Laboratorio integrador de temas de CCNA 2 y 3 v5
Fecha: 20 de abril del 2015 Clase: CCNA 3 R&S
Escenario
Este es un
escenario donde se repasaron temas importantes como DHCP, NAT/PAT, HSRP,
etherchannel,
VLANs y resolución
de problemas de conectividad para la puesta en marcha, al tratarse de equipos
reales.
Las pruebas
de failover que se detallan aquí fueron simuladas en Packet Tracer 6.1 salvo el
DHCP.
Este
escenario está disponible como Lab20042015.pkt, en ftp.vilarrasa.com.ar user y pass: ccna.
Todas las
pruebas de este documento se realizaron en la VLAN 2, en clase se realizaron
en VLANs 2 y 3.
También
tuvieron que resolver la problemática del conexionado de equipos fuera del
rack, simulando la conexión
en
diferentes sectores de una oficina.
1.- Pruebas de redundancia:
1.1.- Verificación inicial:
PC>ipconfig
FastEthernet0 Connection:(default port)
IP
Address......................: 192.168.2.4
Subnet Mask.....................: 255.255.255.0
Default
Gateway.................: 192.168.2.1 (dirección del gateway HSRP)
PC>ping 192.168.2.1 (fundamental: ping al gateway)
Pinging 192.168.2.1 with 32 bytes of data:
Reply from 192.168.2.1: bytes=32 time=16ms TTL=255
Reply from 192.168.2.1: bytes=32 time=15ms TTL=255
Reply from 192.168.2.1: bytes=32 time=0ms TTL=255
Reply from 192.168.2.1: bytes=32 time=0ms TTL=255
Ping statistics for 192.168.2.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 16ms, Average = 7ms
PC>ping 200.0.0.1 (verificación de extremo a extremo)
Pinging 200.0.0.1 with 32 bytes of data:
Request timed out.
Reply from 200.0.0.1: bytes=32 time=16ms TTL=254
Reply from 200.0.0.1: bytes=32 time=16ms TTL=254
Reply from 200.0.0.1: bytes=32 time=16ms TTL=254
Ping statistics for 200.0.0.1:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 16ms, Maximum = 16ms, Average = 16ms
PC>tracert 200.0.0.1
Tracing route to 200.0.0.1 over a maximum of 30 hops:
1 0 ms 0 ms 0 ms 192.168.2.3 (observamos que el paquete lo
devuelve la IP real, no la virtual)
2 16 ms 16 ms 32 ms 200.0.0.1
Trace complete.
PC>ping -t 200.0.0.1 (comienzo de las pruebas de
failover)
Pinging 200.0.0.1 with 32 bytes of
data:
Reply from 200.0.0.1: bytes=32
time=16ms TTL=254
Reply
from 200.0.0.1: bytes=32 time=32ms TTL=254
---resumido---
1.2.- Pruebas de failover de capa 2:
Se
verificaron todas las combinaciones desde caída de enlaces hasta failover de
los gateways.
SW_3#sh etherchannel
port-channel
Channel-group listing:
----------------------
Group: 1
----------
Port-channels in the group:
---------------------------
Port-channel:
Po1
------------
Age of the Port-channel = 00d:00h:48m:04s
Logical slot/port = 2/1 Number of
ports = 1
GC = 0x00000000 HotStandBy port =
null
Port state = Port-channel
Protocol
= PAGP
Port Security = Disabled
Ports in the Port-channel:
Index Load Port EC state No of
bits
------+------+------+------------------+-----------
0
00 Fa0/2 Desirable-Sl 0 (sólo
Fa0/2)
Time since last port bundled:
00d:00h:00m:05s Fa0/2
Group: 2
----------
Port-channels in the group:
---------------------------
Port-channel:
Po2 (enlace al SW_2)
------------
Age of the Port-channel = 00d:00h:48m:04s
Logical slot/port = 2/2 Number of
ports = 2
GC = 0x00000000 HotStandBy port =
null
Port state = Port-channel
Protocol = PAGP
Port Security = Disabled
Ports in the Port-channel:
Index Load Port EC state No of
bits
------+------+------+------------------+-----------
0
00 Fa0/4 Desirable-Sl 0
0
00 Fa0/3 Desirable-Sl 0
Time since last port bundled:
00d:00h:01m:40s Fa0/3
Group: 3
----------
Port-channels in the group:
---------------------------
Port-channel:
Po3 (enlace al SW_4)
------------
Age of the Port-channel = 00d:00h:48m:04s
Logical slot/port = 2/3 Number of
ports = 2
GC = 0x00000000 HotStandBy port =
null
Port state = Port-channel
Protocol = PAGP
Port Security = Disabled
Ports in the Port-channel:
Index Load Port EC state No of
bits
------+------+------+------------------+-----------
0
00 Fa0/6 Desirable-Sl 0
0
00 Fa0/5 Desirable-Sl 0
Time since last port bundled:
00d:00h:22m:55s Fa0/5
SW_3#
1.3.- Pruebas de failover de capa 3:
GW_2#sh standby
FastEthernet0/0 - Group 1 (version 2)
State is Active
6 state changes, last state change 00:25:08
Virtual IP address is 192.168.2.1
Active virtual MAC address is 0000.0C9F.F001
Local virtual MAC address is 0000.0C9F.F001 (v2 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 3.32145e+013 secs
Preemption disabled
Active
router is local
Standby router is 192.168.2.2
Priority 100 (default 100)
Group name is hsrp-Fa0/0-1 (default)
GW_2#
GW_1#sh standby
FastEthernet0/0 - Group 1 (version 2)
State is Standby
6 state changes, last state change 00:39:21
Virtual IP address is 192.168.2.1
Active virtual MAC address is 0000.0C9F.F001
Local virtual MAC address is 0000.0C9F.F001 (v2 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.319 secs
Preemption disabled
Active
router is 192.168.2.3
Standby
router is local
Priority 100 (default 100)
Group name is hsrp-Fa0/0-1 (default)
GW_1#
%HSRP-6-STATECHANGE: FastEthernet0/0 Grp 1 state Standby ->
Active
GW_1#sh standby
FastEthernet0/0 - Group 1 (version 2)
State is Active
7 state changes, last state change 00:40:21
Virtual IP address is 192.168.2.1
Active virtual MAC address is 0000.0C9F.F001
Local virtual MAC address is 0000.0C9F.F001 (v2 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 2.639 secs
Preemption disabled
Active
router is local
Standby router is unknown
Priority 100 (default 100)
Group name is hsrp-Fa0/0-1 (default)
GW_1#
2.-
Resultado de las pruebas:
PC>ping -t 200.0.0.1
Pinging 200.0.0.1 with 32 bytes of
data:
Reply from 200.0.0.1: bytes=32
time=16ms TTL=254
Reply
from 200.0.0.1: bytes=32 time=32ms TTL=254
---resumido---
Reply from 200.0.0.1: bytes=32 time=30ms TTL=254
Reply from 200.0.0.1: bytes=32
time=16ms TTL=254
Ping statistics for 200.0.0.1:
Packets: Sent = 983, Received =
983, Lost = 9 (1% loss), (en realidad se perdieron 6 pings en
todas las pruebas)
Approximate round trip times in
milli-seconds:
Minimum = 0ms, Maximum = 94ms,
Average = 23ms
Control-C
^C
PC>
3.- Pruebas de DHCP:
3.1.- Verificación desde un PC en VLAN 2:
PC>ipconfig /all
FastEthernet0 Connection:(default
port)
Connection-specific DNS Suffix..:
Physical Address................:
0040.0B9C.0457
IP
Address......................: 192.168.2.4
Subnet Mask.....................:
255.255.255.0
Default Gateway.................:
192.168.2.1
DNS Servers.....................:
0.0.0.0
DHCP
Servers....................: 192.168.2.3
3.2.-
Ahora con el router GW_2 (HSRP active) fuera de línea:
PC>ipconfig /renew
IP
Address......................: 192.168.2.4
Subnet Mask.....................:
255.255.255.0
Default Gateway.................:
192.168.2.1
DNS Server......................:
0.0.0.0
PC>ipconfig /all (verificamos
server DHCP)
FastEthernet0 Connection:(default
port)
Connection-specific DNS Suffix..:
Physical Address................:
0040.0B9C.0457
IP Address......................:
192.168.2.4
Subnet Mask.....................:
255.255.255.0
Default Gateway.................:
192.168.2.1
DNS Servers.....................:
0.0.0.0
DHCP
Servers....................: 192.168.2.2
PC>
3.3.- Prueba adicional: agregado de una 2da PC para verificar
quién le otorga DHCP:
PC>ipconfig /all
FastEthernet0 Connection:(default
port)
Connection-specific DNS Suffix..:
Physical Address................:
0000.0C14.3096
IP
Address......................: 192.168.2.5
Subnet Mask.....................:
255.255.255.0
Default Gateway.................:
192.168.2.1
DNS Servers.....................:
0.0.0.0
DHCP
Servers....................: 192.168.2.2
PC>
GW_1#sh ip dhcp bind
IP address Client-ID/ Lease
expiration Type
Hardware address
192.168.2.4 0040.0B9C.0457 --
Automatic
192.168.2.5
0000.0C14.3096 -- Automatic
GW_1#
%DHCPD-4-PING_CONFLICT: DHCP address conflict: server pinged
192.168.2.4.
GW_2#sh ip dhcp bind
IP address Client-ID/ Lease
expiration Type
Hardware address
192.168.2.5
0000.0C14.3096 – Automatic (aprendido
a traves de las confirmaciones broadcast entre PC y GW_1
GW_2# en
los equipos reales el comportamiento fue diferente)
3.4.- Resultado del DHCP y HSRP en equipos reales:
Router_1#
(HSRP active)
*Apr
20 21:12:42.602: DHCPD: Sending notification of DISCOVER:
*Apr
20 21:12:42.606: DHCPD: htype 1 chaddr
54be.f757.ede4
*Apr
20 21:12:42.606: DHCPD: remote id
020a0000c0a8020200000000
*Apr
20 21:12:42.606: DHCPD: circuit id
00000000
*Apr
20 21:12:42.606: DHCPD: Seeing if there is an internally specified pool class:
*Apr
20 21:12:42.606: DHCPD: htype 1 chaddr
54be.f757.ede4
*Apr
20 21:12:42.606: DHCPD: remote id
020a0000c0a8020200000000
*Apr
20 21:12:42.606: DHCPD: circuit id
00000000
*Apr
20 21:12:44.606: DHCPD: Adding binding to radix tree (192.168.2.22)
*Apr
20 21:12:44.606: DHCPD: Adding binding to hash tree
*Apr
20 21:12:44.606: DHCPD: assigned IP address 192.168.2.22 to client
0154.bef7.57ed.e4.
*Apr 20 21:12:44.606: DHCPD: Sending notification of ASSIGNMENT:
*Apr
20 21:12:44.606: DHCPD:
address 192.168.2.22 mask 255.255.255.0
*Apr
20 21:12:44.606: DHCPD: htype 1 chaddr
54be.f757.ede4
*Apr
20 21:12:44.606: DHCPD: lease time
remaining (secs) = 86400 ( 24 horas )
Router_1#sh ip dhcp bind
Bindings
from all pools not associated with VRF:
IP
address Client-ID/ Lease expiration Type
Hardware address/
User name
192.168.2.22 0154.bef7.57ed.e4 Apr 22 2015 09:12 PM Automatic
Router_1#
Router_2#
(HSRP standby)
*Apr
20 18:13:02.342: DHCPD: Sending notification of DISCOVER:
*Apr
20 18:13:02.342: DHCPD: htype 1 chaddr
54be.f757.ede4
*Apr
20 18:13:02.342: DHCPD: remote id
020a0000c0a8020300000000
*Apr
20 18:13:02.342: DHCPD: circuit id
00000000
*Apr
20 18:13:02.342: DHCPD: Seeing if there is an internally specified pool class:
*Apr
20 18:13:02.342: DHCPD: htype 1 chaddr
54be.f757.ede4
*Apr
20 18:13:02.346: DHCPD: remote id
020a0000c0a8020300000000
*Apr
20 18:13:02.346: DHCPD: circuit id
00000000
*Apr
20 18:13:04.346: DHCPD: Adding binding to radix tree (192.168.2.13)
*Apr
20 18:13:04.346: DHCPD: Adding binding to hash tree
*Apr
20 18:13:04.346: DHCPD: assigned IP address 192.168.2.13 to client 0154.bef7.57ed.e4.
*Apr 20 18:13:04.346: DHCPD: Sending notification of TERMINATION:
*Apr
20 18:13:04.346: DHCPD:
address 192.168.2.13 mask 255.255.255.0
*Apr
20 18:13:04.346: DHCPD:
reason flags: noalloc
*Apr
20 18:13:04.346: DHCPD: htype 1 chaddr
54be.f757.ede4
*Apr
20 18:13:04.346: DHCPD: lease time
remaining (secs) = 300
*Apr 20 18:13:04.346: DHCPD: returned 192.168.2.13 to address pool
vlan1. (la
IP no se aceptó y vuelve al pool)
Router_2#sh ip dhcp bind (a diferencia del Packet Tracer la IP no queda reservada
en el pool de este router)
Bindings
from all pools not associated with VRF:
IP
address Client-ID/ Lease expiration Type
Hardware address/
User name
Router_2#
4.- Configuración de equipos:
ISP#sh runn (sólo lo relevante)
Building configuration...
Current configuration : 760 bytes
!
version
15.1
!
hostname
ISP
!
license
udi pid CISCO2901/K9 sn FTX1524WAD2
!
interface
Loopback0
ip address
200.0.0.1 255.255.255.255
!
interface
GigabitEthernet0/0
ip
address 192.168.72.5 255.255.255.0
!
! (notar que no hay rutas hacia
las VLANs 2 y 3 ya que el tráfico alcanza este router mediante PAT en la
! red local con IP pertenecientes a la red 192.168.72.0/24 )
line
vty 0 4
password
cisco
login
!
!
!
end
ISP#
GW_1# sh runn (sólo lo relevante)
Building configuration...
Current configuration : 1129 bytes
!
version
12.4
!
hostname
GW_1
!
ip
dhcp excluded-address 192.168.2.1
ip dhcp
excluded-address 192.168.2.2
ip
dhcp excluded-address 192.168.2.3
!
ip
dhcp pool DHP
network
192.168.2.0 255.255.255.0
default-router
192.168.2.1
!
interface
FastEthernet0/0
description
GW VLAN 2
ip
address 192.168.2.2 255.255.255.0
ip
nat inside
standby
version 2
standby
1 ip 192.168.2.1
!
interface
FastEthernet0/1
description
Aula7B
ip
address 192.168.72.1 255.255.255.0
ip
nat outside
!
ip
nat inside source list PAT interface FastEthernet0/1 overload
ip
classless
ip
route 0.0.0.0 0.0.0.0 192.168.72.5
!
ip
access-list extended PAT
permit
ip 192.168.2.0 0.0.0.255 any
!
end
GW_1#
GW_2# sh runn (sólo lo relevante)
Building configuration...
Current configuration : 1129 bytes
!
version
12.4
!
hostname
GW_2
!
ip
dhcp excluded-address 192.168.2.1
ip dhcp
excluded-address 192.168.2.2
ip
dhcp excluded-address 192.168.2.3
!
ip
dhcp pool DHP
network
192.168.2.0 255.255.255.0
default-router
192.168.2.1
!
interface
FastEthernet0/0
description
GW VLAN 2
ip
address 192.168.2.3 255.255.255.0
ip
nat inside
standby
version 2
standby
1 ip 192.168.2.1
!
interface
FastEthernet0/1
description
Aula7B
ip
address 192.168.72.2 255.255.255.0
ip
nat outside
!
ip
nat inside source list PAT interface FastEthernet0/1 overload
ip
classless
ip
route 0.0.0.0 0.0.0.0 192.168.72.5
!
ip
access-list extended PAT
permit
ip 192.168.2.0 0.0.0.255 any
!
end
GW_2#
GW_3# sh runn (sólo lo relevante)
Building configuration...
Current configuration : 1129 bytes
!
version
12.4
!
hostname
GW_3
!
ip
dhcp excluded-address 192.168.3.1
ip dhcp
excluded-address 192.168.3.2
ip
dhcp excluded-address 192.168.3.3
!
ip
dhcp pool DHP
network
192.168.3.0 255.255.255.0
default-router
192.168.3.1
!
interface
FastEthernet0/0
description
GW VLAN 3
ip
address 192.168.3.2 255.255.255.0
ip
nat inside
standby
version 2
standby
1 ip 192.168.3.1
!
interface
FastEthernet0/1
description
Aula7B
ip
address 192.168.72.3 255.255.255.0
ip
nat outside
!
ip
nat inside source list PAT interface FastEthernet0/1 overload
ip
classless
ip
route 0.0.0.0 0.0.0.0 192.168.72.5
!
ip
access-list extended PAT
permit
ip 192.168.3.0 0.0.0.255 any
!
end
GW_3#
GW_4# sh runn (sólo lo relevante)
Building configuration...
Current configuration : 1018 bytes
!
version
12.4
!
hostname
GW_4
!
ip
dhcp pool DHP
network 192.168.3.0
255.255.255.0
default-router
192.168.3.1
!
interface
FastEthernet0/0
description
GW VLAN 3
ip
address 192.168.3.3 255.255.255.0
ip
nat inside
standby
version 2
standby
1 ip 192.168.3.1
!
interface
FastEthernet0/1
description
Aula7B
ip
address 192.168.72.4 255.255.255.0
ip
nat outside
!
ip
nat inside source list PAT interface FastEthernet0/1 overload
ip
classless
ip
route 0.0.0.0 0.0.0.0 192.168.72.5
!
ip
access-list extended PAT
permit
ip 192.168.3.0 0.0.0.255 any
!
end
GW_4#
SW_1# sh runn (sólo lo relevante)
Building configuration...
Current configuration : 1380 bytes
!
version
12.2
!
hostname
SW_1
!
spanning-tree
mode pvst
!
interface
FastEthernet0/1
switchport
access vlan 2
switchport
mode access
!
interface
FastEthernet0/2
switchport access
vlan 2
switchport
mode access
!
interface
FastEthernet0/3
channel-group
1 mode desirable
switchport
mode trunk
!
interface
FastEthernet0/4
channel-group
1 mode desirable
switchport
mode trunk
!
interface
FastEthernet0/5
interface
FastEthernet0/6
interface
FastEthernet0/7
interface
FastEthernet0/8
interface
FastEthernet0/9
interface
FastEthernet0/10
interface
FastEthernet0/11
interface
FastEthernet0/12
interface
FastEthernet0/13
interface
FastEthernet0/14
interface
FastEthernet0/15
interface
FastEthernet0/16
interface
FastEthernet0/17
interface
FastEthernet0/18
interface
FastEthernet0/19
interface
FastEthernet0/20
interface
FastEthernet0/21
interface
FastEthernet0/22
interface
FastEthernet0/23
interface
FastEthernet0/24
interface
GigabitEthernet0/1
interface
GigabitEthernet0/2
!
interface
Port-channel 1
switchport
mode trunk
!
interface
Vlan1
ip
address 192.168.72.6 255.255.255.0
!
end
SW_1#
SW_2# sh runn (sólo lo relevante)
Building configuration...
Current configuration : 1490 bytes
!
version
12.2
no
service timestamps log datetime msec
no
service timestamps debug datetime msec
no
service password-encryption
!
hostname
SW_2
!
enable
secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1
!
!
!
!
!
spanning-tree
mode pvst
!
interface
FastEthernet0/1
switchport access
vlan 3
switchport
mode access
!
interface
FastEthernet0/2
switchport
access vlan 3
switchport
mode access
!
interface
FastEthernet0/3
interface
FastEthernet0/4
!
interface
FastEthernet0/5
channel-group
1 mode desirable
switchport
mode trunk
!
interface
FastEthernet0/6
channel-group
1 mode desirable
switchport
mode trunk
!
interface
FastEthernet0/7
interface
FastEthernet0/8
interface
FastEthernet0/9
interface
FastEthernet0/10
interface
FastEthernet0/11
interface
FastEthernet0/12
interface FastEthernet0/13
interface
FastEthernet0/14
interface
FastEthernet0/15
interface
FastEthernet0/16
interface
FastEthernet0/17
interface
FastEthernet0/18
interface
FastEthernet0/19
interface
FastEthernet0/20
interface
FastEthernet0/21
interface
FastEthernet0/22
interface
FastEthernet0/23
interface
FastEthernet0/24
interface
GigabitEthernet0/1
interface
GigabitEthernet0/2
!
interface
Port-channel 1
switchport
mode trunk
!
interface
Vlan1
ip
address 192.168.72.7 255.255.255.0
!
end
SW_2#
SW_3# sh runn (sólo lo relevante)
Building configuration...
Current configuration : 1600 bytes
!
version
12.2
!
hostname
SW_3
!
spanning-tree
mode pvst
!
interface
FastEthernet0/1
channel-group
1 mode desirable
switchport
mode trunk
!
interface
FastEthernet0/2
channel-group
1 mode desirable
switchport
mode trunk
!
interface
FastEthernet0/3
channel-group
2 mode desirable
switchport
mode trunk
!
interface
FastEthernet0/4
channel-group
2 mode desirable
switchport
mode trunk
!
interface
FastEthernet0/5
channel-group 3
mode desirable
switchport
mode trunk
!
interface
FastEthernet0/6
channel-group
3 mode desirable
switchport
mode trunk
!
interface
FastEthernet0/7
interface
FastEthernet0/8
interface
FastEthernet0/9
interface
FastEthernet0/10
interface
FastEthernet0/11
interface
FastEthernet0/12
interface
FastEthernet0/13
interface
FastEthernet0/14
interface
FastEthernet0/15
interface
FastEthernet0/16
interface
FastEthernet0/17
interface
FastEthernet0/18
interface
FastEthernet0/19
interface
FastEthernet0/20
interface
FastEthernet0/21
interface
FastEthernet0/22
interface
FastEthernet0/23
interface
FastEthernet0/24
interface
GigabitEthernet0/1
interface
GigabitEthernet0/2
!
interface
Port-channel 1
switchport
mode trunk
!
interface
Port-channel 2
switchport
mode trunk
!
interface
Port-channel 3
switchport
mode trunk
!
interface
Vlan1
ip
address 192.168.72.8 255.255.255.0
!
end
SW_3#
SW_4# sh runn (sólo lo relevante)
Building configuration...
Current configuration : 2436 bytes
!
version
12.2
!
hostname
SW_4
!
spanning-tree
mode pvst
!
interface
FastEthernet0/1
channel-group
1 mode desirable
switchport
mode trunk
spanning-tree
portfast
!
interface
FastEthernet0/2
channel-group
1 mode desirable
switchport
mode trunk
spanning-tree
portfast
!
interface
FastEthernet0/3
interface
FastEthernet0/4
interface
FastEthernet0/5
interface
FastEthernet0/6
interface
FastEthernet0/7
interface
FastEthernet0/8
interface
FastEthernet0/9
interface
FastEthernet0/10
interface
FastEthernet0/11
!
interface
FastEthernet0/12
switchport
access vlan 2
switchport
mode access
spanning-tree
portfast
!
interface
FastEthernet0/13
switchport
access vlan 3
switchport
mode access
spanning-tree
portfast
!
interface
FastEthernet0/14
interface
FastEthernet0/15
interface
FastEthernet0/16
interface FastEthernet0/17
interface
FastEthernet0/18
interface
FastEthernet0/19
interface
FastEthernet0/20
interface
FastEthernet0/21
interface
FastEthernet0/22
interface
FastEthernet0/23
interface
FastEthernet0/24
interface
GigabitEthernet0/1
interface
GigabitEthernet0/2
!
interface
Port-channel 1
switchport
mode trunk
!
interface
Vlan1
ip
address 192.168.72.9 255.255.255.0
!
end
SW_4#
(2015)
Sensei, the Route 66 is a OSPF route ?
Rosario,
Argentina