V70
Pre-configuration: 1. LOOPBACK Setting:
All 10 devices have Loopback 0 address is the following format: YY.YY.X.X/24 where YY=Rack Number and X=Device Number 2. VLAN-Setting: vlan 11 - VLAN_BB1 vlan 12 - VLAN_BB2 vlan 13 - VLAN_BB3 vlan 21 - VLAN_A vlan 22 - VLAN_B vlan 23 - VLAN_C
vlan 50 - CUSTOMER_1
vlan 100 - VLAN_SWITCHES
Note: The basic VLAN for your topology are preconfigured
Part 1 Bridging and Switching
1.1 Frame Relay
Configure the Frame Relay connection between R1 and R3 Configure the Frame Relay connection between R2 and R6 Configure the Frame Relay connection between R2, R4 and R5 帧中继需要ping通本端(ipv6不需要map self) 不允许全零映射和动态映射存在
1.2 VTP Configuration
VTP information is partially configured from SW1 though SW4 Complete the configuration with the following requirements: ? VTP domain name is \RackYY\
? SW1 will propagate VLAN information to your stack of switches and make
changes to SW2, SW3 and SW4
? Ensure to secure the VTP information exchange with authentication and use
\cisco\
? In the future, these four switches will be configured into transparent switches.
They should NOT inspect the VTP domain name and version, and they should support unrecognized Type-Length-Value (TLV)(version 2) vtp domain RackYY
SW1:vtp mode server SW2/SW3/SW4:vtp mode client vtp password cisco vtp version 2
1.3 Trunk: (Score: 2 Points)
Create Trunking among the four switches to meeting the following requirements: ? Trunk should be formed unconditionally and use ISL as your encapsulation
method
? Choose the encapsulation method on your own and create a trunk between R6 and
Sw2, make sure only VLAN_BB3 and VLAN_B will be allowed in this trunk
1.4 Switching Management Configuration (Score: 2 Points) Configure a VLAN subnet YY.YY.90.0/24 from SW1 to SW4 Their VLAN number is 100, Name is \The ip addresses for VLAN_100 as followings: Sw1 ip address YY.YY.90.1/24 Sw2 ip address YY.YY.90.2/24 Sw3 ip address YY.YY.90.3/24 Sw4 ip address YY.YY.90.4/24
1.5 Guest-VLAN
The customer created a guest VLAN on SW3 (F0/11-18) use a radius server at 150.100.1.254/24(Rip路由中包含150.100.1.0/24网段)进行802.1x认证,key cisco, (sure the switch can ping this address)
初始配置:SW3 f0/11-f0/18,switch access vlan 999 (vlan name没有给定) aaa new-model
aaa authentication login CON none aaa authentication login VTY line line con 0
login authentication CON line vty 0 x
login authentication VTY
aaa authentication dot1x default group radius dot1x system-auth-control
radius-server host 150.100.1.254 key cisco
interface range FastEthernet0/11 -18 switchport mode access
switchport access vlan 999 //--------预配 dot1x port-control auto dot1x guest-vlan 999
1.6 Ether-Channel Configuration
Create Ether-Channels among SW1, SW2, SW3 and SW4 so that all Ether-Channels between them will be formed unconditionally without using any protocol negotiation. mode on
1.7 Ether-Channel Load-balancing
Traffic analysis shows that R4 is sending packets to many hosts on VLAN_BB2,Your configuration on SW1 and SW2 should make the traffic efficiently distributed across the physical links SW1:
port-channel loadbalance dst-mac SW2:
port-channel loadbalance src-mac
show etherchannel load-balance
1.8 Shared Spanning-Tree Configuration (Score: 2 Points)
To reduce CPU utilization on you switches, consolidate the spanning trees of the VLANs 11, 21 and 100 using the following criteria:
? VLAN 11 and 21 share one common spanning tree, and Sw1 is the root bridge. ? VLAN 100 is on another spanning tree, and Sw4 is the root bridge ? All other VLANs share the default instance SW1 – SW4:
spanning-tree mode mst
spanning-tree mst configuration name CISCO revision 10
instance 1 vlan 11,21 instance 2 vlan 100 SW1:
spanning-tree mst 1 root primary SW4:
spanning-tree mst 2 root primary
1.9 Unidirectional link Detection and Control
To avoid spanning-tree loops that are caused by a bad cable between Sw3 and SW4, configure your switch or switches so that the affected ports are disabled if a unidirectional link is detected. SW3/SW4:
interface range f0/23 -24 udld port aggressive
show udld f0/23
1.10 Switch Flow Control
Sometime hosts on VLAN_C are sending heavy traffic to R2 so that made R2 is dropping packets. Configure Sw2 so that it can receive instruction from R2 to temporary stop sending packet when the problem occurs.
Version 70修改版
