Experiment No.

– 7

Aim: Subnet an IPv4 Network: Variable Length Subnetting.

Topology Diagram:

Addressing Tablesubnet 1 S1 192.168.0.0

Device Interface IP Address Subnet Mask Default Gateway

CustomerRouter G0/0 192.168.0.1 255.255.255.192 N/A

G0/1 192.168.0.65
S0/1/0 209.165.201.2 255.255.255.252
LAN-A Switch VLAN1 192.168.0.2 255.255.255.192 192.168.0.1
LAN-B Switch VLAN1 192.168.0.66 255.255.255.192 192.168.0.65

PC-A NIC 192.168.0.62 255.255.255.192 192.168.0.1

PC-B NIC 192.168.0.126 255.255.255.192 192.168.0.65

ISPRouter G0/0 209.165.200.225 255.255.255.224 N/A

S0/1/0 209.165.201.1 255.255.255.252
ISPSwitch VLAN1 209.165.200.226 255.255.255.224 209.165.200.225
ISP Workstation NIC 209.165.200.235 255.255.255.224 209.165.200.225
ISP Server NIC 209.165.200.240 255.255.255.224 209.165.200.225
Objectives:

Part 1: Design an IPv4 Network Subnetting Scheme

Part 2: Configure the Devices.
Part 3: Test and Troubleshoot the Network.

Background / Scenario:

In this activity, you will subnet the Customer network into multiple subnets. The subnet scheme should be
based on the number of host computers required in each subnet, as well as other network considerations,
like future network host expansion.

After you have created a subnetting scheme and completed the table by filling in the missing host and
interface IP addresses, you will configure the host PCs, switches and router interfaces.

After the network devices and host PCs have been configured, you will use the ping command to test for
network connectivity.

Instructions:

Part 1: Subnet the Assigned Network

Step 1: Create a subnetting scheme that meets the required number of subnets and required number
of host addresses.

In this scenario, you are a network technician assigned to install a new network for a customer. You must
create multiple subnets out of the 192.168.0.0/24 network address space to meet the following
requirements:
a. The first subnet is the LAN-A network. You need a minimum of 50 host IP addresses.
b. The second subnet is the LAN-B network. You need a minimum of 40 host IP addresses.
c. You also need at least two additional unused subnets for future network expansion.

Note: Variable length subnet masks will not be used. All of the device subnet masks should be the same
length.

d. Answer the following questions to help create a subnetting scheme that meets the stated
network requirements:

How many host addresses are needed in the largest required subnet?
50

What is the minimum number of subnets required?

4
The network that you are tasked to subnet is 192.168.0.0/24. What is the /24 subnet mask in binary?

e. The subnet mask is made up of two portions, the network portion, and the host portion. This is
represented in the binary by the ones and the zeros in the subnet mask.

In the network mask, what do the ones represent?

Network ID

In the network mask, what do the zeros represent?

Host Id

f. To subnet a network, bits from the host portion of the original network mask are changed into
subnet bits. The number of subnet bits defines the number of subnets.

Given each of the possible subnet masks depicted in the following binary format, how many subnets and
how many hosts are created in each example?

Hint: Remember that the number of host bits (to the power of 2) defines the number of hosts per subnet
(minus 2), and the number of subnet bits (to the power of two) defines the number of subnets. The subnet
bits (shown in bold) are the bits that have been borrowed beyond the original network mask of /24. The
/24 is the prefix notation and corresponds to a dotted decimal mask of 255.255.255.0. 1)

1) (/25) 11111111.11111111.11111111.10000000

Dotted decimal subnet mask equivalent:

Number of subnets? Number of hosts?2/

2) (/26) 11111111.11111111.11111111.11000000

Dotted decimal subnet mask equivalent:

Number of subnets? Number of hosts?

3) (/27) 11111111.11111111.11111111.11100000

Dotted decimal subnet mask equivalent:

Number of subnets? Number of hosts?

4) (/28) 11111111.11111111.11111111.11110000

Dotted decimal subnet mask equivalent:

Number of subnets? Number of hosts?

5) (/29) 11111111.11111111.11111111.11111000
Dotted decimal subnet mask equivalent:
Number of subnets? Number of hosts?

6) (/30) 11111111.11111111.11111111.11111100

Dotted decimal subnet mask equivalent:

Number of subnets? Number of hosts?

Considering your answers above, which subnet masks meet the required number of minimum host
addresses?
/26

Considering your answers above, which subnet masks meets the minimum number of subnets required?

Considering your answers above, which subnet mask meets both the required minimum number of hosts
and the minimum number of subnets required?

When you have determined which subnet mask meets all of the stated network requirements, derive each
of the subnets. List the subnets from first to last in the table. Remember that the first subnet is 192.168.0.0
with the chosen subnet mask.

Subnet Address Prefix Subnet Mask

192.168.0.0/192.168.0.63/64 /26

First usable address: 192.168.0.1 192.168.0.65 192.168.0.129 192.168.0.193

Last usable address: 192.168.0.62 192.168.0.126 192.168.0.190 192.168.0.254

Subnet Address Prefix Subnet Mask

192.168.0.64/192.168.0.127/64
192.168.0.128/192.168.0.191/64
192.168.0.192/192.168.0.255/64

Step 2: Fill in the missing IP addresses in the Addressing Table 192.168.0.0---192.168.0.63

Assign IP addresses based on the following criteria: Use the ISP Network settings as an example.256-
a. Assign the first subnet to LAN-A.
1) Use the first host address for the CustomerRouter interface connected to LAN-A switch.
2) Use the second host address for the LAN-A switch. Make sure to assign a default gateway
address for the switch.
3) Use the last host address for PC-A. Make sure to assign a default gateway address for the
PC.
 b. Assign the second subnet to LAN-B.
1) Use the first host address for the CustomerRouter interface connected to LAN-B switch.
2) Use the second host address for the LAN-B switch. Make sure to assign a default gateway
address for the switch.
3) Use the last host address for PC-B. Make sure to assign a default gateway address for the
PC.

Part 2: Configure the Devices

Configure basic settings on the PCs, switches, and router. Refer to the Addressing Table for device names
and address information.

Step 1: Configure CustomerRouter.

a. Set the enable secret password on CustomerRouter to Class123
b. et the console login password to Cisco123.
c. Configure CustomerRouter as the hostname for the router.
d. Configure the G0/0 and G0/1 interfaces with IP addresses and subnet masks, and then enable
them.
e. Save the running configuration to the startup configuration file.

Step 2: Configure the two customer LAN switches.

Configure the IP addresses on interface VLAN 1 on the two customer LAN switches. Make sure to
configure the correct default gateway on each switch.

Step 3: Configure the PC interfaces.

Configure the IP address, subnet mask, and default gateway settings on PC-A and PC-B.

Part 3: Test and Troubleshoot the Network

In Part 3, you will use the ping command to test network connectivity.
a. Determine if PC-A can communicate with its default gateway. Do you get a reply?
b. Determine if PC-B can communicate with its default gateway. Do you get a reply?
c. Determine if PC-A can communicate with PC-B. Do you get a reply?
 Experiment No. – 8 & 9

Aim 8: VLAN Creation.

Aim 9: TRUNK Creation.

Module Title: Inter-VLAN Routing.

Module Objective: Troubleshoot inter-VLAN routing on Layer 3 devices.

What is Inter-VLAN Routing?

VLANs are used to segment switched Layer 2 networks for a variety of reasons. Regardless of the
reason, hosts in one VLAN cannot communicate with hosts in another VLAN unless there is a router or
a Layer 3 switch to provide routing services.Inter-VLAN routing is the process of forwarding network
traffic from one VLAN to another VLAN.

There are three inter-VLAN routing options:

• Legacy Inter-VLAN routing: This is a legacy solution. It does not scale well.
• Router-on-a-Stick: This is an acceptable solution for a small to medium-sized network.
• Layer 3 switch using switched virtual interfaces (SVIs): This is the most scalable solution for
medium to large organizations.

Legacy Inter-VLAN Routing:

• The first inter-VLAN routing solution relied on using a router with multiple Ethernet interfaces.
Each router interface was connected to a switch port in different VLANs. The router interfaces
served as the default gateways to the local hosts on the VLAN subnet.
• Legacy inter-VLAN routing using physical interfaces works, but it has a significant limitation. It is
not reasonably scalable because routers have a limited number of physical interfaces. Requiring one
physical router interface per VLAN quickly exhausts the physical interface capacity of a router.

Note: This method of inter-VLAN routing is no longer implemented in switched networks and is
included for explanation purposes only.

VLAN Configuration
VLAN Ranges on Catalyst Switches:

Catalyst switches 2960 and 3650 support over 4000 VLANs.

VLAN Ranges on Catalyst Switches:

VLAN Creation Commands:

VLAN details are stored in the vlan.dat file. You create VLANs in the global configuration mode:

VLAN Creation Example:

• If the Student PC is going to be in VLAN 20, we will create the VLAN first and then name it.
• If you do not name it, the Cisco IOS will give it a default name of vlan and the four digit
number of the VLAN. E.g. vlan0020 for VLAN 20.

VLAN Port Assignment Commands:

Once the VLAN is created, we can then assign it to the correct interfaces.
VLAN Port Assignment Example:

We can assign the VLAN to the port interface.

• Once the device is assigned the VLAN, then the end device will need the IP address
information for that VLAN
• Here, Student PC receives 172.17.20.22

Data and Voice VLANs

Data and Voice VLAN Example:

• We will want to create and name both Voice and Data VLANs.
• In addition to assigning the data VLAN, we will also assign the Voice VLAN and turn on
QoS for the voice traffic to the interface.
• The newer catalyst switch will automatically create the VLAN, if it does not already exist,
when it is assigned to an interface.

Note: QoS is beyond the scope of this course. Here we do show the use of the mls qos trust [cos | device
cisco-phone | dscp | ip-precedence] command.

Verify VLAN Information:

Use the show vlan command. The complete syntax is:

show vlan [brief | id vlan-id | name vlan-name | summary]
Verify VLAN Information:

Change VLAN Port Membership:

There are a number of ways to change VLAN membership:

• re-enter switchport access vlan vlan-id command
• use the no switchport access vlan to place interface back in VLAN 1
• Use the show vlan brief or the show interface fa0/18 switchport commands to verify the
correct VLAN association.
Delete VLANs:

Delete VLANs with the no vlan vlan-id command.

Caution: Before deleting a VLAN, reassign all member ports to a different VLAN.
• Delete all VLANs with the delete flash:vlan.dat or delete vlan.dat commands.
• Reload the switch when deleting all VLANs.

Note: To restore to factory default – unplug all data cables, erase the startup-configuration and delete the
vlan.dat file, then reload the device.
Trunk Configuration Commands:

Configure and verify VLAN trunks. Trunks are layer 2 and carry traffic for all VLANs.

Trunk Configuration Example:

The subnets associated with each VLAN are:

VLAN 10 - Faculty/Staff - 172.17.10.0/24
VLAN 20 - Students - 172.17.20.0/24
VLAN 30 - Guests - 172.17.30.0/24
VLAN 99 - Native - 172.17.99.0/24

F0/1 port on S1 is configured as a trunk port.

Note: This assumes a 2960 switch using 802.1q tagging. Layer 3 switches require the encapsulation to
be configured before the trunk mode.
Verify Trunk Configuration:

Set the trunk mode and native vlan.

Notice sh int fa0/1 switchport command:
• Is set to trunk administratively
• Is set as trunk operationally (functioning)
• Encapsulation is dot1q
• Native VLAN set to VLAN 99
• All VLANs created on the switch will pass traffic on this trunk

Reset the Trunk to the Default State:

• Reset the default trunk settings with the no command.

• All VLANs allowed to pass traffic
• Native VLAN = VLAN 1
Verify the default settings with a sh int fa0/1 switchport command
Reset the Trunk to the Default State (Cont.):

Reset the trunk to an access mode with the switchport mode access command:
• Is set to an access interface administratively
• Is set as an access interface operationally (functioning)
Introduction to DTP:

Dynamic Trucking Protocol (DTP) is a proprietary Cisco protocol.

DTP characteristics are as follows:
• On by default on Catalyst 2960 and 2950 switches
• Dynamic-auto is default on the 2960 and 2950 switches
• May be turned off with the nonegotiate command
• May be turned back on by setting the interface to dynamic-auto
• Setting a switch to a static trunk or static access will avoid negotiation issues with the switchport
mode trunk or the switchport mode access commands.

Negotiated Interface Modes:

The switchport mode command has additional options.

Use the switchport nonegotiate interface configuration command to stop DTP negotiation.
Results of a DTP Configuration:

DTP configuration options are as follows:

Verify DTP Mode:

The default DTP configuration is dependent on the Cisco IOS version and platform.
• Use the show dtp interface command to determine the current DTP mode.
• Best practice recommends that the interfaces be set to access or trunk and to turnoff DTP
 Experiment No. – 10

Aim: Router-on-a-Stick Inter-VLAN Routing.

Router-on-a-Stick Scenario:

• In the figure, the R1 GigabitEthernet 0/0/1 interface is connected to the S1 FastEthernet 0/5 port. The
S1 FastEthernet 0/1 port is connected to the S2 FastEthernet 0/1 port. These are trunk links that are
required to forward traffic within and between VLANs.
• To route between VLANs, the R1 GigabitEthernet 0/0/1 interface is logically divided into three
subinterfaces, as shown in the table. The table also shows the three VLANs that will be configured on
the switches.

• Assume that R1, S1, and S2 have initial basic configurations. Currently, PC1 and PC2
cannot ping each other because they are on separate networks. Only S1 and S2 can ping each other,
but they but are unreachable by PC1 or PC2 because they are also on different networks.
• To enable devices to ping each other, the switches must be configured with VLANs and trunking, and
the router must be configured for inter-VLAN routing.

S1 VLAN and Trunking Configuration:

Complete the following steps to configure S1 with VLANs and trunking:

Step 1. Create and name the VLANs.
Step 2. Create the management interface.
Step 3. Configure access ports.
Step 4. Configure trunking ports.

S2 VLAN and Trunking Configuration:

The configuration for S2 is similar to S1.

R1 Sub-interface Configuration:

The router-on-a-stick method requires you to create a subinterface for each VLAN to be routed. A
subinterface is created using the interface interface_id subinterface_id global configuration mode
command. The subinterface syntax is the physical interface followed by a period and a subinterface
number. Although not required, it is customary to match the subinterface number with the VLAN number.

Each subinterface is then configured with the following two commands:

 • encapsulation dot1q vlan_id [native] - This command configures the subinterface to respond
to 802.1Q encapsulated traffic from the specified vlan-id. The native keyword option is only
appended to set the native VLAN to something other than VLAN 1.
• ip address ip-address subnet-mask - This command configures the IPv4 address of the
subinterface. This address typically serves as the default gateway for the identified VLAN.

Repeat the process for each VLAN to be routed. Each router subinterface must be assigned an IP address
on a unique subnet for routing to occur. When all subinterfaces have been created, enable the physical
interface using the no shutdown interface configuration command. If the physical interface is disabled,
all subinterfaces are disabled.

R1 Subinterface Configuration (Cont.):

In the configuration, the R1 G0/0/1 subinterfaces are configured for VLANs 10, 20, and 99.

Verify Connectivity Between PC1 and PC2:

The router-on-a-stick configuration is complete after the switch trunk and the router subinterfaces have
been configured. The configuration can be verified from the hosts, router, and switch.
From a host, verify connectivity to a host in another VLAN using the ping command. It is a good idea to
first verify the current host IP configuration using the ipconfig Windows host command.

Next, use ping to verify connectivity with PC2 and S1, as shown in the figure. The ping output
successfully confirms inter-VLAN routing is operating.

Verify Connectivity Between PC1 and PC2 ( Cont…):

Router-on-a-Stick Inter-VLAN Routing Verification:

In addition to using ping between devices, the following show commands can be used to verify and
troubleshoot the router-on-a-stick configuration.
• show ip route
• show ip interface brief
• show interfaces
• show interfaces trunk