Config Register is 0x4a6f6469

OSPF stands for Open Shortest Path First.

OSPF is a link state routing protocol. The word ‘Open’ means it is an open source routing protocol, all routers from different brand has ability to operate OSPF.

Shortest Path First means for itself, it always try to find the best path. OSPF determine their best path by calculate the cost from available links with formula: 10^8 / bandwith [bps]. Or the administrator can setup explicitly the cost with this command: router(config-if)# ip ospf cost number. The lowest cost is the best path chosen by OSPF. For example, if there is two links available on router running OSPF, first link’s cost is 1, second link’s cost is 10, then the best path is the first link.

Each router in OSPF area has its own view to all the network topology. They multicast hello packet, known as hello mechanism. With 224.0.0.5 sent by OSPF network to DR (Designated Router) and BDR (Backup Designated Router) and 224.0.0.6 sent by DR and BDR to OSPF network. Resulting fast convergence times for each router in that area.

Click ospf.jpg to see image

scenario:

Router-1:
E0/1 192.168.1.1/24
S0/1 172.16.15.5/30 DCE
Lo1 1.1.1.1/24

Router-2:
S0/1 10.15.21.9/30 DCE
Lo2 2.2.2.2/24

Router-3:
S0/1 100.100.1.9/30 DCE
Lo3 3.3.3.3/24

Router-4:
S0/1 128.128.1.5/30 DCE
Lo4 4.4.4.4/24

Router-5:
Lo5 5.5.5.5/24

Router-1 is connected to access-point 192.168.1.11/24 inside the LAN there is one PC availabe with IP address 192.168.1.12/24.
Setup this topology with OSPF single area! 

 

console:

Router-1:

router> enable

router# conf t

router(config)# hostname Router-1

Router-1(config)# enable password pass

Router-1(config)# service password-encryption

Router-1(config)# enable secret passwd

Router-1(config)# banner motd #

                           —!!! Router-1 Restricted Shell !!!—#

Router-1(config)# line vty 0 4

Router-1(config-line)# password telnet

Router-1(config-line)# login

Router-1(config-line)# exit

Router-1(config)# int e0/1

Router-1(config-if)# ip address 192.168.1.1 255.255.255.0

Router-1(config-if)# no shut

Router-1(config-if)# exit

Router-1(config)# int s0/1

Router-1(config-if)# ip address 172.16.15.5 255.255.255.252

Router-1(config-if)# clock rate 64000

Router-1(config-if)# no shut

Router-1(config-if)# exit

Router-1(config)# int loopback 1

Router-1(config-if)# ip address 1.1.1.1 255.255.255.0

Router-1(config-if)# no shut

Router-1(config-if)# exit

Router-1(config)# router ospf 5

Router-1(config-router)# network 172.16.15.4 0.0.0.3 area 0

Router-1(config-router)# network 192.168.1.0 0.0.0.255 area 0

Router-1(config-router)# network 1.1.1.0 0.0.0.255 area 0

Router-1(config-router)# ^Z

Router-1#

 

Router-2:

router> enable

router# conf t

router(config)# hostname Router-2

Router-2(config)# enable password pass

Router-2(config)# service password-encryption

Router-2(config)# enable secret passwd

Router-2(config)# banner motd #

                           —!!! Router-2 Restricted Shell !!!—#

Router-2(config)# line vty 0 4

Router-2(config-line)# password telnet

Router-2(config-line)# login

Router-2(config-line)# exit

Router-2(config)# int s0/0

Router-2(config-if)# ip address 172.16.15.6 255.255.255.252

Router-2(config-if)# no shut

Router-2(config-if)# exit

Router-2(config)# int s0/1

Router-2(config-if)# ip address 10.15.21.9 255.255.255.252

Router-2(config-if)# clock rate 64000

Router-2(config-if)# no shut

Router-2(config-if)# exit

Router-2(config)#  int loopback 2

Router-2(config-if)# ip address 2.2.2.2 255.255.255.0

Router-2(config-if)# no shut

Router-2(config-if)# exit

Router-2(config)# router ospf 5

Router-2(config-router)# network 172.16.15.4 0.0.0.3 area 0

Router-2(config-router)# network 10.15.21.8 0.0.0.3 area 0

Router-2(config-router)# network 2.2.2.0 0.0.0.255 area 0

Router-2(config-router)# ^Z

Router-2#

 

Router-3:

router> enable

router# conf t

router(config)# hostname Router-3

Router-3(config)# enable password pass

Router-3(config)# service password-encryption

Router-3(config)# enable secret passwd

Router-3(config)# banner motd #

                           —!!! Router-3 Restricted Shell !!!—#

Router-3(config)# line vty 0 4

Router-3(config-line)# password telnet

Router-3(config-line)# login

Router-3(config-line)# exit

Router-3(config)# int s0/0

Router-3(config-if)# ip address 10.15.21.10 255.255.255.252

Router-3(config-if)# no shut

Router-3(config-if)# exit

Router-3(config)# int s0/1

Router-3(config-if)# ip address 100.100.1.9 255.255.255.252

Router-3(config-if)# clock rate 64000

Router-3(config-if)# no shut

Router-3(config-if)# exit

Router-3(config)# int loopback 3

Router-3(config-if)# ip address 3.3.3.3 255.255.255.0

Router-3(config-if)# no shut

Router-3(config-if)# exit

Router-3(config)# router ospf 5

Router-3(config-router)# network 10.15.21.8 0.0.0.3 area 0

Router-3(config-router)# network 100.100.1.8 0.0.0.252 area 0

Router-3(config-router)# network 3.3.3.0 0.0.0.255 area 0

Router-3(config-router)# ^Z

Router-3# 

 

Router-4:

router> enable

router# conf t

router(config)# hostname Router-4

Router-4(config)# enable password pass

Router-4(config)# service password-encryption

Router-4(config)# enable secret passwd

Router-4(config)# banner motd #

                           —!!! Router-4 Restricted Shell !!!—#

Router-4(config)# line vty 0 4

Router-4(config-line)# password telnet

Router-4(config-line)# login

Router-4(config-line)# exit

Router-4(config)# int s0/0

Router-4(config-if)# ip address 100.100.1.10 255.255.255.252

Router-4(config-if)# no shut

Router-4(config-if)# exit

Router-4(config)# int s0/1

Router-4(config-if)# ip address 128.128.1.5 255.255.255.252

Router-4(config-if)# no shut

Router-4(config-if)# exit

Router-4(config)# int loopback 4

Router-4(config-if)# ip address 4.4.4.4 255.255.255.0

Router-4(config-if)# no shut

Router-4(config-if)# exit

Router-4(config)# router ospf 5

Router-4(config-router)# network 100.100.1.8 0.0.0.3 area 0

Router-4(config-router)# network 128.128.1.4 0.0.0.3 area 0

Router-4(config-router)# network 4.4.4.0 0.0.0.255 area 0

Router-4(config-router)# ^Z

Router-4#

 

Router-5:

router> enable

router# conf t

router(config)# hostname Router-5

Router-5(config)# enable password pass

Router-5(config)# service password-encryption

Router-5(config)# enable secret passwd

Router-5(config)# banner motd #

                                  —!!! Router-5 Restricted Shell !!!—#

Router-5(config)# line vty 0 4

Router-5(config-line)# password telnet

Router-5(config-line)# login

Router-5(config-line)# exit

Router-5(config)# int s0/0

Router-5(config-if)# ip address 128.128.1.6 255.255.255.252

Router-5(config-if)# no shut

Router-5(config-if)# exit

Router-5(config)# int loopback 5

Router-5(config-if)# ip loopback 5.5.5.5 255.255.255.0

Router-5(config-if)# no shut

Router-5(config-if)# exit

Router-5(config)# router ospf 5

Router-5(config-router)# network 128.128.1.4 0.0.0.3 area 0

Router-5(config-router)# network 5.5.5.0 0.0.0.255 area 0

Router-5(config-router)# ^Z

Router-5#

For a while, I can only used Cisco Catalyst Switch 1900 version.

Because that’s the only available switch in my labs. And I’ve been reading on CNAP documents, most of example are made with 2900 version. So I’m still curious to try that version. And the command line interface for 2900 version is more complex too.

But, meanwhile I just maximize all that I’ve got.
And here it is, the simply and short Basic Switch Configuration (BSC) for ‘must-do’ when working with switch.

 
console:

switch> enable

switch# conf t

switch(config)# hostname switch-A

switch-A(config)# enable password level 15 cisco

switch-A(config)# ip address 192.168.1.11 255.255.255.0

 

Now I will write about basic router configuration (BRC).
BRC is the first thing ‘must-do’ when working with router.
Points of BRC includes:

1. setting up hostname
2. enable password (plain text)
3. service password-encryption (make it encrypted)
4. enable secret (password with MD5, higher priority than enable password)
5. setting up banner
6. setting up telnet
7. turning on all interfaces connected to other router or network devices (very usefull for CDP)

 
console:

router> enable

router# conf t

router(config)# hostname router-1

router-1(config)# enable password pass

router-1(config)# service password-encryption

router-1(config)# enable secret passwd

router-1(config)# banner motd #

                           —!!! Restricted Shell !!!— #

router-1(config)# line vty 0 4

router-1(config-line)# password cisco

router-1(config-line)# login

router-1(config-line)# exit

router-1(config)# int s0/0

router-1(config-if)# no shut

router-1(config-if)# exit

router-1(config)# int s0/1

router-1(config-if)# no shut

router-1(config-if)# exit

router-1(config)# int e0/1

router-1(config-if)# no shut

router-1(config-if)# exit

router-1(config)# int fa0/1

router-1(config-if)# no shut

router-1(config-if)# exit

router-1(config)#
 

As mention before, Trunk is a physical connection containing logical connection to connected VLANs. How many logical connection can be made inside the Trunk is depend on how many VLAN used.

In this topic, I will talk about how to setup VLAN-Trunking. This topology made possible for different VLANs connected each other. Router is needed, because communication between VLANs are based on network layer using IP address. We can say that router act as a gateway for each VLANs.

That is the main different with previous topology, VLAN-Switch and VLAN-Switches, those are based on data link layer using MAC Address

Click VLAN-Trunking.jpg to see image

scenario:

Switch-A has VLAN 10 on port e0/1, and VLAN 20 on port e0/2. Fa0/27 (fast ethernet port) is connected to access point. Fa0/26 made a trunk connection to Fa0/26 switch-B.

Switch-B has VLAN 10 on port e0/1, and VLAN 20 on port e0/2. Fa0/27 made a trunk connection to Fa0/0 on router.

 

console:

switch-A:

switch> enable

switch# conf t

switch(config)# hostname switch-A

switch-A(config)# enable password level 15 cisco

switch-A(config)# ip address 192.168.1.11 255.255.255.0

switch-A(config)# vlan 10 name Group-A

switch-A(config)# vlan 20 name Group-B

switch-A(config)# int fa0/26

switch-A(config-if)# trunk on

switch-A(config-if)# exit

switch-A(config)# int e0/1

switch-A(config-if)# vlan-membership static 10

switch-A(config-if)# exit

switch-A(config)# int e0/2

switch-A(config-if)# vlan-membership static 20

 

switch-B:

switch> enable

switch# conf t

switch(config)# hostname switch-B

switch-B(config)# enable password level 15 cisco

switch-B(config)# ip address 192.168.1.12 255.255.255.0

switch-B(config)# vlan 10 name Group-A

switch-B(config)# vlan 20 name Group-B

switch-B(config)# int fa0/26

switch-B(config-if)# trunk on

switch-B(config-if)# exit

switch-B(config)# int fa0/27

switch-B(config-if)# trunk on

switch-B(config-if)# exit

switch-B(config)# int e0/1

switch-B(config-if)# vlan-membership static 10

switch-B(config-if)# exit

switch-B(config)# int e0/2

switch-B(config-if)# vlan-membership static 20

 

Router:

router> enable

router# conf t

router(config)# hostname Router

Router(config)# enable secret cisco

Router(config)# line vty 0 4

Router(config-line)# password cisco

Router(config-line)# login

Router(config-line)# exit

Router(config)# int fa0/0

Router(config-if)# no shut

Router(config-if)# int fa0/0.1

Router(config-subif)# encapsulation isl 1

Router(config-subif)# ip address 192.168.1.13 255.255.255.0

Router(config-subif)# description Gateway-VLAN1

Router(config-subif)# exit

Router(config-if)# int fa0/0.10

Router(config-subif)# encapsulation isl 10

Router(config-subif)# ip address 10.1.1.101 255.255.255.0

Router(config-subif)# description Gateway-VLAN10

Router(config-subif)# exit

Router(config-if)# int fa0/0.20

Router(config-subif)# encapsulation isl 20

Router(config-subif)# ip address 172.17.1.101 255.255.255.0

Router(config-subif)# description Gateway-VLAN2

 

Continuing previous post with title VLAN-Switch, now I will talk about VLAN-Switches.

This topology of VLAN is needed a Trunk. What is a Trunk ?

Trunk is a physical connection between switch to switch or switch to router or between switch to pc with a special NIC supported Trunk.

The figure below is talking about Trunk between two switch. In this topology, Trunk is  functioning as a bridge for each VLANs. So VLAN 10 in switch-A can communicate to VLAN 10 in switch-B with a logical connection inside the Trunk. Similar explanation for VLAN 20. But remember, different VLAN still can not connected to each other.

Click VLAN-Switches.jpg to see image

Two switches, switch-A and switch-B. Each has two VLANs, VLAN 10 and VLAN 20.

In switch-A VLAN 10 registered on ethernet-port 0/1, while ethernet-port 0/2 has VLAN 20. And switch-B has VLAN 10 registered on ethernet-port 0/1, and ethernet-port 0/2 has VLAN 20. 

As usual we will setup the default configuration on the switch, like hostname, password, IP Address, and the VLAN itself. 

 

console:

switch-A: 

switch> enable

switch# conf t

switch(config)# hostname switch-A

switch-A(config)# enable password level 15 cisco

switch-A(config)# ip address 192.168.1.11 255.255.255.0

switch-A(config)# vlan 10 name Group-A

switch-A(config)# vlan 20 name Group-B

switch-A(config)# int fa0/26

switch-A(config-if)# trunk on

switch-A(config-if)# exit

switch-A(config)# int e0/1

switch-A(config-if)# vlan-membership static 10

switch-A(config-if)# exit

switch-A(config)# int e0/2

switch-A(config-if)# vlan-membership static 20

 

switch-B:

switch> enable

switch# conf t

switch(config)# hostname switch-B

switch(config)# enable password level 15 cisco

switch(config)# ip address 192.168.1.12 255.255.255.0

switch(config)# vlan 10 name Group-A

switch(config)# vlan 20 name Group-B

switch(config)# int fa0/26

switch(config-if)# trunk on

switch(config-if)# exit

switch(config)# int e0/1

switch(config-if)# vlan-membership static 10

switch(config-if)# exit

switch(config)# int e0/2

switch(config-if)# vlan-membership static 20

 

VLAN stands for Virtual-LAN. The main idea is how to make logical connection trough a switch by grouping a LAN.

For example, LAN at the office. Most of them, it just connect all host available to ports available in switch. It will make one big broadcast transmission, and by the time it will excessive the network.

With VLAN you can make group for each department, like VLAN-marketing, VLAN-accounting, VLAN-operation. Host in VLAN-marketing can only communicate with other host in the same VLAN. Same scenario for other VLANs. This topology will divided broadcast transmission in to three different broadcast for each VLAN. It will make network more enhance and could provide maximum troughput to each host.

In order for scalability and adaptability, subnetting should be use for each VLAN. Especially for Trunking method.

scenario:

Cisco Catalyst Switch 1900 version with four active ethernet ports connects to four PC. We will try setting 2 VLANs, which is VLAN 10 and VLAN 20.

Console commands are setting up VLAN 10 and VLAN 20. VLAN 10 has a member ethernet-port 0/1 and ethernet-port 0/3, VLAN 20 has a member ethernet-port 0/2 and ethernet-port 0/4.

Host at ethernet-port 0/1 can only communicate to host at ethernet-port 0/3 because they are on the same VLAN 10. And Host at ethernet-port 0/2 can only communicate to host at ethernet-port 0/4 because they are on the same VLAN 20

 

console:

switch> enable

switch# conf t 

switch(config)# hostname switch-A

switch-A(config)# enable password level 15 cisco 

switch-A(config)# ip address 192.168.1.11 255.255.255.0

switch-A(config)# vlan 10 name Group-A

switch-A(config)# vlan 20 name Group-B

switch-A(config)# int e0/1

switch-A(config-if)# vlan-membership static 10

switch-A(config-if)# exit

switch-A(config)# int e0/2

switch-A(config-if)# vlan-membership static 20

switch-A(config-if)# exit

switch-A(config)# int e0/3

switch-A(config-if)# vlan-membership static 10

switch-A(config-if)# exit

switch-A(config)# int e0/4

switch-A(config-if)# vlan-membership static 20