Config Register is 0x4a6f6469

May 11, 2009

Lab - 110520091027

Filed under: Root, Network Engineer, Cisco, CCNP, BSCI, ISCW, Routing, Switching

Hola Networkers. Gimana bro, sehat semua. Gimana di data center masih dinginkah, hehehe :) . Semoga semuanya berjalan dengan baik dan sesuai dengan tujuan.

Lab kali ini, kita akan mengkonfigurasi MPLS VPN di Cisco router. Seperti biasa, di bawah ini adalah gambar topologinya.

MPLS VPN Topology

Spesifikasi lab:

 

  • Konfigur ripv2 untuk igp di core mpls
  • Konfigur mpls
  • Konfigur bgp
  • Konfigur mp-bgp
  • Konfigur vrf vpn_A dan vrf vpn_B
  • Konfigur dan administrasi Route Distinguisher
  • Konfigur dan administrasi Route Target Export/Import
  • Konfigur ripv2 untuk routing antara Service Provider dan Customer (CEA1, CEA2, CEB1)
  • CEA2 boleh berkomunikasi dengan CEA1
  • CEB1 boleh berkomunikasi dengan CEA1
  • CEA2 tidak boleh berkomunikasi dengan CEB1
  • Verifikasi !

 

 

OK guys, ini konfigurasi lengkapnya. Berturut-turut dari kiri ke kanan sesuai gambar topologi :)

 

CEA2#sh run

Building configuration…

Current configuration : 621 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CEA2
!
boot-start-marker
boot-end-marker
!
!
memory-size iomem 5
no aaa new-model
ip subnet-zero
!
!
ip cef
!
!
no ftp-server write-enable
!
!
!
!
interface FastEthernet0/0
 ip address 195.1.1.1 255.255.255.0
 duplex auto
 speed auto
!
router rip
 version 2
 network 195.1.1.0
 no auto-summary
!
ip http server
ip classless
!
!
!
!
!
control-plane
!
!
line con 0
 transport preferred all
 transport output all
line aux 0
 transport preferred all
 transport output all
line vty 0 4
!
end

 

PE2#sh run

Building configuration…

Current configuration : 1506 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PE2
!
boot-start-marker
boot-end-marker
!
!
memory-size iomem 5
no aaa new-model
ip subnet-zero
!
!
ip cef
!
!
ip vrf vpn_A
 rd 100:2
 route-target export 100:2
 route-target import 100:1
!
no tag-switching ip propagate-ttl
no ftp-server write-enable
!
!
!
!
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.1.1.1 255.255.255.252
 duplex auto
 speed auto
 tag-switching ip
!
interface FastEthernet1/0
 ip vrf forwarding vpn_A
 ip address 195.1.1.2 255.255.255.0
 duplex auto
 speed auto
!
router rip
 version 2
 network 2.0.0.0
 network 192.1.1.0
 no auto-summary
 !
 address-family ipv4 vrf vpn_A
 redistribute bgp 100 metric transparent
 network 195.1.1.0
 no auto-summary
 exit-address-family
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 1.1.1.1 remote-as 100
 neighbor 1.1.1.1 update-source Loopback0
 neighbor 1.1.1.1 next-hop-self
 no auto-summary
 !
 address-family vpnv4
 neighbor 1.1.1.1 activate
 neighbor 1.1.1.1 send-community both
 exit-address-family
 !
 address-family ipv4 vrf vpn_A
 redistribute connected
 redistribute rip
 no auto-summary
 no synchronization
 exit-address-family
!
ip http server
ip classless
!
!
!
!
!
control-plane
!
!
line con 0
 transport preferred all
 transport output all
line aux 0
 transport preferred all
 transport output all
line vty 0 4
!
end

 

P#sh run

Building configuration…

Current configuration : 801 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname P
!
boot-start-marker
boot-end-marker
!
!
memory-size iomem 5
no aaa new-model
ip subnet-zero
!
!
ip cef
!
!
no tag-switching ip propagate-ttl
no ftp-server write-enable
!
!
!
!
interface FastEthernet0/0
 ip address 192.1.1.2 255.255.255.252
 duplex auto
 speed auto
 tag-switching ip
!
interface FastEthernet1/0
 ip address 200.1.1.1 255.255.255.252
 duplex auto
 speed auto
 tag-switching ip
!
router rip
 version 2
 network 192.1.1.0
 network 200.1.1.0
 no auto-summary
!
ip http server
ip classless
!
!
!
!
!
control-plane
!
!
line con 0
 transport preferred all
 transport output all
line aux 0
 transport preferred all
 transport output all
line vty 0 4
!
end

 

 

 

PE1#sh run

Building configuration…

Current configuration : 1944 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PE1
!
boot-start-marker
boot-end-marker
!
!
memory-size iomem 5
no aaa new-model
ip subnet-zero
!
!
ip cef
!
!
ip vrf vpn_A
 rd 100:1
 route-target export 100:1
 route-target import 100:2
 route-target import 100:3
!
ip vrf vpn_B
 rd 100:3
 route-target export 100:3
 route-target import 100:1
!
no tag-switching ip propagate-ttl
no ftp-server write-enable
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
 ip address 200.1.1.2 255.255.255.252
 duplex auto
 speed auto
 tag-switching ip
!
interface FastEthernet1/0
 ip vrf forwarding vpn_A
 ip address 196.1.1.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet2/0
 ip vrf forwarding vpn_B
 ip address 197.1.1.1 255.255.255.0
 duplex auto
 speed auto
!
router rip
 version 2
 network 1.0.0.0
 network 200.1.1.0
 no auto-summary
 !
 address-family ipv4 vrf vpn_B
 redistribute bgp 100 metric transparent
 network 197.1.1.0
 no auto-summary
 exit-address-family
 !
 address-family ipv4 vrf vpn_A
 redistribute bgp 100 metric transparent
 network 196.1.1.0
 no auto-summary
 exit-address-family
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 2.2.2.2 remote-as 100
 neighbor 2.2.2.2 update-source Loopback0
 neighbor 2.2.2.2 next-hop-self
 no auto-summary
 !
 address-family vpnv4
 neighbor 2.2.2.2 activate
 neighbor 2.2.2.2 send-community both
 exit-address-family
 !
 address-family ipv4 vrf vpn_B
 redistribute rip
 no auto-summary
 no synchronization
 exit-address-family
 !
 address-family ipv4 vrf vpn_A
 redistribute rip
 no auto-summary
 no synchronization
 exit-address-family
!
ip http server
ip classless
!
!
!
!
!
control-plane
!
!
line con 0
 transport preferred all
 transport output all
line aux 0
 transport preferred all
 transport output all
line vty 0 4
!
end

 

CEA1#sh run

Building configuration…

Current configuration : 621 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CEA1
!
boot-start-marker
boot-end-marker
!
!
memory-size iomem 5
no aaa new-model
ip subnet-zero
!
!
ip cef
!
!
no ftp-server write-enable
!
!
!
!
interface FastEthernet0/0
 ip address 196.1.1.2 255.255.255.0
 duplex auto
 speed auto
!
router rip
 version 2
 network 196.1.1.0
 no auto-summary
!
ip http server
ip classless
!
!
!
!
!
control-plane
!
!
line con 0
 transport preferred all
 transport output all
line aux 0
 transport preferred all
 transport output all
line vty 0 4
!
end

 

CEB1#sh run

Building configuration…

Current configuration : 621 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CEB1
!
boot-start-marker
boot-end-marker
!
!
memory-size iomem 5
no aaa new-model
ip subnet-zero
!
!
ip cef
!
!
no ftp-server write-enable
!
!
!
!
interface FastEthernet0/0
 ip address 197.1.1.2 255.255.255.0
 duplex auto
 speed auto
!
router rip
 version 2
 network 197.1.1.0
 no auto-summary
!
ip http server
ip classless
!
!
!
!
!
control-plane
!
!
line con 0
 transport preferred all
 transport output all
line aux 0
 transport preferred all
 transport output all
line vty 0 4
!

end 

 

Verifikasi konfigurasi dengan cara:

 

  • ’sh ip route’ pada masing-masing CE apakah prefix-prefix yang diinginkan sudah terdapat di routing table
  • ‘ping’ dari masing-masing CE ke prefix-prefix tersebut
  • Pastikan prefix-prefix dari Service Provider (P) tidak teradvertise ke routing table CE
  • Traceroute dari CE ke CE, jika sudah benar maka prefix Service Provider (P) tidak akan muncul di hop.
  • Verifikasi di core MPLS dengan,
  • ’sh mpls forwarding-table’
  • ’sh mpls ldp bindings’
  • ’sh mpls ldp discovery’
  • ’sh mpls ldp neighbor’
  • ’sh ip route’
  • ’sh ip bgp sum’
  • ’sh ip cef’

 

 

Berikut capture hasil verifikasi.

CEA2: no service provider prefixes 

CEA1: no service provider prefixes

CEB1: no service provider prefixes

PE2 Verification

PE2: sh ip cef

P Verification

P: sh ip cef

PE1 Verification

PE1: sh ip cef 

 

 

December 26, 2008

Lab - 221220081024

Filed under: Root, Network Engineer, Cisco, CCNA, CCNP, BSCI, BCMSN, Routing, Switching

Ada konfigurasi lab yang gue coba selesaikan. Udah hampir 1 pekan gue berkutat untuk menyelesaikan topologi ini. Dengan Lenovo Y400 gue plus 2,5GB RAM ternyata masih gak kuat buat jalanin topologi ini :( . Alhamdulillah hari ini almamater Cisco Academy gue yaitu Brainmatics.com mengizinkan gue untuk menggunakan lab-nya. Thanks mas romi, achun, dan Brainmatics Crew. I really appreciate that ! Happy karaoke-an ya hehehehehe :)

OK, balik lagi ke topologi, ini topologi fisik dan logikalnya:

Physical Topology 

Logical Topology 

Hasil akhir yang harus dicapai adalah ping dari lo0 di R5 ke lo0 di R3 sukses !

Untuk mencapai hal itu poin-poin yang di’tuning’ pada router dan switch diantaranya:

  • Vlan
  • Trunk
  • Etherchannel
  • OSPF
  • OSPF over NBMA
  • Virtual Link ! :)
  • EIGRP
  • Route Redistribution
  • Router on a Stick
  • Frame Relay
  • Frame Relay Switching

Router dan Switch yang digunakan di Lab:

  • Cisco Router 2500 Series (Frame Relay Switching)
  • Cisco Router 2600 Series (R5 & R3)
  • Cisco Router 3600 Series (R1)
  • Cisco Router 1600 (R4)
  • Cisco Catalyst 3560 (Cat1)
  • Cisco Catalyst 2950 (Cat2)

 

Konfigurasi Cat1:

cat1-3560#sh run
Building configuration…

Current configuration : 2455 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname cat1-3560
!
enable secret 5 $1$TIde$ASzbNhbW1Q1z0YrHExUGh0
!
no aaa new-model
vtp domain gtntedp
vtp mode transparent
ip subnet-zero
ip routing
!
!
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 10
 name vlan10
!
vlan 20
 name vlan20
!
vlan 200
 name mgs-lan
!
!
interface Port-channel1
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1,10
 switchport mode trunk
!
interface GigabitEthernet0/1
 switchport access vlan 200
 switchport mode access
!
interface GigabitEthernet0/2
 switchport access vlan 200
 switchport mode access
!
interface GigabitEthernet0/3
 switchport access vlan 200
 switchport mode access
!
interface GigabitEthernet0/4
 switchport access vlan 200
 switchport mode access
!
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1,10
 switchport mode trunk
 channel-group 1 mode on
!
interface GigabitEthernet0/14
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1,10
 switchport mode trunk
 channel-group 1 mode on
!
interface GigabitEthernet0/15
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1,20
 switchport mode trunk
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
 switchport access vlan 10
 switchport mode access
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
 switchport access vlan 20
 switchport mode access
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
!
interface GigabitEthernet0/24
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
!
interface GigabitEthernet0/28
!
interface Vlan1
 ip address 100.1.1.1 255.255.255.0
!
interface Vlan20
 ip address 10.2.20.20 255.255.255.0
!
interface Vlan200
 ip address 192.168.88.160 255.255.255.0
!
ip classless
ip http server
ip http secure-server
!
!
!
control-plane
!
!
line con 0
line vty 0 4
 no login
line vty 5 15
 no login
!
end

 

Konfigurasi Cat2:

cat2-2950#sh run
Building configuration…

Current configuration : 1378 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname cat2-2950
!
enable secret 5 $1$oJyg$iLr4Ky..QP0pApVSsNJmi0
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
interface Port-channel1
 switchport mode trunk
 flowcontrol send off
!
interface FastEthernet0/1
 switchport mode trunk
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
 switchport mode trunk
 channel-group 1 mode on
!
interface FastEthernet0/5
 switchport mode trunk
 channel-group 1 mode on
!
interface FastEthernet0/6
 switchport mode trunk
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface Vlan1
 ip address 100.1.1.2 255.255.255.0
 no ip route-cache
!
ip http server
!
line con 0
line vty 0 4
 no login
line vty 5 15
 no login
!
!
end

 

Koonfigurasi R5:

r5-2600#sh run
Building configuration…

Current configuration : 1221 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r5-2600
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$JR4e$x9erhfWuINfiHO.QfEwFC/
!
memory-size iomem 15
no aaa new-model
ip subnet-zero
!
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.1.1.5 255.255.255.255
!
interface FastEthernet0/0
 no ip address
 duplex auto
 speed auto
!
interface FastEthernet0/0.1
 encapsulation dot1Q 1 native
 ip address 100.1.1.11 255.255.255.0
 no snmp trap link-status
!
interface FastEthernet0/0.10
 encapsulation dot1Q 10
 ip address 10.2.2.5 255.255.255.0
 no snmp trap link-status
!
interface FastEthernet0/0.20
 encapsulation dot1Q 20
 ip address 10.2.20.5 255.255.255.0
 no snmp trap link-status
!
interface Serial0/0
 no ip address
 shutdown
!
interface Serial0/1
 no ip address
 shutdown
!
interface Serial0/2
 no ip address
 shutdown
!
router eigrp 100
 network 10.0.0.0
 no auto-summary
!
router ospf 1
 router-id 5.5.5.5
 log-adjacency-changes
 redistribute eigrp 100
 network 10.0.0.0 0.255.255.255 area 0
!
ip http server
ip classless
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 no login
!
!
end

 

Konfigurasi R4:

r4-1600#sh run
Building configuration…

Current configuration : 602 bytes
!
version 12.1
no service single-slot-reload-enable
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname r4-1600
!
enable secret 5 $1$meG/$seccxiNgLFyqkTaDpF2T91
!
!
!
!
!
ip subnet-zero
!
!
!
!
interface Ethernet0
 ip address 10.2.2.4 255.255.255.0
!
interface Serial0
 ip address 10.3.3.4 255.255.255.0
 no fair-queue
!
router ospf 1
 router-id 4.4.4.4
 log-adjacency-changes
 area 1 virtual-link 10.4.4.1
 network 10.2.2.0 0.0.0.255 area 0
 network 10.3.3.0 0.0.0.255 area 1
!
ip classless
no ip http server
!
!
line con 0
line vty 0 4
 no login
!
end

 

Konfigurasi R1:

r1-3600#sh run
Building configuration…

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname r1-3600
!
enable secret 5 $1$g0TT$2tbluwWtPkwRWaELU1kis1
!
ip subnet-zero
!
!
!
!
!
interface Ethernet0/0
 ip address 10.2.20.1 255.255.255.0
 no ip directed-broadcast
!
interface Serial0/0
 ip address 10.4.4.1 255.255.255.0
 no ip directed-broadcast
 encapsulation frame-relay
 ip ospf network broadcast
 no ip mroute-cache
 no arp frame-relay
 no fair-queue
 frame-relay map ip 10.4.4.3 103 broadcast
 no frame-relay inverse-arp
!
interface Serial0/1
 ip address 10.3.3.1 255.255.255.0
 no ip directed-broadcast
 clockrate 64000
!
router eigrp 100
 network 10.0.0.0
 no auto-summary
!
router ospf 1
 redistribute eigrp 100 subnets
 network 10.3.3.0 0.0.0.255 area 1
 network 10.4.4.0 0.0.0.255 area 0
 area 1 virtual-link 4.4.4.4
!
ip classless
no ip http server
!
!
!
line con 0
 transport input none
line aux 0
line vty 0 4
 no login
!
end

 

Konfigurasi Frame Relay Switching:

frsw-2500#sh run
Building configuration…

Current configuration:
!
version 11.2
no service password-encryption
no service udp-small-servers
no service tcp-small-servers
!
hostname frsw-2500
!
!
frame-relay switching
!
interface Ethernet0
 no ip address
 shutdown
!
interface Serial0
 no ip address
 encapsulation frame-relay
 no arp frame-relay
 no fair-queue
 clockrate 64000
 no frame-relay inverse-arp
 frame-relay lmi-type cisco
 frame-relay intf-type dce
 frame-relay route 103 interface Serial1 301
!
interface Serial1
 no ip address
 encapsulation frame-relay
 no arp frame-relay
 clockrate 64000
 no frame-relay inverse-arp
 frame-relay lmi-type cisco
 frame-relay intf-type dce
 frame-relay route 301 interface Serial0 103
!
no ip classless
!
!
line con 0
line aux 0
line vty 0 4
 login
!
end

 

Konfigurasi R3:

r3-2600#sh run
Building configuration…

Current configuration : 906 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname r3-2600
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$pwCi$0JcdhrHw8vfd394yaEtLH/
!
no aaa new-model
ip subnet-zero
!
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.1.1.3 255.255.255.255
!
interface Ethernet0/0
 no ip address
 shutdown
 half-duplex
!
interface Serial0/0
 ip address 10.4.4.3 255.255.255.0
 encapsulation frame-relay
 ip ospf network broadcast
 no fair-queue
 no arp frame-relay
 frame-relay map ip 10.4.4.1 301 broadcast
 no frame-relay inverse-arp
 frame-relay lmi-type cisco
!
interface Serial0/1
 no ip address
 shutdown
!
router ospf 1
 router-id 3.3.3.3
 log-adjacency-changes
 network 10.0.0.0 0.255.255.255 area 0
!
ip http server
ip classless
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 no login
!
!
end 

 

Hasil tes ping dari lo0 di R5 ke lo0 di R3:

Succesful Ping ! 

 

 

February 12, 2008

Frame Relay - 02

Filed under: Network Engineer, Cisco, CCNA, CCIE, Routing, Switching

Menyambung materi Frame Relay – 01. Kali ini implementasi Frame Relay menggunakan topologi yang lebih kompleks. Seperti pada gambar topologi fisik di bawah. R2 tetap menjadi frame relay switching atau sisi provider (penyedia layanan frame relay), untuk client site ada R1 [headquarter office] dan tiga branch office yaitu, R3, R4, dan R5.

Topologi Fisik Frame Relay - 02 

Topologi logikal bisa dilihat pada gambar dibawah.

Topologi Logikal Frame Relay - 02 

R1 menggunakan sub-interface s1/0.1 yang terkoneksi point-to-point ke R3. Dan sub-interface s1/0.2 yang terkoneksi multipoint ke R4 dan R5. EIGRP digunakan sebagai routing protocol.

Yang perlu dicermati adalah penggunaan multipoint interface/sub-interface. Dengan multipoint maka sub-interface s1/0.2 hanya melihat koneksi ke R4 dan R5 sebagai satu koneksi saja bukan dua. Hal ini menyebabkan informasi routing table dari R4 tidak dapat diterima oleh R5. Karena adanya metode split horizon yang mencegah informasi routing table kembali kepada interface yang sama dari arah dating informasi routing table. Untuk menghindari hal ini, maka command ‘no ip split-horizon eigrp [as number]’ digunakan pada router yang menjadi multipoint interface/sub-interface.

R1:
conf t
int s1/0
encapsulation frame-relay
no frame-relay inverse-arp
no arp frame-relay
frame-relay lmi-type cisco
no shut
int s1/0.1 point-to-point
ip address 10.1.1.1 255.255.255.0
frame-relay interface-dlci 102

R3:
conf t
int s1/1
encapsulation frame-relay
no frame-relay inverse-arp
no arp frame-relay
frame-relay lmi-type ansi
ip address 10.1.1.3 255.255.255.0
frame-relay map ip 10.1.1.1 201 broadcast
no shut

R2 [Frame Relay Switching]:
conf t
frame-relay switching
int s1/0
encapsulation frame-relay
frame-relay intf-type dce
frame-relay lmi-type cisco
frame-relay route 102 int s1/1 201
no shut
int s1/1
encapsulation frame-relay
frame-relay intf-type dce
frame-relay lmi-type ansi
frame-relay route 201 int s1/0 102
no shut

Tes ping dari R1 ke R3 sukses ! Koneksi sudah terbentuk

ping R1 ke R3 

 

Konfigurasi untuk R1, R4, dan R5 dengan multipoint.

R1:
conf t
int s1/0.2 multipoint
ip address 172.16.1.1 255.255.255.0
frame-relay map ip 172.16.1.4 103 broadcast
frame-relay map ip 172.16.1.5 104 broadcast

R4:
conf t
int s1/2
encapsulation frame-relay
no frame-relay inverse arp
no arp frame-relay
frame-relay lmi-type q933a
ip address 172.16.1.4 255.255.255.0
frame-relay map ip 172.16.1.1 301 broadcast
frame-relay map ip 172.16.1.5 301 broadcast
no shut

R5:
conf t
int s1/3
encapsulation frame-relay
no frame-relay inverse arp
no arp frame-relay
frame-relay lmi-type q933a
ip address 172.16.1.5 255.255.255.0
frame-relay map ip 172.16.1.1 401 broadcast\
frame-relay map ip 172.16.1.4 401 broadcast
no shut

R2 [Frame Relay Switching]:
conf t
int s1/0
frame-relay route 103 int s1/2 301
frame-relay route 104 int s1/3 401
no shut
int s1/2
encapsulation frame-relay
no frame-relay inverse arp
no arp frame-relay
frame-relay intf-type dce
frame-relay lmi-type q933a
frame-relay route 301 int s1/0 103
no shut
int s1/3
encapsulation frame-relay
no frame-relay inverse arp
no arp frame-relay
frame-relay intf-type dce
frame-relay lmi-type q933a
frame-relay route 401 int s1/0 104
no shut

Tes ping dari R4 ke R5 sukses !

ping R4 ke R5 

 
Berikutnya implementasi EIGRP pada jaringan frame relay.

R1:
conf t
router eigrp 1
no auto-summary
network 10.1.1.0 0.0.0.255
network 172.16.1.0 0.0.0.255
exit
int s1/0.2
no ip split-horizon eigrp 1

R3:
conf t
router eigrp 1
no auto-summary
network 10.1.1.0 0.0.0.255

R4:
conf t
router eigrp 1
no auto-summary
network 172.16.1.0 0.0.0.255

R5:
conf t
router eigrp 1
no auto-summary
network 172.16.1.0 0.0.0.255

Tes ping dari R3 ke R4 sukses !

ping R3 ke R4 - Routing EIGRP sudah berjalan 

 

Tes ping dari R4 ke R3 sukses !

ping R4 ke R3 - Routing EIGRP sudah berjalan
 

Tes ping dari R5 ke R3 sukses !

ping R5 ke R3 - Routing EIGRP sudah berjalan 

 

February 11, 2008

Frame Relay - 01

Filed under: Network Engineer, Cisco, CCNA, CCIE, Switching

Frame Relay merupakan salah satu teknologi WAN yang masih banyak digunakan. Kita akan mengkonfigurasi topologi Frame Relay baik dari sisi client yang diwakili R1 [Headquarter Office] dan R3 [Branch Office], maupun dari sisi Frame Relay Switching yang diwakili R2 [ISP - Internet Service Provider] sebagai penyedia layanan tersebut.

Frame Relay - 01 Topology 

 

R1:
conf t
int s1/0
encapsulation frame-relay
no frame-relay inverse-arp
no arp frame-relay
frame-relay lmi-type cisco
ip address 10.1.1.1 255.255.255.0
frame-relay map ip 10.1.1.2 102 broadcast
no shut

R3:
conf t
int s1/1
encapsulation frame-relay
no frame-relay inverse-arp
no arp frame-relay
frame-relay lmi-type q933a
ip address 10.1.1.2 255.255.255.0
frame-relay map ip 10.1.1.1 201 broadcast
no shut

R2 [Frame Relay Switching]:
conf t
frame-relay switching
int s1/0
encapsulation frame-relay
frame-relay intf-type dce
frame-relay lmi-type cisco
frame-relay route 102 int s1/1 201
no shut
int s1/1
encapsulation frame-relay
frame-relay intf-type dce
frame-relay lmi-type q933a
frame-relay route 201 int s1/0 102
no shut

Melakukan ping dari R1 ke R3, dan aktifkan debug frame-relay packet pada R3 untuk melihat packet icmp yang dilewatkan melalui topologi Frame Relay.

frame.relay.01_pic01 

frame.relay.01_pic02 

 

January 9, 2007

Basic Switch Configuration

Filed under: Network Engineer, Cisco, CCNA, Switching

For a while, I can only used Cisco Catalyst Switch 1900 version.

Because that’s the only available switch in my labs. And I’ve been reading on CNAP documents, most of example are made with 2900 version. So I’m still curious to try that version. And the command line interface for 2900 version is more complex too.

But, meanwhile I just maximize all that I’ve got.
And here it is, the simply and short Basic Switch Configuration (BSC) for ‘must-do’ when working with switch.

 
console:

switch> enable

switch# conf t

switch(config)# hostname switch-A

switch-A(config)# enable password level 15 cisco

switch-A(config)# ip address 192.168.1.11 255.255.255.0

 

January 4, 2007

VLAN-Trunking

Filed under: Network Engineer, Cisco, CCNA, Switching

As mention before, Trunk is a physical connection containing logical connection to connected VLANs. How many logical connection can be made inside the Trunk is depend on how many VLAN used.

In this topic, I will talk about how to setup VLAN-Trunking. This topology made possible for different VLANs connected each other. Router is needed, because communication between VLANs are based on network layer using IP address. We can say that router act as a gateway for each VLANs.

That is the main different with previous topology, VLAN-Switch and VLAN-Switches, those are based on data link layer using MAC Address

Click VLAN-Trunking.jpg to see image

scenario:

Switch-A has VLAN 10 on port e0/1, and VLAN 20 on port e0/2. Fa0/27 (fast ethernet port) is connected to access point. Fa0/26 made a trunk connection to Fa0/26 switch-B.

Switch-B has VLAN 10 on port e0/1, and VLAN 20 on port e0/2. Fa0/27 made a trunk connection to Fa0/0 on router.

 

console:

switch-A:

switch> enable

switch# conf t

switch(config)# hostname switch-A

switch-A(config)# enable password level 15 cisco

switch-A(config)# ip address 192.168.1.11 255.255.255.0

switch-A(config)# vlan 10 name Group-A

switch-A(config)# vlan 20 name Group-B

switch-A(config)# int fa0/26

switch-A(config-if)# trunk on

switch-A(config-if)# exit

switch-A(config)# int e0/1

switch-A(config-if)# vlan-membership static 10

switch-A(config-if)# exit

switch-A(config)# int e0/2

switch-A(config-if)# vlan-membership static 20

 

switch-B:

switch> enable

switch# conf t

switch(config)# hostname switch-B

switch-B(config)# enable password level 15 cisco

switch-B(config)# ip address 192.168.1.12 255.255.255.0

switch-B(config)# vlan 10 name Group-A

switch-B(config)# vlan 20 name Group-B

switch-B(config)# int fa0/26

switch-B(config-if)# trunk on

switch-B(config-if)# exit

switch-B(config)# int fa0/27

switch-B(config-if)# trunk on

switch-B(config-if)# exit

switch-B(config)# int e0/1

switch-B(config-if)# vlan-membership static 10

switch-B(config-if)# exit

switch-B(config)# int e0/2

switch-B(config-if)# vlan-membership static 20

 

Router:

router> enable

router# conf t

router(config)# hostname Router

Router(config)# enable secret cisco

Router(config)# line vty 0 4

Router(config-line)# password cisco

Router(config-line)# login

Router(config-line)# exit

Router(config)# int fa0/0

Router(config-if)# no shut

Router(config-if)# int fa0/0.1

Router(config-subif)# encapsulation isl 1

Router(config-subif)# ip address 192.168.1.13 255.255.255.0

Router(config-subif)# description Gateway-VLAN1

Router(config-subif)# exit

Router(config-if)# int fa0/0.10

Router(config-subif)# encapsulation isl 10

Router(config-subif)# ip address 10.1.1.101 255.255.255.0

Router(config-subif)# description Gateway-VLAN10

Router(config-subif)# exit

Router(config-if)# int fa0/0.20

Router(config-subif)# encapsulation isl 20

Router(config-subif)# ip address 172.17.1.101 255.255.255.0

Router(config-subif)# description Gateway-VLAN2

 

January 3, 2007

VLAN-Switches

Filed under: Network Engineer, Cisco, CCNA, Switching

Continuing previous post with title VLAN-Switch, now I will talk about VLAN-Switches.

This topology of VLAN is needed a Trunk. What is a Trunk ?

Trunk is a physical connection between switch to switch or switch to router or between switch to pc with a special NIC supported Trunk.

The figure below is talking about Trunk between two switch. In this topology, Trunk is  functioning as a bridge for each VLANs. So VLAN 10 in switch-A can communicate to VLAN 10 in switch-B with a logical connection inside the Trunk. Similar explanation for VLAN 20. But remember, different VLAN still can not connected to each other.

Click VLAN-Switches.jpg to see image

scenario:

Two switches, switch-A and switch-B. Each has two VLANs, VLAN 10 and VLAN 20.

In switch-A VLAN 10 registered on ethernet-port 0/1, while ethernet-port 0/2 has VLAN 20. And switch-B has VLAN 10 registered on ethernet-port 0/1, and ethernet-port 0/2 has VLAN 20. 

As usual we will setup the default configuration on the switch, like hostname, password, IP Address, and the VLAN itself. 

 

console:

switch-A: 

switch> enable

switch# conf t

switch(config)# hostname switch-A

switch-A(config)# enable password level 15 cisco

switch-A(config)# ip address 192.168.1.11 255.255.255.0

switch-A(config)# vlan 10 name Group-A

switch-A(config)# vlan 20 name Group-B

switch-A(config)# int fa0/26

switch-A(config-if)# trunk on

switch-A(config-if)# exit

switch-A(config)# int e0/1

switch-A(config-if)# vlan-membership static 10

switch-A(config-if)# exit

switch-A(config)# int e0/2

switch-A(config-if)# vlan-membership static 20

 

switch-B:

switch> enable

switch# conf t

switch(config)# hostname switch-B

switch(config)# enable password level 15 cisco

switch(config)# ip address 192.168.1.12 255.255.255.0

switch(config)# vlan 10 name Group-A

switch(config)# vlan 20 name Group-B

switch(config)# int fa0/26

switch(config-if)# trunk on

switch(config-if)# exit

switch(config)# int e0/1

switch(config-if)# vlan-membership static 10

switch(config-if)# exit

switch(config)# int e0/2

switch(config-if)# vlan-membership static 20

 

VLAN-Switch

Filed under: Network Engineer, Cisco, CCNA, Switching

VLAN stands for Virtual-LAN. The main idea is how to make logical connection trough a switch by grouping a LAN.

For example, LAN at the office. Most of them, it just connect all host available to ports available in switch. It will make one big broadcast transmission, and by the time it will excessive the network.

With VLAN you can make group for each department, like VLAN-marketing, VLAN-accounting, VLAN-operation. Host in VLAN-marketing can only communicate with other host in the same VLAN. Same scenario for other VLANs. This topology will divided broadcast transmission in to three different broadcast for each VLAN. It will make network more enhance and could provide maximum troughput to each host.

In order for scalability and adaptability, subnetting should be use for each VLAN. Especially for Trunking method.

Click VLAN-Switch.jpg to see image.

scenario:

Cisco Catalyst Switch 1900 version with four active ethernet ports connects to four PC. We will try setting 2 VLANs, which is VLAN 10 and VLAN 20.

Console commands are setting up VLAN 10 and VLAN 20. VLAN 10 has a member ethernet-port 0/1 and ethernet-port 0/3, VLAN 20 has a member ethernet-port 0/2 and ethernet-port 0/4.

Host at ethernet-port 0/1 can only communicate to host at ethernet-port 0/3 because they are on the same VLAN 10. And Host at ethernet-port 0/2 can only communicate to host at ethernet-port 0/4 because they are on the same VLAN 20

 

console:

switch> enable

switch# conf t 

switch(config)# hostname switch-A

switch-A(config)# enable password level 15 cisco 

switch-A(config)# ip address 192.168.1.11 255.255.255.0

switch-A(config)# vlan 10 name Group-A

switch-A(config)# vlan 20 name Group-B

switch-A(config)# int e0/1

switch-A(config-if)# vlan-membership static 10

switch-A(config-if)# exit

switch-A(config)# int e0/2

switch-A(config-if)# vlan-membership static 20

switch-A(config-if)# exit

switch-A(config)# int e0/3

switch-A(config-if)# vlan-membership static 10

switch-A(config-if)# exit

switch-A(config)# int e0/4

switch-A(config-if)# vlan-membership static 20






















Get free blog up and running in minutes with Blogsome
Theme designed by Minz Meyer