CCNA RSE 6.3.3.7 Lab – Configuring 802.1Q Trunk-Based Inter-Vlan Routing Answers
Topology
Addressing Table
Switch Port Assignment Specifications
Ports | Assignment | Networ |
S1 | F0/1 802.1 Q Trunk | N/A |
S2 | F0/1 802.1Q Trunk | N/A |
S1 | F0/5 802.1 Q Trunk | N/A |
S1 | F0/6 VLAN 10 – Students | 192.168.10.0/24 |
S2 | F0/18 VLAN 20 – Faculty | 192.168.20.0/24 |
Objectives
Part 1: Build the Network and Configure Basic Device Settings
Part 2: Configure Switches with VLANs and Trunking
Part 3: Configure Trunk-Based Inter-VLAN Routing
Background / Scenario
A second method of providing routing and connectivity for multiple VLANs is through the use of an 802.1Q trunk between one or more switches and a single router interface. This method is also known as router-on-astick inter-VLAN routing. In this method, the physical router interface is divided into multiple subinterfaces that provide logical pathways to all VLANs connected.
In this lab, you will configure trunk-based inter-VLAN routing and verify connectivity to hosts on different VLANs as well as with a loopback on the router.
Note: This lab provides minimal assistance with the actual commands necessary to configure trunk-based inter-VLAN routing. However, the required configuration commands are provided in Appendix A of this lab. Test your knowledge by trying to configure the devices without referring to the appendix.
Note: The routers used with CCNA hands-on labs are Cisco 1 941 Integrated Services Routers (ISRs) with Cisco IOS, Release 1 5.2(4)M3 (universalk9 image). The switches used are Cisco Catalyst 2960s with Cisco IOS, Release 1 5.0(2) (lanbasek9 image). Other routers, switches and Cisco IOS versions can be used. Depending on the model and Cisco IOS version, the commands available and output produced might vary from what is shown in the labs. Refer to the Router Interface Summary Table at the end of the lab for the correct interface identifiers.
Note: Make sure that the routers and switches have been erased and have no startup configurations. If you are unsure, contact your instructor.
Instructor Note: Refer to the Instructor Lab Manual for the procedures to initialize and reload devices.
Required Resources
- 1 Router (Cisco 1941 with Cisco IOS, release 15.2(4)M3 universal image or comparable)
- 2 Switches (Cisco 2960 with Cisco IOS, release 15.0(2) lanbasek9 image or comparable)
- 2 PCs (Windows 7, Vista, or XP with terminal emulation program, such as Tera Term)
- Console cables to configure the Cisco IOS devices via the console ports
- Ethernet cables as shown in the topology
Part 1: Build the Network and Configure Basic Device Settings
In Part 1, you will set up the network topology and configure basic settings on the PC hosts, switches, and router.
Step 1: Cable the network as shown in the topology.
Step 2: Configure PC hosts.
Step 3: Initialize and reload the router and switches as necessary.
Step 4: Configure basic settings for each switch.
a. Console into the switch and enter global configuration mode.
b. Copy the following basic configuration and paste it to the running-configuration on the switch.
no ip domain-lookup service password-encryption enable secret class banner motd # Unauthorized access is strictly prohibited. # line con 0 password cisco login logging synchronous line vty 0 15 password cisco login exit
c. Configure the device name as shown in the topology.
d. Configure the IP address listed in the Addressing Table for VLAN 1 on the switch.
e. Configure the default gateway on the switch.
f. Administratively deactivate all unused ports on the switch.
g. Copy the running configuration to the startup configuration.
Step 5: Configure basic settings for the router.
a. Console into the router and enter global configuration mode.
b. Copy the following basic configuration and paste it to the running-configuration on the router.
no ip domain-lookup hostname R1 service password-encryption enable secret class banner motd # Unauthorized access is strictly prohibited. # Line con 0 password cisco login logging synchronous line vty 0 4 password cisco login
c. Configure the Lo0 IP address as shown in the Address Table. Do not configure sub-interfaces at this time. They will be configured in Part 3.
d. Copy the running configuration to the startup configuration.
Part 2: Configure Switches with VLANs and Trunking
In Part 2, you will configure the switches with VLANs and trunking.
Note: The required commands for Part 2 are provided in Appendix A. Test your knowledge by trying to configure S1 and S2 without referring to the appendix.
Step 1: Configure VLANs on S1 .
a. On S1, configure the VLANs and names listed in the Switch Port Assignment Specifications table. Write the commands you used in the space provided.
S1(config)# vlan 10 S1(config-vlan)# name Students S1(config-vlan)# vlan 20 S1(config-vlan)# name Faculty S1(config-vlan)# exit
b. On S1, configure the interface connected to R1 as a trunk. Also configure the interface connected to S2 as a trunk. Write the commands you used in the space provided.
S1(config)# interface f0/5 S1(config-if)# switchport mode trunk S1(config-if)# interface f0/1 S1(config-if)# switchport mode trunk
c. On S1, assign the access port for PC-A to VLAN 10. Write the commands you used in the space provided.
S1(config)# interface f0/6 S1(config-if)# switchport mode access S1(config-if)# switchport access vlan 10
Step 2: Configure VLANs on Switch 2.
a. On S2, configure the VLANs and names listed in the Switch Port Assignment Specifications table.
b. On S2, verify that the VLAN names and numbers match those on S1 . Write the command you used in the space provided.
S2# show vlan brief S2# show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4, Fa0/5 Fa0/6, Fa0/7, Fa0/8, Fa0/9 Fa0/10, Fa0/11, Fa0/12, Fa0/13 Fa0/14, Fa0/15, Fa0/16, Fa0/17 Fa0/18, Fa0/19, Fa0/20, Fa0/21 Fa0/22, Fa0/23, Fa0/24, Gi0/1 Gi0/2 10 Students active 20 Faculty active 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active
c. On S2, assign the access port for PC-B to VLAN 20.
d. On S2, configure the interface connected to S1 as a trunk.
Part 3: Configure Trunk-Based Inter-VLAN Routing
In Part 3, you will configure R1 to route to multiple VLANs by creating subinterfaces for each VLAN. This method of inter-VLAN routing is called router-on-a-stick.
Note: The required commands for Part 3 are provided in Appendix A. Test your knowledge by trying to configure trunk-based or router-on-a-stick inter-VLAN routing without referring to the appendix.
Step 1: Configure a subinterface for VLAN 1 .
a. Create a subinterface on R1 G0/1 for VLAN 1 using 1 as the subinterface ID. Write the command you used in the space provided.
R1(config)# interface g0/1.1
b. Configure the subinterface to operate on VLAN 1 . Write the command you used in the space provided.
R1(config-subif)# encapsulation dot1Q 1
c. Configure the subinterface with the IP address from the Address Table. Write the command you used in the space provided.
R1(config-subif)# ip address 192.168.1.1 255.255.255.0
Step 2: Configure a subinterface for VLAN 1 0.
a. Create a subinterface on R1 G0/1 for VLAN 10 using 1 0 as the subinterface ID.
b. Configure the subinterface to operate on VLAN 1 0.
c. Configure the subinterface with the address from the Address Table.
Step 3: Configure a subinterface for VLAN 20.
a. Create a subinterface on R1 G0/1 for VLAN 20 using 20 as the subinterface ID.
b. Configure the subinterface to operate on VLAN 20.
c. Configure the subinterface with the address from the Address Table.
Step 4: Enable the G0/1 interface.
Enable the G0/1 interface. Write the commands you used in the space provided.
R1(config)# interface g0/1 R1(config-if)# no shutdown
Step 5: Verify connectivity.
Enter the command to view the routing table on R1 . What networks are listed?
192.168.1.0, 192.168.10.0, 192.168.20.0, and 209.165.200.224
R1# show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168. 1.0/24 is directly connected, GigabitEthernet0/1.1 L 192.168.1.1/32 is directly connected, GigabitEthernet0/1.1 192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.10.0/24 is directly connected, GigabitEthernet0/1.10 L 192.168.10.1/32 is directly connected, GigabitEthernet0/1.10 192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks C 192.168.20.0/24 is directly connected, GigabitEthernet0/1.20 L 192.168.20.1/32 is directly connected, GigabitEthernet0/1.20 209.165.200.0/24 is variably subnetted, 2 subnets, 2 masks C 209.165.200.224/27 is directly connected, Loopback0 L 209.165.200.225/32 is directly connected, Loopback0 From PC-A, is it possible to ping the default gateway for VLAN 1 0? _____ Yes From PC-A, is it possible to ping PC-B? _____ Yes From PC-A, is it possible to ping Lo0? _____ Yes From PC-A, is it possible to ping S2? _____ Yes
If the answer is no to any of these questions, troubleshoot the configurations and correct any errors.
Reflection
What are the advantages of trunk-based or router-on-a-stick inter-VLAN routing?
Router-on-a-stick inter-VLAN routing allows for one interface to route to multiple VLANs unlike the legacy inter-VLAN method which requires one port per VLAN
Router Interface Summary Table
Router Interface Summary |
||||
Router Model | Ethernet Interface #1 | Ethernet Interface #2 | Serial Interface #1 | Serial Interface #2 |
1800 | Fast Ethernet 0/0 (F0/0) |
Fast Ethernet 0/1 (F0/1) |
Serial 0/0/0 (S0/0/0) | Serial 0/0/1 (S0/0/1) |
1900 | Gigabit Ethernet 0/0 (G0/0) |
Gigabit Ethernet 0/1 (G0/1) |
Serial 0/0/0 (S0/0/0) | Serial 0/0/1 (S0/0/1) |
2801 | Fast Ethernet 0/0 (F0/0) |
Fast Ethernet 0/1 (F0/1) |
Serial 0/1 /0 (S0/1 /0) | Serial 0/1 /1 (S0/1 /1) |
2811 | Fast Ethernet 0/0 (F0/0) |
Fast Ethernet 0/1 (F0/1) |
Serial 0/0/0 (S0/0/0) | Serial 0/0/1 (S0/0/1) |
2900 | Gigabit Ethernet 0/0 (G0/0) | Gigabit Ethernet 0/1 (G0/1) | Serial 0/0/0(S0/0/0) | Serial 0/0/1 (S0/0/1) |
Note: To find out how the router is configured, look at the interfaces to identify the type of router and how many interfaces the router has. There is no way to effectively list all the combinations of configurations for each router class. This table includes identifiers for the possible combinations of Ethernet and Serial interfaces in the device. The table does not include any other type of interface, even though a specific router may contain one. An example of this might be an ISDN BRI interface. The string in parenthesis is the legal abbreviation that can be used in Cisco IOS commands to represent the interface. |
Appendix A – Configuration Commands
Switch S1
S1(config)# vlan 10 S1(config-vlan)# name Students S1(config-vlan)# vlan 20 S1(config-vlan)# name Faculty S1(config-vlan)# exit S1(config)# interface f0/1 S1(config-if)# switchport mode trunk S1(config-if)# interface f0/5 S1(config-if)# switchport mode trunk S1(config-if)# interface f0/6 S1(config-if)# switchport mode access S1(config-if)# switchport access vlan 10
Switch S2
S2(config)# vlan 10 S2(config-vlan)# name Students S2(config-vlan)# vlan 20 S2(config-vlan)# name Faculty S2(config)# interface f0/1 S2(config-if)# switchport mode trunk S2(config-if)# interface f0/18 S2(config-if)# switchport mode access S2(config-if)# switchport access vlan 20
Router R1
R1(config)# interface g0/1.1 R1(config-subif)# encapsulation dot1Q 1 R1(config-subif)# ip address 192.168.1.1 255.255.255.0 R1(config-subif)# interface g0/1.10 R1(config-subif)# encapsulation dot1Q 10 R1(config-subif)# ip address 192.168.10.1 255.255.255.0 R1(config-subif)# interface g0/1.20 R1(config-subif)# encapsulation dot1Q 20 R1(config-subif)# ip address 192.168.20.1 255.255.255.0 R1(config-subif)# exit R1(config)# interface g0/1 R1(config-if)# no shutdown
Device Configs
Instructor Note: The VLANs configured do not display in the switch running configuration but are stored in the vlan.dat file. The output from the show vlan brief command is provided.
Router R1
R1# show run Building configuration... Current configuration : 1731 bytes ! version 15.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname R1 ! boot-start-marker boot-end-marker ! enable secret 4 06YFDUHH61wAE/kLkDq9BGho1QM5EnRtoyr8cHAUg.2 ! no aaa new-model ! ! no ip domain lookup ip cef no ipv6 cef ! multilink bundle-name authenticated ! redundancy ! interface Loopback0 ip address 209.165.200.225 255.255.255.224 ! interface Embedded-Service-Engine0/0 no ip address shutdown ! interface GigabitEthernet0/0 no ip address shutdown duplex auto speed auto ! interface GigabitEthernet0/1 no ip address duplex auto speed auto ! interface GigabitEthernet0/1.1 encapsulation dot1Q 1 ip address 192.168.1.1 255.255.255.0 ! interface GigabitEthernet0/1.10 encapsulation dot1Q 10 ip address 192.168.10.1 255.255.255.0 ! interface GigabitEthernet0/1.20 encapsulation dot1Q 20 ip address 192.168.20.1 255.255.255.0 ! interface Serial0/0/0 no ip address shutdown clock rate 2000000 ! interface Serial0/0/1 no ip address shutdown ! ip forward-protocol nd ! no ip http server no ip http secure-server ! control-plane ! line con 0 password cisco logging synchronous login line aux 0 line 2 no activation-character no exec transport preferred none transport input all transport output pad telnet rlogin lapb-ta mop udptn v120 ssh stopbits 1 line vty 0 4 password cisco login transport input all ! scheduler allocate 20000 1000 ! end
Switch S1
S1# show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/5 Fa0/7, Fa0/8, Fa0/9, Fa0/10 Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/20, Fa0/21, Fa0/22 Fa0/23, Fa0/24, Gi0/1, Gi0/2 10 Students active Fa0/6 20 Faculty active 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup S1# show run Building configuration... Current configuration : 1627 bytes ! version 15.0 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname S1 ! boot-start-marker boot-end-marker ! enable secret 4 06YFDUHH61wAE/kLkDq9BGho1QM5EnRtoyr8cHAUg.2 ! no aaa new-model system mtu routing 1500 ! no ip domain-lookup ! spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! interface FastEthernet0/1 switchport mode trunk ! interface FastEthernet0/2 shutdown ! interface FastEthernet0/3 shutdown ! interface FastEthernet0/4 shutdown ! interface FastEthernet0/5 switchport mode trunk ! interface FastEthernet0/6 switchport access vlan 10 switchport mode access ! interface FastEthernet0/7 shutdown ! interface FastEthernet0/8 shutdown ! interface FastEthernet0/9 shutdown ! interface FastEthernet0/10 shutdown ! interface FastEthernet0/11 shutdown ! interface FastEthernet0/12 shutdown ! interface FastEthernet0/13 shutdown ! interface FastEthernet0/14 shutdown ! interface FastEthernet0/15 shutdown ! interface FastEthernet0/16 shutdown ! interface FastEthernet0/17 shutdown ! interface FastEthernet0/18 shutdown ! interface FastEthernet0/19 shutdown ! interface FastEthernet0/20 shutdown ! interface FastEthernet0/21 shutdown ! interface FastEthernet0/22 shutdown ! interface FastEthernet0/23 shutdown ! interface FastEthernet0/24 shutdown ! interface GigabitEthernet0/1 shutdown ! interface GigabitEthernet0/2 shutdown ! interface Vlan1 ip address 192.168.1.11 255.255.255.0 ! ip default-gateway 192.168.1.1 ip http server ip http secure-server ! line con 0 password cisco logging synchronous login line vty 0 4 password cisco login line vty 5 15 password cisco login ! end
Switch S2
S2# show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/5 Fa0/6, Fa0/7, Fa0/8, Fa0/9 Fa0/10, Fa0/11, Fa0/12, Fa0/13 Fa0/14, Fa0/15, Fa0/16, Fa0/17 Fa0/19, Fa0/20, Fa0/21, Fa0/22 Fa0/23, Fa0/24, Gi0/1, Gi0/2 10 Students active 20 Faculty active Fa0/18 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup S2# show run Building configuration... Current configuration : 1633 bytes ! version 15.0 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname S2 ! boot-start-marker boot-end-marker ! enable secret 4 06YFDUHH61wAE/kLkDq9BGho1QM5EnRtoyr8cHAUg.2 ! no aaa new-model system mtu routing 1500 ! no ip domain-lookup ! spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! interface FastEthernet0/1 switchport mode trunk ! interface FastEthernet0/2 shutdown ! interface FastEthernet0/3 shutdown ! interface FastEthernet0/4 shutdown ! interface FastEthernet0/5 shutdown ! interface FastEthernet0/6 shutdown ! interface FastEthernet0/7 shutdown ! interface FastEthernet0/8 shutdown ! interface FastEthernet0/9 shutdown ! interface FastEthernet0/10 shutdown ! interface FastEthernet0/11 shutdown ! interface FastEthernet0/12 shutdown ! interface FastEthernet0/13 shutdown ! interface FastEthernet0/14 shutdown ! interface FastEthernet0/15 shutdown ! interface FastEthernet0/16 shutdown ! interface FastEthernet0/17 shutdown ! interface FastEthernet0/18 switchport access vlan 20 switchport mode access ! interface FastEthernet0/19 shutdown ! interface FastEthernet0/20 shutdown ! interface FastEthernet0/21 shutdown ! interface FastEthernet0/22 shutdown ! interface FastEthernet0/23 shutdown ! interface FastEthernet0/24 shutdown ! interface GigabitEthernet0/1 shutdown ! interface GigabitEthernet0/2 shutdown ! interface Vlan1 ip address 192.168.1.12 255.255.255.0 ! ip default-gateway 192.168.1.1 ip http server ip http secure-server ! line con 0 password cisco logging synchronous login line vty 0 4 password cisco login line vty 5 15 password cisco login !e nd
More Resources