CCNA R&S Bootcamp
Lab 1
Internetworking
Lab Tulis 1
Pada sesi ini, anda akan menyelesaikan Lab dibawah ini untuk memastikan bahwa anda sudah benar-benar sudah
mampu menerima informasi dan konsep yang telah di ajarkan oleh Instruktur:
• Lab 1.1: Pendefinisian Lapisan OSI dan Perangkat-perangkatnya
• Lab 1.2: Identifikasi Collision dan Broadcast Domain
• Lab 1.3: Konversi Biner/Desimal/Hexadesimal
Lab Tulis 1.1: Pendefinisian Lapisan OSI dan Perangkat-perangkatnya
Deskripsi Perangkat atau Lapisam
OSI
Perangkat ini mengirim dan menerima mengenai Lapisan Network
Lapisan ini membuat sebuah virtual circuit sebelum mengirimkannya antar dua end
station (perangkat akhir).
Lapisan ini menggunakan layanan access point.
Perangkat ini menggunakan hardware addresses (alamat fisik) untuk menyaring
sebuah network.
Ethernet didefinisikan pada lapisan ini.
Lapisan ini mendukung flow control dan sequencing.
Perangkat ini dapat menghitung jarak menuju sebuah remote network.
Logical addressing (alamat logika) digunakan pada lapisan ini.
Hardware addresses (alamat fisik) didefinisikan pada lapisan ini.
Perangkat ini menciptakan sebuah collision domain yang besar dan satu broadcast
domain yang besar pula.
Perangkat ini menciptakan banyak collision domain yang lebih kecil, tetapi
jaringan masih memiliki satu broadcast domain yang besar.
Perangkat ini tidak pernah menjalankan koneksi full duplex.
Perangkat ini memisahkan collision domain dan broadcast domains.
Lab Tulis 1.2: Identifikasi Collision dan Broadcast Domain
Gambar dibawah ini, coba identifikasi collision domain dan broadcast domain pada setiap perangkat spesifik dibawah
ini:
A. Hub
B. Bridge
C. Switch
D. Router
1
CCNA R&S Bootcamp
Lab Tulis 1.3: Konversi Biner/Desimal/Hexadesimal
1. Konversi dari decimal IP address ke format biner.
Lengkapi tabel dibawah ini untuk menunjukkan 192.168.10.15 dalam format biner.
128 64 32 16 8 4 2 1 Biner
Lengkapi tabel dibawah ini untuk menunjukkan 172.16.20.55 dalam format biner.
128 64 32 16 8 4 2 1 Biner
Lengkapi tabel dibwah ini untuk menunjukkan 10.11.12.99 dalam format biner.
128 64 32 16 8 4 2 1 Biner
2. Konversi format biner dibawah ini ke format desimal IP address.
Lengkapi tabel dibawah ini untuk menunjukkan 11001100.00110011.10101010.01010101 ke dalam format
desimal IP address.
128 64 32 16 8 4 2 1 Desimal
2
CCNA R&S Bootcamp
Lengkapi tabel dibawah ini untuk menunjukkan 11000110.11010011.00111001.11010001 kedalam format
desimal IP address.
128 64 32 16 8 4 2 1 Desimal
Lengkapi tabel dibawah ini untuk menunjukkan 10000100.11010010.10111000.10100110 kedalam format
desimal IP address.
128 64 32 16 8 4 2 1 Desimal
3. Konversi format biner dibawah ini kedalam format hexadesimal.
Lengkapi tabel dibawah ini untuk menunjukkan 11011000.00011011.00111101.01110110 kedalam format
hexadesimal.
128 64 32 16 8 4 2 1 Hexadesima
l
Lengkapi tabel dibawah ini untuk menunjukkan 11001010.11110101.10000011.11101011 kedalam format
hexadesimal.
128 64 32 16 8 4 2 1 Hexadesima
l
Lengkapi tabel dibawah ini untuk menunjukkan 10000100.11010010.01000011.10110011 kedalam format
hexadesimal.
128 64 32 16 8 4 2 1 Hexadesima
l
3
CCNA R&S Bootcamp
Lab 2
Introduction to TCP/IP
Lab Tulis 2
Jawablah pertanyaan dibawah ini tentang TCP/IP:
1. Sebutkan rentang Class C address dalam desimal dan biner?
Jawab:
2. Lapisan apakah dalam DoD model setara dengan lapisan Transport dari OSI model?
Jawab:
3. Sebutkan rentang alamat yang sah Class A network address?
Jawab:
4. Digunakan untuk apakah alamat 127.0.0.1?
Jawab:
5. Bagaimana cara anda menemukan network address dari sebuah daftar IP address?
Jawab:
6. Bagaimana cara anda menemukan broadcast address dari sebuah daftar IP address?
Jawab:
7. Sebutkan rentang Class A private IP address?
Jawab:
8. Sebutkan Class B private IP address?
Jawab:
9. Sebutkan Class C private IP address?
Jawab:
10. Sebutkan semua karakter yang dapat anda gunakan dalam pengalamatan hexadecimal?
Jawab:
4
CCNA R&S Bootcamp
Lab 3
Subnetting, Variable Length Subnet Masks (VLSMs),
and Troubleshooting TCP/IP
Labs 3
Pada sesi ini, anda akan menyelesaikan Lab dibawah ini untuk memastikan bahwa anda sudah benar-benar sudah
mampu menerima informasi dan konsep yang telah di ajarkan oleh Instruktur:
• Lab 3.1: Latihan Subnet #1
• Lab 3.2: Latihan Subnet #2
• Lab 3.3: Latihan Subnet #3
Lab Tulis 3.1: Latihan Subnet #1
Tuliskan subnet, broadcast address, dan rentang valid host utnuk pertanyaan 1 hingga 6:
1. 192.168.100.25/30
Jawab:
2. 192.168.100.37/28
Jawab:
3. 192.168.100.66/27
Jawab:
4. 192.168.100.17/29
Jawab:
5. 192.168.100.99/26
Jawab:
6. 192.168.100.99/25
Jawab:
7. Anda memiliki sebuah Class B network dan membutuhkan 29 subnet. Apa mask yang cocok?
Jawab:
8. Apakah broadcast address dari 192.168.192.10/29?
Jawab:
9. Berapa banyak host yang tersedia untuk sebuah Class C /29 mask?
Jawab:
5
CCNA R&S Bootcamp
10. Apakah subnet untuk host ID 10.16.3.65/23?
Jawab:
Lab Tulis 3.2: Latihan Subnet
Diberikan sebuah Class B network dan identifikasi bit jaringan (CIDR), Lengkapi tabel dibawah ini untuk
mengidentifikasi subnet mask dan jumlah host address yang mungkin untuk tiap mask.
Classful Address Subnet Mask Jumlah host per Subnet (2x – 2)
/16
/17
/18
/19
/20
/21
/22
/23
/24
/25
/26
/27
/28
/29
/30
Lab Tulis 3.3: Latihan Subnet Jumlah dari Subnet Jumlah dari Jumlah dari Host
dan Host Bit Subnet (2x) (2x – 2)
Desimal IP Address Address
Class
10.25.66.154/23
172.31.254.12/24
192.168.20.123/28
63.24.89.21/18
128.1.1.254/20
208.100.54.209/30
6
CCNA R&S Bootcamp
Lab 4
Cisco’s Internetworking Operating System (IOS)
and Security Device Manager (SDM)
Hands-on Lab
Pada sesi ini, anda akan melakukan command (perintah) pada sebuah Cisco router yang akan membantu anda
memahami apa yang anda pelajari pada Bab ini.
Perangkat IOS Version Interface IP Address
(Hostname c2600-i-mz.122-28.bin
FastEthernet0/0 192.168.1.1/24
) FastEthernet0/1 -
R1 Serial0/0
FastEthernet0/0 192.168.2.1/30
R2 c2600-i-mz.122-28.bin FastEthernet0/1 192.168.3.1/24
Serial0/0
R3 c2600-i-mz.122-28.bin Serial0/1 -
FastEthernet0/0 192.168.2.2/30
192.168.4.1/30
7 192.168.5.1/24
CCNA R&S Bootcamp
SW1 c2950-i6q4l2-mz.121-22.EA4.bin FastEthernet0/1 -
SW2 c2950-i6q4l2-mz.121-22.EA4.bin Serial0/0 192.168.4.2/30
SW3 c2950-i6q4l2-mz.121-22.EA4.bin FastEthernet0/1 – 24
PC1 FastEthernet0/1 – 24 -
PC2 FastEthernet0/1 – 24 -
PC3 FastEthernet0 -
FastEthernet0 192.168.1.254/24
FastEthernet0 192.168.3.254/24
192.168.5.254/24
Catatan:
Perlu anda ketahui, setiap Platform memiliki fitur, nama interface, dan jumlah interface yang berbeda-beda. Mohon
untuk melakukan verifikasi terlebih dahulu jika anda menggunakan Platform yang berbeda dari keterangan diatas agar
konfigurasi anda dapat berhasil dilakukan.
Pada Hands-on Lab Bab ini terdapat beberapa lab yang harus anda selesaikan agar Initial Configuration (Konfigurasi
Awal dapat berhasil dilakukan):
• Masuk ke sebuah Router
• Menghapus semua Konfigurasi Router (Factory Default)
• Menyesuaikan waktu dan Membuat Banner
• Membuat Password
o Password standard Console, VTY untuk R1 dan R3
o Kombinasi username password Console dan VTY untuk R2
• Membuat Hostname, Description, IP Address, dan Clock Rate
• Menyimpan Konfigurasi Router
• Test Konektifitas dan Verifikasi Konfigurasi
Pada Hands-on Lab Bab ini terdapat 6 lab yang harus anda selesaikan agar Initial Configuration (Konfigurasi Awal
dapat berhasil dilakukan):
Konfigurasi Router R1(DTE) menggunakan CLI:
--- System Configuration Dialog ---
Continue with configuration dialog? [yes/no]: no
Press RETURN to get started!
Router>enable files! Continue?
Router#config t
Router(config)#exit
Router#erase startup-config
Erasing the nvram filesystem will remove all configuration
[confirm]
[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
Router#reload
Proceed with reload? [confirm]
%SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.
--- System Configuration Dialog ---
Continue with configuration dialog? [yes/no]: no
8
CCNA R&S Bootcamp
Press RETURN to get started!
Router>enable
Router#clock set 09:00:00 01 jan 2012
Router#config t
Router(config)#hostname R1
R1(config)#banner motd #
Enter TEXT message. End with the character '#'.
"Selamat Datang ke Router R1"#
R1(config)#enable secret cisco
R1(config)#line console 0
R1(config-line)#password cisco
R1(config-line)#login
R1(config-line)#exit
R1(config)#line vty 0 4
R1(config-line)#password cisco
R1(config-line)#login
R1(config-line)#exit
R1(config)#interface fa0/0
R1(config-if)#description "terhubung ke SW1 fa0/24"
R1(config-if)#ip address 192.168.1.1 255.255.255.0
R1(config-if)#no shut
R1(config-if)#exit
R1(config)#interface se0/0
R1(config-if)#description "terhubung ke R2 se-0/0"
R1(config-if)#ip address 192.168.2.1 255.255.255.252
R1(config-if)#no shut
R1(config-if)#exit
R1(config)#exit
R1#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]
R1#
Konfigurasi Router R2(DCE) menggunakan CLI:
--- System Configuration Dialog ---
Continue with configuration dialog? [yes/no]: no
Press RETURN to get started!
Router>enable files! Continue?
Router#config t
Router(config)#exit
Router#erase startup-config
Erasing the nvram filesystem will remove all configuration
[confirm]
[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
Router#reload
9
CCNA R&S Bootcamp
Proceed with reload? [confirm]
%SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.
--- System Configuration Dialog ---
Continue with configuration dialog? [yes/no]: no
Press RETURN to get started!
Router>enable
Router#clock set 09:00:00 1 jan 2012
Router#config t
Router(config)#hostname R2
R2(config)#banner motd #
Enter TEXT message. End with the character '#'.
"Selamat Datang di Router R2"#
R2(config)#username admin privilege 15 password cisco
R2(config)#username user1 password cisco
R2(config)#line console 0
R2(config-line)#login local
R2(config-line)#exit
R2(config)#line vty 0 4
R2(config-line)#login local
R2(config-line)#exit
R2(config)#interface fa0/0
R2(config-if)#description "terhubung ke SW1 fa0/24"
R2(config-if)#ip address 192.168.3.1 255.255.255.0
R2(config-if)#no shut
R2(config-if)#exit
R2(config)#interface se0/0
R2(config-if)#description "terhubung ke R1 se-0/0"
R2(config-if)#ip address 192.168.2.2 255.255.255.252
R2(config-if)#clock rate 64000
R2(config-if)#no shut
R2(config-if)#exit
R2(config)#int se0/1
R2(config-if)#description "terhubung ke R3 se-0/0"
R2(config-if)#ip add 192.168.4.1 255.255.255.252
R2(config-if)#clock rate 64000
R2(config-if)#no shut
R2(config-if)#exit
R2(config)#exit
R2#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]
R2#
Konfigurasi Router R3(DTE) menggunakan CLI:
--- System Configuration Dialog ---
Continue with configuration dialog? [yes/no]: no
10
CCNA R&S Bootcamp
Press RETURN to get started!
Router>enable files! Continue?
Router#config t
Router(config)#exit
Router#erase startup-config
Erasing the nvram filesystem will remove all configuration
[confirm]
[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
Router#reload
Proceed with reload? [confirm]
%SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.
--- System Configuration Dialog ---
Continue with configuration dialog? [yes/no]: no
Press RETURN to get started!
Router>enable
Router#clock set 09:00:00 1 jan 2012
Router#config t
Router(config)#hostname R3
R3(config)#enable password cisco
R3(config)#service password-encryption
R3(config)#line console 0
R3(config-line)#password cisco
R3(config-line)#login
R3(config-line)#exit
R3(config)#line vty 0 4
R3(config-line)#password ciso
R3(config-line)#password cisco
R3(config-line)#login
R3(config-line)#exit
R3(config)#interface fa0/0
R3(config-if)#description "terhubung ke SW1 fa0/24"
R3(config-if)#ip address 192.168.5.1 255.255.255.0
R3(config-if)#no shut
R3(config-if)#exit
R3(config)#interface se0/0
R3(config-if)#description "terhubung ke R2 se-0/1"
R3(config-if)#ip address 192.168.4.2 255.255.255.252
R3(config-if)#no shut
R3(config-if)#exit
R3(config)#exit
R3#write
Building configuration...
[OK]
R3#
Test Konektifitas dan Verifikasi Konfigurasi:
R1#ping 192.168.2.2
Type escape sequence to abort.
11
CCNA R&S Bootcamp
Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/25/32 ms
R1#
R1#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 192.168.1.1 YES manual up up
FastEthernet0/1 unassigned YES unset administratively down down
Serial0/0 192.168.2.1 YES manual up up
R1#
R1#show running-config
Building configuration...
Current configuration : 688 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname R1
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
interface FastEthernet0/0
description "terhubung ke SW1 fa0/24"
ip address 192.168.1.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial0/0
description "terhubung ke R2 se-0/0"
ip address 192.168.2.1 255.255.255.252
!
ip classless
!
banner motd ^C
"Selamat Datang ke Router R1"^C
!
line con 0
password cisco
login
line vty 0 4
password cisco
login
!
end
12
CCNA R&S Bootcamp
R1#
Catatan:
Lakukan juga Test Konektifitas dan Verifikasi pada R2 dan R3
Lab 5
Managing a Cisco
Internetwork
Hands-on Lab
Untuk menyelesaikan sesi lab berikut, Lakukan konfigurasi lanjutan dari Lab 4 dengan menyelesaikan point-point yang
disebutkan dibawah ini.
Perangkat IOS Version Interface IP Address
(Hostname c2600-i-mz.122-28.bin
FastEthernet0/0 192.168.1.1/24
) FastEthernet0/1 -
R1 Serial0/0
FastEthernet0/0 192.168.2.1/30
R2 c2600-i-mz.122-28.bin FastEthernet0/1 192.168.3.1/24
Serial0/0
Serial0/1 -
192.168.2.2/30
13 192.168.4.1/30
CCNA R&S Bootcamp
R3 c2600-i-mz.122-28.bin FastEthernet0/0 192.168.5.1/24
FastEthernet0/1 -
SW1 c2950-i6q4l2-mz.121-22.EA4.bin Serial0/0
SW2 c2950-i6q4l2-mz.121-22.EA4.bin FastEthernet0/1 – 24 192.168.4.2/30
SW3 c2950-i6q4l2-mz.121-22.EA4.bin FastEthernet0/1 – 24 -
PC1 FastEthernet0/1 – 24 -
PC2 FastEthernet0 -
PC3 FastEthernet0
FastEthernet0 192.168.1.254/24
192.168.3.254/24
192.168.5.254/24
Berikut adalah Lab yang harus anda selesaikan pada Bab ini, Lab ini hanya dilakukan di Router R1 sebagai contoh. Jika
anda menginginkannya, anda dapat melakukannya untuk Router lain:
• Melakukan Back-up IOS Router anda
• Melakukan Upgrade atau Restore IOS Router anda
• Melakunan Back-up dan Restore Konfigurasi Router anda
• Menggunakan Cisco Discovery Protocol (CDP) untuk Monitoring dan Manajemen
• Penggunaan Resolving Hostname
Melakukan Back-up IOS pada Router R1:
R1#show flash:
System flash directory:
File Length Name/status
3 5571584 c2600-i-mz.122-28.bin
2 28282 sigdef-category.xml
1 227537 sigdef-default.xml
[5827403 bytes used, 58188981 available, 64016384 total]
63488K bytes of processor board System flash (Read/Write)
R1#copy flash tftp
Source filename []? c2600-i-mz.122-28.bin
Address or name of remote host []? 192.168.1.2
Destination filename [c2600-i-mz.122-28.bin]?
Writing c2600-i-mz.122
28.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 5571584 bytes]
5571584 bytes copied in 6.189 secs (900000 bytes/sec)
R1#
Melakukan Upgrade atau Restore IOS pada Router R1:
R1#copy tftp flash
Address or name of remote host []? 192.168.1.2
Source filename []? c2600-advipservicesk9-mz.124-15.T1.bin
Destination filename [c2600-advipservicesk9-mz.124-15.T1.bin]?
Accessing tftp://192.168.1.2/c2600-advipservicesk9-mz.124-15.T1.bin...
Loading c2600-advipservicesk9-mz.124-15.T1.bin from
192.168.1.2: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
14
CCNA R&S Bootcamp
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 33591768 bytes]
33591768 bytes copied in 36.892 secs (95603 bytes/sec)
R1#show flash
System flash directory:
File Length Name/status
4 33591768 c2600-advipservicesk9-mz.124-15.T1.bin
3 5571584 c2600-i-mz.122-28.bin
2 28282 sigdef-category.xml
1 227537 sigdef-default.xml
[39419171 bytes used, 24597213 available, 64016384 total]
63488K bytes of processor board System flash (Read/Write)
R1#delete flash:
Delete filename []?c2600-i-mz.122-28.bin
Delete flash:/c2600-i-mz.122-28.bin? [confirm]
R1#config t
R1(config)#boot system flash c2600-advipservicesk9-mz.124-15.T1.bin
R1(config)#exit
R1#write
Building configuration...
[OK]
R1#reload
Proceed with reload? [confirm]
%SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.
R1#show version
Cisco IOS Software, 2600 Software (C2600-ADVIPSERVICESK9-M), Version 12.4(15)T1,
RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Wed 18-Jul-07 06:21 by pt_rel_team
ROM: System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1)
Copyright (c) 2000 by cisco Systems, Inc.
System returned to ROM by power-on
System image file is "c2600-advipservicesk9-mz.124-15.T1.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
15
CCNA R&S Bootcamp
If you require further assistance please contact us by sending email to
[email protected].
cisco 2621 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory
Processor board ID JAD05190MTZ (4292891495)
M860 processor: part number 0, mask 49
2 FastEthernet/IEEE 802.3 interface(s)
1 Low-speed serial(sync/async) network interface(s)
32K bytes of NVRAM.
16384K bytes of processor board System flash (Read/Write)
Configuration register is 0x2102
R1#
Melakukan Back-up dan Restore Konfigurasi pada Router R1:
R1#copy run tftp
Address or name of remote host []? 192.168.1.2
Destination filename [R1-confg]?
Writing running-config....!!
[OK - 745 bytes]
745 bytes copied in 3.141 secs (0 bytes/sec)
R1#
R1#copy tftp run
Address or name of remote host []? 192.168.1.2
Source filename []? R1-confg
Destination filename [running-config]?
Accessing tftp://192.168.1.2/R1-confg...
Loading R1-confg from 192.168.1.2: !
[OK - 745 bytes]
745 bytes copied in 0.063 secs (11825 bytes/sec)
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#
Menggunakan Cisco Discovery Protocol (CDP) untuk Monitoring & Manajemen pada Router
R1:
R1(config)#cdp run
R1(config)#exit
R1#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
Switch Fas 0/0 124 S 2950 Fas 0/24
R2 Ser 0/0 124 R C2600 Ser 0/0
R1#show cdp entry *
Device ID: Switch
Entry address(es):
16
CCNA R&S Bootcamp
Platform: cisco 2950, Capabilities: Switch
Interface: FastEthernet0/0, Port ID (outgoing port): FastEthernet0/24
Holdtime: 138
Version : Version 12.1(22)EA4, RELEASE
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M),
SOFTWARE(fc1)
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Wed 18-May-05 22:31 by jharirba
advertisement version: 2
Duplex: full
---------------------------
Device ID: R2
Entry address(es):
IP address : 192.168.2.2
Platform: cisco C2600, Capabilities: Router
Interface: Serial0/0, Port ID (outgoing port): Serial0/0
Holdtime: 138
Version :
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-I-M), Version 12.2(28), RELEASE SOFTWARE (fc5)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Wed 27-Apr-04 19:01 by miwang
advertisement version: 2
Duplex: full
R1# show cdp interface
FastEthernet0/0 is up, line protocol is up
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
FastEthernet0/1 is administratively down, line protocol is down
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
Serial0/0 is up, line protocol is up
Sending CDP packets every 60 seconds
Holdtime is 180 seconds
R1#
Penggunaan Resolving Hostname pada Router R1:
R1# config t
R1(config)#ip host R2 192.168.2.2
R1(config)#exit
R1#ping 192.168.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 17/31/46 ms
R1#ping R2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds:
!!!!!
17
CCNA R&S Bootcamp
Success rate is 100 percent (5/5), round-trip min/avg/max = 31/31/32 ms
R1#telnet R2
Trying 192.168.2.2 ...Open
"Selamat Datang di Router R2"
User Access Verification
Username: admin
Password:
R2#
Lab 6
IP Routing
Hands-on Labs
Pada hands-on lab ini, lakukan konfigurasi sesuai topologi dibawah ini.
Berikut adalah Lab yang harus anda selesaikan pada Bab ini:
• Konfigurasi Static Route pada R1,R2,R3
• Verifikasi Static Route pada R1, R2, R3
• Konfigurasi RIP pada R1, R2, R3
• Verifikasi RIP pada R1, R2, R3
Perangkat IOS Version Interface IP Address
(Hostname
18
CCNA R&S Bootcamp
)
R1 c2600-i-mz.122-28.bin FastEthernet0/0 192.168.1.1/24
-
FastEthernet0/1
192.168.2.1/30
Serial0/0 192.168.3.1/24
R2 c2600-i-mz.122-28.bin FastEthernet0/0 -
192.168.2.2/30
FastEthernet0/1 192.168.4.1/30
192.168.5.1/24
Serial0/0
-
Serial0/1 192.168.4.2/30
R3 c2600-i-mz.122-28.bin FastEthernet0/0 -
-
FastEthernet0/1 -
192.168.1.254/24
Serial0/0 192.168.3.254/24
192.168.5.254/24
SW1 c2950-i6q4l2-mz.121-22.EA4.bin FastEthernet0/1 – 24
SW2 c2950-i6q4l2-mz.121-22.EA4.bin FastEthernet0/1 – 24
SW3 c2950-i6q4l2-mz.121-22.EA4.bin FastEthernet0/1 – 24
PC1 FastEthernet0
PC2 FastEthernet0
PC3 FastEthernet0
Konfigurasi Static Route pada R1,R2,R3
R1#config t
R1(config)#ip route 192.168.3.0 255.255.255.0 192.168.2.2
R1(config)#ip route 192.168.4.0 255.255.255.252 192.168.2.2
R1(config)#ip route 192.168.5.0 255.255.255.0 192.168.2.2
R1(config)#exit
R1#
R2#config t
R2(config)#ip route 192.168.1.0 255.255.255.0 192.168.2.1
R2(config)#ip route 192.168.5.0 255.255.255.0 192.168.4.2
R2(config)#exit
R2#
R3#config t
R3(config)#ip route 192.168.1.0 255.255.255.0 192.168.4.1
R3(config)#ip route 192.168.2.0 255.255.255.252 192.168.4.1
R3(config)#ip route 192.168.3.0 255.255.255.0 192.168.4.1
R3(config)#exit
R3#
Verifikasi Static Route pada R1, lakukan sendiri untuk R2 dan R3:
R1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.1.0/24 is directly connected, FastEthernet0/0
192.168.2.0/30 is subnetted, 1 subnets
C 192.168.2.0 is directly connected, Serial0/0
S 192.168.3.0/24 [1/0] via 192.168.2.2
192.168.4.0/30 is subnetted, 1 subnets
S 192.168.4.0 [1/0] via 192.168.2.2
S 192.168.5.0/24 [1/0] via 192.168.2.2
19
CCNA R&S Bootcamp
R1#ping 192.168.3.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.254, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 80/90/94 ms
R1#ping 192.168.5.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.5.254, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 80/109/125 ms
R1#
Konfigurasi RIP pada R1, R2, R3
R1#config t
R1(config)#no ip route 192.168.3.0 255.255.255.0 192.168.2.2
R1(config)#no ip route 192.168.4.0 255.255.255.252 192.168.2.2
R1(config)#no ip route 192.168.5.0 255.255.255.0 192.168.2.2
R1(config)#router rip
R1(config-router)#network 192.168.1.0
R1(config-router)#network 192.168.2.0
R1(config-router)#exit
R1(config)#exit
R1#write
Building configuration...
[OK]
R1#
R2#config t
R2(config)#no ip route 192.168.1.0 255.255.255.0 192.168.2.1
R2(config)#no ip route 192.168.5.0 255.255.255.0 192.168.4.2
R2(config)#router rip
R2(config-router)#network 192.168.2.0
R2(config-router)#network 192.168.3.0
R2(config-router)#network 192.168.4.0
R2(config-router)#exit
R2(config)#exit
R2#write
Building configuration...
[OK]
R2#
R3#config t
R3(config)#no ip route 192.168.1.0 255.255.255.0 192.168.4.1
R3(config)#no ip route 192.168.2.0 255.255.255.252 192.168.4.1
R3(config)#no ip route 192.168.3.0 255.255.255.0 192.168.4.1
R3(config)#router rip
R3(config-router)#network 192.168.4.0
R3(config-router)#network 192.168.5.0
R3(config-router)#exit
R3(config)#exit
20
CCNA R&S Bootcamp
R3#write
Building configuration...
[OK]
R3#
Verifikasi RIP pada R1, lakukan sendiri untuk R2 dan R3:
R1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.1.0/24 is directly connected, FastEthernet0/0
192.168.2.0/30 is subnetted, 1 subnets
C 192.168.2.0 is directly connected, Serial0/0
R 192.168.3.0/24 [120/1] via 192.168.2.2, 00:00:23, Serial0/0
R 192.168.4.0/24 [120/1] via 192.168.2.2, 00:00:23, Serial0/0
R 192.168.5.0/24 [120/2] via 192.168.2.2, 00:00:23, Serial0/0
R1#show ip rip database
192.168.1.0/24 directly connected, FastEthernet0/0
192.168.2.0/30 directly connected, Serial0/0
192.168.3.0/24
[1] via 192.168.2.2, 00:00:01, Serial0/0
192.168.4.0/24
[1] via 192.168.2.2, 00:00:01, Serial0/0
192.168.5.0/24
[2] via 192.168.2.2, 00:00:01, Serial0/0
R1#ping 192.168.3.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 78/85/94 ms
R1#ping 192.168.5.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.5.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 94/114/125 ms
R1#
21
CCNA R&S Bootcamp
Lab 7
Enhanced IGRP (EIGRP) and
Open Shortest Path First (OSPF)
Hands-on Labs
Pada hands-on lab ini, lakukan konfigurasi sesuai topologi dibawah ini.
Berikut adalah Lab yang harus anda selesaikan pada Bab ini:
• Konfigurasi EIGRP dengan AS Number 10
• Verifikasi EIGRP
• Konfigurasi OSPF dengan Process-ID 10 dan menggunakan Backbone Area 0
• Verifikasi OSPF
• Konfigurasi OSPF pada BMA (Broadcast Multi-Access) Network
o Telusuri Proses pemilihan OSPF DR dan DBR
o Menjadikan Router R3 sebagai DR dengan Router-ID paling Tinggi
o Menjadikan Router R2 interface fa0/0 menjadi DR dengan Priority 255
22
CCNA R&S Bootcamp
Perangkat IOS Version Interface IP Address
(Hostname c2600-i-mz.122-28.bin
FastEthernet0/0 192.168.1.1/24
) FastEthernet0/1 -
R1 Serial0/0
FastEthernet0/0 192.168.2.1/30
R2 c2600-i-mz.122-28.bin FastEthernet0/1 192.168.3.1/24
Serial0/0
R3 c2600-i-mz.122-28.bin Serial0/1 -
FastEthernet0/0 192.168.2.2/30
SW1 c2950-i6q4l2-mz.121-22.EA4.bin FastEthernet0/1 192.168.4.1/30
SW2 c2950-i6q4l2-mz.121-22.EA4.bin Serial0/0 192.168.5.1/24
SW3 c2950-i6q4l2-mz.121-22.EA4.bin FastEthernet0/1 – 24
PC1 FastEthernet0/1 – 24 -
PC2 FastEthernet0/1 – 24 192.168.4.2/30
PC3 FastEthernet0
FastEthernet0 -
FastEthernet0 -
-
192.168.1.254/24
192.168.3.254/24
192.168.5.254/24
Konfigurasi EIGRP dengan AS Number 10 pada R1, R2, dan R3:
R1#config t
R1(config)#router eigrp 10
R1(config-router)#network 192.168.1.0
R1(config-router)#network 192.168.2.0
R1(config-router)#exit
R1(config)#exit
R1#write
Building configuration...
[OK]
R1#
R2#config t
R2(config)#router eigrp 10
R2(config-router)#network 192.168.2.0
23
CCNA R&S Bootcamp
R2(config-router)#network 192.168.3.0
R2(config-router)#network 192.168.4.0
R2(config-router)#exit
R2(config)#exit
R2#write
Building configuration...
[OK]
R2#
R3#config t
R3(config)#router eigrp 10
R3(config-router)#network 192.168.4.0
R3(config-router)#network 192.168.5.0
R3(config-router)#exit
R3(config)#exit
R3#
R3#write
Building configuration...
[OK]
R3#
Verifikasi EIGRP pada Router R1, lakukan hal yang sama pada Router R2 dan R3:
R1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.1.0/24 is directly connected, FastEthernet0/0
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
D 192.168.2.0/24 is a summary, 00:05:04, Null0
C 192.168.2.0/30 is directly connected, Serial0/0
D 192.168.3.0/24 [90/20514560] via 192.168.2.2, 00:03:40, Serial0/0
D 192.168.4.0/24 [90/21024000] via 192.168.2.2, 00:03:35, Serial0/0
D 192.168.5.0/24 [90/21026560] via 192.168.2.2, 00:02:04, Serial0/0
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 10
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 192.168.2.2 Se0/0 13 00:03:50 40
1000 0 11
R1#show ip eigrp traffic
IP-EIGRP Traffic Statistics for process 10
Hellos sent/received: 140/52
Updates sent/received: 4/5
Queries sent/received: 0/0
Replies sent/received: 0/0
Acks sent/received: 5/4
Input queue high water mark 1, 0 drops
SIA-Queries sent/received: 0/0
SIA-Replies sent/received: 0/0
24
CCNA R&S Bootcamp
R1#show ip eigrp topology
IP-EIGRP Topology Table for AS 10
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - Reply status
P 192.168.1.0/24, 1 successors, FD is 28160
via Connected, FastEthernet0/0
P 192.168.2.0/30, 1 successors, FD is 20512000
via Connected, Serial0/0
P 192.168.2.0/24, 1 successors, FD is 20512000
via Summary (20512000/0), Null0
P 192.168.3.0/24, 1 successors, FD is 20514560
via 192.168.2.2 (20514560/28160), Serial0/0
P 192.168.4.0/24, 1 successors, FD is 21024000
via 192.168.2.2 (21024000/20512000), Serial0/0
P 192.168.5.0/24, 1 successors, FD is 21026560
via 192.168.2.2 (21026560/20514560), Serial0/0
R1#show ip eigrp interfaces
IP-EIGRP interfaces for process 10
Interface Peers Xmit Queue Mean Pacing Time Multicast Pending
Fa0/0 0 Un/Reliable SRTT Un/Reliable Flow Timer Routes
Se0/0 1 1236
R1# 0/0 1236 0/10 0 0
0/0 0/10 0 0
Konfigurasi OSPF dengan Process-ID 10 Area 0 pada R1, R2, dan R3:
R1#config t
R1(config)#no router eigrp 10
R1(config)#router ospf 10
R1(config-router)#network 192.168.1.0 0.0.0.255 area 0
R1(config-router)#network 192.168.2.0 0.0.0.3 area 0
R1(config-router)#exit
R1(config)#exit
R1#write
Building configuration...
[OK]
R1#
R2#config t
R2(config)#no router eigrp 10
R2(config)#router ospf 10
R2(config-router)#network 192.168.2.0 0.0.0.3 area 0
R2(config-router)#network 192.168.3.0 0.0.0.255 area 0
R2(config-router)#network 192.168.4.0 0.0.0.3 area 0
R2(config-router)#exit
R2(config)#exit
R2#write
Building configuration...
[OK]
R2#
R3#config t
R3(config)#no router eigrp 10
25
CCNA R&S Bootcamp
R3(config)#router ospf 10
R3(config-router)#network 192.168.4.0 0.0.0.3 area 0
R3(config-router)#network 192.168.5.0 0.0.0.255 area 0
R3(config-router)#exit
R3(config)#exit
R3#write
Building configuration...
[OK]
R3#
Verifikasi OSPF pada Router R1, lakukan hal yang sama pada Router R2 dan R3:
R1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
C 192.168.1.0/24 is directly connected, FastEthernet0/0
192.168.2.0/30 is subnetted, 1 subnets
C 192.168.2.0 is directly connected, Serial0/0
O 192.168.3.0/24 [110/782] via 192.168.2.2, 00:03:53, Serial0/0
192.168.4.0/24 is variably subnetted, 2 subnets, 2 masks
R 192.168.4.0/24 [120/1] via 192.168.2.2, 00:00:22, Serial0/0
O 192.168.4.0/30 [110/1562] via 192.168.2.2, 00:03:41, Serial0/0
O 192.168.5.0/24 [110/1563] via 192.168.2.2, 00:01:51, Serial0/0
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
00:00:33 192.168.2.2 Serial0/0
192.168.4.1 0 FULL/ -
R1#show ip ospf database
OSPF Router with ID (192.168.2.1) (Process ID 10)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
192.168.2.1 192.168.2.1 250
192.168.4.1 192.168.4.1 138 0x80000003 0x00731a 3
192.168.5.1 192.168.5.1 126 0x80000005 0x009a65 5
0x80000003 0x0095e8 3
R1#show ip ospf interface
FastEthernet0/0 is up, line protocol is up
Internet address is 192.168.1.1/24, Area 0
Process ID 10, Router ID 192.168.2.1, Network Type BROADCAST, Cost: 1
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 192.168.2.1, Interface address 192.168.1.1
No backup designated router on this network
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:03
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
26
CCNA R&S Bootcamp
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 0, Adjacent neighbor count is 0
Suppress hello for 0 neighbor(s)
Serial0/0 is up, line protocol is up
Internet address is 192.168.2.1/30, Area 0
Process ID 10, Router ID 192.168.2.1, Network Type POINT-TO-POINT, Cost: 781
Transmit Delay is 1 sec, State POINT-TO-POINT, Priority 0
No designated router on this network
No backup designated router on this network
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:02
Index 2/2, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 1 , Adjacent neighbor count is 1
Adjacent with neighbor 192.168.4.1
Suppress hello for 0 neighbor(s)
R1#
Konfigurasi OSPF pada BMA (Broadcast Multi-Access) Network:
R1#config t
27
CCNA R&S Bootcamp
R1(config)#interface fa0/0
R1(config-if)#no description
R1(config-if)#description "terhubung ke SW-BMA fa0/1"
R1(config-if)#exit
R1(config)#exit
R1#write
Building configuration...
[OK]
R1#
R2#config t
R2(config)#int fa0/0
R2(config-if)#no ip address
R2(config-if)#ip add 192.168.1.2 255.255.255.0
R2(config-if)#no description
R2(config-if)#description "terhubung ke SW-BMA fa0/2"
R2(config-if)#exit
R2(config)#router ospf 10
R2(config-router)#no network 192.168.3.0 0.0.0.255 area 0
R2(config-router)#network 192.168.1.0 0.0.0.255 area 0
R2(config-router)#exit
R2(config)#exit
R2#write
Building configuration...
[OK]
R2#
R3#config t
R3(config)#int fa0/0
R3(config-if)#no ip add
R3(config-if)#no description
R3(config-if)#ip add 192.168.1.3 255.255.255.0
R3(config-if)#description "terhubung ke SW-BMA fa0/3"
R3(config-if)#exit
R3(config)#router ospf 10
R3(config-router)#no network 192.168.5.0 0.0.0.255 area 0
R3(config-router)#network 192.168.1.0 0.0.0.255 area 0
R3(config-router)#exit
R3(config)#exit
R3#write
Building configuration...
[OK]
R3#
Telusuri Proses pemilihan OSPF DR dan DBR:
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.4.1 1 FULL/BDR 00:00:38 192.168.1.2 FastEthernet0/0
192.168.5.1 1 FULL/DROTHER 00:00:34 192.168.1.3 FastEthernet0/0
192.168.4.1 0 FULL/ - 00:00:30 192.168.2.2 Serial0/0
R1#
R1#
R2#show ip ospf neighbor
28
CCNA R&S Bootcamp
Neighbor ID Pri State Dead Time Address Interface
192.168.2.1 1 FULL/DR 00:00:38 192.168.1.1 FastEthernet0/0
192.168.5.1 1 FULL/DROTHER 00:00:34 192.168.1.3 FastEthernet0/0
192.168.2.1 0 FULL/ - 00:00:30 192.168.2.1 Serial0/0
192.168.5.1 0 FULL/ - 00:00:35 192.168.4.2 Serial0/1
R2#
R3#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.2.1 1 FULL/DR 00:00:31 192.168.1.1 FastEthernet0/0
192.168.4.1 1 FULL/BDR 00:00:32 192.168.1.2 FastEthernet0/0
192.168.4.1 0 FULL/ - 00:00:37 192.168.4.1 Serial0/0
R3#
Menjadikan Router R3 sebagai DR dengan Router-ID paling Tinggi:
Perangkat Router-ID
(Hostname)
R1 10.10.1.1
R2 10.10.2.1
R3 10.10.3.1
R1#config t
R1(config)#router ospf 10
R1(config-router)#rou
R1(config-router)#router-id 10.10.1.1
R1(config-router)#exit
R1(config)#exit
R1#write
Building configuration...
[OK]
R1#
R2#config t End with CNTL/Z.
Enter configuration commands, one per line.
R2(config)#router ospf 10
R2(config-router)#router-id 10.10.2.1
R2(config-router)#exit
R2(config)#exit
R2#write
Building configuration...
[OK]
R2#
R3#config t
R3(config)#router ospf 10
R3(config-router)#router-id 10.10.3.1
R3(config-router)#exit
R3(config)#exit
R3#write
Building configuration...
[OK]
R3#
R1#show ip ospf neighbor
29
CCNA R&S Bootcamp
Neighbor ID Pri State Dead Time Address Interface
10.10.2.1 1 FULL/BDR 00:00:39 192.168.1.2 FastEthernet0/0
10.10.3.1 1 FULL/DR 00:00:32 192.168.1.3 FastEthernet0/0
10.10.2.1 0 FULL/ - 00:00:37 192.168.2.2 Serial0/0
R1#
Interface
R2#show ip ospf neighbor FastEthernet0/0
FastEthernet0/0
Neighbor ID Pri State Dead Time Address Serial0/0
10.10.3.1 1 FULL/DR 00:00:38 192.168.1.3 Serial0/1
10.10.1.1 1 FULL/DROTHER 00:00:32 192.168.1.1
10.10.1.1 0 FULL/ - 00:00:33 192.168.2.1 Interface
10.10.3.1 0 FULL/ - 00:00:37 192.168.4.2 FastEthernet0/0
R2# FastEthernet0/0
Serial0/0
R3#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address
10.10.1.1 1 FULL/DROTHER 00:00:33 192.168.1.1
10.10.2.1 1 FULL/BDR 00:00:36 192.168.1.2
10.10.2.1 0 FULL/ - 00:00:39 192.168.4.1
R3#
Menjadikan Router R2 interface fa0/0 menjadi DR dengan Priority 255:
R2#config t
R2(config)#interface fa0/0
R2(config-if)#ip ospf priority 255
R2(config-if)#exit
R2(config)#exit
R2#
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
10.10.3.1 1 FULL/BDR 00:00:31 192.168.1.3 FastEthernet0/0
10.10.2.1 00:00:31 192.168.1.2 FastEthernet0/0
10.10.2.1 255 FULL/DR 00:00:35 192.168.2.2 Serial0/0
R1# 0 FULL/ -
Interface
R2#show ip ospf neighbor FastEthernet0/0
FastEthernet0/0
Neighbor ID Pri State Dead Time Address Serial0/0
10.10.3.1 1 FULL/BDR 00:00:32 192.168.1.3 Serial0/1
10.10.1.1 1 FULL/DROTHER 00:00:32 192.168.1.1
10.10.1.1 0 FULL/ - 00:00:36 192.168.2.1 Interface
10.10.3.1 0 FULL/ - 00:00:30 192.168.4.2 FastEthernet0/0
R2# FastEthernet0/0
Serial0/0
R3#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address
10.10.1.1 1 FULL/DROTHER 00:00:33 192.168.1.1
10.10.2.1 00:00:33 192.168.1.2
10.10.2.1 255 FULL/DR 00:00:32 192.168.4.1
R3# 0 FULL/ -
30
CCNA R&S Bootcamp
Lab 8 & Lab 9
Layer 2 Switching and
Spanning Tree Protocol (STP) & VLAN
Hands-on Lab
Pada Lab untuk Bab ini, anda akan melakukan beberapa konfigurasi dibawah ini:
• Konfigurasi Dasar dari Switch
o Konfigurasi VTP
o Konfigurasi Port Trunk
o Konfigurasi Port Akses
• Konfigurasi R1 sebagai Inter-VLAN Routing menggunakan protocol 802.1q
• Verifikasi Konektifitas
• Konfigurasi dan Verifikasi Spanning Tree Protocol
o Optimisasi STP
o Configure PVST Rapid Spanning Tree Protocol
• Mengelola the MAC Address Table & Konfigurasi Port Security
31
CCNA R&S Bootcamp
• Mengelola Sistem Operasi Switch dan File Konfigurasi
o Backup dan Restore the Cisco IOS File ke Switch dari TFTP Server
o Backup dan Restore Konfigurasi File dari TFTP Server
o Recover Passwords on the Catalyst 2950
Perangkat IOS Version Interface IP Address Default Gateway
(Hostname c2600-i-mz.122-28.bin
FastEthernet0/0 - -
) FastEthernet0/1.10 172.17.10.1/24 -
R1 FastEthernet0/1.20 172.17.20.1/24 -
FastEthernet0/1.30 172.17.30.1/24 -
SW1 c2950-i6q4l2-mz.121-22.EA4.bin FastEthernet0/1.99 172.17.99.1 /24 -
SW2 c2950-i6q4l2-mz.121-22.EA4.bin
SW3 c2950-i6q4l2-mz.121-22.EA4.bin Serial0/0 - 172.17.99.1
PC1 VLAN 99 172.17.99.11/24 172.17.99.1
PC2 VLAN 99 172.17.99.12/24 172.17.99.1
PC3 VLAN 99 172.17.99.13/24 172.17.10.1
FastEthernet0 172.17.10.21/24 172.17.20.1
FastEthernet0 172.17.20.22/24 172.17.30.1
FastEthernet0 172.17.30.23/24
Perangkat Port Fungsi Network
(Hostname
Fa0/1 – 0/4 802.1q Trunks (Native VLAN 99) 172.17.99.0 /24
) Fa0/1 – 0/4 802.1q Trunks (Native VLAN 99) 172.17.99.0 /24
SW1 172.17.10.0 /24
SW2 Fa0/11 VLAN 10 – Faculty/Staff 172.17.20.0 /24
Fa0/18 VLAN 20 – Students 172.17.30.0 /24
SW3 Fa0/6 172.17.99.0 /24
PC1 Fa0/1 – 0/4 VLAN 30 – Guest (Default)
PC2 FastEthernet0 802.1q Trunks (Native VLAN 99) 172.17.10.1
FastEthernet0 172.17.20.1
172.17.10.21/24
172.17.20.22/24
32
CCNA R&S Bootcamp
PC3 FastEthernet0 172.17.30.23/24 172.17.30.1
Perangkat VTP Mode Operasi VTP Domain VTP Password
(Hostname
Server Lab cisco
) Client Lab cisco
SW1 Client Lab cisco
SW2
SW3
VLAN VLAN Name
VLAN 99 management
VLAN 10 faculty-staff
VLAN 20
VLAN 30 students
guest
Konfigurasi SW1: files! Continue?
Switch>enable
Switch#erase start
Erasing the nvram filesystem will remove all configuration
[confirm]
[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
Switch#reload
Proceed with reload? [confirm]
Switch>enable
Switch#config t
Switch(config)#hostname SW1
SW1(config)#enable secret cisco
SW1(config)#line console 0
SW1(config-line)#password cisco
SW1(config-line)#login
SW1(config-line)#exit
SW1(config)#line vty 0 4
SW1(config-line)#password cisco
SW1(config-line)#login
SW1(config-line)#exit
SW1(config)#no ip domain lookup
SW1(config)#ip default-gateway 172.17.99.1
SW1(config)#exit
SW1#write
Building configuration...
[OK]
SW1#
SW1#config t End with CNTL/Z.
Enter configuration commands, one per line.
SW1(config)#interface range fa0/1-24
SW1(config-if-range)#shutdown
SW1(config-if-range)#exit
SW1(config)#vtp mode server
Device mode already VTP SERVER.
SW1(config)#vtp domain Lab
Changing VTP domain name from NULL to Lab
SW1(config)#vtp password cisco
33
CCNA R&S Bootcamp
Setting device VLAN database password to cisco
SW1(config)#interface range fa0/1-5
SW1(config-if-range)#switchport mode trunk
SW1(config-if-range)#switchport trunk native vlan 99
SW1(config-if-range)#no shutdown
SW1(config-if-range)#exit
SW1(config)#vlan 99
SW1(config-vlan)#name management
SW1(config-vlan)#exit
SW1(config)#vlan 10
SW1(config-vlan)#name faculty-staff
SW1(config-vlan)#exit
SW1(config)#vlan 20
SW1(config-vlan)#name students
SW1(config-vlan)#exit
SW1(config)#vlan 30
SW1(config-vlan)#name guest
SW1(config-vlan)#exit
SW1(config)#interfac vlan 99
SW1(config-if)#ip address 172.17.99.11 255.255.255.0
SW1(config-if)#no shutdown
SW1(config-if)#exit
SW1(config)#
SW1#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/5, Fa0/6
Fa0/7, Fa0/8, Fa0/9, Fa0/10
Fa0/11, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24
10 faculty-staff active
20 students active
30 guest active
99 management active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
SW1#
Konfigurasi SW2: files! Continue?
Switch>enable
Switch#erase start
Erasing the nvram filesystem will remove all configuration
[confirm]
[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
Switch#reload
Proceed with reload? [confirm]
34
CCNA R&S Bootcamp
Switch>enable
Switch#config t
Switch(config)#hostname SW2
SW2(config)#enable secret cisco
SW2(config)#line console 0
SW2(config-line)#password cisco
SW2(config-line)#login
SW2(config-line)#exit
SW2(config)#line vty 0 4
SW2(config-line)#password cisco
SW2(config-line)#login
SW2(config-line)#exit
SW2(config)#no ip domain lookup
SW2(config)#ip default-gateway 172.17.99.1
SW2(config)#exit
SW2#write
Building configuration...
SW2#config t
SW2(config)#interface range fa0/1-24
SW2(config-if-range)#shutdown
SW2(config-if-range)#exit
SW2(config)#vtp mode client
Setting device to VTP CLIENT mode.
SW2(config)#vtp domain Lab
Domain name already set to Lab.
SW2(config)#vtp password cisco
Setting device VLAN database password to cisco
SW2(config)#interface range fa0/1-4
SW2(config-if-range)#switchport mode trunk
SW2(config-if-range)#switchport trunk native vlan 99
SW2(config-if-range)#no shutdown
SW2(config-if-range)#exit
SW2(config)#interface fa0/11
SW2(config-if)#switchport access vlan 10
SW2(config-if)#no shutdown
SW2(config-if)#exit
SW2(config)#interface fa0/18
SW2(config-if)#switchport access vlan 20
SW2(config-if)#no shutdown
SW2(config-if)#exit
SW2(config)#interface fa0/6
SW2(config-if)#switchport access vlan 30
SW2(config-if)#no shutdown
SW2(config-if)#exit
SW2(config)#interface vlan 99
SW2(config-if)#ip address 172.17.99.12 255.255.255.0
SW2(config-if)#no shutdown
SW2(config-if)#exit
35
CCNA R&S Bootcamp
SW2(config)#exit
SW2#write
Building configuration...
[OK]
SW2#
SW2#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/5, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/12, Fa0/13, Fa0/14
Fa0/15, Fa0/16, Fa0/17, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
10 faculty-staff Fa0/24
active Fa0/11
20 students active Fa0/18
30 guest active Fa0/6
99 management active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
SW2#
Konfigurasi SW3: files! Continue?
Switch>enable
Switch#erase start
Erasing the nvram filesystem will remove all configuration
[confirm]
[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
Switch#reload
Proceed with reload? [confirm]
Switch>enable
Switch#config t
Switch(config)#hostname SW3
SW3(config)#enable secret cisco
SW3(config)#line console 0
SW3(config-line)#password cisco
SW3(config-line)#login
SW3(config-line)#exit
SW3(config)#line vty 0 4
SW3(config-line)#password cisco
SW3(config-line)#login
SW3(config-line)#exit
SW3(config)#no ip domain lookup
SW3(config)#ip default-gateway 172.17.99.1
SW3(config)#exit
SW3#write
Building configuration...
SW3#config t
36
CCNA R&S Bootcamp
SW3(config)#interface range fa0/1-24
SW3(config-if-range)#shutdown
SW3(config-if-range)#exit
SW3(config)#vtp mode client
Setting device to VTP CLIENT mode.
SW3(config)#vtp domain Lab
Domain name already set to Lab.
SW3(config)#vtp password cisco
Setting device VLAN database password to cisco
SW3(config)#interface range fa0/1-4
SW3(config-if-range)#switchport mode trunk
SW3(config-if-range)#switchport trunk native vlan 99
SW3(config-if-range)#no shutdown
SW3(config-if-range)#exit
SW3(config)#interface vlan 99
SW3(config-if)#ip address 172.17.99.13 255.255.255.0
SW3(config-if)#no shutdown
SW3(config-if)#exit
SW3(config)#exit
SW3#write
Building configuration...
[OK]
SW3#
SW3#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
10 faculty-staff active
20 students active
30 guest active
99 management active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
SW3#
Konfigurasi R1 sebagai Inter-VLAN Routing menggunakan protocol 802.1q: Continue?
R1#erase startup-config
Erasing the nvram filesystem will remove all configuration files!
[confirm]
[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
R1#reload
Proceed with reload? [confirm]
Router>enable
37
CCNA R&S Bootcamp
Router#config t
Router(config)#hostname R1
R1(config)#enable secret cisco
R1(config)#line console 0
R1(config-line)#password cisco
R1(config-line)#login
R1(config-line)#exit
R1(config)#line vty 0 4
R1(config-line)#password cisco
R1(config-line)#login
R1(config-line)#exit
R1(config)#interface fa0/1
R1(config-if)#no ip address
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface fa0/1.10
R1(config-subif)#encapsulation dot1Q 10
R1(config-subif)#ip address 172.17.10.1 255.255.255.0
R1(config-subif)#exit
R1(config)#interface fa0/1.20
R1(config-subif)#encapsulation dot1Q 20
R1(config-subif)#ip address 172.17.20.1 255.255.255.0
R1(config-subif)#exit
R1(config)#interface fa0/1.30
R1(config-subif)#encapsulation dot1Q 30
R1(config-subif)#ip address 172.17.30.1 255.255.255.0
R1(config-subif)#exit
R1(config)#interface fa0/1.99
R1(config-subif)#encapsulation dot1Q 99 native
R1(config-subif)#ip address 172.17.99.1 255.255.255.0
R1(config-subif)#exit
R1(config)#interface fa0/0
R1(config-if)#description "terhubung ke web/tftp server"
R1(config-if)#ip address 172.17.50.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#ip route 0.0.0.0 0.0.0.0 172.17.50.254
R1(config)#exit
R1#write
Building configuration...
[OK]
R1#
Verifikasi Konektifitas PC1 dan SW1, lakukan sendiri untuk perangkat yang lain:
PC1>ping 172.17.10.1
Pinging 172.17.10.1 with 32 bytes of data:
Reply from 172.17.10.1: bytes=32 time=204ms TTL=255
Reply from 172.17.10.1: bytes=32 time=110ms TTL=255
38
CCNA R&S Bootcamp
Reply from 172.17.10.1: bytes=32 time=80ms TTL=255
Reply from 172.17.10.1: bytes=32 time=80ms TTL=255
Ping statistics for 172.17.10.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 80ms, Maximum = 204ms, Average = 118ms
PC1>ping 172.17.20.22
Pinging 172.17.20.22 with 32 bytes of data:
Reply from 172.17.20.22: bytes=32 time=188ms TTL=127
Reply from 172.17.20.22: bytes=32 time=188ms TTL=127
Reply from 172.17.20.22: bytes=32 time=172ms TTL=127
Reply from 172.17.20.22: bytes=32 time=156ms TTL=127
Ping statistics for 172.17.20.22:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 156ms, Maximum = 188ms, Average = 172ms
PC1>ping 172.17.30.23
Pinging 172.17.30.23 with 32 bytes of data:
Reply from 172.17.30.23: bytes=32 time=172ms TTL=127
Reply from 172.17.30.23: bytes=32 time=172ms TTL=127
Reply from 172.17.30.23: bytes=32 time=188ms TTL=127
Reply from 172.17.30.23: bytes=32 time=125ms TTL=127
Ping statistics for 172.17.30.23:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 125ms, Maximum = 188ms, Average = 161ms
PC1>ping 172.17.50.254
Pinging 172.17.50.254 with 32 bytes of data:
Reply from 172.17.50.254: bytes=32 time=156ms TTL=127
Reply from 172.17.50.254: bytes=32 time=125ms TTL=127
Reply from 172.17.50.254: bytes=32 time=110ms TTL=127
Reply from 172.17.50.254: bytes=32 time=109ms TTL=127
Ping statistics for 172.17.50.254:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 109ms, Maximum = 156ms, Average = 125ms
PC1>
SW1#ping 172.17.99.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.17.99.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 31/34/47 ms
39
CCNA R&S Bootcamp
SW1#ping 172.17.50.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.17.50.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 35/57/63 ms
SW1#
Konfigurasi dan Verifikasi Spanning Tree Protocol:
SW1#show spanning-tree vlan 10
VLAN0010
Spanning tree enabled protocol ieee
Root ID Priority 32778
Address 0000.0C76.1D62
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32778 (priority 32768 sys-id-ext 10)
Address 0000.0C76.1D62
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/1 Desg FWD 19 128.1 P2p
Fa0/2 Desg FWD 19 128.2 P2p
Fa0/3 Desg FWD 19 128.3 P2p
Fa0/4 Desg FWD 19 128.4 P2p
Fa0/5 Desg FWD 19 128.5 P2p
SW1#show spanning-tree vlan 20
VLAN0020
Spanning tree enabled protocol ieee
Root ID Priority 32788
Address 0000.0C76.1D62
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32788 (priority 32768 sys-id-ext 20)
Address 0000.0C76.1D62
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/1 Desg FWD 19 128.1 P2p
Fa0/2 Desg FWD 19 128.2 P2p
Fa0/3 Desg FWD 19 128.3 P2p
Fa0/4 Desg FWD 19 128.4 P2p
Fa0/5 Desg FWD 19 128.5 P2p
SW1#show spanning-tree vlan 30
VLAN0030
Spanning tree enabled protocol ieee
Root ID Priority 32798
Address 0000.0C76.1D62
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
40
CCNA R&S Bootcamp
Bridge ID Priority 32798 (priority 32768 sys-id-ext 30)
Address 0000.0C76.1D62
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/1 Desg FWD 19 128.1 P2p
Fa0/2 Desg FWD 19 128.2 P2p
Fa0/3 Desg FWD 19 128.3 P2p
Fa0/4 Desg FWD 19 128.4 P2p
Fa0/5 Desg FWD 19 128.5 P2p
SW1#show spanning-tree vlan 99
VLAN0099
Spanning tree enabled protocol ieee
Root ID Priority 32867
Address 0000.0C76.1D62
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32867 (priority 32768 sys-id-ext 99)
Address 0000.0C76.1D62
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/1 Desg FWD 19 128.1 P2p
Fa0/2 Desg FWD 19 128.2 P2p
Fa0/3 Desg FWD 19 128.3 P2p
Fa0/4 Desg FWD 19 128.4 P2p
Fa0/5 Desg FWD 19 128.5 P2p
SW1#
Optimisasi STP, dengan Memilih SW1 sebagai Root Bridge/Switch secara manual:
Karena terdapat instance STP yang terpisah pada setiap VLAN yang aktif, maka pemilihan Root Bridge/Switch hanya
terjadi pada VLAN tertentu saja. Secara default switch akan melakukan pemilihan bedasarkan kombinasi Priority dan
MAC Address terkecil, dimana secara default Switch memiliki Priority adalah 32768. Sehingga penting sekali anda
melakukan pemilihan Root secara manual karena beberapa alasan berikut:
• Karena Root Bridge/Switch bertanggung jawab men-generate (menghasilkan) BPDU pada STP 802.1D
sehingga Root Switch/Bridge harus memiliki kemampuan untuk menangani Processing Load tambahan
tersebut
• Penempatan Root Bridge/Switch biasanya ditempat yang bisa dijangkau secara optimal oleh switch yang lain.
Biasanya pada Switch Distribution
SW1#config t
SW1(config)#spanning-
SW1(config)#spanning-tree vl
SW1(config)#spanning-tree vlan 10 pri
SW1(config)#spanning-tree vlan 10 priority ?
<0-61440> bridge priority in increments of 4096
SW1(config)#spanning-tree vlan 10 priority 4096
SW1(config)#spanning-tree vlan 20 priority 4096
41
CCNA R&S Bootcamp
SW1(config)#spanning-tree vlan 30 priority 4096
SW1(config)#spanning-tree vlan 99 priority 4096
SW1(config)#exit
SW1#show spanning-tree vlan 10
VLAN0010
Spanning tree enabled protocol ieee
Root ID Priority 4106
Address 0000.0C76.1D62
This bridge is the root Forward Delay 15 sec
Hello Time 2 sec Max Age 20 sec
Bridge ID Priority 4106 (priority 4096 sys-id-ext 10)
Address 0000.0C76.1D62
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- --------------------------------
Fa0/1 Desg FWD 19 128.1 P2p
Fa0/2 Desg FWD 19 128.2 P2p
Fa0/3 Desg FWD 19 128.3 P2p
Fa0/4 Desg FWD 19 128.4 P2p
Fa0/5 Desg FWD 19 128.5 P2p
SW1#
Configure PVST Rapid Spanning Tree Protocol:
SW1#config t
SW1(config)#spanning-tree mode ?
pvst Per-Vlan spanning tree mode
rapid-pvst Per-Vlan rapid spanning tree mode
SW1(config)#spanning-tree mode rapid-pvst
SW1(config)#exit
SW1#write
Building configuration...
[OK]
SW1#
SW2#config t
SW2(config)#spanning-tree mode ?
pvst Per-Vlan spanning tree mode
rapid-pvst Per-Vlan rapid spanning tree mode
SW2(config)#spanning-tree mode rapid-pvst
SW2(config)#exit
SW2#write
Building configuration...
[OK]
SW2#
SW3#config t
SW3(config)#spanning-tree mode ?
pvst Per-Vlan spanning tree mode
rapid-pvst Per-Vlan rapid spanning tree mode
42
CCNA R&S Bootcamp
SW3(config)#spanning-tree mode rapid-pvst
SW3(config)#exit
SW3#write
Building configuration...
[OK]
SW3#
Mengelola the MAC Address Table & Konfigurasi Port Security:
SW2#show mac-address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 0003.e4bc.7c01 DYNAMIC Fa0/2
10 0003.e4bc.7c02 DYNAMIC Fa0/1
20 0003.e4bc.7c01 DYNAMIC Fa0/2
30 0003.e4bc.7c01 DYNAMIC Fa0/2
99 0003.e4bc.7c01 DYNAMIC Fa0/2
SW2#config t
SW2(config)#interface fa0/11
SW2(config-if)#switchport port-security ?
mac-address Secure mac address
maximum Max secure addresses
violation Security violation mode
<cr>
SW2(config-if)#switchport port-security maximum 2
SW2(config-if)#switchport port-security mac-address ?
H.H.H 48 bit mac address
sticky Configure dynamic secure addresses as sticky
SW2(config-if)#switchport port-security mac-address sti
SW2(config-if)#switchport port-security mac-address sticky
SW2(config-if)#switchport port-security violation protect
SW2(config-if)#exit
SW2(config)#exit
SW2#write
Building configuration...
[OK]
SW2#
Backup dan Restore the Cisco IOS File ke Switch dari TFTP Server:
SW1#show flash
Directory of flash:/
1 -rw- 3058048 <no date> c2950-i6q4l2-mz.121-22.EA4.bin
2 -rw- 796 <no date> vlan.dat
64016384 bytes total (60957540 bytes free)
SW1#copy flash tftp
Source filename []? c2950-i6q4l2-mz.121-22.EA4.bin
Address or name of remote host []? 172.17.50.254
Destination filename [c2950-i6q4l2-mz.121-22.EA4.bin]?
Writing c2950-i6q4l2-mz.121-
43
CCNA R&S Bootcamp
22.EA4.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 3058048 bytes]
3058048 bytes copied in 3.39 secs (902000 bytes/sec)
SW1#
SW1#copy tftp flash
Address or name of remote host []? 172.17.50.254
Source filename []? c2950-i6q4l2-mz.121-22.EA8.bin
Destination filename [c2950-i6q4l2-mz.121-22.EA8.bin]?
Accessing tftp://172.17.50.254/c2950-i6q4l2-mz.121-22.EA8.bin...
Loading c2950-i6q4l2-mz.121-22.EA8.bin from
172.17.50.254: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 3117390 bytes]
3117390 bytes copied in 3.516 secs (886629 bytes/sec)
SW1#show flash:
Directory of flash:/
1 -rw- 3058048 <no date> c2950-i6q4l2-mz.121-22.EA4.bin
3 -rw- 3117390 <no date> c2950-i6q4l2-mz.121-22.EA8.bin
2 -rw- <no date> vlan.dat
796
64016384 bytes total (57840150 bytes free)
SW1#delete flash:
Delete filename []?c2950-i6q4l2-mz.121-22.EA4.bin
Delete flash:/c2950-i6q4l2-mz.121-22.EA4.bin? [confirm]
SW1#config t
SW1(config)#boot system ?
WORD pathlist of boot file(s) ... file1;file2;...
SW1(config)#boot system 2950-i6q4l2-mz.121-22.EA8.bin
SW1(config)#exit
SW1#write
Building configuration...
[OK]
SW1#reload
Proceed with reload? [confirm]
Recover Passwords on the Catalyst 2950:
1. Pastikan PC anda terhubung menggunakan Kabel Console ke Console port pada Switch, dan jangan lupa
aktifkan Hyperterminal sesuai dengan standar konfigurasi.
2. Matikan Switch, kemudian nyalakan disaat bersamaan tekan tombol MODE dan tahan hingga SYS LED
(lampu SYS) berhenti berkedip dan nyala
3. Saat itu anda akan menemukan di Hyperterminal anda tulisan dibawah ini
The system has been interrupted prior to initializing the flash files
system. The following commands will initialize the flash files system,
and finish loading the operating system software:
flash_init
load_helper
boot
4. Setelah loading selesai, lakukan perintah dibawah ini, dan perhatian jangan lupa mengetik titik dua (:) setelah
44
CCNA R&S Bootcamp
perintah dir flash:
switch:flash_init
switch:load_helper
switch:dir flash:
5. Kemudian ketik perintah dibawah ini agar mengganti nama file konfigurasi lama yang berisi password dengan
nama lain:
rename flash:config.text flash:config.old
6. Restart sistem dengan perintah Boot
7. Setelah masuk ke Switch lakukan perintah berikut ini:
Switch#rename flash:config.old flash:config.text
Switch#copy flash:config.text system:running-config
Source filename [config.text]?[enter]
Destination filename [running-config][enter]
The configuration file is now reloaded. Change the old unknown passwords
as follows:
ALSwitch#configure terminal
ALSwitch(config)#no enable secret
ALSwitch(config)#enable secret class
ALSwitch(config)#line console 0
ALSwitch(config-line)#password cisco
ALSwitch(config-line)#exit
ALSwitch(config)#line vty 0 15
ALSwitch(config-line)#password cisco
ALSwitch(config-line)#end
ALSwitch#copy running-config startup-config
Destination filename [startup-config]?[enter] Building configuration...
[OK]
ALSwitch#
Lab 10
Security
Hands-on Labs
Pada sesi ini, anda akan menyelesaikan dua lab yaitu Standard Access List dan Extended Accesslist dengan skenario
masing-masing. Pastikan Anda konfigurasi jaringan anda menggunakan OSPF 10 area 10.
• Standard IP Access List
o Scenario: PC1 tidak bisa akses ke PC3
• Extended IP Access List
o Skenario-1: PC3 tidak bisa PING ke Server1 tetapi bisa Web Browsing
o Skenario-2: PC2 bisa PING ke Server1 tetapi tidak bisa Web Browsing
45
CCNA R&S Bootcamp
Perangkat
(Hostname IOS Version Interface IP Address
)
R1 c2600-i-mz.122-28.bin FastEthernet0/0 192.168.1.1/24
FastEthernet0/1 -
Serial0/0 192.168.2.1/30
R2 c2600-i-mz.122-28.bin FastEthernet0/0 192.168.3.1/24
FastEthernet0/1 -
Serial0/0 192.168.2.2/30
Serial0/1 192.168.4.1/30
R3 c2600-i-mz.122-28.bin FastEthernet0/0 192.168.5.1/24
FastEthernet0/1 -
Serial0/0 192.168.4.2/30
SW1 c2950-i6q4l2-mz.121-22.EA4.bin FastEthernet0/1 – 24 -
SW2 c2950-i6q4l2-mz.121-22.EA4.bin FastEthernet0/1 – 24 -
SW3 c2950-i6q4l2-mz.121-22.EA4.bin FastEthernet0/1 – 24 -
PC1 FastEthernet0 192.168.1.254/24
PC2 FastEthernet0 192.168.3.254/24
PC3 FastEthernet0 192.168.5.254/24
Standard Access List (Best Practice: Letakkan ACL dekat dengan Destination):
R3#config t
R3(config)#access-list 1 deny host 192.168.1.254
R3(config)#access-list 1 permit any
R3(config)#int se0/0
R3(config-if)#ip access-group 1 in
R3(config-if)#exit
R3(config)#exit
R3#write
Building configuration...
[OK]
R3#
PC1>ping 192.168.5.254
46
CCNA R&S Bootcamp
Pinging 192.168.5.254 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.5.254:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
PC1>
Extended Access List (Best Practice: Letakkan ACL dekat dengan Source):
R1#config t
R1(config)#access-list 100 deny icmp host 192.168.5.254 host 192.168.1.2
R1(config)#access-list 100 deny tcp host 192.168.3.254 host 192.168.1.2 eq 80
R1(config)#access-list 100 permit ip any any
R1(config)#exit
R1(config)#interface se0/0
R1(config-if)#ip access-group 100 in
R1(config-if)#exit
R1(config)#exit
R1#write
Building configuration...
[OK]
R1#
PC3>ping 192.168.1.2
Pinging 192.168.1.2 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.1.2:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
PC3>
47
CCNA R&S Bootcamp
PC2>ping 192.168.1.2
Pinging 192.168.1.2 with 32 bytes of data:
Reply from 192.168.1.2: bytes=32 time=111ms TTL=126
Reply from 192.168.1.2: bytes=32 time=154ms TTL=126
Reply from 192.168.1.2: bytes=32 time=141ms TTL=126
Reply from 192.168.1.2: bytes=32 time=141ms TTL=126
Ping statistics for 192.168.1.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 111ms, Maximum = 154ms, Average = 136ms
PC2>
48
CCNA R&S Bootcamp
49
CCNA R&S Bootcamp
Lab 11
Network Address Translation (NAT)
Hands-on Lab
Pada Hands-on Lab Bab ini anda kan mencoba melakukan konfigurasi PAT (Port Address Translation) sesuai dengan
Topologi dibawah ini, dimana R1 bertindak sebagai ISP yang akan mentranslasikan Network 192.168.3.0/24,
192.168.4.0/24, dan 192.168.5.0/24. Anda konfigurasi jaringan anda menggunakan OSPF 10 area 10 (LAB-7).
Perangkat IOS Version Interface IP Address
(Hostname c2600-i-mz.122-28.bin
FastEthernet0/0 192.168.1.1/24
) FastEthernet0/1 -
R1 (ISP) Serial0/0
FastEthernet0/0 192.168.2.1/30
R2 c2600-i-mz.122-28.bin FastEthernet0/1 192.168.3.1/24
Serial0/0
R3 c2600-i-mz.122-28.bin Serial0/1 -
FastEthernet0/0 192.168.2.2/30
SW1 c2950-i6q4l2-mz.121-22.EA4.bin FastEthernet0/1 192.168.4.1/30
SW2 c2950-i6q4l2-mz.121-22.EA4.bin Serial0/0 192.168.5.1/24
SW3 c2950-i6q4l2-mz.121-22.EA4.bin FastEthernet0/1 – 24
PC1 FastEthernet0/1 – 24 -
PC2 FastEthernet0/1 – 24 192.168.4.2/30
PC3 FastEthernet0
FastEthernet0 -
FastEthernet0 -
-
192.168.1.254/24
192.168.3.254/24
192.168.5.254/24
50
The words you are searching are inside this book. To get more targeted content, please make full-text search by clicking here.
CCNA-Bootcamp
Discover the best professional documents and content resources in AnyFlip Document Base.
Search