Welcone!
Please scroll through the whole page
grund: kryptererade lösenord, enable säkerhet, bara ssh - stäng av telnet,
no ip domain lookup (utom R1, för den har DHCP), logg synch, ...
description på allt, inkl bgp (remark i OSPF, eigrp ??)
Banner (kort o korrekt)
Hostname
R1> ip address dhcp (då kommer default-route)
NAT/PAT för att alla interna addresser skall komma ut
BGP med loopbacks
update-source
neighbor default-route
DLS 1 : BGP + (OSPF eller EIGRP inkl defa route )
DHCP -server
statiska routes mot ALS1 and 2 (summary)
routed port mot ALSx
etherchannel (antingel l3 med routed port, eller L2 med SVI)
DLS 2:
statiska routes mot ALS1 and 2 (summary)
routed port mot ALSx
etherchannel l3 med routed port. Use one of Static, LACP or PAgP.
ALS1
statisk defa route mote DLS1 + floating static mot DLS2
vlan 10 mot DLS + interface vlan
vlan 20 mot PC + interface vlan , summeras med nedan
loopback för rolig summering
ip helper
ALS2
statisk defa route mote DLS1 + floating static mot DLS2
vlan 30 mot DLS + interface vlan
vlan 40 mot PC + interface vlan, summeras med nedan
loopback för rolig summering
PC A: DHCP client
IPV6 på R1+DLS1+DLS2 o deras loopback (ej mot CNAP)
Extras
NTP: Synka R1 mot skolan, och låt alla andra enheter synca mot R1. (Prova ntp.hv.se, eller 193.10.199.83, 193.10.200.220, eller ... ???)
NAT: OM du kollar vilket IP-nummer R1 fick, går det att sätta upp en web-server på PC-A som är nåbar utifrån?
STP: går det att sätta root guard, BPDU guard, and STP loop guard på alla accessportar
VTP: set DLS1 as SERVER and other Catalysts (DLS2, ALSx) as CLIENT
DTP: turn off DTP for static trunks (switchport nonegotiate)
VRF: Is it possible to create another VRF in R1 that only has connectivity with DLS1? (change R1-DLS1 connection to a trunk)
OBS : och allt annat oxå
Same as above, but change
hostname PC-Farm
vrf definition PC-A
address-family ipv4
address-family ipv6
!
vrf definition PC-B
address-family ipv4
address-family ipv6
ip routing
ipv6 unicast-routing
no ip domain lookup
interface GigabitEthernet1/0/1
no switchport
vrf forwarding PC-A
ip address 10.10.10.10 255.255.255.0
ipv6 address 2001:10::10/64
!
interface GigabitEthernet1/0/2
no switchport
vrf forwarding PC-B
ip address 20.20.20.20 255.255.255.0
ipv6 address 2001:20::20/64
ip route vrf PC-A 0.0.0.0 0.0.0.0 10.10.10.1
ip route vrf PC-B 0.0.0.0 0.0.0.0 20.20.20.1
Trace
Router#trace 10.10.10.10 source 30.30.30.1
Type escape sequence to abort.
Tracing the route to 10.10.10.10
VRF info: (vrf in name/id, vrf out name/id)
1 10.10.10.10 2 msec * 3 msec
Router#trace 20.20.20.20 source 30.30.30.1
Type escape sequence to abort.
Tracing the route to 20.20.20.20
VRF info: (vrf in name/id, vrf out name/id)
1 20.20.20.20 2 msec
-------------------------------------------------------
PC-Farm#trace vrf PC-A 10.10.10.1
Type escape sequence to abort.
Tracing the route to 10.10.10.1
VRF info: (vrf in name/id, vrf out name/id)
1 10.10.10.1 2 msec * 2 msec
PC-Farm#trace vrf PC-B 20.20.20.1
Type escape sequence to abort.
Tracing the route to 20.20.20.1
VRF info: (vrf in name/id, vrf out name/id)
1 20.20.20.1 2 msec * 3 msec
Ping
PC-Farm#ping vrf PC-A 10.10.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms
----------------------------------------
Router#ping 10.10.10.10 source 30.30.30.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.10, timeout is 2 seconds:
Packet sent with a source address of 30.30.30.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/2 ms