Reading: Finish Me!
In this lab, you will practice the skills you've learned in this course in an extended example.
For this lab, you will be using the Experimental Network. However, in the first part of the lab, you will work with the Packet Tracer model of that network rather than the physical network. Then, later, you will work on the physical network. The point of the Packet Tracer step is to work out the specific commands needed to create the desired final configuration in an environment that is isolated, unhurried, and always accessible to you. Network simulator tools can be useful in a professional context in this way as well.
The overarching goal is to partition the ports on one of the student 3560 multi-layer switches into two VLANs: a student VLAN and a faculty VLAN. You will also create a management VLAN for accessing the SVIs on the switches remotely. Finally, you will configure the necessary routing functionality so those VLANs can be accessed appropriately from elsewhere in the network.
Start by modifying the Packet Tracer model of the XNetwork in the following ways:
When using Packet Tracker, use StudentS1 and StudentR1 for this lab. However, when using the XNetwork later, you will want to pick one of the switch/router pairs "at random" to minimize the chance of your work conflicting with someone else's work. This will require adjusting some network addresses in an appropriate way. For this lab, avoid StudentS6 and StudentR6 because StudentS6 is actually a (slightly) different model of switch (3660).
Define three VLANs on the switch: 10 (Student), 20 (Faculty), and 99 (Management). Configure switch ports 3–12 as access ports for VLAN 10, and switch ports 15–24 as access ports for VLAN 20. For security reasons, disable switch ports 2, 13, and 14. Do not disable switch port 1 as that is connected to the 2811 router.
Configure switch port 1 as a trunk that can carry traffic for all three VLANs
Each student switch is on a /15 subnetwork with 128k available addresses. You want to divide that range into three subranges for the three VLANs. Allocate only 16 addresses for each of the VLANs in the order: Management, Student, and then Faculty. In other words, the range of addresses for the Management VLAN should have the lowest addresses. The precise range will depend on which student router you are using. Note that this part is purely "on paper" there are no commands that you need to give to the devices here. This part is just designing your address allocations.
On the 2811 router, remove the existing IP address from the FastEthernet 0/0 interface (the interface facing the 3560). Configure three subinterfaces on FastEthernet 0/0 for the three VLANS using the addresses you determined in the previous step. See Lab #9 for more information.
On the 2811 router, configure OSPF routing between the VLANs (and the rest of the XNetwork). Note that we will not be using the built-in routing functionality of the 3560s.
Configure remote access on the 3560 using the first available address on the management VLAN (that doesn't conflict with the router interface). It should now be possible to ping the 3560 from alpha and beta.
Create an ACL in the 2811 router so that only beta can access the management VLAN.
When using the XNetwork, do not overwrite the startup configuration! Also reboot the devices, both the router and the switch, when you are done to ensure they are in their default configuration for the next student. This means you must complete the configuration in one sitting, so plan carefully.
See below for instructions on accessing the devices in the XNetwork using Connie, the console server. It is necessary to do this for the student switches since remote access is not configured for those devices (initially).
Repeat the steps you did with Packet Tracer except use IPv6 instead of IPv4. Here are a few notes:
You may experiment with Packet Tracer first to try out the commands you would like to use. However, first save your work from Part 1 in a separate file for submission. Also, be aware that Packet Tracer tends to not support IPv6 very well, so if you run into unsupported commands that you think should work, that might be why.
The Packet Tracer model of the XNetwork does not have any IPv6 configuration at all, other than network addresses listed for the subnetworks. Keep that in mind if you do try to use Packet Tracer to try out commands.
The documentation for the XNetwork shows each student subnetwork having IPv6 subnet IDs in the range of 1101 (for StudentS1) through 1106 (for StudentS6). You will need three subnet IDs for the VLANs. Use for StudentS1 the subnet IDs of 1101, 1201, and 1301, where the least significant digit is the switch number. So, for example, the IDs to use with StudentS2 would be 1102, 1202, and 1302, etc. Each subnet ID gives 264 addresses, which is far more than the 16 you allocated in Part 1, but that is fine. As in the previous part, associate these subnetwork IDs to the VLANs for Student, Faculty, and Management in that order.
You will need to set up OSPF v3 routing on the student router. You can refer Lab #7 or to how Shangri-La was configured in the documentation for the XNetwork for more information.
Unfortunately, the 3560 devices only allow remote access via IPv4. It is not possible to assign an IPv6 address to the Management SVI. Thus, for this part, skip the configuration of remote access to the switch and the ACL.
Remember to reboot the devices when you are done using the reload command.
The student routers and switches are connected to a console server named Connie. To access the console server, first log into alpha.cis.vermontstate.edu either directly (if you are on any VTSU campus) or via lemuria.cis.vermontstate.edu if you are off campus. Use the student account with the standard password. Then, from alpha, telnet to Connie with the command:
telnet 10.0.1.253
You can log into Connie using either the admin account or the student account with the standard passwords. You will need to use the admin account if you must clear any console lines.
Connie supports console lines to each of the StudentRx and StudentSx routers and switches. StudentR1-StudentR6 are on console lines TTY1 through TTY6. The switches StudentS1-StudentS6 are on console lines TTY9 through TTY14. The router lines are numbered in accordance to the router number, and the switch lines are found by adding eight to the router number (e.g., StudentR4's console is on line TTY4, and StudentS4's console is on line TTY12 because 4 + 8 = 12).
You can view the status of the console lines with the show line command. Here is a sample of that output:
Connie#show line Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns 0 CTY - - - - - 0 0 0/0 * 1 TTY 9600/9600 - - - - - 3 14 58048/174131 2 TTY 9600/9600 - - - - - 0 0 0/0 3 TTY 9600/9600 - - - - - 0 0 0/0 4 TTY 9600/9600 - - - - - 0 0 0/0 * 5 TTY 9600/9600 - - - - - 1 61 35951/107844 6 TTY 9600/9600 - - - - - 0 0 0/0 7 TTY 9600/9600 - - - - - 0 0 0/0 8 TTY 9600/9600 - - - - - 0 0 0/0 * 9 TTY 9600/9600 - - - - - 3 17 35928/107778 10 TTY 9600/9600 - - - - - 0 0 0/0 11 TTY 9600/9600 - - - - - 0 0 0/0 * 12 TTY 9600/9600 - - - - - 1 15 35936/107800 13 TTY 9600/9600 - - - - - 0 0 0/0 * 14 TTY 9600/9600 - - - - - 1 139 58245/174737
The lines that are actively being used are prefixed with a *. An alternative way to see the status of the lines is to use the show users command. Here is a sample of that output:
Connie#show users
    Line     User      Host(s)                  Idle Location
   1 tty 1             idle                 00:00:00
   5 tty 5             idle                 00:00:00
   9 tty 9             idle                 00:00:00
  12 tty 12            idle                 00:00:00
  14 tty 14            idle                 00:00:00
* 18 vty 0   admin     idle                 00:00:00 192.168.0.98
In this case, the * marks the "current" line. The output above was obtained while I was logged into Connie from alpha (at address 192.168.0.98) as the user admin.
Ideally, you could use this information to determine which devices are available for use and are not actively being used. Unfortunately, it appears that some of the console lines are noisy, which confuses Connie into thinking they are being used when they are not. You can clear a console line like this:
# clear line 1
The problem with this command is that it will disconnect another student who is legitimately using that line. It is best to avoid this if possible.
After you have decided which line to use, you can telnet to the console line from alpha using a port number that is 2000 plus the line number. For example, to telnet to line 4 use (on alpha) the command:
$ telnet 192.168.255.129 2004
Here the address 192.168.255.129 is the IP address of a loopback address on Connie. The port 2004 will connect you to TTY4 which is the console line for StudentR4.
To disconnect from one of the console lines, you must first escape from the telnet session to telnet's command prompt. Type Ctrl+] (that is: the control key and the close square bracket key). This should bring up the telent> prompt. From there, use the close command to end the connection.
For this lab, submit your modified XNetwork Packet Tracer model (with only the IPv4 modifications to StudentR1 and StudentS1), and documentation on the commands you used, especially for Part 2. The preferred document format is PDF, but Word, ODT, or plain text is also acceptable.
Last Revised: 2023-12-08
 © Copyright 2023 by Peter Chapin <peter.chapin@vermontstate.edu>