, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12
20 voice active Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
<*** output omitted ***>
c. With PC1 connected to switch port 4 and PC2 attached to port 14, attempt to ping from PC1 to PC2.
Would you expect the ping to be successful?
Tidak
Why or why not?
PC IP addresses are on different networks (PC1 is on net 10.0.10.0/24 and PC2 is on net 10.0.20.0/24 and in different VLANs.
d. Change the IP address of PC2 to 10.0.10.5 so that the two PCs are on the same network and ping again. Would you expect the ping to be successful?
Tidak
Why or why not?
Alamat IP PC punya alamat jaringan yang sama tapi masih di VLAN yang berbeda
e. Move the cable for PC2 to a port that is in the VLAN 10 range (Fa0/2 to Fa0/12) and ping again.
Would you expect the ping to be successful?
Ya
Why or why not?
Alamat IP PC berada pada jaringan dan VLAN yang sama
f. Change the IP address for PC2 back to 10.0.20.2 and move the cable back to Fa0/14 in VLAN 20.
This test demonstrated that the PCs from the main-net cannot communicate with the PCs on the voice net without assistance from a Layer 3 device.
Task 3: Configure the switch and router for VLAN routing and perform Test 2
Step 1: Configure VLAN trunking on switch S1
Configure trunking between switch S1 and the router with 802.1 encapsulation on both devices.
FC-ASW-1#int fa0/1
FC-ASW-1(config-if)#switchport mode trunk
FC-ASW-1(config-if)#end
Step 2: Perform basic configuration of the router.
Connect a PC to the console port of the router to perform configurations using a terminal emulation
program. Configure router R1 with a hostname and console, Telnet, and privileged passwords according to the table diagram.
Router(config)#hostname FC-CPE-1
FC-CPE-1(config)#line con 0
FC-CPE-1(config-line)#password cisco
FC-CPE-1(config-line)#login
FC-CPE-1(config-line)#line vty 0 4
FC-CPE-1(config-line)#password cisco
FC-CPE-1(config-line)#login
FC-CPE-1(config-line)#exit
FC-CPE-1(config)#enable password cisco
FC-CPE-1(config)#enable secret class
FC-CPE-1(config)#no ip domain lookup
Step 3: Configure VLAN Trunking on the Router
Configure router R1 Fa0/0 interface to trunk for VLAN 1, VLAN 10, and VLAN 20 with 802.1Q
encapsulation.
FC-CPE-1(config)#interface fa0/0
FC-CPE-1(config-if)#no shutdown
FC-CPE-1(config-if)#interface fa0/0.1
FC-CPE-1(config-subif)#encapsulation dot1Q 1
FC-CPE-1(config-subif)#ip address 10.0.1.1 255.255.255.0
FC-CPE-1(config-subif)#exit
FC-CPE-1(config)#interface fa0/0.10
FC-CPE-1(config-subif)#encapsulation dot1Q 10
FC-CPE-1(config-subif)#ip address 10.0.10.1 255.255.255.0
FC-CPE-1(config-subif)#exit
FC-CPE-1(config)#interface fa0/0.20
FC-CPE-1(config-subif)#encapsulation dot1Q 20
FC-CPE-1(config-subif)#ip address 10.0.20.1 255.255.255.0
FC-CPE-1(config-subif)#end
FC-CPE-1#
On the router, issue the command show vlans.
What information is displayed?
The 802.1Q trunk subinterfaces, the address configured and the number of packet transmitted and received
FC-CPE-1#show vlans
Virtual LAN ID: 1 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interface: FastEthernet0/0.1
This is configured as native Vlan for the following interface(s) :
FastEthernet0/0
Protocols Configured: Address: Received: Transmitted:
IP 10.0.1.1 21 43
Other 0 138
396 packets, 67954 bytes input
181 packets, 51149 bytes output
Virtual LAN ID: 10 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interface: FastEthernet0/0.10
Protocols Configured: Address: Received: Transmitted:
IP 10.0.10.1 94 25
Other 0 12
94 packets, 15324 bytes input
37 packets, 3414 bytes output
Virtual LAN ID: 20 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interface: FastEthernet0/0.20
Protocols Configured: Address: Received:
Transmitted:
IP 10.0.20.1 9781 113
Other 0 14
9781 packets, 939660 bytes input
127 packets, 9617 bytes output
From switch S1, issue the command show interfaces trunk.
What interface on switch S1 is in trunking mode?
Fa0/1
Which VLANs are allowed and active in the management domain?
1, 10, 20
FC-ASW-1#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/1 1-4094
c.
Port Vlans allowed and active in management domain
Fa0/1 1,10,20
Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,10,20
Step 4: Perform Test 2 to determine if the hosts can communicate between VLANs through the use of inter-vlan routing provide by a router
a. Issue the show running-config commands from the switch and verify all basic configuration
settings. See output at end of lab.
b. Ping from the switch to the router default gateway for VLAN 1.
Was the ping successful?
Ya
c. Telnet from the switch to the router.
Where you successful?
Ya
d. With PC1 connected to switch port 4 and PC2 attached to port 14, attempt to ping from PC1 to PC2.
Would you expect the ping to be successful?
Ya
Why or why not?
PC IP addresses are on different networks (PC1 is on net 10.0.10.0/24 and PC2 is on net 10.0.20.0/24 and in different VLANs but the router is routing packet between the two independent subnets.
e. Telnet from PC1 to the switch and the router.
Would you expect the Telnet to be successful?
Ya
Why or why not?
Physical and IP connectivity has been previously verified. As long as there are no VTY restrictions or ACLs in place, each PC should be able to telnet to either the switch using the VLAN1 IP address or to the router using any of the router subinterface addresses.
f. Issue the show ip route command on the router to display the routing table. How many subnet
routes are there?
3 – All directly connected to the subinterfaces defined for Fa0/0.
(10.0.1.0, 10.0.10.0 and 10.0.20.0)
FC-CPE-1#show ip route
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS
level-2
ia – IS-IS inter area, * – candidate default, U – per-user
static route
o – ODR, P – periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 3 subnets
C 10.0.10.0 is directly connected, FastEthernet0/0.10
C 10.0.1.0 is directly connected, FastEthernet0/0.1
C 10.0.20.0 is directly connected, FastEthernet0/0.20
Task 4: Reflection
Why is it important to develop a test plan and prototype network behavior?
Sebuah rencana uji menyediakan dokumen terstruktur digunakan untuk menguji dan membutuhkan tester untuk berpikir dengan hati-hati tentang bagaimana fungsi jaringan untuk diuji dan dievaluasi. Ini membantu untuk membuktikan bahwa hasil yang diharapkan adalah nyata dan bahwa jaringan akan tampil seperti yang diharapkan. Ini berfungsi untuk mendokumentasikan hasil dari upaya pengujian.
Lab 7.2.2 Creating a Test Plan for the Campus Network
Task 1: Review the Supporting Documentation
Step 1: Refer to the proposed LAN Design Topology diagram created in Lab 5.2.4
a. Make a list of all the necessary equipment and cables required to build the LAN portion of the
proposed network design.
b. Make a list of all the VLANs required to implement the design.
Step 2: Review the proposed IP Address Allocation spreadsheet created in Lab 6.2.5
Determine the appropriate IP addressing for the devices identified in Step 1a.
Determine an appropriate IP address range for each VLAN identified in Step 1b.
Task 2: Create the LAN Design Test Plan
The format used to create the test plans may vary. The format used for this and subsequent labs is similar to the document used by the Cisco Customer Proof-of-Concept Labs. It is divided into sections to make it easier to read and understand. The test plan is a formal document that can be included in a proposal. It verifies that the design functions as expected. Many times, customer representatives are invited to view the prototype tests. In these cases, the customer can review the design and see for themselves that the network meets the requirements.
Step 1: Review the contents of the test plan document
Download and review the LAN Design Test Plan. Record a description of each section and what types of
information each section requires you to enter.
Introduction:
Equipment:
Design and Topology:
Test Description:
Test Procedures:
Test Expected Results and Success Criteria:
Test Results and Conclusions:
Appendix:
Step 2: Complete the Introduction section of the test plan
In this example test plan, much of the information has already been entered for you.
Enter the purpose of the test.
Think about why you want to test the LAN portion of the design.
Enter what functions of the LAN design you intend to test.
Three tests are entered for you to use with this test plan.
Test 1: Basic Connectivity
Test 2: VLAN Configuration
Test 3: VLAN Routing.
Step 3: Complete the Equipment Section of the test plan
Using the information you recorded in Task 1, Step 1a, fill in the chart in the equipment section. List
all network devices and cables. Two personal computers are already listed to assist in the testing of
the design. If your school lab does not include the required equipment for the design, discuss possible substitute models with your instructor.
Step 4: Complete the Design and Topology Section of the test plan
a. Copy the LAN topology from the diagram created previously in Lab 5.2.4
Enter the IP addressing information recorded in Task 1, Step 2a, in the IP Address Plan chart.
Enter the VLAN names and IDs recorded in Task 1, Steps 1b and 2b, in the VLAN plan.
Enter any additional information that you want the technician performing the test to be aware of
before the test begins.
Step 5: Complete the Test Description, Procedures, and Expected Results sections of the test plan
In the Test Description section, enter the goals for each of the three tests that you plan to perform.
Test 1 is completed as an example of how to fill in the information. In the Test Procedures section, enter the steps that are necessary to perform each planned test. In the Expected Results and Success Criteria section, enter what you expect the results to be if all the steps in the Test Procedures section are followed correctly. Determine what results need to be observed for the test to be considered a success.
Lab 7.2.5 Testing the FilmCompany Network
Step 1: Build the prototype network
- Select the necessary equipment and cables as specified in the Equipment section of the test plan.
- See your instructor for assistance in identifying the appropriate equipment.
- Using the topology diagram and IP address plan contained in the Design and Topology Diagram section of the test plan, connect and configure the prototype network.
- Following the procedures in the Test 1: Procedures section, console into one of the devices and verify that you can ping all of the other device addresses. If you are unsuccessful, verify each device configuration. Repeat the connectivity testing.
- Copy and paste the initial device configurations into a document using Notepad or a word processing program. Save or print the document to include with the completed test plan.
Step 2: Verify the functionality of the prototype network
Following the procedures in the Test 1: Procedures, execute the various commands and record the
results of the testing.
Copy and paste the output of the various commands into a document using Notepad or a word
processing program. Save or print the document to include with the completed test plan.
Step 3: Record the test results in the Results and Conclusions section of the test plan
Compare the results that you observed during the testing with the expected results listed in the Test
1: Expected Results and Success Criteria section.
Determine if the testing indicates that the network meets the success criteria. If it does, indicate that
the test is successful.
Task 2: Perform Test 2: VLAN Configuration Test
Step 1: Configure the prototype network
Step 2: Verify the VLAN configuration design
Step 3: Record the test results in the Results and Conclusions section of the test plan
Task 3: Perform Test 3: VLAN Routing Test
Step 1: Configure the prototype network
a. Follow the steps you created in the Test 3: Procedures section of the test plan to configure the router
to route between VLANs.
b. Using the topology diagram shown in the Design and Topology Diagram section of the test plan,
configure the appropriate router to route between the VLANs created in Task 2.
c. Following the steps you listed in the Test 3: Procedures section, console into the switch that is directly
connected to the router. Configure the link between the switch and the router as an 802.1q trunk link
and permit all VLANs across the trunk.
d. Console into the router and configure the router interface directly connected to the switch for 802.1q
encapsulation.
e. Configure the router with the appropriate IP addresses for the various VLANs. Verify that the routes
appear correctly in the routing table.
f. Copy and paste the initial device configurations into a document using Notepad or a word processing
program. Save or print the document to include with the completed test plan.
Step 2: Verify the VLAN routing design
a. Verify that the PCs are configured to be in different VLANs and that the IP address configuration on
the PCs is correct. Configure the IP addresses assigned to the router, in Step 1e, as the default
gateway addresses for the PCs. Verify that the default gateway addresses are on the same networks
as the addresses assigned to the PCs.
b. Following the procedures in the Test 3: Procedures, ping from PC1 to PC2. Copy and paste the
results into a document using Notepad or a word processing program. Save or print the document to
include with the completed test plan.
c. Execute the various show commands to verify that the routing is correct.
d. Record the results in the Test 3: Results and Conclusions section of the test plan.
Step 3: Record the test results in the Results and Conclusions section of the test plan
a. Compare the results that you observed during the testing with the expected results listed in the Test 3: Expected Results and Success Criteria section.
b. Determine if the testing indicates that the network meets the success criteria. If it does, indicate that
the test is successful.
Step 4: Reflection
Was the prototype testing of the FilmCompany LAN design successful? Did having a test plan to work from help you organize your testing?
Lab 7.2.6 Analyzing Results of Prototype Tests
Step 1: Identify if weaknesses are present in the design
Is the design able to scale to meet the growth, or do budget constraints limit the types of hardware and
infrastructure that can be included?
Secara umum, desain bersifat scalable. Prototipe menggunakan beberapa switch dan linkyang berulang.
Do the IP addressing and VLAN configurations allow for the proposed growth?
Pengalamatan IP menggunakan skema swasta memanfaatkan ruang alamat192.168.0.0/22 yang menyediakan ruang cukup untuk pertumbuhan. Ke-11 VLAN pastisemua memungkinkan untuk alamat tambahan yang akan ditambahkan. Melakukanpengujian dengan dua PC dan dua VLAN cukup untuk mencapai tujuan pengujian. Jikabekerja dengan dua PC dan dua VLAN itu akan bekerja dengan PC lebih banyak dan lebihVLAN, kecuali kesalahan konfigurasi diperkenalkan.
Can the selected hardware be upgraded easily without a major reconfiguration of the network?
Secara umum, ya. Stackable tetap 2960 konfigurasi switch digunakan dalam prototipe. IOS software dapat ditingkatkan dengan cukup mudah tapi upgrade perangkat keras mungkin tidak menjadi pilihan. Perluasan kepadatan pelabuhan dan penggunaan kecepatan link berbeda dan media yang dapat menyajikan isu-isu.
Can new Access Layer modules be integrated into the network without disrupting services to existing users?
Ya. Switch tambahan dapat ditambahkan untuk meningkatkan jumlah koneksi di desain dengan gangguan minimal.
Does the design provide for the smallest possible failure domains?
Ya, switch menyediakan segmentasi mikro dan VLAN berisi broadcast dengan menggunakanrouter dan subinterfaces.
Are there multiple paths and redundant devices to protect against losing connectivity to important services?
Ya. Switch memiliki hubungan yang berulang untuk memberikan cadangan.
Step 2: Determine what the risks are of not correcting the weaknesses
If, in Step 1, you identify weaknesses in the proposed design, what risks do these weaknesses present to
FilmCompany?
Sejak stackable switch dengan konfigurasi tetap digunakan dalam prototipe, perubahan kepadatan port, jenis media atau kecepatan link dapat menimbulkan masalah. Selain menambahkan lebih banyak switch, perluasan kepadatan port tidak mudah dilakukan.
Step 3: Suggest ways that the design can be improved to reduce the risk
In what ways could the proposed design be improved to reduce the areas of risk?
Step 4: Document the weaknesses and risks on the test plan
In the Results and Conclusions section of the test plan, record any weaknesses, risks, and suggested
improvements.
Step 5: Reflection
Why do you think it is important to identify weaknesses and risks in the proposed design before presenting it to the customer? What are some reasons that weaknesses cannot be corrected?
Penting untuk mengidentifikasi kelemahan dan risiko dalam desain yang diusulkan sebelummenyajikannya kepada pelanggan untuk memastikan bahwa pelanggan memahamiketerbatasan prototipe dan tidak mengarah pada memiliki harapan yang tidak realistisberdasarkan prototipe. Mungkin mustahil untuk mengimbangi semua kelemahan yang dapat diidentifikasi karena masalah waktu, uang atau kendala personil. Risiko harus dianalisa danseimbang terhadap variabel-variabel lainnya.
Lab 7.3.2 Creating a Server Farm Test Plan
Task 1: Review the Supporting Documentation
Step 1: Before completing the Server Farm Design Test Plan, review the following materials:
- • The prototype topology diagram included at the top of this lab
- • The IP Address Plan and VLAN Plan for the prototype topology in the Server Farm Design Test Plan provided with this lab
- • The Prototype Network Installation Checklist created by the network designer and provided with this lab
- • The partially completed Server Farm Design Test Plan provided with this lab
Step 2: Describe the functions of the network that the designer wants to test with this prototype
Konektivitas dasar, konfigurasi VLAN, operasi VTP, VLAN routing, penyaringan ACL.
Step 3: Using the topology diagram, create a list of the equipment necessary to complete the prototype tests
List any cables that are needed to connect the devices as shown in the topology diagram. Use the information from this list to fill out the chart in the Equipment section of the test plan document.
2 Router, 3 switch, 2 PC, 1 Server, 6 Cat 5 Straight-through kabel, 6 Cat 5 crossover kabel, 1 console cable.
Task 2: Determine the Testing Procedures
Using the information contained on the Prototype Network Installation Checklist and the partially completed Server Farm Design Test Plan document, determine what procedures should be followed to perform each test listed on the plan. Using Test 1 as an example, fill out the procedures sections for Tests 2, 3, and 4.
Think about which commands and tools (such as ping, traceroute, and show commands) you can use to verify that the prototype network is functioning as designed. Decide which outputs to save to prove the results of your tests.
Task 3: Document the Expected Results and Success Criteria
Carefully identify what you expect the results of each test to show. What results would indicate that the tests were a success?
Test 2: VLAN Configuration Test
Show vlans, show spanning-tree, show interface, failure of ping between VLANs
Test 3: VLAN Routing Test
Show vlans, show interface, show IP route, traceroute, and successful ping between VLANs.
Test 4: ACL Filtering Test
Show running config, show interface, show IP route, traceroute, attempts to access unauthorized resources denied.
a. Fill in the Expected Results and Success Criteria section for each test, using the information collected above.
b.Save the completed Server Farm Test Plan. It will be used in subsequent labs.
Reflection
Why is it important to think about and document the expected results and success criteria for each of the
individual tests?
Lab 7.3.3 Configuring and Testing the Rapid Spanning Tree Prototype
Task 1: Configure all devices
Step 1: Configure S1 and S2
Configure the host name, access, and command mode passwords on each switch.
Step 2: Configure interface VLAN 1
Configure the VLAN1 IP address and default gateway on each switch.
Step 3: Configure FC-ASW-1 for server and end user VLANs
VLAN Number | VLAN Name |
10 | Servers |
20 | Users |
Step 4: Configure ProductionSW for server and end user VLANs
VLAN Number | VLAN Name |
10 | Servers |
20 | Users |
Step 5: Assign ports to VLANs on FC-ASW-1
FC-ASW-1#configure terminal
FC-ASW-1(config)#interface Fa0/5
FC-ASW-1(config-if)#switchport mode access
FC-ASW-1(config-if)#switchport access VLAN10
FC-ASW-1(config-if)#interface Fa0/6
FC-ASW-1(config-if)#switchport mode access
FC-ASW-1(config-if)#switchport access VLAN20
Step 6: Assign ports to VLANs on ProductionSW
ProductionSW#configure terminal
ProductionSW(config)#interface Fa0/5
ProductionSW(config-if)#switchport mode access
ProductionSW(config-if)#switchport access VLAN10
ProductionSW(config-if)#interface Fa0/6
ProductionSW(config-if)#switchport mode access
ProductionSW(config-if)#switchport access VLAN20
Step 7: Configure trunk ports on FC-ASW-1 to the router and ProductionSW
FC-ASW-1(config)#interface Fa0/1
FC-ASW-1(config-if)#switchport mode trunk
FC-ASW-1(config-if)#interface Fa0/2
FC-ASW-1(config-if)#switchport mode trunk
FC-ASW-1(config-if)#interface Fa0/4
FC-ASW-1(config-if)#switchport mode trunk
Step 8: Configure trunk ports on ProductionSW to FC-ASW-1
ProductionSW(config)#interface Fa0/2
ProductionSW(config-if)#switchport mode trunk
ProductionSW(config-if)#interface Fa0/4
ProductionSW(config-if)#switchport mode trunk
Step 9: Configure VTP on both switches
FC-ASW-1#vlan database
FC-ASW-1(vlan)#vtp server
Step 10: Configure ProductionSW to be a VTP client
ProductionSW#vlan database
ProductionSW(vlan)#vtp client
ProductionSW(vlan)#vtp domain ServerFarm
Step 11: Configure Rapid Spanning Tree Protocol
On each switch, configure Per-VLAN Rapid Spanning Tree Protocol.
FC-ASW-1(config)#spanning-tree mode rapid-pvst
ProductionSW(config)#spanning-tree mode rapid-pvst
Step 12: Perform basic router configuration
Configure hostname, passwords, and line access on R1.
Step 13: Configure Subinterface Fa0/0
BR4#configure terminal
BR4(config)#interface Fa0/0
BR4(config-if)#no shut
BR4(config-if)#interface Fa0/0.1
BR4(config-subif)#description VLAN1
BR4(config-subif)#encapsulation dot1q 1
BR4(config-subif)#ip address 10.0.0.1 255.255.255.0
BR4(config-subif)#interface Fa0/0.10
BR4(config-subif)#description VLAN10
BR4(config-subif)#encapsulation dot1q 10.
BR4(config-subif)#ip address 10.10.10.254 255.255.255.0
BR4(config-subif)#interface Fa0/0.20
BR4(config-subif)#description VLAN20
BR4(config-subif)#encapsulation dot1q20
BR4(config-subif)#ip address 10.10.20.254 255.255.255.0
BR4(config-subif)#end
BR4#
Step 14: Configure two hosts for server VLAN, and two hosts for end user VLAN
a. H1 and H3 should be given IP addresses in the Servers VLAN, with a default gateway of
10.10.10.254.
b. H2 and H4 should be given IP addresses in the Users VLAN, with a default gateway of 10.10.20.254.
Task 2: Perform basic connectivity tests
Step 1: Test intra-VLAN connectivity
a. Ping from H1 to H3.
Is the ping successful?
Ya
If the ping fails, troubleshoot the configuration on the hosts and the VLAN configuration on the switches.
b. Ping from H2 to H4.
Is the ping successful?
Ya
If the ping fails, troubleshoot the configuration on the hosts and the VLAN configuration on the switches.
Step 2: Test inter-VLAN connectivity
Ping from a host on the Servers VLAN to a host on the Users VLAN.
Is the ping successful?
Ya
If the ping fails, troubleshoot the router and switch configurations.
Task 3: Introduce link and device failures into the network, and observe results
Step 1: Determine the port status of the spanning tree on the server switch
FC-ASW-1#show span
VLAN0010
Spanning tree enabled protocol ieee
Root ID Priority 32778
Address 0030.F2C9.90A0
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32778 (priority 32768 sys-id-ext 10)
Address 0090.21AC.0C10
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ————————–
Fa0/1 Desg FWD 19 128.3 Shr
Fa0/2 Root FWD 19 128.3 Shr
Fa0/4 Altn BLK 19 128.3 Shr
Fa0/5 Desg FWD 19 128.3 Shr
VLAN0020
Spanning tree enabled protocol ieee
Root ID Priority 32788
Address 0030.F2C9.90A0
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32788 (priority 32768 sys-id-ext 20)
Address 0090.21AC.0C10
Aging Time 300
Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ————————–
Fa0/1 Desg FWD 19 128.3 Shr
Fa0/2 Root FWD 19 128.3 Shr
Fa0/4 Altn BLK 19 128.3 Shr
Fa0/6 Desg FWD 19 128.3 Shr
Which port is not currently participating in forwarding data?
Fa0/4 adalah alternatif
Step 2: Induce a link failure on the server switch
Remove the cable from one of the forwarding ports on FC-ASW-1.
Step 3: View the adjustment to the spanning-tree
Re-issue the show span command.
How long did it take the switches to determine and utilize a backup link?
Step 4: Induce a device failure on the network
Turn off the ProductionSW switch.
Ping from H1 to H2.
Was the ping successful?
Yes, both hosts are on the FC-ASW-1 switch and inter-VLAN
routing is still taking place.
Step 5: Reflect on the test results
In a network with multiple branch offices, why is the use of Rapid Spanning Tree Protocol important?
RSTP adalah penting untuk memastikan konektivitas perangkat pada layer akses di setiap kantor cabang dan bahwa sumber daya seperti server yang dapat diakses oleh pengguna di kantor-kantor lain yang bergantung pada mereka, dalam hal terjadi kegagalan switch-terkait setempat.
Why is it important when implementing a server farm?
RSTP akan membantu untuk memastikan bahwa switch dapat sembuh dengan cepat danmenyimpan server diakses oleh pengguna dalam hal link, switch atau kegagalan port.
Lab 7.3.5 Testing a Prototype Network
Task 1: Assemble and connect component devices
Step 1: Review the Topology Diagram and the Equipment section of the test plan
a. Determine which equipment or suitable substitutes will be required to meet the objectives of the lab.
b. Modify the topology diagram as necessary to fit available equipment.
Step 2: Review the Installation Checklist provided in lab 7.3.2.
Accommodate any equipment limitations with the use of loopback addresses.
Task 2: Perform Test 1: Basic Connectivity Test
Step 1: Using the Installation Checklist, perform the steps to connect and configure the
prototype network to perform Test 1.
Step 2: Perform the Test 1 procedures according to the Server Farm Design Test Plan and record the results in the Results and Conclusions section.
Determine if the test was successful. If not, discuss your results with your instructor and the other students in your class. Perform the test again if necessary.
Task 3: Perform Test 2: VLAN Configuration Test
Step 1: Using the Installation Checklist, perform the steps to connect and configure the
prototype network to perform Test 2.
Step 2: Perform the Test 2 procedures according to the Server Farm Design Test Plan and record the results in the Results and Conclusions section.
Determine if the test was successful. If not, discuss your results with your instructor and the other students in your class. Perform the test again if necessary.
Task 4: Perform Test 3: VLAN Routing Test
Step 1: Using the Installation Checklist, perform the steps to connect and configure the
prototype network to perform Test 3.
Step 2: Perform the Test 3 procedures according to the Server Farm Design Test Plan and record the results in the Results and Conclusions section.
Determine if the test was successful. If not, discuss your results with your instructor and the other students in your class. Perform the test again if necessary.
Task 5: Perform Test 4: ACL Filtering Test
Step 1: Review security goals for the FilmCompany network
Examine the test plan, checklist, and other documentation to determine how ACLs can support the security goals.
Step 2: Examine results of connectivity tests to determine targets for the ACLs
Decide which devices should be permitted, which protocols should be used, and where ACLs should be
placed.
Step 3: Create ACLs
Step 4: Using the Installation Checklist, perform the steps to connect and configure the
prototype network to perform Test 4.
Step 5: Perform the Test 4 procedures according to the Server Farm Design Test Plan and record the results in the Results and Conclusions section.
Determine if the test was successful. If not, discuss your results with your instructor and the other students in your class. Perform the test again if necessary
Task 6 Reflection
Examine the test results and conclusions. How this network would be affected if:
1. The number of servers was doubled?
Lalu lintas di S2 akan meningkat. Mungkin akan bermanfaat menambahkan saklar dan pemecahan server untuk menghindari single point of failure.
2. The S2 switch had a system failure?
Akses ke server akan hilang.
3. A new branch office with 25 new hosts was added?
Beban pada router R2 atau R1 akan meningkat tergantung pada akses apa yang dibutuhkan pengguna terhadap sumber daya.
Now that you have followed the process of prototyping from creating the plan through testing and recording results and conclusions, what are the advantages and disadvantages of using a simulation program, such as Packet Tracer, compared to building the prototype with physical devices?
Penggunaan program simulasi dapat sangat membantu dalam skenario pengujian berbagaikoneksi, alamat IP dan isu-isu lainnya. Perangkat lain dapat dimasukkan ke dalam bermaindaripada ketika membangun prototipe menggunakan peralatan yang nyata, namun tidak adapengganti untuk menggunakan perlengkapan nyata, jika tersedia.
Lab 7.3.6 Identifying Risks and Weaknesses in the Design
Task 1: Identify areas of risk and weakness in the server farm implementation
Step 1: Analyze the physical topology
Examine the server farm topology as one entity and as a part of the entire FilmCompany topology. Look for each of the risks and weaknesses listed in the chart. Describe the devices, connections, and issues that you find, or record None found if the design appears to avoid risks in that area.
Weakness | Risk | Description of Location and Devices |
Single point of failure | If a device fails, a portion of the network will be inoperable. | |
Large failure domain | If a device or link fails, a large portion of the network will be affected | |
Possible bottlenecks | If the traffic volume increases, thereis a potential for response time to degrade. | |
Limited scalability | If the network grows more rapidly than expected, a costly upgrade will be needed. | |
Overly-complex design | If the design is too complex, the current staff will not be able to support it properly. | |
Other possibleweaknesses (specify): |
Step 2: Analyze the results and conclusions of the testing
Basic router and switch configurations were modified to support the following protocols and functions.
Evaluate the results and conclusions that were drawn from the testing. Identify any areas where modifications to the configuration would provide better results, both now and in the future.
No Change Needed | Modifications Possible | |
VLAN port assignments | ||
VTP client/server assignments | ||
Root bridge designations | ||
Switch security | ||
Traffic filtering through ACLs | ||
Other (specify): |
Task 2: Suggest modifications to the design to address identified risks and weaknesses
From the analysis performed in Task 1, list each risk or weakness and suggest possible changes to the
design to minimize or eliminate it.
0 komentar:
Posting Komentar