lab MPLS

Bi Lab ny m t cch hot ng ca c ch Multi-Protocol Lable Switching trong h thng, s

dng giao thc ldp (label discovery Protocol) h tr trong vic xy dng v phn phi thng tin
label gia cc router.

A) Cu hnh ban u:

Xy dnng h thng nh hnh v v t a ch IP ban u cho ton h thng

Saigon1#sh run
Building configuration...

Current configuration : 949 bytes

!
version 12.2
!
hostname Saigon1
!
ip subnet-zero
!
no ip domain lookup
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Ethernet0/0
ip address 10.10.10.1 255.255.255.0
half-duplex
!
interface Ethernet0/1
ip address 172.16.1.1 255.255.255.0
half-duplex
!
router eigrp 1
passive-interface Ethernet0/1
passive-interface Loopback0
network 1.0.0.0
network 10.0.0.0
network 172.16.1.0
no auto-summary
!
ip http server
ip classless
!
!
line con 0
line aux 0
line vty 0 4
!
end

Saigon2#sh run
Building configuration...

Current configuration : 910 bytes

!
version 12.2
!
hostname Saigon2
!
ip subnet-zero
!
no ip domain lookup
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface Ethernet0/0
ip address 10.10.10.2 255.255.255.0
half-duplex
!
interface Serial0/0
ip address 192.1.1.2 255.255.255.0
clockrate 64000
no fair-queue
!
router eigrp 1
passive-interface Loopback0
network 2.0.0.0
network 10.0.0.0
network 192.1.1.0
no auto-summary
!
ip http server
ip classless
!
line con 0
line aux 0
line vty 0 4
!
end

Saigon3#sh run
Building configuration...

Current configuration : 881 bytes

!
version 12.2
!
hostname Saigon3
!
ip subnet-zero
!
no ip domain lookup
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface Serial0/0
ip address 192.1.1.1 255.255.255.0
no fair-queue
!
router eigrp 1
passive-interface Loopback0
network 3.0.0.0
network 192.1.1.0
no auto-summary
!
ip http server
ip classless
!
line con 0
line aux 0
line vty 0 4
!
End

Kim tra thng tin bng routing trn tng router:

Saigon1#sh ip route

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets

C 1.1.1.1 is directly connected, Loopback0
2.0.0.0/24 is subnetted, 1 subnets
D 2.2.2.0 [90/409600] via 10.10.10.2, 00:02:06, Ethernet0/0
3.0.0.0/32 is subnetted, 1 subnets
D 3.3.3.3 [90/2323456] via 10.10.10.2, 00:01:54, Ethernet0/0
172.16.0.0/24 is subnetted, 1 subnets
C 172.16.1.0 is directly connected, Ethernet0/1
10.0.0.0/24 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, Ethernet0/0
D 192.1.1.0/24 [90/2195456] via 10.10.10.2, 00:02:08, Ethernet0/0

Saigon2#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets

D 1.1.1.1 [90/409600] via 10.10.10.1, 00:02:54, Ethernet0/0
2.0.0.0/24 is subnetted, 1 subnets
C 2.2.2.0 is directly connected, Loopback0
3.0.0.0/32 is subnetted, 1 subnets
D 3.3.3.3 [90/2297856] via 192.1.1.1, 00:02:40, Serial0/0
172.16.0.0/24 is subnetted, 1 subnets
D 172.16.1.0 [90/307200] via 10.10.10.1, 00:00:49, Ethernet0/0
10.0.0.0/24 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, Ethernet0/0
C 192.1.1.0/24 is directly connected, Serial0/0

Saigon3#sh ip route

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets

D 1.1.1.1 [90/2323456] via 192.1.1.2, 00:02:50, Serial0/0
2.0.0.0/24 is subnetted, 1 subnets
D 2.2.2.0 [90/2297856] via 192.1.1.2, 00:02:50, Serial0/0
3.0.0.0/32 is subnetted, 1 subnets
C 3.3.3.3 is directly connected, Loopback0
172.16.0.0/24 is subnetted, 1 subnets
D 172.16.1.0 [90/2221056] via 192.1.1.2, 00:00:58, Serial0/0
10.0.0.0/24 is subnetted, 1 subnets
D 10.10.10.0 [90/2195456] via 192.1.1.2, 00:02:50, Serial0/0
C 192.1.1.0/24 is directly connected, Serial0/0

B) Cu hnh MPLS

B.1 ) Bc u tin cho vic cu hnh MPLS l bt chc nng ip cef trn cc router tham gia

Saigon1(config)#ip cef

Saigon2(config)#ip cef

Saigon3(config)#ip cef

B.2 ) Chn LDP l giao thc gn v phn phi label trn ton h thng, c th dng TDP thay th
LDP.

Saigon1(config)#mpls label protocol ?

ldp Use LDP
tdp Use TDP (default)

Saigon1(config)#mpls label protocol ldp

Saigon2(config)#mpls label protocol ?

ldp Use LDP
tdp Use TDP (default)

Saigon2(config)#mpls label protocol ldp

Saigon3(config)#mpls label protocol ?

ldp Use LDP
tdp Use TDP (default)

Saigon3(config)#mpls label protocol ldp

B.3) Bt c ch MPLS trn nhng cng tng ng trn ton h thng

Saigon1(config)#int e0/0
Saigon1(config-if)#mpls ip
Saigon1(config-if)#end

Saigon2(config)#int e0/0
Saigon2(config-if)#mpls ip
Saigon2(config-if)#end

Saigon2(config)#int s0/0
Saigon2(config-if)#mpls ip
Saigon2(config-if)#end

Saigon3(config)#int s0/0
Saigon3(config-if)#mpls ip
Saigon3(config-if)#end

C) Kim tra thng tin cu hnh:

Saigon1#sh mpls interfaces

Interface IP Tunnel Operational
Ethernet0/0 Yes (ldp) No Yes

Saigon1#sh mpls ldp discovery

Local LDP Identifier:
1.1.1.1:0
Discovery Sources:
Interfaces:
Ethernet0/0 (ldp): xmit/recv
LDP Id: 2.2.2.2:0

Saigon1#sh mpls interfaces detail

Interface Ethernet0/0:
IP labeling enabled (ldp)
LSP Tunnel labeling not enabled
BGP tagging not enabled
Tagging operational
Fast Switching Vectors:
IP to MPLS Fast Switching Vector
MPLS Turbo Vector
MTU = 1500

Saigon1#sh mpls ldp neighbor

Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 1.1.1.1:0
TCP connection: 2.2.2.2.11000 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 34/33; Downstream
Up time: 00:21:44
LDP discovery sources:
Ethernet0/0, Src IP addr: 10.10.10.2
Addresses bound to peer LDP Ident:
10.10.10.2 192.1.1.2 2.2.2.2

Saigon1#sh mpls ldp neighbor detail

Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 1.1.1.1:0
TCP connection: 2.2.2.2.11000 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 34/33; Downstream; Last TIB rev sent 12
Up time: 00:21:49; UID: 1; Peer Id 0;
LDP discovery sources:
Ethernet0/0; Src IP addr: 10.10.10.2
holdtime: 15000 ms, hello interval: 5000 ms
Addresses bound to peer LDP Ident:
10.10.10.2 192.1.1.2 2.2.2.2
Peer holdtime: 180000 ms; KA interval: 60000 ms; Peer state: estab

Saigon1#sh mpls ldp bindings

tib entry: 1.1.1.1/32, rev 2
local binding: tag: imp-null
remote binding: tsr: 2.2.2.2:0, tag: 16
tib entry: 2.2.2.0/24, rev 4
local binding: tag: 16
remote binding: tsr: 2.2.2.2:0, tag: imp-null
tib entry: 3.3.3.3/32, rev 6
local binding: tag: 17
remote binding: tsr: 2.2.2.2:0, tag: 17
tib entry: 10.10.10.0/24, rev 10
local binding: tag: imp-null
remote binding: tsr: 2.2.2.2:0, tag: imp-null
tib entry: 172.16.1.0/24, rev 8
local binding: tag: imp-null
remote binding: tsr: 2.2.2.2:0, tag: 18
tib entry: 192.1.1.0/24, rev 12
local binding: tag: 18
remote binding: tsr: 2.2.2.2:0, tag: imp-null

Saigon1#sh mpls ldp bindings detail

tib entry: 1.1.1.1/32, rev 2
local binding: tag: imp-null
Advertised to:
2.2.2.2:0
remote binding: tsr: 2.2.2.2:0, tag: 16
tib entry: 2.2.2.0/24, rev 4
local binding: tag: 16
Advertised to:
2.2.2.2:0
remote binding: tsr: 2.2.2.2:0, tag: imp-null
tib entry: 3.3.3.3/32, rev 6
local binding: tag: 17
Advertised to:
2.2.2.2:0
remote binding: tsr: 2.2.2.2:0, tag: 17
tib entry: 10.10.10.0/24, rev 10
local binding: tag: imp-null
Advertised to:
2.2.2.2:0
remote binding: tsr: 2.2.2.2:0, tag: imp-null
tib entry: 172.16.1.0/24, rev 8
local binding: tag: imp-null
Advertised to:
2.2.2.2:0
remote binding: tsr: 2.2.2.2:0, tag: 18
tib entry: 192.1.1.0/24, rev 12
local binding: tag: 18
Advertised to:
2.2.2.2:0
remote binding: tsr: 2.2.2.2:0, tag: imp-null
Saigon1#

Saigon1#sh mpls forwarding-table

Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 2.2.2.0/24 0 Et0/0 10.10.10.2
17 17 3.3.3.3/32 0 Et0/0 10.10.10.2
18 Pop tag 192.1.1.0/24 0 Et0/0 10.10.10.2
Saigon1#
Saigon1#

Saigon1#sh mpls forwarding-table detail

Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 2.2.2.0/24 0 Et0/0 10.10.10.2
MAC/Encaps=14/14, MRU=1504, Tag Stack{}
0009E8C52AC00002B93EB1808847
No output feature configured
Per-packet load-sharing
17 17 3.3.3.3/32 0 Et0/0 10.10.10.2
MAC/Encaps=14/18, MRU=1500, Tag Stack{17}
0009E8C52AC00002B93EB1808847 00011000
No output feature configured
Per-packet load-sharing
18 Pop tag 192.1.1.0/24 0 Et0/0 10.10.10.2
MAC/Encaps=14/14, MRU=1504, Tag Stack{}
0009E8C52AC00002B93EB1808847
No output feature configured
Per-packet load-sharing
Saigon1#

Saigon2#sh mpls interfaces

Interface IP Tunnel Operational
Ethernet0/0 Yes (ldp) No Yes
Serial0/0 Yes (ldp) No Yes
Saigon2#

Saigon2#sh mpls ldp discovery

Local LDP Identifier:
2.2.2.2:0
Discovery Sources:
Interfaces:
Ethernet0/0 (ldp): xmit/recv
LDP Id: 1.1.1.1:0
Serial0/0 (ldp): xmit/recv
LDP Id: 3.3.3.3:0

Saigon2#sh mpls interfaces detail

Interface Ethernet0/0:
IP labeling enabled (ldp)
LSP Tunnel labeling not enabled
BGP tagging not enabled
Tagging operational
Fast Switching Vectors:
IP to MPLS Fast Switching Vector
MPLS Turbo Vector
MTU = 1500
Interface Serial0/0:
IP labeling enabled (ldp)
LSP Tunnel labeling not enabled
BGP tagging not enabled
Tagging operational
Fast Switching Vectors:
IP to MPLS Fast Switching Vector
MPLS Turbo Vector
MTU = 1500
Saigon2#

Saigon2#sh mpls ldp neighbor

Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.11000
State: Oper; Msgs sent/rcvd: 33/34; Downstream
Up time: 00:22:03
LDP discovery sources:
Ethernet0/0, Src IP addr: 10.10.10.1
Addresses bound to peer LDP Ident:
10.10.10.1 1.1.1.1 172.16.1.1
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.11001 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 11/12; Downstream
Up time: 00:02:42
LDP discovery sources:
Serial0/0, Src IP addr: 192.1.1.1
Addresses bound to peer LDP Ident:
192.1.1.1 3.3.3.3

Saigon2#sh mpls ldp neighbor detail

Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.11000
State: Oper; Msgs sent/rcvd: 33/34; Downstream; Last TIB rev sent 12
Up time: 00:22:07; UID: 1; Peer Id 0;
LDP discovery sources:
Ethernet0/0; Src IP addr: 10.10.10.1
holdtime: 15000 ms, hello interval: 5000 ms
Addresses bound to peer LDP Ident:
10.10.10.1 1.1.1.1 172.16.1.1
Peer holdtime: 180000 ms; KA interval: 60000 ms; Peer state: estab
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.11001 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 12/12; Downstream; Last TIB rev sent 12
Up time: 00:02:46; UID: 2; Peer Id 1;
LDP discovery sources:
Serial0/0; Src IP addr: 192.1.1.1
holdtime: 15000 ms, hello interval: 5000 ms
Addresses bound to peer LDP Ident:
192.1.1.1 3.3.3.3
Peer holdtime: 180000 ms; KA interval: 60000 ms; Peer state: estab
Saigon2#

Saigon2#sh mpls ldp bindings

tib entry: 1.1.1.1/32, rev 2
local binding: tag: 16
remote binding: tsr: 1.1.1.1:0, tag: imp-null
remote binding: tsr: 3.3.3.3:0, tag: 16
tib entry: 2.2.2.0/24, rev 4
local binding: tag: imp-null
remote binding: tsr: 1.1.1.1:0, tag: 16
remote binding: tsr: 3.3.3.3:0, tag: 17
tib entry: 3.3.3.3/32, rev 6
local binding: tag: 17
remote binding: tsr: 1.1.1.1:0, tag: 17
remote binding: tsr: 3.3.3.3:0, tag: imp-null
tib entry: 10.10.10.0/24, rev 10
local binding: tag: imp-null
remote binding: tsr: 1.1.1.1:0, tag: imp-null
remote binding: tsr: 3.3.3.3:0, tag: 19
tib entry: 172.16.1.0/24, rev 8
local binding: tag: 18
remote binding: tsr: 1.1.1.1:0, tag: imp-null
remote binding: tsr: 3.3.3.3:0, tag: 18
tib entry: 192.1.1.0/24, rev 12
local binding: tag: imp-null
remote binding: tsr: 1.1.1.1:0, tag: 18
remote binding: tsr: 3.3.3.3:0, tag: imp-null
Saigon2#sh mpls ldp bindings de
Saigon2#sh mpls ldp bindings detail
tib entry: 1.1.1.1/32, rev 2
local binding: tag: 16
Advertised to:
1.1.1.1:0 3.3.3.3:0
remote binding: tsr: 1.1.1.1:0, tag: imp-null
remote binding: tsr: 3.3.3.3:0, tag: 16
tib entry: 2.2.2.0/24, rev 4
local binding: tag: imp-null
Advertised to:
1.1.1.1:0 3.3.3.3:0
remote binding: tsr: 1.1.1.1:0, tag: 16
remote binding: tsr: 3.3.3.3:0, tag: 17
tib entry: 3.3.3.3/32, rev 6
local binding: tag: 17
Advertised to:
1.1.1.1:0 3.3.3.3:0
remote binding: tsr: 1.1.1.1:0, tag: 17
remote binding: tsr: 3.3.3.3:0, tag: imp-null
tib entry: 10.10.10.0/24, rev 10
local binding: tag: imp-null
Advertised to:
1.1.1.1:0 3.3.3.3:0
remote binding: tsr: 1.1.1.1:0, tag: imp-null
remote binding: tsr: 3.3.3.3:0, tag: 19
tib entry: 172.16.1.0/24, rev 8
local binding: tag: 18
Advertised to:
1.1.1.1:0 3.3.3.3:0
remote binding: tsr: 1.1.1.1:0, tag: imp-null
remote binding: tsr: 3.3.3.3:0, tag: 18
tib entry: 192.1.1.0/24, rev 12
local binding: tag: imp-null
Advertised to:
1.1.1.1:0 3.3.3.3:0
remote binding: tsr: 1.1.1.1:0, tag: 18
remote binding: tsr: 3.3.3.3:0, tag: imp-null
Saigon2#

Saigon2#sh mpls forwarding-table

Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 1.1.1.1/32 0 Et0/0 10.10.10.1
17 Pop tag 3.3.3.3/32 712 Se0/0 point2point
18 Pop tag 172.16.1.0/24 0 Et0/0 10.10.10.1

Saigon2#sh mpls forwarding-table detail

Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 1.1.1.1/32 0 Et0/0 10.10.10.1
MAC/Encaps=14/14, MRU=1504, Tag Stack{}
0002B93EB1800009E8C52AC08847
No output feature configured
Per-packet load-sharing
17 Pop tag 3.3.3.3/32 712 Se0/0 point2point
MAC/Encaps=4/4, MRU=1504, Tag Stack{}
0F008847
No output feature configured
Per-packet load-sharing
18 Pop tag 172.16.1.0/24 0 Et0/0 10.10.10.1
MAC/Encaps=14/14, MRU=1504, Tag Stack{}
0002B93EB1800009E8C52AC08847
No output feature configured
Per-packet load-sharing
Saigon2#

Saigon3#sh mpls interfaces

Interface IP Tunnel Operational
Serial0/0 Yes (ldp) No Yes

Saigon3#sh mpls ldp discovery

Local LDP Identifier:
3.3.3.3:0
Discovery Sources:
Interfaces:
Serial0/0 (ldp): xmit/recv
LDP Id: 2.2.2.2:0
Saigon3#

Saigon3#sh mpls interfaces de

Saigon3#sh mpls interfaces detail
Interface Serial0/0:
IP labeling enabled (ldp)
LSP Tunnel labeling not enabled
BGP tagging not enabled
Tagging operational
Fast Switching Vectors:
IP to MPLS Fast Switching Vector
MPLS Turbo Vector
MTU = 1500

Saigon3#sh mpls ldp neighbor

Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 3.3.3.3:0
TCP connection: 2.2.2.2.646 - 3.3.3.3.11001
State: Oper; Msgs sent/rcvd: 12/12; Downstream
Up time: 00:02:57
LDP discovery sources:
Serial0/0, Src IP addr: 192.1.1.2
Addresses bound to peer LDP Ident:
10.10.10.2 192.1.1.2 2.2.2.2

Saigon3#sh mpls ldp neighbor detail

Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 3.3.3.3:0
TCP connection: 2.2.2.2.646 - 3.3.3.3.11001
State: Oper; Msgs sent/rcvd: 12/12; Downstream; Last TIB rev sent 12
Up time: 00:03:00; UID: 1; Peer Id 0;
LDP discovery sources:
Serial0/0; Src IP addr: 192.1.1.2
holdtime: 15000 ms, hello interval: 5000 ms
Addresses bound to peer LDP Ident:
10.10.10.2 192.1.1.2 2.2.2.2
Peer holdtime: 180000 ms; KA interval: 60000 ms; Peer state: estab
Saigon3#

Saigon3#sh mpls ldp bindings

tib entry: 1.1.1.1/32, rev 2
local binding: tag: 16
remote binding: tsr: 2.2.2.2:0, tag: 16
tib entry: 2.2.2.0/24, rev 4
local binding: tag: 17
remote binding: tsr: 2.2.2.2:0, tag: imp-null
tib entry: 3.3.3.3/32, rev 6
local binding: tag: imp-null
remote binding: tsr: 2.2.2.2:0, tag: 17
tib entry: 10.10.10.0/24, rev 10
local binding: tag: 19
remote binding: tsr: 2.2.2.2:0, tag: imp-null
tib entry: 172.16.1.0/24, rev 8
local binding: tag: 18
remote binding: tsr: 2.2.2.2:0, tag: 18
tib entry: 192.1.1.0/24, rev 12
local binding: tag: imp-null
remote binding: tsr: 2.2.2.2:0, tag: imp-null

Saigon3#sh mpls ldp bindings detail

tib entry: 1.1.1.1/32, rev 2
local binding: tag: 16
Advertised to:
2.2.2.2:0
remote binding: tsr: 2.2.2.2:0, tag: 16
tib entry: 2.2.2.0/24, rev 4
local binding: tag: 17
Advertised to:
2.2.2.2:0
remote binding: tsr: 2.2.2.2:0, tag: imp-null
tib entry: 3.3.3.3/32, rev 6
local binding: tag: imp-null
Advertised to:
2.2.2.2:0
remote binding: tsr: 2.2.2.2:0, tag: 17
tib entry: 10.10.10.0/24, rev 10
local binding: tag: 19
Advertised to:
2.2.2.2:0
remote binding: tsr: 2.2.2.2:0, tag: imp-null
tib entry: 172.16.1.0/24, rev 8
local binding: tag: 18
Advertised to:
2.2.2.2:0
remote binding: tsr: 2.2.2.2:0, tag: 18
tib entry: 192.1.1.0/24, rev 12
local binding: tag: imp-null
Advertised to:
2.2.2.2:0
remote binding: tsr: 2.2.2.2:0, tag: imp-null
Saigon3#

Saigon3#sh mpls forwarding-table

Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 16 1.1.1.1/32 0 Se0/0 point2point
17 Pop tag 2.2.2.0/24 0 Se0/0 point2point
18 18 172.16.1.0/24 0 Se0/0 point2point
19 Pop tag 10.10.10.0/24 0 Se0/0 point2point
Saigon3#
Saigon3#sh mpls forwarding-table de
Saigon3#sh mpls forwarding-table detail
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 16 1.1.1.1/32 0 Se0/0 point2point
MAC/Encaps=4/8, MRU=1500, Tag Stack{16}
0F008847 00010000
No output feature configured
Per-packet load-sharing
17 Pop tag 2.2.2.0/24 0 Se0/0 point2point
MAC/Encaps=4/4, MRU=1504, Tag Stack{}
0F008847
No output feature configured
Per-packet load-sharing
18 18 172.16.1.0/24 0 Se0/0 point2point
MAC/Encaps=4/8, MRU=1500, Tag Stack{18}
0F008847 00012000
No output feature configured
Per-packet load-sharing
19 Pop tag 10.10.10.0/24 0 Se0/0 point2point
MAC/Encaps=4/4, MRU=1504, Tag Stack{}
0F008847
No output feature configured
Per-packet load-sharing
Saigon3#

Kim tra kt ni

Saigon1#traceroute 3.3.3.3

Type escape sequence to abort.

Tracing the route to 3.3.3.3

1 sg2 (10.10.10.2) [MPLS: Label 17 Exp 0] 0 msec 0 msec 4 msec

2 sg3 (192.1.1.1) 16 msec * 12 msec

Cu hnh cui cng ca h thng:

Saigon1#sh run
Building configuration...

Current configuration : 1077 bytes

!
version 12.2
!
no service password-encryption
!
hostname Saigon1
!
logging queue-limit 100
!
ip subnet-zero
!
no ip domain lookup
ip host sg3 192.1.1.1
ip host sg2 10.10.10.2
!
ip cef
mpls label protocol ldp
mpls ldp logging neighbor-changes
!
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Ethernet0/0
ip address 10.10.10.1 255.255.255.0
half-duplex
tag-switching ip
!
!
interface Ethernet0/1
ip address 172.16.1.1 255.255.255.0
half-duplex
no keepalive
!
router eigrp 1
passive-interface Ethernet0/1
passive-interface Loopback0
network 1.0.0.0
network 10.0.0.0
network 172.16.0.0
no auto-summary
!
ip http server
ip classless
!
line con 0
line aux 0
line vty 0 4
!
end

Saigon2#sh run
Building configuration...

Current configuration : 977 bytes

!
version 12.2
no service password-encryption
!
hostname Saigon2
!
ip subnet-zero
!
no ip domain lookup
!
ip cef
mpls label protocol ldp
mpls ldp logging neighbor-changes
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface Ethernet0/0
ip address 10.10.10.2 255.255.255.0
half-duplex
tag-switching ip
!
interface Serial0/0
ip address 192.1.1.2 255.255.255.0
tag-switching ip
clockrate 64000
no fair-queue
!
router eigrp 1
passive-interface Loopback0
network 2.0.0.0
network 10.0.0.0
network 192.1.1.0
no auto-summary
!
ip http server
ip classless
!
line con 0
line aux 0
line vty 0 4
!
end

Saigon3#sh run
Building configuration...

Current configuration : 930 bytes

!
version 12.2
no service password-encryption
!
hostname Saigon3
!
ip subnet-zero
!
no ip domain lookup
!
ip cef
mpls label protocol ldp
mpls ldp logging neighbor-changes
!
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface Serial0/0
ip address 192.1.1.1 255.255.255.0
tag-switching ip
no fair-queue
!
router eigrp 1
passive-interface Loopback0
network 3.0.0.0
network 192.1.1.0
no auto-summary
!
ip http server
ip classless
!
line con 0
line aux 0
line vty 0 4
!
!
end
__________________
ng Quang Minh, CCIE#11897 CCSI#31417
Email: [email protected]

Viet Professionals Co. Ltd. (VnPro)

149/1D Ung Vn Khim P25 Q.Bnh thnh TPHCM
Tel: (08) 35124257 Fax: (08) 35124314
Home :http://www.vnpro.vn
Blog :http://vnpro.org/blog
Support forum :http://vnpro.org
LiveChat :http://vnpro.vn/support

dangquangminh

View Public Profile

Send a private message to dangquangminh

Visit dangquangminh's homepage!

Find all posts by dangquangminh

#5
 24-09-2008, 03:57 PM
hhd1986 Join Date: Apr 2008
Junior Member Posts: 6
Newbie

ISCW LAB: MPLS VPN ROUTING VRF

Qui hoch IP:

(1)192.168.1.0/24
(2)192.168.2.0/24
(3)192.168.3.0/24
(4)192.168.4.0/24
(5)192.168.5.0/24
(6)192.168.6.0/24
(7)Lo0: 10.10.10.10/24
(8)Lo0: 20.20.20.20/24
(9)Lo0: 1.1.1.1/24
(10)Lo0: 3.3.3.3/24
(11)Lo0: 2.2.2.2/24
(12)Lo0: 30.30.30.30/24
(13)Lo0: 40.40.40.40/24

1.Yu cu:
Cu hnh MPLS domain gia PE01 P PE02 (IGP = RIPv2)
Cu hnh BGP AS 1 gia PE01 v PE 02
Trn PE01 to vrf A1 v B1 tng ng vi mi Router A1,B1
Trn PE02 to vrf A2 v B2 tng ng vi mi Router A2,B2
A1 A2 B1 B2 chy giao thc nh tuyn EIGRP
i.A1 : AS = 10
ii.A2 : AS = 30
iii.B1 : AS = 20
iv.B2 : AS = 40

2.Cu hnh:

ROUTER A1:
!
hostname A1
!
no ip domain lookup
!
interface Loopback0
ip address 10.10.10.10 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
!
router eigrp 10
network 10.0.0.0
network 192.168.1.0
no auto-summary
!
ip classless
!
ip http server
End

ROUTER B1:
hostname B1
!
ip cef
!
no ip domain lookup
!
interface Loopback0
ip address 20.20.20.20 255.255.255.0
!
interface Serial0/0
ip address 192.168.2.1 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
ip address 100.100.100.100 255.255.255.0
no keepalive
!
!
router eigrp 20
network 20.0.0.0
network 100.0.0.0
network 192.168.2.0
no auto-summary
!
ip classless
!
ip http server
End

ROUTER PE01:
hostname PE01
!
!
no ip domain lookup
ip vrf A1
rd 1:100
route-target export 1:100
route-target import 1:100
!
ip vrf B1
rd 1:200
route-target export 1:200
route-target import 1:200
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/0
ip vrf forwarding A1
ip address 192.168.1.2 255.255.255.0
!
interface Serial0/0
ip vrf forwarding B1
ip address 192.168.2.2 255.255.255.0
clock rate 64000
!
interface FastEthernet0/1
ip address 192.168.3.1 255.255.255.0
mpls label protocol ldp
tag-switching ip
!
!
router eigrp 100
auto-summary
!
address-family ipv4 vrf B1
network 192.168.2.0
no auto-summary
autonomous-system 20
exit-address-family
!
address-family ipv4 vrf A1
network 192.168.1.0
no auto-summary
autonomous-system 10
exit-address-family
!
router rip
version 2
network 1.0.0.0
network 192.168.3.0
no auto-summary
!
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 1
neighbor 2.2.2.2 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
exit-address-family
!
address-family ipv4 vrf B1
redistribute eigrp 20
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf A1
redistribute eigrp 10
no auto-summary
no synchronization
exit-address-family
!
ip classless
!
ip http server
no ip http secure-server
!
End

ROUTER P:
hostname P
!
!
ip cef
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.3.2 255.255.255.0
mpls label protocol ldp
tag-switching ip
!
interface FastEthernet0/1
ip address 192.168.4.1 255.255.255.0
mpls label protocol ldp
tag-switching ip
!
router rip
version 2
network 3.0.0.0
network 192.168.3.0
network 192.168.4.0
no auto-summary
!
ip classless
!
ip http server
End

ROUTER PE02:
!
hostname PE02
!
ip cef
!
no ip domain lookup
ip vrf A2
rd 1:100
route-target export 1:100
route-target import 1:100
!
ip vrf B2
rd 1:200
route-target export 1:200
route-target import 1:200
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.4.2 255.255.255.0
mpls label protocol ldp
tag-switching ip
!
interface Serial0/0
ip vrf forwarding A2
ip address 192.168.5.1 255.255.255.0
clock rate 64000
!
interface FastEthernet0/1
ip vrf forwarding B2
ip address 192.168.6.1 255.255.255.0
duplex auto
speed auto
!
router eigrp 100
auto-summary
!
address-family ipv4 vrf B2
redistribute bgp 1 metric 1000 100 100 100 100
network 192.168.6.0
auto-summary
autonomous-system 40
exit-address-family
!
address-family ipv4 vrf A2
redistribute bgp 1 metric 1000 100 100 100 100
network 192.168.5.0
auto-summary
autonomous-system 30
exit-address-family
!
router rip
version 2
network 2.0.0.0
network 192.168.4.0
no auto-summary
!
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 1
neighbor 1.1.1.1 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
exit-address-family
!
address-family ipv4 vrf B2
redistribute eigrp 40
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf A2
redistribute eigrp 30
no auto-summary
no synchronization
exit-address-family
!
ip classless
!
ip http server
no ip http secure-server
!
!
End

ROUTER A2:
!
hostname A2
!
!
!
ip cef
!
no ip domain lookup
ip audit po max-events 100
!
interface Loopback0
ip address 30.30.30.30 255.255.255.0
!
interface Serial0/0
ip address 192.168.5.2 255.255.255.0
clock rate 2000000
!
!
router eigrp 30
network 30.0.0.0
network 192.168.5.0
no auto-summary
!
ip classless
!
ip http server
no ip http secure-server
!
End

ROUTER B2:
!
hostname B2
!
!
no aaa new-model
ip subnet-zero
ip cef
!
!
!
no ip domain lookup
ip audit po max-events 100
!

!
interface Loopback0
ip address 40.40.40.40 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.6.2 255.255.255.0
duplex auto
speed auto
!
!
router eigrp 40
network 40.0.0.0
network 192.168.6.0
no auto-summary
!
ip classless
!
ip http server
!
End
3.Kim tra hot ng:

i vi MPLS Domain :

i.Kim tra bng nh tuyn :

Trn PE01
PE01#show ip route
Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets

C 1.1.1.0 is directly connected, Loopback0
2.0.0.0/24 is subnetted, 1 subnets
R 2.2.2.0 [120/2] via 192.168.3.2, 00:00:12, FastEthernet0/1
3.0.0.0/24 is subnetted, 1 subnets
R 3.3.3.0 [120/1] via 192.168.3.2, 00:00:12, FastEthernet0/1
R 192.168.4.0/24 [120/1] via 192.168.3.2, 00:00:12, FastEthernet0/1
C 192.168.3.0/24 is directly connected, FastEthernet0/1
Trn P
P#show ip route
Gateway of last resort is not set
1.0.0.0/24 is subnetted, 1 subnets
R 1.1.1.0 [120/1] via 192.168.3.1, 00:00:07, FastEthernet0/0
2.0.0.0/24 is subnetted, 1 subnets
R 2.2.2.0 [120/1] via 192.168.4.2, 00:00:11, FastEthernet0/1
3.0.0.0/24 is subnetted, 1 subnets
C 3.3.3.0 is directly connected, Loopback0
C 192.168.4.0/24 is directly connected, FastEthernet0/1
C 192.168.3.0/24 is directly connected, FastEthernet0/0

Trn PE02

PE02#show ip route
Gateway of last resort is not set
1.0.0.0/24 is subnetted, 1 subnets
R 1.1.1.0 [120/2] via 192.168.4.1, 00:00:27, FastEthernet0/0
2.0.0.0/24 is subnetted, 1 subnets
C 2.2.2.0 is directly connected, Loopback0
3.0.0.0/24 is subnetted, 1 subnets
R 3.3.3.0 [120/1] via 192.168.4.1, 00:00:27, FastEthernet0/0
C 192.168.4.0/24 is directly connected, FastEthernet0/0
R 192.168.3.0/24 [120/1] via 192.168.4.1, 00:00:27, FastEthernet0/0
Kt lun : nh tuyn ni gia MPLS Domain thng, t cu hnh MPLS

ii.Kim tra LFIP table

Trn PE01
PE01#show mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 16 2.2.2.0/24 0 Fa0/1 192.168.3.2
17 Pop tag 3.3.3.0/24 0 Fa0/1 192.168.3.2
18 Pop tag 192.168.4.0/24 0 Fa0/1 192.168.3.2
Trn P
P#show mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 2.2.2.0/24 3375 Fa0/1 192.168.4.2
17 Pop tag 1.1.1.0/24 5007 Fa0/0 192.168.3.1
Trn PE02
PE02#show mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 3.3.3.0/24 0 Fa0/0 192.168.4.1
17 Pop tag 192.168.3.0/24 0 Fa0/0 192.168.4.1
18 17 1.1.1.0/24 0 Fa0/0 192.168.4.1

iii.Cu hnh BGP trn PE01 v PE02

Trn PE01
PE01#show ip bgp summary
BGP router identifier 1.1.1.1, local AS number 1
BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

2.2.2.2 4 1 55 54 1 0 0 00:43:36 0
Trn PE02
PE02#show ip bgp summary
BGP router identifier 2.2.2.2, local AS number 1
BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

1.1.1.1 4 1 55 56 1 0 0 00 24 0

- Kim tra vrf routing table ca A1,A2,B1,B2 trn PE01 v PE02

Trn PE01:

PE01#show ip route vrf A1

Routing Table: A1
Gateway of last resort is not set
B 192.168.5.0/24 [200/0] via 2.2.2.2, 00 07
10.0.0.0/24 is subnetted, 1 subnets
D 10.10.10.0 [90/156160] via 192.168.1.1, 00 24, FastEthernet0/0
C 192.168.1.0/24 is directly connected, FastEthernet0/0
30.0.0.0/24 is subnetted, 1 subnets
B 30.30.30.0 [200/2297856] via 2.2.2.2, 00 07

PE01#show ip route vrf B1

Routing Table: B1
Gateway of last resort is not set
100.0.0.0/24 is subnetted, 1 subnets
D 100.100.100.0 [90/2172416] via 192.168.2.1, 00 46, Serial0/0
20.0.0.0/24 is subnetted, 1 subnets
D 20.20.20.0 [90/2297856] via 192.168.2.1, 00 46, Serial0/0
40.0.0.0/24 is subnetted, 1 subnets
B 40.40.40.0 [200/156160] via 2.2.2.2, 00 20
B 192.168.6.0/24 [200/0] via 2.2.2.2, 00 20
C 192.168.2.0/24 is directly connected, Serial0/0

Trn PE02:

PE02#show ip route vrf A2

Routing Table: A2
Gateway of last resort is not set
C 192.168.5.0/24 is directly connected, Serial0/0
10.0.0.0/24 is subnetted, 1 subnets
B 10.10.10.0 [200/156160] via 1.1.1.1, 00 16
B 192.168.1.0/24 [200/0] via 1.1.1.1, 00 16
30.0.0.0/24 is subnetted, 1 subnets
D 30.30.30.0 [90/2297856] via 192.168.5.2, 00 47, Serial0/0

PE02#show ip route vrf B2

Routing Table: B2
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set

100.0.0.0/24 is subnetted, 1 subnets

B 100.100.100.0 [200/2172416] via 1.1.1.1, 00 44
20.0.0.0/24 is subnetted, 1 subnets
B 20.20.20.0 [200/2297856] via 1.1.1.1, 00 44
40.0.0.0/24 is subnetted, 1 subnets
D 40.40.40.0 [90/156160] via 192.168.6.2, 00:49:30, FastEthernet0/1
C 192.168.6.0/24 is directly connected, FastEthernet0/1
B 192.168.2.0/24 [200/0] via 1.1.1.1, 00 59

- Kim tra thng tuyn:

A1#ping 30.30.30.30

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 30.30.30.30, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 196/236/300 ms
B1#ping 40.40.40.40

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 40.40.40.40, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 156/180/200 ms

- Kim tra bng LFIP hon chnh trn mi Router PE01 v PE02:

PE01#show mpls forwarding-table

Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 16 2.2.2.0/24 0 Fa0/1 192.168.3.2
17 Pop tag 3.3.3.0/24 0 Fa0/1 192.168.3.2
18 Pop tag 192.168.4.0/24 0 Fa0/1 192.168.3.2
19 Untagged 20.20.20.0/24[V] 0 Se0/0 point2point
20 Untagged 100.100.100.0/24[V] \
0 Se0/0 point2point
21 Untagged 10.10.10.0/24[V] 0 Fa0/0 192.168.1.1
22 Aggregate 192.168.1.0/24[V] 520
23 Aggregate 192.168.2.0/24[V] 520
PE02#show mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 3.3.3.0/24 0 Fa0/0 192.168.4.1
17 Pop tag 192.168.3.0/24 0 Fa0/0 192.168.4.1
18 17 1.1.1.0/24 0 Fa0/0 192.168.4.1
19 Untagged 30.30.30.0/24[V] 520 Se0/0 point2point
20 Aggregate 192.168.5.0/24[V] 0
21 Untagged 40.40.40.0/24[V] 570 Fa0/1 192.168.6.2
22 Aggregate 192.168.6.0/24[V] 0

- Kim tra c ch chuyn mch nhn ti MPLS Domain

PE01#traceroute vrf A1 30.30.30.30

Type escape sequence to abort.

Tracing the route to 30.30.30.30

1 192.168.3.2 [MPLS: Labels 16/19 Exp 0] 160 msec 184 msec 144 msec
2 192.168.5.1 [MPLS: Label 19 Exp 0] 128 msec 60 msec 92 msec
3 192.168.5.2 176 msec * 216 msec
PE02#traceroute vrf B2 20.20.20.20

Type escape sequence to abort.

Tracing the route to 20.20.20.20

1 192.168.4.1 [MPLS: Labels 17/19 Exp 0] 176 msec 120 msec 156 msec
2 192.168.2.2 [MPLS: Label 19 Exp 0] 212 msec 64 msec 52 msec
3 192.168.2.1 92 msec * 160 msec

Dear Mr. Minh,

Theo e cu hnh MPLS cn thm phn t li gi tr jumbo-mtu v cc gi tin MPLS c max-size

ln n 9198.
__________________
Papa, mama, brother ...ILU!

hhd1986

View Public Profile

Send a private message to hhd1986

Find all posts by hhd1986

#6
24-09-2008, 04:41 PM
Mr.LeVy Join Date: Jun 2008
Member Location: Ho Chi Minh
Member Posts: 92
Quote:

Originally Posted by hhd1986

Dear Mr. Minh,

Theo e cu hnh MPLS cn thm phn t li gi tr jumbo-mtu v cc gi tin MPLS c max-

size ln n 9198.
Hi, Size ca MPLS packet = size IP packet + n*4 : n = number of label.
Nn MPLS max-size l bao nhiu trong thc t th c th d dng tr li ri

Khi cu hnh MPLS trong backbone, mt vn cn phi xem xt l MTU, MTU trong BB bao
gi cng ln hn MTU pha edge. V khi router kim tra thy MPLS packet ln hn MTU cho
php th s drop packet ch ko fragment nh IP packet.

Ch mt trng hp c bit khi gi tr MTU=1500 th router cho php MTU MPLS c th ln

n 1504 hay 1508 (check li).

V d
CE - 1500 - PE1 - 2000 -PE2

Khi c th cu hnh MTU MPLS trn PE1 hay PE2 t 1504 -2000. Thm mt vn na l
khi cu hnh dot1q-tunnel trong network v vy tt nht nn check cn thn MTU trc khi
chuyn t IP network sang MPLS network. Thng thng n >=3.
__________________
> Ping CCNA
Sending to CISCO.....Please wait.....

Mr.LeVy

View Public Profile

Send a private message to Mr.LeVy

Find all posts by Mr.LeVy

#7
25-09-2008, 02:52 PM
silverhead Join Date: Mar 2008
Member Posts: 49
Newbie
Quote:

Originally Posted by Mr.LeVy

Hi, Size ca MPLS packet = size IP packet + n*4 : n = number of label.
Nn MPLS max-size l bao nhiu trong thc t th c th d dng tr li ri

Khi cu hnh MPLS trong backbone, mt vn cn phi xem xt l MTU, MTU trong BB bao
gi cng ln hn MTU pha edge. V khi router kim tra thy MPLS packet ln hn MTU cho
php th s drop packet ch ko fragment nh IP packet.

Ch mt trng hp c bit khi gi tr MTU=1500 th router cho php MTU MPLS c th

ln n 1504 hay 1508 (check li).

V d
CE - 1500 - PE1 - 2000 -PE2

Khi c th cu hnh MTU MPLS trn PE1 hay PE2 t 1504 -2000. Thm mt vn na l
khi cu hnh dot1q-tunnel trong network v vy tt nht nn check cn thn MTU trc khi
chuyn t IP network sang MPLS network. Thng thng n >=3.
Bn c ti liu no ni v vn ny ko cho mnh xin vi (a ch mail ca mnh l :
[email protected]).
C 1 vn xin hi cc bn, c quan mnh hin nay thu VPN (dch v MegaWAN ca VTN),
hin nay co quan ti mun kim tra cc thng s : throughput, Delay, Packet loss, Jitter, ... Bn
no c gii php hay bi o cho mnh xin vi. Cm n nhiu.

Vietnamese Professionals > Cc din n User Name User Name

Remember Me?
cng cng khc > Box Phi tin (Non-IT)
Lm sao nghe c ting Anh Password Log in

Register [WiMAX Forum] Community Calendar Today's Posts Search

Box Phi tin (Non-IT) Bn c th gim stress bng cc bi vit phi tin hc, phi k thut, phi
Cisco, th vn linh tinh.
Community Links

Social Groups

Pictures & Albums

Members List
Search Forums
Go

Show Threads Show Posts

Advanced Search
Go to Page...

Page 1 of 2 1 2 >
Thread Tools Display Modes
#1
02-07-2008, 06:55 PM
Mr.Metal Join Date: Oct 2005
Senior Member Posts: 801
Elite
Lm sao nghe c ting Anh
LM SAO NGHE C TING ANH (Phn 1) :

Nhn mt cu hi ca mt thnh vin English Time Forum (1), v cch hc nghe ting Anh, ti
vit mt topic trong Forum y. Hm nay c li, ti thy rng c th mt s em sinh vin
thng gh blog ti cng mun tm mt cch hc mau tin b trong k nng nghe ting Anh,
nn ti chp sang blog mnh. V sau y l bi ti vit cch y hai ngy trn ETF

LM SAO NGHE C TING ANH (v ni chung: MT NGOI NG)

Mt trong nhng tr ngi ln nht ca chng ta khi hc mt ngoi ng y l chng ta qu

thng minh v c qu nhiu kinh nghim.

Qu thng minh: v mnh khng th no chp nhn nghe mt cu m mnh khng hiu: cn phi
hiu mt cu ni g trc khi nghe tip cu th hai, nu khng th mnh khng bun nghe tip.

Qu kinh nghim: Cuc i dy ta khng nghe nhng g ngi khc ni m ch hiu nhng g
m ni dung chuyn ti. Nu khng hiu ni dung, chng ta khng th lp li li ngi kia. Cng
v th m - trong giai on u hc ngoi ng - mi ln nghe mt cu ting Anh th trong u
phi dch ra c ting Vit th mi yn tm, bng khng th cu y khng c ngha.

Th nhng, y l li hc sinh ng ngc chiu. Ti bit c 6 ngn ng, trong c ba ngn

ng thnh tho nghe ni c vit: Vit - Anh - Php, v ti thy rng trong cc ngn ng ti bit
th, mt cch khch quan, nghe v ni ting Vit l kh nht (v phng ty, khng c ngn
ng no m mnh i cao ca mt t th ngha t y li thay i: ma - m - m - m - m -
m). Nhng cc bn forum ny, cng nh ti, u khng c vn g c vi ci sinh ng kh
vo bc nht y!
Th nhng nhng thy c dy chng ta nghe ni ting Vit chng phi l nhng v chuyn vin
ngn ng nh cc thy ngoi ng m ta hc ti cc trng. Thy dy ting Vit chng ta l tt c
nhng ngi quanh ta t ngy ta ra i: cha m, anh ch, hng xm, bn b ngha l i a s
nhng ngi cha c mt gi s phm no c, thm ch khng c mt khi nim no v vn
phm ting Vit. Th m ta nghe ting Vit thoi mi v ni nh so. Cn ting Anh th khng
th nh th c.

y l v i vi ting Vit, chng ta hc theo tin trnh t nhin, cn ngoi ng th ta hc theo

tin trnh phn t nhin.

T lc sinh ra chng ta NGHE mi ngi ni ting Vit chung quanh (m chng bao gi ta
phn i: "ti chng hiu g c, ng ni na"! Mi sanh th bit g m hiu v phn i!). Sau
mt thi gian di t 9 thng n 1 nm, ta mi NI nhng ting ni u tin (tng ch mt), m
khng hiu mnh ni g. Vi nm sau vo lp mu gio mi hc C, ri vo lp 1 (su nm sau
khi bt u nghe) mi tp VIT Lc by gi, d cha bit vit th mnh nghe c tt c
nhng g ngi ln ni ri (k c iu mnh cha hiu). Nh vy, tin trnh hc ting Vit ca
chng ta l Nghe - Ni - c - Vit. Giai on di nht l nghe v ni, ri sau t vng t thm
vo m ta khng bao gi b thi gian hc t ng. V ng php (hay vn phm) th n cp 2 mi
hc qua loa, m khi xong trung hc th ta qun ht 90% ri.

Nhng tin trnh ta hc ting Anh (hay bt c ngoi ng no) th hon ton ngc li.

Th nhn li xem: Trc tin l vit mt s ch v chua thm ngha ting Vit nu cn. V k t
, hc cng nhiu t vng cng tt, k n l hc vn phm, ri ly t vng rp vo cho ng
vi vn phm m VIT thnh cu! Ri loay hoay sa cho ng lut! Sau th tp C cc ch
y trng c chng no hay chng y, v nhiu khi li c mt m ting Anh bng mt m ting
Vit! (v d fire, fight, five, file u c c l phai ). Sau mi ti giai on NI, m
ni y c ngha l c Ln Ting nhng cu mnh vit trong u mnh, m khng thc mc
ngi i thoi c hiu 'message' ca mnh hay khng v mnh ch lo l ni c sai vn phm hay
khng. Lc by gi mi khm ph rng nhng cu mnh vit th ai cng hiu, nh khi mnh ni
th ch c mnh v Thng hiu thi, cn ngi bn x (ting Anh) th huh - huh di c
nh c c! Th l hc ni bng cch sa i pht m nhng t no cha chun cho n khi ngi
khc nghe c th hiu c.

Sau thi gian di tht di, mnh khm ph rng mnh tng bit ting Anh, v ni ra th ngi khc
hiu tm tm, nhng khi h ni th mnh khng nghe c g c (ngha l nghe khng hiu g c).
Lc by gi mi tp NGHE, v ri nh b cuc v c gng my cng khng hiu c nhng g
ngi ta ni.

Vn l : chng ta hc ting Anh ngc vi tin trnh t nhin, v qu thng minh v c

qu nhiu kinh nghim. Tin trnh y l Vit - c - Ni - Nghe!

V th, mun nghe v ni ting Anh, chuyn u tin l phi qun i kinh nghim v tr thng
minh, tr li trng thi s sinh v con nt, v ng s dng qu nhiu cht xm phn tch,
l lun, dch thut!
V y l b quyt Nghe:

A. Nghe th ng:

1. - Tm ngn ng. Nghe khng cn hiu: Hy nghe! ng hiu.

Bn chp vo CD mt s bi ting Anh (v d t trn forum ETF). Mi bi c th di t 1 n 5

pht.

Khi no bn nh mt mnh, th m cc bi ra va nghe, v c lp i lp li mi ra r nh

m thanh nn sut ngy. Bn khng cn n n. Bn c lm vic ca mnh, nh rng, ra
mt, hc bi lm bi, vo internet vi ting li nhi ca bi ting Anh. (thm ch, trong lc bn
ng cng c th cho n ni).

Trng hp bn c CD player, USB player hay iPod, th em theo m nghe khi mnh c thi
gian cht - v d: di chuyn lu gi trn xe, i ai hay i n phin mnh ti phng mch.

Cng vic tm ngn ng ny rt quan trng, v cho ta nghe ng vi tng m ca mt ngn ng

l. Tai ca chng ta bt rt nhanh mt m quen, nhng loi tr nhng m l. V d: Nu bn nghe
cu: mt tri mc cnh khi chim voi truy cp chn ch, mt cu hon ton v ngha, nhng bo
bn lp li th bn lp li c ngay, v bn qu quen vi cc m y. Nhng khi mt ngi ni
mt cu bng chng y m (ngha l 11 m/vn), trong ngn ng bn cha tng hc, v bo bn
lp li th bn khng th no lp li c, v bo rng khng nghe c! (Bn c ic u!
Vn l tai bn khng nhn ra c cc m!) Li 'tm ngn ng' ch l vn lm quen i
tai, v sau mt thi gian (lu y ch khng phi vi ngy) bn s bt c cc m ca ting
Anh, v thy rng m y rt d nghe, nhng hon ton khc vi m Vit. ng nn lng v lu
ngy mnh vn khng phn bit m: hy nh rng bn tm ngn ng ting Vit t ra l 9 thng
lin tc ngy m trc khi m ming ni c ting ni u tin v hiu c mt hai ting
ngn ca cha m; v sau li tip tc 'tm ngn ng' Vit cho n 4, 5 nm na!

2 - Nghe vi hnh nh ng.

Nu c gi th xem mt s tin tc bng ting Anh (mt iu khuyn trnh: ng xem chng
trnh ting Anh ca cc i Vit Nam, t ra l giai on u, v xng ngn vin Vit Nam, phn
ln, ni rt gn vi m Vit Nam (k c pronounciation), nn mnh d quen nghe, v t l tai
mnh li hng, v sau li kh nghe ngi bn x ni ting Anh - th l phi hc li ln th hai!).
Cc hnh nh nh km lm cho ta hiu c t nhiu ni dung bn tin, m khng cn phi
dch tng cu ca nhng g xng ngn vin ni. Bn s yn tm hn, sau khi nghe 15 pht tin
tc, t tm lc li, th thy rng mnh nm bt c phn chnh yu ca ni dung bn tin. V
y l cch th hai tm ngn ng.

B. Nghe ch ng.

1. Bn tin special english:- Thu mt bn tin, v nghe li ri chp ra nhiu chng no hay chng
ny nh l ng tra cu t in hay tm hiu ngha vi. on ngha trong ni dung cu, v nh
li m thanh ca t, hay cm t , sau ny t n s r ngha, nu tr i tr li hoi.
(Ngy xa, trn i VOA, sau mi chng trnh ti thng nghe mt cm t tng t nh:
statue, statute hay statu g , m khng bit vit th no, tuy vn hiu i loi l: hy i y
nghe tip. Mi sau ny ti mi bit rng thut ng rt quen thuc y l 'stay tuned', nhng mt
thi gian di, chnh t ca ch y i vi ti khng thnh vn !)

2. Chm ch nghe li mt s bi mnh tng nghe trong giai on tm ngn ng

- Ly li script ca nhng bi mnh tng nghe, c li v nh li trong tng tng li c m

mnh tng nghe nhiu ln.

Sau xp bn script v nghe li hiu. Ln ny: t nhin mnh s nghe r tng ting v hiu.
Trng hp khng hiu mt t hay cm t, th gng lp li nhiu ln ng nh mnh nghe, sau
lt li script so snh.

3. Mt s bi Audio (trong ETF chng hn): nghe nhiu ln, trc khi c script. Sau , c li
script, ch yu kim tra nhng t mnh nghe hoc on, hoc nhng t m mnh c th pht
m li nhng khng hiu vit v ngha th no. Qua vic ny, nhiu khi ta pht hin rng mt t
mnh rt quen thuc m t xa n nay mnh c in tr l phi ni mt cch no , th thc ra cn
phi ni khc hn v pht m nh th th mi mong nghe ng v ni cho ngi khc hiu. Sau
, xp bn script v nghe li mt hai ln na. (V d: hai ch tomb, bury, khi xa ti c inh
ninh l s pht m l 'tm-b(), bri' - sau ny nghe ch 'tum, beri' ti chng hiu g c - d cho
ti nghe r rng l tum, beri -cho n khi xem script th mi v l!)

4. Hc ht ting Anh, v ht theo trong khi nghe.Chn mt s bi ht m mnh thch, tm lyrics

ca n ri va nghe va nhn lyrics. Sau hc thuc lng v ht song song vi ca s, v gng
pht m cng nh gi tc v trng cho ng. Khi no bun bun cng c th t ht cho
mnh nghe (nu khng c ging tt v ht sai ging mt t cng khng sao, v ch yu l tp pht
m, tc , trng v m iu ting Anh).

V ni cho ng ging (qua ht) cng l mt cch gip mnh sau ny nhy tai hn khi nghe, v
thng thng ngn ng trong cc bi ht kh nghe hn nhng cu ni bnh thng rt nhiu.

Trc khi tm dng topic ny, ti mun ni thm mt iu.

C bn bo rng hin nay mnh cha hiu, nn c gng nghe nhiu cng v ch, mnh hc
thm, khi no c nhiu t vng hiu ri th lc s tp nghe sau.

Ngh nh th l HON TON SAI. Chnh v bn cha hiu nn mi cn nghe nhiu hn nhng
ngi hiu. Mun bit bi th phi nhy xung nc, khng th ly l do rng v mnh khng
th ni, nn trn b hc cho ht l thuyt ri th mi nhy xung, v s bit bi! Cha bit bi
m xung nc th s ung nc v ngp th y, nhng phi thng qua ung nc v ngp th
nh th th mi hy vng bit bi.
Mun bit bi, th phi nhy xung nc, v nhy khi cha bit bi. Chnh v cha bit bi nn
mi cn nhy xung nc.

Mun bit nghe v hiu ting Anh th phi nghe ting Anh, nghe khi cha hiu g c! V chnh v
cha hiu g nn cn phi nghe nhiu!

------------
ht phn 1
__________________
Att ~ 2101.81N , HCMC

Mr.Metal

View Public Profile

Send a private message to Mr.Metal

Find all posts by Mr.Metal

#2
02-07-2008, 06:56 PM
Mr.Metal Join Date: Oct 2005
Senior Member Posts: 801
Elite

LM SAO NGHE C TING ANH (phn 2)

- NGHE BNG TAI -

Khi ti bo rng chng ta gp tr ngi khi hc ngoi ng v thng minh v c nhiu kinh
nghim, c ngi cho rng l ni theo ngha bng. Khng phi u, ti ni theo ngha en
! Qua s kin sau (v ACE chc chn cng tng gp nhng trng hp tng t) ACE s thy
ngay. Mt ngi bn tng dy Anh Vn Trung Tm Ngoi Ng vi ti, sau ny sang nh c
M. Anh cng i vi a con 7 tui, cha bit mt ch ting Anh no. Mi nm sau ti gp li
hai cha con ti Hoa K. Con anh ni v nghe ting Anh khng khc mt ngi M chnh cng.
Trong khi anh ni ting Anh tuy lu lot hn xa, nhng r rng l mt ngi nc ngoi ni
ting M. Khi xem chng trnh hi trn TV, con anh ci ng vi ting ci nn trong chng
trnh, trong khi anh v ti nhiu khi khng hiu h ni g ng ci: r rng l k nng nghe
ca con anh hn anh ri! iu ny chng t rng khi sang M, anh c kinh nghim v ting
Anh, v khn hn con anh v bit nhiu k thut, phng php hc ting Anh, nn tip tc hc
ting Anh theo tin trnh phn t nhin; trong khi con anh, v khng thng minh bng anh, v
thiu kinh nghim, nn hc ting Anh theo tin trnh t nhin m khng theo mt phng
php c th no hc vocabulary, grammar, listening, speaking c.

i vo c th t vng Anh.

Mun nng cao k nng nghe, cn phi xa b ci phn x lu ngy ca mnh do kinh nghim
trong ting m , v nhng kh nng mnh c khi khi s hc ngoi ng, y l mnh bit
c v bit vit ch theo mu t la tinh. Cng vic xa b ci phn x sai ny l mt vic mt th
gi, v tp mt phn x mi l kh, m xa i mt phn x c li cng kh hn na. Cc bn
c bi ny tin vo tin trnh t nhin, ch khng phi nh nhng phn tch to lao ny,
khin li b tr ngi thm trong qu trnh nng cao k nng ca mnh).

- Xa b kinh nghim nghe nguyn m: Ting Anh l ting ph m.

Ting Anh ch yu l ngn ng a m: mt t thng c nhiu m. L tai chng ta b iu

kin ha nghe m ting Vit. Ting Vit l loi ting n m, v th, mi ting l mt m v
m ch yu trong mt t l nguyn m. i mt nguyn m th khng cn l t na: ma, mi,
m khng th hon chuyn nguyn m cho nhau, v ba t c ba ngha hon ton khc nhau. Mc
khc, ting Vit khng bao gi c ph m cui t. Ngay c nhng ch m khi vit c ph m
cui, th ngi vit cng khng c ph m cui; v d: trong t ht, nguyn m mi l t,
h()-t, ch khng phi l h()--t(), trong khi t fat ting Anh c c l f()-a-t(), vi
ph m t r rng.

Trong ting Vit hu nh khng c nhng t vi hai ph m i k tip (ngoi tr ch v tr -

nhng thc ra, ch v tr cng c th thay bng 1 ph m duy nht) v th, tai ca mt ngi Vit
Nam = cha bao gi lm quen vi ngoi ng - khng th nhn ra hai ph m k tip. Do ,
mun cho ngi Vit nghe c mt ting nc ngoi c nhiu ph m k tip, th phi thm
nguyn m () vo gia cc ph m; v d: Ai-x-len; Mat-x-c-va. Ni cch khc, ngi Vit
khng th nghe c ph m nu khng c mt nguyn m c th nh km.

Vi kinh nghim (phn x) , mt khi ta nghe ting Anh, ta ch i nghe cho cc nguyn
m nh mnh NHN thy trong k m (phonetic signs), v khng bao gi nghe c c. V d:
khi hc t America ta thy r rng trong k m: (xin li v khng th ghi phonetic signs vo
trang ny) -me-ri-k, nhng khng bao gi nghe bn m c, th l ta cho rng h nut
ch. Trong thc t, h c c, nhng trong mt t a m (trong khi vit) th ch c ng
nguyn m du nhn (stress) - nu mt t c qu nhiu m th thm mt m c du nhn ph
(m cng c th b qua) - cn nhng m khc th phi c ht cc PH M, cn nguyn m th
sao cng c (mc ch l lm r ph m). C th chng ta ch nghe: _me-r-k, hay cao lm l
_me-r-k, v nh th l , v m me v tt c cc ph m u hin din. Bn s thc mc,
nghe vy th lm sao hiu? Th trong ting Vit khi nghe M (ht) khng c g trc v sau c,
th bn hiu ngay, ti sao cn phi bn m l -m-ri-k bn mi hiu l M? Tm li:
hy nghe ph m, ng ch n nguyn m, tr m c stress!

Mt v d khc: t interesting! Ti tng c hi, t ny phi c l in-t-res-ting hay in-t-ris-

ting mi ng? Chng ci no ng, chng ci no sai c. Nhng li t vn sai! T ny ch
yu l ni in cho tht r (stress) ri sau c cho cc ph m l ngi ta hiu, v ngi
bn x ch nghe cc ph m ch khng nghe cc nguyn m kia; ngha l h nghe: in-trstng; v
r cc ph m k tip th h c th ni in-tr(i)st(i)ng; in - tr()st()ng; in-tr(e)st()ng. M cc
m (i)(), lm r cc ph m, th rt nh v nhanh n khng r l m g na. Tri li, nu
c to v r in-tris-ting, th ngi ta li khng hiu v du nhn li sang 'tris'!

T , khi ta pht m ting Anh (ni v nghe l hai phn gn lin nhau - khi ni ta pht m sai,
th khi nghe ta s nghe sai!) th iu ti quan trng l ph m, nht l ph m cui. Ly li v d
trc: cc t fire, fight, five, file phi c c ln lt l fai- ()r; fai-t(); fai-v(), v fai- ()l,
th ngi ta mi hiu, cn c 'fai' thi th khng ai hiu c.

Vi t girl chng hn, th rng bn c g-rl / g-rl (d nhin ch nhn g thi), sai hn vi
k m, th ngi ta hiu ngay, v c r v l, trong khi c ng k m l g:l hay b mt l
(g) th h hon ton khng hiu bn ni g; m c hiu chng na, th cng do context ca cu
ch khng phi l do bn ni ra t .

- Xa b kinh nghim nghe m Vit.

Cc nguyn m Vit v Anh khng h ging nhau. Mt m rt r trong ting Anh s rt nho vi
mt l tai ngi Vit, v mt m rt r trong ting Vit th rt nho trong l tai ngi Anh (ngi
bn x ni ting Anh). V d: Khi bn ni: Her names Hng! Bn c t Hng tht r!
Thm ch la ln tht to v ni tht chm th ngi y vn khng nghe ra. V i vi h l m
rt nho. Nhng ni l Hu-n-gh() h nghe r ngay; t ta phi hiu h khi ni n c
Hungh ch ng i hi h ni tn Hng nh ngi Vit (phi mt vi nm!).

Tng t nh vy, khng c nguyn m ting Anh no ging nh nguyn m ting Vit. Nu ta
ng ha cho d mnh, l ta s khng nghe c h ni, v th gii ny khng quan tm g
n cch nghe ca ngi Vit Nam i vi ngn ng ca h. V d: m a trong man th khng
phi l a hay hay a- hay -a ting Vit, m l mt m khc hn, khng h c trong ting
Vit. Phi nghe hng trm ln, ngn ln, thm ch hng chc ngn ln mi nghe ng m , v
rt r! y l cha ni m a trong t ny, c pht m khc nhau, gia mt c dn London,
Scotland, Boston, Missouri, Texas!

Cng th, m o trong go khng phi l Vit Nam, cng chng phi l -u (nh cch phin
m xa) hay -u (nh cch phin m hin nay), li cng khng phi l u, m l mt m khc
hn ting Vit. Pht m l g, gu hay gu l nho hn, v do nhng t d nh go cng
l vn i vi chng ta khi n c ni trong mt cu di, nu ta khng tp nghe m ca
ting Anh ng nh h ni. Mt m nho th khng c vn g, nhng khi phi nghe mt on
di khng ngng ngh th ta s b ri ngay.

y cng l do mt kinh nghim tai hi xut pht t vic tip thu kin thc. Trong qu trnh hc
cc m ting Anh, nhiu khi gio vin dng m Vit so snh cho d hiu, ri mnh c xem
l chn l khng thm ngh n na. V d, mun phn bit m (i) trong sheep v ship, th
gio vin ni rng I trong sheep l I di tng t nh I trong ting Bc: t; cn I trong ship l I
ngn, tng t nh I trong ting Nam: t - ch. Th l ta cho rng mnh nghe c I di v I
ngn trong ting Anh ri, nhng thc cht l cha bao gi nghe c! Li so snh y to cho
chng ta c mt nim sai lm; thay v xem y l mt ch dn mnh nghe cho ng m, th
mnh li tip thu mt iu sai! Trong ting Anh khng c m no ging m I bc hoc I nam c!
Bng chng: eat trong ting Anh th hon ton khng phi l t trong ting Vit, c theo
ging bc, v it trong ting Anh hon ton khng phi l t trong ting Vit, c theo ging
nam! V th, phi xa b nhng kinh nghim loi ny, v phi nghe trc tip thi!

- Xa b kinh nghim nghe bng ch vit.

Nu ta hi mt em b: chu nghe bng g? Th n s tr li: Nghe bng tai! Nu ta bo: Chu

phi nghe bng mt c! Chc em b tng ta tru em! Th nhng iu xy ra cho nhiu
ngi hc ting nc ngoi l Nghe Bng Mt!

Th nhn li xem. Trong giai on u tip xc vi ting Anh, khi ta nghe mt ngi ni: I
want a cup of coffee!. Tc tc, chng ta thy xut hin cu y di dng ch Vit trong tr
mnh, sau mnh dch cu y ra ting Vit, v ta HIU! Ta Nghe bng MT, nu cu y khng
xut hin bng ch vit trong u ta, ta khng Thy n, th ta ic!
Sau ny, khi ta c trnh cao hn, th ta hiu ngay lp tc ch khng cn phi suy ngh lu. Th
nhng tin trnh cng chng khc nhau bao nhiu, ta vn cn thy ch xut hin v dch, ci
khc bit y l ta vit v dch rt nhanh, nhng t mt m thanh pht ra cho n khi ta hiu th
cng thng qua ba bc: vit, dch, hiu. Khi ta i n mt trnh no , th trong giao tip
khng c vn g c, v cc cu rt ngn, v ba bc c 'process' rt nhanh nn ta khng
b tr ngi, nhng khi ta nghe mt bi di, th s li ra ngay, v sau hai, ba, bn cu lin tc
'processor' trong u ta khng cn th gi lm ba cng vic . Trong lc nu mt ngi
ni bng ting Vit th ta nghe v hiu ngay, khng phi vit v dch (ti v ngy xa khi ta hc
ting Vit th qu trnh l nghe th hiu ngay, ch khng thng qua vit v dch, v li, nu mun
dch, th dch ra ngn ng no?), v ngi ni c nhanh cch my th cng khng th no vt
ci kh nng duy nht ca chng ta l 'nghe bng tai'.

V th, mt s sinh vin cm thy rng mnh tp nghe, v nghe c, nhng nghe mt vi cu
th phi bm stop mt thi gian cht - nh computer ngng mi s li mt t process khi
nhn qu nhiu lnh - ri sau nghe tip; nhng nu nghe mt din gi ni lin tc th sau vi
pht s ic. T , ngi sinh vin ni rng mnh ti trn ri, khng th no tin xa hn
na! V th gii ny khng stop cho ta c gi hiu kp!(1)

T nhng nhn xt trn, mt trong vic phi lm nng cao k nng nghe, y xa b kinh
nghim Nghe bng Mt, m tr li giai on Nghe bng Tai, (hu ht cc du hc sinh nc
ngoi, sau khi lm ch mt ngoi ng ri t trong nc, u thy au n v nhiu kh lm khi
buc phi b thi quen nghe bng mt tr li vi trng thi t nhin l nghe bng tai! C
ngi mt c 6 thng cho n 1 nm mi tm tm vt qua).

- Xa b kinh nghim nghe bng cu trc vn phm.

Khi nghe ai ni, ta vit mt cu vo u, v sa cho ng vn phm, ri mi dch, v sau mi

hiu! V d. Ta nghe iwanago th vit trong u l I want to go, xong ri mi dch v hiu;
nu cha vit c nh th, th iwanago l mt m thanh v ngha.

Th nhng, nu ta nghe ln u tin mt ngi ni mt cu hng ngy: igotago, ta khng th no

vit c thnh cu c, v v th ta khng hiu. Bi v thc t, cu ny hon ton sai vn
phm. Mt cu ng vn phm phi l I am going to go hoc ch t l I have got to go. V nh
th, ng ra th ngi ni, d c ni tc , cng phi ni hoc: I'm gona go; hoc Ive gota go
(ting Anh khng th b ph m), ch khng th l I gotta go! Th nhng trong thc t cuc
sng ngi ta ni nh th, v hiu r rng, bt chp mi lut vn phm. Vn phm xut pht t
ngn ng sng, ch khng phi ngn ng sng da trn lut vn phm. V th ta cng phi bit
nghe m hiu; cn c em vn phm ra m tra th ta s khng mi. (Ti ang ni v k nng
nghe, cn lm sao vit mt bi cho ngi khc c th li l vn khc!)

Tm li, trong phn chia s ny, ti ch mun nhc vi ACE rng, hy NGHE IU NGI
TA NI, CH NG NGHE IU MNH MUN NGHE, v mun c nh vy, th HY
NGHE BNG TAI, NG NGHE BNG MT!

----------
ht phn 2
__________________
Att ~ 2101.81N , HCMC

Mr.Metal

View Public Profile

Send a private message to Mr.Metal

Find all posts by Mr.Metal

#3
02-07-2008, 06:58 PM
Mr.Metal Join Date: Oct 2005
Senior Member Posts: 801
Elite

LM SAO NGHE C TING ANH (phn 3)

Hai bi trc y, ti ni v vic nghe m thanh ca ting Anh, c ngha l lm sao phn bit
c cc m vi nhau n ni, d khng hiu cu y ni g, cng c th lp li ng li ngi ta
ni ra (cu cng di th k nng nghe ca mnh cng cao). D nhin, c nhng ngi c l tai
m nhc thin ph nn phn bit m thanh rt nhanh. V d em Wendy V, mt nhi ng gc
Vit ti North Carolina (tn Vit Nam l V th Ngc Dim). Nm nay em mi 8 tui m ni
c 11 th ting v son 45 bn nhc. Em c kh nng lp li mt cu ni bng bt c ngn
ng no trn th gii, m khng cn hiu ngha. Th nhng thng thng, ngi ta phi mt
nhiu thi gian phn bit cc m trong mt ngn ng mi, tuy nhin TT C MI NGI
u c kh nng ny, bng chng l khng mt ngi no trn tri t (tr ngi ic) l khng
th nghe v ni ngn ng m ca mnh.

Nu thi gian qua, cc bn lng nghe m thanh ting Anh thi, th n nay, hn bn nhn
thy rng bng dng c mt s t hay cm t mnh nghe r rng hn xa, c bit l nhng con
s v nhng danh t ring (ca cc nhn vt, cc a danh ), v nhng t mnh quen thuc.
C nhng on bn nghe mt thi gian di 5-15 pht (nh trn TV) ri bng thy mnh hiu c
bn ni dung chng trnh .

Nh th l cc bn nghe ting Anh. Nhng d mun d khng, khi nghe mt ngn ng m ch

nghe m thanh thi, th cng ging nh mnh nghe nhc (khng li), hay nghe ting gi, ting
chim. Nu ch nghe nh th th khng ng b cng, v ngn ng ct l truyn tin (truyn mt
thng tin). Nu ta khng nm c thng tin bn di m thanh pht ra bng ting Anh, th k
nh chng ta khng nghe c ting Anh. V th, iu chng ta cn hc li trc ht l nghe
ting Anh (nh mt m thanh thun ty) tin n bc sau cng (m bnh thng ngi hc
ngoi ng xem l bc u tin), y l nghe ting Anh, theo ngha l hiu mt thng tin.

V th, sau hai bi ni v cch nghe ting Anh, hm nay ti s i su hn, y l nghe ting
Anh, theo ngha l nm bt ni dung ca thng tin qua mt chui m thanh bng ting Anh.

Nghe ting Anh v nghe ting Anh

1. Nghe trong ng cnh.

Ti tng nhc i nhc li rng ng bao gi tra t in khi mnh nghe mt din t. iu ch yu
l nghe v lp li c nhng m thanh nghe, ri dn dn hiu c mt t mi, khi n xut
hin trong nhiu ni dung khc nhau (nu c nm mnh mi nghe t mt ln, c ngha l t
y khng thng dng v, trong giai on ny, ta khng cn phi bn tm n n!). V d: bn
nghe nhiu ln (m thanh) oubou m khng hiu l g, ln lt trong nhng cu sau:

- To play the oubou you need to have strong arms.

- The oubou is considered one of the most difficult instruments to play.

- The oubou is very difficult to play, because Karen must force air at very high pressure into
the tiny double reed.

Ln u tin, bn chng bit m oubou ch ci g, nhng v i vi play nn bn on rng l

mt ci g chi. Nh th l hiu mt cch tng qut. Ln 2, vi t instrument bn bit
rng l ci chi nhng khng phi l trong th thao, m l trong m nhc. Ln th ba, vi
cm t must force air th ta bit rng l mt nhc c thi hi (kh nhc) ch khng phi l
nhc c dy hay g V ta tm hiu nh th, m khng cn bit phi vit th no, cho n khi
c cu sau (chng hn):

The oboe looks very similar to the clarinet, but sounds very different!

Th l ta bit c r rng l mt nhc kh tng t nh clarinet, v t m ta nghe l oubou

th c vit l oboe (v ta c ng ngay ch khng cn phi tra t in!)

Ps: y cng l vn hiu mt t. Chng ta c cm gic rng nu dch c ting y ra l ta

hiu ngay, th nhng khng c g sai cho bng. Nu bn hc theo qu trnh ngc, ngha l khi
s bit t y di dng ch vit, bn s tra t in v c l: kn -boa! Bn thy hi lng v
mnh hiu! Nhng thc ra, nu bn khng phi l mt nhc s, th kn -boa cng chng
thm g trong kin thc bn. Ngay trong ting m , ta c th hi lng vi khi nim m h v
mt t, nhng khi hc ngoi ng th ta c ci cm gic sai lm l phi tr li vi t m mi
gi l hiu. i vi ti, nightingale l mt loi chim c ting ht hay v thng ht vo ban
m, cn c dch ra l sn ca hay ha mi th cng bng tha, v ti cha bao gi thy v bit
chim sn ca hay ha mi. Thm ch khng bit l c phi mt loi chim hay hai loi chim khc
nhau, v c hai t u c dch l nightingale.

2. Nghe trong ton b bi cnh.

Ta thng ngh rng: mt t th c mt ngha nht nh. Hon ton sai.

- Th tra t tiu cc trong t in: negative. Nh th, mt cn b tiu cc phi c dch l a

negative cadre! Nu cm t ting Vit c ngha r rng th cm t dch ra ting Anh (nh
trn) l hon ton v ngha! Ni cch khc: khi ngi Anh ni negative, th ngi Vit hiu l
tiu cc; nhng khi ngi Vit ni tiu cc, th ngi Anh khng th hiu l negative.

- T ta khng th no hiu ng ngha mt t ting Anh nu khng t vo trong bi cnh ca

n. V d: nu khng rng cu chuyn xy ra Anh hay M, th khi nghe t corn ta c th
hiu sai: Anh l la m, v M l bp!

Nu thy mt ngi m np bnh xng ln m ni Oh my! No more gas th ta hiu ngay rng
gas chnh l xng, mc d trc mnh c th hc: petrol hay gasoline mi l xng, cn gas
c ngha l kh t!

M nhiu khi bi cnh r n ni, ngi ta dng mt t sai mnh cng hiu ng. Bn c th
n cy xng, m bnh v ni: cho ti 30.000 du! Ti cam oan l ngi ta khng thc mc
g c v s XNG ch khng DU vo xe bn; cao lm l trong 100 ln, th mt ln
ngi ta nhc li: xng phi khng? Bn ni l Du ngi ta vn hiu l Xng. V trong ting
Anh cng th! Bn s hiu mt t trong ton b bi cnh ca n.

3. Nghe vi tt c giai iu ca cu.

Trong phn u ti ni rng khi nghe mt cu, ch yu l lm sao nm bt c thng tin ca

chui m thanh y. Ni cch khc, ngn ng c nhim v l truyn tin. Nhng ngoi nhim v
truyn tin th cn mt nhim v th hai, v cng quan trng, y l nhim v truyn cm. Mt
cu ni giao tip hng ngy, lun tim tng ci g trong tht tnh (= by tnh cm con ngi,
ch khng phi l b tnh ph u: h, n, ai, lc, i, , dc). V th, cao , tc , cng ca
cu ni, trng ( di) v du nhn ca mt t, c th l iu mnh cn phi nghe cng
mt lc vi cc m thanh c pht ra, thm ch nghe m iu l chnh. Nu khng th ta hiu
sai, hoc khng hiu g c. ng tng rng khi ta nghe c t hate l ta hiu ngay: ght!

V d nghe mt c gi ni vi mt cu trai: I hate you! Cu ny khng phi lc no cng l Em

ght anh'! Ni vi mt ng iu no th c th hiu l: Ti cm th anh; hay Thi, ti yn;
hay Anh lm ti bc mnh; hay Anh lm em cm ng qu; thm ch: Em yu anh qu chng
chng!

V cch nhn cu cng th. V d trong cu sau y:

I didnt say Paul stole my watch!

Nu ngi ni nhn mnh cc t theo 7 khc nhau, mi cch nhn mt t ( I - didnt - say - Paul
- stole - my - watch ) th ngha s khc nhau hon ton:

I didnt say Paul stole my watch! (Somebody else said that!)

I didnt say Paul stole my watch! (No! I didn't act like that)

I didnt say Paul stole my watch! (I disclosed by another way, but I didn't SAY) v.v

Khi hc ting Vit, chng ta nghe ton b giai iu, nn hiu (v ni ng) cao ca mt t
(ni ng cc du); th nhng khi mt ngi nc ngoi hc ting Vit, chng ta phi kh cng
gii thch cho h ln ging, xung ging, un ging nh th no ni cc du sc, huyn, nng,
hi - ng (do hc nghe bng tai nn ngi Nam v ngi Trung ng ha ? v ~, trong khi ngi
Bc phn bit chng r rng). V th, ngc li, khi nghe ting Anh, cn phi nghe ton b m
iu nm bt nhng tnh cm bn di cu ni.

Nghe vi c giai iu, mnh s hiu (v sau ny s dng) nhng cu hay thnh ng mt cch
chnh xc nh ngi bn ng, m khng cn phi dch ra. V d: cc cu ngn nh: Oh my God!
Look at this! Hoc No way! Hoc You're joking/kidding! Vi ging iu khc nhau, nhng cu
ni hng ngy c th c hiu l mt ting khen hay ch, thn phc hay tht vng, bng
lng hay bt bnh, chp thun hay t chi!

V t , mnh s bit i x khi dng ting Anh cho ng ngha, ch khng ch ng vn

phm. V d, khi tip mt nhn vt quan trng trong c quan bn, bn chun b ni mt cu mi
rt trn trng v ng nghi thc (formal): Would you please (to) take a seat? Th nhng bn
cng thng n ni theo mt m iu no khin ngi kia bc mnh vi bn (m bn
khng h bit), v ng rng bn diu ct ngi ta! Th l hng c mt cuc m phn. Th rng
bn ni n s: Sit down! Vi mt ging ha nh, thi tn trng, c ch lch thip v n ci
nng hu, th khng ai lm bn! Tri li, ni cu rt formal trn kia, vi thi cng thng v
ging ni cc cn (v s ni sai!), th tai hi hn nhiu.

4. Nghe vi nhng g mt t bao hm.

Ngn ng dng truyn tin, nhng ng thi cng truyn cm. V th, mi danh t va ch
nh mt ci g c th (denotation), va km theo mt tnh cm (connotation). Cc t this
gentleman, this man, this guy, this rascal u c mt denotation nh nhau l mt ngi nam no
, nhng connotation th hon ton khc; cng nh i vi mt ngi n no ta c th dng:
a lady, a woman, a girl, a whore. Cng mt t nh communism chng hn. i vi mt ng
vin ng Cng Sn hay mt cm tnh vin, th t y gi ln bao nhiu iu du dng cao p,
cn i vi ngi chng cng, th t y gi ln bao nhiu iu xu xa, c c! Trong khi
denotation ca n ch l mt trit thuyt nh trm ngn thuyt thuyt khc, m d thch d
khng, ngi ta cng phi dng ch nh trit thuyt do Karl Marx ra! T , cu ni
'You're a communist!' c th l mt li khen nng m hoc l mt li ch trch thm t, ty theo
connotation ca n.

Khi hc ting Anh, mun nng cao vn t vng th ta c hc nhiu t ng ngha synonym. Th
nhng, khng bao gi c synonyms ch thc c: ch tng ng trong denotation ch
connotation hon ton khc (v cng v th m khng bao gi c hai t hon ton c ngha ging
nhau hai ngn ng khc nhau: mother/father khng hon ton l cha/m - v mummy/daddy
khng hon ton l ba/m; v tnh cm nh km vi cc t y khc hn gia ngi Vit v
ngi Anh). "Nghe" ting Anh, chnh l bit nghe nhng connotations trong cc thut ng mnh
nghe.
Cho n nay, ti ch ngh cc bn nghe tin tc. Nhng l giai on nghe quen vi cc
m. Trong giai on nghe ting Anh ny, phi bt gi nghe tin tc m xem phng s hoc cc
phim truyn. Trn th gii, cc speakers ca cc chng trnh tin tc buc phi ni vi thi
neutral, ngha l khng c dng t km theo tnh cm, v khng c x l m iu bc l
tnh cm ca mnh, v th h ni rt d nghe, nhng ch nghe tin tc thi th ta b st mt phn
kh ch yu trong ting Anh.

(Tri li thng tn vin Vit Nam nhiu khi cha lm ch c tnh cm mnh trong qu trnh
c mt bn tin, v ngi ta thy ngay l thng tn vin vui mng hay bc tc, tn ng hay bt
ng, vi ni dung bn tin mnh c. Cn ngi vit bn tin th dng nhng t c connotation:
v d trc kia, khi ni n mt tng thng M th bao gi cng l tn Kennedy hoc tn tng
thng Kennedy. Cn hin nay th Ngi tng thng Bush, m t khi ni mt cch trung lp:
Tng Thng G. Bush. Trong khi , hu nh khng bao gi nghe trong mt bn tin: C ch tch
H Ch Minh, m lc no cng l Bc H. Thut ng Bc H mc nhin tim n mt tnh
yu thng v knh trng n cm t c ch tch H Ch Minh, vn l mt cm t neutral,
li tr thnh mt cm t tht knh, xem thng i vi Ch tch H Ch Minh!)

5. Nghe bng tri tim cm iu h cm.

V cui cng, i vi cc bn mun i tht su vo ting Anh, th c th phi hp tt c cc k

nng hiu nhng iu tim tng bn di ngn ng giao tip; v iu ny hng n cch
nghe vn hc. Mi ngn ng u gi ln mt ci g vt ln trn t ng. V th, thi ca l mt
ngn ng c bit. Ngi Vit no, d thch hay khng thch, vn cm c ngn ng ca thi ca.
Do , mun nng cao k nng nghe ting Anh ca mnh th cn tp nghe nhng bi th. Cho
n nay, kh tm nhng bi th audio, nhng khng phi l khng c. Tp nghe c th, dn
dn, chng ta s cm c ci tinh ty ca ting Anh, t ta cm c v sao cng mt t
tng m din t cch ny th 'hay' hn cch kia. By gi ta mi c quyn ni: ti nghe
c ting Anh.

V d, khi mun ngi ta cm nhn ting gi ma thu, th Xun Diu s dng m r trong bi
y Ma Thu Ti:

Nhng lung run ry rung rinh l

Tng t nh vy Robert L. Stevenson vit trong The Wind

I saw you toss the kites on high

And blow the birds about the sky;

And all around I heard you pass,

Like ladies skirts across the grass..

Tc gi lm cho ta cm c ln gi hiu hiu vi cc m r v s ni tip v quyn vo nhau

trong cu cui, km vi hnh nh c o ca vy cc mnh ph lt qua trn c (iu m ngi
Vit Nam hon ton khng c kinh nghim, v mi nt yu kiu u gn lin vi t o di).

Kt lun:

Ti bt u gi nghe ting Anh ri i n vn nghe ting Anh. Tuy nhin, ti lp li,

nhng g ti ni ch l l thuyt, v khng c l thuyt no c th lm cho bn nghe c ting
Anh. Cch duy nht y l bn phi t mnh nghe v rt ra nhng phng php thch hp vi xu
hng, kinh nghim v s thch ca mnh.

Qua lot bi ny, ti lun ph cch nghe da trn vit v dch. Th nhng, nhng iu ti cho
l tr ngi, nhiu khi li c ch cho bn, v nhng th y khng cn tr m cn gip bn nhng
ct mc bm vo. Vng. Nu cc bn thy vic c script, hoc hc t vng, hoc vit thnh
cu v tra t in - nh vn lm t trc n nay - gip cho bn nghe v hiu nhanh hn th c
s dng phng php ca mnh. Ti ch nhc li mt iu ny:

Tt c nhng tr gip cng ging nh chic phao cho ngi tp bi. Khi tp bi, nhiu ngi
cn c mt ci phao bm vo cho d ni, t bo dn xung nc m tp bi. V khng t
ngi bi gii khi s nh th. Bn cng vy, c th nhng cch nghe t trc n gi (nhn
script - hc t - kim tra vn phm) gip bn nhng ct chc chn bm vo m nghe. Vy th
xin nh rng: Chic phao gip cho bn ni, nhng khng gip cho bn bit bi. n mt giai
on no , chnh chic phao li cn tr bn v khng cho bn bi thoi mi.

Hy vt ci phao sm chng no hay chng ny, nu khng n tr thnh mt tr ngi cho bn

khi bn mun bi nhanh v xa.

Hy vt nhng ch vit khi nghe ni, nhanh chng no hay chng y, nu khng chng s cn
tr bn v bn khng bao gi thc s 'nghe' c ting Anh!

----------
Ht
__________________
Att ~ 2101.81N , HCMC

Mr.Metal
 View Public Profile

Send a private message to Mr.Metal

Find all posts by Mr.Metal

#4
02-07-2008, 06:59 PM
Mr.Metal Join Date: Oct 2005
Senior Member Posts: 801
Elite

Bi vit ca tc gi Trn Duy Nhin, c post trn ETF (EnglishTime Forum - EnglishTime.us)
v trn blog ca chnh tc gi, b ba bi vit rt hay. Xin c em v cho mi ngi cng tham
kho!

Have fun!
__________________
Att ~ 2101.81N , HCMC

Last edited by Mr.Metal; 02-07-2008 at 07:09 PM.

Mr.Metal

View Public Profile

Send a private message to Mr.Metal

Find all posts by Mr.Metal

#5
02-07-2008, 10:19 PM
cntt1986 Join Date: Apr 2008
Senior Member Posts: 160
Professionals

Thanks for your sharing. I think this is interesting topic.So, i can get many knowledge from your
sharing.
Have fun !!!
cntt1986

View Public Profile

Send a private message to cntt1986

Find all posts by cntt1986

#6
03-07-2008, 08:21 AM
Join Date: Apr 2006
trainingit Posts: 1,602
Senior Member
Brainiac

Lun lun lng nghe... nhng khng bit l n bao gi mi hiu

__________________
Cisco resources for the exam

no car...no house...no money, but have only a sharing and friendly heart. What's the most
important thing in this life "Heart or Money ?". Anything else can stead money ?

Nothing last forever...

trainingit

View Public Profile

Send a private message to trainingit

Find all posts by trainingit

#7
04-07-2008, 07:27 PM
Join Date: Jan 2008
thanhhuong_vnpro Posts: 136
Senior Member
Senior Member

chia s
Hc ting anh rt gian nan khng phi ai cng c th ni, nghe, vit, c tt ting anh.

Mt s ngi ch c th nghe, ni tt, nhng k nng c, vit li khng c tt.

tc gi vit rt hay, l mt ngi c kinh nghim lu nm trong vic hc ting anh.

c th tip thu ht cc k nng ca tc gi vit th cng cn cc bn c i c li bi vit

trn t nht 10 ln. Th cc bn mi c th hiu c lm cch no nghe ting anh tt, ngoi ra
cc bn cn kin tr. C gng mi ngy dnh thi gian nghe t nht l 20 pht ting anh.

Nh l phi kin tr ,

Chc cc bn sm ci thin c kh nng nghe ting anh,

Gi cc bn mt s trang hc ting anh, hy vng s gip ch cho cc bn

http://www.esl-lab.com/ ----> gip cho vic luyn nghe

http://www.usingenglish.com/ ---------> gip b tr ng php

http://www.listen-to-english.com/ ---------> gip luyn nghe ting anh do ngi cc nc ng

u ni

http://www.petalia.org/Englishpage.htm

Thanh Hng.

thanhhuong_vnpro

View Public Profile

Send a private message to thanhhuong_vnpro

Find all posts by thanhhuong_vnpro

#8
19-09-2008, 06:58 AM
kimluanbk Join Date: Aug 2008
Junior Member Posts: 5
Newbie
Bai viet rat bo ich! Cam on tac gia nhieu nhieu!
__________________

Sng thnh cng

kimluanbk

View Public Profile

Send a private message to kimluanbk

Find all posts by kimluanbk

#9
19-09-2008, 09:29 AM
huantiengiang Join Date: Sep 2008
Junior Member Posts: 3
Newbie

Luon luon lang nghe sao khong thay hieu

huantiengiang

View Public Profile

Send a private message to huantiengiang

Find all posts by huantiengiang

#10
26-09-2008, 03:33 PM
hoctienganh Join Date: Sep 2008
Junior Member Posts: 4
Newbie
Nng cao kh nng ting Anh

Bi vit ca tc gi v cch hc ting Anh trn y tht hay v b ch. Qua bi vit ny ti
thy mnh trong , c vn t vng, ng php ting Anh nhng ti khng th ni ting Anh lu
lot v hu ht mi ngi u khng th hiu c ti ang ni g.
 Ngoi ra, rn luyn ting Anh chng ta cng c th tham gia cc CLB ting Anh c
luyn nghe ni, din t. Nhn y ti cng xin gii thiu vi mi ngi CLB Anh ng
SaigonTech do Saigon Institute of Technology t chc vo 8g30 sng Ch nht hng tun
ti lu 5 - ta nh Anna - Cng vin phn mm Quang Trung - P. Tn Chnh Hip - Q12 -
Tp. HCM. Nu c iu kin mi ngi n tham gia nh.

hoctienganh

View Public Profile

Send a private message to hoctienganh

Find all posts by hoctienganh

Page 1 of 2 1 2 >

Previous Thread | Next Thread

Thread Tools
Show Printable Version
Email this Page
Display Modes

Linear Mode

Switch to Hybrid Mode

Switch to Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Rules
 Similar Threads
Last
Thread Thread Starter Forum Replies
Post
07-02-
2009
Ngh thut NAT tranmyphuc Cc cng ngh Microsoft 10
11:59
AM
02-04-
Mt ci nhn v thi c 2004
ccnphanoi Box Phi tin (Non-IT) 1
nc ta ! 10:34
AM
23-12-
2003
chinh phc nh cao hoachuoi Ti thi u chng ch quc t 19
08:54
PM
24-09-
Config ISA for ISA 2003
nadmad Cc cng ngh Microsoft 7
newbies. - Suu tam 11:52
AM
23-08-
ADSL over DLC (Digital 2003
quoc_anh WAN & Remote Access 2
Loop Carrier) 03:01
PM

All times are GMT +7. The time now is 08:57 AM.

Contact Us - Home - Archive - Top

TRUNG TM TIN HC VNPRO

Email : [email protected] Powered by vBulletin Version 3.8.5
149/1D Ung Vn Khim, P. 25, Q.Bnh Thnh Copyright 2000 - 2010, Jelsoft Enterprises Ltd.
T : +848 35124257 License owned by : VietProfessional Co.,Ltd
Fax : +848 35124314
http://www.vnpro.org/forum/forumdisplay.php?f=35

http://vnpro.org/forum/showthread.php?t=4163

http://www.vnpro.org/forum/showthread.php?t=14647

12:32 AM
14/3

http://ipadvn.net/vn/theme-s/themes-ipad-iphone/181-huong-dan-cach-thay-doi-theme-cho-ipad-
iphone-itouch.html

12:32 AM
14/3

http://ipadvn.net/vn/theme-s/themes-ipad-iphone/181-huong-dan-cach-thay-doi-theme-cho-ipad-
iphone-itouch.html

5:50 PM
17/3

http://vnpro.org/forum/archive/index.php/t-23908.html

5:50 PM
17/3

http://vnpro.org/forum/showthread.php?t=23307

5:51 PM
17/3

http://vnpro.org/forum/showthread.php?t=23307

10:36 AM
22/3

http://volcanoteam.net/forum/showpost.php?p=1&postcount=1

10:37 AM
22/3

http://volcanoteam.net/forum/showpost.php?p=1&postcount=1

10:32 PM
25/3

http://rapidlibrary.com/index.php?q=madvlock+ipa&page=5&filetype=

12:07 AM
28/3

http://www.thienlong.org/forumvn/showthread.php?t=104382
 12:13 AM
28/3

http://www.thienlong.org/forumvn/showthread.php?t=104382

7:53 AM
28/3

http://www6.vnmedia.vn/newsdetail.asp?newsid=189223&catid=35

6:45 PM
29/3

http://06ct3.com/front/showthread.php?tid=1168

11:17 AM
31/3

http://06ct3.com/front/showthread.php?tid=1057

5:29 AM
4/4

http://forum.saobacdau-acad.vn/showthread.php?p=11218#post11218

5:35 AM
15/4

http://ttgcenter.com/forum/showthread.php?p=3021

5:36 AM
15/4

http://forum.saobacdau-acad.vn/showthread.php?p=11218#post11218

7:28 AM
15/4

http://forum.saobacdau-acad.vn/showthread.php?p=11218#post11218

7:29 AM
15/4

http://forum.saobacdau-acad.vn/showthread.php?p=11218#post11218

5:14 PM
18/4

http://www.vnpro.org/forum/showthread.php?t=14647

5:14 PM
18/4

http://vnpro.org/forum/showthread.php?t=4163

5:15 PM
18/4

http://www.vnpro.org/forum/forumdisplay.php?f=35

Tn khng c trong danh schBo co tt c l tin rc

sineadpd
Tin rcTr li
9:46 AM
9/4

[email protected]/?afv/.0bsl%5e_flrdko
m3qjmu19b1jqg4kmwa3owgyidvgsb6qunw6

Lab 1-1: ng nh p vo router giao di n dng l n h

Yu cu

Bi thc hnh ny gip ngi c lm quen vi ch l nh (CLI-Command Line Interface) v

m t s l nh c bn ca h iu hnh CiscoIOS.

Hng dn

1. Ni cp

m bo an ton thit b trong khi thc hnh, cn phi tt hon ton ngun i n cc thit
b trong khi ni cp. Dng cp Console (cp Rolled) ni cng COM1 ca my PC (dng
Terminal chuyn i t DB-9 sang RJ45) vi cng Console ca Router.
 Kim tra li dy m bo ni chc chn.

2. ng nh p vo router

Khi ng Windows, vo HyperTerminal

Start - Programs - Accessories - Communications - Hyper Terminal

- Name: <tn file lu tr >

- Icon: chn biu tng tu thch.

Connect using : COM1

 Thit l p cu hnh nh trong h p thoi sau:

Khi ng Router
B t ngun cho Router.
 Xem cc thng tin v Router c hin th trn HYPER TERMINAL.

System Bootstrap, Version 11.0(10c), SOFTWARE

Version ca IOS ang lu trong ROM

Copyright (c) 1986-1996 by cisco Systems
2500 processor with 14336 Kbytes of main memory Cho bit loi b x l Router (2500) v

dung lng b nh RAM

Notice: NVRAM invalid, possibly due to write erase.

F3: 4+573916 at 0x3000060

Restricted Rights Legend

Use, duplication, or disclosure by the Government is

subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

cisco Systems, Inc.

170 West Tasman Drive
San Jose, California 95134-1706

Cisco Internetwork Operating System Software

IOS (tm) 2500 Software (C2500-I-L), Version 12.1(3), RELEASE SOFTWARE (fc1)

Version ca IOS ang lu trong flash

Copyright (c) 1986-2000 by cisco Systems, Inc.

Compiled Thu 06-Jul-00 07:33 by cmong
Image text-base: 0x0303E710, data-base: 0x00001000

cisco 2509 (68030) processor (revision M) with 14336K/2048K bytes of memory.

Processor board ID 07143970, with hardware revision 00000000
Bridging software.
X.25 software, Version 3.0.0.
1 Ethernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
8 terminal line(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read ONLY)
--- System Configuration Dialog ---

Would you like to enter the initial configuration dialog? [yes/no]: no

Would you like to terminate autoinstall? [yes]:

Press RETURN to get started!

Nhn Enter tip tc xut hi n du nhc i l nh, lc ny ang user mode, vo

priviledge mode, dng l nh enable

Router>_
Router>enable
Router#

quay li user mode bng l nh disable hoc lnh exit

Router#disable
Router>

Dng l nh logout thot ch dng l nh

Router>logout
Router con0 is now available
Press RETURN to get started.

Bn ang ch user mode, nh p k t ? (chm hi) xem cc l nh c dng trong ch

ny:

Router>?
Exec commands:
access-enable Create a temporary Access-List entry
access-profile Apply user-profile to interface
clear Reset functions
connect Open a terminal connection
disable Turn off privileged commands
disconnect Disconnect an existing network connection
enable Turn on privileged commands
exit Exit from the EXEC
help Description of the interactive help system
lock Lock the terminal
login Log in as a particular user
logout Exit from the EXEC
mrinfo Request neighbor and version information from a multicast
router
mstat Show statistics after multiple multicast traceroutes
mtrace Trace reverse multicast path from destination to source
name-connection Name an existing network connection
pad Open a X.29 PAD connection
ping Send echo messages
ppp Start IETF Point-to-Point Protocol (PPP)
resume Resume an active network connection
--More--

Nu s hng thng tin cn hin th nhiu hn m t trang mn hnh (25 hng), cui mn hnh
hi n ch --More-- bn nhn phm ENTER xem hng k tip, ho c phm SPACE xem
trang k tip. Nu bn nhn phm ENTER, thng tin s hin th thm tng hng. Nu bn dng
SPACE BAR, thng tin s hin th theo trang mn hnh.
L nh gip (?) rt hu dng, bn c th dng trong bt k ch no, Router s a ra cc
mc chn c php s dng v ngha ca l nh . V d bn mun xem tip cc phn ca
l nh show, bn g:

Router>show ?

Ho c bn khng nh tt c nhng lnh bt u bng cc k t te, bn c th g:

Router>te?
Telnet Terminal

Khi , router s lit k tt c cc lnh bt u bng te.

H iu hnh trong Router Cisco cho php g tt. Bn ch cn g s k t phn bi t

cc cu l nh vi nhau l cu l nh c chp nh n, ho c bn nhn phm TAB hi n y
cu l n h.

Router>tel[TAB]
Router>telnet

Vo ch global-configuration-mode, dng l nh configuration terminal

Router#configuration terminal
Enter configuration commands, one per line. End with CNTL/Z.

M t s t hp phm tt: K thi CCNA i hi ngi hc phi s dng thnh tho t hp cc

phm tt ny. Ngai ra, mt s chng trnh dng lm terminal c th khng h tr cc t hp
phm ny.

Ctrl-A

Tr v u dng
Ctrl-B
Mi tn tri
Tr v m t k t
Esc-B

Tr v m t t
Ctrl-E

n cui dng
Ctrl-F
Mi tn phi
Ti m t k t
Ctrl-P
Mi tn ln
n cu l nh thc hi n trc
Ctrl-N
Mi tn xung
n cu l nh thc hi n sau cu l nh

3. Xem thng tin v cu hnh ca router

Ti ch privileged mode, bn hy thc hi n cc l nh sau, v kim tra kt qu ca tng

l nh:

show version
Xem tn files IOS, version ca IOS ang s dng, cu hnh phn cng ca Router, ch
BOOT (thanh ghi)
show flash:
dir flash
Xem file IOS ang lu trong flash
dir nvram
Xem cc file ang lu trong NVRAM
show interface [interface]
Xem cu hnh ca tt c cc cng hay ca cng c ch nh
show running-config
Xem cu hnh chung ang s dng
show startup-config
show configuration
Xem cu hnh chung dng cho khi ng (lu trong NVRAM)
show clock
Xem ng h
show user
Xem cc kt ni ang truy c p vo Router
show line
Xem tt c cc kt ni (line) ca Router
show ip route
Xem bng chn ng ca Router
show arp
Xem bng tng ng (map) t a ch MAC v a ch IP
show host
Xem tn v a ch ca cc host bit ( c t tn)

Xo cu hnh c router dng lc khi ng: dng l nh erase startup-config. Khi thc
hi n l nh ny, nu xem li cu hnh khi ng, bn s nh n thng bo li

Router#erase startup-config
Erasing the nvram filesystem will remove all files!
Continue? [confirm]
[OK]
Erase of nvram: complete
Router#sh start
%% Non-volatile configuration memory is not present
Router#
4. S dng HYPER TERMINAL

S dng trnh tic ch truyn file ca HYPER TERMINAL

c th cu hnh nhanh m t Router, bn c th son tho trc cc cu l nh bng NotePad
theo ng trnh t, lu di dng file text, sau dng Send Text File... (Transfer -> Send Text
File...) truyn File:

V d: bn son tho file SHOW.TXT nh sau:

show version
show flash:
show running-config
show startup-config
configuration terminal
exit

Cch truyn file ch hu dng vi cc l nh cu hnh khng c cc thng s xc nh n (m t

dng l cu l nh hon chnh), khng thc hi n c cho cc cu l nh c thng s la chn.
Chng hn: khng nn dng cho l nh enable (v c th phi xc nh n mt khu), khng th
dng cho l nh lu cu hnh vo NVRAM v c xc nh n tn file:

Router#copy running-config startup-config

Destination filename [startup-config]?
Building configuration...
[OK]

Chnh thi gian tr dng l nh

c th theo di kp cc thng bo, bn ci thi gian tr khi truyn tng dng khong 2000ms
- 4000ms (Chn File Properties ASCII Setup ...)

Capture thao tc
 Trong qu trnh lm Lab, bn mun ghi li cc thao tc, cc thng tin ca Router khi thc
hnh, bn s dng Capture ca Hyper -Terminal (Transfer Capture Text ... )

Bn hy nh p tn file vi ng dn y . Bt u t lc ny, tt c cc thao tc ca bn v

kt qu u c ghi li. Khi thc hi n xong, nh Stop Capture (Transfer -> Capture Text ->
Stop) lu file v s dng WordPad xem li.

Lab 1-2: t mt khu cho router

M ta

Thng thng co cc loai mt khu bao mt cho mt router Cisco nh sau:

Loai mt khu u tin la enable. Lai nay c s dung vao ch enabled
mode. Router s yu cu ban nhp mt khu nay vao khi bn nh lnh enable t
user mode chuyn sang ch enable mode.
Ba loai con lai la mt khu khi ngi dng truy cp qua cng console, cng Aux,
hay Telnet.

Mt khu co phn bit ch hoa hay ch thng (case sensitive), va khng qu 25

ky t. Cc ky t nay co th la ch hoa, ch thng, con s, cc du chm cu va
khoang cch; tuy nhin ky t u tin khng c la du trng.

Thc hin

Mt khu truy cp vao enable mode

Hai loai enable mt khu trn router, t bng cc lnh sau:

Router(config)#enable secret vip mt khu la vip

Router(config)#enable password cisco mt khu la cisco

ch mc inh, mt khu dang khng ma hoa (clear-text) trong file cu

hinh; Lnh enable secret password s ma hoa cc mt khu hin co ca router. Nu
co t enable secret, no se co hiu lc manh hn cc mt khu con li.

Mt khu truy cp vao User Mode

1. t mt khu cho user mode bng lnh line, xem xet cc thng s theo sau
bng cch nh du ? sau lnh line.

Router(config)#line ?
<0-4> First Line number
aux Auxiliary line
console Primary terminal line
vty Virtual terminal

aux t mt khu cho cng aux, thng dng khi cu hinh cho modem gn
router, quay s vao cu hinh router.
console t mt khu trc khi vao user mode
vty t mt khu telnet vao router. Nu khng t mt khu, khng th thc
hin telnet vao router.

t mt khu cho user mode, cn xc inh line mun cu hinh va dng lnh
login router a ra thng bo chng thc oi hoi nhp mt khu.

2.t mt khu trn cng aux ca router:

vao global config mode nh lnh line aux 0.

Chu y rng chi c chon s 0 vi thng thng chi co mt cng auxilary trn
router.

Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#line aux 0
Router(config-line)#login
Router(config-line)#password vip

Cu lnh login rt quan trong, nu khng co lnh nay, router se khng thng bo
oi hoi chng thc.

3. t mt khu truy cp cho cng console trn router: dng lnh line console 0

Router(config)#line console 0
Router(config-line)#login
Router(config-line)#password vnpro

4. t mt khu telnet: dng lnh line vty

Router(config-line)#line vty 0 4
Router(config-line)#login
Router(config-line)#password vnpro

Sau khi router cu hinh ia chi IP, ban co th dng chng trinh Telnet cu hinh
va kim tra router thay vi s dung cp console.
Kim tra

Kim tra lai cc loai mt khu a t bng cch xem cu hinh hin tai ang chay,
thc hin lnh show running-config:

Router#show running-config
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
!
enable secret 5 $1$Y3Hx$iF7j2hPkFe6/hwJG.NZOg.
enable password cisco
!
!
interface Ethernet0
no ip address
shutdown
!
interface Serial0
no ip address
shutdown
!
!
line con 0
password rrr
login
line aux 0
password vip
login
line vty 0 4
password RRR
login
!
end

Trong cu hinh ta thy enable secret password dang ma hoa. Cc mt khu khc
dang khng ma hoa. H iu hanh Cisco IOS cho phep ma hoa tt ca cc mt
khu trong file cu hinh bng lnh service password-encryption tai global
configuration mode:

Router#
Router#conf ter
Router(config)#service password-encryption
Router(config)# [CtrlZ]
Router#show running-config
Building configuration...
 Current configuration:
!
version 12.0
service password-encryption
!
hostname Router
!
enable secret 5 $1$Y3Hx$iF7j2hPkFe6/hwJG.NZOg.
enable password 7 01100F175804
!
!
interface Ethernet0
no ip address
shutdown
!
interface Serial0
no ip address
shutdown
!
!
line con 0
password 7 111B0B17
login
line aux 0
password 7 0312521B
login
line vty 0 4
password 7 1520393E
login
!
end

Tt ca cc mt khu a c ma hoa. Mt khu Enable secret vn dang cu; Mc

ma hoa c hin th bng ch s ng ngay trc mi mt khu. Cc gi tri co
th co cua ch s nay la:

7 : mt khu c ma hoa theo thut ton hai chiu MD7; mt khu dang nay co
th giai ma c.
5 : mt khu c ma hoa theo thut ton mt chiu MD5; khng th giai ma
c dang nay.
0 : (hoc khng co gi tri) mt khu c hin thi dang khng ma hoa.
Nu tt ch ma hoa vi cu lnh no service password-encryption, thi mt khu

1-3: Cc lnh c ban ca h iu hnh Cisco IOS

1. t router banner

t li cho khi ngi dng ng nh p qua cng console hay telnet vo router. Trong thc t,
lnh banner c dng ra cc cnh bo i vi cc truy cp tri php vo router. Lnh ny ch
c tnh cht cung cp thng tin v h thng m ngi dng ang truy cp vo.

Cu l nh thc hi n ti global configuration mode nh sau

Router(config)#banner ?
LINE c banner-text c, where 'c' is a delimiting character
exec Set EXEC process creation banner
incoming Set incoming terminal line banner
login Set login banner
motd Set Message of the Day banner

Tham s motd thng hay c s dng nht. Thng s ny a ra thng bo cho mi ngi
khi quay s hay kt ni vi router thng qua Telnet, cng aux hay cng console.

Router(config)#banner motd ?
LINE c banner-text c, where 'c' is a delimiting character
Router(config)#banner motd #
Enter TEXT message. End with the character '#'.
Chao cac hoc vien lop CCNA
#
Router(config)#^Z
Router#
%SYS-5-CONFIG_I: Configured from console by console
Router#exit

Router con0 is now available

Press RETURN to get started.

Chao cac hoc vien lop CCNA

Router>
 loi b banner dng l nh no banner login

Router#
Router#conf t
Router(conf)#no banner login

2. Cu hnh cc cng giao tip trn router:

Cu hnh cc cng giao tip ca router l m t trong nhng tc v cu hnh quan trng nht trong
qui trnh cu hnh mt thit b nh tuyn router. Tc v ny phi chnh xc router c th trao
i cc thng tin vi cc thit b khc cng nh l c th trao i c d liu. Cc bc cu
hnh nh sau:

Ti ch cu hnh tan cc, ta dng l nh interface [loi interface] [s th t]

cho php interface hot ng, hy dng l nh no shutdown.
tt m t interface dng l nh shutdown.
Nu m t interface b shutdown, trng thi hin th s l administratively down khi dng l nh
show interface xem trng thi ca mt cng giao tip. Khi , nu dng l nh show running-
config, ta s thy kt qu lnh s hin th trng thi ca cc giao tip l shutdown.
M c nh cc interface trng thi shutdown.

Router#sh int e0
Ethernet0 is administratively down, line protocol is down
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int e0
Router(config-if)#no shutdown
Router(config-if)#^Z
%LINK-3-UPDOWN: Interface Ethernet0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to up

Router#sh int e0
Ethernet0 is up, line protocol is up

t a ch IP cho m t interface

Router(config)#int e0
Router(config-if)#ip address 172.16.10.2 255.255.255.0
Router(config-if)#no shut

Nu mun t thm mt a ch th hai cho cng giao tip, phi dng tham s secondary.
Mt cng giao tip ca router c th t nhiu a ch IP.

Router(config-if)#ip address 172.16.20.2 255.255.255.0 secondary

Router(config-if)#^Z
Router#sh run
Building configuration
Current configuration:
...
!
interface Ethernet0
ip address 172.16.20.2 255.255.255.0 secondary
ip address 172.16.10.2 255.255.255.0
!

M t s l nh cho cng serial ca router:

L nh clock rate: t xung clock cho DCE. Nu t lnh clock rate trn m t cng giao tip
khng phi l DCE th cu l nh khng c tc dng.

Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int s0
Router(config-if)#clock rate ?
Speed (bits per second)
1200
2400
4800
9600
19200
38400
56000
64000
72000
125000
148000
250000
500000
800000
1000000
1300000
2000000
4000000
<300-4000000> Choose clockrate from list above
Router(config-if)#clock rate 64000
%Error: This command applies only to DCE interfaces
Router(config-if)#int s1
Router(config-if)#clock rate 64000

L nh bandwith: ch mc nh, cc cng giao tip ca thit b nh tuyn Cisco s hat

ng bng thng ca T1 (1,544 Mbps). Tuy nhin, lnh bandwidth khng nh hng g n tc
truyn d liu tht s ca cng giao tip. Lnh bandwidth ch c tc ng n qu trnh tnh
tan metric ca cc giao thc nh tuyn nh IGRP, EIGRP hay OSPF tnh ton chi ph tt
nht ti m t mng xa.

Router(config-if)#bandwidth ?
<1-10000000> Bandwidth in kilobits Bandwidth c tnh bng Kbit

Router(config-if)#bandwidth 64

M t cho cng giao tip: m t rt hu ch cho ngi qun tr v n ch c tc dng cc b ,

dng l nh description ti interface mode; xem li dng l nh show run hay show interface

Router(config)#int e0
Router(config-if)#description Sales Lan
Router(config-if)#int s0
Router(config-if)#description Ket noi Wan toi VnPRO

Router#sh run
[...]
!
interface Ethernet0
description Sales Lan
ip address 172.16.10.30 255.255.255.0
!
interface Serial0
description Ket noi Wan toi PTIT
no ip address
no ip directed-broadcast
no ip mroute-cache

Router#sh int e0
Ethernet0 is up, line protocol is up
Hardware is Lance, address is 0010.7be8.25db (bia 0010.7be8.25db)
Description: Sales Lan
...

Router#sh int s0
Serial0 is up, line protocol is up
Hardware is HD64570
Description: Ket noi Wan toi PTIT
...
Router#

3. t hostname
t tn cho router bng l nh hostname, tn ch c tc dng cc b . Vic t hostname l cn
thit trong qui trnh cu hnh router.

Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname RRR
RRR(config)#

4. Lu cu hnh
Dng l nh copy running-config startup-config hay write memory lu file cu hnh t DRAM
vo NVRAM (c th dng l nh tt copy run start hay wr)

RRR#copy run start

Destination filename [startup-config]?[Enter]
Building configuration...

Xem li file lu trong NVRAM

RRR#show startup-config

5. Cc l nh kim tra cu hnh

L nh ping c th dng vi cc giao thc khc nhau, thc hi n user-mode hay priviledge-
mode

RRR#ping ?
WORD Ping destination address or hostname
appletalk Appletalk echo
decnet DECnet echo
ip IP echo
ipx Novell/IPX echo
srb srb echo
<cr>

Telnet kim tra kt ni IP

RRR#telnet ?
WORD IP address or hostname of a remote system
<cr>

M t cch kim tra hot ng ca cng giao tip ca router l dng l nh show interface.
L nh ny s hin th trng thi ca tt c cc cng giao tip ca router.

Router#sh int ?
Ethernet IEEE 802.3
Null Null interface
Serial Serial
accounting Show interface accounting
crb Show interface routing/bridging info
irb Show interface routing/bridging info
<cr>

C th ch ra cng giao tip xem thng tin c th v cng giao tip .

RRR#sh int e0
Ethernet0 is up, line protocol is up
Hardware is Lance, address is 0010.7b7f.c26c (bia 0010.7b7f.c26c)
Internet address is 172.16.10.1/24
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set, keepalive set (10 sec)
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:08:23, output 00:08:20, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
...
M t s thng bo s c thng g p i vi cng giao tip serial v cch gii quyt s c (trng
thi lin kt xem bng l nh show interface serial x trong x l s th t ca cng).

Trng thi ca lin kt

Nguyn nhn
Cch khc phc
Serial x is up, line protocol is up
kt ni c.
Serial x is down, line protocol is down.
Router khng nh n c tn hi n carrier detect (CD) do m t trong cc nguyn nhn sau:
ng kt ni b down
Cp kt ni vo router b hng hay sai.
Phn cng ca router b hng
Xem li ti li u hng dn xem cch kt ni cp v loi cp s dng ng hai cha.
Kt ni vo cc cng khc.

Serial x is
administratively down, line protocol is down. Cha cho php router cng hot ng. Thc hi n
no shutdown trong cu hnh cng serial c hai pha.
Serial x is up, line protocol is down.
Cu hnh sai gia hai router hai u.
Remote router khng gi keepalive packet.
Clock rate cha c t trn Router DCE Kim tra li cu hnh IP hai u v phi m
bo encapsulation ging nhau.
B l nh no keepalive hai u trong cu hnh cng serial
t clock rate cho Router DCE bng l nh clock rate xxxxx trong cu hnh cng serial.

Serial x is up, line protocol is up (looped).

(trng thi ny t g p trong lab) Gy nn do trng thi l p ca ng truyn.
Dng l nh show runningconfig xem xt c cng no b cu hnh di dng loop hay
khng. Nu c, b trng thi ny i.
Reset li cng bng l nh shutdown, ri sau no shutdown.
__________________
Viet Professionals Co. Ltd. VnPro
---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257 (7 lines)
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support forum: http://vnpro.org
LiveChat : http://www.vnpro.vn/support
Blog VnPro : http://vnpro.org/blog
Forum Wifi : http://wifipro.org

Lab 3-3: Cu hnh RIP c bn

M t & yu cu

Router A, B, C s dng RIP qung co thng tin nh tuyn

Router B hot ng nh DCE cung cp xung clock cho router A v C
Cc router cu hnh RIP v qung co tt c cc mng ni trc tip.
T router A, B v C, ta ping c ht cc a ch trong mng.

Cu hnh
Router A
!
hostname Router A
no ip domain-lookup
!
interface Loopback0 inh nghia interface ao lam im kim
tra
ip address 10.1.1.1 255.255.255.0
!
interface Ethernet0
ip address 148.1.1.1 255.255.255.0
no shutdown
no keepalive cho phep cng Ethernet vn up khi khng kt ni
vi bn ngoai
!
interface Serial0
ip address 192.1.1.1 255.255.255.0
no shutdown
!
router rip kich hoat qua trinh inh tuyn RIP trn router
network 10.0.0.0 chi ra mang se quang cao va xac inh interface
nao se gi va nh
n thng tin inh tuyn RIP
network 148.1.0.0
network 192.1.1.0
!
no ip classless
!
end

Router B
!
hostname RouterB
no ip domain-lookup
!
interface Serial0
ip address 192.1.1.2 255.255.255.0
clock rate 64000 hoat
ng nh DCE cung cp xung clock
no shutdown
!
interface Serial1
ip address 193.1.1.1 255.255.255.0
clock rate 64000 hoat
ng nh DCE cung cp xung clock
no shutdown
!
router rip
network 192.1.1.0
network 193.1.1.0
!
end
+ xc nh router no cung cp xung clock tc l thit b DCE dng cu l nh: show
controller [type number]

Router C
!
hostname RouterC
no ip domain-lookup
!
interface Ethernet0
ip address 152.1.1.1 255.255.255.0
no shutdown
no keepalive v hi
u hoa keepalive trn router cho phep
interface ethernet0 vn up khi khng kt ni ra bn ngoai
!
interface Serial0
ip address 193.1.1.2 255.255.255.0
no shutdown
!
router rip
network 152.1.0.0
network 193.1.1.0
!
no ip classless
!
end

Cc bc thc hi n
t hostname, t a ch IP cho cc cng Loopback, Serial, Ethernet
i vi RouterA

Router>en
Router#config terminal
Router(config)#hostname RouterA

RouterA(config)#interface Loopback
RouterA(configif)# ip address 10.1.1.1 255.255.255.0
RouterA(configif)#exit

RouterA(config)#interface Ethernet0
RouterA(configif)#ip address 148.1.1.1 255.255.255.0
RouterA(configif)#no shutdown
RouterA(configif)#no keepalive
RouterA(configif)#exit

RouterA(config)#interface Serial0
RouterA(configif)#ip address 192.1.1.1 255.255.255.0
RouterA(configif)#no shutdown
RouterA(configif)#end
RouterA#

Cu hnh tng t i vi RouterB v RouterC. Lu ti RouterB c l nh clock rate khi cu

hnh cng Serial.

RouterB(config)#interface Serial0
RouterB(configif)#ip address 192.1.1.2 255.255.255.0
RouterB(configif)#clock rate 64000
RouterB(configif)#no shutdown

RouterB(configif)#interface Serial1
RouterB(configif)#ip address 193.1.1.1 255.255.255.0
RouterB(configif)#clock rate 64000
RouterB(configif)#no shutdown
RouterB(configif)#end
RouterB#

Kim tra hot ng cng Serial ti cc router bng l nh show interface [Type Number]

RouterA#show interface Serial0

Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 192.1.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
Last input 00:00:06, output 00:00:08, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output
drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/3/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
489 packets input, 30563 bytes, 0 no buffer
Received 473 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
524 packets output, 33973 bytes, 0 underruns
0 output errors, 0 collisions, 26 interface resets
0 output buffer failures, 0 output buffers swapped out
15 carrier transitions
--More-
RouterB#sh int s0
Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 192.1.1.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
...
RouterB#show interface serial1
Serial1 is up, line protocol is up
Hardware is HD64570
Internet address is 193.1.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
...

RouterC#show interface Serial0

Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 193.1.1.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
...
Chy giao thc nh tuyn RIP trn mi router

RouterA(config)#router rip
RouterA(configrouter)#network 10.0.0.0
RouterA(configrouter)#network 148.1.0.0
RouterA(configrouter)#network 192.1.1.0

RouterB(config)#router rip
RouterB(configrouter)#network 192.1.1.0
RouterB(configrouter)#network 193.1.1.0

RouterC(config)#router rip
RouterC(configrouter)#network 152.1.0.0
RouterC(configrouter)#network 193.1.1.0

Kim tra
Xem bng nh tuyn bng l nh show ip route

RouterA# show ip route

...
Gateway of last resort is not set
10.0.0.0 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Loopback0
148.1.0.0/24 is subnetted, 1 subnets
C 148.1.1.0 is directly connected, Ethernet0
R 152.1.0.0/16 [120/2] via 192.1.1.2, 00:00:20, Serial0
C 192.1.1.0/24 is directly connected, Serial0
R 193.1.1.0/24 [120/1] via 192.1.1.2, 00:00:20, Serial0

+ Dng l nh show ip route rip nu ch mun xem cc route hc t RIP.

RouterA# show ip route rip

R 152.1.0.0/16 [120/2] via 192.1.1.2, 00:00:20, Serial0
R 193.1.1.0/24 [120/1] via 192.1.1.2, 00:00:20, Serial0

T router ping cc a ch trn mng

RouterC#ping 192.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.1.1 timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4
ms

RouterC#ping 192.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.1.2 timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4
ms

RouterA#ping 148.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 148.1.1.1 timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4
ms

RouterC#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1 timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4
ms

Ta c th xem qu trnh c p nh t nh tuyn ca RIP bng cch dng l nh debug ip rip. Ch

ti cng serial0, RouterA khng qung co network hc t RouterB (152.1.0.0 v 193.1.1.0)
nhng cc router cn li cc network ny c qung co. y l hot ng ca c ch split
horizon: khi split horizone hot ng, router s khng qung co route ngc tr li ni n n.
RouterA#debug ip rip
RIP: sending v1 update to 255.255.255.255 via Ethernet0
(148.1.1.1)
network 10.0.0.0, metric 1
network 152.1.0.0, metric 3
network 192.1.1.0, metric 1
network 193.1.1.0, metric 2
RIP: sending v1 update to 255.255.255.255 via Loopback0
(10.1.1.1)
network 148.1.0.0, metric 1
network 152.1.0.0, metric 3
network 192.1.1.0, metric 1
network 193.1.1.0, metric 2
RIP: sending v1 update to 255.255.255.255 via Serial0 (192.1.1.1)
network 10.0.0.0, metric 1
network 148.1.0.0, metric 1

Khi debug chy, router s a ra thng tin nh tuyn RIP, ngng debug dng l nh:

RouterA#undebug all

V hi u ho split horizon ti RouterA dng l nh ti interface mode

RouterA(config)#int s0
RouterA(configif)#no ip splithorizon

Lc ny, kim tra thng tin nh tuyn ti RouterA dng l n h debug ip rip. Thng tin xut
hi n di y (ch tt c cc route c qung co ra cng serial , bao gm c cc route hc t
RouterB v RouterC):

RouterA#debug ip rip
RIP: sending v1 update to 255.255.255.255 via Ethernet0
(148.1.1.1)
network 10.0.0.0, metric 1
network 152.1.0.0, metric 3
network 192.1.1.0, metric 1
network 193.1.1.0, metric 2
RIP: sending v1 update to 255.255.255.255 via Loopback0
(10.1.1.1)
network 148.1.0.0, metric 1
network 152.1.0.0, metric 3
network 192.1.1.0, metric 1
network 193.1.1.0, metric 2
RIP: sending v1 update to 255.255.255.255 via Serial0 (192.1.1.1)
network 10.0.0.0, metric 1
network 148.1.0.0, metric 1
network 152.1.0.0, metric 3
network 192.1.1.0, metric 1
network 193.1.1.0, metric 2
__________________
Viet Professionals Co. Ltd. VnPro
---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257 (7 lines)
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support forum: http://vnpro.org
LiveChat : http://www.vnpro.vn/support
Blog VnPro : http://vnpro.org/blog
Forum Wifi : http://wifipro.org
Lab 1-4: Cisco Discovery Protocol

Lab 1-4: Cisco Discovery Protocol

M t

Cisco Discovery Protocol (CDP) l giao thc ring ca Cisco dng thu th p thng tin v cc
thit b ln cn. Khi s dng giao thc CDP, bn c th bit c thng tin phn cng, phn mm
ca cc thit b gn k. Thng tin ny rt hu ch trong qu trnh x l s c hay kim sot cc
thit b trong mt h thng mng.

Bi thc hnh ny gip bn bit c cc chc nng v thng s ca cc l nh lin quan ti

CDP.

+ CDP ch cung cp thng tin v thit b ni kt ni trc tip, tri vi giao thc nh tuyn. Giao
thc nh tuyn cung cp thng tin cho php router xc nh ch ng k cho cc mng mun ti.

Thc hi n

Trc tin, cu hnh cc router nh sau. Mc nh, cc thit b Cisco c cho php giao thc
CDP. Do , khi dng lnh show run, thng tin v CDP s khng c hin th.

RouterA
!
hostname RouterA
!
interface serial0
ip address 172.16.10.1 255.255.255.0
clock rate 64000 hot ng nh l DCE cung cp xung clock
no shut
!
interface ethernet0
ip address 192.168.0.1 255.255.255.0
no shut
!
no ip classless
!
line console 0
line aux 0
line vty 0 4
login
!
end

RouterB
!
hostname RouterB
!
interface serial0
ip address 172.16.10.2 255.255.255.0
no shut
!
no ip classless
!
line console 0
line aux 0
line vty 0 4
login
!
End

1. xem thng tin v cc thng s thi gian ca CDP, dng l nh show cdp (hay sh cdp)

Router#sh cdp
Global CDP information:
Sending CDP packets every 60 seconds
Sending a holdtime value of 180 seconds
Router#

Dng l nh cdp holdtime v cdp timer t li thi gian gi v thi gian gi gi cho router.
CDP timer l chu k gi gi CDP ti ti tt c cng ang hot ng.
CDP holdtime l khong thi gian thit b gi gi nh n c t lng ging.

RouterA#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#cdp ?
holdtime Specify the holdtime (in sec) to be sent in packets
timer Specify the rate at which CDP packets aresent(in sec)
run
RouterA(config)#cdp timer 90
RouterA(config)#cdp holdtime 240
RouterA(config)#^Z

Bn c th tt han tan giao thc CDP trong thit b Cisco vi l nh no cdp run. tt CDP trn
m t cng s dng cu l nh no cdp enable trn cng .

2.L nh show cdp neighbor (vit tt sh cdp nei) hi n thng tin v thit b ni trc tip.

RouterA#sh cdp nei

Capability Codes: R - Router, T - Trans Bridge,
B - Source Route Bridge, S - Switch, H - Host,
I - IGMP, r - Repeater
Device ID Local Interfce Holdtme Capability Platform Port ID
Switch Eth 0 238 T S 1900 2
RouterB Ser 0 138 R 2500 Ser 0
RouterA#

M t l nh khc cho bit thng tin v cc thit b lng ging l show cdp neighbor detail (show
cdp nei de), cng c th chy trn router v switch

RouterA#sh cdp neighbor detail

-------------------------
Device ID: 1900Switch
Entry address(es):
IP address: 0.0.0.0
Platform: cisco 1900, Capabilities: Trans-Bridge Switch
Interface: Ethernet0, Port ID (outgoing port): 2
Holdtime : 166 sec
Version :
V9.00
-------------------------
Device ID: 2501B
Entry address(es):
IP address: 172.16.10.2
Platform: cisco 2500, Capabilities: Router
Interface: Serial0, Port ID (outgoing port): Serial0
Holdtime : 154 sec
<...>
RouterA#

Ngoi ra, l nh show cdp entry * cng hin th thng tin tng t.
L n h show cdp traffic hin th lu lng ti cng gm c s gi CDP gi nh n v b li :

RouterA#sh cdp traffic

CDP counters:
Packets output: 13, Input: 8
Hdr syntax: 0, Chksum error: 0, Encaps failed: 0
No memory: 0, Invalid packet: 0, Fragmented: 0
RouterA#

3.Thng tin trng thi CDP trn port hay cng hin th bng l nh show cdp interface (sh cdp int)
Nh c p trc, c th tt CDP hon ton trn router dng l nh no cdp run. Tuy nhin,
mun tt CDP trn tng cng dng l nh no cdp enable. C th cho php CDP trn m t port bng
l nh cdp enable.
Trn router, show cdp interface cho thng tin v tng cng dng CDP, gm c dng ng gi trn
ng truyn, timer v holdtime trn mi cng

RouterA#sh cdp interface

Ethernet0 is up, line protocol is up
Encapsulation ARPA
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
Serial0 is administratively down, line protocol is down
Encapsulation HDLC
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
Serial1 is administratively down, line protocol is down
Encapsulation HDLC
Sending CDP packets every 60 seconds
Holdtime is 180 seconds

Tt CDP trn m t cng

RouterA#config t
Enter configuration commands, one per line. End withCNTL/Z.
RouterA(config)#int s0
RouterA(config-if)#no cdp enable
RouterA(config-if)#^Z
Kim tra li s thay i .

RouterA#sh cdp int

Ethernet0 is up, line protocol is up
Encapsulation ARPA
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
Serial1 is administratively down, line protocol is down
Encapsulation HDLC
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
Router#

Lu rng serial 0 khng c li t k khi thc hi n l nh trn, nu dng l nh cdp enable trn
serial 0, cng ny s hin th.
__________________
Viet Professionals Co. Ltd. VnPro
---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257 (7 lines)
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support forum: http://vnpro.org
LiveChat : http://www.vnpro.vn/support
Blog VnPro : http://vnpro.org/blog
Forum Wifi : http://wifipro.org

Last edited by tranmyphuc; 25-08-2008 at 10:12 PM.

admin

View Public Profile

Send a private message to admin

Find all posts by admin

#2
07-07-2008, 09:46 PM
diemthuy Join Date: Jun 2008
Member Posts: 43
Newbie
- Em cu hnh Router trn Packet Tracer sao ko thy lnh no l: "no ip classless" .Mong
cc thy gip em.

diemthuy

View Public Profile

Send a private message to diemthuy

Find all posts by diemthuy

#3
07-07-2008, 11:48 PM
Join Date: Oct 2005
dangquangminh Location: HCMC
Super Moderator Posts: 3,722
Brainiac

t IOS 12.0 tr v sau, mc nh IOS chy theo kiu ip classless. Do bn khng cn g vo ip

classless. Cn trong Packet Tracer c th n khng h tr lnh . Nh vy Packet Traceer ch
chy "ip classless".
__________________
ng Quang Minh, CCIE#11897 CCSI#31417
Email: [email protected]

Viet Professionals Co. Ltd. (VnPro)

149/1D Ung Vn Khim P25 Q.Bnh thnh TPHCM
Tel: (08) 35124257 Fax: (08) 35124314
Home :http://www.vnpro.vn
Blog :http://vnpro.org/blog
Support forum :http://vnpro.org
LiveChat :http://vnpro.vn/support

dangquangminh

View Public Profile

Send a private message to dangquangminh

 Visit dangquangminh's homepage!

Find all posts by dangquangminh

#4
08-07-2008, 10:31 AM
diemthuy Join Date: Jun 2008
Member Posts: 43
Newbie

Cho thy,

Em ang xi Packet Tracer 4.11 (2800), v em dng lnh Show Ver th thy Ver em ang xi
l 12.3. Em th c No IP Classess v IP Classess u ko tc dng. ng thi em cng mun
hi thy vi dng lnh cho topic ny, v em thy n l qu:

RouterA
!
hostname RouterA

lnh cui la lnh thay i tn Router (default)--> RouterA ng ko thy?

nhng mun thay i tn th mnh vo mode Global th thy ch mode
khc u lm c iu ny (cc dng lnh tp theo vn ko thy bit mode
no lun . Mong thy gip em.

Last edited by diemthuy; 08-07-2008 at 10:33 AM.

diemthuy

View Public Profile

Send a private message to diemthuy

Find all posts by diemthuy

#5
08-07-2008, 11:45 AM
Join Date: Jan 2007
tranmyphuc Location: hcmC
Member Posts: 3,251
Brainiac
Cho !!!
+Packet tracer bn th xi bng 5.0 xem : http://vnpro.org/forum/showthread.php?t=16928
+ KHng th bn chuyn qua GNS3 (m bo nh router
tht):http://vnpro.org/forum/showthread.php?t=16328
Mnh cha hiu r bn mun hi g ???
Chc bn vui !!!
__________________
Trn M Phc
[email protected]
Hy add nick c thng tin thi mi nht :tranmyphuc (H tr ti a cho cc bn t hc)

Juniper Certs : JNCIA-ER (100%) , JNCIA-EX (100%) , JNCIS-ER (100%) , JNCIS-SEC

(100%)
INSTRUCTORS (No Fee) : CISCO (Professional) , JUNIPER (Professional) , Microsoft ...

[version 4.0] n tp CCNA

[Ebook] Mt s vn hay c th dng trong mng doanh nghp

tranmyphuc

View Public Profile

Send a private message to tranmyphuc

Find all posts by tranmyphuc

#6
08-07-2008, 12:02 PM
diemthuy Join Date: Jun 2008
Member Posts: 43
Newbie

Cho thy,

em nh vy, theo dng lnh nh ca topic:

RouterA
!
hostname RouterA
!
interface serial0

Nu cu hnh th em lm nh sau:

Router>ena
|
Router# conf t
|
Router(config)#hostname RouterA (i tn router)
|
Cc lnh v Interface vn cng vo Global Mode cu hnh, nhng trn bi
em ko thy nhng dng lnh ny. Cm n thy.

diemthuy

View Public Profile

Send a private message to diemthuy

Find all posts by diemthuy

#7
08-07-2008, 12:10 PM
Join Date: Jan 2007
tranmyphuc Location: hcmC
Member Posts: 3,251
Brainiac

Quote:

Originally Posted by diemthuy

Cho thy,

em nh vy, theo dng lnh nh ca topic:

RouterA
!
hostname RouterA
!
 interface serial0

Nu cu hnh th em lm nh sau:

Router>ena
|
Router# conf t
|
Router(config)#hostname RouterA (i tn router)
|
Cc lnh v Interface vn cng vo Global Mode cu hnh, nhng trn bi
em ko thy nhng dng lnh nay. Cm n thy.
Cho !!!
vo mode interface , bn cn dng lnh interface [intefface name] trong mode config
Bn xem th bi vit sau :http://vnpro.org/forum/showthread.php?t=15456
Quote:

Cc lnh v Interface vn cng vo Global Mode cu hnh, nhng trn bi

em ko thy nhng dng lnh nay. Cm n thy.
bn ni khi show run ln khng thy ?
Chc vui !!!
__________________
Trn M Phc
[email protected]
Hy add nick c thng tin thi mi nht :tranmyphuc (H tr ti a cho cc bn t hc)

Juniper Certs : JNCIA-ER (100%) , JNCIA-EX (100%) , JNCIS-ER (100%) , JNCIS-SEC

(100%)
INSTRUCTORS (No Fee) : CISCO (Professional) , JUNIPER (Professional) , Microsoft ...

[version 4.0] n tp CCNA

[Ebook] Mt s vn hay c th dng trong mng doanh nghp

tranmyphuc

View Public Profile

Send a private message to tranmyphuc

 Find all posts by tranmyphuc

#8
08-07-2008, 03:02 PM
diemthuy Join Date: Jun 2008
Member Posts: 43
Newbie

Cho thy,

Cm n thy v link "cc lnh cn bn Cisco". em nh vy:

Quote:

RouterA
!
hostname RouterA
!
interface serial0
ip address 172.16.10.1 255.255.255.0
l dng lnh ca Topic

cn nu em vit th nh sau:

Quote:

Router>ena
|
Router# conf t
|
Router(config)#int f0/0(ch l v d)
Ngha l sao em khng thy dng lnh: conf t vo Interface mode , em nhn trn t nhin
nhy n Interface Mode m khng c bt k dng lnh no v conf t, c phi chng iu qu
c bn thy b qua chng?. Cm n thy.

diemthuy

View Public Profile

Send a private message to diemthuy

Find all posts by diemthuy

#9
08-07-2008, 11:00 PM
Join Date: Jan 2007
tranmyphuc Location: hcmC
Member Posts: 3,251
Brainiac

Quote:

Originally Posted by diemthuy

Cho thy,

Cm n thy v link "cc lnh cn bn Cisco". em nh vy:

l dng lnh ca Topic

cn nu em vit th nh sau:

Ngha l sao em khng thy dng lnh: conf t vo Interface mode , em nhn trn t
nhin nhy n Interface Mode m khng c bt k dng lnh no v conf t, c phi chng
iu qu c bn thy b qua chng?. Cm n thy.
Cho !!!
Thc cht ci bn thy :
Quote:

RouterA
!
hostname RouterA
!
interface serial0
ip address 172.16.10.1 255.255.255.0
L phn cu hnh khi ta dng lnh show run trn thit b ca cisco

Cn ci bn cu hnh :
Quote:
 Router>ena
|
Router# conf t
|
Router(config)#int f0/0(ch l v d)
y chnh l ci config thc s vo router

Vy chng khc nhau khng ???

Thc cht khng. Khi ngi qun tr cu hnh restore li vo router, nhn vo phn show run ,
anh ta phi hiu rng cu lnh no s c dng trong mode no => do , phn show run s
"khng hiu th cu lnh chuyn mode"
iu quan trng hn, phn cu hnh cu lnh ny c thit k dnh cho qun tr mng (theo tiu
ch ca cisco ) do cisco i hi anh phi hiu c iu c bn nht l nhng cu lnh no s
c dng trong mode no. Nh cc lnh show dng trong mode user.

chc bn vui !!
__________________
Trn M Phc
[email protected]
Hy add nick c thng tin thi mi nht :tranmyphuc (H tr ti a cho cc bn t hc)

Juniper Certs : JNCIA-ER (100%) , JNCIA-EX (100%) , JNCIS-ER (100%) , JNCIS-SEC

(100%)
INSTRUCTORS (No Fee) : CISCO (Professional) , JUNIPER (Professional) , Microsoft ...

[version 4.0] n tp CCNA

[Ebook] Mt s vn hay c th dng trong mng doanh nghp

Lab 1-5: S dng Telnet

M t
Telnet l m t giao thc u cui o (virtual terminal) l m t phn ca chng giao thc TCP/IP.
Telnet cho php to kt ni vi thit b t xa, thu th p thng tin v chy chng trnh.

Lab ny hng dn dng l nh telnet v cc l nh lin quan trn router.

+ Virtual terminal (VTY) lines cho php vi c truy c p vo router thng qua cc phin ni kt
Telnet. VTY lines khng ni trc tip vo cc cngs nh cch TTY ni vo asynchronous
interface m l cc kt ni o vo router thng qua a ch ca ethernet port (cng ethernet).
Router to nhng VTY lines m t cch linh ng, trong khi TTY lines l ch ni kt vo
nhng cng v t l. Khi ngi dng kt ni vo router bng VTY line, ngi dng ang kt
ni vo m t cng o trn cng.

Thc hi n

Ban u cu hnh router nh sau

RouterA
!
hostname RouterA
!
interface serial0
ip address 172.16.10.1 255.255.255.0
clock rate 64000 hot ng nh l thit b DCE cung cp xung clock
no shut
!
interface ethernet0
ip address 192.168.0.1 255.255.255.0
no shut cho php cng
!
line console 0
line aux 0
line vty 0 4
login
!
end

RouterB
!
hostname RouterB
!
interface serial0
ip address 172.16.10.2 255.255.255.0
no shut
!
line console 0
line aux 0
line vty 0 4
login
!
end

t a ch IP, mt khu dng telnet cho Switch

Vi Catalyst 2900

!
hostname Switch
!
enable password cisco
!
interface vlan1
ip address 192.168.0.148 255.255.255.0
!
line vty 0 15
login
password cisco
!
End

Tin hnh cc bc sau y kim tra kt qu:

1.Th dng l nh telnet trn router:

RouterA#telnet 172.16.10.2
Trying 172.16.10.2 ... Open
Password required, but none set
[Connection to 172.16.10.2 closed by foreign host]
RouterA#

+ i vi Cisco router, bn khng cn phi dng l nh telnet m ch cn nh a ch IP ti du

nhc, router s ngm nh rng bn mun telnet vo thit b, v d:

RouterA#172.16.10.2
Trying 172.16.10.2 ... Open
Password required, but none set
[Connection to 172.16.10.2 closed by foreign host]
RouterA#

Trong trng hp trn, mt khu cha c t cho ng VTY nn ta khng th telnet vo

RouterB c. t mt khu cho ng VTY nh sau

RouterB#config t
Enter configuration commands, one per line. End with CNTL/Z.
RouterB(config)#line vty 0 4
RouterB(config-line)#login
RouterB(config-line)#mt khu Router
RouterB(config-line)#^Z
RouterB#

Th truy cp bng cch telnet vo router ln na:

RouterA#172.16.10.2
Trying 172.16.10.2 ... Open

User Access Verification

Mt khu:
RouterB>

Ch rng mt khu VTY l mt khu user-mode, khng phi l enablemode nn khng th

vo enable mode nu cha t enable password.

RouterB>en
% No password set
RouterB>

2.Telnet vo nhiu thit b ng thi

Bn c th gi kt ni m tr v router console ban u bng cch nhn Ctrl+Shift+6 ng thi,

sau th ra v nhn X.

RouterA#telnet 172.16.10.2
Trying 172.16.10.2 ... Open

User Access Verification

Mt khu:
RouterB>[Ctrl+Shift+6, x]
RouterA#

Telnet tip tc vo switch

RouterA#telnet 192.168.0.148
Trying 192.168.0.148 ... Open
...
Switch>[Ctrl+Shift+6, x]
RouterA#
3.Kim tra cc kt ni telnet bng l n
h show sessions.

RouterA#sh sessions
Conn Host Address Byte Idle Conn Name
1 172.16.10.2 172.16.10.2 0 0 172.16.10.2
* 2 192.168.0.148 192.168.0.148 0 0 192.168.0.148
RouterA#

Du (*) ngha l session cui cng bn dng; c th tr li session cui bng cch nhn Enter hai
ln. Hay mun ti session bt k bng cch g s ca kt ni v nhn Enter hai ln.

Kim tra Telnet Users

RouterA#sh users
Line User Host(s) Idle Location
* 0 con 0 172.16.10.2 00:07:52
192.168.0.148
K hi u con tng trng cho local console.

RouterB>sh users
Line User Host(s) Idle Location
0 con 0 idle 9
* 2 vty 0

Thng tin hin th console ang hot ng v VTY port 2 ang c dng. Du * phin ngi
dng hi n ti.
4.ng phin lm vi c Telnet
C th ng phin lm vi c bng cc nhn exit hay disconnect

RouterA#[Enter] [Enter]
[Resuming connection 2 to 192.168.0.148 ... ]
Switch>exit
[Connection to 192.168.0.148 closed by foreign host]

RouterA#disconnect ? tham s theo sau l s th t Conn hin th trong l nh show sessions

<1-2> The number of an active network connection
WORD The name of an active network connection
<cr>
RouterA#disconnect 1
Closing connection to 172.16.10.2 [confirm]
RouterA#

ngt m t kt ni ca m t user dng l nh clear line

RouterB#clear line 2 tham s theo sau l s th t line hin th trong l nh show users
[confirm]
[OK]
__________________
Viet Professionals Co. Ltd. VnPro
---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257 (7 lines)
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support forum: http://vnpro.org
LiveChat : http://www.vnpro.vn/support
Blog VnPro : http://vnpro.org/blog
Forum Wifi : http://wifipro.org

Last edited by tranmyphuc; 25-08-2008 at 10:13 PM.

admin

View Public Profile

Send a private message to admin

Find all posts by admin

#2
03-03-2008, 01:10 AM
nhatruc Join Date: Apr 2005
Member Posts: 67
Member

Quote:

Originally Posted by admin

Lab 1-5: S dng Telnet

M t

Telnet l m t giao thc u cui o (virtual terminal) l m t phn ca chng giao thc
TCP/IP. Telnet cho php to kt ni vi thit b t xa, thu th p thng tin v chy chng trnh.
Lab ny hng dn dung l nh telnet v cc l nh lin quan trn router.

Virtual terminal (VTY) lines cho php vi c truy c p vo router thng qua cc phin ni kt
Telnet. VTY lines khng ni trc tip vo cc cngs nh cch TTY ni vo asynchronous
interface m l cc kt ni o vo router thng qua a chi ca ethernet port (cng
ethernet). Router to nhng VTY lines m t cch linh ng, trong khi TTY lines l chi ni
kt vo nhng cng v t l. Khi ngi dung kt ni vo router bng VTY line, ngi dung
ang kt ni vo m t cng o trn cng.

Thc hi n

Ban u cu hnh router nh sau

RouterA
!
hostname RouterA
!
interface serial0
ip address 172.16.10.1 255.255.255.0
clock rate 64000 hot ng nh l thit b DCE cung cp xung clock
no shut
!
interface ethernet0
ip address 192.168.0.1 255.255.255.0
no shut cho php cng
!
line console 0
line aux 0
line vty 0 4
login
!
end

RouterB
!
hostname RouterB
!
interface serial0
ip address 172.16.10.2 255.255.255.0
no shut
!
line console 0
line aux 0
line vty 0 4
login
!
end

t a chi IP, mt khu dung telnet cho Switch

Vi Catalyst 2900
!
hostname Switch
!
enable password cisco
!
interface vlan1
ip address 192.168.0.148 255.255.255.0
!
line vty 0 15
login
password cisco
!
End

Tin hnh cc bc sau y kim tra kt qu:

1.Th dung l nh telnet trn router:

RouterA#telnet 172.16.10.2
Trying 172.16.10.2 ... Open
Password required, but none set
[Connection to 172.16.10.2 closed by foreign host]
RouterA#

i vi Cisco router, bn khng cn phi dung l nh telnet m chi cn nh a chi IP ti du

nhc, router s ngm nh rng bn mun telnet vo thit b, v d:

RouterA#172.16.10.2
Trying 172.16.10.2 ... Open
Password required, but none set
[Connection to 172.16.10.2 closed by foreign host]
RouterA#

Trong trng hp trn, mt khu cha c t cho ng VTY nn ta khng th telnet vo

RouterB c. t mt khu cho ng VTY nh sau

RouterB#config t
Enter configuration commands, one per line. End with CNTL/Z.
RouterB(config)#line vty 0 4
RouterB(config-line)#login
RouterB(config-line)#mt khu Router
RouterB(config-line)#^Z
RouterB#

Th truy cp bng cch telnet vo router ln na:

RouterA#172.16.10.2
Trying 172.16.10.2 ... Open

User Access Verification

Mt khu:
RouterB>

Ch rng mt khu VTY l mt khu user-mode, khng phi l enablemode nn khng

th vo enable mode nu cha t enable password.

RouterB>en
% No password set
RouterB>

2.Telnet vo nhiu thit b ng thi

Bn c th gi kt ni m tr v router console ban u bng cch nhn Ctrl+Shift+6 ng

thi, sau th ra v nhn X.

RouterA#telnet 172.16.10.2
Trying 172.16.10.2 ... Open

User Access Verification

Mt khu:
RouterB>[Ctrl+Shift+6, x]
RouterA#

Telnet tip tc vo switch

RouterA#telnet 192.168.0.148
Trying 192.168.0.148 ... Open
...
Switch>[Ctrl+Shift+6, x]
RouterA#

3.Kim tra cc kt ni telnet bng l nh show sessions.

RouterA#sh sessions
Conn Host Address Byte Idle Conn Name
1 172.16.10.2 172.16.10.2 0 0 172.16.10.2
* 2 192.168.0.148 192.168.0.148 0 0 192.168.0.148
RouterA#

Du (*) ngha l session cui cung bn dung; c th tr li session cui bng cch nhn
Enter hai ln. Hay mun ti session bt k bng cch go s ca kt ni v nhn Enter hai ln.
Kim tra Telnet Users

RouterA#sh users
Line User Host(s) Idle Location
* 0 con 0 172.16.10.2 00:07:52
192.168.0.148
K hi u con tng trng cho local console.

RouterB>sh users
Line User Host(s) Idle Location
0 con 0 idle 9
* 2 vty 0

Thng tin hin th console ang hot ng v VTY port 2 ang c dung. Du * phin ngi
dung hi n ti.
4.ng phin lm vi c Telnet
C th ng phin lm vi c bng cc nhn exit hay disconnect

RouterA#[Enter] [Enter]
[Resuming connection 2 to 192.168.0.148 ... ]
Switch>exit
[Connection to 192.168.0.148 closed by foreign host]

RouterA#disconnect ? tham s theo sau l s th t Conn hin th trong l nh show sessions

<1-2> The number of an active network connection
WORD The name of an active network connection
<cr>
RouterA#disconnect 1
Closing connection to 172.16.10.2 [confirm]
RouterA#

ngt m t kt ni ca m t user dung l nh clear line

RouterB#clear line 2 tham s theo sau l s th t line hin th trong l nh show users
[confirm]
[OK]
===========================

Anh i, anh bao gi thit lp telnet theo user v cc quyn truy cp cha.

V d: Cng ty A c mt i k thut. Mt Admin v mt Staff.

Admin mun thit lp telnet nh sau:

Amin: User admin, pass admin.

Staff: User staff, pass staff.
i vi Admin th c th lm mi th, nhng staff th ch c xem thi.
Nh vy th lm nh th no. Nu anh bit lm n ch gip em.
Trn trng
Lab 1-6: Khi phc mt khu cho Cisco 2600, 3600

M t

Qu trnh khi ng ca router c nh trc. Sau qu trnh kim tra b t ngun (POST)
v np h iu hnh IOS, router s np cu hnh hat ng trong NVRAM. Cc cu hnh ny
khng ch cha thng tin giao thc nh tuyn, a ch m cn cha mt khu ca router.
Mt khu c phc hi bng cch b qua n i dung file cu hnh trong NVRAM trong qu
trnh khi ng. Vic b qua cu hnh c thc hi n bng cch sa i ni dung thanh ghi cu
hnh (configuration register) ca router. Lc ny router s khng cu hnh cha mt khu cn
phc hi. Khi vo c router, ngi dng c th xem mt khu trong NVRAM v c th s
dng, xo hay thay i chng. K thu t hi phc mt khu khc nhau i vi cc dng router,
tng qut cch thc hi n:

1.Ni terminal vo console port.

2.Tt router v b t li.
3.Phi ngt qu trnh khi ng ca router v a n v monitor mode.
4.Ti monitor mode, cu hnh router sao cho router khi ng m khng c n i dung file cu
hnh trong NVRAM.
5.Khi ng li router.
6.Sau khi router khi ng li, mt khu s khng cn tc dng. Vo privileged mode, xem, thay
i, hay xo NVRAM mt khu.
7.Vo configuration mode v t li thanh ghi router khi ng t NVRAM.
8.Np li router. Lc ny mt khu bit.

+ Khi phc mt khu ch c th thc hi n trn terminal gn vi cng console ca router. Cc

cch ny khng th thc hi n c vi cng aux ca router
Cch thc hi n
Phn ny hng dn cch khi phc mt khu cho router Cisco 3600 series, Cisco 2600 series.
Trc khi bt u, router phi t enable mt khu hay login mt khu.

Router
!
hostname Cisco3600
!
enable pass cisco enable mt khu
!
no ip classless
!
line console 0
password cisco Login mt khu
login
line aux 0
line vty 0 4
login
!
end

1.Tt router v b t tr li. Trong qu trnh boot, s xut hi n cc dng sau:

...
Copyright (c) 1994-1996 by cisco system, Inc.
C3600 processor with 16384 Kbytes of main memory
Main memory is configure to 32 bit mode with parity disabled Nhn ngt (Ctrl+Break) ti
y.

+ Nhn ngt ngay khi b t router c th lm ng router. Tt nht l ch nhn ngt khi router
hi n thng bo v kch thc b nh chnh ca router.
Bn cng c th nhn Ctrl+Break trong 15 giy u tin.
Lu rng i vi cc chng trnh terminal t hp phm ngt khc nhau. Ph bin l Windown
HyperTerminal dng t hp phm Ctrl+Break ngt.

2.Lc ny router vo monitor mode, thc hi n l nh confreg 0x2142

Moniror: command boot aborted due to user interrupt

rommon 1 >
rommon 1 > confreg 0x2142

3.Router se nhc phi reset li thay i c tc dng, nh l nh reset ti du nhc:

You must reset or power cycle

rommon 2 >
rommon 2 > reset

Router s np li. Lc ny router b qua cu hnh trong NVRAM. Khi khi ng xong, nhn
Enter vo user mode v nh enable vo privileged mode:

Press Return to get START

Router>
Router>enable
Router#

Dng l nh show runningconfiguration xem cu hnh hi n ti. Ch rng cu hnh khng

cha loi mt khu no. y l cu hnh m c nh ca router khi b qua file cu hnh trong
NVRAM:

Current configuration:
!
version 11.2
...
!
line con 0 khng c mt khu
line aux 0
line vty 0 4
login
!
end

Nu mun xem mt khu hi n ti v tip tc s dng n, dng l nh show startupconfiguration.

T cu hnh bn c th thy enable mt khu v console mt khu l cisco. Nu mt khu
m ho bn s phi thay i hay xo n.

Router#sh start
Using 355 out of 30712 bytes
!
hostname Cisco3600
!
enable pass cisco enable mt khu
!
no ip classless
!
line console 0
mt khu cisco Login mt khu
login
line aux 0
line vty 0 4
login
!
end

+ Thay i: thay i mt khu hi n thi bn phi chp cu hnh NVRAM vo running

configuration bng l n h copy start run.Vo config mode bng l n h config term. t li mt
khu mi. Nhn CtrlZ thot khi configuration mode khi hon tt. nh l n h write memory
ho c copy run start lu cu hnh.
+ Xo: C th xo mt khu bng l nh erase start hay write erase

4.Bc cui cng thay i thanh ghi configuration register router np t NVRAM.
Xem cu hnh thanh ghi hi n ti:

Router#sh ver
...
Configuration register is 0x2142

Thay i thanh ghi

Router#config term
Router(config)#configregister 0x2102
Router(config)#exit

Dng l nh show version xem nh hng ca ci t mi.

Router>sh ver
...
Configuration register is 0x2142 (will be 0x2102 at next reload)

nh l nh reload np li router v lm cho gi tr thanh ghi mi c tc dng. Bn khng cn

phi lu thay i.

Router#reload
System configuration has been modified. Save? [yes/no]: n
Proceed with reload? [confirm]

Router s np li. N s ly cu hnh t NVRAM, mt khu ca router by gi bit v bn c

th truy c p vo privileged mode ca router.

+ Cu hnh bn trong Router gm nhng thnh phn sau:

RAM/DRAM -- lu tr nhng bng routing, ARP cache, fast-switching cache, packet

buffering (shared RAM), v packet hold queues; RAM cng cung cp b nh tm thi
(running memory) cho file cu hnh ca router khi router ang hot ng; ni dung RAM
mt khi tt ngun hoc restart router.

NVRAM -- non-volatile RAM lu tr file cu hnh backup/startup ca router; ni dung ca

NVRAM vn c gi khi tt ngun hoc restart router.

Flash -- c th xa, c th lp trnh li ROM ni lu tr h iu hnh v mt s m lnh

(microcode); B nh Flash cho php cp nhp phn mm m khng cn ly v thay th chip
x l; Ni dung Flash vn c gi khi tt ngun hoc restart; B nh Flash c th cha
nhiu versions ca phn mm IOS.

ROM -- cha chng trnh kim tra khi bt ngun router, chng trnh bootstrap, v phn
mm h iu hnh; nng cp phn mm trong ROM i hi phi ly v thay th chip cm
trn CPU.

Lab 1-7: Khi phuc mt khu cho Cisco 2500

Cch thc hi n
Phn ny hng dn cch khi phc mt khu cho router Cisco 2500 series.

Router
!
hostname Cisco2500
!
enable pass cisco enable password
!
no ip classless
!
line console 0
password cisco Login mt khu
login
line aux 0
line vty 0 4
login
!
end

1.Tt router v b t tr li. Trong qu trnh boot, s xut hi n cc dng sau:

...
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

Cisco Internetwork Operating System Software

IOS (tm) 2500 Software (C2500-I-L), Version 12.1(3), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Thu 06-Jul-00 07:33 by cmong
Image text-base: 0x0303E710, data-base: 0x00001000
cisco 2511 (68030) processor (revision M) with 14336K/2048K bytes of memory.
Nhn ngt (Ctrl+Break) ti y.
Nhn ngt ngay khi b t router c th lm router ngng hot ng . Tt nht l ch nhn ngt khi
router hi n thng bo v kch thc b nh chnh ca router trong qu trnh khi ng.
Bn cng c th nhn Ctrl+Break trong 15 giy u tin.
Lu rng i vi cc chng trnh terminal t hp phm ngt khc nhau. Ph bin l Windown
HyperTerminal dng t hp phm Ctrl+Break ngt.

2.Lc ny router vo monitor mode, thc hi n l n h o/r 0x42

Abort at ...
>
> o/r 0x42

3.nh l nh i ti du nhc khi ng li

>
>i

Router s np li. Lc ny router b qua cu hnh trong NVRAM. Khi khi ng xong, nhn
Enter vo user mode v nh enable vo privileged mode:

Press Return to get started!

Router>
Router>enable
Router#

Dng l n h show runningconfig xem cu hnh hi n ti. Ch rng cu hnh khng cha loi
mt khu no. y l cu hnh lc router khi ng m b qua ni dung file cu hnh trong
NVRAM:

Current configuration:
!
version 11.2
...
!
line con 0 khng c mt khu
line aux 0
line vty 0 4
login
!
end

Nu mun xem mt khu hi n ti v tip tc s dng n, dng l nh show startupconfig. T cu

hnh bn c th thy cc lai mt khu c cu hnh trc trong router. Nu mt khu m
ho bn s phi thay i hay xo n.
Router#sh start
...
!
hostname Cisco3600
!
enable pass cisco enable password
!
no ip classless
!
line console 0
password cisco Login password
login
line aux 0
line vty 0 4
login
!
end
Thay i: thay i mt khu hi n thi bn phi chp cu hnh NVRAM vo running
configuration bng l nh copy start run. Vo config mode bng l nh config term. t li mt
khu mi. Nhn CtrlZ thot khi configuration mode khi hon tt. nh l nh write memory
ho c copy run start lu cu hnh.
Xo: C th xo mt khu bng l nh erase start hay write erase (lc ny ng thi cng xa file
cu hnh khi ng). khng mt file cu hnh, ta c th dng thm t kha no trc l nh t
mt khu, v d: no enable password, no enable secret.

4.Bc cui cng, thay i thanh ghi router np t NVRAM.

Xem cu hnh thanh ghi hi n ti:

Router#sh ver
...
Configuration register is 0x42

Thay i thanh ghi

Router#config term
Router(config)#configregister 0x2102
Router(config)#exit

Dng l nh show version xem nh hng ca ci t mi.

Router>sh ver
...
Configuration register is 0x42 (will be 0x2102 at next reload)

nh l nh reload np li router v lm cho gi tr thanh ghi mi c tc dng. Bn khng cn

phi lu thay i.

Router#reload
System configuration has been modified. Save? [yes/no]: n
Proceed with reload? [confirm]

Router s np li ly cu hnh t NVRAM, mt khu ca router by gi bit v bn c th

truy c p vo privileged mode ca router.
__________________
Viet Professionals Co. Ltd. VnPro
Lab 1-8: Np IOS t TFTP Server cho router chy t Flash

Lab 1-8: Np IOS Image t TFTP Server cho router chy t Flash

M t
Bi thc hnh ny m t cch np IOS t router chy t flash. M t s router chy t flash nh
Cisco 2500 series hay Cisco 1600 series.
PC hat ng nh mt TFTP server s ni vi router trong cng mng LAN. IOS image mi s
cha trong TFTP server v s c truyn qua Cisco router bng giao thc truyn TFTP. Trong
hnh v ny, PC hot ng nh TFTP server cn router s l TFTP client.

Router chy t Flash v router chy t RAM

Cisco router c th thc thi IOS t RAM hay t Flash, chy t flash ch m hn.
Router chy t flash l cc loi Cisco 2500 series v m t s router Cisco 1600 series. Ton b
IOS c np vo b nh flash dng khng nn. Cisco IOS chy t flash. C p nh t IOS mi
tr thnh vn : lm sao np vo flash trong khi ang thc thi IOS c? Cisco gii quyt iu
ny bng m t IOS c bi t lu trong ROM. Chng trnh gip khi ng s np li router
boot t ROM. Lc ny Flash c th c p nh t v IOS mi s c th chy t flash.
Router chy t RAM l cc i router Cisco 3600, 4000, 7000, v 7500. Cc router ny cha
IOS image dng nn trong flash. Khi khi ng, router sao chp IOS t flash vo trong RAM v
thc thi IOS trn RAM. Cc router ny c th c p nh t d dng IOS trong flash bng cch chp
phin bn mi bng TFTP.
Thc hi n
Ban u cu hnh ca RouterA nh sau
RouterA
!
hostname RouterA
!
interface Ethernet0
ip address 10.10.3.253 255.255.255.0 Ethernet interface trn cng mng vi TFTP server
no shut cho php cng
!
line con 0
line aux 0
line vty 0 4
login
!
end

Dng l nh show version tm phin bn ca IOS hi n c.

RouterA#show version
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-I-L), Version 12.1(3), RELEASE SOFTWARE (fc1)

Router ang chy IOS version 12.1(3)

Copyright (c) 1986-2000 by cisco Systems, Inc.

Compiled Thu 06-Jul-00 07:33 by cmong
Image text-base: 0x0303E710, data-base: 0x00001000

ROM: System Bootstrap, Version 11.0(10c), SOFTWARE

BOOTFLASH: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c), RELEASE
SOFTWARE (fc1)

R1 uptime is 1 hour, 22 minutes

System returned to ROM by power-on
System image file is "flash:c2500-i-l.121-3.bin"

IOS c np t flash

cisco 2511 (68030) processor (revision M) with 14336K/2048K bytes of memory.

Router c 16 MB RAM, 14MB dng cho b nh x l, 2MB dng
cho b nh I/O
Processor board ID 07143970, with hardware revision 00000000
Bridging software.
X.25 software, Version 3.0.0.
1 Ethernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
16 terminal line(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read ONLY) router c 8 MB flash
Configuration register is 0x2102

Xem n i dung b nh flash dng l nh show flash

RouterA#show flash
System flash directory:
File Length Name/status
1 7640212 c2500-i-l.121-3.bin
[7640276 bytes used, 748332 available, 8388608 total]

chc chn c th truy c p c TFTP server a ch 10.10.3.28, dng l nh ping kim

tra.

RouterA#ping 10.10.3.28
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.3.28 timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

Sau khi kim tra kt ni n TFTP server nh trn, ta bt u np IOS mi vo router bng
l nh copy tftp flash.
Lu dng sn phm Cisco 2500 l lai router chy t flash.

RouterA#copy tftp flash

**** NOTICE ****
Flash load helper v1.0
This process will accept the copy options and then terminate
the current system image to use the ROM based image for the copy. router s np IOS image
trong ROM, IOS ny s ghi IOS mi vo flash
Routing functionality will not be available during that time.
If you are logged in via telnet, this connection will terminate.
Users with console access can see the results of the copy operation.
---- ******** ----
Proceed? [confirm]
Address or name of remote host [255.255.255.255]? 10.10.3.28 a ch TFTP server
Source file name []?c2500-i-l.121-4.bin
Destination file name []?
Accessing tftp://10.10.3.28/c2500-i-l.121-4.bin...
Erase flash: before copying? [confirm] xo n i dung hi n ti ca flash

Loading System flash directory:

File Length Name/status
1 7640212 c2500-i-l.121-3.bin
[7640276 bytes used, 748332 available, 8388608 total]
Accessing file 'c2500-i-l.121-4.bin' on 10.10.3.28...
Loading c2500-i-l.121-4.bin from 10.10.3.28 (via Ethernet0):! [OK]

Erasing device... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee ...erased

Loading c2500-i-l.121-4.bin from 10.10.3.28 (via
Ethernet0): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 7640212/8388608 bytes]

Verifying checksum... OK (0x1FC7)

Flash copy took 0:03:47 [hh:mm:ss]
%FLH: Re-booting system after download

Restricted Rights Legend

...
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-I-L), Version 12.1(4), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Thu 06-Jul-00 07:33 by cmong
Image text-base: 0x0303E710, data-base: 0x00001000

cisco 2511 (68030) processor (revision M) with 14336K/2048K bytes of memory.

Processor board ID 07143970, with hardware revision 00000000
Bridging software.
X.25 software, Version 3.0.0.
1 Ethernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
16 terminal line(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read ONLY)

Press RETURN to get started!

Sau khi np IOS mi dng l nh show version kim tra li router chy IOS mi cha:

RouterA#show version

Kim tra li ln na bng show flash.

Lab 1-9: Np IOS t TFTP Server cho router chy t RAM

Lab 1-9: Np IOS Image t TFTP Server cho router chy t RAM
M t
Cu hnh ny m t cch np IOS image t router chy t RAM. M t s dng sn phm router
chy t RAM l Cisco 2600, Cisco 3600 series, Cisco 4600 series.
PC chy TFTP server ni vi router trong cng mng LAN. IOS image mi s cha trong PC
v s truyn qua Cisco router bng giao thc truyn TFTP. PC hot ng nh TFTP server,
router s l TFTP client.
Thc hi n
Ban u cu hnh ca RouterA nh sau

RouterA
!
hostname RouterA
!
interface Ethernet0/0
ip address 10.10.3.253 255.255.255.0 Ethernet interface trn cng mng vi TFTP server
!
line con 0
line aux 0
line vty 0 4
login
!
end

Dng l nh show version tm phin bn ca IOS hi n c. L nh ny cung cp m t s thng

tin nh dung lng b nh v image ca router

RouterA#show version
Cisco Internetwork Operating System Software
IOS(tm)C2600 Software(C2600-JSX-M),Version 12.1(5)XM,EARLY DEPLOYMENT
RELEASE SOFTWARE
Router ang chy IOS version 11.1 (4)
Image text-base: 0x80008088, data-base: 0x8148BD7C
RouterA uptime is 11 minutes
System restarted by power-on
System image file is "flash: c2600-i-mz.120-3.T3.bin ", booted via flash

IOS c np trong flash
cisco 2621 (MPC860) processor (revision 0x102) with 60416K/5120K bytes of memory.

Router c 64MB DRAM, 60MB dng cho b nh x l, 4MB

dng cho b nh I/O
Processor board ID JAB041708RB (3572412720)
M860 processor: part number 0, mask 49
Bridging software.
X.25 software, Version 3.0.0.
SuperLAT software (copyright 1990 by Meridian Technology Corp).
TN3270 Emulation software.
4 Ethernet/IEEE 802.3 interface(s)
2 FastEthernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
16384K bytes of processor board System flash (Read ONLY) router c 16 MB flash
Configuration register is 0x2102

Xem n i dung b nh flash dng l nh show flash

RouterA#show flash
System flash directory:
File Length Name/status
1 3612344 c2600-i-mz.120-3.T3.bin

chc chn c th truy c p c TFTP server a ch 10.10.3.28, dng l nh ping kim

tra.

RouterA#ping 10.10.3.28
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.3.28 timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

Khi kim tra kt ni n TFTP server, ta bt u np IOS mi vo router bng l nh copy tftp
flash. Lu trong bi thc hnh ny, ta s khng xo file c hin c trong flash.

RouterA#copy tftp flash

Address or name of remote host [10.10.3.28]? a ch TFTP server
Source file name? c2600-jsx-mz.121-5.xm.bin tn ca IOS mun np
Destination file name?
Accessing tftp://10.10.3.28/c2600-jsx-mz.121-5.xm.bin
Erase flash device before writing? [confirm]n khng xo file hi n ti ca flash
Loading c2600-jsx-mz.121-5.xm.bin from 10.10.3.28 (via Ethernet0/0)
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
...
[OK - 3612344/7224320 bytes]
Verifying checksum... OK (0x515A)

Sau khi qu trnh np hon tt, ta kim tra n i dung ca b nh flash bng l nh show flash

RouterA#show flash
System flash directory:
File Length Name/status
1 12080536 c2600-jsx-mz.121-5.xm.bin
2 3612344 c2600-i-mz.120-3.T3.bin
[15693008 bytes used, 1084208 available, 16777216 total]
16384K bytes of processor board System flash (Read/Write)

Lc ny c hai file trong flash. Ta cn khai bo cho router bit dng file no trong khi khi
ng. Dng l nh boot system flash trong configuration mode

RouterA#conf term
RouterA(config)#boot system flash c2600-jsx-mz.121-5.xm.bin
RouterA(config)#exit

Kim tra li bng show run chc chn cu l nh nh ng

Lu cu hnh dng l nh write memory (hay copy run start) v sau np li

RouterA#write mem
Building configuration ...
[OK]
RouterA#reload
Proceed with reload? [confirm]

Sau khi np IOS mi dng l nh show version kim tra li router chy IOS mi hay
cha:

RouterA#show version
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-JSX-M), Version 12.1(5)XM,
...
System file image flash: c2600-jsx-mz.121-5.xm.bin

Nu mun np IOS mi m khng gi phin bn c, cng dng l nh copy tftp flash v cho php
xo flash trc khi ghi.

RouterA#copy tftp flash

System flash directory:
Address or name of remote host [10.10.3.28]? a ch TFTP server
Source file name? tn ca IOS mun np
Destination file name?
Accessing file tftp://...
Erase flash device before writing? [confirm] Nhn Enter ti y cho php xa flash trc
khi ghi file mi
Erasing the flash filesystem will remove all files! Continue? [confirm]
Erasing device ...
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee ee ...erased
Erase of flash: complete
Copy ...
as ...? [yes/no]y
Loading
!!!!!!!!!!!!!!!!!!!!
[OK - 12080536/24160256 bytes]
Verifying checksum... OK (0xECAC)
12080536 bytes copied in 100.524 secs (120805 bytes/sec)

Sau khi np xong h iu hnh cho router, nn kim tra li tnh trng cc file hin c trong flash
bng show flash hoc dir flash:
Lab 1-10: Np IOS image cho router bng Xmodem

M t

Bi thc hnh ny m t cch np IOS bng giao thc Xmodem/Ymodem cho dng router 2600,
3600 khi router gp s c v khng th np IOS theo cch dng TFTP server. IOS image c
t trn PC, dng giao thc truyn Xmodem hay Ymodem truyn file IOS qua router qua
cng console. Trong thc t ta c th g p tnh hung ny khi router b mt IOS.
- C th truyn IOS image t my tnh xa bng cch ni modem vi cng console ca router
ni qua mng i n thoi thng thng (PSTN). My tnh t xa cng ni modem vi mng i n
thoi , t my tnh ny quay s v kt ni vi router.
- truyn IOS image t m t my tnh cc b , kt ni cng console router vi cng serial ca
my tnh, dng cp null-modem (tc cp rollover). Tc cng console cu hnh trn router
phi ph hp vi tc cng serial (COM1 ho c COM2) ca PC.
Cu hnh di y m t cch np IOS cho router qua cng console.

Cc cu l nh c thc hi n trn nhm router 2600, 3600 s khc vi router 2500 nhng u
tun theo cc bc c bn sau:

1.Ni router vi may tinh qua cng console, khi ng router.

2.t tc li cho cng console l 115200 bps.
3.Khi ng li router .
4.Chinh li thng s chng trnh HyperTermial cho phu hp.
5.Dung lnh xmodem bt u qua trnh nhn file trn router.
6.Khi ng qua trnh truyn file bng xmodem t chng trnh HyperTermial.
7.Ch ti khi qua trnh truyn hon tt, router khi ng t IOS mi.
8.t li tc 9600 bps cho cng console (tc t li gia tri mc inh cho thanh ghi).

Thc hi n

1. M t router khi khng c IOS image trong flash lc khi ng s vo t ng vo ch

ROM monitor. Du nhc ROM monitor khc nhau cc nhm router 2600, 3600 v router 2500.
Router 2600
rommon 1>
i vi router 2500, du nhc s c dng:
>

t li tc cng console l 115200 bps v khi ng li router

i vi Router 2600
Dng l nh confreg t li gi tr thanh ghi cu hnh, c th thc hi n bng hai cch:

rommon 2 > confreg 0x3822

You must reset or power cycle
rommon 3 > reset

ho c ch nh l nh confreg sau tr li cc cu hi theo sau:

rommon 2 > confreg

Configuration Summary
enabled are:
load rom after netboot fails
console baud: 9600
boot: image specified by the boot system commands
or default to: cisco2-C2600
do you wish to change the configuration? y/n [n]: y
enable "diagnostic mode"? y/n [n]: n
enable "use net in IP bcast address"? y/n [n]: n
disable "load rom after netboot fails"? y/n [n]: n
enable "use all zero broadcast"? y/n [n]: n
enable "break/abort has effect"? y/n [n]: y
enable "ignore system config info"? y/n [n]: n
change console baud rate? y/n [n]: y
enter rate: 0 = 9600, 1 = 4800, 2 = 1200, 3 = 2400
4 = 19200, 5 = 38400, 6 = 57600, 7 = 115200 [0]: 7
change the boot characteristics? y/n [n]: n
Configuration Summary
enabled are:
load rom after netboot fails
break/abort has effect
console baud: 115200
boot: image specified by the boot system commands
or default to: cisco2-C2600
do you wish to change the configuration? y/n [n]: n
You must reset or power cycle for new config to take effect
rommon 3 > reset

i vi router 2500

> t li gi tr thanh ghio/r 0x3822

> khi ng li routeri

2. Sau khi khi ng li router, tc bit a thay i, phi thit l p kt ni mi (File

New Connection ...), chinh li thng s HyperTermial cho ph hp vi tc console mi
l 115200 baud. Vi tc ny se gim thi gian truyn IOS image.

k t l xut hi n do khng ph hp tc phi"_nR!1bR chnh li thng s COM1 nh

sau:

3. Thc hi n l nh xmodem vi thng s theo sau l file IOS image mun nh n.

rommon 1 > xmodem c2600-io3-mz.121-5.T

Do not start the sending program yet...
File size Checksum File name
4032136 bytes (0x3d8688) 0xaca4 2600.12.0.7.bin
WARNING: All existing data in bootflash will be lost!
Invoke this application only for disaster recovery.
Do you wish to continue? y/n [n]: y
Ready to receive file c2600- io3-mz.121-5.T ...

4. Khi mn hnh hi n thng bo sn sng nh n file, right click trn mn hnh chn Send
File ... (ho c chn t menu Transfer / Send File ...)
Chn Filename thch hp v Protocol l Xmodem; nhn Send
Thc hi n chnh cc thng s nh cc h p thoi sau:
Giao thc gi file Xmodem

(ti HyperTeminal)
Erasing flash at 0x607c0000
program flash location 0x60510000
ch ti khi thng bo hon tt qu trnhDownload Complete! kim tra, router t khi ng
li
program load complete, entry point: 0x80008000, size: 0x517174
5. Router khi ng li, t gi tr thanh ghi v m c nh

...
Would you like to enter the initial configuration dialog? [yes/no]: No

Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Thay i gia tri thanh ghiRouter(config)#config-register
0x2102 v mc inh
Router(config)#exit
6. Kim tra lai file mi a c nap

Router#show flash
System flash directory:
File Length Name/status
1 5337744 file mi a lu trong flashc2600-io3-mz.121-5.T
[5337808 bytes used, 3050800 available, 8388608 total]
8192K bytes of processor board System flash (Read/Write)

Router#show version
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-IO3-M), Version 12.1(5)T, RELEASE
SOFTWARE(fc1)
...
System image file is "flash:2600.12.0.7.bin"
Basic Rate ISDN software, Version 1.1.
1 FastEthernet/IEEE 802.3 interface(s)
1 Serial network interface(s)
1 ISDN Basic Rate interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read/Write)
Configuration register is 0x3822 (will be 0x2102 at next reload)

Router#copy run start

Lab 1-11: Np IOS cho router Cisco 2600 bng tftpdnld

Lab 1-11: Np IOS image cho router Cisco 2600 bng tftpdnld

M t
Bi thc hnh ny m t cch np image cho Cisco 2600 dng TFTP thng qua port LAN u
tin ca router s dng cu l nh tftpdnld ROMMON mode. Cch np ny c hi u qu khi
router khng c IOS image, cch ny nhanh hn so vi np qua console bng Xmodem.

TFTP (Trial File Transfer Protocol) l giao thc chun ca giao thc TCP/IP. TFTP l giao thc
khng kt ni v tin c y (connectionless, reliable protocol). TFTP Server c th l m t
workstation UNIX hay m t PC thng chy chng trnh gi l p TFTP server trn m t h
thng mng TCP/IP. TFTP Server thng c dng lm ni lu cc file cu hnh, IOS image
hay ngc li cha cc file cu hnh mi, cc IOS image mi update cho router.

Np qua ROMMON TFTP ch hot ng trn port LAN u tin; i vi Cisco 2621 c th chn
port Token Ring hay Ethernet.

Dng ROMMON TFTP ch c th np file cho router, khng th ly file t router.

Thc hi n
u tin, phi t cc bin mi trng trong ROMMON cho qu trnh chuyn file thng qua
TFTP. Tt c bin phn bi t ch hoa hay thng (case sensitive).

xem cc gi tr hin hnh ca cc bin mi trng ny, dng l nh set

rommon 3 > set

PS1=rommon ! >
IP_ADDRESS=172.18.16.76
IP_SUBNET_MASK=255.255.255.192
DEFAULT_GATEWAY=172.18.16.65
TFTP_SERVER=172.18.16.2
TFTP_FILE=c2600-is-mz.113-2.0.3.Q

C th xem ngha ca cc bin ny bng l nh tftpdnld ?

rommon 5>tftpdnld ?

usage: tftpdnld [-r]

Use this command for disaster recovery only to recover an image via TFTP.
Monitor variables are used to set up parameters for the transfer.
(Syntax: "VARIABLE_NAME=value" and use "set" to show current variables.)
"ctrl-c" or "break" stops the transfer before flash erase begins.

The following variables are REQUIRED to be set for tftpdnld:

IP_ADDRESS: The IP address for this unit
IP_SUBNET_MASK: The subnet mask for this unit
DEFAULT_GATEWAY: The default gateway for this unit
TFTP_SERVER: The IP address of the server to fetch from
TFTP_FILE: The filename to fetch

The following variables are OPTIONAL:

TFTP_VERBOSE: Print setting. 0=quiet, 1=progress(default), 2=verbose
TFTP_RETRY_COUNT: Retry count for ARP and TFTP (default=7)
TFTP_TIMEOUT: Overall timeout of operation in seconds (default=7200)
TFTP_CHECKSUM: Perform checksum test on image, 0=no, 1=yes default=1
FE_SPEED_MODE: 0=10/hdx, 1=10/fdx, 2=100/hdx, 3=100/fdx, 4=Auto(deflt)

Command line options:

-r: do not write flash, load to DRAM only and launch image

t li cc bin ny bng cch gn gi tr trc tip trn dng l nh:

rommon 16 > a ch IP cho portIP_ADDRESS=10.10.3.100

rommon 17 > subnet maskIP_SUBNET_MASK=255.255.255.0
rommon 18 > default gatewayDEFAULT_GATEWAY=10.10.3.1
rommon 19 > a ch TFTP serverTFTP_SERVER=10.10.3.1
rommon 20 > tn file cn npTFTP_FILE=c2600-is-mz.113-2.0.2.Q

Sau khi t cc bin dng l nh sync lu gi tr vo NVRAM

rommon 21 > sync

Bt u qu trnh np bng l nh tftpdnld

rommon 22 > tftpdnld

IP_ADDRESS=10.10.3.100
IP_SUBNET_MASK=255.255.255.0
DEFAULT_GATEWAY=10.10.3.1
TFTP_SERVER=10.10.3.1
TFTP_FILE=c2600-is-mz.113-2.0.2.Q

Invoke this command for disaster recovery only.

WARNING: all existing data in all partitions on flash will be lost!
Do you wish to continue? y/n: [n]: y
Receiving c2600-is-mz.113-2.0.3.Q from 10.10.3.1
!!!!!.!!!!!!!!!!!!!!!!!!!.!!
File reception completed.
Copying file c2600-is-mz.113-2.0.3.Q to flash.
Erasing flash at 0x607c0000
ch xong qu trnh nh aprogram flash location 0x60440000 ch, file c np.

Sau khi thc hi n xong, nn khi ng li router IOS mi c hi u lc.

Lab 1-12: Np IOS image cho switch 2900, 3500

Lab 1-12: Np IOS image cho switch 2900, 3500

M t

Bi thc hnh ny m t cch np IOS image cho switch 2900 v 3500 series.

PC ni vi switch qua cng console. IOS image s cha trong PC v c truyn qua Catalyst
switch bng giao thc xmodem.

Thc hi n

1. Qu trnh boot ca switch 2900 khi mt IOS image:

C2900XL Boot Loader (C2900-HBOOT-M) Version 12.0(5.1)XP, MAINTENANCE INTERIM

SOFTWARE

Compiled Fri 10-Dec-99 11:06 by cchang

starting...
Base ethernet MAC Address: 00:b0:64:c9:cd:40
Xmodem file system is available.
Initializing Flash...
flashfs[0]: 3 files, 1 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 3612672
flashfs[0]: Bytes used: 3584
flashfs[0]: Bytes available: 3609088
flashfs[0]: flashfs fsck took 2 seconds.
...done Initializing Flash.

Boot Sector Filesystem (bs:) installed, fsid: 3

Parameter Block Filesystem (pb:) installed, fsid: 4

The system is unable to boot automatically because there are no bootable files
to boot.

Switch khng tm thy IOS image

switch:

2. Copy IOS image t xmodem vo flash, ly tn l bootfile

switch: copy xmodem: flash:bootfile

Begin the Xmodem or Xmodem-1K transfer now...

Sau khi switch xut hi n dng thng bo trn, ca s Hyper Terminal, chn Transfer/Send
File. Chn IOS image cn truyn t PC, chn protocol l xmodem. Phi thc hi n vi c ny
trong vng 3 giy, nu khng switch s b timeout qu trnh nh n file.

CC................................................ ............................
.................................................. ............................
..............

qu trnhFile "xmodem:" successfully copied to "flash:bootfile" copy hon tt

3. Cu hnh cho switch boot bng IOS image va c copy

switch: boot flash:bootfile

Loading
"flash:bootfile"...############################### ############################
##################################################
############################
##################

File "flash:bootfile" uncompressed and installed, entry point: 0x3000

executing...

cisco Systems, Inc.

170 West Tasman Drive
San Jose, California 95134-1706

Cisco Internetwork Operating System Software

IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 12.0(5.2)XU, MAINTENANCE
INTERIM SOFTWARE
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Mon 17-Jul-00 17:35 by ayounes
Image text-base: 0x00003000, data-base: 0x00301F3C

Initializing C2900XL flash...

flashfs[1]: 4 files, 1 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 3612672
flashfs[1]: Bytes used: 1649664
flashfs[1]: Bytes available: 1963008
flashfs[1]: flashfs fsck took 6 seconds.
flashfs[1]: Initialization complete.
...done Initializing C2900XL flash.
C2900XL POST: System Board Test: Passed
C2900XL POST: Daughter Card Test: Passed
C2900XL POST: CPU Buffer Test: Passed
C2900XL POST: CPU Notify RAM Test: Passed
C2900XL POST: CPU Interface Test: Passed
C2900XL POST: Testing Switch Core: Passed
C2900XL POST: Testing Buffer Table: Passed
C2900XL POST: Data Buffer Test: Passed
C2900XL POST: Configuring Switch Parameters: Passed
C2900XL POST: Ethernet Controller Test: Passed
C2900XL POST: MII Test: Passed
cisco WS-C2912-XL (PowerPC403GA) processor (revision 0x11) with 8192K/1024K
bytes of memory.
Processor board ID FAB0403W0LS, with hardware revision 0x01
Last reset from warm-reset

Processor is running Enterprise Edition Software

Cluster command switch capable
Cluster member switch capable
12 FastEthernet/IEEE 802.3 interface(s)

32K bytes of flash-simulated non-volatile configuration memory.

Base ethernet MAC Address: 00:B0:64:C9:CD:40
Motherboard assembly number: 73-3397-07
Power supply part number: 34-0834-01
Motherboard serial number: FAB040263DN
Power supply serial number: PHI034005GP
Model revision number: A0
Model number: WS-C2912-XL-EN
System serial number: FAB0403W0LS_

Press RETURN to get started!

Switch>enable
Switch#

4. Dng l nh show flash xem n i dung b nh flash

Switch#show flash:
Directory of flash:/
2 -rwx 1645824 Jan 01 1970 00:37:30 bootfile
4 -rwx 776 Mar 01 1993 01:00:44 vlan.dat
6 -rwx 17 Jan 01 1970 00:00:56 env_vars
7 -rwx 765 Mar 01 1993 00:59:17 config.text
3612672 bytes total (1963008 bytes free)
Switch#
5. Dng l nh show boot kim tra cc tham s boot

Switch#show boot
BOOT path-list:
Config file: flash:config.text
Enable Break: yes
Manual Boot: no
HELPER path-list:
NVRAM/Config file
buffer size: 32768
Switch#
Lab 1-13: Cisco HTTP Web Server

Lab 1-13: Cisco HTTP Web Server

M t
HTTP l m t ng dng client/server, dng giao thc v n chuyn TCP. Client chy trnh duy t
Web nh Netscape Navigator hay Internet Explorer.
PC chy trnh duy t Web, kt ni Ethernet vi router VNPro l Web server.
Bi thc hnh ny m t cch cu hnh router c th truy c p v qun l router bng chng
trnh duy t Web chy trn PC a ch 10.10.3.77.
Cu hnh
VNPro
!
hostname VNPro
!
enable password cisco
!
no ip domain-lookup
!
interface Ethernet 0
ip address 10.10.3.100 255.255.255.0
!
cho php router hot ng nh HTTP serverip http server
!-- l nh ny cho php router tr li HTTP request t m t Web client
ip classless
!
line console 0
password cisco
login
line vty 0 4
login
!
end
Ti PC
ia ch IP l 10.10.3.1/24
Kim tra
Kim tra kt ni gia PC v router bng l nh ping trn PC.

Microsoft Windows XP [Version 5.1.2600]

(C) Copyright 1985-2001 Microsoft Corp.
C:\>ping 10.10.3.100

Pinging 10.10.3.100 with 32 bytes of data:

Reply from 10.10.3.100: bytes=32 time<1ms TTL=255
Reply from 10.10.3.100: bytes=32 time<1ms TTL=255
Reply from 10.10.3.100: bytes=32 time<1ms TTL=255
Reply from 10.10.3.100: bytes=32 time<1ms TTL=255

Ping statistics for 10.10.3.100:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>
Chy chng trnh duy t Web. Nh p a ch ca router VNPro trn thanh Address v nhn Enter
Mn hnh login s xut hi n
Nh p User name: cisco ho c VNPro; Mt khu: cisco (mt khu ny l enable mt khu c
t trn router trc )
Lab 1-13: Cisco HTTP Web Server

Lab 1-13: Cisco HTTP Web Server

M t
HTTP l m t ng dng client/server, dng giao thc v n chuyn TCP. Client chy trnh duy t
Web nh Netscape Navigator hay Internet Explorer.
PC chy trnh duy t Web, kt ni Ethernet vi router VNPro l Web server.
Bi thc hnh ny m t cch cu hnh router c th truy c p v qun l router bng chng
trnh duy t Web chy trn PC a ch 10.10.3.77.
Cu hnh
VNPro
!
hostname VNPro
!
enable password cisco
!
no ip domain-lookup
!
interface Ethernet 0
ip address 10.10.3.100 255.255.255.0
!
cho php router hot ng nh HTTP serverip http server
!-- l nh ny cho php router tr li HTTP request t m t Web client
ip classless
!
line console 0
password cisco
login
line vty 0 4
login
!
end
Ti PC
ia ch IP l 10.10.3.1/24
Kim tra
Kim tra kt ni gia PC v router bng l nh ping trn PC.

Microsoft Windows XP [Version 5.1.2600]

(C) Copyright 1985-2001 Microsoft Corp.
C:\>ping 10.10.3.100

Pinging 10.10.3.100 with 32 bytes of data:

Reply from 10.10.3.100: bytes=32 time<1ms TTL=255
Reply from 10.10.3.100: bytes=32 time<1ms TTL=255
Reply from 10.10.3.100: bytes=32 time<1ms TTL=255
Reply from 10.10.3.100: bytes=32 time<1ms TTL=255
Ping statistics for 10.10.3.100:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
C:\>
Chy chng trnh duy t Web. Nh p a ch ca router VNPro trn thanh Address v nhn Enter
Mn hnh login s xut hi n
Nh p User name: cisco ho c VNPro; Mt khu: cisco (mt khu ny l enable mt khu c
t trn router trc )
Lab 1-14: Cu hnh router t xa qua cng AUX

Lab 1-14: Cu hnh router t xa qua cng AUX

M t:
Cng dng ph bin nht ca cng AUX l thit lp cc kt ni t xa vo router (thng qua
Modem), ch yu cu hnh khi khng c iu kin truy cp trc tip trn cng console.
Bi thc hnh ny m t cc bc thit lp kt ni phn cng v cu hnh router router c th
chp nhn cuc gi.
Cc bc tin hnh:

1.Kt ni t modem vo cng AUX:

Nu cng AUX l RJ-45: dng cp Rolled RJ-45--RJ-45 cable (P/N CAB-500RJ), cp console,
v u chuyn i RJ-45 sang DB-25 (P/N CAB-25AS-MMOD) kt ni vo Modem.
Nu AUX l DB-25: s dng cp thng DB-25Female - DB25Male RS-232 kt ni t router
n Modem.

2. cu hnh cc thng s trn cng AUX, trc ht cn xc nh line number ca cng AUX
bng lnh show line

Vi cc lai router thng thng, cng AUX nm line 1. Ring i vi cc Access Server th
port AUX li nm lin sau cc line TTY. C th vi Access Server c 16 Async modem lines th
cng AUX nm line 17.
Trong v d di dy, ta dng lnh show line xc nh cng AUX nm line 65 :

vnpro#show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
* 0 CTY - - - - - 0 0 0/0 -
65 AUX 9600/9600 - - - - - 0 1 0/0 -
66 VTY - - - - - 0 0 0/0 -
67 VTY - - - - - 0 0 0/0 -
68 VTY - - - - - 0 0 0/0 -
69 VTY - - - - - 0 0 0/0 -
70 VTY - - - - - 0 0 0/0 -

Line(s) not in async mode -or- with no hardware support 1-64

3.Cu hnh line AUX trn router:

Vi cng AUX nm trn line 65 nh v d trn:

vnpro(config)#line 65
vnpro(config-line)#modem inout
!--- Cho php gi vo ra trn router.

vnpro(config-line)#speed 115200
!--- Xc nh line speed router lin lc vi modem

vnpro(config-line)#transport input all

!--- Line h tr cc lai protocols khc nhau.

vnpro(config-line)#flowcontrol hardware
!--- Bt RTS/CTS flow control.

vnpro(config-line)#login
!--- Xc nhn cc cuc gi ti s dng mt khu cu hnh bn di

vnpro(config-line)#password cisco

Dng chng trnh Hyper Terminal quay s kt ni vo router. Khi kt ni xong, nhp mt
khu ng nhp vo ch Conmmand Line Interface.
Ch l ta nn quay s t chng trnh HyperTerminal ca Windows, khng c quay s dng
Dial-up Networking
Lab 2-1 Cu hnh cn bn Catalyst 2900

Lab 2-1 Cu hnh cn bn Catalyst 2900

M t :

Phn thc hnh ny m t cch cu hnh cc thng s c bn cho thit b switch Catalyst 2900.
Cc thng s c bn bao gm t tn, a ch IP, v mt khu.

Thc hi n :
1.Ni cng COM ca my tnh vi cng console ca Catalyst 2900 ( m t sau ca switch) dng
cp Rolled-over. Cc thng s truy cp: 8 data bit , no parity, 1 stop bit, no flow control.
2.B t switch v xem qu trnh khi ng (cn khong 1 pht 2900 khi ng xong)

C2900XL Boot Loader (C2900-HBOOT-M) Version 12.0(5)XU, RELEASE

SOFTWARE (fc1)
Compiled Mon 03-Apr-00 17:20 by swati
starting...
Base ethernet MAC Address: 00:02:b9:9a:85:80
Xmodem file system is available.
Initializing Flash...
flashfs[0]: 108 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 3612672
flashfs[0]: Bytes used: 2775040
flashfs[0]: Bytes available: 837632
flashfs[0]: flashfs fsck took 6 seconds.
...done Initializing Flash.
Boot Sector Filesystem (bs:) installed, fsid: 3
Parameter Block Filesystem (pb:) installed, fsid: 4
Loading "flash:c2900XL-c3h2s-mz-120.5-
XU.bin"...########################################
##################
##################################################
##################

3.Khi khi ng xong, bn s c thng bo bng System Configuration Dialog (do cha c
cu hnh lu trong switch).

IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version

12.0(5)XU,RELEASE SOFTWARE
Copyright (c) 1986-2000 by cisco Systems, Inc.
Compiled Mon 03-Apr-00 16:37 by swati
--- System Configuration Dialog ---
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
Continue with configuration dialog? [yes/no]:

Cng ging nh router nhn no khng vo Setup mode chuyn trc tip sang user exec mode:

Switch>

4.Nhn enable vo privileged mode:

Switch>enable
Switch#show running-config
Building configuration...
Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service mt khu-encryption
!
hostname Switch
!
ip subnet-zero
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface VLAN1
no ip directed-broadcast
no ip route-cache
!
line con 0
transport input none
stopbits 1
line vty 5 15
!
end

Nh hin th trn, cu hnh ca switch rt ging vi IOS trn router. Cc interface trn
switch l cc port ca switch. Lu s khng c bt k cu nh tuyn no trn switch, bn s
khng thy bt c l n h no lin quan ti nh tuyn gi tin.

5.Bc tip theo, ta t tn cho switch, t cc mt khu truy cp

t tn:

Switch#config terminal
Switch(config)#host ALSwitch
ALSwitch(config)#

t mt khu

ALSwitch(config)#enable password class

ALSwitch(config)#line con 0
ALSwitch(config-line)#password cisco
ALSwitch(config-line)#login
ALSwitch(config-line)#line vty 0 15
ALSwitch(config-line)#password cisco
ALSwitch(config-line)#login

Dng cu l nh copy lu cu hnh t RAM vo NVRAM:

ALSwitch#copy running-config startup-config

6. t a ch IP cho switch n c th lin lc vi cc thit b khc qua trn mng. Switch l

mt thit b lp 2. Vic t IP address cho switch ch nhm mc ch qun tr.
Tt c cc port m t nh ca VLAN 1, do phi cu hnh cho qun l switch dng VLAN 1.
Bn cu hnh VLAN 1 nh cu hnh m t cng giao tip ca router khi gn a ch IP.

ALSwitch#config terminal
ALSwitch(config)#interface vlan 1
ALSwitch(config-if)#ip address 10.1.1.251 255.255.255.0

V switch khng th cu hnh giao thc nh tuyn, nn ti tt c cc mng, ta phi cu hnh

m t a ch gateway m c nh gi tt c lu lng khi ta cn lin lc gia cc VLAN.

ALSwitch(config)#ip default-gateway 10.1.1.1

7.Cu hnh PC ca bn cho n l m t thnh phn trong mng 10.1.1.0/24 (gi s t a ch IP

cho PC l 10.1.1.10/24). Cm PC vo m t port bt k ca switch.

T PC Telnet vo switch dng a ch cu hnh 10.1.1.251 (T Window: Start/Run/Telnet

10.1.1.251)

Sau khi telnet thnh cng, th mt s lnh trn switch:

ALSwitch#show interfaces
FastEthernet0/1 is down, line protocol is down
Hardware is Fast Ethernet, address is 0002.fd49.7b81 (bia
0002.fd49.7b81)
MTU 1500 bytes, BW 0 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not set
Auto-duplex , Auto Speed , 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
--More

L nh show version xem thng tin phn cng v phn mm

ALSwitch#show version
Cisco Internetwork Operating System Software
IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 12.0(5)XU,
RELEASE SOFTWARE

Compiled Mon 03-Apr-00 16:37 by swati

Image text-base: 0x00003000, data-base: 0x00301398
ROM: Bootstrap program is C2900XL boot loader
ALSwitch uptime is 16 minutes
System returned to ROM by power-on
System image file is "flash:c2900XL-c3h2s-mz-120.5-XU.bin"
cisco WS-C2924-XL (PowerPC403GA) processor (revision 0x11) with
8192K/1024K bytes of memory.
. . . .
24 FastEthernet/IEEE 802.3 interface(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:02:FD:49:7B:80
Motherboard assembly number: 73-3382-08
Power supply part number: 34-0834-01
Motherboard serial number: FAB04301ANJ
Power supply serial number: PHI04150042
Model revision number: A0
Motherboard revision number: B0
Model number: WS-C2924-XL-EN
System serial number: FAB0432S2GJ
Configuration register is 0xF
ALSwitch#
__________________
Viet Professionals Co. Ltd. VnPro
---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257 (7 lines)
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support forum: http://vnpro.org
LiveChat : http://www.vnpro.vn/support
Blog VnPro : http://vnpro.org/blog

Admin cho em hi t nh vy gi s mng ni b ca em c s dng mt Switch chia hai

VLAN,yu cu l PC trong VLAN no th ch lm vic trong VLAN , nhng cty dng ng
truyn ADSL thng th lc cu hnh gateway v IP cho mi VLAN nh th no c th
cng vo net v truy cp chung mt server. Em xin cm n.

quanghitar

View Public Profile

Send a private message to quanghitar

Find all posts by quanghitar

#3
04-06-2007, 10:05 AM
 danghoangkhanh Join Date: Oct 2005
Administrator Location: HCM City
Elite Posts: 919

Hi quanghitar,

Mnh i din admin tr li cu hi ca bn

1). Khi trn Switch bn chia 2 Vlan trn Switch th mc nh 2 Vlan ny khng thy nhau.
Nu mun 2 Vlan ny thy nhau bn phi cu hnh cho kt ni gia 2 Vlan trn l Trunk hoc
dng Router

2). Vic cu hnh IP cho Switch chi nhm mc ch qun tr (chng hn nh telnet t xa
cu hnh Switch). Cu hnh nh sau:

Quote:

ALSwitch#config terminal
ALSwitch(config)#interface vlan 1
ALSwitch(config-if)#ip address 10.1.1.251 255.255.255.0

3). Bn cu hnh dedault-gateway cho Switch khi mun gi cc lu lng t bn trong ra ngoi
v switch khng th cu hnh giao thc nh tuyn (Switch layer 2) , khi ny tt c PC trong cc
Vlan ca bn c th i ra Internet

Quote:

ALSwitch(config)#ip default-gateway 10.1.1.1

Lab 2-2: VLAN

Lab 2-2: VLAN

M t
Cu hnh trn switch Catalyst 2900 XL h tr 4 VLAN: Marketing, Accounting, Enginerring v
Network Management theo bng sau:

VLANs VLAN 1: Network Management VLAN 10: Accounting VLAN 20:

Marketing VLAN 30: Engineering
Port Numbers Fa0/1 Fa0/3 Fa0/4 Fa0/6 Fa0/7 Fa0/9 Fa0/10
Fa0/12

+ Trong khi trin khai VLAN trong mt h thng mng cc b, ngi qun tr c th thit k
VLAN theo hai cch thc:

* Thit k VLAN theo dng end-to-end: cn gi l campus-wide.

Trong kiu chia VLAN ny, VLAN s tri rng trn ton campus. Mt thnh vin ca VLAN
di chuyn trong mng, thuc tnh l thnh vin ca VLAN khng thay i. iu ny c ngha
l, mi VLAN phi sn c tng switch, c bit l nhng switch nm layer access trong m
hnh 3-layer: core-distribution-access.
Nh vy, trong end-to-end VLAN, cc ngi dng s c nhm vo thnh nhng nhm da
theo chc nng, theo nhm d n hoc theo cch m nhng ngi dng s dng ti nguyn
mng.

*Chia VLAN dng cc b:

VLAN c gii hn trong mt switch hoc mt khu vc a l hp (trong mt wiring closet).
Ly do dng dng VLAN ny l cc VLAN dng end-to-end tr nn kh duy tr. Cc ngi
dng thng xuyn yu cu nhiu ti nguyn khc nhau. Cc ti nguyn ny thng nm trong
nhu VLAN khc nhau.

Thc hi n

1.Trc tin phi to c s d li u VLAN. Mi VLAN c m t s phn bi t l vlan-id, c th t

1 n 1001. to c s d li u VLAN (VLAN database) thc hi n cc bc nh sau:

Vo mode cu hnh cho VLAN database:

Switch#vlan database

To mi VLAN bng cu l nh vlan vlan-id [name name]. Nu khng t tn cho VLAN th tn

s c ly m c nh

Switch(vlan)# vlan 20 name marketing

C p nh t d li u VLAN vo c s d liu VLAN, v thot v priviledge mode.

Switch(vlan)# exit

Kim tra cu hnh VLAN bng l nh show vlan

Switch# vlan database

Switch(vlan)# vlan 20 name marketing
VLAN 20 added:
Name: marketing
Switch(vlan)# exit
APPLY completed.
Exiting....

Switch# show vlan name marketing

VLAN Name Status Ports
---- -------------------------------- ---------
---------------------
20 marketing active

VLAN Type SAID MTU Parent RingNo BridgeNo Stp Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- ------
------
20 enet 100003 1500 - - - - 0 0

Vic to ra cc VLAN khc s c thc hi n tng t.

2.Gn cc port cho VLAN tng ng.

Trc tin cn cu hnh tt c cc port l access ports. Cc port trn switch 2900 c th 1
trong 3 ch : trunk port, multi-VLAN port v access port. Trunk port v multi-VLAN port
c dng ni vi switch khc (ho c thit b khc c to VLAN trunking). Do kt ni cc
workstation vi cc port ny nn cn phi cu hnh tt c cc port ny ch access port.

Switch(config)#interface fa0/1
Switch(config-if)#switchport mode access

Gn cc port vo VLAN theo yu cu bng cch s dng l nh switchport access vlan n (n l s

hi u VLAN)

Switch(config)#interface fa0/4
Switch(config-if)#switchport access vlan 10
Switch(config)#interface fa0/5
Switch(config-if)#switchport access vlan 10
Switch(config)#interface fa0/6
Switch(config-if)#switchport access vlan 10
Switch(config)#interface fa0/7
Switch(config-if)#switchport access vlan 20
Switch(config)#interface fa0/8
Switch(config-if)#switchport access vlan 20
Switch(config)#interface fa0/9
Switch(config-if)#switchport access vlan 20
Switch(config)#interface fa0/10
Switch(config-if)#switchport access vlan 30
Switch(config)#interface fa0/11
Switch(config-if)#switchport access vlan 30
Switch(config)#interface fa0/12
Switch(config-if)#switchport access vlan 30

Bn khng cn phi cu hnh port fa0/1-fa0/3 l VLAN 1 v m c nh cc port c gn vo

VLAN 1.

V d cu hnh gn port 07 cho VLAN 20 v kim tra li cu hnh

Switch# configure terminal

Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# interface fa0/7
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 20
Switch(config-if)# end

Switch# show interface fa0/7 switchport

Name: Fa0/7
Switchport: Enabled
Administrative mode: static access

Operational Mode: static access

Administrative Trunking Encapsulation: isl
Operational Trunking Encapsulation: isl
Negotiation of Trunking: Disabled

Access Mode VLAN: 20 (marketing)

Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: NONE
Pruning VLANs Enabled: NONE

3.Thc hi n kim tra cc VLAN trn switch bng l nh show vlan

Switch# show vlan brief

VLAN Name Status Ports
---- -------------------------------- ---------
---------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/13,
Fa0/14, Fa0/15, Fa0/16
10 Accounting active Fa0/4 Fa0/6
20 maketing active Fa0/7 Fa0/9
30 Engineering active Fa0/10 Fa0/12
40 VLAN0040 active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Lab 2-3: nh tuyn gia cc VLAN

Lab 2-3: nh tuyn gia cc VLAN

Cu hnh y
2900XL switch
!
hostname 2900xl
!
interface FastEthernet0/1
switchport mode trunk
!
!-- Nu ban cu hinh trunking theo chun 802.1q thi phai cu hinh
trn cng giao tip Fa0/1 la:
!-- interface FastEthernet0/1
!-- switchport trunk encapsulation dot1q
!-- switchport mode trunk

!
interface FastEthernet0/2
switchport access vlan 2
!
interface VLAN1
ip address 10.10.10.2 255.255.255.0
no ip directed-broadcast
no ip route-cache
!
ip default-gateway 10.10.10.1
!
end

Router 2600 Series:

!
hostname c2600
!
no logging console
enable password mysecret
!
ip subnet-zero
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.1
encapsulation isl 1
ip address 10.10.10.1 255.255.255.0

!-- Nu cu hnh theo chun 802.1Q th s cu hnh trn cng giao tip F0/0.1 l:
!-- interface FastEthernet0/0.1
!-- encapsulation dot1Q 1 native
!-- ip address 10.10.10.1 255.255.255.0
!
interface FastEthernet0/0.2
encapsulation isl 2
ip address 10.10.11.1 255.255.255.0
!
! Nu cu hnh theo chun 802.1Q th s cu hnh trn cng giao tip F0/0.2 l:
!-- interface FastEthernet0/0.2
!-- encapsulation dot1Q 2
!-- ip address 10.10.11.1 255.255.255.0
!
end

Cc bc thc hi n
Switch2900
1. Vo ch privileged mode, cu hnh mt khu telnet cho switch

switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
switch(config)#hostname 2900xl
2900xl(config)#enable password mysecret
2900xl(config)#line vty 0 4
2900xl(config-line)#login
2900xl(config-line)#password mysecret
2900xl(config-line)#exit
2900xl(config)#no logging console
2900xl(config)#^Z

2. Gn a ch IP v default gateway cho VLAN1 cho ti n vi c qun tr

2900xl#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
2900xl(config)#int vlan 1
2900xl(config-if)#ip address 10.10.10.2 255.255.255.0
2900xl(config-if)#exit
2900xl(config)#ip default-gateway 10.10.10.1
2900xl(config)#end

3. Thit l p vtp transparent mode

2900xl#vlan database
2900xl(vlan)#vtp transparent
Setting device to VTP TRANSPARENT mode.

4. To mi VLAN2 trong c s d liu VLAN ca switch. VLAN1 m c nh c sn

2900xl(vlan)#vlan 2
VLAN 2 added:
Name: VLAN0002
2900xl(vlan)#exit
APPLY completed.
Exiting....

5. Kch hot trunking trn cng giao tip Fa0/1

2900xl#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
2900xl(config)#int fastEthernet 0/1
2900xl(config-if)#switchport mode trunk

6. Encapsulation trunking bng s dng isl hay dot1q

2900xl(config-if)#switchport trunk encapsulation isl

(2900xl(config-if)#switchport trunk encapsulation dot1q)
+ Trong trng hp switch 2950 ch h tr 802.1q encapsulation v t ng kch hot khi thit
l p trunking cho cng giao tip ny bng cch s dng l nh switchport mode trunk.
+ Trn switch 2900xl, m c nh native VLAN l 1, bn c th thay i native VLAN bng l nh:
2900xl(config-if)#switchport trunk native vlan <vlan ID>

7. Cho php tt c cc VLAN c chuyn qua kt ni trunk:

2900xl(config-if)#switchport trunk allowed vlan all

2900xl(config-if)#exit

8. Gn cng Fa0/2 v VLAN 2.

2900xl(config)#int fastEthernet 0/2

2900xl(config-if)#switchport access vlan 2
2900xl(config-if)#spanning-tree portfast
2900xl(config-if)#exit

+ Cng fa0/3 m c nh thu c VLAN1 nn khng cn thc hi n apply vo VLAN 1

9. Lu cu hnh

2900xl#write memory
Building configuration...
2900xl#

Router 2600 Series

1. Vo privileged mode cu hnh mt khu telnet cho router

Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname c2600

c2600(config)#enable password mysecret

c2600(config)#line vty 0 4
c2600(config-line)#login
c2600(config-line)#password mysecret
c2600(config-line)#exit
c2600(config)#no logging console
c2600(config)#^Z

c2600#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.

2. Chn cng fa0/0 cu hnh trunk,

c2600(config)#int fastEthernet 0/0

c2600(config-if)#no shut
c2600(config-if)#exit

3. Kch hot trunking trn sub-interface Fa0/0.1 v encapsulation bng isl

c2600(config)#int fastEthernet 0/0.1

c2600(config-subif)#encapsulation isl 1

+ Trong trng hp dng giao thc dot1q, bn cn m bo native VLAN hai u kt ni trunk
l ging nhau (m c nh trn switch 2900XL l VLAN 1).
c2600(config-subif)#encapsulation dot1Q 1 ?
native Make this is native vlan
<cr>
c2600(config-subif)#encapsulation dot1Q 1 native

4. Cu hnh thng tin lp 3 cho sub-interface Fa0/0.1

c2600(config-subif)#ip address 10.10.10.1 255.255.255.0

c2600(config-subif)#exit

5. Kch hot trunking trn sub-interface Fa0/0.2 v encapsulation bng isl

c2600(config)#int fastEthernet 0/0.2

c2600(config-subif)#encapsulation isl 2
(hay bng dot1q: c2600(config-subif)#encapsulation dot1Q 2)

6. Cu hnh thng tin Layer 3 cho sub-interface Fa0/0.2

c2600(config-subif)#ip address 10.10.11.1 255.255.255.0

c2600(config-subif)#exit
c2600(config)#^Z

7. Lu cu hnh

c2600#write memory
Building configuration...
[OK]
c2600#

Kim tra

Catalyst 2900xl Switch

1. Dng l nh show int FastEthernet <module/port> switchport kim tra trng thi port v
m bo native VLAN c 2 u kt ni trunk l ging nhau:

2900xl#show int fastEthernet 0/1 switchport

Name: Fa0/1
Switchport: Enabled
Administrative mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: isl
Operational Trunking Encapsulation: isl
Negotiation of Trunking: Disabled
Access Mode VLAN: 0 ((Inactive))
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: ALL
Trunking VLANs Active: 1,2
Pruning VLANs Enabled: 2-1001

Priority for untagged frames: 0

Override vlan tag priority: FALSE
Voice VLAN: none
Appliance trust: none

Trong trng hp 802.1q trunking, output s nh sau

2900xl#show int fastEthernet 0/1 switchport

Name: Fa0/1
Switchport: Enabled
Administrative mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: Disabled
Access Mode VLAN: 0 ((Inactive))
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: ALL
Trunking VLANs Active: 1,2
Pruning VLANs Enabled: 2-1001

Priority for untagged frames: 0

Override vlan tag priority: FALSE
Voice VLAN: none

2. Dng l nh show vlan kim tra cc cng ca switch (ports) xem c thuc v ng VLAN.
Trong bi ny, ta ch ch c cng Fa0/2 l thuc v VLAN 2, cc cng cn li ca switch thuc
v VLAN 1

2900xl#show vlan
VLAN Name Status Ports
---- -------------------------------- ---------
-------------------------------
1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6,
Fa0/7, Fa0/8, Fa0/9, Fa0/10,
Fa0/11, Fa0/12, Gi0/1, Gi0/2
2 VLAN0002 active Fa0/2
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
...

3. L nh show vtp status dng kim tra VLAN trunking protocol (VTP) trn switch. Trong bi
lab ny, ta dng transparent mode.

2900xl#show vtp status

VTP Version : 2
Configuration Revision : 0
Maximum VLANs supported locally : 254
Number of existing VLANs : 6
VTP Operating Mode : Transparent
VTP Domain Name :
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xC3 0x71 0xF9 0x77 0x2B 0xAC 0x5C 0x97
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

Cisco 2600 Router

1. L nh show vlan cho bit thng tin Layer2/Layer3 c cu hnh cho mi VLAN:

c2600#show vlan

Virtual LAN ID: 1 (Inter Switch Link Encapsulation)

vLAN Trunk Interface: FastEthernet0/0.1

Protocols Configured: Address: Received: Transmitted:
IP 10.10.10.1 40 38

Virtual LAN ID: 2 (Inter Switch Link Encapsulation)

vLAN Trunk Interface: FastEthernet0/0.2

Protocols Configured: Address: Received: Transmitted:
IP 10.10.11.1 9 9

i vi 802.1Q trunking, output c dng sau:

c2600#show vlan
Virtual LAN ID: 1 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interface: FastEthernet0/0.1
This is configured as native Vlan for the following interface(s):
FastEthernet0/0
Protocols Configured: Address: Received: Transmitted:
IP 10.10.10.1 0 2
Virtual LAN ID: 2 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interface: FastEthernet0/0.2
Protocols Configured: Address: Received: Transmitted:
IP 10.10.11.1 42 19

i vi Cisco IOS version trc 12.1(3)T, output c dng sau:

c2600#show vlan
Virtual LAN ID: 2 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interface: FastEthernet0/0.2
Protocols Configured: Address: Received: Transmitted:
IP 10.10.11.1 6 4

2. Kim tra trng thi cc cng bng l nh show interface:

c2600#show interfaces fastEthernet 0/0

FastEthernet0/0 is up, line protocol is up
Hardware is AmdFE, address is 0003.e36f.41e0 (bia 0003.e36f.41e0)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:07, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
...

c2600#show interfaces fastEthernet 0/0.1

FastEthernet0/0.1 is up, line protocol is up
Hardware is AmdFE, address is 0003.e36f.41e0 (bia 0003.e36f.41e0)
Internet address is 10.10.10.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ISL Virtual LAN, Color 1.
ARP type: ARPA, ARP Timeout 04:00:00
c2600#show interfaces fastEthernet 0/0.2
FastEthernet0/0.2 is up, line protocol is up
Hardware is AmdFE, address is 0003.e36f.41e0 (bia 0003.e36f.41e0)
Internet address is 10.10.11.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ISL Virtual LAN, Color 2.
ARP type: ARPA, ARP Timeout 04:00:00

i vi 802.1Q trunking, output c dng:

c2600#show interfaces fastEthernet 0/0.1

FastEthernet0/0.1 is up, line protocol is up

Hardware is AmdFE, address is 0003.e36f.41e0 (bia 0003.e36f.41e0)
Internet address is 10.10.10.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1.
ARP type: ARPA, ARP Timeout 04:00:00
c2600#show interfaces fastEthernet 0/0.2
FastEthernet0/0.2 is up, line protocol is up
Hardware is AmdFE, address is 0003.e36f.41e0 (bia 0003.e36f.41e0)
Internet address is 10.10.11.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 2.
ARP type: ARPA, ARP Timeout 04:00:00
__________________
Lab 2-4: VLAN Trunking

Lab 2-4: VLAN Trunking

M t
VLAN cho php kt hp cc port trn switch thnh cc nhm gim lu lng broadcast trn
mng. Cc lu lng ny c gii hn trong phm vi c xc nh bi VLAN.
Kt ni trunk l lin kt point-to-point gia cc port trn switch vi router ho c vi switch
khc. Kt ni trunk s v n chuyn thng tin ca nhiu VLAN thng qua 1 lin kt n v cho
php m r ng VLAN trn h thng mng.
VTP (VLAN Trunking Protocol) l giao thc hot ng Layer 2 trong m hnh OSI. VTP
gip cho vi c cu hnh VLAN lun ng nht khi thm, xo, sa thng tin v VLAN trong h
thng mng.
Bi thc hnh ny m t cch thc to trunk gia 2 switch. Trunking c cu hnh trn port
F0/1 ca hai switch. Ta nn dng cp cho ni hai port ny.
Cu hnh
Switch DL1
!
hostname DL1
!
enable password cisco
!
interface FastEthernet0/1
switchport trunk encapsulation isl
switchport mode trunk
!
interface FastEthernet0/4
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/5
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/6
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/7
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/8
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/9
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/10
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/11
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/12
switchport access vlan 30
switchport mode access
!
interface Vlan1
ip address 192.168.1.2 255.255.255.0
!
interface Vlan10
ip address 192.168.10.2 255.255.255.0
!
interface Vlan20
ip address 192.168.20.2 255.255.255.0
!
interface Vlan30
ip address 192.168.30.2 255.255.255.0
!
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
end

SwitchAL1
!
hostname AL1
!
enable password cisco
!
interface FastEthernet0/1
switchport trunk encapsulation isl
switchport mode trunk
!
interface FastEthernet0/4
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/5
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/6
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/7
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/8
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/9
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/10
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/11
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/12
switchport access vlan 30
switchport mode access
!
interface VLAN1
ip address 192.168.1.3 255.255.255.0
no ip directed-broadcast
no ip route-cache
!
line vty 0 4
mt khu cisco
login
line vty 5 15
mt khu cisco
login
!
end

Thc hi n
Cu hnh trn Switch DL1 lm VTP Server
1. t hostname, mt khu v cu hnh cng vlan trn DL1:

Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname DL1
DL1(config)#enable password cisco
DL1(config)#line vty 0 15
DL1(config-line)#password cisco
DL1(config-line)#login
DL1(config-line)#exit
DL1(config)#int vlan 1
DL1(config-if)#ip address 192.168.1.3 255.255.255.0
DL1(config-if)#end
DL1#

2. Thit l p VTP domain l VNPRO, VTP mode l SERVER, to ra cc VLAN 10 (SALES), 20

(ACCOUNTING), 30 (ENGINEERING)

DL1#vlan database
Thit l
p ch VTP server modeDL1(vlan)#vtp server
DL1(vlan)#vtp domain VNPRO t switch DL1 vao domain VNPRO
Tao VLAN 10 va t tn la SALESDL1(vlan)#vlan 10 name SALES
VLAN 10 added:
Name: SALES
DL1(vlan)#vlan 20 name ACCOUNTING
VLAN 20 added:
Name: ACCOUNTING
DL1(vlan)#vlan 30 name ENGINEERING
VLAN 30 added:
Name: ENGINEERING
Lu cp hinh vao file vlan.datDL1(vlan)#apply
APPLY completed.
DL1(vlan)#exit
APPLY completed.
Exiting....
DL1#

+ M t switch ch thu c 1 VTP domain

M c nh switch ch VTP server mode

3. Kch hot trunking trn cng Fa0/1 v cho php tt c cc VLAN qua trunk:

DL1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
DL1(config)#int f0/1
DL1(config-if)#switchport mode trunk
ong goi kiu islDL1(config-if)#switchport trunk encapsulation
isl (ho c dot1q) i qua ng trunk
Cho phep tt caDL1(config-if)#switchport trunk allowed vlan
all cac VLAN qua trunk
DL1(config-if)#exit
DL1(config)#

+ Gi s ta ch mun cho php cc VLAN 10, 20, 30 ta dng l nh:

DL1(config-if)#switchport trunk allowed vlan 10
DL1(config-if)#switchport trunk allowed vlan 20
DL1(config-if)#switchport trunk allowed vlan 30
4. Gn cc port vo VLAN tng ng

DL1(config)#int f0/4
Cu hinh cng access modeDL1(config-if)#switchport mode
access
cu hinh cng vao vlan 10DL1(config-if)#switchport access vlan
10
! Mi access port chi phuc vu cho m
t VLAN
DL1(config-if)#int f0/5
DL1(config-if)#switchport mode access
DL1(config-if)#switchport access vlan 10
DL1(config-if)#int f0/6
DL1(config-if)#switchport mode access
DL1(config-if)#switchport access vlan 10

DL1(config)#int f0/7
DL1(config-if)#switchport mode access
DL1(config-if)#switchport access vlan 20
DL1(config-if)#int f0/8
DL1(config-if)#switchport mode access
DL1(config-if)#switchport access vlan 20
DL1(config-if)#int f0/9
DL1(config-if)#switchport mode access
DL1(config-if)#switchport access vlan 20

DL1(config)#int f0/10
DL1(config-if)#switchport mode access
DL1(config-if)#switchport access vlan 30
DL1(config-if)#int f0/11
DL1(config-if)#switchport mode access
DL1(config-if)#switchport access vlan 30
DL1(config-if)#int f0/12
DL1(config-if)#switchport mode access
DL1(config-if)#switchport access vlan 30

5. Xem cu hnh va thc hi n

DL1#sh vlan brief

VLAN Name Status Ports

---- -------------------------------- ---------
------------------------------
1 default active Fa0/2, Fa0/3, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24, Gi0/1, Gi0/2
10 SALES active Fa0/4, Fa0/5, Fa0/6
20 ACCOUNTING active Fa0/7, Fa0/8, Fa0/9
30 ENGINEERING active Fa0/10, Fa0/11, Fa0/12
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
DL1#

Cu hnh trn Switch AL1 lm VTP Client

1. t hostname, mt khu v cu hnh management vlan trn DL1:

Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname AL1
AL1(config)#enable mt khu cisco
AL1(config)#line vty 0 15
AL1(config-line)#mt khu cisco
AL1(config-line)#login
AL1(config-line)#exit
AL1(config)#int vlan 1
AL1(config-if)#ip address 192.168.1.2 255.255.255.0
AL1(config-if)#end
AL1#

2. Thit l p VTP domain l VNPRO, VTP mode l CLIENT

AL1#vlan database
AL1(vlan)#vtp client
AL1(vlan)#vtp domain VNPRO
AL1(vlan)#exit
In CLIENT state, no apply attempted.
Exiting....
AL1#

3. Kch hot trunking trn cng Fa0/1 v cho php tt c cc VLAN qua trunk:

AL1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
AL1(config)#int f0/1
AL1(config-if)#switchport mode trunk
ong goi kiu islAL1(config-if)#switchport trunk encapsulation
isl (ho c dot1q) i qua ng trunk
Cho phep tt caAL1(config-if)#switchport trunk allowed vlan
all cac VLAN qua trunk
AL1(config-if)#exit
AL1(config)#

4. Ap t cc port ch nh vo VLAN tng ng

AL1(config)#int f0/4
AL1(config-if)#switchport mode access
AL1(config-if)#switchport access vlan 10
AL1(config-if)#int f0/5
AL1(config-if)#switchport mode access
AL1(config-if)#switchport access vlan 10
AL1(config-if)#int f0/6
AL1(config-if)#switchport mode access
AL1(config-if)#switchport access vlan 10

AL1(config)#int f0/7
AL1(config-if)#switchport mode access
AL1(config-if)#switchport access vlan 20
AL1(config-if)#int f0/8
AL1(config-if)#switchport mode access
AL1(config-if)#switchport access vlan 20
AL1(config-if)#int f0/9
AL1(config-if)#switchport mode access
AL1(config-if)#switchport access vlan 20

AL1(config)#int f0/10
AL1(config-if)#switchport mode access
AL1(config-if)#switchport access vlan 30
AL1(config-if)#int f0/11
AL1(config-if)#switchport mode access
AL1(config-if)#switchport access vlan 30
AL1(config-if)#int f0/12
AL1(config-if)#switchport mode access
AL1(config-if)#switchport access vlan 30

5. Xem cu hnh va thc hi n

AL1#sh vlan
VLAN Name Status Ports
---- -------------------------------- ---------
---------------------------
1 default active Fa0/2, Fa0/3
10 SALES active Fa0/4, Fa0/5, Fa0/6
20 ACCOUNTING active Fa0/7, Fa0/8, Fa0/9
30 ENGINEERING active Fa0/10, Fa0/11, Fa0/12
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1
Trans2
---- ----- ---------- ----- ------ ------ -------- ---- --------
------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
30 enet 100030 1500 - - - - - 0 0
1002 fddi 101002 1500 - 0 - - - 0 0
1003 tr 101003 1500 - 0 - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
AL1#

Kim tra
1. Kim tra cng Fa0/1 hot ng cha

AL1#show int f0/1

Cng a hoat
ngFastEthernet0/1 is up, line protocol is up
Hardware is Fast Ethernet, address is 00b0.64c9.cd41 (bia
00b0.64c9.cd41)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not set
Auto-duplex (Full), Auto Speed (100), 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
...

2. Kim tra cng Fa0/1 kch hot trunking v ng kiu encapsulation cha

AL1#sh int f0/1 switchport

Name: Fa0/1
Switchport: Enabled
Administrative mode: trunk
Cng F0/1 hoat
ng ch
trunk modeOperational Mode: trunk
Administrative Trunking Encapsulation: isl
Kiu ong goi la islOperational Trunking Encapsulation: isl
Negotiation of Trunking: Disabled
Access Mode VLAN: 0 ((Inactive))
Trunking Native Mode VLAN: 1 (default)
Cho phep tt ca cac VLAN qua kt niTrunking VLANs Enabled:
ALL trunk
Cac VLAN hin hanh ang hoatTrunking VLANs Active: 1,10,20,30

ng
Pruning VLANs Enabled: 2-1001

Priority for untagged frames: 0

Override vlan tag priority: FALSE
Voice VLAN: none
Appliance trust: none
AL1#

3. Kim tra revision number trn client c ng b vi server cha

AL1#sh vtp status

VTP Version : 2
Configuration Revision s revision number: 2
Maximum VLANs supported locally : 68
Number of existing VLANs : 8
VTP Operating Mode Switch hoat
ng ch: Client
client
VTP Domain Name Switch thuc domain VNPRO: VNPRO
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xDC 0x45 0xB2 0xD9 0x5B 0x7A 0x50 0x19
Configuration last modified by 192.168.1.2 at 3-1-93 01:54:06
AL1#

DL1#sh vtp status

VTP Version : 2
Configuration Revision : 2
Maximum VLANs supported locally : 1005
Number of existing VLANs : 8
VTP Operating Mode : Server
VTP Domain Name : VNPRO
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0xDC 0x45 0xB2 0xD9 0x5B 0x7A 0x50 0x19
Configuration last modified by 192.168.1.2 at 3-1-93 01:54:06
Local updater ID is 192.168.1.2 on interface Vl1 (lowest numbered
VLAN interface
found)
DL1#

+ Revision number l m t trong nhng thng s quan trng ca VTP. Mi khi VTP server thay
i VLAN database th s tng gi tr revision ln 1 v thc hi n qung co VLAN database ny.
Cc thit b c s revision nh hn phi chp nh n VLAN database c s revision ln hn.

Nu VTP server xo b tt c cc VLAN & c s revision cao nht th cc thit b khc cng s
b xo VLAN.

4. Kim tra s ln gi v nh n thng tin trunking

DL1#sh vtp counters

VTP statistics:
Summary advertisements received : 18
Subset advertisements received : 5
Request advertisements received : 1
Summary advertisements transmitted : 12
Subset advertisements transmitted : 2
Request advertisements transmitted : 0
Number of config revision errors : 0
Number of config digest errors : 0
Number of V1 summary errors : 0
VTP pruning statistics:

Trunk Join Transmitted Join Received Summary advts received from

non-pruning-capable device
---------------- ---------------- ----------------
---------------------------
Fa0/1 0 0 0
DL1#

AL1#sh vtp counters

VTP statistics:
Summary advertisements received : 13
Subset advertisements received : 2
Request advertisements received : 0
Summary advertisements transmitted : 20
Subset advertisements transmitted : 6
Request advertisements transmitted : 1
Number of config revision errors : 0
Number of config digest errors : 0
Number of V1 summary errors : 0
VTP pruning statistics:

Trunk Join Transmitted Join Received Summary advts received from

non-pruning-capable device
---------------- ---------------- ----------------
---------------------------
Fa0/1 1 0 0
AL1#
__________________
Viet Professionals Co. Ltd. VnPro
---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257 (7 lines)
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support forum: http://vnpro.org
LiveChat : http://www.vnpro.vn/support
Blog VnPro : http://vnpro.org/blog
Forum Wifi : http://wifipro.org

Last edited by logmeinvietnam; 18-09-2009 at 06:03 PM.

admin

View Public Profile

Send a private message to admin

Find all posts by admin

#2
28-12-2007, 07:22 PM
chuonghn Join Date: Nov 2007
Junior Member Posts: 4
Newbie

Admin x l nh ci nh .Hnh nh link die ri .Thanks

chuonghn

View Public Profile

 Send a private message to chuonghn

Find all posts by chuonghn

#3
07-01-2008, 07:05 PM
linhlisten Join Date: Dec 2007
Junior Member Posts: 6
Newbie

bac oi xu ly anh cua bai lab nay di. Thank you!

linhlisten

View Public Profile

Send a private message to linhlisten

Find all posts by linhlisten

#4
16-02-2008, 01:31 PM
khoaimon Join Date: Jan 2008
Member Posts: 63
Member

Em c kin l mi mt bi Lab hay mt m hnh mng...cc addmin cho mt ci hnh ...khi y

s hnh dung tt hn nhiu ...thanks!!!

khoaimon

View Public Profile

Send a private message to khoaimon

Find all posts by khoaimon

#5
26-02-2008, 02:58 PM
hkien Join Date: Oct 2006
Member Posts: 79
Member

Cc bc i, gi s cng ty em c 5 VLAN 1,2,3,4,5

Mun cho 4 VLAN 1,2,3,4 khng VLAN no communicate c vi VLAN no...VLAN 5 th c
th kt ni, ping n tt c cc VLAN kia nhng cc VLAN kia ko th ni v VLAN 5 c th
lm th no h cc bc?

hkien

View Public Profile

Send a private message to hkien

Find all posts by hkien

#6
26-02-2008, 03:24 PM
Join Date: Oct 2005
dangquangminh Location: HCMC
Super Moderator Posts: 3,722
Brainiac

nu bn c router th bn dng Access Control List trn cc sub interfaces ca router.

Lab 2-5: Lm vi c vi tftp server

Lab 2-5: Lm vi c vi tftp server

M t
Backup cc file cu hnh ca switch vo TFTP server
Np li file backup t TFTP server.

Thc hi n

1. t IP address cho host c TFTP server

2. t IP address cho management VLAN

Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname ALSwitch
ALSwitch(config)#int vlan 1
ALSwitch(config-if)#ip address 10.1.1.251 255.255.255.0
ALSwitch(config-if)#no shut

3. Cu hnh cho port gn vi TFTP server access mode (gi s l port f0/9)

ALSwitch(config-if)#int f0/9
ALSwitch(config-if)#switchport mode access
ALSwitch(config-if)#switchport access vlan 1
ALSwitch(config-if)#no shut
ALSwitch(config-if)#
01:38:36: %LINK-3-UPDOWN: Interface FastEthernet0/9, changed
state to up
01:38:36: %LINK-3-UPDOWN: Interface FastEthernet0/9, changed
state to up

4. Kim tra kt ni gia switch vi tftp server

ALSwitch#ping 10.1.1.10

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.1.1.10, timeout is 2
seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/5
ms
ALSwitch#

5. Xem n i dung flash:

ALSwitch#show flash

Directory of flash:/
2 -rwx 1645824 Mar 01 1993 00:27:37 bootfile
4 -rwx 1180 Mar 01 1993 00:26:01 config.text
8 -rwx 976 Mar 01 1993 00:41:54 config.old
9 -rwx 17 Jan 01 1970 00:00:20 env_vars
3612672 bytes total (1960448 bytes free)
ALSwitch#

6. Copy cu hnh hi n ti vo tftp server

ALSwitch#copy running-config tftp

Address or name of remote host []? 10.1.1.10
Destination filename [running-config]? running-config.txt
!!
685 bytes copied in 1.106 secs (685 bytes/sec)
ALSwitch#

7. Copy startup-config vo tftp server

ALSwitch#copy startup-config tftp

Address or name of remote host []? 10.1.1.10
Destination filename [startup-config]? startup-config.txt
!!
685 bytes copied in 0.84 secs
ALSwitch#

8. Copy file config.text t flash vo tftp server

ALSwitch#copy flash:config.text tftp

Address or name of remote host []? 10.1.1.10
n EnterDestination filename [config.text]?
!!
685 bytes copied in 0.89 secs

Ch file startup-config.txt v config.text c n i dung ging nhau.

9. Copy bin mi trng vo tftp server xem tham s

ALSwitch#copy env_vars tftp

Address or name of remote host []? 10.1.1.10
Destination filename [env_vars]?
!!
17 bytes copied in 0.79 secs
ALSwitch#

10. Copy bootfile vo tftp server

ALSwitch#copy bootfile tftp

Address or name of remote host []? 10.1.1.10
Destination filename [bootfile]? switch2900XL.bin
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!
!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!
!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!
!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!
!!!!!!!!!!!!!!
!!!
1645824 bytes copied in 13.657 secs (126601 bytes/sec)
Xem version cua switch
ALSwitch#show version
Cisco Internetwork Operating System Software
IOS (tm) C2900XL Software (C2900XL-C3H2S-M), Version 12.0(5.2)XU,
ROM: Bootstrap program is C2900XL boot loader
System image file is "flash:bootfile"
cisco WS-C2912-XL (PowerPC403GA) processor (revision 0x11) with
8192K/1024K
...

File Switch2900XL.bin c kch thc ging file c2900XL-c3h2s-mz-120.5.2-XU.bin c sn

trong flash

11. Upload li file t tftp ln switch

ALSwitch#copy tftp:c2900XL-c3h2s-mz-120.5.2-XU.bin flash

Address or name of remote host []? 10.1.1.10
n EnterDestination filename [c2900XL-c3h2s-mz-120.5.2-XU.bin]?

Accessing tftp://10.1.1.10/c2900XL-c3h2s-mz-120.5.2-XU.bin...
Loading c2900XL-c3h2s-mz-120.5.2-XU.bin from 10.1.1.10 (via
VLAN1): !!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!
!!!!!!
[OK - 1645810 bytes]

1645810 bytes copied in 55.266 secs (29923 bytes/sec)

ALSwitch#
12. Xem cu hnh sau khi upload

ALSwitch#sh flash

Directory of flash:/

2 -rwx 1645824 Mar 01 1993 00:27:37 bootfile

4 -rwx 685 Mar 01 1993 01:53:49 config.text
5 -rwx 1645810 Mar 01 1993 02:07:53 c2900XL-c3h2s-mz-120.5.2-
XU.bin
9 -rwx 17 Jan 01 1970 00:00:20 env_vars

3612672 bytes total (314880 bytes free)

ALSwitch#
Lab 3-1: nh tuyn trn router Cisco

Lab 3-1: nh tuyn trn router Cisco

nh tuyn IP c cho php m c nh trn Cisco router.

L nh cho php hay v hi u ho nh tuyn: [no] ip routing
V l nh ny m c nh nn khi xem cu hnh ang chy bng l nh show runningconfig s
khng thy hin th l nh ny.
kim tra tc ng ca cu l nh cho router ni vi PC1 v PC2 qua hai cng Ethernet 0 v
Ethernet 1 nh hnh v.

Router A vi 2 cng Ethernet s c cu hnh nh sau:

RouterA(config)#interface Ethernet0
RouterA(configif)#ip address 172.108.1.1 255.255.255.0
RouterA(configif)#no shutdown
RouterA(configif)#exit

RouterA(config)#interface Ethernet1
RouterA(configif)#ip address 172.108.2.1 255.255.255.0
RouterA(configif)#no shutdown
RouterA(configif)#exit

RouterA(config)#ip routing l
nh nay m
c inh trn Cisco router
RouterA(config)# Ctrl+z
RouterA#

t a ch IP cho PC1 v PC2 cng mng vi cng Ethernet0 v Ethernet1, nh trn hnh.
Lu .
Win 2000, XP: Start Settings Connection Local Area Connection Properties Internet
Protocol (TCP/IP)
Win98: Start Settings Control Panel Networks TCP/IP TCP/IP Properties

Thc hi n l nh ping trn PC1 v PC2, l nh ping phi thnh cng: Gi IP t PC1 ti PC2 s
c nh tuyn bi R1 m khng cn giao thc nh tuyn v cc mng c kt ni trc tip
vi RouterA.

Win 2000, XP: Start Run: cmd.exe

Win98: Start Run: command.exe

Ti PC1
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\> ping 172.108.2.2

Pinging 172.108.2.2 with 32 bytes of data:

Reply from 172.108.2.2: bytes=32 time<1ms TTL=127

Reply from 172.108.2.2: bytes=32 time<1ms TTL=127
Reply from 172.108.2.2: bytes=32 time<1ms TTL=127
Reply from 172.108.2.2: bytes=32 time<1ms TTL=127

Ping statistics for 172.108.2.2:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\>_

Ti PC2
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\> ping 172.108.1.2

Pinging 172.108.2.2 with 32 bytes of data:

Reply from 172.108.1.2: bytes=32 time<1ms TTL=127

Reply from 172.108.1.2: bytes=32 time<1ms TTL=127
Reply from 172.108.1.2: bytes=32 time<1ms TTL=127
Reply from 172.108.1.2: bytes=32 time<1ms TTL=127

Ping statistics for 172.108.1.2:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

Xem bng nh tuyn RouterA bng l nh show ip route. Ch C pha tri bng nh tuyn
tng trng cho cc mng ni trc tip.

RouterA#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile,
B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate
default
U - per-user static route, o - ODR

Gateway of last resort is not set

172.100.0.0 is subnetted, 2 subnets
C 172.108.1.0 is directly connected, Ethernet0
C 172.108.2.0 is directly connected, Ethernet1
Lab 3-2: Cu hnh nh tuyn tinh

Lab 3-2: Cu hnh nh tuyn tinh

M t & yu cu

Cu hnh static route trn cc router A, router B v router C.

RouterC hot ng nh DCE router, RouterA l DTE router.
T cc router, ta phi c th ping c tt c cc a ch trong mng

Cu hnh
RouterA
!
hostname RouterA
no ip domain-lookup
!
interface s0
ip address 10.0.3.2 255.255.255.0
no shutdown
!
interface E0
ip address 10.0.2.2 255.255.255.0
no shutdown
!
end

RouterA
!
hostname RouterB
no ip domain-lookup
!
interface E0
ip address 10.0.2.1 255.255.255.0
no shutdown
!
ip route 10.0.3.0 255.255.255.0 e0
!
end

RouterC
!
hostname RouterC
no ip domain-lookup
!
interface s0
ip address 10.0.3.100 255.255.255.0
no shutdown
!
ip route 10.0.2.0 255.255.255.0 10.0.3.2
!
end

Cc bc thc hi n
Bc 1: Cu hnh RouterA

RouterA(config)#hostname RouterA
RouterA(config)#no ip domain-lookup
RouterA(config)#interface s0
RouterA(config-if)#ip address 10.0.3.2 255.255.255.0
RouterA(config-if)#no shutdown

- Khi thc hi n l nh no shutdown, s hi n dng thng bo

01:31:19: %LINK-3-UPDOWN: Interface Serial0/0, changed state to

up

RouterA(config-if)#interface E0
RouterA(config-if)#ip address 10.0.2.2 255.255.255.0
RouterA(config-if)#no shutdown
01:34:38: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed
state to up
RouterA(config-if)#end
01:35:39: %SYS-5-CONFIG_I: Configured from console by console
RouterA#

Bc 2: Cu hnh RouterB

RouterB(config)#hostname RouterB
RouterB(config)#no ip domain-lookup
RouterB(config-if)#interface e0
RouterB(config-if)#ip address 10.0.2.1 255.255.255.0
RouterB(config-if)#no shut
01:44:38: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed
state to up
RouterB(config-if)#end
01:45:39: %SYS-5-CONFIG_I: Configured from console by console
RouterB#

Bc 3: Cu hnh c bn router RouterC

RouterC(config)#hostname RouterC
RouterC(config)#no ip domain-lookup
RouterC(config)#interface s0
RouterC(config-if)#ip address 10.0.3.100 255.255.255.0
RouterC(config-if)#no shutdown
01:51:19: %LINK-3-UPDOWN: Interface Serial0/0, changed state to
up
RouterC(config-if)#end
01:51:39: %SYS-5-CONFIG_I: Configured from console by console
RouterC#

Bc 4: Kim tra kt ni gia cc router RouterA, RouterC v RouterB

RouterC#ping 10.0.3.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.3.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4
ms

- Nu khng ping c, kim tra li cu hnh bng l nh show running-config, show interface
m bo cu hnh ng, gii quyt s c nu cn.

RouterB#ping 10.0.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4
ms
RouterB#ping 10.0.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4
ms

RouterA#ping 10.0.3.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.3.100, timeout is 2
seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4
ms

RouterC#ping 10.0.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.2.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

RouterB#ping 10.0.3.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.3.100, timeout is 2
seconds:
.....
Success rate is 0 percent (0/5)

Trn router RouterC, xem bng nh tuyn bng l nh show ip route

RouterC#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile,
B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS
inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/24 is subnetted, 1 subnets

C 10.0.3.0 is directly connected, Serial0/0

Bc 5: Cu hnh Static Routes

Ti router RouterC, cu hnh static route n router RouterB:

RouterC(config)#ip route 10.0.2.0 255.255.255.0 10.0.3.2

RouterC(config)#exit
02:06:37: %SYS-5-CONFIG_I: Configured from console by console

+ Khi cu hnh next hop router l a ch IP th AD = 0; ta cu hnh next hop router s dng
outgoing interface th AD = 1.

Ti router RouterB, nh tuyn static route n router RouterC:

RouterB(config)#ip route 10.0.3.0 255.255.255.0 e0
RouterB(config)#exit
02:06:37: %SYS-5-CONFIG_I: Configured from console by console

Ti router RouterC, ping router RouterB bng l nh ping 10.0.2.1

RouterC#ping 10.0.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4
ms

Ti router RouterB, ping router RouterC bng l nh ping 10.0.3.100

RouterB#ping 10.0.3.100
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.3.100, timeout is 2
seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/8
ms

Xem bng nh tuyn trn router RouterC bng l nh show ip route:

RouterC#show ip route
...
Gateway of last resort is not set

10.0.0.0/24 is subnetted, 2 subnets

S 10.0.2.0 [1/0] via 10.0.3.2
C 10.0.3.0 is directly connected, Serial0/0

Ch : S biu th cho kt ni static vi AD = 1 v hop count l 0 [1/0]

Xem bng nh tuyn trn router RouterB:

RouterB#show ip route
...
Gateway of last resort is not set

10.0.0.0/24 is subnetted, 2 subnets

C 10.0.2.0 is directly connected, FastEthernet0/1
S 10.0.3.0 is directly connected, FastEthernet0/1

Ch AD = 0 khi ta chn outgoing interface cu hnh static route. y ta khng thy entry
[1/0] trong cu hnh.
__________________
Lab 3-3: Cu hnh RIP c bn

Lab 3-3: Cu hnh RIP c bn

M t & yu cu

Router A, B, C s dng RIP qung co thng tin nh tuyn

Router B hot ng nh DCE cung cp xung clock cho router A v C
Cc router cu hnh RIP v qung co tt c cc mng ni trc tip.
T router A, B v C, ta ping c ht cc a ch trong mng.

Cu hnh
Router A
!
hostname Router A
no ip domain-lookup
!
interface Loopback0 inh nghia interface ao lam im kim
tra
ip address 10.1.1.1 255.255.255.0
!
interface Ethernet0
ip address 148.1.1.1 255.255.255.0
no shutdown
no keepalive cho phep cng Ethernet vn up khi khng kt ni
vi bn ngoai
!
interface Serial0
ip address 192.1.1.1 255.255.255.0
no shutdown
!
router rip kich hoat qua trinh inh tuyn RIP trn router
network 10.0.0.0 chi ra mang se quang cao va xac inh interface
nao se gi va nh
n thng tin inh tuyn RIP
network 148.1.0.0
network 192.1.1.0
!
no ip classless
!
end

Router B
!
hostname RouterB
no ip domain-lookup
!
interface Serial0
ip address 192.1.1.2 255.255.255.0
clock rate 64000 hoat
ng nh DCE cung cp xung clock
no shutdown
!
interface Serial1
ip address 193.1.1.1 255.255.255.0
clock rate 64000 hoat
ng nh DCE cung cp xung clock
no shutdown
!
router rip
network 192.1.1.0
network 193.1.1.0
!
end

+ xc nh router no cung cp xung clock tc l thit b DCE dng cu l nh: show

controller [type number]

Router C
!
hostname RouterC
no ip domain-lookup
!
interface Ethernet0
ip address 152.1.1.1 255.255.255.0
no shutdown
no keepalive v hi
u hoa keepalive trn router cho phep
interface ethernet0 vn up khi khng kt ni ra bn ngoai
!
interface Serial0
ip address 193.1.1.2 255.255.255.0
no shutdown
!
router rip
network 152.1.0.0
network 193.1.1.0
!
no ip classless
!
end

Cc bc thc hi n
t hostname, t a ch IP cho cc cng Loopback, Serial, Ethernet
i vi RouterA

Router>en
Router#config terminal
Router(config)#hostname RouterA

RouterA(config)#interface Loopback
RouterA(configif)# ip address 10.1.1.1 255.255.255.0
RouterA(configif)#exit

RouterA(config)#interface Ethernet0
RouterA(configif)#ip address 148.1.1.1 255.255.255.0
RouterA(configif)#no shutdown
RouterA(configif)#no keepalive
RouterA(configif)#exit

RouterA(config)#interface Serial0
RouterA(configif)#ip address 192.1.1.1 255.255.255.0
RouterA(configif)#no shutdown
RouterA(configif)#end
RouterA#

Cu hnh tng t i vi RouterB v RouterC. Lu ti RouterB c l nh clock rate khi cu

hnh cng Serial.

RouterB(config)#interface Serial0
RouterB(configif)#ip address 192.1.1.2 255.255.255.0
RouterB(configif)#clock rate 64000
RouterB(configif)#no shutdown

RouterB(configif)#interface Serial1
RouterB(configif)#ip address 193.1.1.1 255.255.255.0
RouterB(configif)#clock rate 64000
RouterB(configif)#no shutdown
RouterB(configif)#end
RouterB#

Kim tra hot ng cng Serial ti cc router bng l nh show interface [Type Number]

RouterA#show interface Serial0

Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 192.1.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
Last input 00:00:06, output 00:00:08, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output
drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/3/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
489 packets input, 30563 bytes, 0 no buffer
Received 473 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
524 packets output, 33973 bytes, 0 underruns
0 output errors, 0 collisions, 26 interface resets
0 output buffer failures, 0 output buffers swapped out
15 carrier transitions
--More-

RouterB#sh int s0
Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 192.1.1.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
...
RouterB#show interface serial1
Serial1 is up, line protocol is up
Hardware is HD64570
Internet address is 193.1.1.1/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
...

RouterC#show interface Serial0

Serial0 is up, line protocol is up
Hardware is HD64570
Internet address is 193.1.1.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
...
Chy giao thc nh tuyn RIP trn mi router

RouterA(config)#router rip
RouterA(configrouter)#network 10.0.0.0
RouterA(configrouter)#network 148.1.0.0
RouterA(configrouter)#network 192.1.1.0

RouterB(config)#router rip
RouterB(configrouter)#network 192.1.1.0
RouterB(configrouter)#network 193.1.1.0

RouterC(config)#router rip
RouterC(configrouter)#network 152.1.0.0
RouterC(configrouter)#network 193.1.1.0

Kim tra
Xem bng nh tuyn bng l nh show ip route

RouterA# show ip route

...
Gateway of last resort is not set
10.0.0.0 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Loopback0
148.1.0.0/24 is subnetted, 1 subnets
C 148.1.1.0 is directly connected, Ethernet0
R 152.1.0.0/16 [120/2] via 192.1.1.2, 00:00:20, Serial0
C 192.1.1.0/24 is directly connected, Serial0
R 193.1.1.0/24 [120/1] via 192.1.1.2, 00:00:20, Serial0

+ Dng l nh show ip route rip nu ch mun xem cc route hc t RIP.

RouterA# show ip route rip

R 152.1.0.0/16 [120/2] via 192.1.1.2, 00:00:20, Serial0
R 193.1.1.0/24 [120/1] via 192.1.1.2, 00:00:20, Serial0

T router ping cc a ch trn mng

RouterC#ping 192.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.1.1 timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4
ms

RouterC#ping 192.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.1.2 timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4
ms

RouterA#ping 148.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 148.1.1.1 timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4
ms

RouterC#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1 timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4
ms

Ta c th xem qu trnh c p nh t nh tuyn ca RIP bng cch dng l nh debug ip rip. Ch

ti cng serial0, RouterA khng qung co network hc t RouterB (152.1.0.0 v 193.1.1.0)
nhng cc router cn li cc network ny c qung co. y l hot n g ca c ch split
horizon: khi split horizone hot ng, router s khng qung co route ngc tr li ni n n.

RouterA#debug ip rip
RIP: sending v1 update to 255.255.255.255 via Ethernet0
(148.1.1.1)
network 10.0.0.0, metric 1
network 152.1.0.0, metric 3
network 192.1.1.0, metric 1
network 193.1.1.0, metric 2
RIP: sending v1 update to 255.255.255.255 via Loopback0
(10.1.1.1)
network 148.1.0.0, metric 1
network 152.1.0.0, metric 3
network 192.1.1.0, metric 1
network 193.1.1.0, metric 2
RIP: sending v1 update to 255.255.255.255 via Serial0 (192.1.1.1)
network 10.0.0.0, metric 1
network 148.1.0.0, metric 1

Khi debug chy, router s a ra thng tin nh tuyn RIP, ngng debug dng l nh:

RouterA#undebug all

V hi u ho split horizon ti RouterA dng l nh ti interface mode

RouterA(config)#int s0
RouterA(configif)#no ip splithorizon

Lc ny, kim tra thng tin nh tuyn ti RouterA dng l n h debug ip rip. Thng tin xut
hi n di y (ch tt c cc route c qung co ra cng serial , bao gm c cc route hc t
RouterB v RouterC):

RouterA#debug ip rip
RIP: sending v1 update to 255.255.255.255 via Ethernet0
(148.1.1.1)
network 10.0.0.0, metric 1
network 152.1.0.0, metric 3
network 192.1.1.0, metric 1
network 193.1.1.0, metric 2
RIP: sending v1 update to 255.255.255.255 via Loopback0
(10.1.1.1)
network 148.1.0.0, metric 1
network 152.1.0.0, metric 3
network 192.1.1.0, metric 1
network 193.1.1.0, metric 2
RIP: sending v1 update to 255.255.255.255 via Serial0 (192.1.1.1)
network 10.0.0.0, metric 1
network 148.1.0.0, metric 1
network 152.1.0.0, metric 3
network 192.1.1.0, metric 1
network 193.1.1.0, metric 2
Lab 3-4: Giao thc nh tuyn RIP

Lab 3-4: Giao thc nh tuyn RIP

M t & yu cu

Lab ny cu hnh nh tuyn IP dng a ch mng lp B (131.108.0.0/16), vi subnet mask lp

C (255.255.255.0 hay /24).
Cu hnh giao thc nh tuyn RIP trn R1 v R2 t router ping c tt c a ch trn
mng.

Cu hnh
R1
!
hostname R1
!
interface loopback0
ip address 131.108.4.1 255.255.255.0
exit
!
interface loopback1
ip address 131.108.5.1 255.255.255.0
exit
!
interface loopback2
ip address 131.108.6.1 255.255.255.0
exit
!
interface Ethernet0
ip address 131.108.1.1 255.255.255.0
no shutdown
no keepalive
exit
!
interface Serial0
ip address 131.108.3.1 255.255.255.0
clock rate 64000
no shut
exit
!
router rip
network 131.108.0.0
!
end

R2
!
hostname R2
!
interface loopback0
ip address 131.108.7.1 255.255.255.0
exit
!
interface loopback1
ip address 131.108.8.1 255.255.255.0
exit
!
interface loopback2
ip address 131.108.9.1 255.255.255.0
exit
!
interface Ethernet0
ip address 131.108.2.1 255.255.255.0
no shutdown
no keepalive
exit
!
interface Serial0
ip address 131.108.3.2 255.255.255.0
no shut
exit
!
router rip
network 131.108.0.0
!
end

Cc bc thc hi n nh sau

1. t hostname, cu hnh cho cc cng loopback, Ethernet v Serial trn R1 v R2.

t hostname
Router(config)#hostname R1
R1(config)# _

Router(config)#hostname R2
R2(config)# _

Xc nh thit b no l DCE v DTE:

R1#show controllers S0
Interface Serial0
Hardware is PowerQuiCC MPC860
DCE V.35, no clock
...

R2#show controllers S1
HD unit 0, idb = 0xFBDB0, driver structure at 0x1020C8
buffer size 1524 HD unit 0, V.35 DTE cable
cpb = 0x1, eda = 0x483C, cda = 0x4850
...

Cu hnh a ch IP cho cc cng ca R1

R1(config)#interface loopback0
R1(conigif)# ip address 131.108.4.1 255.255.255.0

R1(configif)#interface loopback1
R1(conigif)# ip address 131.108.5.1 255.255.255.0

R1(configif)#interface loopback2
R1(conigif)# ip address 131.108.6.1 255.255.255.0
R1(conigif)# exit

R1(config)#interface Ethernet0
R1(conigif)#ip address 131.108.1.1 255.255.255.0
R1(conigif)#no shutdown
%LINK-3-UPDOWN: Interface Ethernet0, changed state to up
%LINK-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to up
R1(conigif)#no keepalive
R1(conigif)# exit

R1(config)#interface Serial0
R1(conigif)#ip address 131.108.3.1 255.255.255.0
R1(conigif)#clock rate 128000
R1(conigif)#no shut

Tng t i vi R2
R2(config)#interface loopback0
R2(conigif)# ip address 131.108.7.1 255.255.255.0

R2(config)#interface loopback1
R2(conigif)# ip address 131.108.8.1 255.255.255.0

R2(config)#interface loopback2
R2(conigif)# ip address 131.108.9.1 255.255.255.0

R2(config)#interface Ethernet0
R2(conigif)#ip address 131.108.2.1 255.255.255.0
R2(conigif)#no shutdown
R2(conigif)#no keepalive
R2(conigif)# exit

R2(config)#interface Serial1
R2(conigif)#ip address 131.108.3.2 255.255.255.0
R2(conigif)#no shut

2. Kim tra bng nh tuyn IP trn cc router

R1# show ip route

...
Gateway of last resort is not set

131.108.0.0/24 is subnetted, 5 subnets

C 131.108.6.0 is directly connected, Loopback2
C 131.108.5.0 is directly connected, Loopback1
C 131.108.4.0 is directly connected, Loopback0
C 131.108.3.0 is directly connected, Serial0
C 131.108.1.0 is directly connected, Ethernet0

R2# show ip route

...
Gateway of last resort is not set

131.108.0.0/24 is subnetted, 5 subnets

C 131.108.9.0 is directly connected, Loopback2
C 131.108.8.0 is directly connected, Loopback1
C 131.108.7.0 is directly connected, Loopback0
C 131.108.3.0 is directly connected, Serial1
C 131.108.2.0 is directly connected, Ethernet0

3. Chy giao thc nh tuyn RIP trn c hai router

R1(config)#router rip
R1(configrouter)#network 131.108.0.0
R1(configrouter)#end
R1#copy run start lu cu hnh vo NVRAM

R2(config)#router rip
R2(configrouter)network 131.108.0.0
R2(configrouter)#end
R2#copy run start

Xem qu trnh c p nh t nh tuyn trn router

R1#debug ip rip
RIP protocol debugging is on

R1#debug ip rip events

RIP event debugging is on

4. Xem li bng nh tuyn trn R1 v R2

R1# show ip route

...
Gateway of last resort is not set

131.108.0.0/24 is subnetted, 5 subnets

R 131.108.9.0/24 [120/1] via 131.108.3.2, 00:00:00, Serial0
R 131.108.8.0/24 [120/1] via 131.108.3.2, 00:00:00, Serial0
R 131.108.7.0/24 [120/1] via 131.108.3.2, 00:00:00, Serial0
C 131.108.6.0 is directly connected, Loopback2
C 131.108.5.0 is directly connected, Loopback1
C 131.108.4.0 is directly connected, Loopback0
C 131.108.3.0 is directly connected, Serial0
R 131.108.2.0/24 [120/1] via 131.108.3.2, 00:00:00, Serial0
C 131.108.1.0 is directly connected, Ethernet0

R2# show ip route

...
Gateway of last resort is not set
131.108.0.0/24 is subnetted, 5 subnets
C 131.108.9.0 is directly connected, Loopback2
C 131.108.8.0 is directly connected, Loopback1
C 131.108.7.0 is directly connected, Loopback0
R 131.108.6.0/24 [120/1] via 131.108.3.1, 00:00:00, Serial1
R 131.108.5.0/24 [120/1] via 131.108.3.1, 00:00:00, Serial1
R 131.108.4.0/24 [120/1] via 131.108.3.1, 00:00:00, Serial1
C 131.108.3.0 is directly connected, Serial1
C 131.108.2.0 is directly connected, Ethernet0
R 131.108.1.0/24 [120/1] via 131.108.3.1, 00:00:00, Serial1

5. Kim tra hot ng bng ping cc mng xa (tt c cc l nh ping phi thnh cng)

R1#ping 131.108.9.1
R1#ping 131.108.8.1
R1#ping 131.108.7.1
R1#ping 131.108.2.1

R2#ping 131.108.4.1
R2#ping 131.108.5.1
R2#ping 131.108.6.1
R2#ping 131.108.1.1

V d ping thnh cng

R1#ping 131.108.9.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 131.108.9.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/32/32 ms
LAB 3-5: CU HNH PASSIVE INTERFACE

M t v yu cu:
- Bi thc hnh ny m t cch dng lnh passive interface; lnh ny cho php router c chy
RIP nhn, nhng khng gi thng tin nh tuyn ra ngoi cng ch nh.
- Cc Router cu hnh RIP.
- Khng cho gi thng tin nh tuyn qua cng Serial 0 ca router A.
- Router B v C qung co tt c cc mng ni trc tip.

Cu hnh:
Router A:
!
hostname Router A
!
interface Loopback0 <- nh ngha interface o lm im kim
tra
ip address 10.1.1.1 255.255.255.0
!
interface Ethernet0
ip address 148.1.1.1 255.255.255.0
no shutdown
no keepalive <- cho php interface ethernet vn up khi khng kt
ni vi HUB hoc Switch.
!
interface Serial0
ip address 192.1.1.1 255.255.255.0
no shutdown
!
!
router rip <- kch hot qu trnh nh tuyn RIP trn router.
passiveinterface Serial0 <- khng cho gi thng tin nh tuyn
RIP trn Serial 0
network 10.0.0.0 <- ch ra mng s qung co v xc nh cng no
s gi v nhn thng tin nh tuyn RIP.
network 148.1.0.0
network 192.1.1.0
!
no ip classless
!
end
Router B:
!
hostname RouterB
!
interface Serial0
ip address 192.1.1.2 255.255.255.0
clock rate 64000 <- hot ng nh DCE cung cp xung clock
no shutdown
!
interface Serial1
ip address 193.1.1.1 255.255.255.0
clock rate 64000 <- hot ng nh DCE cung cp xung clock
no shutdown
!
router rip
network 192.1.1.0
network 193.1.1.0
!
end
Router C:
!
hostname RouterC
!
interface Ethernet0
ip address 152.1.1.1 255.255.255.0
no shutdown
no keepalive <- v hiu ha keepalive trn Router cho php cng
Ethernet 0 vn up khi khng kt ni ra bn ngoi.
!
interface Serial0
ip address 193.1.1.1 255.255.255.0
no shutdown
!
router rip
network 152.1.0.0
network 193.1.1.0
!
no ip classless
!
end
Kim tra:
- Xem qu trnh gi nhn thng tin nh tuyn bng lnh dubug ip rip trn router A. Ch
cp nht RIP ch gi ra cng Ethernet0 v Loopback0, Serial0 ch nhn thng tin nh tuyn RIP.
RouterA#debug ip rip
RIP: received v1 update from 192.1.1.2 on Serial0
152.1.0.0 in 2 hops
193.1.1.0 in 1 hops
RIP: sending v1 update to 255.255.255.255 via Ethernet0
(148.1.1.1)
network 10.0.0.0, metric 1
network 152.1.0.0, metric 3
network 192.1.1.0, metric 1
network 193.1.1.0, metric 2
RIP: sending v1 update to 255.255.255.255 via Loopback0
(10.1.1.1)
network 148.1.0.0, metric 1
network 152.1.0.0, metric 3
network 192.1.1.0, metric 1
network 193.1.1.0, metric 2
- Xem bng nh tuyn trn router A v router C bng lnh show ip route. Ch router A
hc tt c cc route t Router C, router C khng c route t Router A.
RouterA# show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile,
B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate
default
U - per-user static route, o - ODR

Gateway of last resort is not set

10.0.0.0 /24 is subnetted, 1 subnets

C 10.1.1.0 is directly connected, Loopback0
148.1.0.0/24 is subnetted, 1 subnets
C 148.1.1.0 is directly connected, Ethernet0
R 152.1.0.0/16 [120/2] via 192.1.1.2, 00:00:20, Serial0
C 192.1.1.0/24 is directly connected, Serial0
R 193.1.1.0/24 [120/1] via 192.1.1.2, 00:00:20, Serial0

RouterC# show ip route

...
Gateway of last resort is not set

152.1.0.0/24 is subnetted, 1 subnets

C 152.1.1.0 is directly connected, Ethernet0
R 192.1.1.0/24 [120/1] via 193.1.1.2, 00:00:20, Serial0
C 193.1.1.0/24 is directly connected, Serial0
Lab 3-6: Cu hnh IGRP c bn

Lab 3-6: Cu hnh IGRP c bn

M t & yu cu

Router 1, router 2 s dng IGRP qung co thng tin nh tuyn

Router 1 hot ng nh DCE cung cp xung clock cho router 2
Cc router cu hnh IGRP v qung co tt c cc mng ni trc tip.
T router 1, router 2 ping c ht cc a ch trong mng.

Cu hnh

Router R1

hostname R1
!
enable password cisco
!
ip subnet-zero
no ip domain-lookup
!
interface Loopback0
ip address 192.168.4.1 255.255.255.0
!
interface Loopback1
ip address 192.168.5.1 255.255.255.0
!
interface Loopback2
ip address 192.168.6.1 255.255.255.0
!
interface Ethernet0
ip address 192.168.1.1 255.255.255.0
!
interface Serial0
ip address 192.168.3.1 255.255.255.0
clock rate 64000
!
router igrp 234
network 192.168.1.0
network 192.168.3.0
network 192.168.4.0
network 192.168.5.0
network 192.168.6.0
!
end

Router R2
!
hostname R2
!
enable password cisco
!
ip subnet-zero
no ip domain-lookup
!
interface Loopback0
ip address 192.168.7.1 255.255.255.0
!
interface Loopback1
ip address 192.168.8.1 255.255.255.0
!
interface Loopback2
ip address 192.168.9.1 255.255.255.0
!
interface Ethernet0
ip address 192.168.2.1 255.255.255.0
!
interface Serial0
ip address 192.168.3.2 255.255.255.0
!
router igrp 234
network 192.168.2.0
network 192.168.3.0
network 192.168.7.0
network 192.168.8.0
network 192.168.9.0
!
end

Cc bc thc hi n

1. t hostname, cu hnh cho cc cng loopback, ethernet v serial trn router R1

Router> en
Router# conf t
Router(config)# hostname R1
R1(config)# no ip domain-lookup
R1(config)# int e0
R1(config-if)#ip addr 192.168.1.1 255.255.255.0
R1(config-if)#no keepalive cho php cng Ethernet vn up khi khng kt ni vi bn ngoi
R1(config-if)# no shut
%LINK-3-UPDOWN: Interface Ethernet0, changed state to up
%LINK-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to up
R1(config-if)# exit

R1(config)# int lo0 nh ngha cng o lm im kim tra

R1(config-if)# ip addr 192.168.4.1 255.255.255.0
R1(config-if)# int lo1
R1(config-if)# ip addr 192.168.5.1 255.255.255.0
R1(config-if)# int lo2
R1(config-if)# ip addr 192.168.6.1 255.255.255.0
R1(config-if)# exit

R1(config-if)# int s0
R1(config-if)# ip addr 192.168.3.1 255.255.255.0
R1(config-if)# clock rate 64000 hot ng nh DCE cung cp xung clock
R1(config-if)# no shut

2. t hostname, cu hnh cho cc cng loopback, ethernet v serial trn router R2

Router> en
Router# conf t
Router(config)# hostname R2
R2(config)# no ip domain-lookup

R2(config)#int e0
R2(config-if)# ip addr 192.168.2.1 255.255.255.0
R2(config-if)# no shut
R2(config-if)# int lo0
R2(config-if)# ip addr 192.168.7.1 255.255.255.0
R2(config-if)# int lo1
R2(config-if)# ip addr 192.168.8.1 255.255.255.0
R2(config-if)# int lo2
R2(config-if)# ip addr 192.168.9.1 255.255.255.0

R2(config-if)# int s0
R2(config-if)# ip addr 192.168.3.2 255.255.255.0
R2(config-if)# no shut

3. Cu hnh giao thc nh tuyn IGRP v sau lu cu hnh vo NVRAM trn router R1

R1(config)# router igrp 234 kch hot qu trnh nh tuyn IGRP trn router
R1(config-router)# network 192.168.1.0 ch ra mng s qung co v xc nh cng no s
gi v nh n thng tin nh tuyn RIP
R1(config-router)# network 192.168.3.0
R1(config-router)# network 192.168.4.0
R1(config-router)# network 192.168.5.0
R1(config-router)# network 192.168.6.0
R1(config-router)# end
R1#copy run start

4. Cu hnh giao thc nh tuyn IGRP v sau lu cu hnh vo NVRAM trn router R2

R2(config)# router igrp 234

R2(config-router)# network 192.168.2.0
R2(config-router)# network 192.168.3.0
R2(config-router)# network 192.168.7.0
R2(config-router)# network 192.168.8.0
R2(config-router)# network 192.168.9.0
R2(config-rputer)# end
R2# copy run start

5. Kim tra v gii quyt s c

Dng l nh clear ip route * xo ton b route t bng nh tuyn.

R1# clear ip route *

Xem qu trnh gi nh n thng tin nh tuyn IGRP bng l nh debug ip igrp events, debug ip
igrp transactions.

R1# debug ip igrp events

IGRP event debugging is on
R1# debug ip igrp transactions
IGRP protocol debuging is on
R1#
IGRP: received update from 192.168.3.2 on R2
IGRP: Update contains 0 interior, 4 system, and 0 exterior routes.
IGRP: Total routes in update: 4

Tt ch debug bng l nh undebug all.

R1# undebug all

All possible debugging has been turned off

Xem bng nh tuyn trn R1 v R2 bng l nh show ip route.

R1# show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR
Gateway of last resort is not set

I 192.168.9.0/24 [100/8976] via 192.168.3.2, 00:00:46, Serial0

I 192.168.8.0/24 [100/8976] via 192.168.3.2, 00:00:46, Serial0
C 192.168.3.0/24 is directly connected, Serial0
I 192.168.2.0/24 [100/8576] via 192.168.3.2, 00:00:46, Serial0
C 192.168.1.0/24 is directly connected, Ethernet0
I 192.168.7.0/24 [100/8976] via 192.168.3.2, 00:00:47, Serial0
C 192.168.6.0/24 is directly connected, Loopback2
C 192.168.5.0/24 is directly connected, Loopback1
C 192.168.4.0/24 is directly connected, Loopback0

T R1, bn c th thy c 4 route IGRP hc t next-hop 192.168.3.2 v i qua cng S0. Ch

y s AD trong trng hp IGRP l 100(RIP l 120 v OSPF l 110). I c nghia l IGRP.

R2# show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR
Gateway of last resort is not set
I 192.168.4.0/24 [100/8976] via 192.168.3.1, 00:00:46, Serial0
I 192.168.5.0/24 [100/8976] via 192.168.3.1, 00:00:46, Serial0
C 192.168.3.0/24 is directly connected, Serial0
I 192.168.1.0/24 [100/8576] via 192.168.3.1, 00:00:46, Serial0
C 192.168.2.0/24 is directly connected, Ethernet0
I 192.168.6.0/24 [100/8976] via 192.168.3.1, 00:00:47, Serial0
C 192.168.9.0/24 is directly connected, Loopback2
C 192.168.8.0/24 is directly connected, Loopback1
C 192.168.7.0/24 is directly connected, Loopback0
Lab 3-7: Cu hnh IGRP Passive Interface

Lab 3-7: Cu hnh IGRP Passive Interface

M t & yu cu
Router A, B, C s dng IGRP qung co thng tin nh tuyn.
Router B hot ng nh DCE cung cp xung clock cho router A v C.
Cc router cu hnh IGRP v qung co tt c cc mng ni trc tip.
Cng S0 ca router A khng gi thng tin nh tuyn m ch nh n thng tin nh tuyn.
Router B v C qung co tt c cc mng ni trc tip.

Cu hnh

Router A
!
hostname Router A
!
interface Loopback0 inh nghia interface ao lam im kim
tra
ip address 10.1.1.1 255.255.255.0
!
interface Ethernet0
ip address 148.1.1.1 255.255.255.0
no shutdown
no keepalive cho phep interface Ethernet vn up khi khng kt
ni vi bn ngoai
!
interface Serial0
ip address 192.1.1.1 255.255.255.0
no shutdown
!
!
router igrp 64 kich hoat qua trinh inh tuyn IGRP trn router
passiveinterface Serial0 khng cho gi thng tin inh tuyn
IGRP trn Serial0
network 10.0.0.0 chi ra mang se quang cao va xac inh cng nao
se gi va nh
n thng tin inh tuyn IGRP
network 148.1.0.0
network 192.1.1.0
!
no ip classless
!
end

Router B
!
hostname RouterB
!
interface Serial0
ip address 192.1.1.2 255.255.255.0
clock rate 64000 hoat
ng nh DCE cung cp xung clock
no shutdown
!
interface Serial1
ip address 193.1.1.1 255.255.255.0
clock rate 64000 hoat
ng nh DCE cung cp xung clock
no shutdown
!
router igrp 64
network 192.1.1.0
network 193.1.1.0
!
end
Router C
!
hostname RouterC
!
interface Ethernet0
ip address 152.1.1.1 255.255.255.0
no shutdown
no keepalive v hi
u hoa keepalive trn router cho phep
interface ethernet0 vn up khi khng kt ni ra bn ngoai
!
interface Serial0
ip address 193.1.1.1 255.255.255.0
no shutdown
!
router igrp 64
network 152.1.0.0
network 193.1.1.0
!
no ip classless
!
end

Kim tra

1. Xem thng tin v IGRP bng l n

h show ip protocols, ch y rng Serial cng trn router
A trng thi passive.

RouterA#show ip protocols
Routing Protocol is igrp 64
Sending updates every 90 second, next due in 31 seconds
Invalid after 270 seconds, hold dow 280, flushed after 630
Outgoing update filter list for all interface is not set
Incoming update filter list for all interface is not set
Default networks flagged in outgoing updates
Default networks accepted from incoming updates
IGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
IGRP maximum hopcount 100
IGRP maximum metric variance 1
Redistributing: IGRP 64
Routing for Network:
10.0.0.0
148.1.0.0
192.1.1.0
Passive Interface(s):
Serial0
Routing Information Sources:
Gateway Distance Last Update
192.1.1.2 100 00:00:48
Distance: (default is 100)

2. Xem qu trnh gi nh n thng tin nh tuyn bng l nh debug ip igrp transactions trn
router A. Ch y c p nh t IGRP chi gi ra cng Ethernet0 v Loopback0, cng Serial0 chi
nh n ch khng gi i thng tin nh tuyn IGRP.

RouterA# debug ip igrp transactions

IGRP: sending update to 255.255.255.255 via Ethernet0 (148.1.1.1)

network 10.0.0.0, metric=501
network 152.1.0.0, metric=10576
network 192.1.1.0, metric=8476
network 193.1.1.0, metric=10476
IGRP: sending update to 255.255.255.255 via Loopback0 (10.1.1.1)
network 148.1.0.0, metric=1100
network 152.1.0.0, metric=10576
network 192.1.1.0, metric=8476
network 193.1.1.0, metric=10476
IGRP: received update from 192.1.1.2 on Serial0
network 152.1.0.0, metric 10576 (neighbor 8576)
network 193.1.1.0, metric 10476 (neighbor 8476)

3. Xem bng nh tuyn trn RouterA v RouterC bng l nh show ip route. Ch y

RouterA hc tt c cc route t RouterC, RouterC khng c route t RouterA.

RouterA#show ip route
Codes: C connected, S static, I IGRP, R RIP, M mobile, B BGP
D EIGRP, EX EIGRP external, 0 OSPF, IA OSPF inter area
N1 OSPF NSSA external type 1, N2 OSPF NSSA external type 2
E1 OSPF external type 1, E2 OSPF external type 2, E EGP
i IS-IS, L1 IS-IS level-1, L2 IS-IS level-2, * - candidate default
U per-user static route, o ODR

Gateway of last resort is not set

10.0.0.0/24 is subnetted, 1 subnets

C 10.1.1.0 is directly connected, Loopback0
148.1.0.0/24 is subnetted, 1 subnets
C 148.1.1.0 is directly connected, Ethernet0
I 152.1.0.0/16 [100/10576] via 192.1.1.2, 00:00:29, Serial0
C 192.1.1.0/24 is directly connected, Serial0
I 193.1.1.0/24 [100/10476] via 192.1.1.2, 00:00:29, Serial0

RouterC#show ip route
Codes: C connected, S static, I IGRP, R RIP, M mobile, B BGP
D EIGRP, EX EIGRP external, 0 OSPF, IA OSPF inter area
N1 OSPF NSSA external type 1, N2 OSPF NSSA external type 2
E1 OSPF external type 1, E2 OSPF external type 2, E EGP
i IS-IS, L1 IS-IS level-1, L2 IS-IS level-2, * - candidate default
U per-user static route, o ODR

Gateway of last resort is not set

152.1.0.0/24 is subnetted, 1 subnets

C 152.1.1.0 is directly connected, Ethernet0
I Route192.1.1.0/24 [100/10476] via 193.1.1.2, 00:00:13, Serial0 from
RouterB
C 193.1.1.0/24 is directly connected, Serial0

+ debug ip igrp transactions: l nh ny dng hin th qu trnh trao i nh tuyn IGRP, n

hin th tt c c p nh t nh tuyn IGRP c gi va nh n bi router.
clear ip route [route | * ] : loi b m t ho c nhiu route t bng nh tuyn. L nh ny cho
php bn xo route ch nh hay xa ton b route t bng nh tuyn (dng *
Lab 3-8: Cu hnh IGRP Unequal-Cost Load Balancing

Lab 3-8: Cu hnh IGRP Unequal-Cost Load Balancing

[img]

[/img]

M t & yu cu

Router A, B, C s dng IGRP qung co thng tin nh tuyn.

Router B hot ng nh DCE cung cp xung clock cho router A v C.
Cc router cu hnh IGRP v qung co tt c cc mng ni trc tip.
Cu hnh router A v B s dng IGRP cn bng ti trn cng S0, E0.
T router A, B, C ping c ht cc a ch trong mng.

+ M c nh router s cn bng ti 4 tuyn ng i c cost bng nhau. Ta c th cu hnh IGRP

cn bng ti c n 4 tuyn ng i c n gi(cost) khng bng nhau n ch bng cch
s dng bin varian x vi: X= highest cost/ lowest cost.

V d nu router A c 2 ng i n ch 3.3.3.3 m t ng c cost l 4, v ng kia c cost

l 8 th m c nh s s dng ng i c cost l 4 n 3.3.3.3. Tuy nhin nu ta thit l p
variance l 2 th router s cn bng ti trn c 2 tuyn ng ny.

Cu hnh
RouterA
!
hostname RouterA
!
nh ngha cng ointerface Loopback0
ip address 10.1.1.1 255.255.255.0
!
interface Ethernet0
ip address 152.1.1.1 255.255.255.0
keepalive
!
interface Serial0
ip addres 192.1.1.1 255.255.255.0
no shut
!
!
router IGRP 64
network 10.0.0.0
network 152.1.0.0
network 192.1.1.0
!
no ip classless
!
end

RouterB
!
hostname RouterB
!
interface Ethernet0
no ip address
ip address 152.1.1.2 255.255.255.0
!
interface Serial0
ip address 192.1.1.2 255.255.255.0
clockrate 64000
! hoat
ng nh DCE cung cp xung clock
no shut
!
interface Serial1
ip address 193.1.1.2 255.255.255.0
hoat
ng nh DCE cung cp xung clockclockrate 64000
no shut
!
router igrp 64
! kich hoat qua trinh inh tuyn IGRP trn router
network 192.1.1.0
! chi ra mang se quang cao va xac inh cng nao se gi va nh
n
thng tin inh tuyn IGRP
network 193.1.1.0
network 152.1.0.0
!
no ip classless
!
end

RouterC
!
hostname RouterC
!
interface Loopback0
ip address 3.3.3.3 255.255.255.0
!
interface serial0
ip address 193.1.1.1 255.255.255.0
!
!
router igrp 64
! kich hoat qua trinh inh tuyn IGRP trn router
network 193.1.1.0
! chi ra mang se quang cao va xac inh cng nao se gi va nh
n
thng tin inh tuyn IGRP
network 3.0.0.0
!
no ip classless
!
end

Kim tra

1. Xem bng nh tuyn trn Router A bng l nh show ip route

RouterA#show ip route
Codes: C connected, S static, I IGRP, R RIP, M mobile,
B BGP
D EIGRP, EX EIGRP external, 0 OSPF, IA OSPF inter area
N1 OSPF NSSA external type 1, N2 OSPF NSSA external type 2
E1 OSPF external type 1, E2 OSPF external type 2, E EGP
i IS-IS, L1 IS-IS level-1, L2 IS-IS level-2, * - candidate
default
U per-user static route, o ODR

Gateway of last report is not set

I 3.0.0.0/8 [100/9076] via 152.1.1.1, 00:00:04, Ethernet0

[100/10976] via 192.1.1.2, 00:00:04, Serial0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Loopback0
152.1.0.0/24 is subnetted, 1 subnets
C 152.1.1.0 is directly connected, Ethernet0
C 192.1.1.0/24 is directly connected, Serial0
I 193.1.1.0/24 [100/10476] via 192.1.1.2, 00:00:27, Serial0
[100/8576] via 152.1.1.1, 00:00:27, Ethernet0

Ch y c 2 ng i n mng 3.0.0.0, m t ng qua Ethernet cng (cost l 9076), ng

kia qua Serial cng (cost l 10976). Cost ca 2 tuyn ng khng bng nhau, khi thit l p
variance l 2, tuyn ng qua Serial cng c cost nh hn gi tr ny (10976&lt;18152 =
9076*2) nn se c s dng.

2. T router A xem ng i n host 3.3.3.3 bng l nh show ip route 3.3.3.3

RouterA#show ip route 3.3.3.3

Routing entry for 3.0.0.0/8
Known via igrp 64, distance 100, metric 9076
Redistributing via igrp 64
Advertised by igrp 64 (self originated)
Last update from 192.1.1.2 on Serial0, 00:00:18 ago
Routing Descriptor Blocks:
* 152.1.1.1, from 152.1.1.1, 00:00:18 ago, via Ethernet0
Route metric is 9076, traffic share count is 1
Total delay is 26000 microseconds, minimum bandwith is 1544 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
192.1.1.2, from 192.1.1.2,00:00:18 ago, via Serial0
Route metric is 10976, traffic share count is 1
Total delay is 45000 microseconds, minimum bandwith is 1544 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1

Ta thy c 2 tuyn ng n host 3.3.3.3, du * cho bit gi tin t touter A s s dng ng

ny n host 3.3.3.3.
3. T router A ping host 3.3.3.3

RouterA#ping 3.3.3.3
Type the escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 second:
!!!!!

4. By gi xem li tuyn ng i n host 3.3.3.3 bng l n

h show ip route 3.3.3.3.

RouterA#show ip route 3.3.3.3

Routing entry for 3.0.0.0/8
Known via igrp 64, distance 100, metric 9076
Redistributing via igrp 64
Advertised by igrp 64 (self originated)
Last update from 192.1.1.2 on Serial0, 00:00:06 ago
Routing Descriptor Blocks:
152.1.1.1, from 152.1.1.1, 00:00:06 ago, via Ethernet0
Route metric is 9076, traffic share count is 1
Total delay is 26000 microseconds, minimum bandwith is 1544 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1
* 192.1.1.2, from 192.1.1.2, 00:00:07 ago, via Serial0
Route metric is 10976, traffic share count is 1
Total delay is 45000 microseconds, minimum bandwith is 1544 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 1

Ta thy du * by gi tuyn ng th hai. iu ny do router thc hi n cn bng ti cho c 2

tuyn ng n mng 3.0.0.0

5. Loi b variance t router A bng l nh no variance.

RouterA#configuration terminal
RouterA(config)#router igrp 64
RouterA(config-router)#no variance

6. T router A xem li ng i n host 3.3.3.3 bng l nh show ip route 3.3.3.3, ch rng ch

c 1 tuyn ng c s dng, ng ny s c metric nh hn v ta khng thc hi n cn bng
ti.
__________________
Lab 3-9: RIP and Discontigous Networks
M t

Router R1, R2 s dng RIP qung co thng tin nh tuyn

Router R1 hot ng nh DCE cung cp xung clock cho R2
T router R1, R2 ping c ht cc a ch trong mng.

Discontiguous network l mng bao gm nhiu mng con thu c cng m t mng chnh (major
network) b phn cch bi m t mng khc. V d nh hnh trn, mng con 130.1.1.0/24 trn
router R1 c phn cch vi mng 130.1.2.0/24 R2 bi mng 10.1.1.0.

Cu hnh
Router R1
hostname R1
!
enable password vnpro
!
ip subnet-zero
no ip domain-lookup
!
interface Ethernet0
ip address 130.1.1.1 255.255.255.0
no keepalive
!
interface Serial0
ip address 10.1.1.1 255.255.255.0
clock rate 64000
!
router rip
network 130.1.0.0
network 10.0.0.0
!
end
Router R2
hostname R2
!
enable password vnpro
!
ip subnet-zero
no ip domain-lookup
!
interface Ethernet0
ip address 130.1.2.1 255.255.255.0
no keepalive
!
interface Serial0
ip address 10.1.1.2 255.255.255.0
!
router rip
network 130.1.0.0
network 10.0.0.0
!
end

Cc bc thc hi n
1. t hostname, cu hnh cho cng loopback, ethernet v serial trn router R1

Router> en
Router# conf t
Router(config)# hostname R1
R1(config)# no ip domain-lookup
R1(config)# int e0
R1(config-if)# ip addr 130.1.1.1 255.255.255.0
R1(config-if)# no keepalive cho php cng Ethernet vn up khi khng kt ni vi bn ngoi
R1(config-if)# no shut
%LINK-3-UPDOWN: Interface Ethernet0, changed state to up
%LINK-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to up
R1(config-if)# exit

R1(config)# int s0
R1(config-if)# ip addr 10.1.1.1 255.255.255.0
R1(config-if)# clock rate 64000 hot ng nh DCE cung cp xung clock
R1(config-if)# no shut

2. t hostname, cu hnh cho cng loopback, ethernet v serial trn router R2

Router> en
Router# conf t
Router(config)# hostname R2
R2(config)# no ip domain-lookup

R2(config)#int e0
R2(config-if)# ip addr 130.1.2.1 255.255.255.0
R1(config-if)# no keepalive
R2(config-if)# no shut

R2(config-if)# int s0
R2(config-if)# ip addr 10.1.1.2 255.255.255.0
R2(config-if)# no shut

3. Cu hnh giao thc nh tuyn RIP trn router R1, R2 v lu cu hnh ln NVRAM
R1(config)# router rip kch hot qu trnh nh tuyn RIP trn router
R1(config-router)# network 130.1.0.0 ch ra mng no s chy RIP
R1(config-router)# network 10.0.0.0
R1(config-router)# end
R1# copy run start

R2(config)# router rip

R2(config-router)# network 130.1.0.0
R2(config-router)# network 10.0.0.0
R2(config-rputer)# end
R2# copy run start

4. Kim tra v gii quyt s c

Xem qu trnh gi nh n thng tin nh tuyn RIP bng l nh debug ip rip.

R2#debug ip rip
R2#
00:12:19: RIP: received v1 update from 10.1.1.1 on Serial0
00:12:19: 130.1.0.0 in 1 hops

Tt ch debug bng l n h undebug all ho c vit gn l u all

R2# u all
All possible debugging has been turned off

Xem bng nh tuyn trn R2 bng l nh show ip route.

R2# show ip route

Gateway of last resort is not set
130.1.0.0/24 is subnetted, 1 subnets
C 130.1.2.0 is directly connected, Ethernet0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Serial0
R2#

Ta thy trn R2 khng c mng 130.1.1.0 trong bng nh tuyn. L do l RIP ch h tr classfull
nn khng gi i thng tin v subnet mask trong cc routing update. Khi R1 gi thng tin v
mng 130.1.1.0 n R2, R1 s thc hi n summary mng ny v dng classfull 130.1.0.0. R2
kt ni trc tip vi mng 130.1.2.0 th s hiu mng ny l 130.1.0.0. Do , khi R2 nh n thng
tin v mng 130.1.0.0, n s loi b bn tin update ny v mng ny c trong bng nh tuyn
vi metric cao hn.

5. gii quyt vn ny ta s dng a ch secondary trn cng kt ni gia R1 v R2, a ch

ny phi thu c major network trong mng discontiguous network v phi cng subnet mask.

R1(config)# int s0
R1(config-if)# ip address 130.1.3.1 255.255.255.0 secondary

R2(config)#int s0
R2(config-if)# ip address 130.1.3.2 255.255.255.0 secondary

6. Kim tra kt qu v gii quyt s c

Dng l nh clear ip route * xo ton b route t bng nh tuyn.

R1# clear ip route *

Xem qu trnh gi nh n thng tin nh tuyn RIP bng l nh debug ip rip. Ch rng R2 by
gi nh n update v mng 131.1.1.0 t R1.

R2#debug ip rip
R2#
00:15:10: RIP: received v1 update from 130.1.3.1 on Serial0
00:15:10: 130.1.1.0 in 1 hops

Xem bng nh tuyn trn R2 bng l nh show ip route.

R2# show ip route

Gateway of last resort is not set
130.1.0.0/24 is subnetted, 4 subnets
C 130.1.3.0 is directly connected, Serial0
C 130.1.2.0 is directly connected, Ethernet0
R 130.1.1.0[120/1] via 130.1.3.1, 00:00:25, Serial0
R 130.1.0.0 [120/1] via 10.1.1.1, 00:00:25, Serial0
10.0.0.0/24 is subnetted, 2 subnets
R 10.1.0.0 [120/1] via 130.1.3.1, 00:00:25, Serial0
C 10.1.1.0 is directly connected, Serial0
R2#
__________________
Viet Professionals Co. Ltd. VnPro
---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257 (7 lines)
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support forum: http://vnpro.org
LiveChat : http://www.vnpro.vn/support
Blog VnPro : http://vnpro.org/blog
Forum Wifi : http://wifipro.org

Last edited by tranmyphuc; 25-08-2008 at 10:24 PM.

admin

View Public Profile

Send a private message to admin

Find all posts by admin

#2
20-05-2006, 03:48 PM
f1gali Join Date: May 2006
Junior Member Posts: 22
Newbie

admin i, sao cc bi LAB khng hin ln hnh th.

Mong admin xem li, hu ht bi lab no cng k hin ln hnh. Xin cm n.

f1gali

View Public Profile

Send a private message to f1gali

Find all posts by f1gali

#3
27-09-2006, 08:13 AM
BUU Join Date: Jul 2006
Junior Member Posts: 16
Newbie
cho bc admin
sao em thy dng lnh R1(config-if)# ip address 130.1.3.1 255.255.255.0 secondary co thm
secondary lm g?trong config router cng c ch ny ah

BUU

View Public Profile

Send a private message to BUU

Find all posts by BUU

#4
27-09-2006, 12:24 PM
Join Date: Oct 2005
dangquangminh Location: HCMC
Super Moderator Posts: 3,722
Brainiac

Hi

Ty chn "Secondary" trong cu lnh trn mun ch ra rng a ch IP 130.1.3.1/24 l a ch

ph ca cng trn router. Mt cng (interface) c th c nhiu a ch IP. Tuy nhin hu ht cc
gi tin xut pht t router u dng a ch chnh (primary) trong mi giao dch.

Bn c th dng t kha "secondary" khng hn ch. Xem thm thng tin v cch dng
"secondary" web site ca Cisco:

http://www.cisco.com/univercd/cc/td/....htm#wp1171877

c on ni v c php ca lnh ip address.

Chc thnh cng,

__________________
ng Quang Minh, CCIE#11897 CCSI#31417
Email: [email protected]
Lab 3-10: Redistribute gia RIP v IGRP

Lab 3-10: Redistribute gia RIP v IGRP

M t

Router R1, R3 s dng IGRP qung co thng tin nh tuyn

Router R1, R2 s dng RIP qung co thng tin nh tuyn
Router R1 hot ng nh DCE cung cp xung clock cho R2 v R3
T router R1, R2, R3 ping c ht cc a ch trong mng.

Cu hnh

Router R1
hostname R1
!
enable password vnpro
!
ip subnet-zero
no ip domain-lookup
!
interface Serial0
ip address 9.1.1.1 255.255.255.0
clock rate 64000
!
interface Serial1
ip address 9.1.2.1 255.255.255.0
clock rate 64000
!
router rip
redistribute igrp 10 metric 1
passive-interface Serial1
network 9.0.0.0
!
router igrp 10
redistribute rip metric 128 20000 255 1 1500
passive-interface Serial0
network 9.0.0.0
!
end

Router R2

hostname R2
!
enable password cisco
!
ip subnet-zero
no ip domain-lookup
!
interface Ethernet0
ip address 10.1.1.1 255.255.255.0
!
interface Serial0
ip address 9.1.1.2 255.255.255.0
!
router rip
network 9.0.0.0
network 10.0.0.0
!
end

Router R3

hostname R3
!
enable password vnpro
!
ip subnet-zero
no ip domain-lookup
!
interface Loopback0
ip address 10.1.2.1 255.255.255.0
!
interface Ethernet0
ip address 9.1.3.1 255.255.255.0
!
interface Serial0
ip address 9.1.2.2 255.255.255.0
!
router igrp 10
network 9.0.0.0
network 10.0.0.0
!
end

Cc bc thc hi n

1. t hostname, cu hnh cho cc cng trn router R1

Router> en
Router# conf t
Router(config)# hostname R1
R1(config)# no ip domain-lookup
R1(config)# int Serial0
R1(config-if)# ip addr 9.1.1.1 255.255.255.0
R1(config-if)# clock rate 64000 hot ng nh DCE cung cp xung clock
R1(config-if)# no shut
R1(config-if)# exit

R1(config)# int Serial1

R1(config-if)# ip addr 9.1.2.1 255.255.255.0
R1(config-if)# clock rate 64000 hot ng nh DCE cung cp xung clock
R1(config-if)# no shut

2. t hostname, cu hnh cho cng trn router R2

Router> en
Router# conf t
Router(config)# hostname R2
R2(config)# no ip domain-lookup

R2(config)#int e0
R2(config-if)# ip addr 10.1.1.1 255.255.255.0
R2(config-if)# no keepalive
R2(config-if)# no shut

R2(config-if)# int s0
R2(config-if)# ip addr 9.1.1.2 255.255.255.0
R2(config-if)# no shut

3. t hostname, cu hnh cho cng trn router R3

Router> en
Router# conf t
Router(config)# hostname R3
R3(config)# no ip domain-lookup

R3(config-if)# int Ethernet0

R3(config-if)# ip address 9.1.3.1 255.255.255.0
R3(config-if)# no keepalive
R3(config-if)# no shut

R3(config-if)# int s0
R3(config-if)# ip addr 9.1.2.2 255.255.255.0
R3(config-if)# no shut

4. Cu hnh giao thc nh tuyn IGRP vi AS l 10 trn router R3

R3(config)# router igrp 10 kch hot qu trnh nh tuyn IGRP trn router vi AS l 10
R3(config-router)# network 9.0.0.0 ch ra mng no s chy IGRP
R3(config-router)# end
R3#

+ Lu y rng v IGRP v RIP thu c dng classfull nn se t ng thc hi n

summarization v a chi classfull lp A.

5. Cu hnh giao thc nh tuyn RIP trn router R2

R2(config)# router rip

R2(config-router)# network 9.0.0.0
R2(config-router)# network 10.0.0.0
R2(config-rputer)# end
R2#

6. Cu hnh giao thc nh tuyn RIP v IGRP cho mng 9.0.0.0 trn router R1

R1(config)# router rip

R1(config-router)# network 9.0.0.0
R1(config-router) router igrp 10
R1(config-router)# network 9.0.0.0
R1(config-rputer)# end
R1#

7. Trn router R1, ta cn m bo rng RIP updates khng gi sang R3 (chy IGRP) v
m bo IGRP updates t R3 khng gi sang R2(chy RIP). Do ta cn thc hi n
passive interface trn router R1 m bo khng qung co cc thng tin update ra
mng ngoi.

R1(config)# router rip

m bo RIP updatesR1(config-router)# passive-interface Serial1 khng gi sang R3
R1(config-router)# router igrp 10
m bo IGRP updatesR1(config-router)# passive-interface Serial0 khng gi sang R2

8. Kim tra bng nh tuyn

Dng l nh clear ip route * xo ton b route t bng nh tuyn.

R1# clear ip route *

Xem bng nh tuyn trn R1 bng l nh show ip route.

R1# show ip route

...
Gateway of last resort is not set
9.0.0.0/24 is subnetted, 3 subnets
C 9.1.1.0 is directly connected, Serial0
C 9.1.2.0 is directly connected, Serial1
I 9.1.3.0 [100/80225] via 9.1.2.2, 00:00:31, Serial1
R 10.0.0.0/8 [120/1] via 9.1.1.2, 00:00:15, Serial0
R1#

Xem bng nh tuyn trn R2 bng l nh show ip route.

R2# show ip route

...
9.0.0.0/24 is subnetted, 2 subnets
C 9.1.1.0 is directly connected, Serial0
R 9.1.2.0 [120/1] via 9.1.1.1, 00:00:27, Serial0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Ethernet0
R2#

Xem bng nh tuyn trn R2 ta thy R2 khng kt ni c vi mng 9.1.3.0/24. Do , ta

cn cu hnh redistribute trn router R1 cho phep R2 thy mng 9.1.3.0/24.

Redistribution nh nghia cch thc trao i routing updates gia cc giao thc nh tuyn
khc nhau. Mi giao thc nh tuyn c cch nh nghia v metric khc nhau, do khi
thc hi n
redistribution ta cn phi chuyn i dng metric sao cho ph hp vi giao thc
nh tuyn .

9. R2 thy c R3 ta thc hi n redistribute IGRP trong RIP vi hop count l 1

R1(config)# router rip

R1(config-router)# redistribute igrp 10 metric 1

10. R3 thy c R2 ta thc hi n redistribute RIP trong IGRP, s dng ky t gip ?

 hin th IGRP metric.

R1(config)# router igrp 10

R1(config-router)# redistribute rip ?
Metric Metric for redistributed routed
route-map Route map reference
R1(config-router)# redistribute rip metric ?
&lt;1-4294967295> Bandwidth metric in Kbits per second
R1(config-router)# redistribute rip metric 128 ?
&lt;0-4294967295> IGRP delay metric, in 10 microsecond units
R1(config-router)# redistribute rip metric 128 20000 ?
&lt;0-255> IGRP reliability metric where 255 is 100% reliable
R1(config-router)# redistribute rip metric 128 20000 255 ?
&lt;0-255> IGRP effective bandwidth metric (Loading) where 255 is 100% loaded
R1(config-router)# redistribute rip metric 128 20000 255 1 ?
&lt;0-4294967295> IGRP MTU of the path
R1(config-router)# redistribute rip metric 128 20000 255 1 1500

11. Sau khi cu hnh, thc hi n clear ip route * v xem li bng nh tuyn trn router R2.
Ping mng 9.1.3.0 kim tra a kt ni c vi mng IGRP cha.

R2# show ip route

9.0.0.0/24 is subnetted, 3 subnets
C 9.1.1.0 is directly connected, Serial0
R 9.1.2.0 [120/1] via 9.1.1.1, 00:00:09, Serial0
R 9.1.3.0 [120/1] via 9.1.1.1, 00:00:09, Serial0
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, Ethernet0
R2#

R2#ping 9.1.3.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 9.1.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms

12. Xem bng nh tuyn trn router R3. Ping mng 10.1.1.0 kim tra a kt ni vi
mng RIP cha.

R3# show ip route

9.0.0.0/24 is subnetted, 3 subnets
I 9.1.1.0 [100/84000] via 9.1.2.1, 00:00:58, Serial0
C 9.1.2.0 is directly connected, Serial0
C 9.1.3.0 is directly connected, Ethernet0
I 10.0.0.0/8 [100/102000] via 9.1.2.1, 00:00:58, Serial0
R3#
R3#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 9.1.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms

13. M r ng vn hn, ta thm m t subnet mi vo R3 bng cch cu hnh interface

loopback 10.1.2.1/24 s dng IGRP.

R3(config)# int loopback0

R3(config-if)# ip address 10.1.2.1 255.255.255.0
R3(config-if)# router igrp 10
R3(config-router)# network 10.0.0.0

Ban u, R3 se khng qung co mng 10.0.0.0 n router R1 v R1 chi bit n mng

10.0.0.0/8 thng qua qung co RIP vi AD l 120 t R2.

R1# show ip route

Gateway of last resort is not set
9.0.0.0/24 is subnetted, 3 subnets
C 9.1.1.0 is directly connected, Serial0
C 9.1.2.0 is directly connected, Serial1
I 9.1.3.0 [100/80225] via 9.1.2.2, 00:00:31, Serial1
R 10.0.0.0/8 [120/1] via 9.1.1.2, 00:00:15, Serial0
R1#

Khi IGRP update t R3 gi n R1, bng nh tuyn trn R1 se thay i nh sau:

R1# show ip route

Gateway of last resort is not set
9.0.0.0/24 is subnetted, 3 subnets
C 9.1.1.0 is directly connected, Serial0
C 9.1.2.0 is directly connected, Serial1
I 9.1.3.0 [100/80225] via 9.1.2.2,00:00:53, Serial1
I 10.0.0.0/8 [100/80225] via 9.1.1.2, 00:00:53, Serial1
R1#

Nguyn do ca s thay i ny l do R3 s dng IGRP nn c AD=100 thp hn RIP

(AD=120) nn R1 se gi tt c cc lu lng cho mng 10.0.0.0 qua router R3.

R1#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R1#ping 10.1.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms

14. gii quyt vn ny ta cu hnh static route n R2:

R1(config)# ip route 10.1.1.0 255.255.255.0 Serial0

15. Kim tra kt qu thc hi n

R1# show ip route

Gateway of last resort is not set
9.0.0.0/24 is subnetted, 3 subnets
C 9.1.1.0 is directly connected, Serial0
C 9.1.2.0 is directly connected, Serial1
I 9.1.3.0 [100/80225] via 9.1.2.2, 00:00:53, Serial1
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
S 10.1.1.0/24 is directly connected, Serial0
I 10.0.0.0/8 [100/80225] via 9.1.1.2, 00:00:53, Serial1
R1#

R1#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 0 percent (5/5), round-trip min/avg/max = 16/16/16 ms

R1#pi ng 10.1.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
__________________
Viet Professionals Co. Ltd. VnPro
---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257 (7 lines)
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support forum: http://vnpro.org
LiveChat : http://www.vnpro.vn/support
Blog VnPro : http://vnpro.org/blog
Forum Wifi : http://wifipro.org
Lab 3-11: Cu hnh EIGRP c bn
 Lab 3-11: Cu hnh EIGRP c bn

M t

Router R1, R2 s dng EIGRP qung co thng tin nh tuyn

Router R1 hot ng nh DCE cung cp xung clock cho router R2
T router R1, R2 ping c ht cc a ch trong mng.

- M c nh, EIGRP cho php summarization nn bn cn s dng l nh no auto-summarization

khng cho php t ng thc hi n summarization.
- EIGRP h tr VLSM. Ch rng mng ethernet trn R1 v R2 s dng khong a ch khc
nhau l 131.108.1.0/25 v 131.108.1.128/25.
- Metric ca EIGRP bng metric ca IGRP nhn vi 256.

Cu hnh

Router R1
hostname R1
!
enable mt khu cisco
!
ip subnet-zero
no ip domain-lookup
!
interface Loopback0
ip address 199.100.4.1 255.255.255.0
!
interface Loopback1
ip address 199.100.5.1 255.255.255.0
!
interface Loopback2
ip address 199.100.6.1 255.255.255.0
!
interface Ethernet0
ip address 131.108.1.1 255.255.255.128
!
interface Serial0
ip address 199.100.3.1 255.255.255.0
clock rate 64000
!
router eigrp 234
network 131.108.0.0
network 199.100.3.0
network 199.100.4.0
network 199.100.5.0
network 199.100.6.0
no auto-summary
!
end
Router R2
hostname R2
!
enable mt khu cisco
!
ip subnet-zero
no ip domain-lookup
!
interface Loopback0
ip address 199.100.7.1 255.255.255.0
!
interface Loopback1
ip address 199.100.8.1 255.255.255.0
!
interface Loopback2
ip address 199.100.9.1 255.255.255.0
!
interface Ethernet0
ip address 131.108.1.129 255.255.255.128
!
interface Serial0
ip address 199.100.3.2 255.255.255.0
!
router eigrp 234
network 131.108.0.0
network 199.100.3.0
network 199.100.7.0
network 199.100.8.0
network 199.100.9.0
no auto-summary
!
end

Cc bc thc hi n

1. t hostname, cu hnh cho cng loopback, ethernet v serial trn router R1

Router> en
Router# conf t
Router(config)# hostname R1
R1(config)# no ip domain-lookup
R1(config)# int e0
R1(config-if)# ip addr 131.108.1.1 255.255.255.128
R1(config-if)# no keepalive cho php cng Ethernet vn up khi khng kt ni vi bn ngoi
R1(config-if)# no shut
%LINK-3-UPDOWN: Interface Ethernet0, changed state to up
%LINK-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to up
R1(config-if)# exit

R1(config)# int lo0 nh ngha interface o lm im kim tra

R1(config-if)# ip addr 199.100.4.1 255.255.255.0
R1(config-if)# int lo1
R1(config-if)# ip addr 199.100.5.1 255.255.255.0
R1(config-if)# int lo2
R1(config-if)# ip addr 199.100.6.1 255.255.255.0
R1(config-if)# exit

R1(config-if)# int s0
R1(config-if)# ip addr 199.100.3.1 255.255.255.0
R1(config-if)# clock rate 64000 hot n g nh DCE cung cp xung clock
R1(config-if)# no shut

2. t hostname, cu hnh cho cng loopback, ethernet v serial trn router R2

Router(config)# hostname R2
R2(config)# no ip domain-lookup

R2(config)#int e0
R2(config-if)# ip addr 131.108.1.129 255.255.255.128
R2(config-if)# no keepalive
R2(config-if)# no shut
R2(config-if)# int lo0
R2(config-if)# ip addr 199.100.7.1 255.255.255.0
R2(config-if)# int lo1
R2(config-if)# ip addr 199.100.8.1 255.255.255.0
R2(config-if)# int lo2
R2(config-if)# ip addr 199.100.9.1 255.255.255.0

R2(config-if)# int s0
R2(config-if)# ip addr 192.100.3.2 255.255.255.0
R2(config-if)# no shut

3. Cu hnh giao thc nh tuyn EIGRP v lu cu hnh vo NVRAM trn router R1

R1(config)# router eigrp 234 kch hot qu trnh nh tuyn EIGRP trn router
R1(config-router)# network 131.108.1.0 ch ra mng s qung co v xc nh cng no s
gi v nh n thng tin nh tuyn
R1(config-router)# network 199.100.4.0
R1(config-router)# network 199.100.5.0
R1(config-router)# network 199.100.6.0
R1(config-router)# network 199.100.3.0
R1(config-router)# end
R1# copy run start

4. Cu hnh giao thc nh tuyn EIGRP v lu cu hnh vo NVRAM trn router R2

R2(config)# router eigrp 234

R2(config-router)# network 199.100.7.0
R2(config-router)# network 199.100.8.0
R2(config-router)# network 199.100.9.0
R2(config-router)# network 131.108.1.0
R2(config-router)# network 199.100.3.0
R2(config-rputer)# end
R2# copy run start

Kim tra

1. Dng l nh clear ip route * xo ton b route t bng nh tuyn.

R1# clear ip route *

2. Xem qu trnh gi nh n thng tin nh tuyn IGRP bng l nh debug ip eigrp events

R1# debug ip igrp events

EIGRP event debugging is on

3. Tt ch debug bng l nh undebug all.

R1# undebug all

All possible debugging has been turned off
4. Xem bng nh tuyn eigrp trn R1 v R2 bng l nh show ip route eigrp.

R1# show ip route eigrp

D 199.100.9.0/24 [90/2297856] via 199.100.3.2, 00:00:55, Serial0
D 199.100.8.0/24 [90/2297856] via 199.100.3.2, 00:00:55, Serial0
131.108.0.0/16 is variably subnetted, 2 subnets, 2 masks
D 131.108.0.0/16 is a summary, 00:00:55, Null0
D 199.100.7.0/24 [90/2297856] via 199.100.3.2 00:00:55, Serial0
R1#

Da vo bng nh tuyn, bn c th thy c cc route EIGRP hc t next-hop 199.100.3.2

v i qua cng S0. Trong cc tuyn ng, c 1 tuyn ng i n Null0. Ch y s AD
trong trng hp EIGRP l 90(RIP l 120, IGRP l 100 v OSPF l 110). D c nghia loi
nh tuyn l EIGRP. Metric ca EIGRP bng 256 ln metric ca IGRP.

Ch y rng m c nh EIGRP cho phep t ng thc hi n summarization. Router R1

khng thy mng 131.108.1.128/25 bi v router R1 kt ni trc tip vi mng
131.108.1.0/25. Ta thy tt c cc route n t mng 131.108.0.0/16 u c gi n Null0,
nghia l tuyn ng se b loi b.

5. T router R1, ta thc hi n ping mng 131.108.1.129/25

R1#ping 131.108.1.129
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 131.108.1.130, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R1#

Kt qu l khng c hi p do cc gi gi n null0 se b loi b.

6. gii quyt vn ny ta cn thc hi n l nh no auto-summary khng cho phep

router t ng thc hi n summarization.

R1(config)#router eigrp 234

R1(config-router)#no auto-summary

R2(config)#router eigrp 234

R2(config-router)#no auto-summary

7. Kim tra kt qu thc hi n

R1# show ip route eigrp

D 199.100.9.0/24 [90/2297856] via 199.100.3.2, 00:00:01, Serial0
D 199.100.8.0/24 [90/2297856] via 199.100.3.2, 00:00:01, Serial0
131.108.0.0/16 is variably subnetted, 2 subnets, 2 masks
D 131.108.1.128/25 [90/2195456] via 199.100.3.2, 00:00:01, Serial0
D 199.100.7.0/24 [90/2297856] via 199.100.3.2 00:00:01, Serial0
R1#

R1#ping 131.108.1.129
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 131.108.1.130, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms
R1#

Ch rng mng 131.108.1.128/25 c trong bng nh tuyn. T router R1 ta ping thnh cng
cng Ethernet trn router R2. hiu su thm v vn ny, bn cn tm hiu thm v cc ch
classful, classless v VLSM.
Lab 3-12: Redistribute gia IGRP v EIGRP

Lab 3-12: Redistribute gia IGRP v EIGRP

M t

Mng A s dng giao thc nh tuyn EIGRP trn RouterA, RouterB v RouterC. RouterB ng
vai tr l DCE cung cp xung clock hot ng cho RouterA v RouterC.

Mng B s dng giao thc nh tuyn IGRP trn RouterC v RouterD. RouterC ng vai tr l
DCE cung cp xung clock hot ng cho RouterD.
Bi lab ny s m t cch thc redistribution gia IGRP v EIGRP.

Cu hnh

RouterA
!
hostname RouterA
!
interface Loopback0
ip address 192.1.1.1 255.255.255.0
!
interface Serial0
ip address 192.1.1.1 255.255.255.0
!
router eigrp 100
network 192.1.1.0
network 1.0.0.0
!
end

RouterB
!
hostname RouterB
!
interface Serial0
ip address 192.1.1.2 255.255.255.0
Cung cp xung clock hoat
ng cho RouterAclock rate 64000
!
interface Serial1
ip address 194.1.1.2 255.255.255.0
Cung cp xung clock hoat
ng cho RouterCclock rate 64000
!
router eigrp 100
network 192.1.1.0
network 194.1.1.0
!
end

RouterC
!
hostname RouterC
!
interface Serial0
ip address 194.1.1.1 255.255.255.0
!
interface Serial1
ip address 195.1.1.1 255.255.255.0
Cung cp hoat
ng cho RouterDclock rate 64000
!
router eirgp 100
network 194.1.1.0
!
router igrp 200
network 195.1.1.0
!
end

RouterD
!
hostname RouterD
!
interface Loopback0
ip address 4.4.4.4 255.255.255.0
!
interface Serial0
ip address 195.1.1.2 255.255.255.0
!
router igrp 200
network 195.1.1.0
network 4.0.0.0
!
end

Thc hi n

1. Cu hnh trn RouterA

Router> en
Router# conf t
Router(config)# hostname RouterA
nh ngha interface o lm imRouterA (config)# int lo0 kim tra
RouterA (config-if)# ip addr 1.1.1.1 255.255.255.0
RouterA (config-if)# int s0
RouterA (config-if)# ip addr 192.1.1.1 255.255.255.0
RouterA (config-if)# no shut
RouterA (config-if)#exit

Cu hnh nh tuyn eigrp viRouterA (config)# router eigrp 100 autonomous number l 100
RouterA (config-router)# network 192.1.1.0
RouterA (config-router)# network 1.0.0.0

RouterA (config-router)# end

RouterA# copy run start
RouterA#

2. Cu hnh trn RouterB

Router(config)# hostname RouterB

RouterB (config)# int s0
RouterB (config-if)# ip addr 192.1.1.2 255.255.255.0
Cung cp xung clock hot ngRouterB (config-if)# clock rate 64000 cho RouterA
RouterB (config-if)# no shut
RouterB (config-if)# int s1
RouterB (config-if)# ip addr 194.1.1.2 255.255.255.0
Cung cp xung clock hot ngRouterB (config-if)# clock rate 64000 cho RouterC
RouterB (config-if)# no shut
RouterB (config-if)#exit

Cu hnh nh tuyn eigrp viRouterB (config)# router eigrp 100 autonomous number l 100
RouterB (config-router)# network 192.1.1.0
RouterB (config-router)# network 194.1.1.0
RouterB (config-router)# end
RouterB# copy run start
RouterB#

3. Cu hnh trn RouterC

Router> en
Router# conf t
Router(config)# hostname RouterC
RouterC (config)# int s0
RouterC (config-if)# ip addr 194.1.1.1 255.255.255.0
RouterC (config-if)# no shut
RouterC (config-if)# int s1
RouterC (config-if)# ip addr 195.1.1.1 255.255.255.0
RouterC (config-if)# clock rate 64000

+ Cung cp xung clock hot ng cho RouterD

RouterC (config-if)# no shut
RouterC (config-if)#exit
Cu hnh nh tuyn eigrp viRouterC (config)# router eigrp 100 autonomous number l 100
RouterC (config-router)# network 194.1.1.0
Cu hnh nh tuyn igrpRouterC (config-router)# router igrp 200 vi autonomous number l
200
RouterC (config-router)# network 195.1.1.0
RouterC (config-router)# end
RouterC# copy run start
RouterC#

4. Cu hnh trn RouterD

Router> en
Router# conf t
Router(config)# hostname RouterD
RouterD(config)# int lo0 nh ngha interface o lm im kim tra
RouterD(config-if)# ip addr 4.4.4.4 255.255.255.0
RouterD(config-if)# int s0
RouterD(config-if)# ip addr 195.1.1.2 255.255.255.0
RouterD(config-if)# no shut
RouterD(config-if)#exit
Cu hnh nh tuyn igrp viRouterD(config)# router igrp 200 autonomous number l 200
RouterD(config-router)# network 195.1.1.0
RouterD(config-router)# network 4.0.0.0
RouterD(config-router)# end
RouterD# copy run start
RouterD#

Kim tra

1. Xem bng nh tuyn eigrp trn RouterC bng l nh show ip route.

RouterC# show ip route

D 1.0.0.0/8 [90/2809856] via 194.1.1.2, 00:00:55, Serial0
I 4.0.0.0/8 [100/8976] via 195.1.1.2, 00:00:10, Serial1
D 192.1.1.0/24 [90/2681856] via 194.1.1.2, 00:00:55, Serial0
C 194.1.1.0/24 is directly connected, Serial0
C 195.1.1.0/24 is directly connected, Serial1
RouterC#

Ch rng RouterC hc cc route ca RouterA qua giao thc nh tuyn EIGRP.

2. Xem bng nh tuyn eigrp trn RouterB bng l nh show ip route.

RouterB# show ip route

D 1.0.0.0/8 [90/2297856] via 192.1.1.1, 00:01:50, Serial0
C 192.1.1.0/24 is directly connected, Serial0
C 194.1.1.0/24 is directly connected, Serial1
RouterB#

Ch rng RouterB khng hc cc route xut pht t NetworkB.

3. Xem bng nh tuyn eigrp trn RouterD bng l nh show ip route.

RouterD# show ip route
4.0.0.0/24 is subnetted, 1 subnets
C 4.4.4.0 is directly connected, Loopback0
C 195.1.1.0/24 is directly connected, Serial0
RouterD#

Ch rng RouterB khng hc cc route xut pht t NetworkA. Ti sao IGRP v EIGRP
khng thc hi n automatic redistribution? Nguyn do l IGRP v EIGRP c s AS number khc
nhau, tnh nng automatic redistribution ch thc hi n khi IGRP v EIGRP c cng s AS
number.

EIGRP v IGRP s dng metric c cu trc ging nhau. Do nu cc router chy IGRP v cc
router khc chy EIGRP v c hai u c cng s autonomous system th thng tin nh tuyn s
t ng chia s gia hai h thng.

EIGRP dng 32 bit lu tr metric v IGRP dng 24 bit lu tr metric. Khi cc tuyn
ng EIRGP c chia cho 256 chuyn v cu trc 24 bit ca IGRP v cc tuyn ng
IGRP c nhn cho 256 chuyn v cu trc 32 bit ca EIGRP.

4. Do cn thay i s AS number ca IGRP trn RouterC v RouterD l 100.

RouterC(config)# no router igrp 200

RouterC(config)# router igrp 100
RouterC(config-router)# network 195.1.1.0

RouterD(config)# no router igrp 200

RouterD(config)# router igrp 100
RouterD(config-router)# network 195.1.1.0
RouterD(config-router)# network 4.0.0.0

5. Kim tra li bng nh tuyn trn RouterD bng l nh show ip route

RouterD# show ip route

I 1.0.0.0/8 [100/12976] via 195.1.1.1, 00:00:05, Serial0
4.0.0.0/24 is subnetted, 1 subnets
C 4.4.4.0 is directly connected, Loopback0
I 192.1.1.0/24 [100/12476] via 195.1.1.1, 00:00:05, Serial0
I 194.1.1.0/24 [100/12476] via 195.1.1.1, 00:00:05, Serial0
RouterD#

Ta thy RouterD hc cc route xut pht t NetworkA.

6. Nu khng thay i s AS number ca IGRP th c th thc hi n redistribution t EIGRP sang

IGRP v t IGRP qua EIGRP trn RouterC.

RouterC#config t
Enter configuration commands, one per line. End with CNTL/Z.
RouterC(config)#router igrp 200
RouterC(config-router)#redistribute eigrp 100 metric 2000 200 255 1 1500
RouterC(config-router)#exit
RouterC(config)#router eigrp 100
RouterC(config-router)#redistribute igrp 200 metric 2000 200 255 1 1500
RouterC(config-router)#

7. Cui cng kim tra li bng nh tuyn xem s thay i route trn mi router.
__________________
Viet Professionals Co. Ltd. VnPro
---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257 (7 lines)
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support forum: http://vnpro.org
LiveChat : http://www.vnpro.vn/support
Blog VnPro : http://vnpro.org/blog
Forum Wifi : http://wifipro.org

admin

View Public Profile

Send a private message to admin

Find all posts by admin

#2
11-09-2008, 04:23 PM
Join Date: Sep 2008
blackspy Posts: 67
Member
Member

Redistribution EIGRP-IGRP

Quote:

Originally Posted by admin

Lab 3-12: Redistribute gia IGRP v EIGRP
M t

Mng A s dng giao thc nh tuyn EIGRP trn RouterA, RouterB v RouterC. RouterB
ng vai tr l DCE cung cp xung clock hot ng cho RouterA v RouterC.

Mng B s dng giao thc nh tuyn IGRP trn RouterC v RouterD. RouterC ng vai tr
l DCE cung cp xung clock hot ng cho RouterD.

Bi lab ny s m t cch thc redistribution gia IGRP v EIGRP.

Cu hnh

RouterA
!
hostname RouterA
!
interface Loopback0
ip address 192.1.1.1 255.255.255.0
!
interface Serial0
ip address 192.1.1.1 255.255.255.0
!
router eigrp 100
network 192.1.1.0
network 1.0.0.0
!
end

RouterB
!
hostname RouterB
!
interface Serial0
ip address 192.1.1.2 255.255.255.0
Cungclock rate 64000 cp xung clock hoat ng cho RouterA
!
interface Serial1
ip address 194.1.1.2 255.255.255.0
Cungclock rate 64000 cp xung clock hoat ng cho RouterC
!
router eigrp 100
network 192.1.1.0
network 194.1.1.0
!
end

RouterC
!
hostname RouterC
!
interface Serial0
ip address 194.1.1.1 255.255.255.0
!
interface Serial1
ip address 195.1.1.1 255.255.255.0
Cungclock rate 64000 cp hoat ng cho RouterD
!
router eirgp 100
network 194.1.1.0
!
router igrp 200
network 195.1.1.0
!
end

RouterD
!
hostname RouterD
!
interface Loopback0
ip address 4.4.4.4 255.255.255.0
!
interface Serial0
ip address 195.1.1.2 255.255.255.0
!
router igrp 200
network 195.1.1.0
network 4.0.0.0
!
end

Thc hin

1. Cu hnh trn RouterA

Router> en
Router# conf t
Router(config)# hostname RouterA
nh ngha interfaceRouterA (config)# int lo0 o lm im kim tra
RouterA (config-if)# ip addr 1.1.1.1 255.255.255.0
RouterA (config-if)# int s0
RouterA (config-if)# ip addr 192.1.1.1 255.255.255.0
RouterA (config-if)# no shut
RouterA (config-if)#exit

Cu hnhRouterA (config)# router eigrp 100 nh tuyn eigrp vi autonomous number l

100
RouterA (config-router)# network 192.1.1.0
RouterA (config-router)# network 1.0.0.0

RouterA (config-router)# end

RouterA# copy run start
RouterA#

2. Cu hnh trn RouterB

Router(config)# hostname RouterB

RouterB (config)# int s0
RouterB (config-if)# ip addr 192.1.1.2 255.255.255.0
Cung cpRouterB (config-if)# clock rate 64000 xung clock hot ng cho RouterA
RouterB (config-if)# no shut
RouterB (config-if)# int s1
RouterB (config-if)# ip addr 194.1.1.2 255.255.255.0
Cung cpRouterB (config-if)# clock rate 64000 xung clock hot ng cho RouterC
RouterB (config-if)# no shut
RouterB (config-if)#exit
 Cu hnhRouterB (config)# router eigrp 100 nh tuyn eigrp vi autonomous number l
100
RouterB (config-router)# network 192.1.1.0
RouterB (config-router)# network 194.1.1.0
RouterB (config-router)# end
RouterB# copy run start
RouterB#

3. Cu hnh trn RouterC

Router> en
Router# conf t
Router(config)# hostname RouterC
RouterC (config)# int s0
RouterC (config-if)# ip addr 194.1.1.1 255.255.255.0
RouterC (config-if)# no shut
RouterC (config-if)# int s1
RouterC (config-if)# ip addr 195.1.1.1 255.255.255.0
RouterC (config-if)# clock rate 64000

+ Cung cp xung clock hot ng cho RouterD

RouterC (config-if)# no shut
RouterC (config-if)#exit
Cu hnhRouterC (config)# router eigrp 100 nh tuyn eigrp vi autonomous number l
100
RouterC (config-router)# network 194.1.1.0
CuRouterC (config-router)# router igrp 200 hnh nh tuyn igrp vi autonomous
number l 200
RouterC (config-router)# network 195.1.1.0
RouterC (config-router)# end
RouterC# copy run start
RouterC#

4. Cu hnh trn RouterD

Router> en
Router# conf t
Router(config)# hostname RouterD
RouterD(config)# int lo0 nh ngha interface o lm im kim tra
RouterD(config-if)# ip addr 4.4.4.4 255.255.255.0
RouterD(config-if)# int s0
RouterD(config-if)# ip addr 195.1.1.2 255.255.255.0
RouterD(config-if)# no shut
RouterD(config-if)#exit
Cu hnhRouterD(config)# router igrp 200 nh tuyn igrp vi autonomous number l 200
RouterD(config-router)# network 195.1.1.0
RouterD(config-router)# network 4.0.0.0
RouterD(config-router)# end
RouterD# copy run start
RouterD#

Kim tra

1. Xem bng nh tuyn eigrp trn RouterC bng l nh show ip route.

RouterC# show ip route

D 1.0.0.0/8 [90/2809856] via 194.1.1.2, 00:00:55, Serial0
I 4.0.0.0/8 [100/8976] via 195.1.1.2, 00:00:10, Serial1
D 192.1.1.0/24 [90/2681856] via 194.1.1.2, 00:00:55, Serial0
C 194.1.1.0/24 is directly connected, Serial0
C 195.1.1.0/24 is directly connected, Serial1
RouterC#

Ch rng RouterC hoc cc route ca RouterA qua giao thc nh tuyn EIGRP.

2. Xem bng nh tuyn eigrp trn RouterB bng l nh show ip route.

RouterB# show ip route

D 1.0.0.0/8 [90/2297856] via 192.1.1.1, 00:01:50, Serial0
C 192.1.1.0/24 is directly connected, Serial0
C 194.1.1.0/24 is directly connected, Serial1
RouterB#

Ch rng RouterB khng hoc cc route xut pht t NetworkB.

3. Xem bng nh tuyn eigrp trn RouterD bng l nh show ip route.

RouterD# show ip route

4.0.0.0/24 is subnetted, 1 subnets
C 4.4.4.0 is directly connected, Loopback0
C 195.1.1.0/24 is directly connected, Serial0
RouterD#

Ch rng RouterB khng hoc cc route xut pht t NetworkA. Ti sao IGRP v EIGRP
khng thc hi n automatic redistribution? Nguyn do l IGRP v EIGRP c s AS number
khc nhau, tnh nng automatic redistribution chi thc hi n khi IGRP v EIGRP c cung s
AS number.
EIGRP v IGRP s dng metric c cu trc ging nhau. Do nu cc router chy IGRP v
cc router khc chy EIGRP v c hai u c cung s autonomous system th thng tin nh
tuyn s t ng chia se gia hai h thng.

EIGRP dung 32 bit lu tr metric v IGRP dung 24 bit lu tr metric. Khi cc

tuyn ng EIRGP c chia cho 256 chuyn v cu trc 24 bit ca IGRP v cc tuyn
ng IGRP c nhn cho 256 chuyn v cu trc 32 bit ca EIGRP.

4. Do cn thay i s AS number ca IGRP trn RouterC v RouterD l 100.

RouterC(config)# no router igrp 200

RouterC(config)# router igrp 100
RouterC(config-router)# network 195.1.1.0

RouterD(config)# no router igrp 200

RouterD(config)# router igrp 100
RouterD(config-router)# network 195.1.1.0
RouterD(config-router)# network 4.0.0.0

5. Kim tra li bng nh tuyn trn RouterD bng l nh show ip route

RouterD# show ip route

I 1.0.0.0/8 [100/12976] via 195.1.1.1, 00:00:05, Serial0
4.0.0.0/24 is subnetted, 1 subnets
C 4.4.4.0 is directly connected, Loopback0
I 192.1.1.0/24 [100/12476] via 195.1.1.1, 00:00:05, Serial0
I 194.1.1.0/24 [100/12476] via 195.1.1.1, 00:00:05, Serial0
RouterD#

Ta thy RouterD hoc cc route xut pht t NetworkA.

6. Nu khng thay i s AS number ca IGRP th c th thc hi n redistribution t EIGRP

sang IGRP v t IGRP qua EIGRP trn RouterC.

RouterC#config t
Enter configuration commands, one per line. End with CNTL/Z.
RouterC(config)#router igrp 200
RouterC(config-router)#redistribute eigrp 100 metric 2000 200 255 1 1500
RouterC(config-router)#exit
RouterC(config)#router eigrp 100
RouterC(config-router)#redistribute igrp 200 metric 2000 200 255 1 1500
RouterC(config-router)#

7. Cui cung kim tra li bng nh tuyn xem s thay i route trn mi router.
Anh Admin v mi ngi ch gip mnh nhe!
Sau khi thay i AS ti Router C va D m ping (check) th ko thng (th ti Router A-->ping
n cc interface)---->c th:
_Ti Router C:
no router igrp 200
router igrp 100
net 195.1.1.0
_Ti Router D:
no router igrp 200
router igrp 100
net 195.1.1.0
net 4.0.0.0
Help me!
Thanks for view!

blackspy

View Public Profile

Send a private message to blackspy

Find all posts by blackspy

#3
27-02-2009, 03:00 PM
tuanqn79 Join Date: Mar 2008
Junior Member Posts: 7
Newbie

6. Nu khng thay i s AS number ca IGRP th c th thc hi n redistribution t EIGRP

sang IGRP v t IGRP qua EIGRP trn RouterC.

RouterC#config t
Enter configuration commands, one per line. End with CNTL/Z.
RouterC(config)#router igrp 200
RouterC(config-router)#redistribute eigrp 100 metric 2000 200 255 1 1500[/COLOR]
RouterC(config-router)#exit
RouterC(config)#router eigrp 100
RouterC(config-router)#redistribute igrp 200 metric 2000 200 255 1 1500
RouterC(config-router)#

cho mnh hi nhng gi tr trn c ngha g vy????????

tuanqn79

View Public Profile

Send a private message to tuanqn79

Find all posts by tuanqn79

#4
27-02-2009, 06:32 PM
Join Date: Oct 2005
dangquangminh Location: HCMC
Super Moderator Posts: 3,722
Brainiac

Cc gi tr l

BW: bng thng ca ng truyn

DLY: tr delay
LOAD: lu lng ca ng truyn
MTU: Kch thc ln nht ca mt gi tin m ng truyn chp nhn.
__________________
ng Quang Minh, CCIE#11897 CCSI#31417
Email: [email protected]

Viet Professionals Co. Ltd. (VnPro)

149/1D Ung Vn Khim P25 Q.Bnh thnh TPHCM
Tel: (08) 35124257 Fax: (08) 35124314
Home :http://www.vnpro.vn
Blog :http://vnpro.org/blog
Support forum :http://vnpro.org
LiveChat :http://vnpro.vn/support

dangquangminh

View Public Profile

Send a private message to dangquangminh

Visit dangquangminh's homepage!

 Find all posts by dangquangminh

#5
26-03-2009, 01:35 AM
lapnghiepit Join Date: Jan 2009
Junior Member Posts: 4
Newbie
Em nghe m chng hiu g c ^!^

Em c xong m nh tu ha nhp ma . Hm nay em mi ngi c li my bi hm trc

thy em dy m thy m h qu
Ton pro thy mnh g qu . Phi c gng no , S2 nghe c v kh qu , thi khng qua th cht
em

Lab 3-13: Cu hnh OSPF c bn (wth file .net)

Ngun: Sch CCNA Labpro

LAB 3-13: CU HNH OSPF C BN

M t:
Router Ra, R2 s dng OSPF qung b thng tin nh tuyn
Router R1 hot ng nh DCE cung cp xung clock cho R2
Cc router cu hnh giao thc nh tuyn OSPF lin lc gia cc area.
T router R1, R2 ping c ht cc a ch trong mng.

OSPF dng gii thut SPF tnh tan ng i. Gii thut ny cn c gi l gii thut
Dijkstra. Cc routing protocol nhm link state khng broadcast tan b thng tin v bng nh
tuyn ging nh RIP/IGRP v thay vo , OSPF s dng mt qu trnh khm ph cc lng
ging (neighbor). Cc lng ging cng c th c nh ngha tnh.
Router lng ging l cc router khc, cng chy OSPF, c chung subnet vi router hin hnh. Khi
cc router thit lp quan h lng ging vi nhau, cc router bt u trao i cc thng tin v
hnh (topology) ca mng. Gii thut SPF s chy trn cc database ny tnh ra cc ng i
tt nht.
Trong ospf nh ngha mt s vng c bn sau:
1. Stub Area: y l vng s khng nhn nhng routing update t bn ngoi (Type 5) nhng vn
nhn update t nhng Area lng ging (Type 3)
2. Totaly stub Area: y c th coi l vng cc oan nht n khng nhn bt c routing update
no, v trong bng routing ca n ch c mt routing ra ngoai duy nht l default route. vng ny
thch hp cho nhng site xa c t network v cn s gii hn kt ni ra bn ngoi.
3. NSSA Stub Area: y l vng c s dng khi kt ni n ISP hoc khi c s redistribute
gia cc routing protocol khc nhau. vng ny s nhn cc route t bn ngoi di dng type 7
v s chuyn i type 7 ny thnh type 5 qung b vo cc Area khc ti con NNSA ABR.
4. Backbone Area: y chnh l vng Area 0 v n connect ti tt c cc area khc cn li, nu
mt area no mun ni ti Area0 nhng khng ni trc tip c th lc ta phi tao virtual
link cho Area ny.
Cu hnh:
Router R1
hostname R1
!
enable password cisco
!
ip subnet-zero
no ip domain-lookup
!
interface Loopback0
ip address 131.108.4.1 255.255.255.255
!
interface Loopback1
ip address 131.108.4.2 255.255.255.255
!
interface Loopback2
ip address 131.108.4.3 255.255.255.255
!
interface Ethernet0
ip address 131.108.1.1 255.255.255.0
!
interface Serial0
ip address 131.108.3.1 255.255.255.252
clock rate 64000
!
router ospf 1
network 131.108.1.0 0.0.0.255 area 1
network 131.108.3.1 0.0.0.0 area 0
network 131.108.4.1 0.0.0.0 area 1
network 131.108.4.2 0.0.0.0 area 1
network 131.108.4.3 0.0.0.0 area 1
!
end
Router R2
hostname R2
!
enable password cisco
!
ip subnet-zero
no ip domain-lookup
!
interface Loopback0
ip address 131.108.4.4 255.255.255.255
!
interface Loopback1
ip address 131.108.4.5 255.255.255.255
!
interface Loopback2
ip address 131.108.4.6 255.255.255.255
!
interface Ethernet0
ip address 131.108.2.1 255.255.255.0
!
interface Serial0
ip address 131.108.3.2 255.255.255.252
!
router ospf 2
network 131.108.2.0 0.0.0.255 area 2
network 131.108.3.2 0.0.0.0 area 0
network 131.108.4.4 0.0.0.0 area 2
network 131.108.4.5 0.0.0.0 area 2
network 131.108.4.6 0.0.0.0 area 2
!
end
Cc bc thc hin:
1. t hostname, cu hnh cho interface loopback, ethernet v serial trn Router R1.
Router> en
Router# conf t
Router(config)# hostname R1
R1(config)# no ip domain-lookup
R1(config)# int e0
R1(config-if)# ip addr 131.108.1.1 255.255.255.0
R1(config-if)# no keepalive
R1(config-if)# no shut
%LINK-3-UPDOWN: Interface Ethernet0, changed state to up
%LINK-5-UPDOWN: Line protocol on Interface Ethernet0, changed
state to up
R1(config-if)# exit

R1(config)# int lo0

R1(config-if)# ip addr 131.108.4.1 255.255.255.255
R1(config-if)# int lo1
R1(config-if)# ip addr 131.108.4.2 255.255.255.255
R1(config-if)# int lo2
R1(config-if)# ip addr 131.108.4.3 255.255.255.255
R1(config-if)# exit

R1(config-if)# int s0
R1(config-if)# ip addr 131.108.3.1 255.255.255.252
R1(config-if)# clock rate 64000
R1(config-if)# no shut
2. t hostname, cu hnh cho interface loopback, ethernet v serial trn Router R2.
Router> en
Router# conf t
Router(config)# hostname R2
R2(config)# no ip domain-lookup

R2(config)#int e0
R2(config-if)# ip addr 131.108.2.1 255.255.255.0
R1(config-if)# no keepalive
R2(config-if)# no shut

R2(config-if)# int lo0

R2(config-if)# ip addr 131.108.4.4 255.255.255.255
R2(config-if)# int lo1
R2(config-if)# ip addr 131.108.4.5 255.255.255.255
R2(config-if)# int lo2
R2(config-if)# ip addr 131.108.4.6 255.255.255.255

R2(config-if)# int s0
R2(config-if)# ip addr 131.108.3.2 255.255.255.252
R2(config-if)# no shut
3. Cu hnh giao thc nh tuyn OSPF vi process number l 1 trn router R1 v lu cu hnh
ln NVRAM.
R1(config)# router ospf 1
R1(config-router)# network 131.108.1.0 0.0.0.255 area 1
R1(config-router)# network 131.108.4.1 0.0.0.0 area 1
R1(config-router)# network 131.108.4.2 0.0.0.0 area 1
R1(config-router)# network 131.108.4.3 0.0.0.0 area 1
R1(config-router)# network 131.108.3.1 0.0.0.0 area 0
R1(config-router)# end
R1# copy run start
Ch :
- Gi tr process ch mang ngha cc b trn mi router, c th chy cng lcn hiu process ospf
khc nhau.
- Wildcard mask 0.0.0.0 s ch chnh xc a ch no c kim tra
Wildcard mask 0.0.0.255 ngha l ch 3 octet u s b kim tra
- V d network 131.108.1.0 0.0.0.255 ngha l s kim tra cc a ch t 131.108.1.1 n
131.108.1.254.

4. Cu hnh giao thc nh tuyn OSPF vi process number l 2 trn router R2 v lu cu hnh
ln NVRAM.
R2(config)# router ospf 2
R2(config-router)# network 131.108.2.1 0.0.0.255 area 2
R2(config-router)# network 131.108.4.4 0.0.0.0 area 2
R2(config-router)# network 131.108.4.5 0.0.0.0 area 2
R2(config-router)# network 131.108.4.6 0.0.0.0 area 2
R2(config-router)# network 131.108.3.2 0.0.0.0 area 0
R2(config-router)# end
R2# copy run start
- Trong ospf c s dng ba ID:
Router ID: c gi i t cc router trong cc gi tin hello.N c di 32bit.No c gi
tr bng a ch a ch IP ln nht c s dng trn router.Nu trn router c giao din
loopback c cu hnh th router ID bng a ch IP ca giao din loopback .Trong
trng hp c nhiu giao din loopback th n ly a ch ln nht ca giao din loopback
lm router ID.Router ID c s dng phn bit cc router nm trong cng mt
autonmous system.
Process ID: l tham s cu hnh khi ta nh lnh router ospf prcess-id.

Area ID: l tham s group mt nhm cc router vo cng mt area.Cc router ny

cng chia s hiu bit v cc ng hc c trong min OSPF. Vic chia thnh nhiu
area l tin vic qun l ng thi n gip ta gii hn kch thc ca topology
database, gi s nu ta c duy nht mt vng vi kch thc ln th lc ta cng s c
mt topology database rt ln tng ng khin cho vic x l ca router chm i.......

Kim tra v gii quyt s c:

Dng l nh clear ip route * xo ton b route t bng nh tuyn.
R1# clear ip route *
Dng l nh clear ip ospf process ho c reload kch hot li qu trnh nh tuyn
ospf.
R1#clear ip ospf process
Xem qu trnh gi nh n thng tin nh tuyn OSPF bng l nh debug ip ospf events, debug ip
ospf packet.
R1#debug ip ospf events

OSPF:hello with invalid timers on interface Ethernet0

hello interval received 10 configured 10
net mask received 255.255.255.0 configured 255.255.255.0
dead interval received 40 configured 30

R1# debug ip ospf packet

OSPF: rcv. v:2 t:1 l:48 rid:200.0.0.117
aid:0.0.0.0 chk:6AB2 aut:0 auk:
R1#debug ip ospf packet
OSPF: rcv. v:2 t:1 l:48 rid:200.0.0.116
aid:0.0.0.0 chk:0 aut:2 keyid:1 seq:0x0
Tt ch debug bng l nhundebug all.
R1# undebug all
All possible debugging has been turned off
Xem bng nh tuyn trn R1 bng l nh show ip route.
R1# show ip route
...
Gateway of last resort is not set

131.108.0.0/16 is variably subnetted, 9 subnets, 3 masks

C 131.108.4.3/32 is directly connected, Loopback2
C 131.108.4.2/32 is directly connected, Loopback1
C 131.108.4.1/32 is directly connected, Loopback0
C 131.108.3.0/30 is directly connected, Serial0
O IA 131.108.4.6/32 [110/65] via 131.108.3.2, 00:01:29, Serial0
O IA 131.108.2.0/24 [110/74] via 131.108.3.2, 00:01:29, Serial0
O IA 131.108.4.5/32 [110/65] via 131.108.3.2, 00:01:29, Serial0
C 131.108.1.0/24 is directly connected, Ethernet0
O IA 131.108.4.4/32 [110/65] via 131.108.3.2, 00:01:29, Serial0
R1#
T R1, bn c th thy c 4 route OSPF hc t next-hop 131.108.3.2 v i qua cng S0. Ch s
AD trong trng hp OSPF l 110 (RIP l 120 v IGRP l 100). K t O ch ra y l route loi
OSPF, IA ch rng mng xa thu c area khc.
Dng l nh show ip route ospf trn router R2 xem cc route OSPF
R2# show ip route ospf
131.108.0.0/16 is variably subnetted, 9 subnets, 3 masks
O IA 131.108.4.3/32 [110/782] via 131.108.3.2, 00:13:09, Serial0
O IA 131.108.1.0/24 [110/791] via 131.108.3.2, 00:12:54, Serial0
O IA 131.108.4.2/32 [110/782] via 131.108.3.2, 00:13:09, Serial0
O IA 131.108.4.1/32 [110/782] via 131.108.3.2, 00:13:09, Serial0
R2#

admin

View Public Profile

Send a private message to admin

Send email to admin

Find all posts by admin

 Add admin to Your Contacts

#2
18-04-2008, 04:07 PM
huongnguyen Join Date: Apr 2008
Junior Member Posts: 4
Newbie

bac nao co phan ospf tieng viet ko cho e voi

huongnguyen

View Public Profile

Send a private message to huongnguyen

Find all posts by huongnguyen

Add huongnguyen to Your Contacts

#3
21-04-2009, 11:52 AM
tefani_vn Join Date: Apr 2009
Junior Member Posts: 1
Newbie

IT m dng ting vit th cn lm n g na bn y! C gng m nhn ci english i thi. N rt

d m
Lab 4-1: Standard Access-List (with file .net)

Ngun: Sch CCNA Labpro

LAB 4-1: STANDARD ACCESS-LIST

M t:
Accesslist dng gim st lu lng vo hoc ra trn mt cng. Cc iu kin so snh da
vo access-list c nh ngha trc, c th n gin (standard access list) hay kh phc tp
(extended access list).
Lab ny m t lc gi d liu s dng standard access-list thc hin cm tt c d liu t PC2
v cc PC trong mng 200.200.200.0/24 n tt c Pc trong mng 172.16.0.254/16

Cu hnh:
Router R2:
!
hostname R2
!
interface Loopback0
ip address 162.16.0.1 255.255.0.0
no ip directed-broadcast
!
interface FastEthernet0/0
ip address 172.16.0.254 255.255.0.0
ip access-group 1 out <- lc cc gi i ra khi cng F0/0 ca
router
no ip directed-broadcast
!
interface Serial0/0
ip address 203.162.0.2 255.255.255.0
no ip directed-broadcast
clockrate 64000
!
ip classless
ip route 192.168.0.0 255.255.255.0 203.162.0.1 <- Cu hnh nh
tuyn tnh cho router
ip route 200.200.200.0 255.255.255.0 203.162.0.1
no ip http server
!
access-list 1 deny 192.168.0.2 0.0.0.0 <- Cm PC2
access-list 1 deny 200.200.200.0 0.0.0.255 <- Cm tt c PC trong
mng 200
access-list 1 permit any <- phi c lnh ny v mc nh cui
access-list s l cm tt c (deny)
!
line con 0
transport input none
line aux 0
line vty 0 4
no login <- cho phep router kg cn mt khu
!
end
Router R1:
!
hostname R1
!
no ip domain-lookup
!
interface Loopback0
ip address 200.200.200.1 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.0.254 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
ip address 203.162.0.1 255.255.255.0
no fair-queue
!
ip classless
ip route 162.16.0.0 255.255.0.0 203.162.0.2
ip route 172.16.0.0 255.255.0.0 203.162.0.2
no ip http server
!
line con 0
transport input none
line aux 0
line vty 0 4
no login
!
end
Thut ng lin quan:
- Wilcard mask: wilcard mask bit no trong a ch IP s c b qua khi so snh vi a ch IP
khc. <1> trong wildcard mask c ngha b qua v tr bit khi so snh vi a ch IP, v <0> xc
nh v tr bit phi ging nhau. Vi Standard access-list, nu khng thm wildcard mask trong
cu lnh to access-list th 0.0.0.0 ngm hiu l wildcard mask. Vi standard access list, nu
khng thm wilcard mark trong cu l n h to access-list th 0.0.0.0 ngm hiu l wildcard mask.
- Inbound v outbound: Khi p dng m t accesslist trn m t cng, phi xc nh accesslist
phi c dng cho lung d li u vo (inbound) hay ra (outbound). M c nh accesslist p
dng vi lung d li u outbound.
- Chiu ca lung d li u xc nh trn cng ca router. Chng hn, ly v d hnh bn di:
RouterA mun loi b (deny) tt c lung d li u t host 150.1.1.2 ti PCA (152.1.1.2). C hai
ni c th p dng accesslist trn RouterA: inbound accesslist p dng trn cng serial hay
outbound accesslist p dng trn cng Ethernet. Tt nht l p dng accesslist trn cng gn
ni lung d li u s b loi b.

Thc hin:
Hai bc cu hnh access list trn router:
1. To access list ti global config mode:
To access-list trn R2 cm PC2 v mng 200.200.200.0/24.
R2(config)# access-list 1 deny 192.168.0.2 0.0.0.0
R2(config)# access-list 1 deny 200.200.200.0 0.0.0.255
R2(config)# access-list 1 permit any
2. Ap access-list vo cng
Ap access-list ny vo chiu ra ca cng F0/0 trn R2.
Khi p access-list vo m t cng, xem nh ang trn router. V v y nu mun cm d li u i ra
khi cng, ta dng t kha out; mun cm d li u vo m t cng, ta dng t kha in.
V standard access-list ch kim tra c a ch ngun nn phi p access-list vo cng gn
ch nht.
R2(config)# cng f0/0
R2(config-if)# ip access-group 1 out
Kim tra:
Dng extended ping trn R1, ly a ch ngun l 200.200.200.1 ho c
192.168.0.2 l nh ping s khng thnh cng.
R1#ping
Protocol [ip]:
Target IP address: 172.16.0.3
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 200.200.200.1
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.3, timeout is 2
seconds:
U.U.U <- khng th ti c (Unreachable)
Success rate is 0 percent (0/5)
L nh ping khng thnh cng do access-list hot ng trn R2, kim tra cc gi vo trn R2
bng l nh debug ip packet. Lu rng cc gi b loi b bn tin ICMP host unreachable c
gi ngc tr li R1:
R2#debug ip packet
IP packet debugging is on
R2#
IP: s=200.200.200.1 (Serial0/0), d=172.16.0.3 (FastEthernet0/0),
len 100,
access denied
IP: s=203.162.0.2 (local), d=200.200.200.1 (Serial0/0), len 56,
sending <- gi bn tin ICMP host unreachable
Dng extended ping trn R2 ti PC3, ly a ch ngun l 162.16.0.1
R2#ping
Protocol [ip]:
Target IP address: 172.16.0.3
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 162.16.0.1
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.3, timeout is 2
seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4
ms
C th ping PC3 t PC1 c do accesslist ch cm PC2 vo mng 172.16.0.0/24
C:\Windows\Desktop>ping 172.16.0.3
Pinging 172.16.0.3 with 32 bytes of data:
Reply from 172.16.0.3: bytes=32 time=18ms TTL=126
Reply from 172.16.0.3: bytes=32 time=18ms TTL=126
Reply from 172.16.0.3: bytes=32 time=18ms TTL=126
Reply from 172.16.0.3: bytes=32 time=18ms TTL=126

Ping statistics for 172.16.0.3:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 18ms, Maximum = 18ms, Average = 18ms

admin

View Public Profile

Send a private message to admin

Send email to admin

Find all posts by admin

 Add admin to Your Contacts

#2
07-05-2007, 11:45 PM
tueminh204 Join Date: Jun 2006
Junior Member Posts: 10
Newbie

anh Minh cho em hi, nu m mnh m phng bng file net th mnh ly PC1,PC2 u ra m
test. trong file net em ko thy c cu hnh cho PC
__________________

PHONG CH L NHT THI. NG CP MI L MI MI...

Website
------oOo-----
CCNP Loading ....

tueminh204

View Public Profile

Send a private message to tueminh204

Find all posts by tueminh204

Add tueminh204 to Your Contacts

#3
08-05-2007, 10:58 PM
Join Date: Oct 2005
dangquangminh Location: HCMC
Super Moderator Posts: 3,722
Brainiac

hi

bn c th m phng 1 PC bng cch dng router.

C ngha l, mt router c a ch IP, tt qu trnh nh tuyn IP trong router th n tng

ng IP host.

V d:

R1# no ip routing
R1# ip default-gateway 10.1.1.1
R1#interface f0/0
#ip address 10.1.1.2 255.255.255.0

Lc ny, R1 ging nh mt IP host c a ch IP l 10.1.1.2, c default gateway l 10.1.1.1.

Vy, bn sa li file net trn, thm phn c t cho mt router na l xong.

__________________
ng Quang Minh, CCIE#11897 CCSI#31417
Email: [email protected]

Viet Professionals Co. Ltd. (VnPro)

149/1D Ung Vn Khim P25 Q.Bnh thnh TPHCM
Tel: (08) 35124257 Fax: (08) 35124314
Home :http://www.vnpro.vn
Blog :http://vnpro.org/blog
Support forum :http://vnpro.org
LiveChat :http://vnpro.vn/support

dangquangminh

View Public Profile

Send a private message to dangquangminh

Send email to dangquangminh

Visit dangquangminh's homepage!

Find all posts by dangquangminh

Add dangquangminh to Your Contacts

#4
15-05-2007, 11:55 PM
tueminh204 Join Date: Jun 2006
Junior Member Posts: 10
Newbie
cm n anh minh nhiu .
cho em hi ci ny c phi l PA-4T l 4 cng serial ko? th cn PA-C7200-IO-FE c ngh l g,
chng trnh ny c th m phng SWitch c ko h
__________________

PHONG CH L NHT THI. NG CP MI L MI MI...

Website
------oOo-----
CCNP Loading ....

tueminh204

View Public Profile

Send a private message to tueminh204

Find all posts by tueminh204

Add tueminh204 to Your Contacts

#5
14-06-2007, 01:28 PM
ThanhLoc Join Date: Jun 2007
Junior Member Posts: 1
Newbie

Anh Minh men,

Anh cho minh hoi tai sao phai cau hinh them phan interface loopback cho Router

vay?

Truong hop neu nhu khong cau hinh interface loopback thi mang co van de gi

khong?

Cam on anh Minh nhieu!

ThanhLoc

View Public Profile

Send a private message to ThanhLoc

Find all posts by ThanhLoc

Add ThanhLoc to Your Contacts

#6
28-02-2008, 07:45 AM
hkien Join Date: Oct 2006
Member Posts: 79
Member

nu nh th th ngc li, PC3,4 c th ping c PC2 khng cc anh??

hkien

View Public Profile

Send a private message to hkien

Find all posts by hkien

Add hkien to Your Contacts

#7
29-02-2008, 10:32 PM
MoCo Join Date: Nov 2007
Member Posts: 56
Member

PC3,4 khng ping uc pc2.

MoCo

View Public Profile

 Send a private message to MoCo

Find all posts by MoCo

Add MoCo to Your Contacts

#8
05-06-2008, 09:11 AM
VinhNam1904 Join Date: Dec 2007
Member Posts: 82
Member
Hi

Quote:

hi

bn c th m phng 1 PC bng cch dng router.

C ngha l, mt router c a ch IP, tt qu trnh nh tuyn IP trong router th n tng

ng IP host.

V d:

R1# no ip routing
R1# ip default-gateway 10.1.1.1
R1#interface f0/0
#ip address 10.1.1.2 255.255.255.0

Lc ny, R1 ging nh mt IP host c a ch IP l 10.1.1.2, c default gateway l 10.1.1.1.

Vy, bn sa li file net trn, thm phn c t cho mt router na l xong.

Theo nhu mo hinh trong Labpro thi tu router R1 noi vao 2PC wa cong F0/0 (chi co 1 cong thi
lam sao noi dc voi 2 PC do router gia lap lam IP host vay anh Minh)hay la minh fai them 1
cong nua de noi vao PC thu 2 trong file .NET

Lab 4-2: Extended Access-List (with file .net)

Ngun: Sch CCNA Labpro

LAB 4-2: EXTENDED ACCESS-LIST

M t:
Lab ny m t cch lc cc gi s dng extended access-list. Router A cho php tt c lu lu
lng t PCC (150.1.1.2) n PCA (152.1.1.2) v t chi tt c cc lu lng t PCC (150.1.1.2)
ti PCB (152.1.1.3). Extened Access-list c s dng v cn lc trn c a ch IP ngun v
ch.
Router A v RouterB ni bng ng serial v t a ch IP nh trn hnh. RouterA v RouterB
c a ch IP secondary to trn cng Ethernet lm im kim tra.
Access-list c dng lc ng vo trn cng serial ca RouterA, cho php cc gi t PCC
150.1.1.2 ti PCA v khng cho php cc gi t PCC ti PCB.
Cu hnh:
Router A:
!
hostname RouterA
!
no ip domain-lookup
!
interface Ethernet0
ip address 152.1.1.2 255.255.255.0 secondary a ch IP th hai
lm im kim tra
ip address 152.1.1.3 255.255.255.0 secondary
ip address 152.1.1.1 255.255.255.0
no keepalive v hi u ha keepalive trn router cho php cng
ethernet0 vn up khi khng kt ni ra bn ngoi
!
interface Serial0
ip address 195.1.1.4 255.255.255.0
ip access-group 100 in Dung Access-list 100 cho tt c lu
lng vo trn ng serial0
!
no ip classless
ip route 150.1.1.0 255.255.255.0 Serial0 dung nh tuyn tnh
(khng dung nh tuyn ng)
ip route 151.1.1.1 255.255.255.255 Serial0

access-list 100 permit ip host 150.1.1.2 host 152.1.1.2 log

tng hp cc bn tin thng tin v cc gi tho iu ki n.
access-list 100 deny ip host 150.1.1.2 host 152.1.1.3 log Loi
tt c cc gi IP t 150.1.1.2 ti 152.1.1.3; tng hp bn tin
thng bo v cc gi tho iu ki n.
(Chu y: tt ca cac goi khac ngm hiu la bi loai bo; tt ca cac
access list u kt thuc bng cu l nh loai bo tt ca)
!
!
line con 0
line vty 0 4
login
!
end

Router B:
!
hostname RouterB
!
interface Loopback0
ip address 150.1.1.1 255.255.255.255
!
interface Ethernet0
ip address 150.1.1.2 255.255.255.0 secondary
ip address 150.1.1.1 255.255.255.0
no keepalive
!
interface Serial0
ip address 195.1.1.10 255.255.255.0
clock rate 64000
!
no ip classless
ip route 152.1.1.0 255.255.255.0 Serial0
!
line con 0
line vty 0 3
login
!
end
Ch :Khi to access list tt c cc mc tun t theo th t nh khi ta nh vo. Tt c cc cu
l nh thm vo sau s t v tr tip ca access list. Cui access list lun c cu l nh loi b
tt c, do m t access list phi c t nht m t l n h permit. Tt nht l son tho access list
trc (dng Notepad chng hn) sau cut v paste vo CLI ca router.

Kim tra:
- S dng ping m r ng (extended ping) trn RouterB hng gi ti cc a ch IP secondary to
ra trong cu hnh dng a ch ngun khc nhau (cch ny dng thay cho nhiu PC trong mng
LAN ca RouterA v RouterB).
1. T RouterB, ping 152.1.1.3 dng ngun l 1501.1.2
Dng l nh debug ip packet trn RouterA, ta thy cc gi b loi b v bn tin ICMP host
unreachable c gi
IP: s=150.1.1.2 (Serial0), d=152.1.1.3, len 100, access denied
IP: s=195.1.1.4 (local), d=150.1.1.2 (Serial0), len 56, sending
ICMP host unreachable
Dng l nh show ip access-list trn RouterA. Ch cc dng hin th ch loi access list v s
cc iu ki n tho ca mi mc.
RouterA#show ip access-lists
Extended IP access list 100
permit ip host 150.1.1.2 host 152.1.1.2 log (5 matches)
deny ip host 150.1.1.2 host 152.1.1.3 log (105 matches)
Ty chn log s tng hp cc bn tin thng bo mi gi tho iu ki n . T kha log c t
cui cu l nh access-list. Bn tin logging l cng c tt kim sot li access list.
SEC-6-IPACCESSLOGDP: list 100 denied icmp 150.1.1.2 -> 152.1.1.3
(0/0). 4 packets
2. T RouterB, ping 152.1.1.3 dng ngun 150.1.1.2
Ti RouterA, l nh debug ip packet hin th trn RouterA, ta c th thy cc gi c cho php.
IP: s=150.1.1.2 (Serial0), d=152.1.1.2, len 100, rcvd 7
Dng l n h show ip access-list xem s lng cc gi tho iu ki n .
RouterA# show ip access-lists
Extended IP access list 100
permit ip host 150.1.1.2 host 152.1.1.2 log (308 matches)
deny ip host 150.1.1.2 host 152.1.1.3 log

admin

View Public Profile

Send a private message to admin

Send email to admin

Find all posts by admin

Add admin to Your Contacts

#2
13-04-2007, 10:31 PM
dongthong Join Date: Apr 2007
Junior Member Posts: 14
Newbie

dai ca cho em hoi cai : file.net la cai gi the , neu muon co thi tai o dau vay

dongthong

View Public Profile

 Send a private message to dongthong

Send email to dongthong

Find all posts by dongthong

Add dongthong to Your Contacts

#3
23-10-2007, 11:45 AM
Truongxuancuong Join Date: Sep 2007
Junior Member Posts: 1
Newbie

hay lm,mnh rt kt bi ny

Truongxuancuong

View Public Profile

Send a private message to Truongxuancuong

Send email to Truongxuancuong

Find all posts by Truongxuancuong

Add Truongxuancuong to Your Contacts

#4
06-11-2007, 07:43 PM
messi Join Date: Nov 2007
Junior Member Posts: 2
Newbie

lm th no cm cc my ngoi mng Ping vo mng ca mnh c ? thank you

messi

View Public Profile

Send a private message to messi

Send email to messi

Find all posts by messi

Add messi to Your Contacts

#5
06-11-2007, 08:32 PM
Join Date: Jan 2007
tranmyphuc Location: hcmC
Member Posts: 3,251
Brainiac

Bn c th lm nh th ny
t thm mt access-list mi . VD:
access-list 101 deny icmp any <mng bn trong ca mnh>.
access-list 101 permit ip any any.

sau ta vo cng ni vi mng ngoi apply theo chiu in. vd :cng fa0/1
int fa0/1
ip access-group 101 in

v cng i vo mng trog ca mnh ngay trn router trn . VD cng fa0/0
int fa0/0
ip access-group 101 out

CHc bn vui
__________________
Lab 4-3: Kim sot truy cp vo Router (with file .net)

Ngun: Sch CCNA Labpro

LAB 4-3: KIM SOT TRUY CP VO ROUTER

M t:
Access-list c th dng kim sot cc kt ni telnet ti router. Access-list cho php xc nh
trm no c telnet vo router da trn a ch IP. Lab ny m t cc hn ch truy cp vo
router thng qua giao din web v telnet s dng stadard access-list, theo cc yu cu sau:
Ch cho PC1 telnet vo R2.
 Ch cho R1 telnet vo R2 vi a ch ngun l 200.200.200.1

Ch cho PC2 truy cp vo R2 qua giao din web.

Cu hnh:
Router R1:
!
hostname R1
!
enable password cisco
!
ip subnet-zero
!
ip telnet source-interface Loopback0 <- dung thay i a ch
ngun ca cc gi telnet t router ny
no ip domain-lookup
!
interface Loopback0
ip address 200.200.200.1 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.0.254 255.255.255.0
duplex auto
speed auto
no shutdown
!
interface Serial0/0
ip address 203.162.0.1 255.255.255.0
no shut
!
ip classless
ip route 162.16.0.0 255.255.0.0 203.162.0.2
ip route 172.16.0.0 255.255.0.0 203.162.0.2
no ip http server
!
line con 0
transport input none
line aux 0
line vty 0 4
no login
!
end
Router R2:
!
hostname R2
!
enable password cisco
!
ip subnet-zero
no ip domain-lookup
!
interface Loopback0
ip address 162.16.0.1 255.255.0.0
no ip directed-broadcast
!
interface FastEthernet0/0
ip address 172.16.0.254 255.255.0.0
no ip directed-broadcast
!
interface Serial0/0
ip address 203.162.0.2 255.255.255.0
no ip directed-broadcast
clockrate 64000
!
ip classless
ip route 192.168.0.0 255.255.255.0 203.162.0.1
ip route 200.200.200.0 255.255.255.0 203.162.0.1
ip http server <- bt web server ln, cho php cu hnh router
qua giao din web
ip http access-class 3 <- bt access-list 3 hn ch truy cp
vo giao din web
!
access-list 2 permit 192.168.0.1
access-list 2 permit 200.200.200.1
access-list 3 permit 192.168.0.2 <- khng khai bo wildcard mask,
router s cho l 0.0.0.0
!
line con 0
transport input none
line aux 0
line vty 0 4
access-class 2 in <- p access-list 2 hn ch telnet vo
router R2
no login <- cho php telnet vo router khng cn mt khu
!
end
Thc hin:
1. To cc access-list:
R2(config)# access-list 2 permit 192.168.0.1 0.0.0.0
R2(config)# access-list 2 permit host 200.200.200.1 <- c th
thay th wildcard mask 0.0.0.0 bng t kha host
R2(config)# access-list 3 permit host 192.168.0.2
2. Ap access-list 2 vo cc line vty hn ch truy cp vo R2 qua telnet.
R2(config)# line vty 0 4
R2(config-line)# access-class 2 in <- s dng t kha in trong
lnh access-class. Nu dung t kha out s cm kh nng telnet
ca R2 n cc host khc.
3. B t web server trn R2 v p access list 3 vo http server hn ch truy c p vo giao di n
web:
R2(config)# ip http server
R2(config)# ip http access-class 3 <- xc nh access-list 3 s
p dng trn mi HTTP Request.
Khi p access-class vo IOS webserver, khng s dng t kha in . v IOS Webserver ch c th
nhn cc yu cu to kt ni. access- list khng th p cho cc traffic chiu ra.

Kim tra:
- Telnet vo R2 t R1:
R1#telnet 203.162.0.2 <- lc ny cha cu hnh lnh ip telnet
source-interface lo0
Trying 203.162.0.2 ...
% Connection refused by remote host <- kt ni b t chi v a
ch ngun ca gi telnet l 203.162.0.1 khng tha access-list 2.
- Cn phi cu hnh R1 cc gi telnet c a ch ngun tha access-list 2 (200.200.200.1
interface lo0)
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip telnet source-interface lo0
R1(config)#^Z
R1#telnet 203.162.0.2
Trying 203.162.0.2 ... Open

R2> <- telnet n R2 thnh cng

- Telnet t PC3 (172.16.0.3) vo R2.
C:\Windows\Desktop>telnet 172.16.0.254
Connecting To 172.16.0.254...Could not open connection to the host, on port
23.
No connection could be made because the target machine actively refused it.
<- kt ni b t chi v a ch ca PC3 khng tha mn access-list 2
- Telnet t PC1 vo R2.
C:\Windows\Desktop>telnet 203.162.0.2
- T PC2 c th truy c p vo R2 qua giao di n Web:
T Internet Explorer g http://203.162.0.2 vo thanh Address
Nh p User Name l R2 v mt khu l cisco
Lab 5-3: NAT Overload

Lab 5-3: NAT Overload

M t

C ch cho php chuyn i tt c a ch IP thnh 01 a ch Global (a ch IP th t ), c ch

ny s gim s a ch IP th t. Cc a ch trong s c phn bi t da trn port number.

RouterA c cu hnh NAT v s t ng chuyn dch bt k a ch IP trong nao (10.1.1.0)

thnh 195.1.1.4

Cu hnh

RouterA
!
hostname RouterA
!
ip nat pool globalpool 195.1.1.1 195.1.1.1 netmask 255.255.255.0
&lt;- inh nghia day ia chi IP c NAT ra ngoai
ip nat inside source list 1 pool globalpool overload &lt;- Cho
phep nhiu ia chi bn trong c chuym dich ra cung 01 ia chi
ngoai
!
interface Ethernet0
ip address 10.1.1.1 255.255.255.0 secondary
ip address 10.1.1.2 255.255.255.0 secondary
ip address 10.1.1.3 255.255.255.0 secondary
ip address 10.1.1.4 255.255.255.0 secondary
ip address 10.1.1.5 255.255.255.0
ip nat inside &lt;- inh nghia cng trong
!
interface Serial0
ip address 195.1.1.4 255.255.255.0
ip nat outside &lt;- inh nghia cng ngoai
!
no ip classless
ip route 152.1.1.1 255.255.255.255 Serial0
access-list 1 permit 10.1.1.0 0.0.0.255 &lt;- inh nghia lp IP
trong c phep chuyn dich ra ngoai. Ta co th inh nghia 1 hay
nhiu IP
!
line con 0
line vty 0 4
login
!
end

RouterB
!
hostname RouterB
!
enable mt khu cisco
!
interface Ethernet0/0
ip address 152.1.1.1 255.255.255.0
!
interface Serial0/0
ip address 195.1.1.10 255.255.255.0
clock rate 500000
!
line con 0
line aux 0
line vty 0 4
mt khu cisco
login

Kim tra

T Router A , thc hi n l nh ping m rng n RouterB (195.1.1.3), source t 10.1.1.1 v

10.1.1.2. Kim tra chuyn dch bng l nh debug ip nat (c 2 a ch ny s c chuyn dch
thnh 195.1.1.1).

NAT: s=10.1.1.1->195.1.1.1, d=195.1.1.3 [5]

NAT: s=10.1.1.2->195.1.1.1, d=195.1.1.3 [10]

xem bng chuyn i NAT trn RouterA dng l nh show ip nat tranlation. Lu port
number sau mi a ch IP. S th t cc port ny l cha kha chuyn cc gi ng v a
ch IP inside local.

RouterA#show ip nat translations

Pro Inside global Inside local Outside local Outside global
icmp 195.1.1.1:9 10.1.1.2:4 195.1.1.3:4 195.1.1.3:9
icmp 195.1.1.1:8 10.1.1.2:3 195.1.1.3:3 195.1.1.3:8
icmp 195.1.1.1:7 10.1.1.2:2 195.1.1.3:2 195.1.1.3:7
icmp 195.1.1.1:6 10.1.1.2:1 195.1.1.3:1 195.1.1.3:6
icmp 195.1.1.1:5 10.1.1.2:0 195.1.1.3:0 195.1.1.3:5
icmp 195.1.1.1:4 10.1.1.1:4 195.1.1.3:4 195.1.1.3:4
icmp 195.1.1.1:3 10.1.1.1:3 195.1.1.3:3 195.1.1.3:3
icmp 195.1.1.1:2 10.1.1.1:2 195.1.1.3:2 195.1.1.3:2
icmp 195.1.1.1:1 10.1.1.1:1 195.1.1.3:1 195.1.1.3:1
icmp 195.1.1.1:0 10.1.1.1:0 195.1.1.3:0 195.1.1.3:0

->M t s l nh kim tra khc

Show ip nat statistics : Hin th s phin ang chuyn dch v chuyn dch khi thc hi n
NAT.

Show ip nat translations: Cc phin NAT ang din ra; Protocol of the packet translated; inside
global address , outside local address, outside global address v inside local address.

Show ip nat translations verbose : ging l nh trn nhng chi tit hn

clear ip nat translation : Xa tt c cc phin NAT

clear ip nat statistics : xa tt c cc counters ca thng k NAT

debug ip nat : Xem tin trnh ca cc phin NAT

Lab 6-1: Cu hnh ISDN DDR

Lab 6-1: Cu hnh ISDN DDR

M t

ISDN c cc tnh nng nng cao cho dch v truyn s li u v thoi. Ba mc ch c bn ca

ISDN l: h tr truy c p Internet tc cao, trin khai trn di n r ng truy c p server qua
ng quay s: DDR (dial-on-demand) v dial backup.

Lab ny m t cu hnh cch quay s cho dch v ISDN DDR

Cu hnh
R1
!
hostname R1
!
enable password vnpro
!
ip subnet-zero
no ip domain-lookup
!
isdn switch-type basic-ni1
!
!
interface BRI0
ip address 192.168.200.1 255.255.255.252
isdn spid1 5101 8995101
isdn spid2 5102 8995101
isdn switch-type basic-ni1
encapsulation ppp
!
no ip classless
!
line con 0
line vty 0 4
login
!
end

R2
!
hostname R2
!
enable password vnpro
!
ip subnet-zero
no ip domain-lookup
!
isdn switch-type basic-ni1
!
!
interface BRI0
ip address 192.168.200.2 255.255.255.252
isdn switch-type basic-ni1
encapsulation ppp
isdn spid1 5201 8995201
isdn spid2 5202 8995202
dialer-group 1
!
no ip classless
!
dialer-list 1 protocol ip permit
!
line con 0
line vty 0 4
login
!
end

Cc bc cu hnh

1.Cho php ISDN hot ng: t kiu ISDN switch. Kiu ISDN switch y l basic-ni1, thng
tin ny phi t ng vi cc thng s do nh cung cp dch v ISDN cung cp. im c bit
trong cu hnh ISDN l lnh ch ra lai tng i s c cu hnh ch tan cc, va phi
c cu hnh interface mode.

R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#isdn switch-type basic-ni1
R1(config)#interface BRI0
R1(config-if)# ip address 192.168.200.2 255.255.255.252
R1(config-if)#isdn switch-type basic-ni1

R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#

R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#isdn switch-type basic-ni1
R2(config-if)#isdn switch-type basic-ni1
R2(config)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#

C th kim tra li cu hnh bng l nh show run ho c m t l nh khc l show isdn status:

R2#show isdn status

The current ISDN Switchtype = basic-ni1
ISDN BRI0 interface
Layer 1 Status:
DEACTIVATED
Layer 2 Status:
Layer 2 NOT Activated
Layer 3 Status:
0 Active Layer 3 Call(s)
Activated dsl 0 CCBs = 0
Total Allocated ISDN CCBs = 0
R2#

Cu l nh ny cho bit thng tin loi tng i ISDN v cc thng tin lp 1, 2, 3 ca giao tip
ISDN. iu ny rt cn thit gii quyt s c khi cu hnh xc nh li xy ra lp no.
Thng thng sau khi cu hnh ISDN switch type, Layer 1 phi ACTIVE. Nh v y ta phi kim
tra li cng giao tip ISDN BRI trn R2:

R2#show interface bri0

BRI0 is administratively down, line protocol is down
Hardware is BRI
MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec, rely 255/255, load
1/255
...
R2#

V y ta c th xc nh li trn interface BRI l do interface ny ang ch shutdown. Phi

thc hi n l nh no shutdown trn interface Bri0. Bn cnh nguyn nhn trn, cc li c th gy ra
trng thi DEACTIVTE l li v cp. Ta dng cp thng kt ni t cng ISDN BRI v thit b
NT1 ca tng i ISDN.

2. Gn a chi IP cho cng BRI0 v cho phep cng hot ng

R1(config)#int bri0
R1(config-if)#ip address 192.168.200.1 255.255.255.252
R1(config-if)#no shutdown
R1(config-if)#
%LINK-3-UPDOWN: Interface BRI0:1, changed state to down
%LINK-3-UPDOWN: Interface BRI0:2, changed state to down
%LINK-3-UPDOWN: Interface BRI0, changed state to up
R1(config-if)#
%ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 123 changed to
up
R1(config-if)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#

->i vi cc phin bn Cisco IOS trc 12.0 thc hi n t IP cho cng s b thng bo li nh
sau

R1(config)#int bri0
R1(config-if)#ip address 192.168.200.1 255.255.255.252
Bad mask /30 for address 192.168.200.1
R1(config-if)#end
R1#

->Do a ch IP trn l dng IP subnet 0. Phi cho php dng ny hot ng bng l nh ip subnet-
zero trn R1. L nh ny m c nh trn cc phin bn Cisco IOS 12.0 tr ln.

R1(config)#ip subnet-zero
R1(config)#int bri0
R1(config-if)#ip address 192.168.200.1 255.255.255.252
R1(config-if)#no shutdown

Trong m t s trng hp cn phi khai bo s SPID cc pha, nu nh cung cp dich v yu

cu.

R1(config)#int bri0
R1(config-if)#isdn spid1 3442 8993442
R1(config-if)#isdn spid2 3443 8993443
(Khai bao hai s SPID cho hai knh BRI0:1 va BRI0:2)

R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#ip subnet-zero
R2(config)#int bri0
R2(config-if)#ip address 192.168.200.2 255.255.255.252
R2(config-if)#no shut
R2(config-if)#
%LINK-3-UPDOWN: Interface BRI0:1, changed state to down
%LINK-3-UPDOWN: Interface BRI0:2, changed state to down
%LINK-3-UPDOWN: Interface BRI0, changed state to up
R2(config-if)#
%ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 124 changed to
up
R2(config-if)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#

Lc ny c th kim tra trng thi Layer 2 ca BRI0 trn R2.

R2#show isdn status

The current ISDN Switchtype = basic-ni1
ISDN BRI0 interface
Layer 1 Status:
ACTIVE
Layer 2 Status:
TEI = 126, State = MULTIPLE_FRAME_ESTABLISHED
TEI = 127, State = MULTIPLE_FRAME_ESTABLISHED
Layer 3 Status:
0 Active Layer 3 Call(s)
Activated dsl 0 CCBs = 0
Total Allocated ISDN CCBs = 0
R2#

Khi trng thi lp 2 cho thy kt ni ISDN ca router c cu hnh ng.

3.Xc nh encapsulation ppp trn cc cng

R1(config)#int bri0
R1(config-if)#encapsulation ppp
R1(config-if)#end
R1#
%ISDN-6-LAYER2DOWN: Layer 2 for Interface BRI0, TEI 65 changed to
down
%ISDN-6-LAYER2DOWN: Layer 2 for Interface BR0, TEI 65 changed to
down
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#
%ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 66 changed to up
R1#

R2(config)#int bri0
R2(config-if)#encapsulation ppp
R2(config-if)#end
R2#
%ISDN-6-LAYER2DOWN: Layer 2 for Interface BRI0, TEI 126 changed
to down
%ISDN-6-LAYER2DOWN: Layer 2 for Interface BR0, TEI 126 changed to
down
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#
%ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 67 changed to up

Ch rng khi thay i kiu encapsulation, cng b reset (thng bo hi n ra l Layer 2 thay i
t down sang up). C th thc hi n reset cng giao tip bng l nh clear interface bri0, l nh ny
cn thit trong qu trnh kim v sa li ISDN Layer 2.

R2#clear int bri0

R2#
%ISDN-6-LAYER2DOWN: Layer 2 for Interface BRI0, TEI 68 changed to
down
%ISDN-6-LAYER2DOWN: Layer 2 for Interface BR0, TEI 68 changed to
down
R2#
%ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 69 changed to up
R2#

4.Xc nh kiu d li u se kch hot ng ISDN (interesting traffic) bng cch cu hnh
dialer-list global config mode
Trong lab ny, interesting traffic l mi giao thc IP (dialer-list 1 protocol ip permit), p
dng dialer-list trn cng giao tip BRI0 bng l nh dialer-group

R2(config)#dialer-list 1 protocol ip permit

R2(config)#int bri0
R2(config-if)#dialer-group 1
R2(config-if)#end

Dng lnh dialer map ch ra router u xa, s in thai cn gi, a ch IP ca router u

xa.

R2(config)#int bri0
R2(config-if)#dial map ip 192.168.200.1 name R1 broadcast 8995101
R2(config-if)#end
R2#
Thc hin tng t cho router R1.

Kim tra

Sau khi xc nh s gi, xem li thng tin bng l nh show dialer. L nh ny cung cp cc thng
tin nh s gi, trng thi cu c gi hi n ti, trng thi cu c gi cui, s ln gi thnh cng hay
tht bi ...

R2#show dialer

BRI0 - dialer type = ISDN

Dial String Successes Failures Last called Last status

8358662 0 0 never - Default
0 incoming call(s) have been screened.

BRI0:1 - dialer type = ISDN

Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is idle

BRI0:2 - dialer type = ISDN

Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is idle
R2#

Kch hot kt ni bng cch thc hi n ping trn R2 ti cng giao tip BRI0 ca R1.

R2#ping 192.168.200.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.200.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 32/34/36 ms
R2#
%LINK-3-UPDOWN: Interface BRI0:1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state to up
R2#
%ISDN-6-CONNECT: Interface BRI0:1 is now connected to 8358662
R2#

Thc hi n l nh show dialer trn R2 kim tra li

R2#show dialer

BRI0 - dialer type = ISDN

Dial String Successes Failures Last called Last status
8358662 1 0 00:00:17 successful Default
0 incoming call(s) have been screened.

BRI0:1 - dialer type = ISDN

Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is data link layer up
Dial reason: ip (s=192.168.200.2, d=192.168.200.1)
Time until disconnect 104 secs
Current call connected 00:00:17
Connected to 8358662

BRI0:2 - dialer type = ISDN

Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is idle
R2#

L nh trn hin th m t cu c gi thnh cng, kch hot cu c gi l do gi t 192.168.200.2 ti

192.168.200.1. Trong 104 giy sau s ngt kt ni nu khng c interesting traffic. Lc ny, xem
xt Layer 3 ca BRI v cu c gi thc hi n c bng cc l nh sau:

R2#show isdn status

The current ISDN Switchtype = basic-5ess
ISDN BRI0 interface
Layer 1 Status:
ACTIVE
Layer 2 Status:
TEI = 70, State = MULTIPLE_FRAME_ESTABLISHED
Layer 3 Status:
1 Active Layer 3 Call(s)
Activated dsl 0 CCBs = 1
CCB: callid=0x8003, sapi=0, ces=1, B-chan=1
Total Allocated ISDN CCBs = 1

R2#show isdn active

-------------------------------------------------------------
ISDN ACTIVE CALLS
-------------------------------------------------------------
History Table MaxLength = 100 entries
History Retain Timer = 15 Minutes
-------------------------------------------------------------
Call Calling Called Duration Remote Time until
Type Number Number Seconds Name Disconnect
-------------------------------------------------------------
Out 8358662 Active(23) 277
-------------------------------------------------------------
R2#
__________________
Viet Professionals Co. Ltd. VnPro
mnh bit bn pass CCIE nn rt mong bn cho mnh t kinh nghim cu hnh sau y:
nhn y xin cc bn gip mnh gii quyt tnh hung ny vi.
hin ti cng ty e c 1 con router cisco 1800. vic meeting video conference vi bn ngoi th
qua IP 210.245.xxx.xxx hot ng n nh.(cng ty ang dng Leaseline v ADSL)
hin nay c 1 s khch hng nc ngoi v yu cu bo mt h khng dng Leasline v ADSL
m ch dng ng ISDN.
nn by gi mun hp vi khch hng qua video conference th phi c ng ISDN.
em mun cu hnh ng ISDN chy song song vi IP 203.245.xxx.xxx khi hi ngh trong
nc th nhn IP l OK.
v khi khch hng nc ngoi quay s bng ng ISDN th t ng kt ni vo.
xin cc bn hng dn cho em cch cu hnh, em thanks nhiu.
nu nh mnh thc hin theo cc bc trn th vic kt ni c thng sut ko? v nu mun chy
song song vi IP hin ti khng bit c cn cu hnh thm g khng? rt mong nhn c s gip
.

IPv6LAB 1: CI T IPV6 CHO MY TNH DNG HH WINDOWS XP

Nhm tc gi: Uyn - Tun - Tho - Tr

LAB 1: CI T IPV6 CHO MY TNH DNG
HH WINDOWS XP
- Theo c t ca giao thc IPv6, tt c cc loi a ch IPv6 c gn cho cc Interface, khng
gn cho cc Node. Mi a ch IPv6 loi Unicast (gi tt l a ch Unicast) c gn cho mt
Interface n. V mi Interface thuc v mt Node n, do vy mi a ch Unicast nh danh
mt Interface s nh danh cho Node . Mi Interface n c th c gn nhiu loi a ch
IPv6 (cho php c 3 dng a ch ng thi Unicast, Anycast, Multicast). Nhng bt buc mi
Interface phi c gn mt a ch Unicast Link-local nhm phc v cho cc kt ni Point-to-
point. Theo thit k ca IPv6, mt Host c th c nh danh bi cc a ch sau:
- Mt a ch Link-local cho mi Interface gn vi Host .
- Mt a ch Unicast c cung cp bi cc nh cung cp dch v.
- Mt a ch Loopback.
- Mt a ch Multicast, m Host l thnh vin.
- Mt router nu h tr IPv6 s nhn bit c tt c cc loi a ch m host chp nhn k trn,
ngoi ra n cn c gn cc loi a ch sau:
- Tt c cc a ch Multicast c gn trn Router.
- Tt c cc a ch Anycast c cu hnh trn Router.
- Tt c cc a ch Multicast ca cc nhm thuc Router qun l.

Yu cu:
1. Ci t IPv6 trn 2 my tnh A v B
2. Ni 2 my tnh bng cp cho
3. Ping IPv6 kim tra kt ni lp 3 gia 2 PC
Cc bc thc hin:
- Trn PC A v PC B, bm vo thanh tc v Start, chn Run, nh lnh cmd vo mn hnh
command line ca DoS. Thc hin ci t IPv6 bng lnh ipv6 install

Xem li cu hnh bng lnh ipconfig

- Mi my sau khi ci t IPv6 s c mt a ch mc nh cho card mng l 1 a ch link-local.

Mt card mng phi c ti thiu 1 a ch link-local. C th thay i a ch IPv6 bng lnh:
Netsh interface ipv6 set address local area connection fe80::B hoc
Netsh interface ipv6 add address local area connection fe80::B
- Cu hnh tng t trn my A. Sau thc hin lnh ping6 ti my A t my B bng a ch
link-local.
Yu cu:
- C 2 site c phn cch bi router.
- T PC C c th thc hin lnh ping ti cc a ch trong site Fec1::/64
Cc bc thc hin:
- Bc 1: Ci t IPv6 cho cc my tnh, gn a ch IPv6 cho chng theo hnh v.
- Thc hin ci t IPv6 bng lnh ipv6 install
- Thit lp a ch site-local trn PC A
netsh interface ipv6 set address local area connection fec1::A
- Thit lp a ch site-local trn PC B
netsh interface ipv6 set address local area connection fec1::B
- Thit lp a ch site-local trn PC C
netsh interface ipv6 set address local area connection fec0::C
- Xem li cu hnh bng lnh ipconfig
- Mt im khc bit IPv6 so vi IPv4 l cc my trm s t nhn a ch default-gateway t
router gn vi n m chng ta khng cn phi t, iu ny s cho chng ta t sai st khi tin
hnh nh tuyn cho cc my trm.
- Kim tra cc thng s cu hnh cho cc PC:

- Bc 2: Cu hnh router, cho cc interface tham gia vo mng s dng a ch IPv6

Router#config terminal
Router(config)#interface Fa0/0
Router(config)#ipv6 unicast-routing /* M chc nng nh tuyn
IPv6 trn Router */
Router(config)#interface FastEthernet 0/0
Router(config-if)#ipv6 enable /* cho php interface hot ng vi
a ch IPv6 */
Router(config-if)#ipv6 address fec0::1/64
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#interface FastEthernet 0/1
Router(config-if)#ipv6 enable
Router(config-if)#ipv6 address fec1::1/64
Router(config-if)#no shutdown
Router(config-if)#^Z
- Kim tra thng s cu hnh trn cc interface:
Router#show ipv6 interface brief
FastEthernet0/0 [up/up]
FE80::204:C1FF:FE4D:EC60
FEC0::1
FastEthernet0/1 [up/up]
FE80::1
FEC1::1
Serial0/0 [administratively down/ down]
unassigned
- Kim tra li a ch default gateway bng lnh ping:

Sau , thc hin lnh ping t PC C ti PC A v PC B bng a ch site-local .

IPv6 Lab 3: nh Tuyn Tinh Vi Mng Ipv6

Nhm tc gi: Uyn - Tun - Tho - Tr

LAB 3: NH TUYN TNH VI MNG IPV6

Yu cu:
- C 2 site c phn cch bi 2 router.
- Thc hin nh tuyn tnh trn hai router PC A c th thc hin lnh ping ti PC B.
Cc bc thc hin:
Bc 1: t a ch cho cc PC A v B
PC A: netsh interface ipv6 set address local area connection 2001::a
PC B: netsh interface ipv6 set address local area connection 2003::b
Bc 2: Cu hnh cho cc interface ca router R1, R2
i vi R1:
R1(config)#ipv6 enable
R1(config)#ipv6 unicast-routing /*cho php router hot ng nh
tuyn vi IPv6*/
R1(config)#interface F0/0
R1(config-if)#ipv6 enable
R1(config-if)#ipv6 address 2001::1/64
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface S0/0
R1(config-if)# clock rate 64000
R1(config-if)# ipv6 address 2002::1/64
R1(config-if)#no shutdown
R1(config-if)#^Z
i vi R2:
R2(config)#ipv6 enable
R2(config)#ipv6 unicast-routing
R2(config)#interface F0/0
R2(config-if)#ipv6 enable
R2(config-if)#ipv6 address 2003::1/64
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface S0/0
R2(config-if)#ipv6 address 2002::2/64
R2(config-if)#no shutdown
R2(config-if)#^Z
Bc 3: Cu hnh nh tuyn tnh
Trn R1:
R1(config)#ipv6 route 2003::/64 2002::2
R1(config)#exit
Trn R2:
R2(config)#ipv6 route 2001::/64 2002::1
R1(config)#exit
Cu hnh tham kho:
R1#show run
interface FastEthernet0/0
no ip address
duplex auto
speed auto
ipv6 address 2001::1/64
!
interface Serial0/1/0
no ip address
ipv6 address 2002::1/64
clock rate 64000
!
ip classless
!
ip http server
no ip http secure-server
!
ipv6 route 2003::/64 2002::2
!
R2#show run
interface FastEthernet0/0
no ip address
duplex auto
speed auto
ipv6 address 2003::1/64
!
interface Serial0/1/0
no ip address
ipv6 address 2002::2/64
!
ipv6 route 2001::/64 2002::1
!
Bc 4: Kim tra cc thng s v thc hin lnh ping
- a ch trn PC B:

R2#show ipv6 interface brief

FastEthernet0/0 [up/up]
FE80::218:18FF:FE9C:A7A0
2003::1
Serial0/1/0 [up/up]
FE80::218:18FF:FE9C:A7A0
2002::2
- T PC B, thc hin lnh ping ti PC A c a ch 2001::a kim tra kt ni

IPv6 LAB 4: CU HNH RIPng C BN

Nhm tc gi: Uyn - Tun - Tho - Tr

LAB 4: CU HNH RIPng C BN

- Cc chc nng ca RIPng (RIP next generation) trong IPv6 tng t nh chc nng ca RIP
trong IPv4. Cc gi tin update s dng a ch multicast ca tt c cc router chy RIP.
- Mi qu trnh RIPng duy tr mt bng nh tuyn cc b RIB (Routing Information Database).
Bng RIB ny cha mt b cc ng i tt nht hc c t cc thit b ln cn.
Yu cu:
- Router R1, R2 s dng RIPng qung b thng tin nh tuyn
- Cc PC ping c ton b a ch trong mng
Cc bc thc hin:
Bc 1: t a ch IPv6 cho cc PC
PC A: netsh interface ipv6 set address local area connection 2001::a
PC B: netsh interface ipv6 set address local area connection 2003::b
Bc 2: Cu hnh a ch IPv6 cho cc interface ca router R1, R2
i vi R1:
R1(config)#ipv6 enable
R1(config)#ipv6 unicast-routing
R1(config)#interface E0/0
R1(config-if)#ipv6 enable
R1(config-if)#ipv6 address 2001::1/64
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface S0/1
R1(config-if)# clock rate 64000
R1(config-if)# ipv6 address 2005::1/64
R1(config-if)#no shutdown
R1(config-if)#^Z
i vi R2:
R2(config)#ipv6 enable
R2(config)#ipv6 unicast-routing
R2(config)#interface E0/0
R2(config-if)#ipv6 enable
R2(config-if)#ipv6 address 2003::1/64
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface S0/1
R2(config-if)#ipv6 address 2005::2/64
R2(config-if)#no shutdown
R2(config-if)#^Z
Bc 3: Cho cc interface trn R1, R2 tham gia vo qu trnh nh tuyn RIPng
Trn R1:
R1(config)#ipv6 router rip cisco /*t tn cho process RIPng l
cisco*/
R1(config-rtr)#exit
R1(config)#interface E0/0
R1(config-if)#ipv6 rip cisco enable /*cho php RIPng process
cisco chy trn E0/0*/
R1(config)#interface S0/1
R1(config-if)#ipv6 rip cisco enable /*cho php RIPng process
cisco chy trn E0/0*/
C th cu hnh s ng i ti a cng metric m RIPng h tr. Gi tr ny trong khong t 1
n 64, mc nh cho RIP ti a l 4 ng.
R1(config)#ipv6 router rip cisco
R1(config-rtr)#maximum-paths 1
R1(config-rtr)#exit
Trn R2: cu hnh tng t nh R1
Cu hnh tham kho:
R1#show run
!
hostname R1
no ip domain-lookup
!
ipv6 unicast-routing
!
interface Ethernet0/0
no ip address
duplex auto
speed auto
ipv6 address 2001::1/64
ipv6 rip cisco enable
!
interface Serial0/1
no ip address
clock rate 64000
ipv6 address 2005::1/64
ipv6 rip cisco enable
!
ipv6 router rip cisco
!
end
Ch : tn ca process-id ch mang ngha cc b trong mt router
R2#show run
!
hostname R2
!
no ip domain-lookup
!
ipv6 unicast-routing
!
interface Ethernet0/0
no ip address
duplex auto
speed auto
ipv6 address 2003::1/64
ipv6 rip cisco enable
!
interface Serial0/1
no ip address
ipv6 address 2005::2/64
ipv6 rip cisco enable
!
ipv6 router rip cisco
!
end
Bc 4: Kim tra cu hnh
- Xem bng nh tuyn bng lnh show ipv6 route, hoc show ipv6 route rip xem cc ng i
hc t RIPng. Cc ng i hc t RIPng s c nh du bng ch R nh trong RIP ca IPv4.
R2#show ipv6 interface brief
Ethernet0/0 [up/up]
FE80::218:18FF:FE9C:A7A0
2003::1
Serial0/1 [up/up]
FE80::218:18FF:FE9C:A7A1
2005::2
- Xem process-id ca RIPng, cc interface no chy RIPng
R1#show ipv6 rip
RIP process "cisco", port 521, multicast-group FF02::9, pid 32
Administrative distance is 120. Maximum paths is 16
Updates every 30 seconds, expire after 180
Holddown lasts 0 seconds, garbage collect after 120
Split horizon is on; poison reverse is off
Default routes are not generated
Periodic updates 69, trigger updates 40
Interfaces:
Serial0/1
Ethernet0/0
Redistribution:
None
- C th xem c s d liu ca RIPng bng lnh show ipv6 rip database
R1#show ipv6 rip database
RIP process "cisco", local RIB
2003::/64, metric 2, installed
Ethernet0/0/FE80::218:18FF:FE9C:A7A0, expires in 155 secs
2005::/64, metric 2
FastEthernet0/1/FE80::218:18FF:FE9C:A7A1, expires in 155 secs
- T R1 hoc R2 ping c cc a ch trn mng
R1#ping 2003::b
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2003::B, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/4
ms
- C th dng lnh debug ipv6 packet [detail] xem qu trnh gi tin i t R1 n PC B
R1#ping 2003::b
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2003::B, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/1/4
ms
R1#
*Dec 24 07 16.651: IPv6: SAS picked source 2005::1 for 2003::B
(Serial0/1)
*Dec 24 07 16.655: IPv6: nexthop FE80::218:18FF:FE9C:A7A1,
*Dec 24 07 16.655: IPV6: source 2005::1 (local)
*Dec 24 07 16.655: dest 2003::B (Serial0/1)
*Dec 24 07 16.655: traffic class 0, flow 0x0, len 100+0, prot
58, hops 64, originating
*Dec 24 07 16.655: IPv6: Sending on Serial0/1
*Dec 24 07 16.655: IPV6: source 2003::B (Serial0/1)
*Dec 24 07 16.655: dest 2005::1
*Dec 24 07 16.655: traffic class 0, flow 0x0, len 100+14, prot
58, hops 63, forward to ulp

thanhsang_truong

View Public Profile

Send a private message to thanhsang_truong

Find all posts by thanhsang_truong

Add thanhsang_truong to Your Contacts

#2
20-06-2008, 04:23 PM
netbaby Join Date: Oct 2007
Senior Member Posts: 132
Senior Member

Sao em cu hnh ping c ri m show bng nh tuyn khng thy entry no ht (ping mng
t xa ok).

M t

Cu hnh cc thng s c bn cho Catalys Switch vi giao din dng lnh CLI. Cc tc v cn
thc hin bao gm t tn cho switch, cu hnh cc interface vlan, cu hnh telnet vo
switch.Dng my trm kt ni vi switch qua kt ni console, giao din tng tc ngi dng
s dng trnh HyperTerminal. y l mt cng c uc MS Windows h tr.

Thc hin

1. Khi ng ngun ca switch. Trn giao din Hyper Terminal hin ra cc thng s khi to
trong qu trnh khi ng Switch.
% Please answer 'yes' or 'no'.
Would you like to enter the initial configuration dialog? [yes/no]: no
Press RETURN to get started!
00:04:13: %LINK-5-CHANGED: Interface Vlan1, changed state to administratively down
00:04:14: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to
down
Ngi dng s c hi nu mun vo cc hp thoi cu hnh t ng, tr li NO (v mc
ch ca ngi dng l mun vo ch CLI (command line interface).
2. Vo enable mode xem cu hnh mc nh ca switch

Switch>enable
Switch#show running-config
Building configuration...
Current configuration : 1473 bytes
!
version 12.1
!
hostname Switch
!
ip subnet-zero
!
spanning-tree mode pvst
spanning-tree extend system-id
!
interface FastEthernet0/1
no ip address
!
interface FastEthernet0/2
no ip address
!
interface FastEthernet0/3
no ip address
!
interface FastEthernet0/4
no ip address
!
interface FastEthernet0/5
no ip address
!
interface FastEthernet0/6
no ip address
!
interface FastEthernet0/7
no ip address
!
interface FastEthernet0/8
no ip address
!
interface FastEthernet0/9
no ip address
!
interface FastEthernet0/10
no ip address
!
interface FastEthernet0/11
no ip address
!
interface FastEthernet0/12
no ip address
!
interface GigabitEthernet0/1
no ip address
!
interface GigabitEthernet0/2
no ip address
!
interface Vlan1
no ip address
shutdown
!
ip classless
ip http server
!
line con 0
line vty 5 15
!
end

3. Thit lp cc thng s cho switch nh hostname, enable password, console password v

virtual terminal password. Cc loi password s dng c phn bit ch thng v ch hoa. Do
ngi dng cn phn bit cc k t s dng ch vit hoa khc vi ch vit thng. V d
Cisco khc vi cisco.

Switch#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname Vnpro
Vnpro(config)#enable password cisco
Vnpro(config)#enable secret class
Vnpro(config)#line console 0
Vnpro(config-line)#password console
Vnpro(config-line)#login
Vnpro(config-line)#^Z

Switch h tr cc Virtual Line dng cho cc phin telnet. Cn cu hnh password cho cc line
ny mi c th telnet vo Switch (trnh t cu hnh h tr telnet s trnh by sau). xem thng
tin v cc Virtual Line trn Switch: dng lnh show line.

Vnpro#show line
Tty Typ Tx/Rx A Modem Roty AccO AccI Uses Noise Overruns Int
* 0 CTY - - - - - 0 0 0/0 -
1 VTY - - - - - 0 0 0/0 -
2 VTY - - - - - 0 0 0/0 -
3 VTY - - - - - 0 0 0/0 -
4 VTY - - - - - 0 0 0/0 -
5 VTY - - - - - 0 0 0/0 -
6 VTY - - - - - 0 0 0/0 -
7 VTY - - - - - 0 0 0/0 -
8 VTY - - - - - 0 0 0/0 -
9 VTY - - - - - 0 0 0/0 -
10 VTY - - - - - 0 0 0/0 -
11 VTY - - - - - 0 0 0/0 -
12 VTY - - - - - 0 0 0/0 -
13 VTY - - - - - 0 0 0/0 -
14 VTY - - - - - 0 0 0/0 -
15 VTY - - - - - 0 0 0/0 -
16 VTY - - - - - 0 0 0/0 -

Cu hnh password cho cc line vty

Vnpro#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
Vnpro(config)#line vty 0 4
Vnpro(config-line)#password cisco
Vnpro(config-line)#login

Cu hnh trn thit b Cisco, mi dng lnh do ngi dng g vo. Sau khi nhn phm enter
cu hnh h thng s lp tc thay i. V vy, i vi cc h thng mng tht, trc khi thay i
mt thng s no ca thit b, cn phi sao lu li cu hnh ban u c th khi phc li
khi cn thit.

Bc 4: cu hnh Vlan.
Kim tra cu hnh Vlan mc nh trn Switch
Vnpro#show vlan
VLAN Name Status Ports
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
Mc nh trn Switch ch c Vlan 1 vi tt c cc port u nm trong Vlan ny, Vlan 1002 dnh
ring cho FDDI, Vlan 1003 dnh ring cho TOKEN-RINGC hai cch to thm Vlan
Cch 1:Thao tc trn Vlan database
Vnpro#vlan database
Vnpro(vlan)#vtp domain Chuyenviet
Changing VTP domain name from NULL to Chuyenviet
Vnpro(vlan)#vtp server
Setting device to VTP SERVER mode.
Vnpro(vlan)#vlan 10 name Admin
VLAN 10 added:
Name: Admin
Vnpro(vlan)#vlan 20 name User
VLAN 20 added:
Name: User
Vnpro(vlan)#apply
APPLY completed.
Vnpro(vlan)#exit
APPLY completed.
Exiting....
Cch 2: Tong tc trc tip n Vlan cn to ra
Vnpro(config)#interface vlan 10
Vnpro(config-if)#exit
Vnpro(config)#
Vnpro(config)#interface vlan 20
Vnpro(config-if)#exit
Vnpro(config)#
gn cc port vo cc Vlan, thc hin cc bc sau:
V d ta cn gn cc port fastethernet 2 vo Vlan 10, port fastetehnet 3 vo Vlan 20
Vnpro(config)#interface fastethernet0/2
Vnpro(config-if-range)#switchport access vlan 10
Vnpro(config-if-range)#exit
Vnpro(config)#interface fastethernet0/3
Vnpro(config-if-range)#switchport access vlan 20
Vnpro(config-if-range)#exit
Kim tra li cu hnh Vlan
Vnpro#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24, Gi0/1, Gi0/2
10 Admin active Fa0/2
20 User active Fa0/3
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Cu hnh IP cho interface Vlan: cc interface Vlan c cu hnh IP ch mang tnh cht lun l.
IP ny phc v cho vic qun l, a ch IP lun l ny cn c th dng telnet vo Switch t
xa v chy cc ng dng SNMP.
Vnpro#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
Vnpro(config)#interface vlan 10
Vnpro(config-if)#ip address 10.0.0.1 255.255.255.0
Vnpro(config-if)#no shutdown
Vnpro(config-if)#^Z
00:14:43: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to
down
00:14:43: %SYS-5-CONFIG_I: Configured from console by console
Lu cu hnh vo NVRAM
Vnpro#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
Cn ch gn default-gateway cho switch bng cu lnh
VnPro#ip default-gateway 10.0.0.100
a ch 10.0.0.100 c th dng l a ch ca PC c dng telnet vo switch.
Em cha hc Cisco nhng sp ti s phi lm cng vic v mng Cisco , em mun nh cc
cao th y gii p mt s thc mc nh nh sau :
- c cc ti liu em thy lc th dng khi nim port , lc th Interface m chung quy cng l
port , vy chng khc nhau nh th no ?
- Theo cu hnh ca bc ch topic th dng Vlan tnh s phi to Vlan trn tng Switch sau
gn tng cng vo , vi Dynamic Vlan c phi to Vlan trn tng Switch khng ?
-Theo em bit th Vlan tnh tnh linh ng cao hn , c ngha l ta c th chuyn port ca my t
Vlan ny sang Vlan khc mt cch d dng , trng hp nu dng ng thi c Vlan tnh v ng
th s th no , nu a ch Mac c gn vo Vlan A chng hn th c th chuyn port ca
my vo Vlan B c khng ?
 minu

View Public Profile

Send a private message to minu

Send email to minu

Find all posts by minu

Add minu to Your Contacts

#7
25-02-2009, 03:35 PM
thanhnam0707 Join Date: Sep 2005
Senior Member Posts: 216
Professionals

- Port l physical port cn interface c th l interface physical hay interface logic.

- Dynamic Vlan th ko phi to trn Sw m n hc c t SW khc.
- D l Vlan Dynamic th bn cng phi gn port bng tay,vic ny ko th gn ng c v c th
chuyn port ty .
__________
Lab 6-1: Cu hnh ISDN DDR

Lab 6-1: Cu hnh ISDN DDR

M t

ISDN c cc tnh nng nng cao cho dch v truyn s li u v thoi. Ba mc ch c bn ca

ISDN l: h tr truy c p Internet tc cao, trin khai trn di n r ng truy c p server qua
ng quay s: DDR (dial-on-demand) v dial backup.

Lab ny m t cu hnh cch quay s cho dch v ISDN DDR

Cu hnh

R1
!
hostname R1
!
enable password vnpro
!
ip subnet-zero
no ip domain-lookup
!
isdn switch-type basic-ni1
!
!
interface BRI0
ip address 192.168.200.1 255.255.255.252
isdn spid1 5101 8995101
isdn spid2 5102 8995101
isdn switch-type basic-ni1
encapsulation ppp
!
no ip classless
!
line con 0
line vty 0 4
login
!
end

R2
!
hostname R2
!
enable password vnpro
!
ip subnet-zero
no ip domain-lookup
!
isdn switch-type basic-ni1
!
!
interface BRI0
ip address 192.168.200.2 255.255.255.252
isdn switch-type basic-ni1
encapsulation ppp
isdn spid1 5201 8995201
isdn spid2 5202 8995202
dialer-group 1
!
no ip classless
!
dialer-list 1 protocol ip permit
!
line con 0
line vty 0 4
login
!
end

Cc bc cu hnh

1.Cho php ISDN hot ng: t kiu ISDN switch. Kiu ISDN switch y l basic-ni1, thng
tin ny phi t ng vi cc thng s do nh cung cp dch v ISDN cung cp. im c bit
trong cu hnh ISDN l lnh ch ra lai tng i s c cu hnh ch tan cc, va phi
c cu hnh interface mode.

R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#isdn switch-type basic-ni1
R1(config)#interface BRI0
R1(config-if)# ip address 192.168.200.2 255.255.255.252
R1(config-if)#isdn switch-type basic-ni1

R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#

R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#isdn switch-type basic-ni1
R2(config-if)#isdn switch-type basic-ni1
R2(config)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#

C th kim tra li cu hnh bng l nh show run ho c m t l nh khc l show isdn status:
R2#show isdn status
The current ISDN Switchtype = basic-ni1
ISDN BRI0 interface
Layer 1 Status:
DEACTIVATED
Layer 2 Status:
Layer 2 NOT Activated
Layer 3 Status:
0 Active Layer 3 Call(s)
Activated dsl 0 CCBs = 0
Total Allocated ISDN CCBs = 0
R2#

Cu l nh ny cho bit thng tin loi tng i ISDN v cc thng tin lp 1, 2, 3 ca giao tip
ISDN. iu ny rt cn thit gii quyt s c khi cu hnh xc nh li xy ra lp no.
Thng thng sau khi cu hnh ISDN switch type, Layer 1 phi ACTIVE. Nh v y ta phi kim
tra li cng giao tip ISDN BRI trn R2:

R2#show interface bri0

BRI0 is administratively down, line protocol is down
Hardware is BRI
MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec, rely 255/255, load
1/255
...
R2#

V y ta c th xc nh li trn interface BRI l do interface ny ang ch shutdown. Phi

thc hi n l nh no shutdown trn interface Bri0. Bn cnh nguyn nhn trn, cc li c th gy ra
trng thi DEACTIVTE l li v cp. Ta dng cp thng kt ni t cng ISDN BRI v thit b
NT1 ca tng i ISDN.

2. Gn a chi IP cho cng BRI0 v cho phep cng hot ng

R1(config)#int bri0
R1(config-if)#ip address 192.168.200.1 255.255.255.252
R1(config-if)#no shutdown
R1(config-if)#
%LINK-3-UPDOWN: Interface BRI0:1, changed state to down
%LINK-3-UPDOWN: Interface BRI0:2, changed state to down
%LINK-3-UPDOWN: Interface BRI0, changed state to up
R1(config-if)#
%ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 123 changed to
up
R1(config-if)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#

->i vi cc phin bn Cisco IOS trc 12.0 thc hi n t IP cho cng s b thng bo li nh
sau

R1(config)#int bri0
R1(config-if)#ip address 192.168.200.1 255.255.255.252
Bad mask /30 for address 192.168.200.1
R1(config-if)#end
R1#

->Do a ch IP trn l dng IP subnet 0. Phi cho php dng ny hot n g bng l n h ip subnet-
zero trn R1. L nh ny m c nh trn cc phin bn Cisco IOS 12.0 tr ln.

R1(config)#ip subnet-zero
R1(config)#int bri0
R1(config-if)#ip address 192.168.200.1 255.255.255.252
R1(config-if)#no shutdown

Trong m t s trng hp cn phi khai bo s SPID cc pha, nu nh cung cp dich v yu

cu.

R1(config)#int bri0
R1(config-if)#isdn spid1 3442 8993442
R1(config-if)#isdn spid2 3443 8993443
(Khai bao hai s SPID cho hai knh BRI0:1 va BRI0:2)

R2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#ip subnet-zero
R2(config)#int bri0
R2(config-if)#ip address 192.168.200.2 255.255.255.252
R2(config-if)#no shut
R2(config-if)#
%LINK-3-UPDOWN: Interface BRI0:1, changed state to down
%LINK-3-UPDOWN: Interface BRI0:2, changed state to down
%LINK-3-UPDOWN: Interface BRI0, changed state to up
R2(config-if)#
%ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 124 changed to
up
R2(config-if)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#
Lc ny c th kim tra trng thi Layer 2 ca BRI0 trn R2.

R2#show isdn status

The current ISDN Switchtype = basic-ni1
ISDN BRI0 interface
Layer 1 Status:
ACTIVE
Layer 2 Status:
TEI = 126, State = MULTIPLE_FRAME_ESTABLISHED
TEI = 127, State = MULTIPLE_FRAME_ESTABLISHED
Layer 3 Status:
0 Active Layer 3 Call(s)
Activated dsl 0 CCBs = 0
Total Allocated ISDN CCBs = 0
R2#

Khi trng thi lp 2 cho thy kt ni ISDN ca router c cu hnh ng.

3.Xc nh encapsulation ppp trn cc cng

R1(config)#int bri0
R1(config-if)#encapsulation ppp
R1(config-if)#end
R1#
%ISDN-6-LAYER2DOWN: Layer 2 for Interface BRI0, TEI 65 changed to
down
%ISDN-6-LAYER2DOWN: Layer 2 for Interface BR0, TEI 65 changed to
down
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#
%ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 66 changed to up
R1#

R2(config)#int bri0
R2(config-if)#encapsulation ppp
R2(config-if)#end
R2#
%ISDN-6-LAYER2DOWN: Layer 2 for Interface BRI0, TEI 126 changed
to down
%ISDN-6-LAYER2DOWN: Layer 2 for Interface BR0, TEI 126 changed to
down
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#
%ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 67 changed to up
Ch rng khi thay i kiu encapsulation, cng b reset (thng bo hi n ra l Layer 2 thay i
t down sang up). C th thc hi n reset cng giao tip bng l nh clear interface bri0, l nh ny
cn thit trong qu trnh kim v sa li ISDN Layer 2.

R2#clear int bri0

R2#
%ISDN-6-LAYER2DOWN: Layer 2 for Interface BRI0, TEI 68 changed to
down
%ISDN-6-LAYER2DOWN: Layer 2 for Interface BR0, TEI 68 changed to
down
R2#
%ISDN-6-LAYER2UP: Layer 2 for Interface BR0, TEI 69 changed to up
R2#

4.Xc nh kiu d li u se kch hot ng ISDN (interesting traffic) bng cch cu hnh
dialer-list global config mode
Trong lab ny, interesting traffic l mi giao thc IP (dialer-list 1 protocol ip permit), p
dng dialer-list trn cng giao tip BRI0 bng l nh dialer-group

R2(config)#dialer-list 1 protocol ip permit

R2(config)#int bri0
R2(config-if)#dialer-group 1
R2(config-if)#end

Dng lnh dialer map ch ra router u xa, s in thai cn gi, a ch IP ca router u

xa.

R2(config)#int bri0
R2(config-if)#dial map ip 192.168.200.1 name R1 broadcast 8995101
R2(config-if)#end
R2#
Thc hin tng t cho router R1.

Kim tra

Sau khi xc nh s gi, xem li thng tin bng l nh show dialer. L nh ny cung cp cc thng
tin nh s gi, trng thi cu c gi hi n ti, trng thi cu c gi cui, s ln gi thnh cng hay
tht bi ...

R2#show dialer

BRI0 - dialer type = ISDN

Dial String Successes Failures Last called Last status

8358662 0 0 never - Default
0 incoming call(s) have been screened.

BRI0:1 - dialer type = ISDN

Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is idle

BRI0:2 - dialer type = ISDN

Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is idle
R2#

Kch hot kt ni bng cch thc hi n ping trn R2 ti cng giao tip BRI0 ca R1.

R2#ping 192.168.200.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.200.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 32/34/36 ms
R2#
%LINK-3-UPDOWN: Interface BRI0:1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state to up
R2#
%ISDN-6-CONNECT: Interface BRI0:1 is now connected to 8358662
R2#

Thc hi n l nh show dialer trn R2 kim tra li

R2#show dialer

BRI0 - dialer type = ISDN

Dial String Successes Failures Last called Last status
8358662 1 0 00:00:17 successful Default
0 incoming call(s) have been screened.

BRI0:1 - dialer type = ISDN

Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is data link layer up
Dial reason: ip (s=192.168.200.2, d=192.168.200.1)
Time until disconnect 104 secs
Current call connected 00:00:17
Connected to 8358662
BRI0:2 - dialer type = ISDN
Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is idle
R2#

L nh trn hin th m t cu c gi thnh cng, kch hot cu c gi l do gi t 192.168.200.2 ti

192.168.200.1. Trong 104 giy sau s ngt kt ni nu khng c interesting traffic. Lc ny, xem
xt Layer 3 ca BRI v cu c gi thc hi n c bng cc l nh sau:

R2#show isdn status

The current ISDN Switchtype = basic-5ess
ISDN BRI0 interface
Layer 1 Status:
ACTIVE
Layer 2 Status:
TEI = 70, State = MULTIPLE_FRAME_ESTABLISHED
Layer 3 Status:
1 Active Layer 3 Call(s)
Activated dsl 0 CCBs = 1
CCB: callid=0x8003, sapi=0, ces=1, B-chan=1
Total Allocated ISDN CCBs = 1

R2#show isdn active

-------------------------------------------------------------
ISDN ACTIVE CALLS
-------------------------------------------------------------
History Table MaxLength = 100 entries
History Retain Timer = 15 Minutes
-------------------------------------------------------------
Call Calling Called Duration Remote Time until
Type Number Number Seconds Name Disconnect
-------------------------------------------------------------
Out 8358662 Active(23) 277
-------------------------------------------------------------
R2#
__________________
Viet Professionals Co. Ltd. VnPro
---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257 (7 lines)
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support forum: http://vnpro.org
LiveChat : http://www.vnpro.vn/support
Blog VnPro : http://vnpro.org/blog
Forum Wifi : http://wifipro.org

Last edited by tranmyphuc; 25-08-2008 at 10:28 PM.

admin

View Public Profile

Send a private message to admin

Send email to admin

Find all posts by admin

Add admin to Your Contacts

#2
19-03-2008, 09:13 PM
luandat Join Date: Oct 2007
Junior Member Posts: 20
Newbie

Cho em hi bi lab ny lm trn con router model my vy. Em dng 7200, 3600 m vn
khng nh c lnh isdn switch-type basic-ni1 trong c hai ch . Thank

luandat

View Public Profile

Send a private message to luandat

Find all posts by luandat

Add luandat to Your Contacts

#3
19-03-2008, 09:46 PM
Join Date: Oct 2005
dangquangminh Location: HCMC
Super Moderator Posts: 3,722
Brainiac
phn ISDN b ra khi chng trnh CCENT/CCNA. Nu khng c thi gian, bn khng cn
lm lab phn ny.
__________________
ng Quang Minh, CCIE#11897 CCSI#31417
Email: [email protected]

Viet Professionals Co. Ltd. (VnPro)

149/1D Ung Vn Khim P25 Q.Bnh thnh TPHCM
Tel: (08) 35124257 Fax: (08) 35124314
Home :http://www.vnpro.vn
Blog :http://vnpro.org/blog
Support forum :http://vnpro.org
LiveChat :http://vnpro.vn/support

dangquangminh

View Public Profile

Send a private message to dangquangminh

Send email to dangquangminh

Visit dangquangminh's homepage!

Find all posts by dangquangminh

Add dangquangminh to Your Contacts

#4
12-05-2008, 10:56 AM
thaiasiandn Join Date: May 2008
Junior Member Posts: 1
Newbie
xin gip mnh trong tnh hung ny!!!

Quote:

Originally Posted by dangquangminh

phn ISDN b ra khi chng trnh CCENT/CCNA. Nu khng c thi gian, bn khng
cn lm lab phn ny.
mnh bit bn pass CCIE nn rt mong bn cho mnh t kinh nghim cu hnh sau y:
nhn y xin cc bn gip mnh gii quyt tnh hung ny vi.
hin ti cng ty e c 1 con router cisco 1800. vic meeting video conference vi bn ngoi th
qua IP 210.245.xxx.xxx hot ng n nh.(cng ty ang dng Leaseline v ADSL)
hin nay c 1 s khch hng nc ngoi v yu cu bo mt h khng dng Leasline v ADSL
m ch dng ng ISDN.
nn by gi mun hp vi khch hng qua video conference th phi c ng ISDN.
em mun cu hnh ng ISDN chy song song vi IP 203.245.xxx.xxx khi hi ngh trong
nc th nhn IP l OK.
v khi khch hng nc ngoi quay s bng ng ISDN th t ng kt ni vo.
xin cc bn hng dn cho em cch cu hnh, em thanks nhiu.
nu nh mnh thc hin theo cc bc trn th vic kt ni c thng sut ko? v nu mun chy
song song vi IP hin ti khng bit c cn cu hnh thm g khng? rt mong nhn c s
gip .
e: Configuring IPSec RoutertoRouter with NAT Overload and Cisco Secure VPN Client

y l mt cu hnh t CCO (not tested)

1. Yu cu:

- Mt pool cc Ip address gn cho cc VPN clients.

- Mt nhm c tn "3000client" c preshare key l 'cisco123"

2. Cu hnh:

hostname HeadQuater

!-- To enable extended authentication (Xauth) for user authentication,

!-- enable the aaa authentication commands.
!-- "Group local" specifies local user authentication.

username pc1 password cisco123

username 3000clients password cisco123

aaa authentication login userauthen group local

aaa authorization network groupauthor group local

!-- Create an Internet Security Association and

!-- Key Management Protocol (ISAKMP) policy for Phase 1 negotiations.

crypto isakmp policy 3

encr des
authentication pre-share
group 2
!-- Create the Phase 2 policy for actual data encryption.
crypto ipsec transform-set myset esp-des esp-sha-hmac
!
!-- Create a dynamic map and
!-- apply the transform set that was created above.

crypto dynamic-map dynmap 10

set transform-set myset
!
!-- Create the actual crypto map,
!-- and apply the AAA lists that were created earlier.
!--- Create a group that will be used to specify the WINS, DNS servers' address
!--- to the client, along with the pre-shared key for authentication.

crypto isakmp client configuration group 3000client

key cisco123
dns 192.168.100.100
wins 192.168.100.100
domain cisco.com
pool ippool

crypto map clientmap client authentication list userauthen

crypto map clientmap isakmp authorization list groupauthor
crypto map clientmap client configuration address respond
crypto map clientmap 10 ipsec-isakmp dynamic dynmap

interface serial0/0
ip address 10.64.10.44 255.255.255.0
crypto map clientmap

!-- Create a pool of addresses to be assigned to the VPN Clients.

ip local pool ippool 192.168.100.150 192.168.100.200

ip route 0.0.0.0 0.0.0.0 10.64.10.43
!

Minh
__________________
ng Quang Minh, CCIE#11897 CCSI#31417
Email: [email protected]

Viet Professionals Co. Ltd. (VnPro)

149/1D Ung Vn Khim P25 Q.Bnh thnh TPHCM
Tel: (08) 35124257 Fax: (08) 35124314
Home :http://www.vnpro.vn
Blog :http://vnpro.org/blog
Support forum :http://vnpro.org
LiveChat :http://vnpro.vn/support

Cho mi ngi,

Vi cu hnh anh Minh ni trn th VPN Client login vi username : 3000client password :
cisco123.
M hnh nh phi thm :
set peer 10.64.10.45
match address 100
access-list 100 permit ip 192.168.100.0 0.0.0.255 192.168.200.0 0.0.0.255

Thn.

#5
09-10-2003, 02:43 PM
Guest Posts: n/a

y l cu hnh cho Branch Office

hostname branch

!--To ISAKMP policy

crypto isakmp policy 10
hash md5
authentication pre-share
crypto isakmp key cisco123 address 10.64.10.44
crypto ipsec transform-set myset esp-des esp-md5-hmac
crypto map mymap 10 ipsec-isakmp
set peer 10.64.10.44
set transform-set myset
match address 100

interface s0/0
ip address 10.64.10.45 255.255.255.0
crypto map mymap

access-list 100 permit ip 192.168.100.0 0.0.0.255 192.168.200.0 0.0.0.255

Thn.

#6
11-10-2003, 08:42 AM
Guest Posts: n/a
Re: Configuring IPSec RoutertoRouter with NAT Overload and Cisco Secure VPN
Client

Cho mi ngi,

M hnh trn c thay i mt cht cho ging vi thc t !!!

Xin cm n.

#7
11-10-2003, 08:59 AM
Guest Posts: n/a
Re: Configuring IPSec RoutertoRouter with NAT Overload and Cisco Secure VPN
Client

Cho mi ngi,

Di y l cu hnh c test chy tt vi site-to-site transport mode.

Nhng vn cn problem vi vpn client remote access !!!
Xin cc s huynh ch gip.

Cau hinh host Headquarter

hostname hq
!
!
username cisco123 password 0 cisco123
username 123cisco password 0 123cisco
!
crypto isakmp policy 5
hash md5
authentication pre-share
crypto isakmp key cisco123 address 10.64.20.45
crypto isakmp key 123cisco address 0.0.0.0
crypto isakmp client configuration address-pool local test-pool
!
!
crypto ipsec transform-set testset esp-des esp-md5-hmac
mode transport
!
crypto dynamic-map test-dynamic 10
set transform-set testset
!
crypto map test client configuration address initiate
crypto map test client configuration address respond
!
crypto map test 5 ipsec-isakmp
set peer 10.64.20.45
set transform-set testset
match address 115
!
crypto map test 10 ipsec-isakmp dynamic test-dynamic
!
interface FastEthernet0/0
ip address 192.168.100.1 255.255.255.0
no ip directed-broadcast
ip nat inside
duplex auto
speed auto
!
interface Serial0/0
ip address 10.64.10.44 255.255.255.0
no ip directed-broadcast
ip nat outside
no fair-queue
crypto map test
!
ip local pool test-pool 192.168.1.1 192.168.1.254
ip nat inside source route-map nonat interface Serial0/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 10.64.10.43
ip http server
!
access-list 110 deny ip 192.168.100.0 0.0.0.255 192.168.200.0 0.0.0.255
access-list 110 deny ip 192.168.100.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 110 permit ip 192.168.100.0 0.0.0.255 any
access-list 115 deny ip any 192.168.100.0 0.0.0.255
access-list 115 permit ip any any
!
route-map nonat permit 10
match ip address 110

Cau hinh host Internet

hostname Internet
!
ip subnet-zero
no ip domain-lookup
!
interface Ethernet0
ip address 192.168.1.1 255.255.255.0
interface Serial0
ip address 10.64.20.42 255.255.255.0
no fair-queue
clockrate 64000
!
interface Serial1
ip address 10.64.10.43 255.255.255.0
clockrate 64000
!
ip classless
ip route 10.64.10.0 255.255.255.0 Serial1
ip route 10.64.20.0 255.255.255.0 Serial0
no ip http server

Cau hinh host Branch

hostname Branch
!
!
ip subnet-zero
!
!
crypto isakmp policy 5
hash md5
authentication pre-share
crypto isakmp key cisco123 address 10.64.10.44
!
!
crypto ipsec transform-set testset esp-des esp-md5-hmac
mode transport
!
crypto map test 5 ipsec-isakmp
set peer 10.64.10.44
set transform-set testset
match address 115
!
!
!
interface Ethernet0
ip address 192.168.200.1 255.255.255.0
no ip directed-broadcast
ip nat inside
!
interface Serial0
ip address 10.64.20.45 255.255.255.0
no ip directed-broadcast
ip nat outside
crypto map test
!
ip nat inside source route-map nonat interface Serial0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 10.64.20.42
!
access-list 110 deny ip 192.168.200.0 0.0.0.255 192.168.100.0 0.0.0.255
access-list 115 deny ip any 192.168.200.0 0.0.0.255
access-list 115 permit ip any any
route-map nonat permit 10
match ip address 110

#8
10-08-2009, 12:02 AM
ogryffgo Join Date: Oct 2008
Junior Member Posts: 2
Newbie

Anh Minh i, cho em hi mt cht .

Gia 2 ci dynmap phn di n c lin quan g vi nhau khng . V ngoi cch cu hnh
dynamic-map th c th c cch khc khng h anh.
Thanks anh ^_^!
Quote:

crypto dynamic-map dynmap 10

set transform-set myset
!
!-- Create the actual crypto map,
!-- and apply the AAA lists that were created earlier.
!--- Create a group that will be used to specify the WINS, DNS servers' address
!--- to the client, along with the pre-shared key for authentication.

crypto isakmp client configuration group 3000client

key cisco123
dns 192.168.100.100
wins 192.168.100.100
domain cisco.com
pool ippool

crypto map clientmap client authentication list userauthen

crypto map clientmap isakmp authorization list groupauthor
crypto map clientmap client configuration address respond
crypto map clientmap 10 ipsec-isakmp dynamic dynmap

ho c nh,

Cng ty mnh c 1 ng ADSL ca Viettel, chy modem ca Viettel th rt ok, nhng nay c 1
thay i l mnh cn phi ocnfig modem sang ch bridge, v dng router Cisco lm PPPoE
Client.

Mnh config thnh cng. Nhng c iu cc trang web VN th i web rt nhanh, nhng cc
trang web nc ngoi th rt ch m (yahoo, microsoft, ...) v hu nh l khng kt ni c lun.
Mnh th config 1 PC trong mng lm PPPoE Client th ok, trang no cng ok.

V y cho mnh hi l problem nm u v y? Mnh config c sai g khng? Mi ngi xem cu

hnh v help mnh vi nh. Thanks

ip cef
!
vpdn enable
!
interface fastEthernet0/0
ip address 192.168.3.1 255.255.255.0
ip nat inside
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
!
interface Dialer0
ip mtu 1492
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
ppp authentication pap callin
dialer pool 1
dialer-group 1
no cdp enable
ppp pap sent-username <username> password <password>
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip nat inside source list 1 interface Dialer0 overload
!
access-list 1 permit 192.168.3.0 0.0.0.255
dialer-list 1 protocol ip permit
!
end

hungpham

View Public Profile

Send a private message to hungpham

Find all posts by hungpham

Add hungpham to Your Contacts

#2
29-06-2008, 08:16 PM
Mr.LeVy Join Date: Jun 2008
Member Location: Ho Chi Minh
Member Posts: 97
Ci ny ging tay khng bt git qu bc i. Em mn php a ra cht kin gip bc.

Nu PC lm PPPoE ok, th vn nm trn Router ri nhng theo nhng g bc ni th c l

configuration ca Router ok ri vy bc kim tra li cc interface xem thy packet error ko?

Sau , tnh hnh sng sa hn, em ngh bc install Ethereal (Wireshark) trn PC
capture traffic quc t ri phn tch n. C khi lin quan n DNS timeout, hay router drop ACK
... Ni chung phi lm vy ci ri tnh tip. Nu cn bc post nguyn d liu phn tch lin
quan n yahoo.com ln y, em gip bc chi n. Ok
__________________
> Ping CCNA
Sending to CISCO.....Please wait.....

Mr.LeVy

View Public Profile

Send a private message to Mr.LeVy

Find all posts by Mr.LeVy

Add Mr.LeVy to Your Contacts

#3
30-06-2008, 12:11 AM
Join Date: Oct 2005
dangquangminh Location: HCMC
Super Moderator Posts: 3,722
Brainiac

Quote:

Originally Posted by hungpham

Cho c nh,

Cng ty mnh c 1 ng ADSL ca Viettel, chy modem ca Viettel th rt ok, nhng nay c 1
thay i l mnh cn phi ocnfig modem sang ch bridge, v dung router Cisco lm PPPoE
Client.

Mnh config thnh cng. Nhng c iu cc trang web VN th i web rt nhanh, nhng
cc trang web nc ngoi th rt ch m (yahoo, microsoft, ...) v hu nh l khng kt ni
c lun. Mnh th config 1 PC trong mng lm PPPoE Client th ok, trang no cng ok.

V y cho mnh hi l problem nm u v y? Mnh config c sai g khng? Moi ngi xem
cu hnh v help mnh vi nh. Thanks

ip cef
!
vpdn enable
!
interface fastEthernet0/0
ip address 192.168.3.1 255.255.255.0
ip nat inside
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
!
interface Dialer0
ip mtu 1492
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
ppp authentication pap callin
dialer pool 1
dialer-group 1
no cdp enable
ppp pap sent-username <username> password <password>
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip nat inside source list 1 interface Dialer0 overload
!
access-list 1 permit 192.168.3.0 0.0.0.255
dialer-list 1 protocol ip permit
!
end

vo interface dialer 0, thm vo lnh ny:

ip tcp adjust-mss 1400

xem thm v lnh y:
Code:
http://www.cisco.com/en/US/docs/ios/12_2t/12_2t4/feature/guide/ft_admss.html

__________________
ng Quang Minh, CCIE#11897 CCSI#31417
Email: [email protected]

Viet Professionals Co. Ltd. (VnPro)

149/1D Ung Vn Khim P25 Q.Bnh thnh TPHCM
Tel: (08) 35124257 Fax: (08) 35124314
Home :http://www.vnpro.vn
Blog :http://vnpro.org/blog
Support forum :http://vnpro.org
LiveChat :http://vnpro.vn/support

dangquangminh

View Public Profile

Send a private message to dangquangminh

Send email to dangquangminh

Visit dangquangminh's homepage!

Find all posts by dangquangminh

Add dangquangminh to Your Contacts

#4
10-07-2008, 05:14 PM
thanhnam0707 Join Date: Sep 2005
Senior Member Posts: 216
Professionals

nu em sa thnh ip tcp adjust-mss 1460 c c ko thy?

__________________
Hugo
thanhnam0707

View Public Profile

Find all posts by thanhnam0707

Add thanhnam0707 to Your Contacts

#5
11-07-2008, 08:00 PM
Join Date: Oct 2005
dangquangminh Location: HCMC
Super Moderator Posts: 3,722
Brainiac

c. Nhng nu em chnh kch thc segment size ca TCP nh qu th s phi tn nhiu gi

tin IP truyn data i.
__________________
ng Quang Minh, CCIE#11897 CCSI#31417
Email: [email protected]

Viet Professionals Co. Ltd. (VnPro)

149/1D Ung Vn Khim P25 Q.Bnh thnh TPHCM
Tel: (08) 35124257 Fax: (08) 35124314
Home :http://www.vnpro.vn
Blog :http://vnpro.org/blog
Support forum :http://vnpro.org
LiveChat :http://vnpro.vn/support

dangquangminh

View Public Profile

Send a private message to dangquangminh

Send email to dangquangminh

Visit dangquangminh's homepage!

Find all posts by dangquangminh

 Add dangquangminh to Your Contacts

#6
14-07-2008, 10:10 AM
thanhnam0707 Join Date: Sep 2005
Senior Member Posts: 216
Professionals

thay cho em hoi,

hien trong Lan em c dung Router 1841 lm access-list permit traffic qua lai,nhung ko biet sao
ma symantec no update ko duoc,ko biet co can permit cac ip server cua symantec ko thay,em co
dung ip tcp adjust-mss 1460 nhung van ko duoc,

thanks,
mo hinh: Lan--R1841---Leaseline---internet
__________________
Hugo

thanhnam0707

View Public Profile

Find all posts by thanhnam0707

Add thanhnam0707 to Your Contacts

#7
14-07-2008, 10:14 AM
Join Date: Oct 2005
dangquangminh Location: HCMC
Super Moderator Posts: 3,722
Brainiac

con router 1841 c Access List nhng c bt chc nng CBAC (IOS firewall) khng?
__________________
ng Quang Minh, CCIE#11897 CCSI#31417
Email: [email protected]

Viet Professionals Co. Ltd. (VnPro)

149/1D Ung Vn Khim P25 Q.Bnh thnh TPHCM
Tel: (08) 35124257 Fax: (08) 35124314
Home :http://www.vnpro.vn
Blog :http://vnpro.org/blog
Support forum :http://vnpro.org
LiveChat :http://vnpro.vn/support

dangquangminh

View Public Profile

Send a private message to dangquangminh

Send email to dangquangminh

Visit dangquangminh's homepage!

Find all posts by dangquangminh

Add dangquangminh to Your Contacts

#8
14-07-2008, 10:31 AM
thanhnam0707 Join Date: Sep 2005
Senior Member Posts: 216
Professionals

tc l IOS ang chy c phi l IOS firewall ko h thy,vd : IPadvance...K9

__________________
Hugo

thanhnam0707

View Public Profile

Find all posts by thanhnam0707

Add thanhnam0707 to Your Contacts

#9
14-07-2008, 10:42 AM
thanhnam0707 Join Date: Sep 2005
Senior Member Posts: 216
Professionals

em mi check li,hin ti Router ko xi chc nng Firewall thy,

__________________
Qun ly Port Swicht v Sercurity (Sercurity With Sw)

Qun ly Port Swicht v Sercurity

( SVTT Trn Minh Tn - Nguyn Quc Ng )

1 Qun ly Port

1.1 Tnh d b tn thng

Mt h iu hnh ca Switch Cisco c qun l port, dy Console(line con 0) m n cung cp s

truy xut trc tip n Switch cho s qun tr. Nu s qun l port c ci t qu lng lo th
Switch c th b nh hng bi cc cuc tn cng.V chi tit v tnh d b tn thng ca vic
qun l Port bao gm nhng phn sau y:

Mt Switch vi 1 management port s dng ti khon user mc nh cho php k tn cng c

gng to kt ni s dng 1 hoc nhiu ti khon mc nh c bit n(administrator, root,
security)
Nu 1 Switch c 1 management port m khng ci password, password mc nh hay password
yu, khi 1 k tn cng c th on c pass hay crack chng v ly hoc thay i thng tin
trn Switch. Cng vy vic ci cng password trn nhiu Switch cung cp 1 im n ca s
hng hc. K tn cng, ngi m tha hip c 1 Switch s tha hip c vi cc Switch cn
li. Cui cng vic ci t cng 1 password cho c management port v nhng ci t khc trn
Switch cho php s tha hip tim tng bi v password c ci t dng Plaintext c th b
thu thp trong 1 mng m c ngi phn tch mng. K tn cng ngi m thu thp c
password telnet t traffic mng c th truy cp vo management port ca Switch lc khc.

Nu mt kt ni n Switch s dng management port m khng ci t thi gian Timeout hoc

ci t khong thi gian Timeout ln (ln hn 9 pht), khi kt ni s sn sang cho 1 k tn
cng hack chng.
Mt Banner a ra ghi ch cho bt k ngi no kt ni n Switch m n th c chng thc
v s b theo di cho bt k hnh ng no.To n s b qua trng hp chng li ngi m tn
cng vo mt h thong khng c Banner cnh bo.

1.2 Gii php

Hu ht phng php bo m cho vic qun tr Switch th nm ngoi vic qun l nhm.
Phng php ny khng trn ln vic qun l traffic vi vic thao tc traffic.Vic qun l ngoi
nhm s dng dnh cho nhng h thng v truyn thng. S 1 ch ra 1 dy Serial kt ni n
Server v chia vic qun l cc my tnh ngoi cng Console kt ni n cc port ca Switch..
Gii php ny th cho nhiu chc nng qun l. Tuy nhin Network-based, ngoi vic truy
xut thch hp cho nhng chc nng chnh xc(cp nht IOS), n cn bao gm vic s dng
Virtual Local Area Network (VLAN) v c miu t trong gii php cho VLAN 1 trong phn
Virtual Local Area Networks

Gii php sau y s lm gim tnh d bi tn thng khi s dng dy Console trn mi Switch:
Ci t mt ti khon duy nht cho mi nh qun tr khi truy xut bng dy Console. Lnh sau
ch ra 1 v d v vic to 1 ti khon cp privilged v ci t cp privilege thnh mc nh(0)
cho dy Console . cp privileged 0 l cp thp nht ca Switch Cisco v cho php ci t rt t
lnh. Ngi qun tr c th lm tng cp privileged ln 15 bng cu lnh enable. Cng vy, ti
khon ny cng c th c truy xut t dy virtual terminal.

Switch(config)# username ljones privilege 0

Switch(config)# line con 0
Switch(config-line)# privilege level 0

S dng nhng dng hng dn sau to password an ton: password t nht l 8 k t; khng
l nhng t c bn; v thm vo t nht 1 k t c bit hay s nh:!@#$%^&*()|+_...; thay i
password t nht l 3 thng 1 ln. S dng

Switch(config)# username ljones secret g00d-P5WD

Switch(config)# line con 0
Switch(config-line)# login local

2.Port Security

2.1 Tnh d b tn thng

Nhng interface lp 2 ca Cisco c hiu nh l cc Port. Mt Switch m khng cung cp kh

nng bo v Port, th cho php k tn cng tn cng vo h thng khng dng n, enable Port,
thu thp thng tin hoc tn cng. Mt Switch c th cu hnh hot ng ging nh Hub. iu
c ngha l mi h thng kt ni n Switch m cch tim tng c th thy tt c cc traffic di
chuyn qua Switch ti cc h thng kt ni n Switch. Nh vy 1 k tn cng c th thu thp
traffic cha ng cc thng tin nh: Username, Passord, nhng thng tin cu hnh v h thng
trn mng

2.2 Gii Php

Port Security gii hn s lng ca da ch MAC hp l c cho php trn Port. Tt c nhng
port trn Switch hoc nhng interface nn c m bo trc khi trin khai.Theo cch ny,
nhng t tnh c ci t hoc g b nh l nhng yu cu thm vo hoc lm di thm
nhng t tnh 1 cch ngu nhin hoc l nhng kt qu bo mt vn d c sn.
Nn nh rng Port Security khng s dng cho nhng Port access ng hoc port ch cho ngi
phn tch Switch Port. V cho n khi Port security bt tnh nng Port trn Switch nhiu
nht c th.
V d sau cho thy dng lnh shutdonw mt interface hoc mt mng cc interface:
Single interface:
Switch(config)# interface fastethernet 0/1
Switch(config-if)# shutdown

Range of interfaces:

Switch(config)# interface range fastethernet 0/2 - 8

Switch(config-if-range)# shutdown

Port Security c kh nng lm thay i s ph thuc trn ch Switch v phin bn IOS. Mi

Port hot ng c th b hn ch bi s lng ti a a ch MAC vi hnh dng la chn cho
bt k s vi phm no. Nhng vi phm ny c th lm drop gi tin ( violation protect ) hoc drop
v gi thng ip (restrict or action trap) hoc shutdown port hon ton( violation shutdown or
action shutdown). Shutdown l trng thi mc nh , m bo hu ht protect v restrict c hai
u yu cu theo di a ch MAC m n c quan st v ph hu ti nguyn x l hn l
shutdown. a ch MAC c thu thp mt cch t ng vi vi Switch h tr Entry tnh v

Sticky Entry. Entry tnh th c cu hnh bng tay thm vo trn mi port (e.g., switchport
port-security mac- address mac- address) v c lu li trong file cu hnh.. Sticky Entry c
xem nh l Entry tnh, ngoi n c hc mt cch t ng . Nhng Entry ng tn ti c
chuyn sang Sticky Entry sau khi s dng cu lnh (switchport port-security mac- address
Stickey). Nhng Entry ng c c lu li trong file cu hnh (switchport port-security mac-
address Stickey mac- address) n u file c u h nh d c lu v chy th a ch MAC kh ng c
n h c l i l n n acho vi c restart l n sau. V c ng v y m t s l ng t i a a ch
MAC c th c c i t b ng c u l nh sau(e.g.,switchport port-security maximun value) .
Ngi qun tr c th bt tnh nng cu hnh a ch MAC tnh trn cc port bng cch s dng
cu lnh switchport port-security aging static. Lnh aging time (e.g., switchport port-security
aging time time) c th t di dng pht. ng thi dng lnh aging c th t cho s khng
hot ng (e.g., switchport port-security aging type inactivity), iu ny c ngha l tui cc
a ch c cu hnh trn port ngoi nu khng c d liu lu thng t nhng a ch ny
cho khai bo tng phn bng dng lnh aging time. t tnh ny cho php tip tc truy cp n
s lng nhng da ch gii hn .
V d:
+ Nhng dng lnh sau dng gii hn tnh mt cng trn Catalyst Switch 3550.

Switch(config-if)# switchport port-security

Switch(config-if)# switchport port-security violation shutdown
Switch(config-if)# switchport port-security maximum 1
Switch(config-if)# switchport port-security mac-address 0000.0200.0088
Switch(config-if)# switchport port-security aging time 10
Switch(config-if)# switchport port-security aging type inactivity

+ Nhng dng lnh sau gii hn ng mt cng trn Catalyst Switch 3550. Ch nhng dng
lnh aging khng c s dng vi nhng a ch sticky MAC.

Switch(config-if)# switchport port-security

Switch(config-if)# switchport port-security violation shutdown
Switch(config-if)# switchport port-security maximum 1
Switch(config-if)# switchport port-security mac-address sticky

Ch khi c s vi phm port security xy ra th ngay lp tc n s tr thnh trng thi error-

disable v n LED s tt. Switch cng s gi mt thng ip SNMP trap, logs (syslog) v lm
tng ln s phn i ca xm nhp. Khi mt port o trng thi error-disable, ngi qun tr c th
a n ra khi trng thi ny bng cch s dng dng lnh ch ton cc errdisable recovery
cause psecure-violation hoc dng lnh shutdown v no shutdown trn cng c cu hnh.

C mt s vn quan trng pht sinh khi cu hnh port security trn port kt ni n mt IP
phone. Mt d port security khng c s dng trn Trunk port, a ch MAC phn i vic
xem xt viec gn VLAN ca gi tin n. Cng IP phone gi gi tin ra 2 Vlan s c 2 bng entries
c chia ra trong bng MAC v th n s m 2 ln ln n maximum MAC.
Khi IP Phone c th s dng 2 gi tin khng c gn vo (untagged, e.g., Layer 2 CDP protocol
) v gi tin Voice Vlan c gn(tagged); a ch MAC ca IP Phone s c thy trn c 2 native
VLAN v Voice VLAN. V vy n s c m 2 ln. Vic t ti a a ch MAC cho 1 port kt
ni n 1 IP Phone cho trng hp nhiu my tnh tn cng vo IP Phone. Nhng my tnh
truyn hp l s dng nhiu a ch MAC phi c cu hnh tnh ton.
Mt kh nng mi bo m cho nhng port ca Switch nhanh hn v thch hp hn l
macros. Macros cho php nhm nhng port sn sng m nhng lnh c chp nhn bng
cu hnh tay. Bt k dng lnh no c thm vo bng vic s dng k t # ti u mi dng
lnh v kt thc bi k t@.
The following example creates a strict security macro called unused to secure the ports, or
interfaces, on
a 3550 switch
V d sau y to ra s ngn cn security macro gi l unused bo m trn nhng port hoc
trn nhng interface trn Switch 3550.

Switch(config)# macro name unused

macro description unused
shutdown
description *** UNUSED Port ***
no ip address switchport
# Set secure defaults for access mode switchport mode access
switchport access vlan 999
switchport nonegotiate
# Set secure defaults for trunking mode switchport trunk encapsulation dot1q switchport trunk
native vlan 999 switchport trunk allowed vlan none
# Only learn source MAC addresses switchport block multicast switchport block unicast
# Enable MAC control and set secure options
switchport port-security
switchport port-security maximum 1
switchport port-security aging time 10
switchport port-security aging type inactivity
# Apply any switch-wide access-lists
ip access-group ip-device-list in
mac access-group mac-device-list in
# Set secure defaults for misc. flags and protocols mls qos cos override
dot1x port-control force-unauthenticated
storm-control broadcast level 0.00 storm-control multicast level 0.00 storm-control unicast level
0.00
no cdp enable
# Default Spanning-tree to secure host settings spanning-tree portfast
spanning-tree bpdufilter enable spanning-tree bpduguard enable spanning-tree guard root
@

Sau khi to s gn cm security macro, unused, p t macro trn tt c cc port ca Switch nh

s bo m ranh gii vi cc dng lnh sau.

Switch(config)# interface range fasteth0/1 24 , giga0/1 2

Switch(config-if-range)# macro apply unused
Sau khi macros c xy dng tnh bo m da trn unused macro c thit lp bt tnh
nng bo mt d h tr tt c cc h thng theo mong i..
Switch(config)# macro name host
# Apply macro 'unused' first!
macro description host
# Set the port for a PC host
dot1x port-control auto
no storm-control broadcast level no storm-control multicast level no storm-control unicast level
no shutdown
# The following are recommended port specific commands
#description Host <10.1.10.3>
#switchport access vlan <10>
#switchport trunk native vlan <10>
@

Switch(config)# macro name ipphone

# Apply macro 'unused' first!
macro description ipphone
#
# Set the port for an ipphone without attached PC host switchport port-security maximum 2
no mls qos cos override
mls qos trust device cisco-phone
mls qos trust dscp
no storm-control broadcast level no storm-control multicast level no storm-control unicast level
cdp enable
no shutdown
#
# The following are recommended port specific commands
#description IP PHONE <x1013>
#switchport voice vlan <101>
@
Switch(config)# macro name ipphone-host
# Apply macro 'unused' first!
macro description ipphone & host
#
# Set the port for an ipphone with attached PC host switchport port-security maximum 3
no mls qos cos override
mls qos trust device cisco-phone
mls qos trust dscp
dot1x port-control auto
no storm-control broadcast level no storm-control multicast level no storm-control unicast level
cdp enable
no shutdown
#
# The following are recommended port specific commands
#description IP PHONE <x1014> & HOST <10.1.20.5>
#switchport access vlan <20>
#switchport trunk native vlan <20>
#switchport voice vlan <101>
@

Vic chp nhn nhng macros s ch lm thay i n tnh bo m nhng bin c yu cu

cho nhng port h tr hon ton nhng h thng thch hp.
V d sau ch ra lm th no dng cc macro ln trc cu hnh cho nhng port access ca
nhng Switch t nhng m hnh v d cho mi h thng nh: Host, Ip Phone v IP Phone vi
mt cuc tn cng host.
Host:

Switch(config)# interface fa0/1

Switch(config-if)# macro apply host
Switch(config-if)# description Host 10.1.10.3
Switch(config-if)# switchport access vlan 10
Switch(config-if)# switchport trunk native vlan 10
Switch(config-if)# exit

IP phone:

Switch(config)# interface range fa0/2 - 4

Switch(config-if-range)# macro apply ipphone
Switch(config-if-range)# switchport voice vlan 101
Switch(config-if-range)# exit
Switch(config)# interface fa0/2
Switch(config-if)# description IP PHONE x1011
Switch(config)# interface fa0/3
Switch(config)# description IP PHONE x1012
Switch(config)# interface fa0/4
Switch(config-if)# description IP PHONE x1013
Switch(config-if)# exit

IP phone with an attached host:

Switch(config)# interface fa0/5

Switch(config-if)# macro apply ipphone-host
Switch(config-if)# description IP PHONE x1014 & Host 10.1.20.5
Switch(config-if)# switchport access vlan 20
Switch(config-if)# switchport trunk native vlan 20
Switch(config-if)# switchport voice vlan 101
Switch(config-if)# exit

Ngi qun tr c th s dng cu lnh macro trace thay th cho cu lnh macro apply bi v
cu lnh macro trace c th xc nh debugging ca macros. Thng xuyn s dng show parser
macro description bit macro cui cng c p ln mi port.
Cui cng a ch MAC tnh v port security p trn mi port ca Switch c th tr thnh gnh
nng cho ngi qun tr. Port Access Control List (PACLs) c th cung cp kh nng bo mt
tng t nh a ch MAC tnh v port security v PACLs cng cung cp nhiu tnh nng linh
ng v iu khin.vic cho php a ch MAC v a ch IP c th c chia v dc xem xt t
pha ca mt Switch m rng. Tham chiu n phn ALCs bit thm chi tit.
tip: lm sao cu hnh nhanh hn

Hi,

khi bt tay vo thc hnh LAB th thi gian cu hnh l m t iu kh quan trng. Bn cu
hnh nhanh th mi c nhiu thi gian cho nhng vn rc ri khc trong cc thi (nh thi final
CCNA, real CCNA, CCNP, CCIE...)
Chip post m t s tip nh gip cc bn t p lm quen vi cc script, to thi quen tt khi lm
LAB, hy vng s gip cc bn khng nhng trong lm LAB m cn trong cng tc khc.

A. Xa cu hnh c trc khi bt u bi lab mi

erase startup-config

B. To thi quen cu hnh y :

- Hostname
- Enable Password
- Telnet, password cho telnet
- Cu hnh interfaces: IP, encapsulation, clockrate (nu DCE), description (gip d
troubleshooting)

C. Lu cu hnh
copy run start

D. Dng Show, Debug kim tra, xem cch hat ng v xt li.

....

1. Dng Script
Vi nhng ngi mi bt u hc CCNA cc bc trn nn thc hi n bng l nh quen vi
l nh cml Cisco IOS.
Vi cc bn thc hnh nhiu, nn to ra cc script nh sau:

Quote:

configure terminal
enable secret class
ip subnet-zero
ip http server
no ip domain-lookup
!
line console 0
transport input none
password cisco
login
logging synchronous
!
line aux 0
password cisco
!
line vty 0 4
password cisco
login
!
end
!
copy run start
sau lu thnh 1 file v d nh: start.txt

thao tc nhanh cc bn c th copy & paste t files ny ho c dng menu Transfer/Receive ca

SercureCRT (/Hyper Terminal) (dng SercureCRT s ti n hn do c nhiu chc nng h tr
hn).

2. Dng Copy & Paste

ngai cch trn, trong khi cu hnh, copy & paste cn rt hi u qu, v d: khi cu hnh routing,
bn cho chy RIP:
Quote:

router rip
network 192.168.1.0
network 192.168.2.0
network 192.168.3.0
network 192.168.4.0
network 192.168.5.0
by gi bn mun dng IGRP thay cho RIP, thng thng bn phi dng l nh no b tng
dng l nh m t.
cch sau s nhanh hn:

3. Dng NotePad
show run
dng chu t copy an routing ca RIP, chp vo NodePad, edit li nh sau v copy & paste vo
router
Quote:

no router rip
router igrp 100
network 192.168.1.0
network 192.168.2.0
network 192.168.3.0
network 192.168.4.0
network 192.168.5.0
rt nhanh phi khng cc bn, hy th i :wink:
NodePad gip lm mi trng trung gian, ngai ra bn c th t n dng NodePad lu li cu
hnh khi show run, nghin cu hat ng ca m t giao thc no , xt li debug, hay l chia s
cho bn b trn forum nh vi vit ny (cng dng NodePad khi LAB)

cc bn c tips no hay na cng tho lu n nh!

Thn,
__________________
Hunh Ch i

chipchipzzz

View Public Profile

Send a private message to chipchipzzz

Find all posts by chipchipzzz

Add chipchipzzz to Your Contacts

#2
09-04-2006, 12:05 PM
Join Date: Feb 2006
phuclv Location: Ho Chi Minh
Member Posts: 49
Newbie

Cau hnh nhanh

Mnh xin b sung thm mt cht

KHi lm bng Console th nn khai bo thm

line con 0
logging synchronous
CCNP Switching: Lab v dot1q Tunneling (rt di)

M hnh

IEEE dot1q tunneling l mt c ch cho php mang nhiu VLAN ca khch hng trong mt
tunnel. Trong hnh trn, khch hng X c hai mng b phn chia bi mt service provider. Switch
1 ca khch hng X s c mt kt ni trunking n mng ca service providers. Mng ca SP s
to ra mt tunnel mang tt c cc thng tin VLAN sang u kia ca tunnel. Cc VLAN hai
switch ca khch hng X s c th thy nhau nh th c trunking trc tip.
T tri sang phi:
Switch I ca khch hng X: dng catalyst 2950
Switch I ca nh cung cp dch v: dng Catalyst 3550
Switch II ca nh cung cp dch v: dng Catalyst 3550
Switch II ca khch hng X: dng Catalyst 2912

I. Switch I ca khch hng X:

SHOW RUN
Building configuration...

Current configuration:
!
version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
ip subnet-zero
!
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet0/3
switchport access vlan 7
!
interface FastEthernet0/4
switchport access vlan 10
!
interface FastEthernet0/5
switchport access vlan 10
!
interface FastEthernet0/6
switchport access vlan 10
!
interface FastEthernet0/7
switchport access vlan 10
!
interface FastEthernet0/8
switchport access vlan 10
!
interface FastEthernet0/9
switchport access vlan 10
!
interface FastEthernet0/10
switchport access vlan 10
!
interface FastEthernet0/11
switchport access vlan 10
!
interface FastEthernet0/12
switchport access vlan 10
!
interface VLAN1
ip address 10.1.2.1 255.255.255.0
no ip directed-broadcast
no ip route-cache
!
line con 0
transport input none
stopbits 1
line vty 0 4
login
line vty 5 15
login
!
end

Trn switch 1, cc VLAN sau y c chia. Dng lnh show vlan kim tra:

Switch#show vlan

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------
1 default active Fa0/2
7 VLAN0007 active Fa0/3
10 VLAN0010 active Fa0/4, Fa0/5, Fa0/6, Fa0/7,
Fa0/8, Fa0/9, Fa0/10, Fa0/11,
Fa0/12
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 1002 1003
7 enet 100007 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 1 1003
1003 tr 101003 1500 1005 0 - - srb 1 1002
1004 fdnet 101004 1500 - - 1 ibm - 0 0
1005 trnet 101005 1500 - - 1 ibm - 0 0

Kim tra trng thi ca port f0/1 ca switch:

Switch#show int f0/1 switchport

Name: Fa0/1
Switchport: Enabled
Administrative mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: Disabled
Access Mode VLAN: 0 ((Inactive))
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: ALL
Trunking VLANs Active: 1,7,10
Pruning VLANs Enabled: 2-1001

Priority for untagged frames: 0

Override vlan tag priority: FALSE
Voice VLAN: none
Appliance trust: none

Port f0/1 ca switch c cu hnh nh trunking mode bnh thng. Switch I ca khch hng X
khng bit l ang c trunk vi mt switch ca service provider.

Switch#

Sau khi hon tt cu hnh, dng lnh show cdp neighbor. im c o l switch ca khch hng
X ch thy switch ca khch hng X bn kia. CDP khng pht hin c Catalyst switch ca
providers.

Switch#show cdp ne
Switch#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater

Device ID Local Intrfce Holdtme Capability Platform Port ID

Switch Fas 0/1 135 S I WS-C2950-2Fas 0/1
Switch#show cdp neighbors detail
-------------------------
Device ID: Switch
Entry address(es):
IP address: 10.1.2.6
Platform: cisco WS-C2950-24, Capabilities: Switch IGMP
Interface: FastEthernet0/1, Port ID (outgoing port): FastEthernet0/1
Holdtime : 130 sec

Version :
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(14)EA1a, RELEASE SOFTWARE
(fc1)
Copyright (c) 1986-2003 by cisco Systems, Inc.
Compiled Tue 02-Sep-03 03:33 by antonino

advertisement version: 2
Protocol Hello: OUI=0x00000C, Protocol ID=0x0112; payload len=27,
value=00000000FFFFFFFF010221FF000000000000000F239D C640FF0000
VTP Management Domain: 'a'
Native VLAN: 1
Duplex: full

II. Switch I ca service provider:

Kho st qua Switch ca service provider:

sh run
Building configuration...

Current configuration : 2248 bytes

!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
!
vlan dot1q tag native
ip subnet-zero
!
!
spanning-tree extend system-id
system mtu 1546
!
interface FastEthernet0/1
switchport access vlan 10
switchport trunk encapsulation dot1q
switchport mode dot1q-tunnel
no ip address
l2protocol-tunnel cdp
no cdp enable
spanning-tree bpdufilter enable!
interface FastEthernet0/4
switchport access vlan 3
no ip address
!
interface FastEthernet0/5
switchport access vlan 3
no ip address
!
interface FastEthernet0/7
switchport access vlan 5
no ip address
!
interface FastEthernet0/8
switchport access vlan 5
no ip address
!
interface FastEthernet0/9
switchport access vlan 5
no ip address
!
interface FastEthernet0/10
switchport access vlan 5
no ip address
!
interface FastEthernet0/11
switchport access vlan 5
no ip address
!
interface FastEthernet0/12
switchport access vlan 5
no ip address
!
interface FastEthernet0/13
switchport access vlan 5
no ip address
!
interface FastEthernet0/14
switchport access vlan 5
no ip address
!
interface FastEthernet0/15
switchport access vlan 5
no ip address
!
interface FastEthernet0/16
switchport access vlan 5
no ip address
!
interface FastEthernet0/17
switchport access vlan 5
no ip address
!
interface FastEthernet0/18
switchport access vlan 5
no ip address
!
interface FastEthernet0/19
switchport access vlan 5
no ip address
!
interface FastEthernet0/20
switchport access vlan 5
no ip address
!
interface FastEthernet0/21
switchport access vlan 5
no ip address
!
interface FastEthernet0/22
switchport access vlan 5
no ip address
!
interface FastEthernet0/23
switchport access vlan 5
no ip address
!

interface FastEthernet0/24
description trunk with switch II ca provider
switchport access vlan 10
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
!
interface Vlan1
ip address 10.1.1.1 255.255.255.0
!
ip classless
ip http server
!
line con 0
line vty 5 15
!
end

Xem cc vlan c cu hnh trn switch ca service provider:

Switch#sh vlan

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------
1 default active Fa0/2, Fa0/3, Fa0/6, Gi0/1
Gi0/2
2 cus active
3 sell active Fa0/4, Fa0/5
5 aaa active Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23
7 VLAN0007 active
10 VLAN0010 active Fa0/1
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
2 enet 100002 1500 - - - - - 0 0

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
3 enet 100003 1500 - - - - - 0 0
5 enet 100005 1500 - - - - - 0 0
7 enet 100007 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0

Remote SPAN VLANs

------------------------------------------------------------------------------

Primary Secondary Type Ports

------- --------- ----------------- ------------------------------------------

Xem cc switch lng ging bng lnh show cdp neighbor:

Switch#sh cdp nei

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater

Device ID Local Intrfce Holdtme Capability Platform Port ID

Switch Fas 0/24 120 S I WS-C3550-4Fas 0/24

Kt qu ca lnh trn cho thy, ch c switch ca service provider l thy nhau. Switch ca khch
hng X (Cat 2950) khng hin th trong output ny.

Switch#sh int f0/1 trunk

Port Mode Encapsulation Status Native vlan

Fa0/1 off 802.1q not-trunking 1

Port Vlans allowed on trunk

Fa0/1 10

Port Vlans allowed and active in management domain

Fa0/1 10

Port Vlans in spanning tree forwarding state and not pruned

Fa0/1 10

Switch#sh int f0/23 4 trunk

Port Mode Encapsulation Status Native vlan

Fa0/24 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/24 1-4094

Port Vlans allowed and active in management domain

Fa0/24 1-3,5,7,10

Port Vlans in spanning tree forwarding state and not pruned

Fa0/24 1-3,5,7,10
Switch#shin int f0/1 trunk

Port Mode Encapsulation Status Native vlan

Fa0/1 off 802.1q not-trunking 1

Port Vlans allowed on trunk

Fa0/1 10

Port Vlans allowed and active in management domain

Fa0/1 10

Port Vlans in spanning tree forwarding state and not pruned

Fa0/1 10
Switch#

III. Switch service provider II:

Kho st switch ca sevice provider 2:

show run
Building configuration...

Current configuration : 3937 bytes

!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
!
ip subnet-zero
no ip domain-lookup
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan dot1q tag native
!
!
interface FastEthernet0/1
switchport access vlan 10
switchport mode dot1q-tunnel
no ip address
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
spanning-tree bpdufilter enable!

interface FastEthernet0/2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1-3
switchport mode trunk
no ip address
!
interface FastEthernet0/5
switchport access vlan 2
switchport mode access
no ip address
!
interface FastEthernet0/6
switchport access vlan 2
switchport mode access
no ip address
!
interface FastEthernet0/7
switchport access vlan 2
switchport mode access
no ip address
!
interface FastEthernet0/8
switchport access vlan 2
switchport mode access
no ip address
!
interface FastEthernet0/9
switchport access vlan 2
switchport mode access
no ip address
!
interface FastEthernet0/10
switchport access vlan 2
switchport mode access
no ip address
!
interface FastEthernet0/11
switchport access vlan 2
switchport mode access
no ip address
!
interface FastEthernet0/12
switchport access vlan 2
switchport mode access
no ip address
!
interface FastEthernet0/13
switchport access vlan 3
switchport mode access
no ip address
!
interface FastEthernet0/14
switchport access vlan 3
switchport mode access
no ip address
!
interface FastEthernet0/15
switchport access vlan 3
switchport mode access
no ip address
!
interface FastEthernet0/16
switchport access vlan 3
switchport mode access
no ip address
!
interface FastEthernet0/17
switchport access vlan 3
switchport mode access
no ip address
!
interface FastEthernet0/18
switchport access vlan 3
switchport mode access
no ip address
!
interface FastEthernet0/19
switchport access vlan 3
switchport mode access
no ip address
!
interface FastEthernet0/20
switchport access vlan 3
switchport mode access
no ip address
!
interface FastEthernet0/21
switchport access vlan 3
switchport mode access
no ip address
!
interface FastEthernet0/22
switchport access vlan 3
switchport mode access
no ip address
!
interface FastEthernet0/23
switchport access vlan 3
switchport mode access
no ip address
!
interface FastEthernet0/24
switchport access vlan 3
switchport trunk encapsulation dot1q
switchport mode trunk
no ip address
!
interface Vlan1
ip address 10.1.1.2 255.255.255.0
!
ip classless
ip http server
!
line con 0
line vty 5 15
!
end

Xem cc VLAN c cu hnh trn switch ca provider II:

Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/2, Fa0/3, Fa0/4, Fa0/25
Fa0/26, Fa0/27, Fa0/28, Fa0/29
Fa0/30, Fa0/31, Fa0/32, Fa0/33
Fa0/34, Fa0/35, Fa0/36, Fa0/37
Fa0/38, Fa0/39, Fa0/40, Fa0/41
Fa0/42, Fa0/43, Fa0/44, Fa0/45
Fa0/46, Fa0/47, Fa0/48, Gi0/1
Gi0/2
2 cus active Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
3 sell active Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23
5 aaa active
7 VLAN0007 active
10 VLAN0010 active Fa0/1
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
2 enet 100002 1500 - - - - - 0 0
3 enet 100003 1500 - - - - - 0 0
5 enet 100005 1500 - - - - - 0 0
7 enet 100007 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0

Remote SPAN VLANs

------------------------------------------------------------------------------

Primary Secondary Type Ports

------- --------- ----------------- ------------------------------------------

Kim tra cc switch lng ging:

Switch#show cdp ne
Switch#show cdp neighbors detail
-------------------------
Device ID: Switch
Entry address(es):
IP address: 10.1.1.1
Platform: cisco WS-C3550-24, Capabilities: Switch IGMP
Interface: FastEthernet0/24, Port ID (outgoing port): FastEthernet0/24
Holdtime : 176 sec
Version :
Cisco Internetwork Operating System Software
IOS (tm) C3550 Software (C3550-I5Q3L2-M), Version 12.1(11)EA1a, RELEASE SOFTWARE
(fc1)
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Thu 17-Oct-02 23:29 by antonino

advertisement version: 2
Protocol Hello: OUI=0x00000C, Protocol ID=0x0112; payload len=27,
value=00000000FFFFFFFF010221FF000000000000000DBC33 2B00FF0000
VTP Management Domain: 'a'
Native VLAN: 1
Duplex: full

Switch#show int trunk

Port Mode Encapsulation Status Native vlan

Fa0/24 on 802.1q trunking 1

Port Vlans allowed on trunk

Fa0/24 1-4094

Port Vlans allowed and active in management domain

Fa0/24 1-3,5,7,10

Port Vlans in spanning tree forwarding state and not pruned

Fa0/24 1-3,5,7,10

Switch#show dot1q-tunnel
Port
-----
Fa0/1

Switch#

IV. Xem switch ca khch hng X bn phi:

show run
Building configuration...

Current configuration : 2311 bytes

!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
enable password cisco
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/2
switchport mode access
!
interface FastEthernet0/3
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/4
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/5
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/6
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/7
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/8
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/9
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/10
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/11
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/12
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/13
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/14
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/15
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/16
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/17
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/18
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/19
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/20
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/21
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/22
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/23
switchport access vlan 7
switchport mode access
!
interface FastEthernet0/24
switchport access vlan 7
switchport mode access
!
interface Vlan1
ip address 10.1.2.6 255.255.255.0
no ip route-cache
!
ip http server
!
!
line con 0
line vty 0 4
password cisco
no login
line vty 5 15
password cisco
no login
!
end

Trn switch 2 c VLAN 7 v VLAN 10:

Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/2
2 cus active
3 sell active
5 aaa active
7 VLAN0007 active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24
10 VLAN0010 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
2 enet 100002 1500 - - - - - 0 0
3 enet 100003 1500 - - - - - 0 0
5 enet 100005 1500 - - - - - 0 0
7 enet 100007 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - srb 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0

Remote SPAN VLANs

------------------------------------------------------------------------------

Primary Secondary Type Ports

------- --------- ----------------- ------------------------------------------

Khi show cdp neighbor, ch thy switch ca khch hng X bn tri, khng thy switch ca
providers.

Switch#show cdp neighbors

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
Switch Fas 0/1 168 T S WS-C2912-XFas 0/1

Switch#show interfaces trunk

Port Mode Encapsulation Status Native vlan

Fa0/1 on 802.1q trunking 1

Port Vlans allowed on trunk

Fa0/1 1-4094

Port Vlans allowed and active in management domain

Fa0/1 1-3,5,7,10

Port Vlans in spanning tree forwarding state and not pruned

Fa0/1 1-3,5,7,10
y l mt on khi show version trong Catalyst 3550

32K bytes of flash-simulated non-volatile configuration memory.

Base ethernet MAC Address: 00:03:6B:22:42:80
Motherboard assembly number: 73-4100-09
Power supply part number: 34-0851-02
Motherboard serial number: FAA0433AE3B
Power supply serial number: PAC040302V8
Model revision number: N0
Motherboard revision number: B0
Model number: WS-C3512-XL-EN
System serial number: FAA0435X05A
Configuration register is 0xF

Mong cc bn tr li gip mnh dong ny "Configuration register is 0xF" c ngha ra sao? ta c

th thay i qua cc gi tr no.
Cm n cc bn nhiu
Thn cho

leminhkhoi

#2
30-10-2003, 03:15 AM
cloud9 Posts: n/a
Guest
Re: Show version Trn Switch

Thiet bi 3550 khong cho phep thay doi Config-Register.

Changing the Config-Register and Setting Boot Statements
Unlike some other Catalyst switches, there is no config-register command on the 3550. The
configuration register value cannot be changed from the default.

http://www.cisco.com/en/US/customer/...shtml#concept5

cloud9

#3
30-10-2003, 11:37 PM
tuaninbox Posts: n/a
Guest

Anh cloud9 c th gi ni dung link ln y lun c khng?

Thanks

tuaninbox

#4
31-10-2003, 10:03 AM
Join Date: Aug 2003
concop
Location: HN
Junior Member
Posts: 20
Newbie

Introduction
Before You Begin
Conventions
Prerequisites
Components Used
Preparing to Upgrade
Understanding File Extensions: bin vs tar files
Understanding 3550 Software Image Naming Conventions: SMI vs EMI
Understanding the 3550 Flash File System and Memory Requirements
Changing the Config-Register and Setting Boot Statements
Download Software Image
Install TFTP Server
Backup Configuration and Software Image
Software Upgrade Procedure for 3550 Series Switches
Step-by-Step Procedure for the 3550 using only the IOS image (.bin file)
Step-by-Step Procedure for the 3550 using the CMS image (.tar file)
Verify
Troubleshoot
Image Transfer from TFTP Server Failed
Software Upgrade Failed / Switch: Prompt is Displayed / Switch is Rebooting Continuously
Related Information

Introduction

This document explains the step-by-step procedure for upgrading the software image on Catalyst
3550 series switches using the Command Line Interface (CLI).

This document does not cover the upgrade procedure using the Cluster Management Suite
(CMS). For detailed instructions on this procedure, launch the CMS application, select
Administration > Software Upgrade, and select Help from the menu bar.

A software image upgrade may be necessary for many reasons:

You want to implement new features in your network that are available in the new software
release.
*

You want to install a new line card that is not supported by the current software version.
*

Your switch has been affected by a known bug that is resolved in the next software release.

Before You Begin

Conventions

For more information on document conventions, see the Cisco Technical Tips Conventions.
Prerequisites

If you are not already familiar with Catalyst 3550 naming conventions, feature sets, file systems
and boot parameters, or how to setup a TFTP server and backup your configuration, it is
recommended that you read the Preparing to Upgrade section of this document before attempting
the software upgrade.

Otherwise, you can skip any or all of theses topics and go directly to the Software Upgrade
Procedure for 3550 Series Switches section of this document.
Components Used
This document is not restricted to specific software and hardware versions.

The information presented in this document was created from devices in a specific lab
environment. All of the devices used in this document started with a cleared (default)
configuration. If you are working in a live network, ensure that you understand the potential
impact of any command before using it.
Preparing to Upgrade
Understanding File Extensions: bin vs tar files

There are two types of files or file extensions you will see when downloading 3550 software
from the LAN Switching software page of the Software Center (registered customers only) :

The .bin file is the IOS image. If you only want to use the CLI to manage the switch, this is the
only file you will need to download.
*

The .tar file is an archive file from which both the IOS image and the CMS files are extracted
during the upgrade process. If you want to manage switches or clusters of switches through a
web interface (HTML), this is the only file you need to download.

Note: When you download a .tar image, the file will be saved by whatever archive utility is
installed on your PC. This could be WinZip or some other third-party software. There is no need
to manually extract the archived files. This will be done automatically during the upgrade
process.

Note: For more information on the CMS, refer to the Multimedia Presentation .
Understanding 3550 Software Image Naming Conventions: SMI vs EMI

The 3550 is either a Layer 2 (L2) or Layer 3 (L3) switch, depending on the software version and
feature set you install.

The naming conventions for 3550 images begin with either of the following:

The differences between the two are explained below.

The SMI image is essentially a L2 only image. In software version 121-8.EA1b, however,
enhancements to the L2 feature set were made. Consequently, you may see the term Layer2+
used for this and later SMI releases. In software version 121-11.EA1, basic L3 functionality was
added to the SMI image with static unicast routing, the Routing Information Protocol (RIP), and
other features. Consequently, you will see the phrase basic Layer 3 routing features used for this
and later SMI releases.
*

The EMI image is a L2 image combined with a full L3 feature set, including Interior Gateway
Routing Protocol (IGRP) and Enhanced IGRP (EIGRP), Open Shortest Path First (OSPF),
Border Gateway Protocol (BGP) Version 4, Hot Standby Router Protocol (HSRP), Protocol-
Independent Multicast (PIM), and other advanced services.

Note: For more information on SMI and EMI features, please refer to the Catalyst 3550
Multilayer Switch Software Configuration Guide under the Release Notes for your version of
3550 software.

Note: All Catalyst 3550 Gigabit Ethernet (GE) switches are shipped with the EMI installed.
Catalyst 3550 FastEthernet switches are shipped with either the SMI or the EMI installed. You
can order the Enhanced Multilayer Software Image Upgrade kit (CD-3550-EMI=) to upgrade
any Catalyst 3550 FastEthernet switch from the SMI to the EMI. Keep in mind, however, that
unless your 3550 was purchased with the EMI image pre-installed, you must purchase the
upgrade kit before downloading the EMI image.

You can verify which version of software you are are running, where the image is installed,
which feature set you are running, and the model of 3550 you have by issuing the show version
command. A sample command output is shown below.

3550#sh ver
Cisco Internetwork Operating System Software
IOS (tm) C3550 Software (C3550-I5Q3L2-M), Version 12.1(12c)EA1, RELEASE SOFTWARE
(fc1)

!--- The I5Q3L2 in the beginning of the image name tells

!--- you this is an EMI.
!--- If you see I9Q3L2 instead, this means you are
!--- running a SMI.
!--- The version of software you are currently running is 12.1(12c)EA1.

Copyright (c) 1986-2002 by cisco Systems, Inc.

Compiled Mon 25-Nov-02 00:07 by antonino
Image text-base: 0x00003000, data-base: 0x0075FE48
ROM: Bootstrap program is C3550 boot loader
3550 uptime is 2 weeks, 1 day, 3 hours, 0 minutes
System returned to ROM by power-on
System image file is "flash:c3550-i5q3l2-mz.121-12c.EA1/c3550-i5q3l2-mz.121-12c.
EA1.bin"

!--- The image is installed in the

!--- flash/c3550-i5q312-mz.121-12c.EA1 directory.
--- output suppressed ---

Model revision number: 03

Motherboard revision number: 03
Model number: WS-C3550-24PWR-SMI

!--- This is a WS-C3550-24PWR-SMI.

!--- Note the SMI at the end of the model number.
!--- This is the factory configuration and does not change
!--- even if you upgrade to an EMI.

System serial number: CSJ0644U00Y

Configuration register is 0x10F
3550#

Understanding the 3550 Flash File System and Memory Requirements

3550 Flash File System

The 3550 ships from the factory with a CMS image (.tar file) installed in the flash: directory.
The extraction process that takes place with a .tar file creates an IOS image directory that has the
same name as the IOS image (.bin file), but without the file extension. The IOS image (.bin file)
is stored in this directory along with an HTML subdirectory that contains the CMS files.

You can view the 3550 Flash file system by issuing the dir flash: command. A sample command
output is shown below.

3550#dir flash:
Directory of flash:/
2 -rwx 796 Mar 01 1993 00:00:36 vlan.dat
3 -rwx 0 Mar 01 1993 00:04:17 env_vars
4 -rwx 1637 Mar 07 1993 14:34:06 config.text
5 -rwx 348 Mar 01 1993 00:04:17 system_env_vars
6 -rwx 5 Mar 07 1993 14:34:06 private-config.text
7 drwx 192 Mar 01 1993 00:18:55 c3550-i5q3l2-mz.121-12c.EA1

!--- Notice the d in the permissions indicating that

!--- c3550-i5q312-mz.121-12c.EA1 is a directory.
!--- This is where both the IOS image (.bin file) and
!--- the HTML subdirectory are located.

15998976 bytes total (10415104 bytes free)

If you upgrade using just the IOS image (bin file), you will issue the copy tftp command, which
is fully explained in the Step-by-Step Procedure for the 3550 using only the IOS image (.bin file)
section of this document.

If you upgrade using the CMS image ( .tar file), you will issue the archive download-sw
command, which is fully explained in the Step-by-Step Procedure for the 3550 using the CMS
image (.tar file) section of this document.
3550 Memory Requirements

DRAM Memory

The SDRAM configuration on all 3550s is 64 MB. There are no minimum DRAM requirements
to consider before upgrading software on the 3550.

FLASH Memory

All 3550s have 16 MB of internal Flash memory. The Flash memory is not upgradeable.

You can only store a limited number of images in Flash. Always check the size (in bytes) of the
image on the LAN Switching Software page of the Software Center (registered customers only)
before upgrading software. Compare the size of this image with the free space in Flash by
issuing the dir flash: command. A sample command output is shown below.

3550#dir flash:
Directory of flash:/
2 -rwx 796 Mar 01 1993 00:00:36 vlan.dat
3 -rwx 346 Mar 01 1993 00:21:36 system_env_vars
6 drwx 192 Mar 01 1993 00:21:34 c3550-i5q3l2-mz.121-13.EA1
7 drwx 192 Mar 01 1993 00:18:55 c3550-i5q3l2-mz.121-12c.EA1
42 -rwx 0 Mar 01 1993 00:21:35 env_vars
15998976 bytes total (4416512 bytes free)

!--- This is the free memory in Flash.

If necessary, issue the delete flash: <filename> command to delete a single IOS image (.bin file),
or the delete /force /recursive command to delete a directory and all the files in it.

If you are upgrading using a CMS image (.tar file), the upgrade procedure uses the archive
download-sw command. This command has a few options, including archive download-sw
/overwrite, which overwrites or replaces the old software, and archive download-sw /leave-old-
sw, which leaves the old software, but consequently requires more Flash space.

Issuing the delete command and the archive download-sw command are covered in detail in the
Software Upgrade Procedure for the 3550 Series Switches section of this document.
Changing the Config-Register and Setting Boot Statements

Unlike some other Catalyst switches, there is no config-register command on the 3550. The
configuration register value cannot be changed from the default.

The 3550 will automatically search for a valid software image to boot from, even if a boot
system statement is not set. It is still recommended, however, to set the boot statement anyway
as a precaution. The command to set a boot system statement is boot system flash:<filename> .

Multiple images can be specified in the boot statement by separating them with a semicolon. The
command would be boot system flash:<file1;file2>

If you are using a CMS image on the 3550, the IOS image (.bin file) will be extracted into its
own directory. The boot system command becomes boot system flash:<directory/filename> .

Issuing the boot system command is covered in detail in the Software Upgrade Procedure for the
3550 Series Switches section of this document.
Download Software Image

The 3550 software image must be downloaded onto the PC that will act as the TFTP server prior
to actual image upgrade. Download the software image from the LAN Switching Software
section of the Software Center (registered customers only) . To download the software image,
you must be a registered user and you must be logged in. If you do not understand which image
to download, review the Preparing to Upgrade section of this document.
Install TFTP Server

For sample output for this document, a third-party TFTP server is installed on a PC running
Microsoft Windows 2000 Professional. You can use any TFTP server installed on any platform.
It is not necessary that you use a PC with a Windows OS.

1.

Download and install any shareware TFTP software from the Internet on the PC that you will be
using to copy the 3550 software image to the switch. The TFTP server root directory must be the
directory to which the software image is downloaded. You can download the images to the
default root directory of the TFTP server or change the root directory path to the directory in
which the software image is stored.
2.

Access the switch CLI by connecting a console cable between the switch console port and the
PC. Refer to Connecting a Terminal to the Console Port on Catalyst Switches to access the CLI
using the hyperterminal.

Note: The switch can be upgraded using remote Telnet access. You will, however, loose Telnet
connectivity when the switch is reloaded during the software upgrade. The Telnet can be re-
established once it is loaded with the new image, however, to troubleshoot in case of failure, it is
essential to have local console access. A switch upgrade using console access is preferred.
3.

For best results, configure a VLAN interface on the switch to be in the same VLAN (subnet) as
your directly connected TFTP server. If it is not possible to have your TFTP server directly
connected to the switch, issue either the ip default-gateway or the ip route command to set a
default gateway to reach the TFTP server.

On the 3550, you can configure a VLAN interface with an IP address and with L2 physical
interfaces as members of that VLAN. Alternately, you can configure a physical interface as a L3
interface with its own IP address, similar to a router.

In the example below, a VLAN interface with a FastEthernet L2 physical interface in that VLAN
is used. In this example, the 3550 and TFTP server are not in the same subnet, so a default route
is configured.

3550#conf t
3550(config)#int vlan 1

!--- A FastEthernet interface is in VLAN 1.

3550(config-if)#ip address 10.10.10.1 255.255.255

3550(config-if)#no shut
3550(config-if)#exit
3550(config)#ip route 0.0.0.0 0.0.0.0 10.10.10.129

!--- Issue this command as one way to establish

!--- connectivity to a TFTP server on a different subnet or network.

3550(config)#end
3550#
3550#ping 20.20.20.2

!--- Ping the IP address of the TFTP server

!--- from the switch to verify connectivity.

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 20.20.20.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/202/1000 ms
3550#

Backup Configuration and Software Image

Perform a backup of the switch configuration to the PC running TFTP server. If you loose the
switch configuration for any reason, you can always restore it from the TFTP server.

Issue the copy startup-config tftp command on the 3550 to back up your current configuration to
a TFTP server. A sample command output is shown below.

3550#copy startup-config tftp

Address or name of remote host []? 20.20.20.2

!--- Type your TFTP server IP.

!--- Press Return or Enter.

Destination filename [3550-confg]?

!--- Press Return or Enter.

!--- The file 3550-confg will be saved in the
!--- TFTP server root directory.

!!
1622 bytes copied in 3.656 secs (444 bytes/sec)
3550#

Software Upgrade Procedure for 3550 Series Switches

There are two upgrade procedures available for the 3550:

1.

If you want to use the CLI only and do not intend to use Cisco's CMS software, follow the Step-
by-Step Procedure for the 3550 using only the IOS image (.bin file) .
2.

If you want to use the latest version of Cisco's CMS software, follow the Step-by-Step Procedure
for the 3550 using the CMS image (.tar file).

Note: For more information on the CMS, refer to the Multimedia Presentation.
Step-by-Step Procedure for the 3550 using only the IOS image (.bin file)

For this example, the software on a 3550 is upgraded from version 12.1(12c)EA1 to version 121-
13.EA1 using only the IOS image (.bin file). The procedure is the same no matter which version
of software you use.

1.
Issue the show version command to view the current version of software that you are running. A
sample command output is shown below.

3550#sh ver
Cisco Internetwork Operating System Software
IOS (tm) C3550 Software (C3550-I5Q3L2-M), Version 12.1(12c)EA1, RELEASE SOFTWARE
(fc1)

!--- The current software version is 12.1(12c)EA1.

2.

Go to the LAN Switching Software section of the Software Center (registered customers only) .

Select Catalyst 3550 software and find the image you want to download. Note the size of the
image in bytes. In this example, the c3550-i5q3l2-mz.121-13.EA1.bin file is used. The i5q3l2 in
the beginning of the filename tells us this is an EMI. The image size is 3993612 bytes, or
approximately 4 MB. Download the image you want.

Note: The upgrade procedure is the same for the SMI. The SMI image has i9q3l2 in the
beginning of the filename. It is a smaller image and will take up less room in Flash. If you still
have questions about whether to use an SMI or EMI image, refer to the Understanding 3550
Software Image Naming Conventions: SMI vs EMI section of this document.
3.

Issue the dir flash: command on the 3550 to verify how much free memory you have for the
upgrade. A sample command output is shown below.

3550#dir flash:
Directory of flash:/
2 -rwx 556 Mar 01 1993 00:02:13 vlan.dat
3 -rwx 3384393 Mar 01 1993 00 58 c3550-i5q3l2-mz.121-9.EA1c.bin
4 drwx 192 Mar 01 1993 00:10:15 c3550-i5q3l2-mz.121-11.EA1a

!--- Notice the d for dir4ectory in the permissions statement.

38 -rwx 0 Mar 01 1993 00:10:15 env_vars

7 -rwx 348 Mar 01 1993 00:10:15 system_env_vars
12 drwx 192 Mar 01 1993 00:16:22 c3550-i5q3l2-mz.121-12c.EA1

!--- Notice the d for directory in the permissions statement.

15998976 bytes total (1949184 bytes free)

!--- There is just under 2 MB of memory left, which is not enough.

!--- One of the old images or possibly a directory will
!--- have to be deleted in order to upgrade.

3550#

Note: If you already have enough room in Flash for the upgrade, you can proceed directly to
Step 5 .
4.

Issue the delete command to remove the old 121-9.EA1c IOS image (.bin file). This will free up
enough room for the upgrade. A sample command output is shown below.

3550#delete flash:c3550-i5q3l2-mz.121-9.EA1c.bin
Delete filename [c3550-i5q3l2-mz.121-9.EA1c.bin]?

!--- Press Return or Enter.

Delete flash:c3550-i5q3l2-mz.121-9.EA1c.bin? [confirm]

!--- Press Return or Enter.

3550#
3550#dir flash:
Directory of flash:/
2 -rwx 556 Mar 01 1993 00:02:13 vlan.dat
4 drwx 192 Mar 01 1993 00:10:15 c3550-i5q3l2-mz.121-11.EA1a
38 -rwx 0 Mar 01 1993 00:10:15 env_vars
7 -rwx 348 Mar 01 1993 00:10:15 system_env_vars
12 drwx 192 Mar 01 1993 00:16:22 c3550-i5q3l2-mz.121-12c.EA1
15998976 bytes total (5334016 bytes free)

!--- After deleting the old IOS image file, there is now over
!--- 5 MB of free memory. This is enough for the upgrade.

3550#

You may need to free up even more space for an upgrade depending on how many images you
have stored in Flash. You can delete an old image directory to accomplish this.
Note: Keep in mind this is where the old IOS image (.bin file) as well as the files needed for the
CMS are stored. If you do not use the web interface to manage the switch or you have a newer
image directory, this is not a problem.

Issue the delete /force /recursive command to delete an image directory and all the subdirectories
and files in it. A sample command output is shown below.

3550#delete /force /recursive flash:c3550-i5q3l2-mz.121-11.EA1a

Delete filename [c3550-i5q3l2-mz.121-11.EA1a]?

!--- Press Return or Enter.

3550#
3550#dir flash:
Directory of flash:/
2 -rwx 556 Mar 01 1993 00:02:13 vlan.dat
38 -rwx 0 Mar 01 1993 00:10:15 env_vars
7 -rwx 348 Mar 01 1993 00:10:15 system_env_vars
12 drwx 192 Mar 01 1993 00:16:22 c3550-i5q3l2-mz.121-12c.EA1
15998976 bytes total (10417664 bytes free)

!--- Freeing up more room was not necessary in this case,

!--- however, you can see you now have over 10 MB of free space.

3550#

5.

Perform the upgrade by issuing the copy tftp flash: command.

3550#copy tftp flash:

Address or name of remote host []? 20.20.20.2

!--- This is TFTP server IP. Press Return or Enter.

Source filename []? c3550-i5q3l2-mz.121-13.EA1.bin

!--- Press Return or Enter.

Destination filename [c3550-i5q3l2-mz.121-13.EA1.bin]?

Accessing tftp://20.20.20.2/c3550-i5q3l2-mz.121-13.EA1.bin...
Loading c3550-i5q3l2-mz.121-13.EA1.bin from 20.20.20.2 (via Vlan1): !!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 3993612 bytes]

!--- The image was copied successfully.

3993612 bytes copied in 107.992 secs (36981 bytes/sec)

3550#dir flash:
Directory of flash:/
2 -rwx 556 Mar 01 1993 00:02:13 vlan.dat
3 -rwx 3993612 Mar 01 1993 01:11:07 c3550-i5q3l2-mz.121-13.EA1.bin

!--- The new image is installed in the flash: directory.

38 -rwx 0 Mar 01 1993 00:10:15 env_vars

7 -rwx 348 Mar 01 1993 00:10:15 system_env_vars
12 drwx 192 Mar 01 1993 00:16:22 c3550-i5q3l2-mz.121-12c.EA1
15998976 bytes total (6423552 bytes free)
3550#
3550#verify flash:c3550-i5q3l2-mz.121-13.EA1.bin
Verified flash:c3550-i5q3l2-mz.121-13.EA1.bin
3550#

!--- Issue the verify command to verify the

!--- image checksum is correct.

6.

Set a boot system statement so the new image boots on the next reload. A sample command
output is shown below.

3550#conf t
Enter configuration commands, one per line. End with CNTL/Z.
3550(config)#boot system flash:c3550-i5q3l2-mz.121-13.EA1.bin
3550(config)#end
3550#
3550#sh boot
BOOT path-list: flash:c3550-i5q3l2-mz.121-13.EA1.bin

--- output suppressed ---

!--- The boot system statement will not show up in the config.
!--- Issue the show boot command to verify the new image
!--- will boot on the next reload of the switch.

7.

Issue the wr mem command to save your changes and reload the switch. A sample command
output is shown below.

3550#wr mem
Building configuration...
[OK]
3550#reload
Proceed with reload? [confirm]

!--- Press Return or Enter.

01:21 %SYS-5-RELOAD: Reload requested

--- output suppressed ---

Press RETURN to get started!

!--- Press Return or Enter.

--- output suppressed ---

8.

Verify you are running the new image by issuing the show version command. A sample
command output is shown below.

3550#sh ver
Cisco Internetwork Operating System Software
IOS (tm) C3550 Software (C3550-I5Q3L2-M), Version 12.1(13)EA1, RELEASE SOFTWARE
(fc1)

!--- The c3550-I5Q3L2 means that you are running the EMI.
!--- The current software version is 12.1(13)EA1.
--- output suppressed ---

This completes the upgrade procedure on a 3550 using only the IOS image (.bin file).

Step-by-Step Procedure for the 3550 using the CMS image (.tar file)

For this example, the software on a 3550 is upgraded from version 12.1(12c)EA1 to verison 121-
13.EA1 using the CMS image (.tar file).

1.

Issue the show version command to view the current version of software that you are running. A
sample command output is shown below.

3550#sh ver
Cisco Internetwork Operating System Software
IOS (tm) C3550 Software (C3550-I5Q3L2-M), Version 12.1(12c)EA1, RELEASE SOFTWARE
(fc1)

!--- The current software version is 12.1(12c)EA1.

2.

Go to the LAN Switching Software section of the Software Center (registered customers only) .

Select Catalyst 3550 software and find the image you want to download. Note the size of the
image in bytes. In this example, the c3550-i5q3l2-tar.121-13.EA1.tar file is used. The i5q3l2 in
the beginning of the filename tells us this is an EMI. The image size is 6011904 bytes or
approximately 6 MB. Download the image you want.

Note: The upgrade procedure is the same for the SMI. The SMI image has i9q3l2 in the
beginning of the filename. It is a smaller image and will take up less room in Flash. If you still
have questions about whether to use an SMI or EMI image, refer to the Understanding 3550
Software Image Naming Conventions: SMI vs EMI section of this document.
3.

Issue the dir flash: command on the 3550 to verify how much free memory you have for the
upgrade. A sample command output is shown below.

3550#dir flash:
Directory of flash:/
2 -rwx 556 Mar 01 1993 00:00:35 vlan.dat
3 -rwx 3384393 Mar 01 1993 19 37 c3550-i5q3l2-mz.121-9.EA1c.bin
!--- Notice there is one IOS image (.bin file) and
!--- two image directories installed.

4 -rwx 1595 Mar 01 1993 19 41 config.text

5 -rwx 0 Mar 01 1993 19 33 env_vars
8 drwx 192 Mar 01 1993 19:42:50 c3550-i5q3l2-mz.121-11.EA1
12 drwx 192 Mar 01 1993 00:16:22 c3550-i5q3l2-mz.121-12c.EA1

!--- Notice the d in the permissions indicating that these are directories.
!--- These directories contain the IOS image(.bin file) and CMS files,
!--- which were extracted from the .tar image during the upgrade.

38 -rwx 316 Mar 01 1993 19 33 system_env_vars

15998976 bytes total (1948160 bytes free)

!--- There is under 2 MB of free memory in Flash, which

!--- may not be enough for the upgrade.

3550#

Note: If you already have enough room in Flash for the upgrade, you can proceed directly to
Step 5 .
4.

If you need to free up memory on the 3550, you have the following options:
*

If you do not want to keep the current version of software, you can overwrite or replace it during
the upgrade procedure. Proceed to Step 5 if this is what you want to do.
*

If you want to leave the current version of software as a backup, you may need to manually
delete an older image or directory.

If you want to leave the current version of software, and you do not have enough space in Flash,
issue the delete command to remove an old IOS image or directory in order to make room for
the upgrade. A sample command output is shown below.

3550#delete flash:c3550-i5q3l2-mz.121-9.EA1c.bin
Delete filename [c3550-i5q3l2-mz.121-9.EA1c.bin]?
!--- Press Enter or Return.

Delete flash:c3550-i5q3l2-mz.121-9.EA1c.bin? [confirm]

!--- Press Enter or Return.

3550#
3550#dir flash:
Directory of flash:/
2 -rwx 556 Mar 01 1993 00:00:35 vlan.dat
4 -rwx 1595 Mar 01 1993 19 41 config.text
5 -rwx 0 Mar 01 1993 19 33 env_vars
8 drwx 192 Mar 01 1993 19:42:50 c3550-i5q3l2-mz.121-11.EA1

!--- Notice the d in the permissions indicating these are directories.

12 drwx 192 Mar 01 1993 00:16:22 c3550-i5q3l2-mz.121-12c.EA1

38 -rwx 316 Mar 01 1993 19 33 system_env_vars
15998976 bytes total (5332992 bytes free)

!--- In this case, although additional memory is

!--- created by deleting an old IOS image (.bin file),
!--- there is still not enough free memory for the new 6 MB image.
!--- You will need to delete one of the image directories.

3550#

The image directory on a 3550 is where the IOS image (.bin file) and the CMS files are extracted
from the .tar image and installed during the upgrade. The image directory is named with the IOS
image name (excluding the .bin extension). A sample command output is shown below.

3550#dir c3550-i5q3l2-mz.121-11.EA1
Directory of flash:/c3550-i5q3l2-mz.121-11.EA1/
9 drwx 704 Mar 01 1993 19:40:57 html

!--- The html subdirectory contains the CMS files

!--- needed for web management.

36 -rwx 3703698 Mar 01 1993 19:42:50 c3550-i5q3l2-mz.121-11.EA1.bin

!--- This is the IOS image (.bin file) for this image directory.

37 -rwx 252 Mar 01 1993 19:42:50 info

15998976 bytes total (5332992 bytes free)
3550#

Issue the delete /force /recursive command to delete an image directory and all the files in it. A
sample command output is shown below.

3550#delete /force /recursive c3550-i5q3l2-mz.121-11.EA1

Delete filename [c3550-i5q3l2-mz.121-11.EA1]?

!--- Press Enter or Return.

3550#
3550#dir flash:
Directory of flash:/
2 -rwx 556 Mar 01 1993 00:00:35 vlan.dat
4 -rwx 1595 Mar 01 1993 19 41 config.text
5 -rwx 0 Mar 01 1993 19 33 env_vars
12 drwx 192 Mar 01 1993 00:16:22 c3550-i5q3l2-mz.121-12c.EA1
38 -rwx 316 Mar 01 1993 19 33 system_env_vars
15998976 bytes total (10415616 bytes free)

!--- There is now enough room to proceed with the upgrade.

5.

Issue the archive download-sw command to copy over the .tar file and extract all the files inside
it.

There are two options to consider with this command. The options are /leave-old-sw or
/overwrite.

The upgrade procedure is exactly the same no matter which option you choose, but the results
are different.

If you choose to leave the current version of software as a backup, the command syntax is
archive download-sw /leave-old-sw tftp://<tftp server ip>/<filename> . As discussed in Step 4,
make sure you have enough space in Flash to use this option.

If you choose to overwrite or replace the current version of software with the newer version, the
command syntax is archive download-sw /overwrite tftp://<tftp server ip>/<filename> . This is
the option used in this document.

Note: There are other options that can be used in addition to these, however, they are not covered
in this document. For more details, refer to Working with the IOS File System, Configuration
Files, and Software Images for your release of 3550 software.

Issue the dir flash: command. A sample command output is shown below.

3550#dir flash:
Directory of flash:/
2 -rwx 916 Mar 01 1993 00:00:48 vlan.dat
3 -rwx 1554 Mar 01 1993 02 42 config.text
4 -rwx 5 Mar 01 1993 02 42 private-config.text
6 -rwx 0 Mar 01 1993 00:02:21 env_vars
5 drwx 192 Mar 01 1993 02:49:44 c3550-i5q3l2-mz.121-12c.EA1

!--- This is the current version of software.

8 -rwx 277 Mar 01 1993 00:02:21 system_env_vars

15998976 bytes total (10415104 bytes free)
3550#

Issue the archive download-sw command with the /overwrite option to replace the current
version of software 121-12c.EA1 with a newer version of software 121-13.EA1. A sample
command output is shown below.

3550#archive download-sw /overwrite tftp://20.20.20.2/c3550-i5q3l2-tar.121-13.EA1.tar

examining image...
Loading c3550-i5q3l2-tar.121-13.EA1.tar from 20.20.20.2 (via Vlan1): !!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
extracting info (252 bytes)!
[OK - 6011904 bytes]
Image info:
Version Suffix: i5q3l2-121-13.EA1
Image Name: c3550-i5q3l2-mz.121-13.EA1.bin
Version Directory: c3550-i5q3l2-mz.121-13.EA1
Ios Image Size: 3996160
Total Image Size: 6010880
Image Feature: LAYER_3|MIN_DRAM_MEG=64
Image Family: C3550
Extracting files...
Loading c3550-i5q3l2-tar.121-13.EA1.tar from 171.71.79.73 (via Vlan1): !
c3550-i5q3l2-mz.121-13.EA1/ (directory)
c3550-i5q3l2-mz.121-13.EA1/html/ (directory)

!--- The CMS files are being extracted into

!--- the c3550-i5q3l2-mz.121-13.EA1/html/ directory.

extracting c3550-i5q3l2-mz.121-13.EA1/html/homepage.htm (3992 bytes)!

extracting c3550-i5q3l2-mz.121-13.EA1/html/not_supported.html (1392 bytes)
extracting c3550-i5q3l2-mz.121-13.EA1/html/common.js (9529 bytes)!!
extracting c3550-i5q3l2-mz.121-13.EA1/html/cms_splash.gif (22152 bytes)!!!!!
extracting c3550-i5q3l2-mz.121-13.EA1/html/cms_13.html (1211 bytes)

--- output suppressed ---

extracting c3550-i5q3l2-mz.121-13.EA1/c3550-i5q3l2-mz.121-13.EA1.bin (3993612 by

tes)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

--- output suppressed ---

!--- The IOS image (.bin file) is being extracted into

!--- the c3550-i5q3l2-mz.121-13.EA1 directory.

[OK - 6011904 bytes]

Deleting current version...
Deleting flash:c3550-i5q3l2-mz.121-12c.EA1...done.

!--- The current version of software has been deleted.

New software image installed in flash:c3550-i5q3l2-mz.121-13.EA1

!--- The current version of software has been

!--- replaced with the newer version.

Configuring system to use new image...done.

3550#
3550#verify c3550-i5q3l2-mz.121-13.EA1/c3550-i5q3l2-mz.121-13.EA1.bin
Verified c3550-i5q3l2-mz.121-13.EA1/c3550-i5q3l2-mz.121-13.EA1.bin
3550#

!--- Verify the image checksum.

3550#dir flash:
Directory of flash:/
2 -rwx 916 Mar 01 1993 00:00:48 vlan.dat
3 -rwx 1554 Mar 01 1993 02 42 config.text
4 -rwx 5 Mar 01 1993 02 42 private-config.text
6 -rwx 346 Mar 01 1993 00:17:35 system_env_vars
24 drwx 192 Mar 01 1993 00:17:24 c3550-i5q3l2-mz.121-13.EA1

!--- The .tar file extraction process created a new IOS image directory.

5 -rwx 0 Mar 01 1993 00:17:35 env_vars

15998976 bytes total (9992704 bytes free)
3550#
3550#dir flash:c3550-i5q3l2-mz.121-13.EA1
Directory of flash:/c3550-i5q3l2-mz.121-13.EA1/
25 drwx 832 Mar 01 1993 00:15:22 html

!--- The CMS files have been extracted into the html subdirectory.

40 -rwx 3993612 Mar 01 1993 00:17:24 c3550-i5q3l2-mz.121-13.EA1.bin

!--- The IOS image (.bin file) is installed in the image directory.

41 -rwx 252 Mar 01 1993 00:17:24 info

15998976 bytes total (9992704 bytes free)
3550#
3550#dir flash:c3550-i5q3l2-mz.121-13.EA1/html
Directory of flash:c3550-i5q3l2-mz.121-13.EA1/html/
27 -rwx 3992 Mar 01 1993 00:14:25 homepage.htm
28 -rwx 1392 Mar 01 1993 00:14:25 not_supported.html
29 -rwx 9529 Mar 01 1993 00:14:25 common.js
30 -rwx 22152 Mar 01 1993 00:14:26 cms_splash.gif
31 -rwx 1211 Mar 01 1993 00:14:26 cms_13.html

--- output suppressed ---

!--- These are the CMS files.

6.

The archive download-sw command with the /overwrite option automatically configures a boot
system statement so that the new image boots on the next reload of the switch. Issue the show
boot command to confirm this. A sample command output is shown below.

3550#sh boot
BOOT path-list: flash:c3550-i5q3l2-mz.121-13.EA1/c3550-i5q3l2-mz.121-13.EA1.bin

--- output suppressed ---

If for some reason the boot statement is not set, you can configure it by issuing the boot system
command. A sample command output is shown below.

3550#conf t
Enter configuration commands, one per line. End with CNTL/Z.
3550(config)#boot system flash:c3550-i5q3l2-mz.121-13.EA1/c3550-i5q3l2-mz.121-
13.EA1.bin

!--- The boot system statement is set by using the directory/filename.

3550(config)#end
3550#

7.

Issue the wr mem command to save your changes and reload the switch. A sample command
output is shown below.

3550#wr mem
Building configuration...
[OK]
3550#reload
Proceed with reload? [confirm]

!--- Press Return or Enter.

00 01: %SYS-5-RELOAD: Reload requested

--- output suppressed ---

Press RETURN to get started!

!--- Press Return or Enter.

8.

Verify you are running the new image by issuing the show version command. A sample
command output is shown below.

3550#sh ver
Cisco Internetwork Operating System Software
IOS (tm) C3550 Software (C3550-I5Q3L2-M), Version 12.1(13)EA1, RELEASE SOFTWARE

!--- You are now running C3550-I5Q3L2 EMI

!--- and software version 12.1(13)EA1.

(fc1)
Copyright (c) 1986-2003 by cisco Systems, Inc.

--- output suppressed ---

This completes the upgrade procedure for a 3550 using the CMS image (.tar file).

Verify

The commands necessary to verify that your configuration is working properly are included in
the Software Upgrade Procedure for 3550 Series Switches section of this document.
Troubleshoot

This section provides information you can use to troubleshoot your configuration.
Image Transfer from TFTP Server Failed

If you find that image transfer from TFTP server is failing continuously, refer to the following
document for known issues with the TFTP server:

Common Problems in Installing Images Using TFTP or an RCP Server

Software Upgrade Failed / Switch: Prompt is Displayed / Switch is Rebooting Continuously

Your software upgrade may fail due to reasons such as IP connectivity problems between the
switch and TFTP server, or incorrectly set boot statements. These issues may cause your switch
to boot in the switch: mode. If your 3550 displays the switch: prompt or is continuously
rebooting, refer to the following document for software recovery procedures:

Recovery From Corrupt or Missing Software Image on Cisco Catalyst 2900XL and 3500XL
Series Switches

concop

View Public Profile

Send a private message to concop

Find all posts by concop

Add concop to Your Contacts

#5
31-10-2003, 03:24 PM
leminhkhoi Posts: n/a
Guest

cm n cc bn rt nhiu
thn cho

1 Qun l Port

1.1 Tnh d b tn thng

Mt h iu hanh ca Switch Cisco co qun ly port, dy Console(line con 0) ma no

cung cp s truy xut trc tip n Switch cho s qun tr. Nu s qun ly port c
cai t qu lng lo thi Switch co th b nh hng bi cc cuc tn cng.Va chi tit
v tnh d b tn thng ca vic qun ly Port bao gm nhng phn sau y:

Mt Switch vi 1 management port s dng tai khon user mc nh cho phep k tn

cng c gng to kt ni s dng 1 hoc nhiu tai khon mc nh c bit
n(administrator, root, security)
Nu 1 Switch co 1 management port ma khng cai password, password mc nh
hay password yu, khi o 1 k tn cng co th on c pass hay crack chung va
ly hoc thay i thng tin trn Switch. Cung vy vic cai cng password trn nhiu
Switch cung cp 1 im n ca s hng hoc. K tn cng, ngi ma tha hip c
1 Switch s tha hip c vi cc Switch con li. Cui cng vic cai t cng 1
password cho c management port va nhng cai t khc trn Switch cho phep s
tha hip tim tang bi vi password c cai t dng Plaintext co th b thu thp
trong 1 mng ma co ngi phn tch mng. K tn cng ngi ma thu thp c
password telnet t traffic mng co th truy cp vao management port ca Switch luc
khc.

Nu mt kt ni n Switch s dng management port ma khng cai t thi gian

Timeout hoc cai t khong thi gian Timeout ln (ln hn 9 phut), khi o kt ni
s sn sang cho 1 k tn cng hack chung.
Mt Banner a ra ghi chu cho bt k ngi nao kt ni n Switch ma no thi c
chng thc va s b theo di cho bt k hanh ng nao.Toa n s b qua trng hp
chng li ngi ma tn cng vao mt h thong khng co Banner cnh bo.

1.2 Gii php

Hu ht phng php bo m cho vic qun tr Switch thi nm ngoai vic qun ly
nhom.
Phng php nay khng trn ln vic qun ly traffic vi vic thao tc traffic.Vic
qun ly ngoai nhom s dng danh cho nhng h thng va truyn thng. S 1 ch
ra 1 dy Serial kt ni n Server va chia vic qun ly cc my tnh ngoai cng
Console kt ni n cc port ca Switch.. Gii php nay th cho nhiu chc nng
qun ly. Tuy nhin Network-based, ngoai vic truy xut thch hp cho nhng chc
nng chnh xc(cp nht IOS), no con bao gm vic s dng Virtual Local Area
Network (VLAN) va c miu t trong gii php cho VLAN 1 trong phn Virtual
Local Area Networks

Gii php sau y s lam gim tnh d bi tn thng khi s dng dy Console trn
mi Switch:
Cai t mt tai khon duy nht cho mi nha qun tr khi truy xut bng dy Console.
Lnh sau ch ra 1 v d v vic to 1 tai khon cp privilged va cai t cp privilege
thanh mc nh(0) cho dy Console . cp privileged 0 la cp thp nht ca Switch
Cisco va cho phep cai t rt t lnh. Ngi qun tr co th lam tng cp privileged
ln 15 bng cu lnh enable. Cung vy, tai khon nay cung co th c truy xut t
dy virtual terminal.

Switch(config)# username ljones privilege 0

Switch(config)# line con 0
Switch(config-line)# privilege level 0

S dng nhng dong hng dn sau to password an toan: password t nht la 8

ky t; khng la nhng t c bn; va thm vao t nht 1 ky t c bit hay s nh:!
@#$%^&*()|+_...; thay i password t nht la 3 thng 1 ln. S dng

Switch(config)# username ljones secret g00d-P5WD

Switch(config)# line con 0
Switch(config-line)# login local

2.Port Security

2.1 Tnh d b tn thng

Nhng interface lp 2 ca Cisco c hiu nh la cc Port. Mt Switch ma khng

cung cp kh nng bo v Port, thi cho phep k tn cng tn cng vao h thng
khng dng n, enable Port, thu thp thng tin hoc tn cng. Mt Switch co th
cu hinh hot ng ging nh Hub. iu o co ngha la mi h thng kt ni n
Switch m cch tim tang co th thy tt c cc traffic di chuyn qua Switch ti
cc h thng kt ni n Switch. Nh vy 1 k tn cng co th thu thp traffic cha
ng cc thng tin nh: Username, Passord, nhng thng tin cu hinh va h thng
trn mng

2.2 Gii Php

Port Security gii hn s lng ca da ch MAC hp l c cho phep trn Port. Tt

c nhng port trn Switch hoc nhng interface nn c m bo trc khi trin
khai.Theo cch nay, nhng t tnh c cai t hoc g b nh la nhng yu cu
thm vao hoc lam dai thm nhng t tnh 1 cch ngu nhin hoc la nhng kt
qu bo mt vn da co sn.
Nn nh rng Port Security khng s dng cho nhng Port access ng hoc port
ch cho ngi phn tch Switch Port. Va cho n khi o Port security bt tnh
nng Port trn Switch nhiu nht co th.
V d sau cho thy dong lnh shutdonw mt interface hoc mt mng cc interface:
Single interface:
Switch(config)# interface fastethernet 0/1
Switch(config-if)# shutdown

Range of interfaces:

Switch(config)# interface range fastethernet 0/2 - 8

Switch(config-if-range)# shutdown

Port Security co kh nng lam thay i s ph thuc trn ch Switch va phin bn

IOS. Mi Port hot ng co th b hn ch bi s lng ti a a ch MAC vi hanh
dng la chn cho bt ki s vi phm nao. Nhng vi phm nay co th lam drop goi tin
( violation protect ) hoc drop va gi thng ip (restrict or action trap) hoc
shutdown port hoan toan( violation shutdown or action shutdown). Shutdown la
trng thi mc nh , m bo hu ht protect va restrict c hai u yu cu theo di
a ch MAC ma no a c quan st va ph hu tai nguyn x l hn la shutdown.
a ch MAC c thu thp mt cch t ng vi vai Switch h tr Entry tnh va

Sticky Entry. Entry tnh thi c cu hinh bng tay thm vao trn mi port (e.g.,
switchport port-security mac- address mac- address) va c lu li trong file cu
hinh.. Sticky Entry c xem nh la Entry tnh, ngoi no c hc mt cch t ng
. Nhng Entry ng tn ti c chuyn sang Sticky Entry sau khi s dng cu lnh
(switchport port-security mac- address Stickey). Nhng Entry ng cu c lu li
trong file cu hinh (switchport port-security mac- address Stickey mac- address) n
u file c u h inh d c lu v a chy th i a ch MAC kh ng c n h c l i l n n
acho vi c restart l n sau. V a c ung v y m t s l ng t i a a ch MAC c o
th c c ai t b ng c u l nh sau(e.g.,switchport port-security maximun
value) .
Ngi qun tr co th bt tnh nng cu hinh a ch MAC tnh trn cc port bng cch
s dng cu lnh switchport port-security aging static. Lnh aging time (e.g.,
switchport port-security aging time time) co th t di dng phut. ng thi dong
lnh aging co th t cho s khng hot ng (e.g., switchport port-security aging
type inactivity), iu nay co ngha la tui cc a ch o c cu hinh trn port
ngoai nu khng co d liu lu thng t nhng a ch nay cho khai bo tng phn
bng dong lnh aging time. t tnh nay cho phep tip tc truy cp n s lng
nhng da ch gii hn o.
V d:
+ Nhng dong lnh sau dng gii hn tnh mt cng trn Catalyst Switch 3550.

Switch(config-if)# switchport port-security

Switch(config-if)# switchport port-security violation shutdown
Switch(config-if)# switchport port-security maximum 1
Switch(config-if)# switchport port-security mac-address 0000.0200.0088
Switch(config-if)# switchport port-security aging time 10
Switch(config-if)# switchport port-security aging type inactivity

+ Nhng dong lnh sau gii hn ng mt cng trn Catalyst Switch 3550. Chu y
nhng dong lnh aging khng c s dng vi nhng a ch sticky MAC.

Switch(config-if)# switchport port-security

Switch(config-if)# switchport port-security violation shutdown
Switch(config-if)# switchport port-security maximum 1
Switch(config-if)# switchport port-security mac-address sticky

Chu y khi co s vi phm port security xy ra thi ngay lp tc no s tr thanh trng

thi error-disable va n LED s tt. Switch cung s gi mt thng ip SNMP trap,
logs (syslog) va lam tng ln s phn i ca xm nhp. Khi mt port o trng thi
error-disable, ngi qun tr co th a no ra khi trng thi nay bng cch s dng
dong lnh ch toan cc errdisable recovery cause psecure-violation hoc dong
lnh shutdown va no shutdown trn cng c cu hinh.

Co mt s vn quan trng pht sinh khi cu hinh port security trn port kt ni
n mt IP phone. Mt d port security khng c s dng trn Trunk port, a ch
MAC phn i vic xem xet viec gn VLAN ca goi tin n. Cng IP phone gi goi tin
ra 2 Vlan s co 2 bng entries c chia ra trong bng MAC vi th no s m 2 ln
ln n maximum MAC.
Khi IP Phone co th s dng 2 goi tin khng c gn vao (untagged, e.g., Layer 2
CDP protocol ) va goi tin Voice Vlan co gn(tagged); a ch MAC ca IP Phone s
c thy trn c 2 native VLAN va Voice VLAN. Vi vy no s c m 2 ln. Vic
t ti a a ch MAC cho 1 port kt ni n 1 IP Phone cho trng hp nhiu my
tnh tn cng vao IP Phone. Nhng my tinh truyn hp l s dng nhiu a ch MAC
phi c cu hinh tnh ton.
Mt kh nng mi bo m cho nhng port ca Switch nhanh hn va thch hp
hn o la macros. Macros cho phep nhom nhng port sn sang ma nhng lnh
o c chp nhn bng cu hinh tay. Bt ki dong lnh nao c thm vao bng vic
s dng k t # ti u mi dong lnh va kt thuc bi k t@.
The following example creates a strict security macro called unused to secure the
ports, or interfaces, on
a 3550 switch
V d sau y to ra s ngn cn security macro gi la unused bo m trn
nhng port hoc trn nhng interface trn Switch 3550.

Switch(config)# macro name unused

macro description unused
shutdown
description *** UNUSED Port ***
no ip address switchport
# Set secure defaults for access mode switchport mode access
switchport access vlan 999
switchport nonegotiate
# Set secure defaults for trunking mode switchport trunk encapsulation dot1q
switchport trunk native vlan 999 switchport trunk allowed vlan none
# Only learn source MAC addresses switchport block multicast switchport block
unicast
# Enable MAC control and set secure options
switchport port-security
switchport port-security maximum 1
switchport port-security aging time 10
switchport port-security aging type inactivity
# Apply any switch-wide access-lists
ip access-group ip-device-list in
mac access-group mac-device-list in
# Set secure defaults for misc. flags and protocols mls qos cos override
dot1x port-control force-unauthenticated
storm-control broadcast level 0.00 storm-control multicast level 0.00 storm-control
unicast level 0.00
no cdp enable
# Default Spanning-tree to secure host settings spanning-tree portfast
spanning-tree bpdufilter enable spanning-tree bpduguard enable spanning-tree
guard root
@

Sau khi to s gn cm security macro, unused, p t macro trn tt c cc port

ca Switch nh s bo m ranh gii vi cc dong lnh sau.

Switch(config)# interface range fasteth0/1 24 , giga0/1 2

Switch(config-if-range)# macro apply unused
Sau khi macros c xy dng tnh bo m da trn unused macro c thit lp
bt tnh nng bo mt d h tr tt c cc h thng theo mong i..
Switch(config)# macro name host
# Apply macro 'unused' first!
macro description host
# Set the port for a PC host
dot1x port-control auto
no storm-control broadcast level no storm-control multicast level no storm-control
unicast level
no shutdown
# The following are recommended port specific commands
#description Host <10.1.10.3>
#switchport access vlan <10>
#switchport trunk native vlan <10>
@

Switch(config)# macro name ipphone

# Apply macro 'unused' first!
macro description ipphone
#
# Set the port for an ipphone without attached PC host switchport port-security
maximum 2
no mls qos cos override
mls qos trust device cisco-phone
mls qos trust dscp
no storm-control broadcast level no storm-control multicast level no storm-control
unicast level cdp enable
no shutdown
#
# The following are recommended port specific commands
#description IP PHONE <x1013>
#switchport voice vlan <101>
@
Switch(config)# macro name ipphone-host
# Apply macro 'unused' first!
macro description ipphone & host
#
# Set the port for an ipphone with attached PC host switchport port-security
maximum 3
no mls qos cos override
mls qos trust device cisco-phone
mls qos trust dscp
dot1x port-control auto
no storm-control broadcast level no storm-control multicast level no storm-control
unicast level cdp enable
no shutdown
#
# The following are recommended port specific commands
#description IP PHONE <x1014> & HOST <10.1.20.5>
#switchport access vlan <20>
#switchport trunk native vlan <20>
#switchport voice vlan <101>
@

Vic chp nhn nhng macros s ch lam thay i n tnh bo m nhng bin
c yu cu cho nhng port h tr hoan toan nhng h thng thch hp.
V d sau ch ra lam th nao dng cc macro ln trc cu hinh cho nhng
port access ca nhng Switch t nhng m hinh v d cho mi h thng nh: Host,
Ip Phone va IP Phone vi mt cuc tn cng host.
Host:

Switch(config)# interface fa0/1

Switch(config-if)# macro apply host
Switch(config-if)# description Host 10.1.10.3
Switch(config-if)# switchport access vlan 10
Switch(config-if)# switchport trunk native vlan 10
Switch(config-if)# exit

IP phone:

Switch(config)# interface range fa0/2 - 4

Switch(config-if-range)# macro apply ipphone
Switch(config-if-range)# switchport voice vlan 101
Switch(config-if-range)# exit
Switch(config)# interface fa0/2
Switch(config-if)# description IP PHONE x1011
Switch(config)# interface fa0/3
Switch(config)# description IP PHONE x1012
Switch(config)# interface fa0/4
Switch(config-if)# description IP PHONE x1013
Switch(config-if)# exit

IP phone with an attached host:

Switch(config)# interface fa0/5

Switch(config-if)# macro apply ipphone-host
Switch(config-if)# description IP PHONE x1014 & Host 10.1.20.5
Switch(config-if)# switchport access vlan 20
Switch(config-if)# switchport trunk native vlan 20
Switch(config-if)# switchport voice vlan 101
Switch(config-if)# exit

Ngi qun tr co th s dng cu lnh macro trace thay th cho cu lnh macro
apply bi vi cu lnh macro trace co th xc nh debugging ca macros. Thng
xuyn s dng show parser macro description bit macro cui cng c p ln
mi port.
Cui cng a ch MAC tnh va port security p trn mi port ca Switch co th tr
thanh gnh nng cho ngi qun tr. Port Access Control List (PACLs) co th cung
cp kh nng bo mt tng t nh a ch MAC tnh va port security va PACLs cung
cung cp nhiu tnh nng linh ng va iu khin.vic cho phep a ch MAC va a
ch IP co th c chia va dc xem xet t pha ca mt Switch m rng. Tham
chiu n phn ALCs bit thm chi tit.
CACH CU HNH VLAN
+i vi Switch 1900 :

Switch#conf t

Switch(config)#vlan &lt;number vlan> name &lt;vlan name > { VD : Vlan 2 name Trang } : lnh
ny dng to mt vlan s 2 c tn l trang .
Mc nh l switch lun c Vlan 1 , gi l default vlan , nn khng cn phi to ra vlan 1 na .

Switch(config)#interface ethernet 0/1

Switch(config-if)#vlan-membership static 2 : lnh ny dng ch nh interface ethernet 0/1

thuc vlan 2

#ctrl -Z

#copy run start

xem li cu hnh , s dng lnh : show vlan-membership trong enable mode

+ i vi Switch 2900 :

Switch#conf t

Switch(config) #Vlan database

Switch(config)#Vlan &lt;number vlan > name &lt; vlanname> { VD : tng t nh i vi

switch 1900 }

Switch(config)#interface fastEthernet 0/1

Switch(config-if ) #Switchport mode access : lnh ny dng chuyn mode ca port sang trng
thi access

Switch(config-if )#Switchport access Vlan &lt; numberVlan> { VD: switchport access vlan 2 } :
lnh ny dng ch nh port thuc Vlan no .

switch(config-if)# ctrl-z

switch#copy run start

kim tra , dng lnh show Vlan trong enable mode

Gio trnh CCNA ch cp n Switch Catalyst 1900 v 2900 , do nu cc bn nhm CCNA

5.1 mun tm hiu v cu hnh VLAN cc Switch i sau ny , xin vui lng tm c thm ti
liu hoc tham kho trn trang web ca Cisco
Tn y ch l nhng lnh c bn to mt VLAN. Bn no c bit g thm th xin vui lng b
sung gip nhm CCNA 5.1.
Xin cm n

quoctrang

View Public Profile

Send a private message to quoctrang

Find all posts by quoctrang

Add quoctrang to Your Contacts

#2
04-07-2003, 01:37 AM
marsupilami Posts: n/a
Guest

a hnh nh ln ri th phi, lnh vlan database phi g privilege mode ch. Cn Catalyst
1900 th u c lnh copy run start :roll:

marsupilami

#3
05-07-2003, 12:32 AM
marsupilami Posts: n/a
Guest

Hi leavu, bn bo rng dng encapsulation .1q trn cc router khng c port fastethernet ???L
nh
Theo mnh bit th ch c th Trunk trn cc port fastethernet thi(router hay Swicth), cn ISL
khc .1q ch, ISL l chun ca CISCO(bn quyn), cn .1q l ca IEEE(xi thoi mi)

marsupilami

#4
20-07-2003, 02:11 PM
hoang hon Posts: n/a
Guest
VLAN

Cho cc anh, Em ang lm k thut vin, em c cu hi ny nh cc anh tr li gip em(v em

ang t hc v mng) v cch chia VLAN.
- Mun chia VLAN th mnh cn nhng phn cng, phn mm no?
- Cch cu hnh VLAN(ch cho em tng bc mt).
- Vd: mnh mun chia lm 2 VLAN chng hn th mnh cu hnh th no v thit lp nh th
no? Lm sao 2 VLAN ny hot ng v cch qun l chng.
Rt mong cc anh tr li chi tit cho em.

hoang hon

#5
21-07-2003, 12:23 AM
sinhvienngheo Join Date: May 2003
Senior Member Location: Ho Chi Minh city
Elite Posts: 771
Re: VLAN

Quote:

Originally Posted by hoang hon

Cho cc anh, Em ang lm k thut vin, em c cu hi ny nh cc anh tr li gip em(v
em ang t hoc v mng) v cch chia VLAN.
- Mun chia VLAN th mnh cn nhng phn cng, phn mm no?
- Cch cu hnh VLAN(chi cho em tng bc mt).
- Vd: mnh mun chia lm 2 VLAN chng hn th mnh cu hnh th no v thit lp nh th
no? Lm sao 2 VLAN ny hot ng v cch qun l chng.
Rt mong cc anh tr li chi tit cho em.
Cho bn,

Cc switch ca cc hng khc nhau u h tr tnh nng chia vlan. Vlan - mng ring o l mt
c im cho php ta ngn cc broadcast domain ca switch ra thnh cc broadcast domain nh
hn. Khi switch c chia vlan, n s tng ng vi cc switch ring bit ng vi tng
vlan.

Mun cu hnh vlan, bn ch cn chn loi switch c h tr tnh nng ny. 3COOM, Cisco,
Extreme, Dlink, Intel, HP...u c cc loi switch.

Nu bn cn qui trnh chia vlan trn Cisco, mnh s vit tip mt bi v ch ny? ok?
cm n bn c.

Mn chc bn thnh cng,

sinhvienngheo

View Public Profile

Send a private message to sinhvienngheo

Find all posts by sinhvienngheo

Add sinhvienngheo to Your Contacts

#6
21-07-2003, 01:32 PM
biennt Posts: n/a
Guest

Cu hi ca bn rng qu, mnh c gi s n gin th ny (khng ng th bn c ni tip

trao i):
Bn c 1 ci switch c kh nng chia VLAN (nh bc sinhvienngheo ch ra, y cng v d
lun l Cisco switch chy h iu hnh CatOS cho d) chui vo console ca switch bng hyper
terminal(c sn trong Windows) hay ci g tng t. Thc hin:

>enable
(nhp password nu cn)
sau mun to vlan th g lnh theo c php:

#set vlan &lt;vlan_id> &lt;port_list>

&lt;vlan_id>: s hiu vlan (1,2,3...)

&lt;port_list>: danh sch cc port trn switch mun gn vo vlan , port_list nu vit y th
l &lt;module/port list> ngha l s hiu module/port. Nu switch ch c mt module th khng
cn n s hiu module. Post list c th vit l n-m (t port th n n port th m)

Nu bn nh chia thnh 2 vlan th ch vic g 2 lnh kia, sau save config(nu mun) l xong.

Tht ra, bn nn ni r tn tui (part number..) ca ci switch th ai mun gip cng

d..mnh ni nh th ny l ni ba..v chng r bn c g v cn g.

BTW: chia VLAN th khng lin quan n IP Routing..nhng tht ra l cng li lin quan y..!!
 biennt

#7
21-07-2003, 09:46 PM
hoang hon Posts: n/a
Guest

my anh ni n th em hiu ra mt phn ri nhng cn c cu ny hi my s huynh nha

VD: by gi em c 20 my chng hn em chia lm 2 VLAN nh vy th em phi thit lp nh
th no mng ny hot ng bnh thng(em ch bit thit lp mt mng LAN nh cc phng
Net ang s dng theo m hnh Server/Client). Rt mong cc anh gii thich r rng hn cho
em. :?:

hoang hon

#8
21-07-2003, 10:19 PM
Join Date: May 2003
Mikami
Location: Massachusetts
Senior Member
Posts: 299
Guru

V logical, VLAN l nhng LAN hot ng c lp vi nhau.

Khi config trn Switch , bn se ch ra port no nm VLAN my.

V do hot ng c lp , bn cn 1 device routing gia cc VLAN. V chnh l Router.

Nh th v mt physical, bn ch c 1 LAN ( v ch c 1 switch ), nhng trn thc t , bn c

nhiu LAN .

Bn c xem ti liu mnh gi cho s hiu ngay y m.

THN

Mikami

View Public Profile

Send a private message to Mikami

 Find all posts by Mikami

Add Mikami to Your Contacts

#9
27-08-2003, 06:56 PM
netdevice Join Date: Jul 2003
Senior Member Posts: 139
Senior Member

Hi diehard,
Chia vlan trn switch c hai bc chnh:
1) To vlan
2) Cu hnh thm tng port vo tng vlan mong mun.
hiu r hn v vlan v chi tit cu hnh ban nn tham kho cc sch dy CCNA.
Thn.

netdevice

View Public Profile

Send a private message to netdevice

Find all posts by netdevice

Add netdevice to Your Contacts

#10
28-08-2003, 10:52 AM
Tuangia Join Date: Aug 2003
Member Location: Hanoi
Member Posts: 52
Re: cch chia VLAN trn switch v cch config n nh th no

Chia VLAN trn SW c 2 bc:

1. To VLAN
2. Gn SW port vo VLAN c 2 kiu:
- Static: p dng cho cc mng nh v gn port vo VLAN nhn cng
- Dynamic

Nu bn s dng SW Catalyst 2900XL to VLAN static th bn c th cu hnh nh sau:

1. To VLAN
vlan database
vlan #vlan name vlanname
Ch : khng nn s dng VLAN 1 nu khng mun cho telnet vo SW
2. Gn SW port vo VLAN
interface FastEthernet 0/n
switchport mode access
switchport access vlan n

Gip ti config router 2514 cc "Cao Th" i !!!

Xin cho cc anh ch,

Ti c cisco 2514 v v 1 line ADSL. Ti mun dng router 2514 lm firewall. Ti config
router nh sau

Current configuration:
!
version 11.2
service timestamps debug uptime
service timestamps log uptime
no service udp-small-servers
no service tcp-small-servers
!
hostname Cisco2514
!
enable password cisco
!
ip subnet-zero
no ip domain-lookup
!
interface Ethernet0
description connected to FireWall_LAN
ip address 172.16.1.2 255.255.255.0
!
interface Ethernet1
description connected to ADNCO_LAN
ip address 10.0.0.1 255.255.255.0

--More-- !

interface Serial0
no ip address
shutdown
!
interface Serial1
no ip address
shutdown
!
router rip
version 2
network 172.30.0.0
network 10.0.0.0
no auto-summary
!
no ip classless
ip route 0.0.0.0 0.0.0.0 10.0.0.2
ip route 10.0.0.0 255.255.255.0 Ethernet0
ip route 10.10.10.0 255.255.255.0 Ethernet0
ip route 172.16.1.0 255.255.255.0 Ethernet0

--More-- !

line con 0
exec-timeout 0 0
password cisco
login
line aux 0
line vty 0 4
password cisco
login
!
end
Vi config nh th th nu ti set cho PC[s dng Win XP]
IP: 172.16.1.3
Subnetmask: 255.255.255.0
Gateway: 172.16.1.1 or 10.0.0.1 or 10.0.0.2 vn khng access c internet
Nu ti set cho PC:
IP: 10.0.0.3
Subnetmask: 255.255.255.0
Gateway: 172.16.1.1 or 10.0.0.1 or 10.0.0.2 (1 trong 3 ci vn v t access internet.)

Nh th l do l sao??
Ngoi ra lm firewall yi cn phi config thm cho router 2514 th no??
Cc anh ch tip tc gip ti nha..
Cm n cc anh ch c bi vit..

th_nguyenvn

View Public Profile

Send a private message to th_nguyenvn

Find all posts by th_nguyenvn

Add th_nguyenvn to Your Contacts

#2
16-03-2004, 05:40 PM
Guest Posts: n/a
Re: Gip ti config router 2514 cc "Cao Th" i !!!

Quote:

Vi config nh th th nu ti set cho PC[s dng Win XP]

IP: 172.16.1.3
Subnetmask: 255.255.255.0
Gateway: 172.16.1.1 or 10.0.0.1 or 10.0.0.2 vn khng access c internet

Nu ti set cho PC:

IP: 10.0.0.3
Subnetmask: 255.255.255.0
Gateway: 172.16.1.1 or 10.0.0.1 or 10.0.0.2 (1 trong 3 ci vn v t access internet.)

Nh th l do l sao??
Ngoi ra lm firewall yi cn phi config thm cho router 2514 th no??
Cc anh ch tip tc gip ti nha..
Cm n cc anh ch c bi vit..
Bn gp phi vn v routing.
network 172.30.0.0 => network 172.16.0.0
theo mnh ngh th nh vy cha th l Firewall ci ny phi nh cc anh ch hay l firewall t
vn.

Thn.

#3
16-03-2004, 10:03 PM
Join Date: Apr 2003
admin
Posts: 1,392
Administrator
Brainiac

Hi

bn cu hnh phn routing sai ri. Cn phi xem li phn routing nh.

chc thnh cng,

__________________
Viet Professionals Co. Ltd. VnPro
---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257 (7 lines)
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support forum: http://vnpro.org
LiveChat : http://www.vnpro.vn/support
Blog VnPro : http://vnpro.org/blog
Forum Wifi : http://wifipro.org

admin

View Public Profile

Send a private message to admin

Send email to admin

Find all posts by admin

 Add admin to Your Contacts

#4
17-03-2004, 11:19 PM
TGA_Certificationteam Join Date: Jun 2003
Senior Member Posts: 578
Elite

Bo? cai RIP di

Them vao

IP route 0.0.0.0 0.0.0.0 e 0

__________________
-------------------------------------------------------
Yamaha R6 Rider
Ti l Yuna_admirer.

TGA_Certificationteam

View Public Profile

Send a private message to TGA_Certificationteam

Find all posts by TGA_Certificationteam

Add TGA_Certificationteam to Your Contacts

#5
18-03-2004, 08:47 PM
danguyennhi Posts: n/a
Guest

Hi nguyn,
bn bit cch cu hnh routers c bn cha?

thn,

danguyennhi
 #6
18-03-2004, 08:58 PM
th_nguyenvn Join Date: Mar 2004
Junior Member Posts: 19
Newbie

Quote:

Originally Posted by danguyennhi

Hi nguyn,
bn bit cch cu hnh routers c bn cha?

thn,
yeah, danguyennhi mnh bit config m..
nhng c ci trong phn ip route, ni tht l mnh set c nhng k bit b n th no..
Ngoi ra mnh config route cho network 2 network 172.16.1.0 v 10.0.0.0 th ok ri, nhng
mnh mun config du router 2514 lm firewall..
Thanks..

th_nguyenvn

View Public Profile

Send a private message to th_nguyenvn

Find all posts by th_nguyenvn

Add th_nguyenvn to Your Contacts

#7
18-03-2004, 09:03 PM
Join Date: Apr 2003
admin
Posts: 1,392
Administrator
Brainiac

Hi

b mt lnh, em dng lnh

no ip route xxxx

Bn nn hon tt phn routing trc khi chuyn sang phn firewall.

thn,
__________________
Viet Professionals Co. Ltd. VnPro
---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257 (7 lines)
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support forum: http://vnpro.org
LiveChat : http://www.vnpro.vn/support
Blog VnPro : http://vnpro.org/blog
Forum Wifi : http://wifipro.org

admin

View Public Profile

Send a private message to admin

Send email to admin

Find all posts by admin

Add admin to Your Contacts

#8
18-03-2004, 09:11 PM
th_nguyenvn Join Date: Mar 2004
Junior Member Posts: 19
Newbie

Quote:

Originally Posted by Admin

Hi

b mt lnh, em dung lnh

 no ip route xxxx

Bn nn hon tt phn routing trc khi chuyn sang phn firewall.

thn,
yeah, nhng hin nay em ang route cho 2 network 172.16.1.0 v 10.0.0.0 thy nhau..
anh Admin c th ch em cch config cho router ny lm firewall c k?? em fi lm g trc
y..
Thanks..

th_nguyenvn

View Public Profile

Send a private message to th_nguyenvn

Find all posts by th_nguyenvn

Add th_nguyenvn to Your Contacts

#9
19-03-2004, 11:12 AM
danguyennhi Posts: n/a
Guest

nh vy l t cc my trm lm vic c th i ra ngoi Internet ht ri?

rn router C
Code:
router ospf 1
area 1 nssa default-information-originate
network 192.168.2.3 0.0.0.0 area 1
network 3.3.3.3 0.0.0.0 area 1
!
ip route 0.0.0.0 0.0.0.0 loopback0

Trn router B
Code:
router ospf 1
area 1 nssa default-information-originate
network 192.168.1.2 0.0.0.0 area 0
network 192.168.2.2 0.0.0.0 area 1
network 2.2.2.2 0.0.0.0 area 0

Trn bng nh tuyn ca router C s c 1 tuyn S* 0.0.0.0

show database ca B vn qung b route 0.0.0.0 vo area 1
Vn l lm sao router C c th ping c n 1.1.1.1 v ko th c 2 tuyn 0.0.0.0 trong
bng nh tuyn c.
Ai gip mnh gii quyt vi
Attached Thumbnails

Last edited by Im_Sam; 08-08-2008 at 07:07 PM.

Im_Sam

View Public Profile

Send a private message to Im_Sam

Find all posts by Im_Sam

Add Im_Sam to Your Contacts

#2
08-08-2008, 08:49 PM
binhhd Join Date: Feb 2006
CCIE #21256 Posts: 310
Guru

Quote:

Originally Posted by Im_Sam

Trn router C
Code:
router ospf 1
area 1 nssa default-information-originate
network 192.168.2.3 0.0.0.0 area 1
network 3.3.3.3 0.0.0.0 area 1
!
ip route 0.0.0.0 0.0.0.0 loopback0

Trn router B
Code:
router ospf 1
area 1 nssa default-information-originate
network 192.168.1.2 0.0.0.0 area 0
network 192.168.2.2 0.0.0.0 area 1
network 2.2.2.2 0.0.0.0 area 0

Trn bng nh tuyn ca router C s c 1 tuyn S* 0.0.0.0

show database ca B vn qung b route 0.0.0.0 vo area 1
Vn l lm sao router C c th ping c n 1.1.1.1 v ko th c 2 tuyn 0.0.0.0 trong
bng nh tuyn c.
Ai gip mnh gii quyt vi
hi Sam,
vi m hnh ca bn, Area1 l nssa lc bn nn cu hnh nh sau:
!!RC:
config t
router ospf 1
network 192.168.2.0 0.0.0.255 area 1
area 1 nssa
redistribute "nhng subnet t mng NET vo OSPF"
!
end
wr

!!RB:
config t
router ospf 1
network 192.168.2.0 0.0.0.255 area 1
network 192.168.1.0 0.0.0.255 area 0
network 1.1.1.0 0.0.0.255 area 0
area 1 nssa default-information-originate
!
end
wr

!!RA:
config t
router ospf 1
network 192.168.1.0 0.0.0.255 area 0
redistribute RIP subnets
!
router rip
version 2
no auto-summary
network 1.0.0.0
!
end
wr

lc RA,RB s thy tt c cc subnet ca mng NET v RC redistribute vo. RC s thy

c cc subnet ca RIP (Loop0 trn RA) qua default-route t RB qung b vo

binhhd

View Public Profile

Find all posts by binhhd

Add binhhd to Your Contacts

#3
08-08-2008, 10:54 PM
Join Date: Aug 2008
Im_Sam Posts: 35
Member
Newbie

Trc ht rt cm n bn.Mng Net ca mnh l 1 tuyn default route 0.0.0.0. Vy khi redistribute
th redistribute subnet no. Mnh vn cha hiu lnh
Code:
redistribute "nhng subnet t mang NET vao OSPF"

lm. Bn gii thch r hn h mnh vi

Im_Sam

View Public Profile

Send a private message to Im_Sam

Find all posts by Im_Sam

 Add Im_Sam to Your Contacts

#4
08-08-2008, 11:27 PM
binhhd Join Date: Feb 2006
CCIE #21256 Posts: 310
Guru

Quote:

Originally Posted by Im_Sam

Trc ht rt cm n bn.Mng Net ca mnh l 1 tuyn default route 0.0.0.0. Vy khi
redistribute th redistribute subnet no. Mnh vn cha hiu lnh
Code:
redistribute "nhng subnet t mang NET vo OSPF"

lm. Bn gii thch ro hn h mnh vi

Code:
redistribute "nhng subnet t mang NET vao OSPF"

: ngha l bn redistribute nhng route trn RC i n mng NET vo OSPF.

Nh vy theo m hnh ca bn, mng NET ca bn l mt mng bn ngoi phi khng (Internet
chng hn)? Nu nh vy th cch
Code:
redistribute "nhng subnet t mang NET vao OSPF"

l khng thc hin c.

Mt cch khc n gin hn thc hin yu cu ca bn l Area1 l normal area.
cu hnh sa li tng ng l:
!!RC:
config t
router ospf 1
network 192.168.2.0 0.0.0.255 area 1
redistribute connected subnets
!
ip route 0.0.0.0 0.0.0.0 loopback0
!
end
wr
!!RB:
config t
router ospf 1
network 192.168.2.0 0.0.0.255 area 1
network 192.168.1.0 0.0.0.255 area 0
network 1.1.1.0 0.0.0.255 area 0
!
end
wr

!!RA:
config t
router ospf 1
network 192.168.1.0 0.0.0.255 area 0
redistribute RIP subnets
!
router rip
version 2
no auto-summary
network 1.0.0.0
!
end
wr

binhhd

View Public Profile

Find all posts by binhhd

Add binhhd to Your Contacts

#5
08-08-2008, 11:42 PM
Join Date: Aug 2008
Im_Sam Posts: 35
Member
Newbie

Nh vy vi m hnh nh th ta ko trin khai c nssa phi ko. Cm n bn rt nhiu

 Im_Sam

View Public Profile

Send a private message to Im_Sam

Find all posts by Im_Sam

Add Im_Sam to Your Contacts

#6
08-08-2008, 11:48 PM
Join Date: Jan 2007
tranmyphuc Location: hcmC
Member Posts: 3,251
Brainiac

Cha`o !!!
Quote:

Originally Posted by canhochoi

cc bc cho em hi v OSPF. Lnh no-redeistribute trong cu hnh nssa lm g,
c v d c th v trng hp dng lnh ny ko? lnh ny c li ch g ?? ti sao phi
dng n ???
area area-id nssa no-redeistribute defau-infor ori
Thanks
Cho bn !!!
Bn xem bi LAB bn di :
u tin ta xt cu lnh :
Code:

area area-id nssa no-redistribution

Trong :
Area-id : OSPF area ID. Tuy nhin area-id dng trong bi ny l mt gi tr nm t 1
4.294.967.295 (cu hnh trn router CISCO) hoc dng IP address : 0.0.0.1
255.255.255.255 (cu hnh trn router Juniper,). Do area 0 hay area 0.0.0.0 khng th no cu
hnh l NSSA c.

Ly thuyt : trong stub hoc totally stubby area , ABR trong stub area s chng li OSPF externel
routers (type 5) t bn ngoi qung b vo mng. C ngha l ASBR khng th no l thnh
phn ca stubby hoc totally stubby area bi v ASBR to ra OSPF externel type 5 routes.Chnh
v tnh hung : mun qung b mt mng bn ngoi vo OSPF + vn gia c nhng tnh cht
vn c ca stub v totally stubby area , vng NSSA ra i. Vng NSSA ngoi nhng tnh cht
ca 2 vng trn , n cn b i gii hn "reditribute external OSPF routes" bng cch :
+ Ti ASBR hay ABR , n nhn gi tin LSA qung b external routes vo mng OSPF => sau
n chuyn dng gi tin type 5 (quy nh cha external route)ny thnh gi tin type 7.
-------+ Nu nh gi tin c nhn t ASBR (do router C qung b)n s chuyn t type 5
sang type 7 (nh trn gii thch trn) sau khi n vng standard area ti ABR n s
chuyn dng type 7 sang type 5.
-------+ Nu nh gi tin c nhn t ABR (do router E qung b) n s chuyn t dng type 5
sang type 7 tr thnh 1 route trong NSSA.

Hnh minh ha:

u tin chng ta cu hnh cho cc Router , trng thi trc khi bt cu lnh :

Code:

area area-id nssa no-redistribution

cng nh
Code:
cha cu hnh NSSA
Code:
Router A

interface Loopback0

ip address 1.1.1.1 255.255.255.255

interface Serial0/1

ip address 10.1.1.1 255.255.255.252

clockrate 64000

router ospf 1

redistribute connected subnets

network 10.1.1.0 0.0.0.3 area 0

_______________________________________________________________________

Router B

interface Loopback0

ip address 2.2.2.2 255.255.255.255

interface Ethernet0

ip address 172.16.1.1 255.255.255.0

interface Serial0

ip address 10.1.1.2 255.255.255.252

interface Serial1

ip address 10.1.1.5 255.255.255.252

lockrate 64000

!
router eigrp 1

network 172.16.0.0

router ospf 1

redistribute eigrp 1 subnets

network 10.1.1.0 0.0.0.3 area 0

network 10.1.1.4 0.0.0.3 area 1

_______________________________________________________________________

Router C

interface Loopback0

ip address 3.3.3.3 255.255.255.255

interface Serial0

ip address 10.1.1.6 255.255.255.252

interface Serial1

ip address 10.1.1.10 255.255.255.252

clockrate 64000

router ospf 1

redistribute rip subnets

network 10.1.1.4 0.0.0.3 area 1

router rip

version 2

passive-interface Serial0
 network 10.0.0.0

_______________________________________________________________________

Router D

interface Loopback0

ip address 156.26.32.1 255.255.255.0

interface Loopback1

ip address 156.26.33.1 255.255.255.0

interface Serial0/0

ip address 10.1.1.9 255.255.255.252

router rip

version 2

network 10.0.0.0

network 156.26.0.0

no auto-summary

_______________________________________________________________________

Router E

interface Loopback0

ip address 142.1.4.4 255.255.255.255

interface Ethernet0/0

ip address 172.16.1.2 255.255.255.0

router eigrp 1
 network 142.1.0.0

network 172.16.0.0

no-auto-summary

Router A,B hc mng RIP t C,D nh mt external routes v Router hc EIGRP

t E cng vy.

rtrA#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate

default

U - per-user static route, o - ODR

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets

C 1.1.1.1 is directly connected, Loopback0

156.26.0.0/24 is subnetted, 2 subnets

O E2 156.26.32.0 [110/20] via 10.1.1.2, 00:02:29, Serial0/1

O E2 156.26.33.0 [110/20] via 10.1.1.2, 00:02:29, Serial0/1

172.16.0.0/24 is subnetted, 1 subnets

O E2 172.16.1.0 [110/20] via 10.1.1.2, 00:01:28, Serial0/1

142.1.0.0/32 is subnetted, 1 subnets

O E2 142.1.4.4 [110/20] via 10.1.1.2, 00:01:28, Serial0/1

10.0.0.0/30 is subnetted, 3 subnets

O E2 10.1.1.8 [110/20] via 10.1.1.2, 00:02:29, Serial0/1

C 10.1.1.0 is directly connected, Serial0/1

 O IA 10.1.1.4 [110/128] via 10.1.1.2, 00:02:30, Serial0/1

_______________________________________________________________________

rtrB#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate

default

U - per-user static route, o - ODR

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets

O E2 1.1.1.1 [110/20] via 10.1.1.1, 00:09:03, Serial0

2.0.0.0/32 is subnetted, 1 subnets

C 2.2.2.2 is directly connected, Loopback0

156.26.0.0/24 is subnetted, 2 subnets

O E2 156.26.32.0 [110/20] via 10.1.1.6, 00:09:03, Serial1

O E2 156.26.33.0 [110/20] via 10.1.1.6, 00:09:03, Serial1

172.16.0.0/24 is subnetted, 1 subnets

C 172.16.1.0 is directly connected, Ethernet0

142.1.0.0/32 is subnetted, 1 subnets

D 142.1.4.4 [90/409600] via 172.16.1.2, 00:09:41, Ethernet0

10.0.0.0/30 is subnetted, 3 subnets

O E2 10.1.1.8 [110/20] via 10.1.1.6, 00:09:03, Serial1

C 10.1.1.0 is directly connected, Serial0

C 10.1.1.4 is directly connected, Serial1

By gi chng ta s cu hnh NSSA trn Router B v C (Area 1)

Code:
Router B
router ospf 1
area 1 nssa
redistribute eigrp 1 subnets
network 10.1.1.0 0.0.0.3 area 0
network 10.1.1.4 0.0.0.3 area 1
_______________________________________________________________________
Router C
router ospf 1
area 1 nssa
redistribute rip subnets
network 10.1.1.4 0.0.0.3 area 1

Kim tra Area sau khi c cu hnh l NSSA :

Code:
rtrB#show ip ospf
Routing Process "ospf 1" with ID 2.2.2.2
Supports only single TOS(TOS0) routes
It is an area border and autonomous system boundary router
Redistributing External Routes from,
eigrp 1, includes subnets in redistribution
SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs
Number of external LSA 7. Checksum Sum 0x3F1B4
Number of DCbitless external LSA 0
Number of DoNotAge external LSA 0
Number of areas in this router is 2. 1 normal 0 stub 1 nssa
Area BACKBONE(0)
Number of interfaces in this area is 1
Area has no authentication
SPF algorithm executed 10 times
Area ranges are
Number of LSA 3. Checksum Sum 0x275D9
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Area 1
Number of interfaces in this area is 1
It is a NSSA area
Perform type-7/type-5 LSA translation
Area has no authentication
SPF algorithm executed 23 times
Area ranges are
Number of LSA 9. Checksum Sum 0x4AE6A
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Sau ta tip tc kim tra bng nh tuyn ca cc Router A,B v C
Code:
rtrB#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate

default

U - per-user static route, o - ODR

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets

O E2 1.1.1.1 [110/20] via 10.1.1.1, 00:02:19, Serial0

2.0.0.0/32 is subnetted, 1 subnets

C 2.2.2.2 is directly connected, Loopback0

156.26.0.0/24 is subnetted, 2 subnets

O N2 156.26.32.0 [110/20] via 10.1.1.6, 00:02:20, Serial1

O N2 156.26.33.0 [110/20] via 10.1.1.6, 00:02:20, Serial1

172.16.0.0/24 is subnetted, 1 subnets

C 172.16.1.0 is directly connected, Ethernet0

142.1.0.0/32 is subnetted, 1 subnets

D 142.1.4.4 [90/409600] via 172.16.1.2, 00:18:28, Ethernet0

10.0.0.0/30 is subnetted, 3 subnets

O N2 10.1.1.8 [110/20] via 10.1.1.6, 00:02:20, Serial1

C 10.1.1.0 is directly connected, Serial0

C 10.1.1.4 is directly connected, Serial1

_______________________________________________________________________
rtrC#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate

default

U - per-user static route, o - ODR

Gateway of last resort is not set

3.0.0.0/24 is subnetted, 1 subnets

C 3.3.3.0 is directly connected, Loopback0

156.26.0.0/24 is subnetted, 2 subnets

R 156.26.32.0 [120/1] via 10.1.1.9, 00:00:06, Serial1

R 156.26.33.0 [120/1] via 10.1.1.9, 00:00:06, Serial1

172.16.0.0/24 is subnetted, 1 subnets

O N2 172.16.1.0 [110/20] via 10.1.1.5, 00:04:52, Serial0

142.1.0.0/32 is subnetted, 1 subnets

O N2 142.1.4.4 [110/20] via 10.1.1.5, 00:04:53, Serial0

10.0.0.0/30 is subnetted, 3 subnets

C 10.1.1.8 is directly connected, Serial1

O IA 10.1.1.0 [110/128] via 10.1.1.5, 00:04:53, Serial0

C 10.1.1.4 is directly connected, Serial0

Code:
Ta xet Router A, luc nay nhng mang bn ngoai external OSPF
route khng cn c redistribute t Router B theo LSA type 5
na ma c redistribute theo LSA type 7. Cu th :
+ i vi RIPv2 : Router B se chuyn i goi tin t dang Type
7 , do router C a convert Ripv2 t type 5 sang type 7 khi vo
NSSA, sang type 5 khi vo Area 0
+ i vi EIGRP : Router B se redistribute LSA Type 5 vo
Area0 , nhng no se convert type 5 thnh type 7 khi vo vung
Area 1 NSSA
rtrA#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate

default

U - per-user static route, o - ODR

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets

C 1.1.1.1 is directly connected, Loopback0

156.26.0.0/24 is subnetted, 2 subnets

O E2 156.26.32.0 [110/20] via 10.1.1.2, 00:06:14, Serial0/1

O E2 156.26.33.0 [110/20] via 10.1.1.2, 00:06:14, Serial0/1

172.16.0.0/24 is subnetted, 1 subnets

O E2 172.16.1.0 [110/20] via 10.1.1.2, 00:06:46, Serial0/1

142.1.0.0/32 is subnetted, 1 subnets

O E2 142.1.4.4 [110/20] via 10.1.1.2, 00:06:46, Serial0/1

10.0.0.0/30 is subnetted, 3 subnets

O E2 10.1.1.8 [110/20] via 10.1.1.2, 00:06:14, Serial0/1

C 10.1.1.0 is directly connected, Serial0/1

Code:
Cui cung , chung ta xet n trng hp dung cu lnh :

Code:

area area-id nssa no-redistribution

nghia cua no-redistribution cho ta bit :

Router trong vung NSSA s khng chp nhn bt c external route no (n khng
convert n sang LSA type 7), c qung b bi ABR hay ASBR , tuy nhin n
vn cho php nhng tuyn trn c redistribute vo nhng vung standard, hay
NSSA khc.

Ta cu hinh trn Router ngn chn vic redistribute mang hc t EIGRP

Router B

router ospf 1

area 1 nssa no-redistribution

redistribute eigrp 1 subnets

network 10.1.1.0 0.0.0.3 area 0

network 10.1.1.4 0.0.0.3 area 1

Chng ta kim tra tc dng ca cu lnh trn

Code:
rtrB#show ip ospf

Routing Process "ospf 1" with ID 2.2.2.2

Supports only single TOS(TOS0) routes

It is an area border and autonomous system boundary router

Redistributing External Routes from,

eigrp 1, includes subnets in redistribution

SPF schedule delay 5 secs, Hold time between two SPFs 10 secs
 Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs

Number of external LSA 7. Checksum Sum 0x3EFB5

Number of DCbitless external LSA 0

Number of DoNotAge external LSA 0

Number of areas in this router is 2. 1 normal 0 stub 1 nssa

Area BACKBONE(0)

Number of interfaces in this area is 1

Area has no authentication

SPF algorithm executed 11 times

Area ranges are

Number of LSA 3. Checksum Sum 0x26FDC

Number of DCbitless LSA 0

Number of indication LSA 0

Number of DoNotAge LSA 0

Area 1

Number of interfaces in this area is 1

It is a NSSA area, no redistribution into this area

Perform type-7/type-5 LSA translation

Area has no authentication

SPF algorithm executed 26 times

Area ranges are

Number of LSA 7. Checksum Sum 0x31A46

Number of DCbitless LSA 0

Number of indication LSA 0

Number of DoNotAge LSA 0

_______________________________________________________________________

rtrC#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate

default

U - per-user static route, o - ODR

Gateway of last resort is not set

3.0.0.0/24 is subnetted, 1 subnets

C 3.3.3.0 is directly connected, Loopback0

156.26.0.0/24 is subnetted, 2 subnets

R 156.26.32.0 [120/1] via 10.1.1.9, 00:00:02, Serial1

R 156.26.33.0 [120/1] via 10.1.1.9, 00:00:02, Serial1

10.0.0.0/30 is subnetted, 3 subnets

C 10.1.1.8 is directly connected, Serial1

O IA 10.1.1.0 [110/128] via 10.1.1.5, 00:04:37, Serial0

C 10.1.1.4 is directly connected, Serial0

Kim tra trn Router A :EIGRP vn c hc bnh thng

Code:
rtrA#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate

default
 U - per-user static route, o - ODR

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets

C 1.1.1.1 is directly connected, Loopback0

156.26.0.0/24 is subnetted, 2 subnets

O E2 156.26.32.0 [110/20] via 10.1.1.2, 00:02:45, Serial0/1

O E2 156.26.33.0 [110/20] via 10.1.1.2, 00:02:45, Serial0/1

172.16.0.0/24 is subnetted, 1 subnets

O E2 172.16.1.0 [110/20] via 10.1.1.2, 00:14:41, Serial0/1

142.1.0.0/32 is subnetted, 1 subnets

O E2 142.1.4.4 [110/20] via 10.1.1.2, 00:14:41, Serial0/1

10.0.0.0/30 is subnetted, 3 subnets

O E2 10.1.1.8 [110/20] via 10.1.1.2, 00:02:45, Serial0/1

C 10.1.1.0 is directly connected, Serial0/1

O IA 10.1.1.4 [110/128] via 10.1.1.2, 00:14:42, Serial0/1

Phn thm ca cu lnh " default-information-originate"

, ti s thc hin trong bi LAB sau. Tuy nhin , ta c th hiu ngha ca n nh sau :
Code:
N gip ta qung b default route vo NSSA area , do NSSA
khng chp nhn default route

chc bn vui !!!

Link : http://www.vnpro.org/forum/showpost....97&postcount=3
__________________
Trn M Phc
[email protected]
Hy add nick c thng tin thi mi nht :tranmyphuc (H tr ti a cho cc bn t hc)

Juniper Certs : JNCIA-ER (100%) , JNCIA-EX (100%) , JNCIS-ER (100%) , JNCIS-SEC

 (100%)
INSTRUCTORS (No Fee) : CISCO (Professional) , JUNIPER (Professional) , Microsoft ...

[version 4.0] n tp CCNA

[Ebook] Mt s vn hay c th dng trong mng doanh nghp

tranmyphuc

View Public Profile

Send a private message to tranmyphuc

Send email to tranmyphuc

Find all posts by tranmyphuc

Add tranmyphuc to Your Contacts

#7
09-08-2008, 09:21 AM
binhhd Join Date: Feb 20
CCIE #21256 Posts: 310
Guru

Quote:

Originally Posted by Im_Sam

Nh vy vi m hnh nh th ta ko trin khai c nssa phi ko. Cm n bn rt nhiu
vi m hnh ca bn th khng trin khai c nssa cho area1.
Em c m hnh nh hinh v
Hin ti th em ko th kt ni t router quc t sang con vnnic

Hu nh cc con router 7200 i gn n con VDC l ko ping c na

Sau y l file configure ca em .Em cm n m hnh nya2 do em t v ra nn c th cn sai st

hostname QuocTe
!
interface Loopback1
description "Ket noi loopback"
ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface Serial1/0
description "Ket noi voi HN2"
ip address 192.168.1.1 255.255.255.252
no keepalive
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/4
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/5
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/6
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/7
no ip address
shutdown
serial restart-delay 0
!
router bgp 100
no synchronization
bgp log-neighbor-changes
neighbor 192.168.1.2 remote-as 200
no auto-summary
!
no ip http server
++++++++++++

hostname HN2
!
!
interface Loopback1
ip address 10.10.10.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface Serial1/0
description "Ket noi HN"
ip address 192.168.1.2 255.255.255.252
no keepalive
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/4
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/5
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/6
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/7
no ip address
shutdown
serial restart-delay 0
!
interface GigabitEthernet2/0
ip address 172.16.2.1 255.255.255.252
negotiation auto
!
router ospf 1
log-adjacency-changes
redistribute connected subnets
redistribute bgp 200
network 172.16.2.0 0.0.0.3 area 0
!
router bgp 200
no synchronization
bgp log-neighbor-changes
redistribute connected
redistribute ospf 1
neighbor 192.168.1.1 remote-as 100
no auto-summary
!
!
no ip http server

++++++++++++
hostname HN1
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface GigabitEthernet1/0
description "Ket noi voi HN2"
ip address 172.16.2.2 255.255.255.252
negotiation auto
!
interface GigabitEthernet2/0
description "Ket noi voi VDC"
ip address 172.16.1.1 255.255.255.252
negotiation auto
!
router ospf 1
log-adjacency-changes
redistribute connected subnets
redistribute static metric 100
network 172.16.2.0 0.0.0.3 area 0
!
ip route 172.16.1.4 255.255.255.252 172.16.1.2
!
no ip http server
+++++++++++++++

hostname VDC
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface GigabitEthernet1/0
ip address 172.16.1.2 255.255.255.252
negotiation auto
!
interface GigabitEthernet2/0
ip address 172.16.1.5 255.255.255.252
negotiation auto
!
ip route 172.16.2.0 255.255.255.252 172.16.1.1
ip route 172.16.3.0 255.255.255.252 172.16.1.6
!
no ip http server

+++++++++++++++
hostname SG1
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface GigabitEthernet1/0
description "Ket noi VDC"
ip address 172.16.1.6 255.255.255.252
negotiation auto
!
interface GigabitEthernet2/0
description "Ket noi SG2"
ip address 172.16.3.1 255.255.255.252
negotiation auto
!
router ospf 1
log-adjacency-changes
redistribute connected
redistribute static metric 100
network 172.16.3.0 0.0.0.3 area 0
!
ip route 172.16.1.0 255.255.255.252 172.16.1.5
!
no ip http server

++++++++++++++++++

hostname SG2
!
interface Loopback1
description "Ket noi Loopback SG2"
ip address 10.10.20.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface GigabitEthernet1/0
description "Ket noi voi SG1"
ip address 172.16.3.2 255.255.255.252
negotiation auto
!
interface Serial2/0
description "Ket noi voi Vnnic"
ip address 192.168.2.1 255.255.255.252
no keepalive
serial restart-delay 0
!
interface Serial2/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/3
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/4
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/5
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/6
no ip address
shutdown
serial restart-delay 0
!
interface Serial2/7
no ip address
shutdown
serial restart-delay 0
!
router ospf 1
log-adjacency-changes
redistribute connected subnets
redistribute bgp 400
network 172.16.3.0 0.0.0.3 area 0
!
router bgp 400
no synchronization
bgp log-neighbor-changes
network 10.10.20.0 mask 255.255.255.0
network 172.16.3.0 mask 255.255.255.252
redistribute connected
redistribute ospf 1
neighbor 192.168.2.2 remote-as 300
no auto-summary
!
!
no ip http server

+++++++++++++++++++

hostname Vnnic
interface Loopback1
description "Loop back Vnnic"
ip address 2.2.2.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface Serial1/0
description "Ket noi voi SG2"
ip address 192.168.2.2 255.255.255.252
no keepalive
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/4
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/5
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/6
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/7
no ip address
shutdown
serial restart-delay 0
!
router bgp 300
no synchronization
bgp log-neighbor-changes
network 2.2.2.0
network 2.2.2.0 mask 255.255.255.0
neighbor 192.168.2.1 remote-as 400
no auto-summary
!
!
no ip http server

locgame

View Public Profile

Send a private message to locgame

Find all posts by locgame

Add locgame to Your Contacts

#2
28-07-2008, 08:26 PM
binhhd Join Date: Feb 2006
CCIE #21256 Posts: 310
Guru

hi bn locgame,
bn cho mnh bit thm thng tin:
1. Hin ti th em ko th kt ni t router quc t sang con vnnic
Hu nh cc con router 7200 i gn n con VDC l ko ping c na
==> router 7200 l router no trong m hnh ca bn?
2. Bn show bn nh tuyn ca tt c router nh trong m hnh trn nh.
==> dng lnh "show ip route"

binhhd
 View Public Profile

Find all posts by binhhd

Add binhhd to Your Contacts

#3
29-07-2008, 10:52 AM
locgame Join Date: Dec 2006
Member Posts: 35
Newbie

Cho anh cm n anh tr li gip em sau y em s post cc router cho anh r

M hnh ny d nh s chy th trn con 7206 nhng em ang lm trn GNS vi image l
c7200-ik9o3s-mz.124-12c.bin
Em ch bit s s l do bng routing cc router ko c cc network y nhng cc router ny
nhiu protocol qu em ko bit lm th no cc router hc ht nh anh gip

Router Quoc te co the ping toi loopback HN2 10.10.10.1

Va co the ping toi 172.16.2.1
QuocTe#sho ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static rout
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets

C 1.1.1.0 is directly connected, Loopback1
172.16.0.0/30 is subnetted, 1 subnets
B 172.16.2.0 [20/0] via 192.168.1.2, 00:00:26
10.0.0.0/24 is subnetted, 1 subnets
B 10.10.10.0 [20/0] via 192.168.1.2, 00:00:26
192.168.1.0/30 is subnetted, 1 subnets
C 192.168.1.0 is directly connected, Serial1/0

Router HN2 chi ping toi 172.16.1.2 va Router Quoc te loopback 1.1.1.1

HN2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets

B 1.1.1.0 [20/0] via 192.168.1.1, 00:02:03
172.16.0.0/30 is subnetted, 1 subnets
C 172.16.2.0 is directly connected, GigabitEthernet2/0
10.0.0.0/24 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, Loopback1
192.168.1.0/30 is subnetted, 1 subnets
C 192.168.1.0 is directly connected, Serial1/0

Router HN1 chi ping duoc ip 1.1.1.1 (lopback router quoc ten hung ko ping duoc 10.10.10.1
loop back router HN2)
Router HN1 ping toi duoc 172.16.1.6

HN1#ping 1.1.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 80/124/208 ms
HN1#ping 10.10.10.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
HN1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-
ia - IS-IS inter area, * - candidate default, U - per-user static ro
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set

1.0.0.0/24 is subnetted, 1 subnets

O E2 1.1.1.0 [110/1] via 172.16.2.1, 00:04:21, GigabitEthernet1/0
172.16.0.0/30 is subnetted, 3 subnets
S 172.16.1.4 [1/0] via 172.16.1.2
C 172.16.1.0 is directly connected, GigabitEthernet2/0
C 172.16.2.0 is directly connected, GigabitEthernet1/0

Router VDC chi ping duoc toi 172.16.2.2

VDC#sho ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

172.16.0.0/30 is subnetted, 4 subnets

C 172.16.1.4 is directly connected, GigabitEthernet2/0
C 172.16.1.0 is directly connected, GigabitEthernet1/0
S 172.16.2.0 [1/0] via 172.16.1.1
S 172.16.3.0 [1/0] via 172.16.1.6

SG1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static rout
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

20.0.0.0/24 is subnetted, 1 subnets

O E2 20.20.20.0 [110/20] via 172.16.3.2, 00:01:47, GigabitEthernet2/0
172.16.0.0/30 is subnetted, 3 subnets
C 172.16.1.4 is directly connected, GigabitEthernet1/0
S 172.16.1.0 [1/0] via 172.16.1.5
C 172.16.3.0 is directly connected, GigabitEthernet2/0
192.168.2.0/30 is subnetted, 1 subnets
O E2 192.168.2.0 [110/20] via 172.16.3.2, 00:01:47, GigabitEthernet2/0
SG1#ping 192.168.2.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/124/212 ms
SG1#ping 192.168.2.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 128/212/256 ms
SG1#ping 20.20.20.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 20.20.20.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 80/132/236 ms
SG1#ping 2.2.2.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 2.2.2.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

SG2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static rout
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

2.0.0.0/24 is subnetted, 1 subnets

B 2.2.2.0 [20/0] via 192.168.2.2, 00:04:53
20.0.0.0/24 is subnetted, 1 subnets
C 20.20.20.0 is directly connected, Loopback1
172.16.0.0/30 is subnetted, 1 subnets
C 172.16.3.0 is directly connected, GigabitEthernet1/0
192.168.2.0/30 is subnetted, 1 subnets
C 192.168.2.0 is directly connected, Serial2/0
SG2#ping 172.16.1.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

Vnnic#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

2.0.0.0/24 is subnetted, 1 subnets

C 2.2.2.0 is directly connected, Loopback1
20.0.0.0/24 is subnetted, 1 subnets
B 20.20.20.0 [20/0] via 192.168.2.1, 00:06:06
172.16.0.0/30 is subnetted, 1 subnets
B 172.16.3.0 [20/0] via 192.168.2.1, 00:06:06
192.168.2.0/30 is subnetted, 1 subnets
C 192.168.2.0 is directly connected, Serial1/0
Vnnic#ping 172.16.3.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/109/140 ms
Vnnic#ping 172.16.1.6

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.1.6, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

Cm n anh trc

Last edited by locgame; 29-07-2008 at 10:56 AM.

 locgame

View Public Profile

Send a private message to locgame

Find all posts by locgame

Add locgame to Your Contacts

#4
29-07-2008, 11:39 AM
binhhd Join Date: Feb 2006
CCIE #21256 Posts: 310
Guru

vn y l v bn nh tuyn cha ng nn cc router cha thy ht c cc route, do

mng cha thng.
v thc t trong m hnh ca bn, mnh thy dng qu nhiu cc giao thc nh tuyn, BGP,
OSPF, Static
cu hnh bn sai ch static route, bn phi b sung thm cc static route sau trn cc router th
mng s thng:
!!Router HN1:
config t
ip route 172.16.1.4 255.255.255.252 172.16.1.2
ip route 172.16.3.0 255.255.255.252 172.16.1.2
ip route 20.20.20.0 255.255.255.0 172.16.1.2
ip route 192.168.2.0 255.255.255.252 172.16.1.2
ip route 2.2.2.0 255.255.255.0 172.16.1.2
!
router ospf 1
redistribute static subnets
redistribute connected subnets
!
end
wr

!!Router VDC:
config t
ip route 172.16.2.0 255.255.255.252 172.16.1.1
ip route 10.10.10.0 255.255.255.0 172.16.1.1
ip route 192.168.1.0 255.255.255.252 172.16.1.1
ip route 1.1.1.0 255.255.255.0 172.16.1.1
ip route 172.16.3.0 255.255.255.252 172.16.1.6
ip route 20.20.20.0 255.255.255.0 172.16.1.6
ip route 192.168.2.0 255.255.255.252 172.16.1.6
ip route 2.2.2.0 255.255.255.0 172.16.1.6
!
end
wr

!!Router SG1
config t
ip route 172.16.1.0 255.255.255.252 172.16.1.5
ip route 172.16.2.0 255.255.255.252 172.16.1.5
ip route 10.10.10.0 255.255.255.0 172.16.1.5
ip route 192.168.1.0 255.255.255.252 172.16.1.5
ip route 1.1.1.0 255.255.255.0 172.16.1.5
!
router ospf 1
redistribute connected subnets
redistribute static subnets
!
end
wr

Notes: vi m hnh trn c l ch l m hnh LAB, cn thc t th t ai redistribute ton b

route t BGP vo OSPF m thng ch redistribute nhng route cn thit bng cch dng cc
cng c filter v default-route

binhhd

View Public Profile

Find all posts by binhhd

Add binhhd to Your Contacts

#5
29-07-2008, 02:16 PM
locgame Join Date: Dec 2006
Member Posts: 35
Newbie

Cm n s nhit tnh nhanh chng ca anh anh cho em hi thm theo s ny

Cu 1 : Nu em thay i static route HN1 v VDC v SG1 th em configu nh th no anh?

Cu 2 : T Router QT em kt ni qua VPN Backup qua ADSL ti Vnnic th mng lan 2 u l

1.1.1.0 v 2.2.2.0 ping thy nhau
Nhng LANB (192.168.5.0) nm ng sau RT QT v mng 1.1.1.0 co th ping thy
LAN A(192.168.6.0) nm sau router Vnnic v mng 2.2.2.0 th em phi route lm sau nu nh
tuyn theo ng ADSL VPN ipsec .
Em rt mong i gip t anh

locgame

View Public Profile

Send a private message to locgame

Find all posts by locgame

 Add locgame to Your Contacts

#6
29-07-2008, 02:52 PM
binhhd Join Date:
CCIE #21256 Posts: 310
Guru

Quote:

Originally Posted by locgame

Cm n s nhit tnh nhanh chng ca anh anh cho em hi thm theo s ny

Cu 1 : Nu em thay i static route HN1 v VDC v SG1 th em configu nh th no anh?

 Cu 2 : T Router QT em kt ni qua VPN Backup qua ADSL ti Vnnic th mng lan 2 u l 1.1.1.0 v 2.2.2.0
thy nhau
Nhng LANB (192.168.5.0) nm ng sau RT QT v mng 1.1.1.0 co th ping thy
LAN A(192.168.6.0) nm sau router Vnnic v mng 2.2.2.0 th em phi route lm sau nu nh tuyn theo n
VPN ipsec .
Em rt mong i gip t anh
hi,
cu 1: static route khng c g thay i
cu 2: trong trng hp ny cho n gin, bn nn dng GRE IPSEC VPN
sau bn dng floating static route chnh AD ca static route qua VPN Tunnel (interface tunnel) ln hn AD
ca route hc t BGP (ln hn 20)
c th:
!!Router QT:
config t
interface tunnel 1
ip address ...
tunnel source ...
tunnel destination ...
tunnel protect ipsec profile ...
!
ip route 2.2.2.0 255.255.255.0 tunnel 1 21
ip route 192.168.6.0 255.255.255.0 tunnel 1 21
!
end
wr

!!Router VNNC:
config t
interface tunnel 1
ip address ...
tunnel source ...
tunnel destination ...
tunnel protect ipsec profile ...
!
ip route 1.1.1.0 255.255.255.0 tunnel 1 21
ip route 192.168.5.0 255.255.255.0 tunnel 1 21
!
end
wr

notes: cu hnh trn vn c vn

Routing between RIPv1 & RIPv2

sh run
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname singapore
!
!
ip subnet-zero
!
!
!
!
!
interface Loopback0
ip address 192.168.3.1 255.255.255.0
no ip directed-broadcast
!
interface Ethernet0
no ip address
no ip directed-broadcast
shutdown
!
interface Serial0
ip address 192.168.240.1 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
clockrate 64000
!
interface Serial1
ip address 192.168.224.1 255.255.255.252
no ip directed-broadcast
clockrate 64000
!
interface BRI0
no ip address
no ip directed-broadcast
shutdown
!
router rip
version 2
network 192.168.3.0
network 192.168.224.0
network 192.168.240.0
!
ip classless
!
!
line con 0
transport input none
line aux 0
line vty 0 4
!
end

singapore#
singapore#
singapore#
singapore#sh ipro route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial1
192.168.240.0/30 is subnetted, 1 subnets
C 192.168.240.0 is directly connected, Serial0
R 192.168.252.0/24 [120/1] via 192.168.240.2, 00:00:17, Serial0
C 192.168.3.0/24 is directly connected, Loopback0
singapore#
singapore#
singapore#
singapore#
singapore#
singapore#
singapore#
sanjose3#
sanjose3#
sanjose3#sh run
Building configuration...
Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname sanjose3
!
!
!
!
!
!
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Loopback0
ip address 192.168.1.3 255.255.255.0
!
interface Ethernet0
ip address 200.200.50.2 255.255.255.0
!
interface Serial0
ip address 192.168.224.2 255.255.255.252
!
interface Serial1
no ip address
shutdown
!
router rip
version 1
network 192.168.1.0
network 192.168.224.0
!
ip classless
ip http server
!
!
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
login
!
end

sanjose3#
sanjose3#
sanjose3#
sanjose3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
C 200.200.50.0/24 is directly connected, Ethernet0
C 192.168.1.0/24 is directly connected, Loopback0
sanjose3#
sanjose3#
sanjose3#
auckland#
auckland#
auckland#
auckland#sh run
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname auckland
!
!
ip subnet-zero
!
!
!
!
!
interface Loopback0
ip address 192.168.252.1 255.255.255.0
no ip directed-broadcast
!
interface Ethernet0
no ip address
no ip directed-broadcast
shutdown
!
interface Serial0
ip address 192.168.240.2 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
interface Serial1
no ip address
no ip directed-broadcast
shutdown
!
interface BRI0
no ip address
no ip directed-broadcast
shutdown
!
router rip
version 2
network 192.168.240.0
network 192.168.252.0
!
ip classless
!
!
line con 0
transport input none
line aux 0
line vty 0 4
!
end

auckland#
auckland#
auckland#
auckland#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR

Gateway of last resort is not set

R 192.168.224.0/24 [120/1] via 192.168.240.1, 00:00:17, Serial0

192.168.240.0/30 is subnetted, 1 subnets
C 192.168.240.0 is directly connected, Serial0
C 192.168.252.0/24 is directly connected, Loopback0
R 192.168.3.0/24 [120/1] via 192.168.240.1, 00:00:17, Serial0
auckland#
auckland#
auckland#
auckland#

sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR

Gateway of last resort is not set

R 192.168.224.0/24 [120/1] via 192.168.240.1, 00:00:21, Serial0

192.168.240.0/30 is subnetted, 1 subnets
C 192.168.240.0 is directly connected, Serial0
R 192.168.1.0/24 [120/2] via 192.168.240.1, 00:00:22, Serial0
C 192.168.252.0/24 is directly connected, Loopback0
R 192.168.3.0/24 [120/1] via 192.168.240.1, 00:00:22, Serial0
auckland#
auckland#
auckland#
auckland#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
C 200.200.50.0/24 is directly connected, Ethernet0
C 192.168.1.0/24 is directly connected, Loopback0
sanjose3#
sanjose3#
sanjose3#
sanjose3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial1
192.168.240.0/30 is subnetted, 1 subnets
C 192.168.240.0 is directly connected, Serial0
R 192.168.1.0/24 [120/1] via 192.168.224.2, 00:00:09, Serial1
R 192.168.252.0/24 [120/1] via 192.168.240.2, 00:00:00, Serial0
C 192.168.3.0/24 is directly connected, Loopback0
singapore#
singapore#
singapore#
singapore#
sanjose3#debug ip rip
RIP protocol debugging is on
sanjose3#clear ip route *
sanjose3#
00:35:18: RIP: sending request on Loopback0 to 255.255.255.255
00:35:18: RIP: sending request on Serial0 to 255.255.255.255
sanjose3#
00:35:20: RIP: sending v1 flash update to 255.255.255.255 via Loopback0 (192.168.1.3)
00:35:20: RIP: build flash update entries
00:35:20: network 192.168.224.0 metric 1
00:35:20: RIP: sending v1 flash update to 255.255.255.255 via Serial0 (192.168.224.2)
00:35:20: RIP: build flash update entries
00:35:20: network 192.168.1.0 metric 1
sanjose3#
00:35:28: RIP: sending v1 update to 255.255.255.255 via Loopback0 (192.168.1.3)
00:35:28: RIP: build update entries
00:35:28: network 192.168.224.0 metric 1
00:35:28: RIP: sending v1 update to 255.255.255.255 via Serial0 (192.168.224.2)
00:35:28: RIP: build update entries
00:35:28: network 192.168.1.0 metric 1
00:35:29: RIP: ignored v2 packet from 192.168.224.1 (illegal version)
sanjose3#
sanjose3#
sanjose3#
sanjose3#un all
All possible debugging has been turned off
sanjose3#
sanjose3#

RIP illegal version

sanjose3#
sanjose3#
sanjose3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
sanjose3(config)#int s0
sanjose3(config-if)#ip rip re
sanjose3(config-if)#ip rip receive ver
sanjose3(config-if)#ip rip receive version 2
sanjose3(config-if)#^Z
sanjose3#
sanjose3#
sanjose3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
C 200.200.50.0/24 is directly connected, Ethernet0
C 192.168.1.0/24 is directly connected, Loopback0
sanjose3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
C 200.200.50.0/24 is directly connected, Ethernet0
C 192.168.1.0/24 is directly connected, Loopback0
sanjose3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
R 192.168.240.0/24 [120/1] via 192.168.224.1, 00:00:00, Serial0
C 200.200.50.0/24 is directly connected, Ethernet0
C 192.168.1.0/24 is directly connected, Loopback0
R 192.168.252.0/24 [120/2] via 192.168.224.1, 00:00:00, Serial0
R 192.168.3.0/24 [120/1] via 192.168.224.1, 00:00:00, Serial0
sanjose3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
R 192.168.240.0/24 [120/1] via 192.168.224.1, 00:00:04, Serial0
C 200.200.50.0/24 is directly connected, Ethernet0
C 192.168.1.0/24 is directly connected, Loopback0
R 192.168.252.0/24 [120/2] via 192.168.224.1, 00:00:04, Serial0
R 192.168.3.0/24 [120/1] via 192.168.224.1, 00:00:04, Serial0
sanjose3#

RIP1 & RIP2 can't understand eachother.

themask

View Public Profile

Send a private message to themask

Find all posts by themask

Add themask to Your Contacts

#2
05-03-2004, 02:57 PM
Join Date: Apr 2003
chipchipzzz
Location: HCMC
Senior Member
Posts: 273
Guru
 Re: Routing between RIPv1 & RIPv2

Sanjose3: RIP ver 1

Singapore: RIP ver 2
Auckland: RIP ver 2

Quote:

Sanjose3#clea ip route *
Sanjose3#
00:36:59: RIP: sending general request on Loopback0 to 255.255.255.255
00:36:59: RIP: sending general request on Loopback0 to 224.0.0.9
00:36:59: RIP: sending general request on Serial0 to 255.255.255.255
00:36:59: RIP: sending general request on Serial0 to 224.0.0.9
00:36:59: RIP: ignored v2 packet from 192.168.1.3 (sourced from one of our addresses)
00:36:59: RIP: received v2 update from 192.168.224.1 on Serial0
00:36:59: 192.168.3.0/24 -> 0.0.0.0 in 1 hops
00:36:59: 192.168.240.0/24 -> 0.0.0.0 in 1 hops
00:36:59: 192.168.252.0/24 -> 0.0.0.0 in 2 hops
00:36:59: RIP: sending v1 update to 255.255.255.255 via Loopback0 (192.168.1.3)
00:36:59: network 192.168.224.0, metric 1
00:36:59: network 192.168.240.0, metric 2
00:36:59: network 192.168.252.0, metric 3
00:36:59: network 192.168.3.0, metric 2
00:36:59: RIP: sending v1 update to 255.255.255.255 via Serial0 (192.168.224.2)
00:36:59: network 192.168.1.0, metric 1
00:37:04: RIP: sending v1 update to 255.255.255.255 via Loopback0 (192.168.1.3)
00:37:04: network 192.168.224.0, metric 1
00:37:04: network 192.168.240.0, metric 2
00:37:04: network 192.168.252.0, metric 3
00:37:04: network 192.168.3.0, metric 2
00:37:04: RIP: sending v1 update to 255.255.255.255 via Serial0 (192.168.224.2)
00:37:04: network 192.168.1.0, metric 1
00:37:15: RIP: received v2 update from 192.168.224.1 on Serial0
00:37:15: 192.168.3.0/24 -> 0.0.0.0 in 1 hops
00:37:15: 192.168.240.0/24 -> 0.0.0.0 in 1 hops
00:37:15: 192.168.252.0/24 -> 0.0.0.0 in 2 hops
00:37:33: RIP: sending v1 update to 255.255.255.255 via Loopback0 (192.168.1.3)
00:37:33: network 192.168.224.0, metric 1
00:37:33: network 192.168.240.0, metric 2
00:37:33: network 192.168.252.0, metric 3
00:37:33: network 192.168.3.0, metric 2
00:37:33: RIP: sending v1 update to 255.255.255.255 via Serial0 (192.168.224.2)
00:37:33: network 192.168.1.0, metric 1
Sanjose3#
Quote:

Sanjose3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
R 192.168.240.0/24 [120/1] via 192.168.224.1, 00:00:04, Serial0
C 192.168.1.0/24 is directly connected, Loopback0
R 192.168.252.0/24 [120/2] via 192.168.224.1, 00:00:04, Serial0
R 192.168.3.0/24 [120/1] via 192.168.224.1, 00:00:04, Serial0
Sanjose3#
Quote:

Singapore#
00:33:37: RIP: ignored v1 packet from 192.168.224.2 (illegal version)
00:33:43: RIP: received v2 update from 192.168.240.2 on Serial1
00:33:43: 192.168.252.0/24 via 0.0.0.0 in 1 hops
00:33 RIP: sending v2 update to 224.0.0.9 via Loopback0 (192.168.3.1)
00:33 RIP: build update entries
00:33 192.168.1.0/24 via 0.0.0.0, metric 2, tag 0
00:33 192.168.224.0/24 via 0.0.0.0, metric 1, tag 0
00:33 192.168.240.0/24 via 0.0.0.0, metric 1, tag 0
00:33 192.168.252.0/24 via 0.0.0.0, metric 2, tag 0
00:33 RIP: sending v2 update to 224.0.0.9 via Serial0 (192.168.224.1)
00:33 RIP: build update entries
00:33 192.168.3.0/24 via 0.0.0.0, metric 1, tag 0
00:33 192.168.240.0/24 via 0.0.0.0, metric 1, tag 0
00:33 192.168.252.0/24 via 0.0.0.0, metric 2, tag 0
00:33 RIP: sending v2 update to 224.0.0.9 via Serial1 (192.168.240.1)
00:33 RIP: build update entries
00:33 192.168.1.0/24 via 0.0.0.0, metric 2, tag 0
00:33 192.168.3.0/24 via 0.0.0.0, metric 1, tag 0
00:33 192.168.224.0/24 via 0.0.0.0, metric 1, tag 0
00:33 RIP: ignored v2 packet from 192.168.3.1 (sourced from one of our addresses)
Quote:

Singapore#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
192.168.240.0/30 is subnetted, 1 subnets
C 192.168.240.0 is directly connected, Serial1
R 192.168.252.0/24 [120/1] via 192.168.240.2, 00:00:03, Serial1
C 192.168.3.0/24 is directly connected, Loopback0
Singapore#
Kt lu n:
Sanjose3, chy RIP ver 1, chp nh n
qung b & c p nh t RIP ver 2
Singapore, chy RIP ver 2, khng chp nh n c p nh t RIP ver 1

Routing between RIP v1 and RIP v2:

Singapore: RIP ver 2, receive RIP ver 1

Quote:

Singapore(config)#int s0
Singapore(config-if)#ip rip receive ver 1
Singapore(config-if)#^Z
Singapore#clear ip route *
Quote:

Singapore#
01:04:59: RIP: sending request on Loopback0 to 224.0.0.9
01:04:59: RIP: sending request on Serial0 to 224.0.0.9
01:04:59: RIP: sending request on Serial1 to 224.0.0.9
01:04:59: RIP: ignored v2 packet from 192.168.3.1 (sourced from one of our addresses)
01:04:59: RIP: received v2 update from 192.168.240.2 on Serial1
01:04:59: 192.168.252.0/24 via 0.0.0.0 in 1 hops
Singapore#
01:05:01: RIP: sending v2 flash update to 224.0.0.9 via Loopback0 (192.168.3.1)
01:05:01: RIP: build flash update entries
01:05:01: 192.168.224.0/24 via 0.0.0.0, metric 1, tag 0
01:05:01: 192.168.240.0/24 via 0.0.0.0, metric 1, tag 0
01:05:01: 192.168.252.0/24 via 0.0.0.0, metric 2, tag 0
01:05:01: RIP: sending v2 flash update to 224.0.0.9 via Serial0 (192.168.224.1)
01:05:01: RIP: build flash update entries
01:05:01: 192.168.3.0/24 via 0.0.0.0, metric 1, tag 0
01:05:01: 192.168.240.0/24 via 0.0.0.0, metric 1, tag 0
01:05:01: 192.168.252.0/24 via 0.0.0.0, metric 2, tag 0
01:05:01: RIP: sending v2 flash update to 224.0.0.9 via Serial1 (192.168.240.1)
Singapore#
01:05:01: RIP: build flash update entries
01:05:01: 192.168.3.0/24 via 0.0.0.0, metric 1, tag 0
01:05:01: 192.168.224.0/24 via 0.0.0.0, metric 1, tag 0
01:05:01: RIP: ignored v2 packet from 192.168.3.1 (sourced from one of our addresses)
Singapore#
01:05:03: RIP: sending v2 update to 224.0.0.9 via Loopback0 (192.168.3.1)
01:05:03: RIP: build update entries
01:05:03: 192.168.224.0/24 via 0.0.0.0, metric 1, tag 0
01:05:03: 192.168.240.0/24 via 0.0.0.0, metric 1, tag 0
01:05:03: 192.168.252.0/24 via 0.0.0.0, metric 2, tag 0
01:05:03: RIP: sending v2 update to 224.0.0.9 via Serial0 (192.168.224.1)
01:05:03: RIP: build update entries
01:05:03: 192.168.3.0/24 via 0.0.0.0, metric 1, tag 0
01:05:03: 192.168.240.0/24 via 0.0.0.0, metric 1, tag 0
01:05:03: 192.168.252.0/24 via 0.0.0.0, metric 2, tag 0
01:05:03: RIP: sending v2 update to 224.0.0.9 via Serial1 (192.168.240.1)
01:05:03: RIP: build update entries
01:05:03: 192.168.3.0/24 via 0.0.0.0, metric 1, tag 0
01:05:03: 192.168.224.0/24 via 0.0.0.0, metric 1, tag 0
01:05:03: RIP: ignored v2 packet from 192.168.3.1 (sourced from one of our addresses)
Singapore#
01:05:09: RIP: received v2 update from 192.168.240.2 on Serial1
01:05:09: 192.168.252.0/24 via 0.0.0.0 in 1 hops
Quote:

Singapore#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
192.168.240.0/30 is subnetted, 1 subnets
C 192.168.240.0 is directly connected, Serial1
R 192.168.1.0/24 [120/1] via 192.168.224.2, 00:00:02, Serial0
R 192.168.252.0/24 [120/1] via 192.168.240.2, 00:00:08, Serial1
C 192.168.3.0/24 is directly connected, Loopback0
Singapore#
Singapore chp nh n RIP ver 1
__________________
Hunh Ch i

chipchipzzz

View Public Profile

Send a private message to chipchipzzz

Find all posts by chipchipzzz

Add chipchipzzz to Your Contacts

#3
05-03-2004, 10:29 PM
Join Date: Apr 2003
admin
Posts: 1,392
Administrator
Brainiac

Re: Routing between RIPv1 & RIPv2

Thn mi s ng thnh vin tham gia tho lun v kt lun di y ca chipchip v themask:

Kt lu n:
Sanjose3, chy RIP ver 1, chp nh n qung b & c p nh t RIP ver 2
Singapore, chy RIP ver 2, khng chp nh n c p nh t RIP ver 1

C kin ngc li nh sau:

RIP version 1 khng hiu v khng chp nhn RIP version 2.
RIP version 2 hiu v chp nhn cp nht RIP version 1.

kin ca cc bn th no?

Xin cm n,
__________________
Viet Professionals Co. Ltd. VnPro
---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257 (7 lines)
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support forum: http://vnpro.org
LiveChat : http://www.vnpro.vn/support
Blog VnPro : http://vnpro.org/blog
Forum Wifi : http://wifipro.org

admin

View Public Profile

Send a private message to admin

Send email to admin

Find all posts by admin

Add admin to Your Contacts

#4
06-03-2004, 02:25 AM
tuaninbox Posts: n/a
Guest
Re: Routing between RIPv1 & RIPv2

Xin cho,

kin ca em l:

Rip v 2 nhn update v1 v v2, gi v2

Rip v 1 nhn update v1, gi v1
T c th l gii cu hnh ca themask nh sau:

SanJose3 khng hiu v2 update t Sing do Sing gi v2 m SanJ ch hiu c v1

Quote:

sanjose3#
00:35:28: RIP: sending v1 update to 255.255.255.255 via Loopback0 (192.168.1.3)
00:35:28: RIP: build update entries
00:35:28: network 192.168.224.0 metric 1
00:35:28: RIP: sending v1 update to 255.255.255.255 via Serial0 (192.168.224.2)
00:35:28: RIP: build update entries
00:35:28: network 192.168.1.0 metric 1
00:35:29: RIP: ignored v2 packet from 192.168.224.1 (illegal version)
sanjose3#
themask cu hnh cho SanJ hiu v2 bng lnh: ip rip receive version 2. Lnh ny ni rng rip
s chi hiu v2 update trn int s0. Bi ton c gii quyt.

Tuy nhin, theo debug ca anh chip th Sing (chy v2) li khng hiu v1 update t SanJose (chy
v1). Khng bit cu hnh ca anh chip c ging 100% cu hnh ca themask?

tuaninbox

#5
07-03-2004, 08:03 AM
danguyennhi Posts: n/a
Guest

Hi,

S d RIP v.1 khng th hiu v chp nhn RIP v.2 update l do trong RIP update ca version 2
c dng thm mt s field. Cc field ny khng th x l bi cc routers chy RIP v.1
Routing between RIPv1 & RIPv2

sh run
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname singapore
!
!
ip subnet-zero
!
!
!
!
!
interface Loopback0
ip address 192.168.3.1 255.255.255.0
no ip directed-broadcast
!
interface Ethernet0
no ip address
no ip directed-broadcast
shutdown
!
interface Serial0
ip address 192.168.240.1 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
clockrate 64000
!
interface Serial1
ip address 192.168.224.1 255.255.255.252
no ip directed-broadcast
clockrate 64000
!
interface BRI0
no ip address
no ip directed-broadcast
shutdown
!
router rip
version 2
network 192.168.3.0
network 192.168.224.0
network 192.168.240.0
!
ip classless
!
!
line con 0
transport input none
line aux 0
line vty 0 4
!
end

singapore#
singapore#
singapore#
singapore#sh ipro route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial1
192.168.240.0/30 is subnetted, 1 subnets
C 192.168.240.0 is directly connected, Serial0
R 192.168.252.0/24 [120/1] via 192.168.240.2, 00:00:17, Serial0
C 192.168.3.0/24 is directly connected, Loopback0
singapore#
singapore#
singapore#
singapore#
singapore#
singapore#
singapore#
sanjose3#
sanjose3#
sanjose3#sh run
Building configuration...

Current configuration:
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname sanjose3
!
!
!
!
!
!
ip subnet-zero
no ip domain-lookup
!
!
!
!
interface Loopback0
ip address 192.168.1.3 255.255.255.0
!
interface Ethernet0
ip address 200.200.50.2 255.255.255.0
!
interface Serial0
ip address 192.168.224.2 255.255.255.252
!
interface Serial1
no ip address
shutdown
!
router rip
version 1
network 192.168.1.0
network 192.168.224.0
!
ip classless
ip http server
!
!
line con 0
logging synchronous
transport input none
line aux 0
line vty 0 4
login
!
end

sanjose3#
sanjose3#
sanjose3#
sanjose3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
C 200.200.50.0/24 is directly connected, Ethernet0
C 192.168.1.0/24 is directly connected, Loopback0
sanjose3#
sanjose3#
sanjose3#
auckland#
auckland#
auckland#
auckland#sh run
Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname auckland
!
!
ip subnet-zero
!
!
!
!
!
interface Loopback0
ip address 192.168.252.1 255.255.255.0
no ip directed-broadcast
!
interface Ethernet0
no ip address
no ip directed-broadcast
shutdown
!
interface Serial0
ip address 192.168.240.2 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
interface Serial1
no ip address
no ip directed-broadcast
shutdown
!
interface BRI0
no ip address
no ip directed-broadcast
shutdown
!
router rip
version 2
network 192.168.240.0
network 192.168.252.0
!
ip classless
!
!
line con 0
transport input none
line aux 0
line vty 0 4
!
end

auckland#
auckland#
auckland#
auckland#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR

Gateway of last resort is not set

R 192.168.224.0/24 [120/1] via 192.168.240.1, 00:00:17, Serial0
192.168.240.0/30 is subnetted, 1 subnets
C 192.168.240.0 is directly connected, Serial0
C 192.168.252.0/24 is directly connected, Loopback0
R 192.168.3.0/24 [120/1] via 192.168.240.1, 00:00:17, Serial0
auckland#
auckland#
auckland#
auckland#

sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR

Gateway of last resort is not set

R 192.168.224.0/24 [120/1] via 192.168.240.1, 00:00:21, Serial0

192.168.240.0/30 is subnetted, 1 subnets
C 192.168.240.0 is directly connected, Serial0
R 192.168.1.0/24 [120/2] via 192.168.240.1, 00:00:22, Serial0
C 192.168.252.0/24 is directly connected, Loopback0
R 192.168.3.0/24 [120/1] via 192.168.240.1, 00:00:22, Serial0
auckland#
auckland#
auckland#
auckland#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
C 200.200.50.0/24 is directly connected, Ethernet0
C 192.168.1.0/24 is directly connected, Loopback0
sanjose3#
sanjose3#
sanjose3#
sanjose3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial1
192.168.240.0/30 is subnetted, 1 subnets
C 192.168.240.0 is directly connected, Serial0
R 192.168.1.0/24 [120/1] via 192.168.224.2, 00:00:09, Serial1
R 192.168.252.0/24 [120/1] via 192.168.240.2, 00:00:00, Serial0
C 192.168.3.0/24 is directly connected, Loopback0
singapore#
singapore#
singapore#
singapore#
sanjose3#debug ip rip
RIP protocol debugging is on
sanjose3#clear ip route *
sanjose3#
00:35:18: RIP: sending request on Loopback0 to 255.255.255.255
00:35:18: RIP: sending request on Serial0 to 255.255.255.255
sanjose3#
00:35:20: RIP: sending v1 flash update to 255.255.255.255 via Loopback0 (192.168.1.3)
00:35:20: RIP: build flash update entries
00:35:20: network 192.168.224.0 metric 1
00:35:20: RIP: sending v1 flash update to 255.255.255.255 via Serial0 (192.168.224.2)
00:35:20: RIP: build flash update entries
00:35:20: network 192.168.1.0 metric 1
sanjose3#
00:35:28: RIP: sending v1 update to 255.255.255.255 via Loopback0 (192.168.1.3)
00:35:28: RIP: build update entries
00:35:28: network 192.168.224.0 metric 1
00:35:28: RIP: sending v1 update to 255.255.255.255 via Serial0 (192.168.224.2)
00:35:28: RIP: build update entries
00:35:28: network 192.168.1.0 metric 1
00:35:29: RIP: ignored v2 packet from 192.168.224.1 (illegal version)
sanjose3#
sanjose3#
sanjose3#
sanjose3#un all
All possible debugging has been turned off
sanjose3#
sanjose3#

RIP illegal version

sanjose3#
sanjose3#
sanjose3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
sanjose3(config)#int s0
sanjose3(config-if)#ip rip re
sanjose3(config-if)#ip rip receive ver
sanjose3(config-if)#ip rip receive version 2
sanjose3(config-if)#^Z
sanjose3#
sanjose3#
sanjose3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
C 200.200.50.0/24 is directly connected, Ethernet0
C 192.168.1.0/24 is directly connected, Loopback0
sanjose3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
C 200.200.50.0/24 is directly connected, Ethernet0
C 192.168.1.0/24 is directly connected, Loopback0
sanjose3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
R 192.168.240.0/24 [120/1] via 192.168.224.1, 00:00:00, Serial0
C 200.200.50.0/24 is directly connected, Ethernet0
C 192.168.1.0/24 is directly connected, Loopback0
R 192.168.252.0/24 [120/2] via 192.168.224.1, 00:00:00, Serial0
R 192.168.3.0/24 [120/1] via 192.168.224.1, 00:00:00, Serial0
sanjose3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
R 192.168.240.0/24 [120/1] via 192.168.224.1, 00:00:04, Serial0
C 200.200.50.0/24 is directly connected, Ethernet0
C 192.168.1.0/24 is directly connected, Loopback0
R 192.168.252.0/24 [120/2] via 192.168.224.1, 00:00:04, Serial0
R 192.168.3.0/24 [120/1] via 192.168.224.1, 00:00:04, Serial0
sanjose3#

RIP1 & RIP2 can't understand eachother.

themask

View Public Profile

Send a private message to themask

Find all posts by themask

Add themask to Your Contacts

#2
05-03-2004, 02:57 PM
Join Date: Apr 2003
chipchipzzz
Location: HCMC
Senior Member
Posts: 273
Guru

Re: Routing between RIPv1 & RIPv2

Sanjose3: RIP ver 1

Singapore: RIP ver 2
Auckland: RIP ver 2

Quote:

Sanjose3#clea ip route *
Sanjose3#
00:36:59: RIP: sending general request on Loopback0 to 255.255.255.255
00:36:59: RIP: sending general request on Loopback0 to 224.0.0.9
00:36:59: RIP: sending general request on Serial0 to 255.255.255.255
00:36:59: RIP: sending general request on Serial0 to 224.0.0.9
00:36:59: RIP: ignored v2 packet from 192.168.1.3 (sourced from one of our addresses)
00:36:59: RIP: received v2 update from 192.168.224.1 on Serial0
00:36:59: 192.168.3.0/24 -> 0.0.0.0 in 1 hops
00:36:59: 192.168.240.0/24 -> 0.0.0.0 in 1 hops
00:36:59: 192.168.252.0/24 -> 0.0.0.0 in 2 hops
00:36:59: RIP: sending v1 update to 255.255.255.255 via Loopback0 (192.168.1.3)
00:36:59: network 192.168.224.0, metric 1
00:36:59: network 192.168.240.0, metric 2
00:36:59: network 192.168.252.0, metric 3
00:36:59: network 192.168.3.0, metric 2
00:36:59: RIP: sending v1 update to 255.255.255.255 via Serial0 (192.168.224.2)
00:36:59: network 192.168.1.0, metric 1
00:37:04: RIP: sending v1 update to 255.255.255.255 via Loopback0 (192.168.1.3)
00:37:04: network 192.168.224.0, metric 1
00:37:04: network 192.168.240.0, metric 2
00:37:04: network 192.168.252.0, metric 3
00:37:04: network 192.168.3.0, metric 2
00:37:04: RIP: sending v1 update to 255.255.255.255 via Serial0 (192.168.224.2)
00:37:04: network 192.168.1.0, metric 1
00:37:15: RIP: received v2 update from 192.168.224.1 on Serial0
00:37:15: 192.168.3.0/24 -> 0.0.0.0 in 1 hops
00:37:15: 192.168.240.0/24 -> 0.0.0.0 in 1 hops
00:37:15: 192.168.252.0/24 -> 0.0.0.0 in 2 hops
00:37:33: RIP: sending v1 update to 255.255.255.255 via Loopback0 (192.168.1.3)
00:37:33: network 192.168.224.0, metric 1
00:37:33: network 192.168.240.0, metric 2
00:37:33: network 192.168.252.0, metric 3
00:37:33: network 192.168.3.0, metric 2
00:37:33: RIP: sending v1 update to 255.255.255.255 via Serial0 (192.168.224.2)
00:37:33: network 192.168.1.0, metric 1
Sanjose3#
Quote:

Sanjose3#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
R 192.168.240.0/24 [120/1] via 192.168.224.1, 00:00:04, Serial0
C 192.168.1.0/24 is directly connected, Loopback0
R 192.168.252.0/24 [120/2] via 192.168.224.1, 00:00:04, Serial0
R 192.168.3.0/24 [120/1] via 192.168.224.1, 00:00:04, Serial0
Sanjose3#
Quote:

Singapore#
00:33:37: RIP: ignored v1 packet from 192.168.224.2 (illegal version)
00:33:43: RIP: received v2 update from 192.168.240.2 on Serial1
00:33:43: 192.168.252.0/24 via 0.0.0.0 in 1 hops
00:33 RIP: sending v2 update to 224.0.0.9 via Loopback0 (192.168.3.1)
00:33 RIP: build update entries
00:33 192.168.1.0/24 via 0.0.0.0, metric 2, tag 0
00:33 192.168.224.0/24 via 0.0.0.0, metric 1, tag 0
00:33 192.168.240.0/24 via 0.0.0.0, metric 1, tag 0
00:33 192.168.252.0/24 via 0.0.0.0, metric 2, tag 0
00:33 RIP: sending v2 update to 224.0.0.9 via Serial0 (192.168.224.1)
00:33 RIP: build update entries
00:33 192.168.3.0/24 via 0.0.0.0, metric 1, tag 0
00:33 192.168.240.0/24 via 0.0.0.0, metric 1, tag 0
00:33 192.168.252.0/24 via 0.0.0.0, metric 2, tag 0
00:33 RIP: sending v2 update to 224.0.0.9 via Serial1 (192.168.240.1)
00:33 RIP: build update entries
00:33 192.168.1.0/24 via 0.0.0.0, metric 2, tag 0
00:33 192.168.3.0/24 via 0.0.0.0, metric 1, tag 0
00:33 192.168.224.0/24 via 0.0.0.0, metric 1, tag 0
00:33 RIP: ignored v2 packet from 192.168.3.1 (sourced from one of our addresses)
Quote:

Singapore#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
192.168.240.0/30 is subnetted, 1 subnets
C 192.168.240.0 is directly connected, Serial1
R 192.168.252.0/24 [120/1] via 192.168.240.2, 00:00:03, Serial1
C 192.168.3.0/24 is directly connected, Loopback0
Singapore#
Kt lu n:
Sanjose3, chy RIP ver 1, chp nh n qung b & c p nh t RIP ver 2
Singapore, chy RIP ver 2, khng chp nh n c p nh t RIP ver 1

Routing between RIP v1 and RIP v2:

Singapore: RIP ver 2, receive RIP ver 1

Quote:

Singapore(config)#int s0
Singapore(config-if)#ip rip receive ver 1
Singapore(config-if)#^Z
Singapore#clear ip route *
Quote:

Singapore#
01:04:59: RIP: sending request on Loopback0 to 224.0.0.9
01:04:59: RIP: sending request on Serial0 to 224.0.0.9
01:04:59: RIP: sending request on Serial1 to 224.0.0.9
01:04:59: RIP: ignored v2 packet from 192.168.3.1 (sourced from one of our addresses)
01:04:59: RIP: received v2 update from 192.168.240.2 on Serial1
01:04:59: 192.168.252.0/24 via 0.0.0.0 in 1 hops
Singapore#
01:05:01: RIP: sending v2 flash update to 224.0.0.9 via Loopback0 (192.168.3.1)
01:05:01: RIP: build flash update entries
01:05:01: 192.168.224.0/24 via 0.0.0.0, metric 1, tag 0
01:05:01: 192.168.240.0/24 via 0.0.0.0, metric 1, tag 0
01:05:01: 192.168.252.0/24 via 0.0.0.0, metric 2, tag 0
01:05:01: RIP: sending v2 flash update to 224.0.0.9 via Serial0 (192.168.224.1)
01:05:01: RIP: build flash update entries
01:05:01: 192.168.3.0/24 via 0.0.0.0, metric 1, tag 0
01:05:01: 192.168.240.0/24 via 0.0.0.0, metric 1, tag 0
01:05:01: 192.168.252.0/24 via 0.0.0.0, metric 2, tag 0
01:05:01: RIP: sending v2 flash update to 224.0.0.9 via Serial1 (192.168.240.1)
Singapore#
01:05:01: RIP: build flash update entries
01:05:01: 192.168.3.0/24 via 0.0.0.0, metric 1, tag 0
01:05:01: 192.168.224.0/24 via 0.0.0.0, metric 1, tag 0
01:05:01: RIP: ignored v2 packet from 192.168.3.1 (sourced from one of our addresses)
Singapore#
01:05:03: RIP: sending v2 update to 224.0.0.9 via Loopback0 (192.168.3.1)
01:05:03: RIP: build update entries
01:05:03: 192.168.224.0/24 via 0.0.0.0, metric 1, tag 0
01:05:03: 192.168.240.0/24 via 0.0.0.0, metric 1, tag 0
01:05:03: 192.168.252.0/24 via 0.0.0.0, metric 2, tag 0
01:05:03: RIP: sending v2 update to 224.0.0.9 via Serial0 (192.168.224.1)
01:05:03: RIP: build update entries
01:05:03: 192.168.3.0/24 via 0.0.0.0, metric 1, tag 0
01:05:03: 192.168.240.0/24 via 0.0.0.0, metric 1, tag 0
01:05:03: 192.168.252.0/24 via 0.0.0.0, metric 2, tag 0
01:05:03: RIP: sending v2 update to 224.0.0.9 via Serial1 (192.168.240.1)
01:05:03: RIP: build update entries
01:05:03: 192.168.3.0/24 via 0.0.0.0, metric 1, tag 0
01:05:03: 192.168.224.0/24 via 0.0.0.0, metric 1, tag 0
01:05:03: RIP: ignored v2 packet from 192.168.3.1 (sourced from one of our addresses)
Singapore#
01:05:09: RIP: received v2 update from 192.168.240.2 on Serial1
01:05:09: 192.168.252.0/24 via 0.0.0.0 in 1 hops
Quote:

Singapore#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route

Gateway of last resort is not set

192.168.224.0/30 is subnetted, 1 subnets

C 192.168.224.0 is directly connected, Serial0
192.168.240.0/30 is subnetted, 1 subnets
C 192.168.240.0 is directly connected, Serial1
R 192.168.1.0/24 [120/1] via 192.168.224.2, 00:00:02, Serial0
R 192.168.252.0/24 [120/1] via 192.168.240.2, 00:00:08, Serial1
C 192.168.3.0/24 is directly connected, Loopback0
Singapore#
Singapore chp nh n RIP ver 1
__________________
Hunh Ch i

chipchipzzz

View Public Profile

Send a private message to chipchipzzz

Find all posts by chipchipzzz

Add chipchipzzz to Your Contacts

#3
05-03-2004, 10:29 PM
Join Date: Apr 2003
admin
Posts: 1,392
Administrator
Brainiac

Re: Routing between RIPv1 & RIPv2

Thn mi s ng thnh vin tham gia tho lun v kt lun di y ca chipchip v themask:

Kt lu n:
Sanjose3, chy RIP ver 1, chp nh n qung b & c p nh t RIP ver 2
Singapore, chy RIP ver 2, khng chp nh n c p nh t RIP ver 1

C kin ngc li nh sau:

RIP version 1 khng hiu v khng chp nhn RIP version 2.

RIP version 2 hiu v chp nhn cp nht RIP version 1.

kin ca cc bn th no?

Xin cm n,
__________________
Viet Professionals Co. Ltd. VnPro
---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257 (7 lines)
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support forum: http://vnpro.org
LiveChat : http://www.vnpro.vn/support
Blog VnPro : http://vnpro.org/blog
Forum Wifi : http://wifipro.org

admin

View Public Profile

Send a private message to admin

Send email to admin

Find all posts by admin

Add admin to Your Contacts

#4
06-03-2004, 02:25 AM
tuaninbox Posts: n/a
Guest
Re: Routing between RIPv1 & RIPv2

Xin cho,

kin ca em l:

Rip v 2 nhn update v1 v v2, gi v2

Rip v 1 nhn update v1, gi v1

T c th l gii cu hnh ca themask nh sau:

SanJose3 khng hiu v2 update t Sing do Sing gi v2 m SanJ ch hiu c v1

Quote:

sanjose3#
00:35:28: RIP: sending v1 update to 255.255.255.255 via Loopback0 (192.168.1.3)
00:35:28: RIP: build update entries
00:35:28: network 192.168.224.0 metric 1
00:35:28: RIP: sending v1 update to 255.255.255.255 via Serial0 (192.168.224.2)
00:35:28: RIP: build update entries
00:35:28: network 192.168.1.0 metric 1
00:35:29: RIP: ignored v2 packet from 192.168.224.1 (illegal version)
sanjose3#
themask cu hnh cho SanJ hiu v2 bng lnh: ip rip receive version 2. Lnh ny ni rng rip
s chi hiu v2 update trn int s0. Bi ton c gii quyt.

Tuy nhin, theo debug ca anh chip th Sing (chy v2) li khng hiu v1 update t SanJose (chy
v1). Khng bit cu hnh ca anh chip c ging 100% cu hnh ca themask?

tuaninbox

#5
07-03-2004, 08:03 AM
danguyennhi Posts: n/a
Guest

Hi,

S d RIP v.1 khng th hiu v chp nhn RIP v.2 update l do trong RIP update ca version 2
c dng thm mt s field. Cc field ny khng th x l bi cc routers chy RIP v.1

mn,

danguyennhi

#6
10-03-2004, 02:25 PM
leminhkhoi Posts: n/a
Guest

cho,

Rip v 2 nhn update v1 v v2, gi v2 ,V1

Rip v 1 nhn update v1, gi v1
Theo mnh ngh l vy.

i Lab m t cch redistribute gia mt giao thc nh tuyn link state (OSPF) v giao thc
nh tuyn distance vector (IGRP). Mng B v mng A chy hai giao thc nh tuyn khc
nhau. Mng A chy OSPF trn RouterA, RouterB, v RouterC v mng B chy IGRP trn
RouterD. hai mng c th lin lc c, IGRP chy gia RouterC v RouterD.

Tt c cc router kt ni serial. Interface Serial v Ethernet ca RouterA thuc OSPF area 1 cng
vi interface S0 ca RouterB. Interface S0 ca RouterC v S1 ca RouterB thuc area 0.
RouterD chy IGRP trn tt c cc mng, RouterC thc hin redistribute gia OSPF v IGRP.
Cu hnh ban u

hostname RouterA

interface Loopback0

ip address 152.1.11.1 255.255.255.240

interface Ethernet0

ip address 152.1.10.1 255.255.255.0

no keepalive
!

interface Serial0
ip address 152.1.1.1 255.255.255.252

!
!
router ospf 64
network 152.1.1.0 0.0.0.3 area 1
network 152.1.10.1 0.0.0.15 area 1
!

no ip classless

line con 0

line 1 16

line aux 0

line vty 0 4

!
end

RouterB

hostname RouterB

interface Serial0

ip address 152.1.1.2 255.255.255.252

no fair-queue

clockrate 64000

interface Serial1

ip address 152.1.1.5 255.255.255.252

clockrate 64000

router ospf 64

network 152.1.1.0 0.0.0.3 area 1

network 152.1.1.4 0.0.0.3 area 0

line con 0

line aux 0

transport input all

line vty 0 4

login

end

RouterC

hostname RouterC

interface Serial0

ip address 152.1.1.6 255.255.255.252

interface Serial1

ip address 152.1.2.1 255.255.255.0

clockrate 64000

router ospf 64

redistribute igrp 100

network 152.1.1.4 0.0.0.3 area 0

default-metric 64

router igrp 100

redistribute ospf 64

network 152.1.0.0
default-metric 1000 10 1 255 1500

passive-interface serial 0

no ip classless

line con 0

line 1 16

line aux 0

line vty 0 4

login

end

RouterD

hostname RouterD

interface Loopback0

ip address 152.1.3.1 255.255.255.0

interface Serial0
ip address 152.1.2.2 255.255.255.0

router igrp 100

network 152.1.0.0

no ip classless

line con 0

line 1 16

line aux 0

line vty 0 4

login

end

Kim tra

Xem bng nh tuyn IP trn RouterC. Ch rng RouterC hc c mng 152.1.3.0

(interface loopback ca RouterD) thng qua IGRP. N cng hc c mng 152.1.10.0/24 v
mng 152.1.1.0/30 thng qua OSPF. Cc route hc c l dng inter-area, bi v chng xut
pht t OSPF area 1.

RouterC khng hc c mng 152.1.11.0/28 (interface loopback ca RouterA) bi v mng ny

khng c cu hnh chy OSPF, n khng c qung co.

RouterC#show ip route

...

Gateway of last resort is not set

152.1.0.0/16 is variably subnetted, 5 subnets, 2 masks

O IA 152.1.10.0/24 [110/138] via 152.1.1.5, 00:03:01, Serial0

O IA 152.1.1.0/30 [110/128] via 152.1.1.5, 00:03:01, Serial0

R 152.1.3.0/24 [120/1] via 152.1.2.2, 00:00:15, Serial1

C 152.1.2.0/24 is directly connected, Serial1

C 152.1.1.4/30 is directly connected, Serial0

khc phc vn ny, n gin l chy OSPF trn mng, sau n s c qung co. Mt
cch khc l redistribute cc mng ni trc tip (connected subnet) trn RouterA vo OSPF.
Thm cc lnh sau vo tin trnh OSPF trn RouterA.

RouterA#config ter
RouterA(config)#router ospf 64
RouterA(config-router)#redistribute connected subnets

Xem bng nh tuyn trn RouterC, lc ny RouterC thy route tuy nhin l dng OSPF
externel route v n c redistribute vo.

RouterC#show ip route

...

Gateway of last resort is not set

152.1.0.0/16 is variably subnetted, 6 subnets, 3 masks

O E2 152.1.11.0/28 [110/20] via 152.1.1.5, 00:02:06, Serial0

O IA 152.1.10.0/24 [110/138] via 152.1.1.5, 00:02:06, Serial0

O IA 152.1.1.0/30 [110/128] via 152.1.1.5, 00:02:06, Serial0

R 152.1.3.0/24 [120/1] via 152.1.2.2, 00:00:06, Serial1

C 152.1.2.0/24 is directly connected, Serial1

C 152.1.1.4/30 is directly connected, Serial0

By gi xem bng nh tuyn trn RouterA, RouterA khng nhn c route ti mng
152.1.3.0/24

RouterA#show ip route
...

Gateway of last resort is not set

152.1.0.0/16 is variably subnetted, 4 subnets, 3 masks
C 152.1.11.0/28 is directly connected, Loopback0
C 152.1.10.0/24 is directly connected, Ethernet0
C 152.1.1.0/30 is directly connected, Serial0
O IA 152.1.1.4/30 [110/128] via 152.1.1.2, 00:02:29, Serial0

Cc route hc t IGRP khng hon ton c redistribute vo OSPF bi v cu hnh trn

RouterC. Ch nhng route c 16-bit mask (lp B) c redistribute vo OSPF. Cc mng trn
RouterD c chia mng con vi 24-bit mask.

cc mng con c th redistribute c phi xc nh trong cu hnh, thm cu lnh sau trong
tin trnh OSPF trn RouterC.

RouterC#config t
RouterC (config)#router ospf 64
RouterC (config-router)#redistribute igrp 100 subnets

Xem li bng nh tuyn trn RouterA. Lc ny, RouterA c cc route ti mng 152.1.2.0 v
152.1.3.0, ch rng cc router ny l external (O E2) do chng c hc t vng khc.

RouterA#show ip route

...

Gateway of last resort is not set

152.1.0.0/16 is variably subnetted, 6 subnets, 3 masks

C 152.1.11.0/28 is directly connected, Loopback0

C 152.1.10.0/24 is directly connected, Ethernet0
C 152.1.1.0/30 is directly connected, Serial0
O E2 152.1.3.0/24 [110/64] via 152.1.1.2, 00:00:38, Serial0
O E2 152.1.2.0/24 [110/64] via 152.1.1.2, 00:00:38, Serial0
O IA 152.1.1.4/30 [110/128] via 152.1.1.2, 00:04:05, Serial0

Xem bng nh tuyn trn RouterD, RouterD ch hc c mt mng 152.1.10.0/24 bi v tt c

cc mng khc chia subnet, ch c mng 24-bit mask mi c thm vo trong bng nh
tuyn; ch rng IGRP l giao thc nh tuyn classful v khng mang thng tin subnet.
RouterD#show ip route

...

Gateway of last resort is not set

152.1.0.0/24 is subnetted, 3 subnets

I 152.1.10.0 [100/12010] via 152.1.2.1, 00:00:34, Serial0
C 152.1.3.0 is directly connected, Loopback0
C 152.1.2.0 is directly connected, Serial0

cc route c th redistribute vo IGRP, c th s dng nh tuyn tnh ti hai mng dng

mask 24-bit v redistribute cc route ny vo trong IGRP, hay c th summarize cc route trong
OSPF.

Xem xt gii php th nht. To hai route tnh trn RouterC dng 24-bit mask.

(...)

TGA_Certificationteam
Join Date: Jun 2003
Senior Member
Posts: 578
Elite

Default information orriginated

3 lnh :

IP default-network x.x.x.x
IP route 0.0.0.0 0.0.0.0 x.x.x.x
IP default-gateway x.x.x.x

Lnh no khi dng km vi lnh Default-information orriginated trogn 1 routing protocol s

inject ci default-route vo trong routing update?
__________________
-------------------------------------------------------
Yamaha R6 Rider
Ti l Yuna_admirer.

TGA_Certificationteam

View Public Profile

Send a private message to TGA_Certificationteam

 Find all posts by TGA_Certificationteam

Add TGA_Certificationteam to Your Contacts

#2
22-07-2003, 12:27 PM
rip Posts: n/a
Guest
Re: Default information orriginated

IP route 0.0.0.0 0.0.0.0 x.x.x.x

rip

#3
22-07-2003, 10:34 PM
Join Date: May 2003
ppp
Location: Nng
Senior Member
Posts: 119
Senior Member

Bn c th dng default information originate always . Lnh ny khng cn dng km vi ip

route 0.0.0.0 0.0.0.0 x.x.x.x .

Chc vui !

ppp

View Public Profile

Send a private message to ppp

Find all posts by ppp

Add ppp to Your Contacts

#4
24-07-2003, 01:08 PM
sinhvienngheo Join Date: May 2003
Senior Member Location: Ho Chi Minh city
Elite Posts: 771
 Re: Default information orriginated

Quote:

Originally Posted by TGA_Certificationteam

3 lnh :

IP default-network x.x.x.x
IP route 0.0.0.0 0.0.0.0 x.x.x.x
IP default-gateway x.x.x.x

Lnh no khi dung km vi lnh Default-information orriginated trogn 1 routing protocol s

inject ci default-route vo trong routing update?
TGA,

Lnh IP default-gateway ch dng khi qu trnh routing b DISABLE.

C hai lnh cn li, ip default-network v ip route 0.0.0.0 0.0.0.0 xxxx u s lan truyn default-
route v cc down-stream router.
Cch m cc routing protocol lan truyn default-route rt khc nhau.

chc TGA thnh cng,

-----------------------------------
ip default-gateway

The ip default-gateway command differs from the other two commands in that it should only be
used when ip routing is disabled on the Cisco router.

For instance, if the router is a host in the IP world, you can use this command to define a default
gateway for it. You might also use this command when your low end Cisco router is in boot
mode in order to TFTP a Cisco IOS Software image to the router. In boot mode, the router
does not have ip routing enabled.

ip default-network

Unlike the ip default-gateway command, you can use ip default-network when ip routing is
enabled on the Cisco router. When you configure ip default-network the router considers routes
to that network for installation as the gateway of last resort on the router.

For every network configured with ip default-network, if a router has a route to that network,
that route is flagged as a candidate default route. Look at the following routing table taken from
a Cisco router:

2513#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
Gateway of last resort is not set
161.44.0.0 255.255.255.0 is subnetted, 1 subnets
C 161.44.192.0 is directly connected, Ethernet0
S 198.10.1.0 [1/0] via 161.44.192.2
131.108.0.0 255.255.255.0 is subnetted, 1 subnets
C 131.108.99.0 is directly connected, TokenRing0

Note the static route to 198.10.1.0 via 161.44.192.2 and that the gateway of last resort is not set.
If you configure ip default-network 198.10.1.0, the routing table changes to the following:

2513#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default

Gateway of last resort is 161.44.192.2 to network 198.10.1.0

161.44.0.0 255.255.255.0 is subnetted, 1 subnets

C 161.44.192.0 is directly connected, Ethernet0
S 161.44.0.0 255.255.0.0 [1/0] via 161.44.192.0
S* 198.10.1.0 [1/0] via 161.44.192.2
131.108.0.0 255.255.255.0 is subnetted, 1 subnets
C 131.108.99.0 is directly connected, TokenRing0
2513#show ip protocols
2513#

You can see the gateway of last resort has now been set as 161.44.192.2. This result is
independent of any routing protocol, as shown by the show ip protocols command at the bottom
of the output.

You can add another candidate default route simply by configuring another instance of ip
default-network:

2513#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
2513(config)#ip route 171.70.24.0 255.255.255.0 131.108.99.2
2513(config)#ip default-network 171.70.24.0
2513(config)#^Z

2513#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default

Gateway of last resort is 161.44.192.2 to network 198.10.1.0

161.44.0.0 255.255.255.0 is subnetted, 1 subnets

C 161.44.192.0 is directly connected, Ethernet0
S 161.44.0.0 255.255.0.0 [1/0] via 161.44.192.0
S* 198.10.1.0 [1/0] via 161.44.192.2
171.70.0.0 is variably subnetted, 2 subnets, 2 masks
S 171.70.0.0 255.255.0.0 [1/0] via 171.70.24.0
S 171.70.24.0 255.255.255.0 [1/0] via 131.108.99.2
131.108.0.0 255.255.255.0 is subnetted, 1 subnets
C 131.108.99.0 is directly connected, TokenRing0

Notice that after entering the above command, the network was not flagged as a default network.
The following section explains why.

Flagging a Default Network

Note: The ip default-network command is classful, which means if the router has a route to the
subnet indicated by this command, it installs the route to the major net. At this point neither
network has been flagged as the default network. The ip default-network command must be
issued again, using the major net, in order to flag the candidate default route.

2513#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
2513(config)#ip default-network 171.70.0.0
2513(config)#^Z

2513#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default

Gateway of last resort is 161.44.192.2 to network 198.10.1.0

161.44.0.0 255.255.255.0 is subnetted, 1 subnets

C 161.44.192.0 is directly connected, Ethernet0
S 161.44.0.0 255.255.0.0 [1/0] via 161.44.192.0
S* 198.10.1.0 [1/0] via 161.44.192.2
171.70.0.0 is variably subnetted, 2 subnets, 2 masks
S* 171.70.0.0 255.255.0.0 [1/0] via 171.70.24.0
S 171.70.24.0 255.255.255.0 [1/0] via 131.108.99.2
131.108.0.0 255.255.255.0 is subnetted, 1 subnets
C 131.108.99.0 is directly connected, TokenRing0
If the original static route had been to the major network, the extra step of configuring the
default network twice would not have been necessary.

There are still no IP protocols running here. Without any dynamic protocols running, you can
configure your router to choose from a number of candidate default routes based on whether the
routing table has routes to networks other than 0.0.0.0/0. This command allows you to configure
robustness into the selection of a gateway of last resort. Rather than configuring static routes to
specific next-hops, you can have the router choose a default route to a particular network by
checking in the routing table.

If you lose the route to a particular network, the router selects the second candidate default, as
specified above. You can remove the lost route by removing the static route in the configuration
as follows:

2513#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
2513(config)#no ip route 198.10.1.0 255.255.255.0 161.44.192.2
2513(config)#^Z
2513#
%SYS-5-CONFIG_I: Configured from console by console
After removing the static route to the original default network, the routing table looks like this:

2513#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default

Gateway of last resort is 171.70.24.0 to network 171.70.0.0

161.44.0.0 255.255.255.0 is subnetted, 1 subnets

C 161.44.192.0 is directly connected, Ethernet0
S 161.44.0.0 255.255.0.0 [1/0] via 161.44.192.0
* 171.70.0.0 is variably subnetted, 2 subnets, 2 masks
S* 171.70.0.0 255.255.0.0 [1/0] via 171.70.24.0
S 171.70.24.0 255.255.255.0 [1/0] via 131.108.99.2
131.108.0.0 255.255.255.0 is subnetted, 1 subnets
C 131.108.99.0 is directly connected, TokenRing0
2513#

Using Different Routing Protocols

Gateways of last resort selected using the ip default-network command are propagated
differently depending on which routing protocol is propagating the default route. For IGRP and
EIGRP to propagate the route, the network specified by the ip default-network command must
be known to IGRP or EIGRP. This means the network must be an IGRP- or EIGRP-derived
network in the routing table, or the static route used to generate the route to the network must be
redistributed into IGRP or EIGRP.

RIP advertises a route to 0.0.0.0. For example, note that the gateway of last resort on the router
below was learned using the combination of the ip route and ip default-network commands. If
you enable RIP on this router, RIP advertises a route to 0.0.0.0 (although not to the Token Ring
network because of split-horizon):

2513(config)#router rip
2513(config-router)#network 161.44.0.0
2513(config-router)#network 131.108.0.0
2513(config-router)#^Z
2513#
2513#
2513#
%SYS-5-CONFIG_I: Configured from console by console
2513#debug ip rip
RIP protocol debugging is on
2513#
RIP: sending update to 255.255.255.255 via Ethernet0 (161.44.192.1)
default 0.0.0.0, metric 1
network 131.108.0.0, metric 1
RIP: sending update to 255.255.255.255 via TokenRing0 (131.108.99.1)
network 161.44.0.0, metric 1
2513#

Note: In IOS release 12.0T and later, RIP does not advertise the default router if the route is not
learned via RIP. Therefore, it may be necessary to redistribute the route into RIP, or use the
default-information originate command.

OSPF, like RIP, advertises a route for 0.0.0.0 0.0.0.0. However, with OSPF, the router
originating the default route must be configured with the default-information originate
command. For more detailed information, see How Does OSPF Generate Default Routes?.

ip route 0.0.0.0 0.0.0.0

Creating a static route to network 0.0.0.0 0.0.0.0 is another way to set the gateway of last resort
on a router. As with the ip default-network command, using the static route to 0.0.0.0 is not
dependent on any routing protocols. However, ip routing must be enabled on the router.

Note: IGRP does not understand a route to 0.0.0.0, therefore it cannot propagate default routes
created using the ip route 0.0.0.0 0.0.0.0 command. Use the ip default-network command to have
IGRP propagate a default route.

EIGRP propagates a route to network 0.0.0.0, but the static route must be redistributed into
EIGRP. RIP and OSPF behave as described when using the ip default-network command. Keep
in mind that the note above still applies.

Look at an example of configuring a gateway of last resort using the ip route 0.0.0.0 0.0.0.0
command:

router-3#conf terminal
Enter configuration commands, one per line. End with CNTL/Z.
router-3(config)#ip route 0.0.0.0 0.0.0.0 170.170.3.4
router-3(config)#^Z
router-3#

router-3#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR

Gateway of last resort is 170.170.3.4 to network 0.0.0.0

170.170.0.0/24 is subnetted, 2 subnets

C 170.170.2.0 is directly connected, Serial0
C 170.170.3.0 is directly connected, Ethernet0
S* 0.0.0.0/0 [1/0] via 170.170.3.4
router-3#
router-3#
Note: If you configure multiple networks as candidate default routes using the ip default-
network command, the network that has the lowest administrative distance is chosen as the
network for the gateway of last resort. If all the networks have the same administrative distance
then the network listed first in the routing table (show ip route lists the routing table) is chosen
as the network for the gateway of last resort. If you use both the ip default-network and ip route
0.0.0.0 0.0.0.0 commands to configure candidate default networks, and the network used by the
ip default-network command is known statically, the network defined with the ip default-
network command takes precedence and is chosen for the gateway of last resort. Otherwise if the
network used by the ip default-network command is derived by a routing protocol, the ip route
0.0.0.0 0.0.0.0 command, which will have a lower administrative distance, takes precedence and
is chosen for the gateway of last resort. Lastly, if you use multiple ip route 0.0.0.0 0.0.0.0
commands to configure a default route, traffic is load-balanced over the multiple routes.

Summary

To summarize, you can use the ip default-gateway command when ip routing is disabled on a
Cisco router. Use the ip default-network and ip route 0.0.0.0 0.0.0.0 commands to set the
gateway of last resort on Cisco routers that have ip routing enabled. The way in which routing
protocols propagate the default route information varies for each protocol.

sinhvienngheo

View Public Profile

Send a private message to sinhvienngheo

Find all posts by sinhvienngheo

Add sinhvienngheo to Your Contacts

#5
02-11-2003, 09:52 AM
R3 Posts: n/a
Guest
t Gateway of Last Resort bng cc lnh IP

Bi vit ny hng dn cch dng cc cu lnh: ip defaultgateway, ip defaultnetwork , and ip

route 0.0.0.0 0.0.0.0 cu hnh default route, hay gateway of last resort.

ip defaultgateway
Lnh ip defaultgateway ch dng khi disable ip routing trn router Cisco. Nu mt router trong
mng, c th dng lnh ny nh ngha ng ra mc nh cho n. Cng c th dng lnh ny
TFTP mt image cho router khi boot mode.

ip defaultnetwork
Khng nh lnh ip default-gateway , c th dng lnh ip default-network khi ip routing
enable trn router. Khi thc hin lnh ny, router xem nh route ti mng t l ng ra cui
cng (gateway of last resort) trn router.
i vi mi mng cu hnh ip default-network, nu mt router c route cho mng , th
route c nh du l candidate default. Xem bng nh tuyn trn router Cisco sau:

Code:
2513#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate
default
Gateway of last resort is not set
161.44.0.0 255.255.255.0 is subnetted, 1 subnets
C 161.44.192.0 is directly connected, Ethernet0
S 198.10.1.0 [1/0] via 161.44.192.2
131.108.0.0 255.255.255.0 is subnetted, 1 subnets
C 131.108.99.0 is directly connected, TokenRing0

Nu cu hnh ip default-network 198.10.1.0 trn router th bng nh tuyn thay i nh sau:

Code:
2513#show ip route
...
Gateway of last resort is 161.44.192.2 to network 198.10.1.0

161.44.0.0 255.255.255.0 is subnetted, 1 subnets

C 161.44.192.0 is directly connected, Ethernet0
S 161.44.0.0 255.255.0.0 [1/0] via 161.44.192.0
S* 198.10.1.0 [1/0] via 161.44.192.2
131.108.0.0 255.255.255.0 is subnetted, 1 subnets
C 131.108.99.0 is directly connected, TokenRing0
2513#show ip protocols
2513#

Nh vy c th thy gateway of last resort c t l 161.44.192.2. Kt qu ny khng ph

thuc bt k giao thc nh tuyn no.

C th thm mt route candidate default n gin bng cch cu hnh ip default-network khc.

Code:
2513#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
2513(config)#ip route 171.70.24.0 255.255.255.0 131.108.99.2
2513(config)#ip default-network 171.70.24.0
2513(config)#^Z

2513#show ip route
...

Gateway of last resort is 161.44.192.2 to network 198.10.1.0

161.44.0.0 255.255.255.0 is subnetted, 1 subnets

C 161.44.192.0 is directly connected, Ethernet0
S 161.44.0.0 255.255.0.0 [1/0] via 161.44.192.0
S* 198.10.1.0 [1/0] via 161.44.192.2
171.70.0.0 is variably subnetted, 2 subnets, 2 masks
S 171.70.0.0 255.255.0.0 [1/0] via 171.70.24.0
S 171.70.24.0 255.255.255.0 [1/0] via 131.108.99.2
131.108.0.0 255.255.255.0 is subnetted, 1 subnets
C 131.108.99.0 is directly connected, TokenRing0

Ch , sau khi thc hin lnh trn, mng khng c nh du l default network. Phn sau y
s gii thch ti sao.
nh du mt default network
Ch : Lnh ip default-network l classfull, ngha l nu router c mt route ti mng con ch
bi lnh ny, n t route v major net. Lc ny khng mng no mng c nh du l default
network. Lnh ip default-network phi c t li dng major net, nh du route l
candidate default.

Code:
2513#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
2513(config)#ip default-network 171.70.0.0
2513(config)#^Z

2513#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate
default

Gateway of last resort is 161.44.192.2 to network 198.10.1.0

161.44.0.0 255.255.255.0 is subnetted, 1 subnets

C 161.44.192.0 is directly connected, Ethernet0
S 161.44.0.0 255.255.0.0 [1/0] via 161.44.192.0
S* 198.10.1.0 [1/0] via 161.44.192.2
171.70.0.0 is variably subnetted, 2 subnets, 2 masks
S* 171.70.0.0 255.255.0.0 [1/0] via 171.70.24.0
S 171.70.24.0 255.255.255.0 [1/0] via 131.108.99.2
131.108.0.0 255.255.255.0 is subnetted, 1 subnets
C 131.108.99.0 is directly connected, TokenRing0

y vn cha chy giao thc IP. Khng c chy giao thc nh tuyn ng, c th cu hnh
router chn t mt s route candidate default da trn bng nh tuyn. Lnh ny cho php cu
hnh thng vo phn gateway of last resort. Hn l cu hnh static roue ti chng k no , c
th router chn default route ti mng no bng cch kim tra bng nh tuyn.

Nu route ti mng b mt, router chn candidate default th hai. C th lai b route hng bng
cch loi static route nh cu hnh di y:

Code:
2513#config terminal
Enter configuration commands, one per line. End with CNTL/Z.
2513(config)#no ip route 198.10.1.0 255.255.255.0 161.44.192.2
2513(config)#^Z
2513#
%SYS-5-CONFIG_I: Configured from console by console
2513#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate
default

Gateway of last resort is 171.70.24.0 to network 171.70.0.0

161.44.0.0 255.255.255.0 is subnetted, 1 subnets

C 161.44.192.0 is directly connected, Ethernet0
S 161.44.0.0 255.255.0.0 [1/0] via 161.44.192.0
* 171.70.0.0 is variably subnetted, 2 subnets, 2 masks
S* 171.70.0.0 255.255.0.0 [1/0] via 171.70.24.0
S 171.70.24.0 255.255.255.0 [1/0] via 131.108.99.2
131.108.0.0 255.255.255.0 is subnetted, 1 subnets
C 131.108.99.0 is directly connected, TokenRing0
2513#

Dng cc giao thc nh tuyn khc

Gateways of last resort c chn bng lnh ip default-network truyn i khc nhau ph thuc
vo giao thc nh tuyn no s lan truyn default route. Vi IGRP va EIGRP lan truyn
route, mng xc nh bi lnh ip default-network phi bit bi IGRP hay EIGRP. C ngha l
mng phi mt mng hc c t IGRP hay EIGRP trong bng nh tuyn, hay static route dng
to route phi c redistribute vo IGRP hay EIGRP.

RIP qung co route 0.0.0.0. V d, gi s gateway of last resort trn router hc c thng qua
lnh ip route v ip default-network, nu chy RIP trn router ny, RIP s qung co route thnh
0.0.0.0

Code:
2513(config)#router rip
2513(config-router)#network 161.44.0.0
2513(config-router)#network 131.108.0.0
2513(config-router)#^Z
2513#
2513#
2513#
%SYS-5-CONFIG_I: Configured from console by console
2513#debug ip rip
RIP protocol debugging is on
2513#
RIP: sending update to 255.255.255.255 via Ethernet0 (161.44.192.1)
default 0.0.0.0, metric 1
network 131.108.0.0, metric 1
RIP: sending update to 255.255.255.255 via TokenRing0 (131.108.99.1)
network 161.44.0.0, metric 1
2513#

Trong IOS release 12.0T v later, RIP khng qung co default route nu route khng c
hc t RIP. Do , cn phi redistribute route ny vo RIP, hay s dng lnh default-information
originate .

OSPF, ging nh RIP, qung co route cho 0.0.0.0 0.0.0.0. Tuy nhin, vi OSPF, router l ngun
ca default route phi c cu hnh bng lnh default-information originate

ip route 0.0.0.0 0.0.0.0

To static route ti mng 0.0.0.0 0.0.0.0 l mt cch khc t gateway of last resort trn mt
router. Nh i vi lnh ip default-network, s dng static route ti 0.0.0.0 khng ph thuc vo
giao thc nh tuyn. Tuy nhin, ip routing phi c enable trn router.

Ch : IGRP khng hiu route ti 0.0.0.0, do n khng th truyn cc default route to bng
lnh ip route 0.0.0.0 0.0.0.0 . Dng lnh ip default-network c IGRP truyn default route.

EIGRP lan truyn thng tin route ti mng 0.0.0.0, nhng static route phi c redistribute vo
EIGRP. RIP v OSPF c x nh m t khi dng lnh ip default-network.

Xem v d sau, cu hnh gateway of last resort dng lnh ip route 0.0.0.0 0.0.0.0

Code:
router-3#conf terminal
Enter configuration commands, one per line. End with CNTL/Z.
router-3(config)#ip route 0.0.0.0 0.0.0.0 170.170.3.4
router-3(config)#^Z
router-3#

router-3#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR

Gateway of last resort is 170.170.3.4 to network 0.0.0.0

170.170.0.0/24 is subnetted, 2 subnets

C 170.170.2.0 is directly connected, Serial0
C 170.170.3.0 is directly connected, Ethernet0
S* 0.0.0.0/0 [1/0] via 170.170.3.4
router-3#
router-3#
Ch :
- Nu cu hnh nhiu mng l candidate default route s dng lnh ip default-network, mng c
AD nh nht s c chn l mng cho gateway of last resort.
- Nu tt c cc mng c cng AD th mng c lit k u tin trong bng nh tuyn s c
chn l mng cho gateway of last resort.
- Nu dng c hai lnh ip default-network v ip route 0.0.0.0 cu hnh candidate default
network, v mng dng bi ip default-network bit bng static route, mng nh ngha bng lnh
ip default-network s c xem xt trc v c chn cho gateway of last resort. Ngc li
nu mng dng bi ip default-network bit c bng giao thc nh tuyn, lnh ip route 0.0.0.0
0.0.0.0 , c AD nh hn, s c u tin v c chn l gateway of last resort.
- Cui cng, nu dng nhiu lnh ip route 0.0.0.0 0.0.0.0 cu hnh default route, d liu s
c load-balance trn cc route.

Tm li
- S dng ip default-gateway khi v hiu ho ip routing trn router Cisco.
- Dng lnh ip default-network v ip route 0.0.0.0 0.0.0.0 t gateway of last resort trn cc
router Cisco c enable ip routing.
- Cc thc cc giao thc nh tuyn truyn thng tin default route khc nhau i vi mi giao
thc.

---------------------
Trch dch t CCO:
http://www.cisco.com/en/US/tech/tk36...80094374.shtml

R3

#6
26-11-2003, 03:19 PM
netdevice Join Date: Jul 2003
Senior Member Posts: 139
Senior Member

Hi all,
Mnh c mt problem lin quan n vn ny. Mnh th cu hnh trn router 2514 cu lnh ip
default-network 192.168.1.0. Bng nh tuyn nh sau:

Gateway of last resort is not set

C* 192.168.1.0 is directly connected, Serial 0

Vi kt qu ny, mnh khng th s dng 192.168.1.0/24 lm tuyn mc nh c. Nu dng ip
route 0.0.0.0 0.0.0.0 192.168.1.2 th hot ng tt. Mnh cn thiu iu g chng?

Mong c gip .

netdevice

View Public Profile

Send a private message to netdevice

Find all posts by netdevice

Add netdevice to Your Contacts

#7
27-11-2003, 11:44 AM
Join Date: Oct 2005
dangquangminh Location: HCMC
Super Moderator Posts: 3,722
Brainiac

hi netdevice,

ip default-network ch apply cho IGRP/EIGRP. Vi RIP, n c th ph thuc vo IOS version.

netdevice dng routing protocol g?

Thn,
__________________
ng Quang Minh, CCIE#11897 CCSI#31417
Email: [email protected]

Viet Professionals Co. Ltd. (VnPro)

149/1D Ung Vn Khim P25 Q.Bnh thnh TPHCM
Tel: (08) 35124257 Fax: (08) 35124314
Home :http://www.vnpro.vn
Blog :http://vnpro.org/blog
Support forum :http://vnpro.org
LiveChat :http://vnpro.vn/support
 dangquangminh

View Public Profile

Send a private message to dangquangminh

Send email to dangquangminh

Visit dangquangminh's homepage!

Find all posts by dangquangminh

Add dangquangminh to Your Contacts

#8
27-11-2003, 02:10 PM
netdevice Join Date: Jul 2003
Senior Member Posts: 139
Senior Member

hi anh Minh,
Em th c 2 IGRP v RIP u khng c. Nhng em ngh giao thc nh tuyn u c lin
quan n iu ny v em mun to mt tuyn mc nh bng ip default-network c th ping
interface loopback ca 1 router kt ni trc tip. Router 2514 c IOS 12.1.
Thanks.

netdevice

View Public Profile

Send a private message to netdevice

Find all posts by netdevice

Add netdevice to Your Contacts

#9
28-11-2003, 09:08 PM
 Join Date: Apr 2003
admin
Posts: 1,392
Administrator
Brainiac

Re: t Gateway of Last Resort bng cc lnh IP

netdevice,

Xem file nh km. Ch n tng chi tit.

Cu hnh ny c test nhiu ln v working.

Thn,
__________________
Viet Professionals Co. Ltd. VnPro
---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257 (7 lines)
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support forum: http://vnpro.org
LiveChat : http://www.vnpro.vn/support
Blog VnPro : http://vnpro.org/blog
Forum Wifi : http://wifipro.org

admin

View Public Profile

Send a private message to admin

Send email to admin

Find all posts by admin

Add admin to Your Contacts

#10
11-12-2003, 01:35 PM
themask Join Date: Jul 2003
Senior Member Posts: 122
Senior Member
hi,

Bn th cu hnh nh sau xem th c chy c khng.

ip route 192.168.1.0 255.255.255.0 192.168.1.2

ip default-network 192.168.1.0
__________________
Yahoo ID: nquang7799

Quote:

Originally Posted by hieutd

Em c m hnh nh flie nh km:

Em chi ng v control c R3:

R1,R2 l cc hng upstream
R4 hng Donwtream ( cc khch hng mua IP transit nh dng FPT).

Bi ton t ra l lm sao R4 mua 5G traffic. trn R3 c th iu khin lu lng theo 2

hng mi hng 2G v 3G. Thc t ng t R3 ln R1 v R2 l 10G.

anh nh km theo link http://www.upanh.com/lab2/v/9323845.htm

Hi,

Bn th ci ny xem sao

bgp dmzlink-bw
neighbor ebgp-peer-ip dmzlink-bw
neighbor ibgp-peer-ip send-community extended
maximum-paths ibgp n
__________________
> Ping CCNA
Sending to CISCO.....Please wait.....

1. Dch v mng.

6.1. Tnh d b tn thng

Nhng IOS Switch ca Cisco c th c mt s dch v mong i c php. Nhiu nhng dch
v tiu biu ny khng cn thit cho mt thao tc bnh thng cho s chuyn i; tuy nhin nu
nhng dch v ny c bt len trn Switch th n d b nh hng dn nhng thng tin tp trung
hoc nhng cuc tn cng mng. Nhng c tnh hoc cu hnh khng y cho nhng dch v
mng trn Switch c th dn dt n nhng tha hip. Hu ht nhng dch v ny s dng mt
trong nhng c ch stranport ti lp 4 trong m hnh OSI RM: TCP, UDP. Nhng tnh d b tn
thng lin quan n nhng dch v mng sau:
+ Nhng kt ni ti nhng dch v trn Switch th khng c m ha, v vy nhng k tn cng
c th tp hp traffic mng lin quan dn nhng dch v mng phn tch mt mng. Traffic
ny c th cha usermane, password hoc thng tin cu hnh trn Switch.
+ Mt Switch vi nhng dch v s dng ti khon mc nh cho php nhng k tn cng to v
s dng mt kt ni hoc hn ti khon mc nh nhng ti khon ni ting nh(administrator,
root, security).
+ Nu mt Switch c mt dch v mng khng t password, password mc nh hoc password
n gin , th k tn cng c th on password hoc hack n v truy lc d liu hoc thay i
cu hnh trn Switch. ng thi, vic dt cng mt khu cho nhng dch v trn nhiu Switch l
mt dim yu ( im tht bi). Nhng ngi tn cng c th tha hip trn mt Switch v da
vo n tha hip n nhng Switch khc.
+ S truy cp dch v mng trn Switch l cho Switch d b tn thng tn cng. Phng
php truy cp vo tt c cc h thng hoc nhng h thnt ln hn c th kt ni n Switch.
+ Nu mt kt ni ti dch v h thng mng m khng t thi gian timeout hoc c thi gian
timeout qu ln (ln hn 9 pht), th nhng kt ni c sn s thun tin cho nhng k tn cng
tn cng chng.

1.2. Gii Php.

Nu c th thay vo vic s dng dch v mng (telnet) thc hin vic qun l bn in-band
ca mt Switch, s dng qun l out-of-band (via the console port) trn mi Switch. Qun l out-
of-band gim bt s phi by thng tin cu hnh v password hn qun l in-band. Tham chiu
n phn qun l port chi tit trong qun l out-of-band.
Nhng gii php sau s gim nh tnh d b tn thng ca nhng dch v mng c bt trn
Switch. Nhng bin php i ph chia theo nhng loi sau: dch v mng khng cn thit v
dch v mng cn thit tim tn
.
6.2.1. Dch v mng khng cn thit:

Nu c th th v hiu ha nhng dch v khng cn thit trn mi Switch. Nhng lnh sau s v
hiu ha nhng dch v lin quan. Trong mt s trng hp nhng lnh ny ch nh hng n
Switch ton cc, trong khi trong nhng trng hp khc n ch nh hng n mt interface
ring l (Fastenthernet, gigaethernet) trn Switch. p dng nhng ci t ny vo mt
interface, s dng di dng lnh ch r cu hnh trn interface.
V d sau dng t cho interface Gigaethernrt 6/1- 6/3
Switch(config)# interface range gigabitethernet 6/1 3

6.2.1.1 TCP v UDP Small servers TCP/UDP port 7, 9, 13, 19

Cisco h tr cho Small Server ( echo,discard, daytime and chargen). Hai server echo v
chargen c th s dng mt hoc nhiu hn tn cng t chi dch v trn Switch. Nhng dch v
ny c th c tt i bng nhng dng lnh sau:
Switch(config)# no service tcp-small-servers
Switch(config)# no service udp-small-servers

6.2.1.2 Bootp Server UDP port 67

Mt switch ca Cisco c th tc ng n Bootp Server phn phi nhng hnh nh ca h

thng ti nhng h thng khc. Tr khi n l nhng yu cu v thao tc, n tt nht tt nhng
dch v nhng dng lnh sau s gim ti thiu nhng hnh nh ca s truy nhp khng hp php
vo h thng trn Switch.
Switch(config)# no ip bootp server

6.2.1.3 Finger TCP port 79.

Nhng Switch ca Cisco c h tr dch v Finger, m c th cung cp nhng thng tin v ngi
dng logged vo Switch. Nhng dng lnh sau s tt dch v Finger. Lnh u tin s thay th
lnh th hai trong nhng phin bn IOS tng lai.
Switch(config)# no ip finger
Switch(config)# no service finger

6.2.1.4 Cu Hnh Autoload.

Mt Switch ca Cisco c th c cu hnh t mt server trn mng bng mt s phng php.

Nhng phng php ny th khng c ngh bi v nhng thng tin c chuyn trong
cleartext trong qu trnh khi ng v c th c tp hp bi ngi dng bt hp php. S
dng nhng dng lnh v hiu ha nhng phng php ny.

Switch(config)# no service config

Switch(config)# no boot host
Switch(config)# no boot network
Switch(config)# no boot system

6.2.1.5 Packet Assembler/Disassembler(PAD)

PAD cho php nhng kt ni X.25 gia nhng h thng mng. Tr khi mt mng yu cu kh
nng ny dch v PAD c v hiu ha bi dng lnh.

Switch(config)# no service pad

6.2.1.6 Thng ip ICMP ( internet control messeger protocol)

Mt Switch ca Cisco c th t ng pht sinh ba loi thng ip ICMP: Host Unreachable,

Redirect and Mask Reply.
Thng ip Mask Reply cung cp mt n mng cho nhng mu tin mng n requestor. Mt k
tn cng c th s dng nhng thng ip ny gip hn trong vic nh x mt mng. V hiu
ha nhng thng bo ny bng nhng lnh sau khuyn co rng dng cho mi interface v trn
inter face Null 0.

Switch(config-if)#noip unreachables
Switch(config-if)# no ip redirects
Switch(config-if)# no ip mask-reply

V hiu ha interface Null 0 th c ch trng. Interface ny l gi tin mt dn gi tr. N i

khi c dng trong tn cng t chi dch v v nhng gi tin blocked c gi ti interface
ny. N s pht sinh ra nhng thng dip Host Unreachable lm trn ngp mng tr khi n c
c v hiu ha. Nhng k tn cng c ths dng nhng thng bo ny xc c cu hnh
access-control-list bi vic xc nh nhng gi tin b tt nghn. Directed Broadcast cho php
nhng thng ip broadcast lan truyn t nhng broadcast domain khc hn n Switch. V d
nhng k tn cng c th s dng ICMP Directed Broadcast cho mc ch ny. Khuyn co nn
tt kh nng broadcast s dng dng lnh sau cho mi interface.
Switch(config-if)# no ip directed-broadcast

6.2.2 Nhng dch v mng tim tn cn thit.

Nhng dch v mng cn thit c th cn cho vic qun tr trn mt Switch. Nu trong qun l in-
band hoc dch v mng cn thit, th xem xt nhng mc sau cu hnh dch v mng an ton
hn.
Thit lp mt ti khon duy nht cho mi ngi qun tr cho s truy cp ti bt k dch v mng
cn thit no. Nhng dng lnh sau s to ra mt ti khon vi mt mc c quyn. Ti khon
ny ch ti Switch cc b. c quyn level 0 l mc thp nht trn Switch ca Cisco v cho
php nhng tp hp rt nh nhng lnh. Ngi qun tr c th i ti level cao hn (v d mc
15) t level 0 s dng dng lnh Enable.

Switch(config)# username ljones privilege 0

Switch(config)# username ljones secret g00d-P5WD
Cho s chng thc cc dch v tinh t hn, cng nh lin h cc kh nng khc v nhng dch v
tham chiu ti Authentination, Authorization v Accouting (AAA) trong bo co ny.
6.2.2.1 Domain Name System(DNS) TCP port 53, UDP port 53.

ch nh cho DNS sever phn gii tn, s dng cu lnh ip name server. Lnh ny c th s
dng thit lp su DNS server. V d sau t a ch ip 10.1.200.97 cho DNS server.

Switch(config)# ip name-server 10.1.200.97

nh x DNS-base t tn sang a ch Ip, s dng cu lnh ip domain-lookup . Lnh ny cho
php DNS broadcast truy vn t Switch v c tr li bi DNS server.

Switch(config)# ip domain-lookup

Trong mt vi trng hp ngi qun tr khng mun kh nng truy vn DNS ny. V d sau nu
ngi qun tr g dng lnh khng ng th Switch c th gii quyt vn ny ti mt a ch
Ip. Thuc tnh ny c th gy ra s tr hon. Nh vy, s dng dng lnh sau d v hiu ha kh
nng ny nu cn thit.
Switch(config)# no ip domain-lookup
ch r tn min mc nh hon thnh hon ton hostname, s dng dng lnh ip domain-
name. V d sau t tn min l test.lab s dng cu lnh sau.

Switch(config)# ip domain-name test.lab

6.2.2.2 SSH TCP port 22.

Nu cn thit c truy cp t xa n Switch, th xem xt s dng SSH thay v telnet. SSH cung
cp m ha nhng kt ni t xa. Tuy nhin, nhng phin bn IOS bao gm h tr c ch m ha
SSH. ng thi, SSH Switch cn cp nht phin bn IOS. Trc khi s dng SSH trn Switch,
ngi qun tr cn phi cu hnh nhng lnh sau: hostname, ip domain-name, v crypto key
generate rsa. V d sau t hostname cho Switch.
Switch(config)# hostname Switch
Tham chiu n nhng mc trn v DNS s dng dng lnh Ip domain-name. Dng lnh crypto
key generate rsa c quyt nh trn dng lnh hostname v ip domain-name. Lnh crypto to
ra kha i Rivest, Shamir, Adleman (RSA) m bao gm mt kho publice RSA v mt kha
private RSA.
V d sau cho thy lnh crypto ny k c hai tham s l tn cho kha(switch.test.lab) v kch
thc cho kha(1024).

Switch(config)# crypto key generate rsa

The name for the keys will be: switch.test.lab

Choose the size of the key modulus in the range of 360 to 2048 for your
General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes.
How many bits in the modulus[512]? 1024
Generating RSA keys.... [OK].

hn ch s truy nhp SSH n Switch, cn cu hnh m rng access-list chp nhn cho
nhng h thng ca ngi qun tr to nhng kt ni v p vo nhng thit b u cui. Chp
nhn nhng kt ni SSH ti nhng ng ny bng cch s dng dng lnh transport input ssh.
t mc quyn l level 0 v set thi gian exec-timeout l 9 pht v 0 giy ti s ngt kt ni
nhn ri nhng kt ni ti nhng lines ny. Cui cng s dng dng lnh login local bt tnh
nng kim tra ti khon ti nhng lc ng nhp ci s nhc nh cho mt username v mt
password.
Nhng dng lnh sau cu hnh SSH cho cc thit b u cui.

Switch(config)# no access-list 101

Switch(config)# access-list 101 remark Permit SSH access from administrators systems
Switch(config)# access-list 101 permit tcp host 10.1.6.1 any eq 22 log
Switch(config)# access-list 101 permit tcp host 10.1.6.2 any eq 22 log
Switch(config)# access-list 101 deny ip any any log
Switch(config)# line vty 0 4
Switch(config-line)# access-class 101 in Switch(config-line)# transport input ssh
Switch(config-line)# privilege level 0
Switch(config-line)# exec-timeout 9 0
Switch(config-line)# login local

Cu lnh login local khng c dng vi AAA. Thay v s dng dng lnh login authentication.
Xem phn AAA d bit thm chi tit.

6.2.2.3 Telnet TCP port 23.

Nu ngi qun tr khng th update phin bn ISO cho Switch vi SSH, hn ch vic chp
nhn telnet vo Switch. Cu hnh m rng cc access-list(vd: 102) m cho php ch duy nht h
thng ca ngi qun tr to kt ni v p dng nhng access-list ny vo thit b u cui. Cho
php nhng kt ni telnet duy nht trn nhng lines ny s dng cu lnh transport input telnet.
t mc quyn l level 0 v set thi gian exec-timeout l 9 pht v 0 giy ti s ngt kt ni
nhn ri nhng kt ni ti nhng lines ny. Cui cng s dng dng lnh login local bt tnh
nng kim tra ti khon ti nhng lc ng nhp ci s nhc nh cho mt username v mt
password.
Nhng dng lnh sau cu hnh Telnet cho cc thit b u cui.

Switch(config)# no access-list 102

Switch(config)# access-list 102 remark Permit telnet access from
administrators systems
Switch(config)# access-list 102 permit tcp host 10.1.6.1 any eq 23 log Switch(config)# access-
list 102 permit tcp host 10.1.6.2 any eq 23 log Switch(config)# access-list 102 deny ip any
any log
Switch(config)# line vty 0 4
Switch(config-line)# access-class 102 in Switch(config-line)# transport input telnet
Switch(config-line)# privilege level 0
Switch(config-line)# exec-timeout 9 0
Switch(config-line)# login local
Cu lnh login local khng c dng vi AAA. Thay v s dng dng lnh login authentication.
Xem phn AAA d bit thm chi tit.
__________________
.2.2.4 HTTP TCP port 80

Mt HTTP server c tch hp trong IOS cho php qun tr t xa Switch thong quan mt
interface wed. Nu khng cn thit qun tr Switch trn wed-base th ta tt HTTP server bng
dng lnh sau:

Switch(config)# no ip http server

Nu cn vic qun tr Switch tren web-base, th nn hn ch vic truy nhp HTTP vo Swtich.
Cu hnh access-list c bn (vd:11) cho php m cho php ch duy nht h thng ca ngi qun
tr c to kt ni v p dng access-list ny ti dch v HTTP trn Switch. Cui cng s dng
dng lnh ip http authentication local bt tnh nng kim tra ti khon ti nhng lc ng
nhp ci s nhc nh cho mt username v mt password.
Switch(config)# no access-list 11
Switch(config)# access-list 11 remark Permit HTTP access from administrators systems
Switch(config)# access-list 11 permit host 10.1.6.1 log Switch(config)# access-list 11 permit
host 10.1.6.2 log Switch(config)# access-list 11 deny any log Switch(config)# ip http server
Switch(config)# ip http access-class 11
Switch(config)# ip http authentication local

Ch web browers s dng cho vic qun tr v vy thng tin cu hnh quan trng lu trong b
m (vd: password). V th nn m bo rng b m c xa nh k.

6.2.2.5 Simple Network Management Protocol (SNMP) TCP port 161,162.

SNMP l dch v c thc hin cho chc nng qun l mng s dng cu trc d liu gi l
Manegement Information Base (MIB). Khng may, mt phin bn SNMP ang ph bin rng ri
th li khng an ton, n s dng hon ton bng clear-text cho s truy nhp thng tin trn
Switch v bao gm c file cu hnh ca n.
Nu dch v SNMP khng cn s dng th nhng dng lnh sau s tt dch ny:
Switch(config)# no snmp-server community
witch(config)# no snmp-server enable traps
Switch(config)# no snmp-server system-shutdown
Switch(config)# no snmp-server

Nu SNMP c yu cu trn Switch, th cu hnh trn Switch vi SNMP version 3. Phin bn

ny th an ton hn phin bn 1 v phin bn 3 c th s dng cryptographic hashes cho vic
chng thc bo v cho ton b cho community strings. Nhng dng lnh trn v hiu
ho SNMP th khuyn co rng trc khi trin khai SNMP phin bn 3 th nn xo bt k
community strings no.
Sau y l nhng dng lnh s dng User security Model trn Switch SNMP phin bn 3. M
hnh bt u vi vic to ra standard access-list cho php duy nht nhng h thng qun l
Switch. Tip theo l to ra mt nhm (vd: admin) vi quyn c v vit MIB(vd: adminview).
Ri trn mi ngi dng c thm vo nhm(root) vi mt mt khu(5ecrect-5TRN1) ci c
th c m ho hashed (md5) trc khi c gi ti mng bn kia. ng thi standard access-
list c p dng ti tng ngi dung. Cui cng, MIB view c nh ngha bi mt hoc
nhiu cc khai bo bao gm hoc loi b nhng phn cua MIB. MIB view trong v d sau cho
php vo nhnh Internet ca MIB tr nhng nhnh a ch IP v thong tin IP routing.

Switch(config)# no access-list 12
Switch(config)# access-list 12 permit 10.1.6.1
Switch(config)# access-list 12 permit 10.1.6.2
Switch(config)# snmp-server group admins v3 auth read adminview write adminview
Switch(config)# snmp-server user root admins v3 auth md5 5ecret-5TR1N
access 12
Switch(config)# snmp-server view adminview internet included Switch(config)# snmp-
server view adminview ipAddrEntry excluded Switch(config)# snmp-server view
adminview ipRouteEntry excluded
Nu SNMP c i hi trn Switch v ch sn c SNMP phin bn 1 duy nht, th v d sau cho
thy lm th no cu hnh Switch vi community string ( good-5tr1n9)ci c php c
v p t
standard access-list trn n.

Switch(config)# no access-list 12
Switch(config)# access-list 12 permit 10.1.6.1
Switch(config)# access-list 12 permit 10.1.6.2
Switch(config)# snmp-server community g00d-5tr1n9 ro 12

Ngoi vic cu hnh dch v SNMP,thng tin Trap SNMP c th gi n h thng qun l Switch.
V d sau cho thy vic cu hnh ny.

Switch(config)# snmp-server host 10.1.6.1 traps g00d-5tr1n9-2

Switch(config)# snmp-server host 10.1.6.2 traps g00d-5tr1n9-2
Switch(config)# snmp-server trap-source Loopback0
Switch(config)# snmp-server enable traps
__________________
Phm Minh Tun, CCNP
Support Teams
Email :[email protected]

Viet Professionals Co. Ltd. VnPro

---------------------------------------
149/1D Ung Vn Khim P25 Q.Binh thanh TPHCM
Tel: (08) 35124257
Fax: (08) 5124314
Home Page : http://www.vnpro.vn
Support Forum : http://www. vnpro.org
Live Chat : http://www.vnpro.vn/support
Blog VnPro : http://www.vnpro.org/blog
Search: VNPRO.ORG
Cng ng Mng Khng Dy Vit Nam
1. Port Security

7.1 Tnh d b tn thng

Nhng interface lp 2 ca Cisco c hiu nh l cc Port. Mt Switch m khng cung cp kh

nng bo v Port, th cho php k tn cng tn cng vo h thng khng dng n, enable Port,
thu thp thng tin hoc tn cng. Mt Switch c th cu hnh hot ng ging nh Hub. iu
c ngha l mi h thng kt ni n Switch m cch tim tng c th thy tt c cc traffic di
chuyn qua Switch ti cc h thng kt ni n Switch. Nh vy 1 k tn cng c th thu thp
traffic cha ng cc thng tin nh: Username, Passord, nhng thng tin cu hnh v h thng
trn mng

7.2 Gii Php

Port Security gii hn s lng ca da ch MAC hp l c cho php trn Port. Tt c nhng
port trn Switch hoc nhng interface nn c m bo trc khi trin khai.Theo cch ny,
nhng t tnh c ci t hoc g b nh l nhng yu cu thm vo hoc lm di thm
nhng t tnh 1 cch ngu nhin hoc l nhng kt qu bo mt vn d c sn.
Nn nh rng Port Security khng s dng cho nhng Port access ng hoc port ch cho ngi
phn tch Switch Port. V cho n khi Port security bt tnh nng Port trn Switch nhiu
nht c th.
V d sau cho thy dng lnh shutdonw mt interface hoc mt mng cc interface:
Single interface:
Switch(config)# interface fastethernet 0/1
Switch(config-if)# shutdown

Range of interfaces:

Switch(config)# interface range fastethernet 0/2 - 8

Switch(config-if-range)# shutdown

Port Security c kh nng lm thay i s ph thuc trn ch Switch v phin bn IOS. Mi

Port hot ng c th b hn ch bi s lng ti a a ch MAC vi hnh dng la chn cho
bt k s vi phm no. Nhng vi phm ny c th lm drop gi tin ( violation protect ) hoc drop
v gi thng ip (restrict or action trap) hoc shutdown port hon ton( violation shutdown or
action shutdown). Shutdown l trng thi mc nh , m bo hu ht protect v restrict c hai
u yu cu theo di a ch MAC m n c quan st v ph hu ti nguyn x l hn l
shutdown. a ch MAC c thu thp mt cch t ng vi vi Switch h tr Entry tnh v

Sticky Entry. Entry tnh th c cu hnh bng tay thm vo trn mi port (e.g., switchport
port-security mac- address mac- address) v c lu li trong file cu hnh.. Sticky Entry c
xem nh l Entry tnh, ngoi n c hc mt cch t ng . Nhng Entry ng tn ti c
chuyn sang Sticky Entry sau khi s dng cu lnh (switchport port-security mac- address
Stickey). Nhng Entry ng c c lu li trong file cu hnh (switchport port-security mac-
address Stickey mac- address) n u file c u h nh d c lu v chy th a ch MAC kh ng c
n h c l i l n n acho vi c restart l n sau. V c ng v y m t s l ng t i a a ch
MAC c th c c i t b ng c u l nh sau(e.g.,switchport port-security maximun value) .
Ngi qun tr c th bt tnh nng cu hnh a ch MAC tnh trn cc port bng cch s dng
cu lnh switchport port-security aging static. Lnh aging time (e.g., switchport port-security
aging time time) c th t di dng pht. ng thi dng lnh aging c th t cho s khng
hot ng (e.g., switchport port-security aging type inactivity), iu ny c ngha l tui cc
a ch c cu hnh trn port ngoi nu khng c d liu lu thng t nhng a ch ny
cho khai bo tng phn bng dng lnh aging time. t tnh ny cho php tip tc truy cp n
s lng nhng da ch gii hn .
V d:
+ Nhng dng lnh sau dng gii hn tnh mt cng trn Catalyst Switch 3550.

Switch(config-if)# switchport port-security

Switch(config-if)# switchport port-security violation shutdown
Switch(config-if)# switchport port-security maximum 1
Switch(config-if)# switchport port-security mac-address 0000.0200.0088
Switch(config-if)# switchport port-security aging time 10
Switch(config-if)# switchport port-security aging type inactivity

+ Nhng dng lnh sau gii hn ng mt cng trn Catalyst Switch 3550. Ch nhng dng
lnh aging khng c s dng vi nhng a ch sticky MAC.

Switch(config-if)# switchport port-security

Switch(config-if)# switchport port-security violation shutdown
Switch(config-if)# switchport port-security maximum 1
Switch(config-if)# switchport port-security mac-address sticky

Ch khi c s vi phm port security xy ra th ngay lp tc n s tr thnh trng thi error-

disable v n LED s tt. Switch cng s gi mt thng ip SNMP trap, logs (syslog) v lm
tng ln s phn i ca xm nhp. Khi mt port o trng thi error-disable, ngi qun tr c th
a n ra khi trng thi ny bng cch s dng dng lnh ch ton cc errdisable recovery
cause psecure-violation hoc dng lnh shutdown v no shutdown trn cng c cu hnh.

C mt s vn quan trng pht sinh khi cu hnh port security trn port kt ni n mt IP
phone. Mt d port security khng c s dng trn Trunk port, a ch MAC phn i vic
xem xt viec gn VLAN ca gi tin n. Cng IP phone gi gi tin ra 2 Vlan s c 2 bng entries
c chia ra trong bng MAC v th n s m 2 ln ln n maximum MAC.
Khi IP Phone c th s dng 2 gi tin khng c gn vo (untagged, e.g., Layer 2 CDP protocol
) v gi tin Voice Vlan c gn(tagged); a ch MAC ca IP Phone s c thy trn c 2 native
VLAN v Voice VLAN. V vy n s c m 2 ln. Vic t ti a a ch MAC cho 1 port kt
ni n 1 IP Phone cho trng hp nhiu my tnh tn cng vo IP Phone. Nhng my tnh
truyn hp l s dng nhiu a ch MAC phi c cu hnh tnh ton.
Mt kh nng mi bo m cho nhng port ca Switch nhanh hn v thch hp hn l
macros. Macros cho php nhm nhng port sn sng m nhng lnh c chp nhn bng
cu hnh tay. Bt k dng lnh no c thm vo bng vic s dng k t # ti u mi dng
lnh v kt thc bi k t@.
The following example creates a strict security macro called unused to secure the ports, or
interfaces, on
a 3550 switch
V d sau y to ra s ngn cn security macro gi l unused bo m trn nhng port hoc
trn nhng interface trn Switch 3550.

Switch(config)# macro name unused

macro description unused
shutdown
description *** UNUSED Port ***
no ip address switchport
# Set secure defaults for access mode switchport mode access
switchport access vlan 999
switchport nonegotiate
# Set secure defaults for trunking mode switchport trunk encapsulation dot1q switchport trunk
native vlan 999 switchport trunk allowed vlan none
# Only learn source MAC addresses switchport block multicast switchport block unicast
# Enable MAC control and set secure options
switchport port-security
switchport port-security maximum 1
switchport port-security aging time 10
switchport port-security aging type inactivity
# Apply any switch-wide access-lists
ip access-group ip-device-list in
mac access-group mac-device-list in
# Set secure defaults for misc. flags and protocols mls qos cos override
dot1x port-control force-unauthenticated
storm-control broadcast level 0.00 storm-control multicast level 0.00 storm-control unicast level
0.00
no cdp enable
# Default Spanning-tree to secure host settings spanning-tree portfast
spanning-tree bpdufilter enable spanning-tree bpduguard enable spanning-tree guard root
@

Sau khi to s gn cm security macro, unused, p t macro trn tt c cc port ca Switch nh

s bo m ranh gii vi cc dng lnh sau.

Switch(config)# interface range fasteth0/1 24 , giga0/1 2

Switch(config-if-range)# macro apply unused
Sau khi macros c xy dng tnh bo m da trn unused macro c thit lp bt tnh
nng bo mt d h tr tt c cc h thng theo mong i..
Switch(config)# macro name host
# Apply macro 'unused' first!
macro description host
# Set the port for a PC host
dot1x port-control auto
no storm-control broadcast level no storm-control multicast level no storm-control unicast level
no shutdown
# The following are recommended port specific commands
#description Host <10.1.10.3>
#switchport access vlan <10>
#switchport trunk native vlan <10>
@

Switch(config)# macro name ipphone

# Apply macro 'unused' first!
macro description ipphone
#
# Set the port for an ipphone without attached PC host switchport port-security maximum 2
no mls qos cos override
mls qos trust device cisco-phone
mls qos trust dscp
no storm-control broadcast level no storm-control multicast level no storm-control unicast level
cdp enable
no shutdown
#
# The following are recommended port specific commands
#description IP PHONE <x1013>
#switchport voice vlan <101>
@
Switch(config)# macro name ipphone-host
# Apply macro 'unused' first!
macro description ipphone & host
#
# Set the port for an ipphone with attached PC host switchport port-security maximum 3
no mls qos cos override
mls qos trust device cisco-phone
mls qos trust dscp
dot1x port-control auto
no storm-control broadcast level no storm-control multicast level no storm-control unicast level
cdp enable
no shutdown
#
# The following are recommended port specific commands
#description IP PHONE <x1014> & HOST <10.1.20.5>
#switchport access vlan <20>
#switchport trunk native vlan <20>
#switchport voice vlan <101>
@

Vic chp nhn nhng macros s ch lm thay i n tnh bo m nhng bin c yu cu

cho nhng port h tr hon ton nhng h thng thch hp.
V d sau ch ra lm th no dng cc macro ln trc cu hnh cho nhng port access ca
nhng Switch t nhng m hnh v d cho mi h thng nh: Host, Ip Phone v IP Phone vi
mt cuc tn cng host.
Host:

Switch(config)# interface fa0/1

Switch(config-if)# macro apply host
Switch(config-if)# description Host 10.1.10.3
Switch(config-if)# switchport access vlan 10
Switch(config-if)# switchport trunk native vlan 10
Switch(config-if)# exit

IP phone:

Switch(config)# interface range fa0/2 - 4

Switch(config-if-range)# macro apply ipphone
Switch(config-if-range)# switchport voice vlan 101
Switch(config-if-range)# exit
Switch(config)# interface fa0/2
Switch(config-if)# description IP PHONE x1011
Switch(config)# interface fa0/3
Switch(config)# description IP PHONE x1012
Switch(config)# interface fa0/4
Switch(config-if)# description IP PHONE x1013
Switch(config-if)# exit

IP phone with an attached host:

Switch(config)# interface fa0/5

Switch(config-if)# macro apply ipphone-host
Switch(config-if)# description IP PHONE x1014 & Host 10.1.20.5
Switch(config-if)# switchport access vlan 20
Switch(config-if)# switchport trunk native vlan 20
Switch(config-if)# switchport voice vlan 101
Switch(config-if)# exit

Ngi qun tr c th s dng cu lnh macro trace thay th cho cu lnh macro apply bi v
cu lnh macro trace c th xc nh debugging ca macros. Thng xuyn s dng show parser
macro description bit macro cui cng c p ln mi port.
Cui cng a ch MAC tnh v port security p trn mi port ca Switch c th tr thnh gnh
nng cho ngi qun tr. Port Access Control List (PACLs) c th cung cp kh nng bo mt
tng t nh a ch MAC tnh v port security v PACLs cng cung cp nhiu tnh nng linh
ng v iu khin.vic cho php a ch MAC v a ch IP c th c chia v dc xem xt t
pha ca mt Switch m rng. Tham chiu n phn ALCs bit thm chi tit.
__________________
nh ang lm bi tp thit k h thng mng cho mt ngn hng. Nhng ci kho ca mnh
gp phi l khng bit lm sao tnh ton bng thng cn thit cho ng chuyn, tit kim
nht v ti u nht. gi d nh la vao gi cao im th c khong 10 my truy cp vo xem
phim hoc cht yahoo, tc l gi ngh cha o. va cung co mt vi my mun download
phim hay l mt ti liu no . th lm sao tnh ton c ng truyn mnh cn thu cho
hp l. c pro no bit ch h mnh vi tm trn mng m khng c ti liu no v tnh ton
bng thng cn thit. hay l ai c ti liu g v vn ny shar vi thanks trc.

happy_10

View Public Profile

Send a private message to happy_10

 Send email to happy_10

Find all posts by happy_10

Add happy_10 to Your Contacts

#2
20-04-2010, 11:49 PM
vnpro-test Join Date: Dec 2008
Member Posts: 71
Member

Cho bn,

- Theo mnh th bn cn xt s user cn truy cp Internet =A

- Cng vic hng ngy ca h.
- Bng thng cn cho mi user. (ch tnh phn cng vic) = B
- Bng thng cn thit AxB+(AxB)x30%.

Ch bn ng ngh ti vic cho user download thoi mi, phn ny bn phi kim cch chn.
Ch download film th bao nhiu cng khng .

Cn nu ch nh truy cp trong nc th gi thu mt ng >10 Mb kh r.

__________________

vnpro-test

View Public Profile

Send a private message to vnpro-test

Find all posts by vnpro-test

Add vnpro-test to Your Contacts

#3
20-04-2010, 11:50 PM
 Join Date: Aug 2008
LamPhuongHoang Location: Hc Mc Nhai
Senior Member Posts: 756
Elite

Nu mun o bng thng tng i chnh xc 1 cht. Bn c th canh gi cao im nht, c

ngha l thi gian m nhiu PC truy cp nht v lm nhiu tc v khc nhau. Lc bn hy
dng cc phn mm nh PRTG, BWMeter....

Tuy nhin s c mt trng hp xut hin mt client no s dng phn mm download v

d nh IDM th client s chim tuyt i BW ca ng truyn. n khi cc client cn li
truy cp s rt chm.
__________________
Tuyt hoa thn kim

LamPhuongHoang

View Public Profile

Send a private message to LamPhuongHoang

Find all posts by LamPhuongHoang

Add LamPhuongHoang to Your Contacts

#4
21-04-2010, 01:02 AM
happy_10 Join Date: Mar 2010
Junior Member Posts: 14
Newbie

Quote:

Originally Posted by vnpro-test

Cho bn,

- Theo mnh th bn cn xt s user cn truy cp Internet =A

- Cng vic hng ngy ca ho.
- Bng thng cn cho mi user. (chi tnh phn cng vic) = B
- Bng thng cn thit AxB+(AxB)x30%.

Ch bn ng ngh ti vic cho user download thoi mi, phn ny bn phi kim cch chn.
Ch download film th bao nhiu cng khng .

Cn nu chi nh truy cp trong nc th gi thu mt ng >10 Mb kh re.

cm n pro rt nhiu, nhng bn c th cho mnh hi thm l gi d nh mnh c 100 user, cc
user ny c thit k cho ngn hng th ch yu cng vic ca h l gi fack, check mail, v
ln web xem thng tin. th mnh c th tnh gi tr ca B y lm sao c. vi li mnh cn
phi ch ti vn gi cao im na ch. gi s l vo bui cha. mi ngi ngh cha c
khong 10 my xem phim v chat yahoo. trong khong thi gian l 2 gi t 11h ti 1h. nh vy
mnh cn phi ch ti thi gian gi cao im na tnh bng thng na ch. mnh thy y
pro ch vit l A v B mnh ngh cha , bn c th ch thm c khng. xin chn thnh cm
n.
i Levy!
Mnh mun hi r mt cht v vn ny.
Trn R2,R3 2 static route u c redistribute vo BGP?. Nu c th bn a ln hin tng
bn gp phi. Bn vit trong iu kin bnh thng:
1. iu kin bnh thng
- Trn R1 thy R3-lo bng iBGP qua R2 (tc l dng iBGP thay v static)
- Trn R2 thy R3-lo bng static.

Mnh lab trng hp ny v thy khng nh vy: khi redistribute static. Routing Table vn
nhn static.

Thanks

bachhm

View Public Profile

Send a private message to bachhm

Find all posts by bachhm

Add bachhm to Your Contacts

#13
21-04-2010, 03:50 AM
bachhm J
Junior Member P
Newbie

hi Levy, sorry mnh hiu sai vn bn a ra, y l cu hi .

Vn ny mnh ngh phi s dng c weight v AD.

trn R1: cu hnh static route vi AD 210, ng thi cu hnh route-map R2-in in cho peer iBGP tng weight ca
c t R2.

Trng hp ny phi AD ca static route > distance iBGP static route b overwrite bi BGP route.
( test)
kt qu:
DK1 binhf thuongwf:
Tren R1:
R1#sib
*Apr 21 03 07.811: %SYS-5-CONFIG_I: Configured from console by console
BGP table version is 29, local router ID is 10.1.23.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*>i3.3.3.0/24 10.1.12.1 0 100 40000 i
R1#
R1#sir
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

3.0.0.0/24 is subnetted, 1 subnets

B 3.3.3.0 [200/0] via 10.1.12.1, 00:01:24
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.12.0 is directly connected, FastEthernet0/0
C 10.1.23.0 is directly connected, FastEthernet0/1

Tren R2:
R2#sib
BGP table version is 17, local router ID is 10.1.13.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 3.3.3.0/24 10.1.13.3 0 32768 i
R2#sir
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

3.0.0.0/24 is subnetted, 1 subnets

S 3.3.3.0 [1/0] via 10.1.13.3, FastEthernet0/1
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.13.0 is directly connected, FastEthernet0/1
C 10.1.12.0 is directly connected, FastEthernet0/0

DK2)
Khi shutdown cong R2-R3

Tren R1:
R1#
R1#sib
BGP table version is 31, local router ID is 10.1.23.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 3.3.3.0/24 10.1.23.3 0 32768 ?
R1#sir
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

3.0.0.0/24 is subnetted, 1 subnets

S 3.3.3.0 [210/0] via 10.1.23.3
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.12.0 is directly connected, FastEthernet0/0
C 10.1.23.0 is directly connected, FastEthernet0/1

Tren R2:
R2#sib
BGP table version is 19, local router ID is 10.1.13.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*>i3.3.3.0/24 10.1.12.2 0 100 0 ?
R2#sir
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

3.0.0.0/24 is subnetted, 1 subnets

B 3.3.3.0 [200/0] via 10.1.12.2, 00:01:10
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.12.0 is directly connected, FastEthernet0/0

DK binh thuong)
no shut R3-R3

Tren R1:
R1#sib
BGP table version is 32, local router ID is 10.1.23.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*>i3.3.3.0/24 10.1.12.1 0 100 40000 i
R1#sir
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

3.0.0.0/24 is subnetted, 1 subnets

B 3.3.3.0 [200/0] via 10.1.12.1, 00:00:05
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.12.0 is directly connected, FastEthernet0/0
C 10.1.23.0 is directly connected, FastEthernet0/1

Tren R2:
R2#sib
BGP table version is 21, local router ID is 10.1.13.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 3.3.3.0/24 10.1.13.3 0 32768 i
R2#sir
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

3.0.0.0/24 is subnetted, 1 subnets

S 3.3.3.0 [1/0] via 10.1.13.3, FastEthernet0/1
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.13.0 is directly connected, FastEthernet0/1
C 10.1.12.0 is directly connected, FastEthernet0/0

thanks

S dng GNS3 gi lp router Cisco - Ci t v cu hnh

GNS3 l 1 chng trnh gi lp mng c giao din ha cho php bn c th gi lp cc Cisco router s dng I
cn c ATM/Frame Relay/Ethernet Switch ,Pix Firewall thm ch kt ni vo h thng mng tht
GNS3 c pht trin da trn Dynamips v Dynagen m phng cc dng router 1700,2600,3600,3700,7200
khai cc bi lab ca CCNA,CCNP,CCIE nhng hin ti vn cha m phng c Catalyst Switch (mc d c th
16ESW)

1.Ci t GNS3
GNS3 c th chy trn Windows,Linux v Mac OSX. ci t phn mm trn Window d dng chng ta c th
all-in-one cung cp mi th bn cn chy c GNS3
Cc bn c th download GNS3-0.5-win32-all-in-one.exe ti y
HTML Code:
http://www.gns3.net/download

HTML Code:
ftp://truongtandn.no-ip.org/CCNA/Soft/GNS3/

Tin hnh ci t
Giao din GNS3 sau khi ci t xong
2.Cu hnh ln u tin cho GNS3
Vo Edit > Add IOS images and hypervisors ch ng dn n cc file IOS trong mc Setting
Vo Edit > Preferences > Dynamips > Trong mc Excutable Path chn ng dn n tp tin dynamip-wxp.exe t
t GNS3 , sau bm vo nt Test kim tra li hot ng ca Dynamip
Ko th cc router c IOS vo trin khai 1 m hnh n gin
Nhn vo biu tng Play bt u gi lp
3.Bt u cu hnh
Nhn phi chut ln thit b chon Console bt u cu hnh
Chinh sa ln cui cung bi Achilles: 12-28-2008 vo lc 01:33 AM

The Following User Says Thank You to Achilles For This Useful Post:

mylove7636 (03-04-2010)

Achilles

Xem h s

Gi tin nhn n Achilles

Tm bi gi bi Achilles

#2
12-28-2008, 01:33 AM
Ngy tham gia: Dec 2008
Bi vit: 295
Achilles
Thanks: 9
Super Moderator
Thanked 11 Times in 10 Posts
4.Giao tip vi mng tht

GNS3 thng qua vic s dng Dynamips c th to cu ni gia interface trn router o vi
interface trn my tht ,cho php mng o giao tip c vi mng tht, Trn h thng
Windows, th vin Wincap c s dng to kt ni ny .
kt ni cc router o trong GNS3 vi h thng mng tht ta dng thit b Cloud ,gi s ta
cn kt ni t router o n card mng tn l Internal Lan c a ch l 192.168.1.2

Ko th router v "Cloud" vo GNS3

Click vo Cloud,ti Generic Ethernet NIO chn card mng router cn kt ni n,nu
khng r card no c th dng Network device list.cmd pht hin
Sau khi chn ng card mng th phi nhn vo Add bt u s dng
Bt u gi lp
Kt ni Fastethernet router o n Cloud ,trong trng hp no l Fa0/0 .Cu hnh a ch ip
cho interface fa0/0 sao cho cung lp mng vi card mn Internal Lan

Code:
Router>enable
Router#config terminal
Router(config)#interface fa0/0
Router(config-if)#ip address 192.168.1.10 255.255.255.0
Router(config-if)#no shutdown

Sau t router th ping n PC v gateway ca h thng mng tht

 Chc cc bn thc hnh tt vi GNS3

Achilles

Xem h s

Gi tin nhn n Achilles

Tm bi gi bi Achilles

#3
04-15-2009, 12:49 PM
Ngy tham gia: Jan 2009
vic2006vn Bi vit: 29
Junior Member Thanks: 0
Thanked 0 Times in 0 Posts

cho em hi ci ios kiem dau ra m em kiem hoai ko co vay?

 vic2006vn

Xem h s

Gi tin nhn n vic2006vn

Tm bi gi bi vic2006vn

#4
04-15-2009, 02:58 PM
Ngy tham gia: Dec 2008
Bi vit: 295
Achilles
Thanks: 9
Super Moderator
Thanked 11 Times in 10 Posts

Mt s IOS dng c cho GNS3:

http://rapidshare.com/files/13441395...mz.124-2.T.bin

http://rapidshare.com/files/13443944...s-mz.124-3.bin

http://rapidshare.com/files/13443945...9-mz.124-3.bin

Achilles

Xem h s

Gi tin nhn n Achilles

Tm bi gi bi Achilles

#5
04-15-2009, 05:17 PM
Ngy tham gia: Dec 2008
Bi vit: 183
anhukyo
Thanks: 5
Moderator
Thanked 7 Times in 7 Posts
B sung mt s IOS dng m phng vi GNS3
==>http://gns3.blogspot.com/2007/10/ios.html
__________________

Code:

Nothing is Impossible!

anhukyo

Xem h s

Gi tin nhn n anhukyo

Xem trang ch ca anhukyo

Tm bi gi bi anhukyo

#6
05-04-2009, 10:10 AM
Ngy tham gia: Jan 2009
vic2006vn Bi vit: 29
Junior Member Thanks: 0
Thanked 0 Times in 0 Posts

cc bn cho mnh hi vi ,mnh s dng gns gi lp thc hnh CCNA,m hnh ca mnh gm
router v 2 host,phn router th em cu hnh rip,ospf c ht,nhng host cu hnh ip test th
khng bit cu hnh u.xin gip

vic2006vn

Xem h s

Gi tin nhn n vic2006vn

 Tm bi gi bi vic2006vn

#7
05-04-2009, 10:28 PM
Ngy tham gia: Dec 2008
Bi vit: 295
Achilles
Thanks: 9
Super Moderator
Thanked 11 Times in 10 Posts

Trch dn:

Nguyn vn bi vic2006vn
cc bn cho mnh hi vi ,mnh s dng gns gi lp thc hnh CCNA,m hnh ca mnh
gm router v 2 host,phn router th em cu hnh rip,ospf c ht,nhng host cu hnh ip
test th khng bit cu hnh u.xin gip
Bn c th kt hp vi VMWare v GNS3 thc hnh bi lab ny

Achilles

Xem h s

Gi tin nhn n Achilles

Tm bi gi bi Achilles

#8
01-08-2010, 09:24 PM
Ngy tham gia: Aug 2009
dinhvut1 Bi vit: 37
Member Thanks: 1
Thanked 0 Times in 0 Posts

cho em hi , cch kt hp gia VMWare v GNS3 l nh th no vy ? gi s m hnh ca em l

2 router cu hnh trn GNS3 v 2 my server cu hnh trn VMWare . vy c th thit lp c
ko vy ?

dinhvut1
 Xem h s

Gi tin nhn n dinhvut1

Tm bi gi bi dinhvut1

#9
01-08-2010, 10:09 PM
Ngy tham gia: Dec 2008
Bi vit: 295
Achilles
Thanks: 9
Super Moderator
Thanked 11 Times in 10 Posts

c ht thi, ch cn kt ni router trn GNS3 v card mng my o trong VMWare cng

VNET l c
__________________
Hng dn Upload hnh nh vo Forum

Achilles

Xem h s

Gi tin nhn n Achilles

Tm bi gi bi Achilles

#10
01-12-2010, 02:50 PM
Ngy tham gia: Aug 2009
dinhvut1 Bi vit: 37
Member Thanks: 1
Thanked 0 Times in 0 Posts

cm n anh , em s vc th xem sao

dinhvut1

Xem h s
Gi tin nhn n dinhvut1

Tm bi gi bi dinhvut1

Hng dn s dng GNS3- gi lp Cisco Router_phn I

I, Gii thiu.

- GNS3 l phn mm dng gi lp cisco router do Cristophe Fillot vit ra, n tng t nh
VMWare. Tuy nhin n s dng IOS thc ca Cisco gi lp router.

- Phn mm ny c vit ra nhm:

+ Gip mi ngi lm quen vi thit b Cisco.

+ Kim tra v th nghim nhng tnh nng trong cisco IOS.

+ Test cc m hnh mng trc khi i vo cu hnh thc t.

- s dng GNS3,bn c th download ti y: http://www.gns3.net/downlo...

II, Hng dn cch ci t.

- Kch p chut vo file va download v ( version hi n ti l 0.6 ) v tin hnh ci t bnh

thng theo ch mc nh bng cch nhn Next.
- Nhn Next.

- Nhn I Agree.
- Nhn Next.

- Cc phn mm km theo s c ci mc nh. Nhn Next.

- Nhn Install bt u ci t,- Nhn Next ci Winpcap.
- Kt thc qu trnh ci t Winpcap nhn Finish chuyn sang ch ci t chnh.

- Tip theo bn nhn Next.

- Nhn Finish hon tt vic ci t GNS3.

III, Cu hnh GNS3.

- Bn kch chut vo biu tng GNS3 trn Desktop vo giao din chnh:

- Trn giao din Bn kch chut vo Exit->prefernces (ctrl +shifl +p)

- Bn chon ng dn n th mc Dynamips.(m c nh ri!) --> nhn Test kim tra. --->
nhn OK!

- Bc tip theo bn add HDH IOS bng cch: Vo Exit -> IOS images and hypervisors /IOS
images.

- Bn c th dowload IOS ti y: http://rapidshare.com/file...

- Chn ng dn n th mc cha IOS, bng cch kch vo images file. y ti chon router
c2691. Sau khi chn ng dn n IOS xong bn nhn chon Save -> Close .
- Tip theo bn kch chut vo router C2691 gi v ko th vo bn cnh. Lc ny bn s thy
tab Topology Summary router (Ro) s bo mu ngha l router ang ch Turn off.

- Bn bt ln bng cch kch phi chut vo router chon start, bn s thy Ro bo mu xanh.
- Khi Start ln bn vo Task manager s thy CPU l 100%.

- Lc ny bn kch phi chut vo router chn Idle PC v ch trong giy lt.

- kch chon t c du * nhn ok.

- By gi bn xem li CPU xung ng k.

- Nhn phi chut vo router chon console bt u....chi!

- i kt ni trong giy lt sau router cho bn la chon yes hoc No. Bn chn No vo cu
hnh.

- Bt u cu hnh nhu bnh thng.

- Nh vy l hon tt qu trnh ci t v cu hnh GNS3. Cc bn c th add thm nhng

router khc, switch. Hoc l cu hnh cho mt mng WAN. Vi iu kin cu hnh my ca bn
phi cao, t nht RAM phi l 512k.
- Chc cc bn thnh cng!

Lab 1.5 Cu hnh Telnet

t ny bn vi ci n lp trnh qu nn khng c thi gian vit bi cho website nhiu lc

cng mun post bi lm c nhiu ci mun chia s cho anh em lm. Th m Times hn hp qu
nhng khng sao ta khc phc dn dn. Ti nay gp Mr Cng ri lm cho mt cu "Mi ngi
ang nhc ti em " nn quyt nh bt cht thi gian vit tip h thng bi lab v bn Cisco
Hm nay gii thiu v 2 giao thc c s dng cho vic kt ni lm vic t xa. l Telnet
v SSH nhng hm nay ch gii thiu Telnet ri hm sau mi hng dn cc bn bng cch SSH
Telnet l m t giao thc u cui o (virtual terminal) l m t phn ca chng giao thc TCP/IP.
Telnet cho php to kt ni vi thit b t xa, thu th p thng tin v chy chng trnh.

+ Virtual terminal (VTY) lines cho php vi c truy c p vo router thng qua cc phin ni kt
Telnet. VTY lines khng ni trc tip vo cc cngs nh cch TTY ni vo asynchronous
interface m l cc kt ni o vo router thng qua a ch ca ethernet port (cng ethernet).
Router to nhng VTY lines m t cch linh ng, trong khi TTY lines l ch ni kt vo
nhng cng v t l. Khi ngi dng kt ni vo router bng VTY line, ngi dng ang kt
ni vo m t cng o trn cng.
By gi ta bt u bi lab ca mnh. y ti hng dn cc bn dng GNS3 cho bi lab lun.
Cch cu hnh thit lp v..v...

y l mn hnh u tin khi khi ng

GNS3 n yu cu bn nhp Project vo
cc router chy c th cc bn phi ch IOS cho cc loi router ca minh. y ti kim
tra li xem IOS c vi nhng loi router no
ch ng dn cho IOS Images cc bn lm theo hnh. Khi mi cu hnh GNS3 ln u tin
cc bn cng vo y chi IOS cho router
Xem cc loi IOS c trong h thng GNS

Ok thit k cho m hnh ca mnh no

Drag chut t con thit b mnh cn ra gia mn hnh ri th chut. d nh n cm phi ko b

con
Start Router ln no
cc bn hy chn mt router ri click phi chn start hoc nhn vo nt xanh bn trn thanh
menu bar. Nh l start tng ci ri get ID PC cho n xong mi lm ti con router khc khng l
my ng cc bn . Tui ln u lm cng b dnh

Chn gi tr IDpc cho router tng ng n

Ch mt lc ri ca s ny hin ra v x xung chn gi tr no c du * u

Ri router cn li lm tng t nh l lm tng ci mt va sau khi gn idpc cho n ri mi lm

cc bc tip theo nh
Ni dy cho cc thit b
Cc bn nn nh l Switch vi router th ni bng cap FastEthenet nh. v router vi router th
bng serial nh. Lc ni router v router th cc bn lu mt t l chng ta nhn ctrl chn 2
router nh ni dy xong ri mi chn loi dy ni n mi dc khng th n c bo li hoi .
Cc bn click phi v chn console nh hnh vo ch cu hnh

Ri ta phi vo router cu hnh thi

Nhn enter kt ni
n du nhc cc bn bt u nhp cc lnh c bn m mnh hc trong bi lab 1.3
y l cc cu lnh c bn m mnh phi dng

Cu hnh interface

Cp clock rate cho interface S1/0 ca R0

Cu hnh cho php telnet vo thit b

V chng ta cu hnh telnet nhng thit b m ta mun kt ni vo.

Sau cc bn c th mode c du # v nhp cu lnh telnet dc my mun telnet
khi n bt bn phi nhp password xc thc sau th bn c th lm mi th qua thit b
ang telnet vo v thot ra bng cu lnh exit.
Hm trc anh Cng c a cho cc bn link down IOS ri nhng v cha nn mnh s gi
thm cho cc bn link down IOS
ca con 7200, 3725, 3600
Click here go to download IOS Cisco

BI VIT V ROUTING PROTOCOLS CHO CP CCNA

Article Tc gi: ng Quang Minh

I. SO SNH CLASSFUL V CLASSLESS ROUTING PROTOCOLS

Cc routing protocols nhm classful khng qung b network mask cng vi a ch destination
trong cc gi routing update. Do , khi router nhn c cc update ny, router phi ly gi tr
network-mask mc nh c cng vi a ch lp mng ca a ch ch.

Nu a ch ch l kt ni trc tip (connected), network-mask uc ly cng vi mask uoc cu

hnh trn interface kt ni n mng . Nu dia ch dest khong connected, router s ly dia chi
SM default cua dia chi ch

Cc routing protocols nhm classless cho php router gi subnetmask trong cc qung b
routing. Do , classless cho phep s dng VLSM (l c ch cho php phn chia cc subnet c
cc gi tr netmask khc nhau trn mng v cc subnet ny c th kt ni c vi nhau). Ngoi
ra, classless cho php phn bit cc subnet all-zeros v subnet dnh cho broadcast (all-ones),
trong khi classfull th khng.

V d 1:

Gi s chng ta c mt mng nh th ny, mng ny chy routing protocol l RIP Version 1

Mang A(10.10.0.0)--->Router1<----(192.168.10.0)--->Router2<----Mng B(10.11.0.0)

Mng ny cu hnh rt d nhng khi config xong th mng khng chy: bn s thy trong bng
nh tuyn Router1 khng c ng n mng B(10.11.0.0) cn trong bng nh tuyn Router2
khng c ng n mng A(10.10.0.0). khi chng ta khng th t ngi t Router1 ping sang
mng B c??

Ti sao li vy?

Nguyn nhn l: RIP version 1 l classful routing protocol, khi qung b thng tin nh tuyn
n router khc s khng c thng tin v subnet mask.

Router1 c mng 10.10.0.0 connected th n hiu l mng 10.0.0.0 (ly subnetmask mc nh

l 8), do khi Router2 gi thng tin v mng B n Router 1. Router1 ngh rng: N c
mng 10.10.0.0 (mng A, c subnet l /16) connected ri, gi li nhn c mt thng tin v
mng 10.0.0.0 (thc cht l mng B) na nhng vi mng ny km chi tit hn (/8), th th n s
khng thm con ng n mng B na. Chnh v th trong routing table ca Router1 s khng
c route no n mng B (10.11.0.0/16).

gii quyt vn ny, dng static routing hoc dng cc routing h tr VLSM.
Khi ny th cn phi c cc routing protocol support VLSM ( nh RIP v2, OSPF , hay EIGRP)

Cn RIP v1 ch h tr classfull. Ngha l trong 1 topology, tt c cc subnet ch c chia cng

mt subnet mask duy nht. V khi cc routing protocol nhn cc routing update v cc net khc
(cc network khng kt ni trc tip), th cc classfull routing protocol s ly gi tr subnet mask
trn cng (interface) ca router m n nhn c routing update v cc NET .

V d 2:
Khi gi update:

Trc khi router1 gi update cho router2, n kim tra thng tin sau: Thng tin subnet c cng
mng ln (major net) vi interface (s gi update) khng?

- Khng: Router1 tng hp a mng v major net v qung co mng tng hp ny.

- C: Mng c cng subnet mask vi interface (s gi update) khng?

+ C: Router 1 s advertise subnet
+ Khng: Router s loi b network, v khng advertise n.

Khi nhn update :

KHi RIP hay IGRP nhn mt update, chng thc hin kim tra trc khi chp nhn update v s
dng subnetmask. Qu trnh sau s din ra trc khi Route2 chp nhn update t Router 1:
Subnet nhn c trong update c cng major net vi interface nhn update khng?

- C: Router 2 dng mask ca interface nhn update. Ny mng c qung co c mt bit lm

host th Router 2 s dng host mask /32. Trong trng hp RIP, n tip tc advertise route /32 ti
cc router khc, nhng IGRP th khng.

- Khng : C bt k subnet ca major net tn ti trong bng nh tuyn khng (bit t cc

interface khc)? Ch mng ca upadate
+ C: router 2 b qua update.
+ Khng: Router 2 dng classful mask.

V d c th vo hnh:
Gi update:

Router 1 gi update ti router 2, n thc hin cc kim tra:

131.108.5.0/24 c cng major net vi 131.108.2.0/24 khng ?

- C: Mng 131.108.5.0/24 c cng subnet mask vi 131.108.2.0/24 khng?
+ C: Router 1 advertise network

137.99.88.0/24 c cng major net vi 131.108.2.0/24 khng?

- Khng: Router 1 summarizes 137.99.88.0/24 thnh major net v advertises mng l
137.99.0.0.

Kt qu qu trnh ny Router 1 l gi 131.108.5.0 v 137.99.0.0 trong update ti Router 2. C

th dng lnh debug ip rip trn Router 1 kim tra:

RIP: sending v1 update to 255.255.255.255 via Serial0 (131.108.2.2)

subnet 131.108.5.0, metric 1
network 137.99.0.0, metric 1

Nhn update:

Dng lnh debug ip rip, c th thy cc update nhn c trn Router 2 t Router 1:
RIP: received v1 update from 131.108.2.2 on Serial0
131.108.5.0 in 1 hops
137.99.0.0 in 1 hops

Router 2 s thc hin nh sau:

Major net 137.99.0.0 nhn c c cng vi 131.108.2.0 (interface nhn update) khng?
- Khng: C bt k subnet no ca major net ny trong bng nh tuyn (bit c t cc
interface khc) khng?
+ Khng: Router2 chp nhn mask mc nh (/16) v 137.99.0.0 l a ch lp B.

Subnet 131.108.5.0 c cng major net vi subnet 131.108.2.0 khng?

- C: Router 2 dng mask /24, l mask nhn ca interface nhn update.

Qu trnh ny dn ti kt qu bng nh tuyn Router2 khi dng lnh sho ip route nh sau:

R 137.99.0.0/16 [120/1] via 131.108.2.2, 00:00:07, Serial0

131.108.0.0/24 is subnetted, 3 subnets
R 131.108.5.0 [120/1] via 131.108.2.2, 00:00:08, Serial0
C 131.108.2.0 is directly connected, Serial0
C 131.108.3.0 is directly connected, Ethernet0
--------------------------------------------------------------------------------

Tm tt:

Classful l cch m bn mun chia mt class IP ra bao nhiu phn cng c v cc phn c
ct ra lun lun = nhau . VLSM l cch m bn mun chia mt class bao nhiu phn ty v
mi phn ct ra c kch thc ln nh ty , khc vi classful ch khi route n phi km theo
SM. CIDR l cch m bn c c mt subnet ln (supernet) bng cch ly nhiu subnet (C)
ghp li nhng supernet ny c bit khc vi 2 subnet trn ch mc d c nhiu subnet
nhng n ch c mt entry trong routing table

II. SO SNH DISTANCE VECTOR V LINK-STATE:

Distance Vector v Link State u l cc giao thc nh tuyn ng (Dynamic Routing Protocol)
cu hnh trn cc thit b layer 3 ni chung v router Cisco ni ring.Chng u l cc Interior
Gateway Routing Protocol (IGP), c trin khai bn trong 1 khu vc c bit gi l Autonomos
System (AS,khu vc dng chung ti nguyn v chu chung s qun l k thut duy nht).

Distance vector:

Distance Vector gi bng routing ca n cho cc router neighbor bng cch broadcast thng tin
trong bn tin cp nht nh tuyn trn cc interface c cu hnh chy giao thc nh tuyn m
khng quan tm n vn cc router neighbor c nhn ng hay khng, khng cn chy gii
thut phc tp nhn tm ra route tt nht. V vy DV khng yu cu nhiu ti nguyn h thng
chy.

Tuy nhin, nhc im ca DV l cp nht theo chu k. Cc router phi sau mt s chu k mi
nhn c thng bo v cc thay i ca mng, t dn n vic loop trn mng (slow
convergence).
Mt s giao thc dng DV, nh RIP, dng hop-count lm thng s xc nh ng i tt nht,
nn khng thch hp vi mng ln, c nhiu link vi cc tnh cht: bandwidth, reliable... khc
nhau.

Cc routing protocol nhm distance vector s ly d liu v topology t thng tin mng trn
bng nh tuyn ca cc lng ging. Sau router s cp nht bng nh tuyn theo nh k. c
im ca distance vector l thi gian hi t chm. i vi cc routers ang chy routing protocol
nhm DV, nh k mi 30 giy, cc routers s trao i ton b bng routing table sang cho cc
routers k cn.

V cho d topology mng ca bn khng b thay i, cc routers vn gi update sau nhng

khong thi gian ny.

Link state:

Routing protocol nhm ny l s quan st tng th ton topology ca lin mng. Mi Router lm
vic c lp trong vic tnh ton ng dn ngn nht i n mng ch, cp nht thng c
khi pht t cc thay i ca topology, thi gian hi t nhanh chuyn cc cp nht nh tuyn
n cc router khc, s chim nhiu traffic khi khi ng v trao i cc topology bn cnh vi
nhau update vo routing table, tnh gii thut ng i ln nht v chim nhiu b nh (link state
routing protocols OSPF, NLSP, IS-IS).
Ti liu tham kho cho hc vin CCNA ca VnPro

My A mun lin lc vi my X,phi bit IP address ca n (hoc hostname/domainname).My

A d trong ARP cache tm a ch MAC ch c cha,nu cha s dng ARP gi thng ip
(broadcast) n tan mng .

C 2 trng hp:

1/ Host X cng segment vi n :

Host A gi thng ip vi a ch IP ch ( bit) v MAC ch l FF-FF-FF-FF-FF-FF hi

xem MAC ca a ch ny l g.Cc host trn segment u nhn v x l gi ny ,host no c a
ch IP trng vi yu cu s gi li thng tin cho host A l "IP ny c MAC l : ......".Host A nhp
thng tin vo ARP cache (RAM).Khi mun lin lc vi X th li tra trong ARP cache bit a
ch MAC cn n.

ARP l g?
Trong protocol TCP/IP c ARP protocol. ARP t ng cp nht cc MAC tng ng vi cc IP
v xy dng mt bng ARP table trong my tnh trong cng mng subnet.

Khi ny , nu A v X trong cng LAN, th khi A mun gi packet cho X, no' s match IP ca X
vi MAC tng ng trong bang ARP ca no'.
Nu A bit IP ca X , nhng khng match c MAC tng ng trong bang ARP ca no' , th khi
ny n s gi mt packet , gi l ARP request, vi a ch MAC broadcast FFFFFFFFFF . Khi
ny tt c my tnh trn cng mt mng s nhn c gi ny v chuyn ln lp Network; nhng
ch c my c IP match vi IP destination address trong ARP request mi gi tr li gi tin c
cha dia ch MAC tng ng m my A mun tm . Gi tin ny l ARP reply.

Khi gi tin ARP request s c MAC ngun l MAC ca A, MAC ch l FF-FF-FF-FF-FF-FF.

Nu Host X available trn Segment th n s bit l gi tin ny gi cho n nh vo a ch IP m

Host A ghi trong gi tin ARP request v n s tr li bng 1 gi tin ARP reply. Gi tin ARP reply
s c MAC ngun l MAC ca Host X, MAC ch l MAC ca Host A, khi Host A nhn c
gi tin ny t nhin s bit c MAC ca X.

Sau khi A nhn c ARP reply , n s m gi v update bng ARP table ca n: IP v MAC ca
my X.

2/ Host X khng cng segment vi host A :

lc phi nh n router forward yu cu ny n cc segment khc. Trong trng hp ny,

router s gi a ch MAC ca interface m nhn gi ARP request trn Router cho my gi ( my
A ).

Mt cch khc lin lc vi mt my tnh khc khng cng nm trn 1 segment l "default
gateway". Default Gateway l mt phn ca mt host (my tnh). N l mt a ch IP ca mt
interface trn router, v c cu hnh cho host. a ch IP ca host v ca Default Gateway phi
cng segment mng. Kh ny, my gi (A) s kim tra xem n v my nhn (B) c cng nm
trn mt subnet hay khng. Nu khng, n s ng gi packet gi vi IP destination address l
ca my nhn v MAC address destinaiton l ca Router ni vi subnet ca n.

Nu Proxy ARP hay default gateway khng c cu hnh, th khng c "traffic" no c th ri

khi mt subnet (mt mng cc b). Phi c mt trong hai ci c cu hnh ( hay cho php)
c th giao tip vi cc segment mng khac c.

"IP source v dest khng bao gi thay i, ch c MAC source v dest l thay i thi".
Proxy ARP: Theo cch thc hot ng ca proxy ARP, ta c th thy rng client khi mun bit
MAC ca mt host no , n ch n gin l broadcast ARP-Request ln mng. Router s c
trch nhim p tr li bng ARP-Reply nu n nhn thy IP-destination l thunc mng khc.
Nh vy, cu hnh IP cho client cc k n gin, nhng gnh nng li ln router. Th tng
tng c sau 1p', ARP-entry b hy b, th l cc client thi nhau broadcast ln mng th router
"tiu" nh chi. Ngoi ra, proxy ARP cn gp mt bt li nu trong segment c ti hn 1 router.
Chn router no, nu nh cc router u c route n mng ch?

Default-Gateway: Nu client bit rng IP-dest khng thuc mng ca n, n dng MAC ca
default-gateway gi gi tin, router default-gateway nhn ly gi tin s bit phi x l tip theo
nh th no (da trn IP source/destination). Cch ny gim ti cho router, gii quyt c
trng hp c nhiu router ni vo cng segment, v gy nhm ln.

Nu Host A c cu hnh s dng Defaul gateway trong TCP/IP protocol th gi tin ARP request
s khng phi dng Broadcast m c gi thng n cho Router ( TCP/IP stack quy nh nh
vy). Tt nhin gi c gi tin ny n cho Router th n cng phi request MAC ca defaul
gateway trn Router trc, sau khi c MAC ca default gateway th Host A s to 1 gi tin
ARP request MAC ca Host X vi IP ch l IP Host X, MAC ch l MAC ca default gateway.

Khi Router gateway nhn c gi tin ny th n s Forward qua interface trn segment thch
hp, ti y phn Datalink header s c ly ra (Pull out) v phn Datalink header mi s c
gn vo vi mc ch truyn trn Segment ca Host B. Khi Host B nhn c gi tin ARP
request th cng s tr li li bng gi tin ARP reply c gi n DF gateway trn Segment ca
n. Khi Router nhn c gi tin ny cng lm vic tng t nh khi gi i t Host A (pull out
Datalink header, gn datalink header mi v.v....)

Nu Host A khng c cu hnh default gateway (tt nhin s broadcast gi tin ARP request)
nhng nu Router trn Segment ca host A c chc nng ARP Proxy th cn c trn IP m gi tin
ARP request yu cu ROUTER s so snh vi Routing Table ca n v nhn gi tin ny nu
Match trong Routing table, sau s forward qua Segment thch hp. Qu trnh tip theo tng
t nh trng hp A.

Nh vy : nu 1 trong 2 default gateway ca 2 segment cu hnh sai th s dn n vic Host A

khng th lin lc c vi Host X v ngc li. Ngoi ra nu thi gian tn ti ca ARP cache
trong memory qu lu cng vi vic c thay i MAC ca DF gateway s dn n vic tm thi
khng th thc hin ARP request.

V d minh ha cho cc l thuyt nu trn:

xin lu cc IP ca source v destination l khng thay i ch c mac l thay i thi. cc bn
xem mt v d sau hiu hn nh

my A-------Router1--------router2--------router3------my B

u tin my A ng gi gi tin nh sau

IP ngun l IP ca my A. IP ch l IP ca my B xung n tng datalink my A s xem my B

c trong cng subnet vi mnh khng, trong trung hp ny l khng.

lc ny my A s dng :

MAC ngun l ca my A. MAC ch l mc ca interface trn router1 ni vi subnet A.

Router1 s xem IP ch c nm trong subnet ca mnh hay khng trong trung hp ny l khng,
lc ny router s dng gi a ch MAC ngun l mc ca interface m router ny ni vi
router2, mc ch s l mc trn interface ca router2, router2 cng x l ging router 1 v
chuyn n router3.

Router3 s xem IP ny c nm trong subnet ca mnh khng, nu c th n s xem xt a ch

mac tng ng vi IP ny (router3 bit c v n tra trong bng ARP ca n c cha my B v
B cng subnet) 1ng vi IP ny router3 xc nh c MAC l my B lc ny my B nhng n
vn gi Brodcast n tt c cc my trong subnet c my B nhng ch my B nhn gi tin v n
c MAC trng vi MAC ch trong gi tin.

A s gi 1 gi tin gi l ARP request (ARP = Address Resolution Protocol) bng c ch

broadcast tt c cc my u c th nhn c gi tin ny
b