CCNP Switch Lab 4-2 Inter-VLAN Routing with an Internal Route Processor and Monitoring CEF Functions

CCNP Switch Lab 4-2 Inter-VLAN Routing with an Internal Route Processor and Monitoring CEF Functions

Topology

Objective

  • Route between VLANs using a 3560 switch with an internal route processor using Cisco Express Forwarding (CEF).

Background
The current network equipment includes a 3560 distribution layer switch and two 2960 access layer switches. The network is segmented into three functional subnets using VLANs for better network management. The VLANs include Finance, Engineering, and a subnet for equipment management, which is the default management VLAN, VLAN 1. After VTP and trunking have been configured for the switches, switched virtual interfaces (SVI) are configured on the distribution layer switch to route between these VLANs, providing full connectivity to the internal network.

Note: This lab uses Cisco WS-C2960-24TT-L switches with the Cisco IOS image c2960-lanbasek9-mz.122- 46.SE.bin and Catalyst 3560-24PS with the Cisco IOS image c3560-advipservicesk9-mz.122-46.SE.bin. You can use other switches (such as 2950 or 3550) and Cisco IOS Software versions if they have comparable capabilities and features. Depending on the switch model and Cisco IOS Software version, the commands available and output produced might vary from what is shown in this lab.

Required Resources

  • 2 switches (Cisco 2960 with the Cisco IOS Release 12.2(46)SE C2960-LANBASEK9-M image or comparable)
  • 1 switch (Cisco 3560 with the Cisco IOS Release 12.2(46)SE C3560-ADVIPSERVICESK9-mz image or comparable)
  • Ethernet and console cables

Step 1: Prepare the switches for the lab.
Erase the startup configuration, delete the vlan.dat file, and reload the switches. Refer to Lab 1 -1, “Clearing a Switch” and Lab 1 -2, “Clearing a Switch Connected to a Larger Network” to prepare the switches for this lab. Cable the equipment as shown.

Step 2: Configure basic switch parameters.
a. Configure the hostname, password, and optionally, Telnet access on each switch.

b. Configure management IP addresses on VLAN 1 for all three switches according to the diagram.

c. Configure default gateways on the access layer switches. The distribution layer switch will not use a default gateway, because it acts as a Layer 3 device. The access layer switches act as Layer 2 devices and need a default gateway to send management VLAN traffic off of the local subnet.

Step 3: Configure trunks and EtherChannels between switches.

To distribute VLAN and VTP information between the switches, trunks are needed between the three switches. Configure these trunks according to the diagram. EtherChannel is used for these trunks.

EtherChannel allows you to utilize both Fast Ethernet interfaces that are available between each device,
thereby doubling the bandwidth.

a. Configure the trunks and EtherChannel from DLS1 to ALS1. The switchport trunk encapsulation [isl dot1q] command is used because this switch also supports ISL encapsulation.

Creating a port-channel interface Port-channel 1

b. Configure the trunks and EtherChannel from DLS1 to ALS2.

Creating a port-channel interface Port-channel 2

c. Configure the trunks and EtherChannel between ALS1 and DLS1, and for the trunks and EtherChannel between ALS1 and ALS2.

Creating a port-channel interface Port-channel 1

Creating a port-channel interface Port-channel 2

d. Configure the trunks and EtherChannel between ALS2 and DLS1, and for the trunks and EtherChannel between ALS2 and ALS1.

Creating a port-channel interface Port-channel 1

e. Verify trunking between DLS1, ALS1, and ALS2 using the show interface trunk command on all switches.
ccnp-switch-lab-inter-vlan-routing-internal-route-processor-monitoring-cef-functions
ccnp-switch-lab-inter-vlan-routing-internal-route-processor-monitoring-cef-functions-3e
ccnp-switch-lab-inter-vlan-routing-internal-route-processor-monitoring-cef-functions-3e-1

f. Use the show etherchannel summary command on each switch to verify the EtherChannels.
The following is sample output from ALS1. Notice the two EtherChannels on the access layer switches.
ccnp-switch-lab-inter-vlan-routing-internal-route-processor-monitoring-cef-functions-3f

On ALS1, which ports are used for channel group 2?
_______________________________________________________________________________
The ports used for channel group 2 are Fa0/7 and Fa0/8.

Step 4: Configure VTP on ALS1 and ALS2.

a. Change the VTP mode of ALS1 and ALS2 to client.

b. Verify the VTP changes with the show vtp status command.
The output on ALS2 is similar to that of ALS1.
ccnp-switch-lab-inter-vlan-routing-internal-route-processor-monitoring-cef-functions-4b
ccnp-switch-lab-inter-vlan-routing-internal-route-processor-monitoring-cef-functions-4b-1

How many VLANs can be supported locally on the 2960 switch?
_______________________________________________________________________________
In the show vtp status command output, it says 255 VLANs can be supported locally.

Step 5: Configure VTP on DLS1.

a. Create the VTP domain on DLS1 and create VLANs 100 and 200 for the domain.

b. Verify VTP information throughout the domain using the show vlan and show vtp status commands. How many existing VLANs are in the VTP domain?
_______________________________________________________________________________
There are seven existing VLANs in the VTP domain: five built-in VLANs and the two VLANs that were added.

Step 6: Configure ports.
Configure the host ports for the appropriate VLANs according to the diagram.

Ping from the host on VLAN 100 to the host on VLAN 200. Was the ping successful? Why do you think this is the case?
_______________________________________________________________________________
_______________________________________________________________________________
_______________________________________________________________________________
No, the ping was not successful because the hosts are in separate VLANs. Routing needs to take place between the VLANs for this ping to be successful.

Ping from a host to the VLAN 1 management IP address of DLS1. Was the ping successful? Why do you think this is the case?
_______________________________________________________________________________
_______________________________________________________________________________
_______________________________________________________________________________
No, the ping was not successful because the hosts are in separate VLANs. Routing needs to take place
between the VLANs for this ping to be successful.

Step 7: Configure VLAN interfaces and enable routing.

a. On DLS1, create the Layer 3 VLAN interfaces to route between VLANs using the interface vlan vlan-id command. These are known as SVIs. You do not need to set up VLAN 1, because this was done in Step
2.

b. The ip routing command is also needed to allow the switch to act as a Layer 3 device to route between these VLANs. Because the VLANs are all considered directly connected, a routing protocol is not needed at this time. DLS1(config)# ip routing

c. Verify the configuration using the show ip route command on DLS1.
ccnp-switch-lab-inter-vlan-routing-internal-route-processor-monitoring-cef-functions-7c

Step 8: Verify inter-VLAN routing by the internal route processor.

a. Ping from the Engineering host to the Finance host. Was the ping successful this time?
__________________________________________________________________________________
If the IP addressing and default gateways are set up correctly on the hosts, the ping will be successful.
b. Telnet from one of the hosts to the VLAN 1 IP address of DLS1. Can this switch be remotely accessed
from this host?

__________________________________________________________________________________
If the IP addressing and default gateways are set up correctly on the hosts, you will be able to use Telnet from
a host into a switch on VLAN 1.
Example from the Engineering host:
C:>telnet 172.16.1.1
User Access Verification
Password: <vty-password>
DLS1>

Step 9: Examine the CEF configuration.

CEF implements an advanced IP lookup and forwarding algorithm to deliver maximum Layer 3 switching performance. CEF is less CPU-intensive than route caching. In dynamic networks, fast-switching cache entries are frequently invalidated because of routing changes. This can cause traffic to be process-switched using the routing table, instead of fast-switched using the route cache. CEF uses the Forwarding Information Base (FIB) lookup table to perform destination-based switching of IP packets.
CEF is enabled by default on the 3560 switch.

a. Use the show ip cef command to display the CEF FIB.

b. Use the show ip interface command to verify that CEF is enabled on an interface. The following output
shows that CEF is enabled on VLAN 100.

c. Use the show ip cef summary command to display the CEF table summary.

d. The show ip cef detail command shows CEF operation in detail for the switch.

Device Configurations (Instructor version)

Switch DLS1

Switch ALS1

Switch ALS2

More Resources

About the author

Prasanna

Leave a Comment