[go: up one dir, main page]
Scribd
Upload
577 views7 pages

2 Superlab#2

This document outlines the configuration of a network topology with two VLANs, VLAN 10 and 20. VLAN 10 is for an IT network and VLAN 20 is for an ADMIN network. Switch ports are configured with access VLANs and trunk links are configured between switches to allow inter-VLAN routing. Routers are configured with sub-interfaces to route between the VLANs and EIGRP is configured for dynamic routing. A DHCP server is configured to assign IP addresses to hosts in each VLAN network.

Uploaded by

mulya
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
577 views7 pages

2 Superlab#2

This document outlines the configuration of a network topology with two VLANs, VLAN 10 and 20. VLAN 10 is for an IT network and VLAN 20 is for an ADMIN network. Switch ports are configured with access VLANs and trunk links are configured between switches to allow inter-VLAN routing. Routers are configured with sub-interfaces to route between the VLANs and EIGRP is configured for dynamic routing. A DHCP server is configured to assign IP addresses to hosts in each VLAN network.

Uploaded by

mulya
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

CCNA SUPERLAB NIXTRAIN #2

TOPOLOGI

TUJUAN

1. VLAN
2. TRUNK
3. PORT-SECURITY
4. INTERVLAN ROUTING
5. EIGRP
6. DHCP

- Network VLAN dapat berkomunikasi dengan Network Server-Farm


- Ping dari VLAN 10 dan 20 menuju network SERVER-FARM pastikan berhasil

KONFIGURASI

Lakukan konfigurasi access-vlan dan trunk di NXT-S1 dan NXT-S2

NXT-S1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
NXT-S1(config)#vlan 10
NXT-S1(config-vlan)#name IT
NXT-S1(config-vlan)#vlan 20
NXT-S1(config-vlan)#name ADMIN
NXT-S1(config-vlan)#
NXT-S1(config-vlan)#interface range fa0/1 - 10
NXT-S1(config-if-range)#switchport mode access
NXT-S1(config-if-range)#switchport access vlan 10
NXT-S1(config-if-range)#
NXT-S1(config-if-range)#interface range fa0/11 - 20
NXT-S1(config-if-range)#switchport mode access
NXT-S1(config-if-range)#switchport access vlan 20
NXT-S1(config-if-range)#

CCNA SUPERLAB NIXTRAIN | 7


NXT-S1(config-if-range)#interface g0/1
NXT-S1(config-if)#switchport mode trunk
NXT-S1(config-if)#switchport trunk allowed vlan all

NXT-S2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
NXT-S2(config)#vlan 10
NXT-S2(config-vlan)#name IT
NXT-S2(config-vlan)#vlan 20
NXT-S2(config-vlan)#name ADMIN
NXT-S2(config-vlan)#
NXT-S2(config-vlan)#interface range fa0/1 - 10
NXT-S2(config-if-range)#switchport mode access
NXT-S2(config-if-range)#switchport access vlan 10
NXT-S2(config-if-range)#
NXT-S2(config-if-range)#interface range fa0/11 - 20
NXT-S2(config-if-range)#switchport mode access
NXT-S2(config-if-range)#switchport access vlan 20
NXT-S2(config-if-range)#
NXT-S2(config-if-range)#interface g0/1
NXT-S2(config-if)#switchport mode trunk
NXT-S2(config-if)#switchport trunk allowed vlan all

Untuk mencegah user illegal yang mencoba masuk ke port switch, aktifkan port-security di NXT-
S1 di port fa0/5 - fa0/15

NXT-S1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
NXT-S1(config)#interface range fa0/5 - 15
NXT-S1(config-if-range)#switchport port-security
NXT-S1(config-if-range)#switchport port-security mac-address sticky
NXT-S1(config-if-range)#switchport port-security maximum 1
NXT-S1(config-if-range)#switchport port-security violation shutdown

Ketika ada user illegal yang mencoba masuk ke port switch, maka port switch akan shutdown
otomatis. Port-security salah satu fitur security di Layer 2.

Konfigurasi Router-on-Stick di NXT-R1 dan NXT-R4


Masing-masing VLAN memiliki default gateway yang dibuat menggunakan sub-interface di
router NXT-R1 dan NXT-R4.

NXT-R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
NXT-R1(config)#interface g0/1.10
NXT-R1(config-subif)#encapsulation dot1q 10
NXT-R1(config-subif)#ip address 192.168.1.1 255.255.255.0
NXT-R1(config-subif)#
NXT-R1(config-subif)#interface g0/1.20
NXT-R1(config-subif)#encapsulation dot1q 20
NXT-R1(config-subif)#ip address 192.168.2.1 255.255.255.0

CCNA SUPERLAB NIXTRAIN | 8


NXT-R1(config-subif)#
NXT-R1(config-subif)#interface g0/1
NXT-R1(config-if)#no shutdown

NXT-R4#conf t
NXT-R4(config)#interface g0/1.10
NXT-R4(config-subif)#encapsulation dot1q 10
NXT-R4(config-subif)#ip address 172.16.1.1 255.255.255.0
NXT-R4(config-subif)#
NXT-R4(config-subif)#interface g0/1.20
NXT-R4(config-subif)#encapsulation dot1q 20
NXT-R4(config-subif)#ip address 172.16.2.1 255.255.255.0
NXT-R4(config-subif)#
NXT-R4(config-subif)#interface g0/1
NXT-R4(config-if)#no shutdown

Konfigurasi EIGRP di NXT-R1 s.d NXT-R4

NXT-R1#conf t
NXT-R1(config)#router eigrp 100
NXT-R1(config-router)#no auto-summary
NXT-R1(config-router)#network 12.0.0.0
NXT-R1(config-router)#network 13.0.0.0
NXT-R1(config-router)#network 192.168.1.0
NXT-R1(config-router)#network 192.168.2.0

NXT-R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
NXT-R2(config)#router eigrp 100
NXT-R2(config-router)#no auto-summary
NXT-R2(config-router)#network 12.0.0.0
NXT-R2(config-router)#
%DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 12.12.12.1 (Serial0/0/0) is
up: new adjacency
NXT-R2(config-router)# network 24.24.24.0

NXT-R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
NXT-R3(config)#router eigrp 100
NXT-R3(config-router)#no auto-summary
NXT-R3(config-router)#network 13.0.0.0
NXT-R3(config-router)#
%DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 13.13.13.1 (Serial0/0/0) is
up: new adjacency
NXT-R3(config-router)#network 34.0.0.0

CCNA SUPERLAB NIXTRAIN | 9


NXT-R4#conf t
Enter configuration commands, one per line. End with CNTL/Z.
NXT-R4(config)#router eigrp 100
NXT-R4(config-router)#no auto-summary
NXT-R4(config-router)#network 24.0.0.0
NXT-R4(config-router)#
%DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 24.24.24.2 (Serial0/0/0) is
up: new adjacency
network 34.0.0.0
NXT-R4(config-router)#
%DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 34.34.34.3 (Serial0/0/1) is
up: new adjacency
NXT-R4(config-router)#network 172.16.0.0

Verifikasi neighborship EIGRP di NXT-R1 dan NXT-R4

NXT-R1#show ip eigrp neighbor


IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 12.12.12.2 Se0/0/0 14 00:07:10 40 1000 0 17
1 13.13.13.3 Se0/0/1 11 00:02:46 40 1000 0 17

NXT-R4#show ip eigrp neighbor


IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 24.24.24.2 Se0/0/0 11 00:02:29 40 1000 0 18
1 34.34.34.3 Se0/0/1 13 00:02:25 40 1000 0 18

Semua router telah berhasil membentuk adjacency sehingga informasi update routing EIGRP
bisa saling terkirim antar router.

Verifikasi routing table EIGRP di semua router

NXT-R1#show ip route eigrp


24.0.0.0/24 is subnetted, 1 subnets
D 24.24.24.0 [90/2681856] via 12.12.12.2, 00:09:37, Serial0/0/0
34.0.0.0/24 is subnetted, 1 subnets
D 34.34.34.0 [90/2681856] via 13.13.13.3, 00:05:10, Serial0/0/1
172.16.0.0/24 is subnetted, 2 subnets
D 172.16.1.0 [90/2684416] via 12.12.12.2, 00:04:00, Serial0/0/0
[90/2684416] via 13.13.13.3, 00:04:00, Serial0/0/1
D 172.16.2.0 [90/2684416] via 12.12.12.2, 00:04:00, Serial0/0/0
[90/2684416] via 13.13.13.3, 00:04:00, Serial0/0/1

NXT-R2#show ip route eigrp


13.0.0.0/24 is subnetted, 1 subnets
D 13.13.13.0 [90/2681856] via 12.12.12.1, 00:10:20, Serial0/0/0

CCNA SUPERLAB NIXTRAIN | 10


34.0.0.0/24 is subnetted, 1 subnets
D 34.34.34.0 [90/2681856] via 24.24.24.4, 00:04:47, Serial0/0/1
172.16.0.0/24 is subnetted, 2 subnets
D 172.16.1.0 [90/2172416] via 24.24.24.4, 00:04:38, Serial0/0/1
D 172.16.2.0 [90/2172416] via 24.24.24.4, 00:04:38, Serial0/0/1
D 192.168.1.0/24 [90/2172416] via 12.12.12.1, 00:10:20, Serial0/0/0
D 192.168.2.0/24 [90/2172416] via 12.12.12.1, 00:10:20, Serial0/0/0

NXT-R3#show ip route eigrp


12.0.0.0/24 is subnetted, 1 subnets
D 12.12.12.0 [90/2681856] via 13.13.13.1, 00:12:45, Serial0/0/0
24.0.0.0/24 is subnetted, 1 subnets
D 24.24.24.0 [90/2681856] via 34.34.34.4, 00:11:36, Serial0/0/1
172.16.0.0/24 is subnetted, 2 subnets
D 172.16.1.0 [90/2172416] via 34.34.34.4, 00:11:27, Serial0/0/1
D 172.16.2.0 [90/2172416] via 34.34.34.4, 00:11:27, Serial0/0/1
D 192.168.1.0/24 [90/2172416] via 13.13.13.1, 00:12:45, Serial0/0/0
D 192.168.2.0/24 [90/2172416] via 13.13.13.1, 00:12:45, Serial0/0/0

NXT-R4#show ip route eigrp


12.0.0.0/24 is subnetted, 1 subnets
D 12.12.12.0 [90/2681856] via 24.24.24.2, 00:12:23, Serial0/0/0
13.0.0.0/24 is subnetted, 1 subnets
D 13.13.13.0 [90/2681856] via 34.34.34.3, 00:12:19, Serial0/0/1
172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
D 192.168.1.0/24 [90/2684416] via 24.24.24.2, 00:12:23, Serial0/0/0
[90/2684416] via 34.34.34.3, 00:12:19, Serial0/0/1
D 192.168.2.0/24 [90/2684416] via 24.24.24.2, 00:12:23, Serial0/0/0
[90/2684416] via 34.34.34.3, 00:12:19, Serial0/0/1

Konfigurasi DHCP Server untuk Network VLAN di NXT-R1

NXT-R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
NXT-R1(config)#ip dhcp pool VLAN10
NXT-R1(dhcp-config)#network 192.168.1.0 255.255.255.0
NXT-R1(dhcp-config)#default-router 192.168.1.1
NXT-R1(dhcp-config)#dns-server 8.8.8.8
NXT-R1(dhcp-config)#
NXT-R1(dhcp-config)#ip dhcp pool VLAN20
NXT-R1(dhcp-config)#network 192.168.2.0 255.255.255.0
NXT-R1(dhcp-config)#default-router 192.168.2.1
NXT-R1(dhcp-config)#dns-server 8.8.8.8
NXT-R1(dhcp-config)#
NXT-R1(dhcp-config)#exit
NXT-R1(config)#
NXT-R1(config)#ip dhcp excluded-address 192.168.1.1 192.168.1.10
NXT-R1(config)#ip dhcp excluded-address 192.168.2.1 192.168.2.10

10 IP Address pertama di reserved untuk server, sehingga ditambahkan command excluded-


address agar IP tersebut tidak diberikan kepada klien DHCP Server.

CCNA SUPERLAB NIXTRAIN | 11


Setting IP Address DHCP klien untuk Network VLAN
Pastikan semua host mendapatkan IP Address sesuai VLAN masing-masing

Verifikasi ping dari Network VLAN menuju Network Server-Farm

Contoh output ping dari Laptop-1

C:\>ping 172.16.1.9

Pinging 172.16.1.9 with 32 bytes of data:

Reply from 172.16.1.9: bytes=32 time=11ms TTL=125


Reply from 172.16.1.9: bytes=32 time=2ms TTL=125
Reply from 172.16.1.9: bytes=32 time=3ms TTL=125
Reply from 172.16.1.9: bytes=32 time=2ms TTL=125

Ping statistics for 172.16.1.9:


Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 11ms, Average = 4ms

C:\>ping 172.16.2.9

CCNA SUPERLAB NIXTRAIN | 12


Pinging 172.16.2.9 with 32 bytes of data:

Reply from 172.16.2.9: bytes=32 time=6ms TTL=125


Reply from 172.16.2.9: bytes=32 time=3ms TTL=125
Reply from 172.16.2.9: bytes=32 time=2ms TTL=125
Reply from 172.16.2.9: bytes=32 time=2ms TTL=125

Ping statistics for 172.16.2.9:


Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 6ms, Average = 3ms

Buka web browser di Laptop-1 dan akses web menuju Web Server 172.16.1.9

CCNA SUPERLAB NIXTRAIN | 13

You might also like