Basic Cisco Configuration: DHCP, VLAN's and Router on a Stick

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello I'm your instructor for today's lesson my name is Kevin large and we're going to go through some basic switch and basic Rooter configuration specifically what we're going to look at for the basic switch configuration is the configuration of a hostname VLANs virtual local area networks we can associate switch ports with the VLANs we're going to configure spanning-tree portfast on the switch ports we're going to create trunk links on the switch the trunk link carries all the VLANs unless you tell it not to whereas an access port carries only one feeling always associated with only one VLAN for the basic route of configuration we're going to again put a hostname on we're going to create sub interfaces the sub interfaces will function as a toe 2.1 trunk encapsulation sub interfaces so they can actually see the tag frames going in and out we're going to create a DHCP pool in fact we're going to create three DHCP pools one for each VLAN and we'll create some DHCP excluded addresses a little homage to the Empire we're going to use packet tracer cisco packet tracer to do this job so here we have packet tracer and I'm going to select the first device which will be a Cisco 2811 series router we're also going to have some layer 2 switches which will be Cisco 2950 24 switches and I will put two of those on ok and we will have three end stations three pcs just for testing purposes so we're going to put three generic PCs two on that switch and one over here on this switch okay now we'll need to wire these up and we need to use the correct cables so generally speaking the way you can do this is it's not the same device on each end of the cable we use a straight through is the same device on each end of the cable we use a crossover there is one exception to that if you wire a PC directly into a Rooter in that particular case you would think what the different devices so it's a straight through but it's not it's actually a crossover in that case because normally you wouldn't wire a PC directly into a Rooter you go virus which if you take the switch out the cable needs to do the crossing ok so let's just do the crossovers first so we'll go switch to switch fastethernet 24 to fastethernet 24 and we'll go from switch to Rooter fastethernet 23 to fastethernet 0/0 ok and now we'll put the PCs on so again this will be a straight through fast ethernet 0 we're going to switch port 1 Fast Ethernet 0 and into switch port 10 and on this one Fast Ethernet 0 into switch port 10 or do will create 2 VLANs to DHCP ports ok let's tidy the screen up just a little bit ok now we need to do some IP addressing so we'll use a master IP address of 200 11.0 with a slash 24 mask and that will be our master address so we'll subnet everything off of that address now let's see we'll have 50 pcs 50 hosts in this particular VLAN and this can be VLAN 10 and we'll have 25 hosts VLAN 20 okay let's tidy that up a little bit 50 host of VLAN 10 25 host in VLAN 20 and we'll make this PC here also a member of VLAN 20 okay so if we're going to do that we need to do a little bit of subnetting now so if we want 50 hosts over here that will need to start with the main network so that will be 200 dot one dot one dot zero now 50 hosts plus the network and broadcast is 52 plus the default gateway address is 53 so we need a binary number close to 53 but bigger than it well that will be 64 how do we get 64 how many bits do we need to borrow 2 to the power of 6 would be 64 so we've got 2 4 8 16 32 6 32 minus 6 gives us 26 okay so that's 200 at one dot one dot 0 slash 26 that's sudden it starts at 0 it's 64 big so that will become 200 dot one dot one dot 64 if it starts at zero and it's 64 big next subnet up will be 200 dot one dot one dot sixty four that needs 25 hosts plus the network and broadcast 27 plus the default gateway 28 nearest binary number two that would be 32 2 ^ 5 is 32 32 minus 5 is 27 okay so that will be 200 one dot one dot 0 64 Network / 27 of course this PC will also be in that particular network alright just tidy the screen up a little bit so what our default book gateway is going to be what the default gateways and beyond the sub interfaces on the Rooter so let's use the highest IP address that's usable on these subnets so on this 201 1 0 subnet we've got 201 164 being the next network up so the broadcast for the 201 1 0 subnet will be 201 1 63 1 less than the next network up so the default gateway will be 201 162 okay so we'll have 200 1.16 t2 as their default gateway for that network this network here that is 32 big so if it starts to 64 and it's 32 big 64 and 32 is 96 96 would be the next network up so 95 would be the broadcast address so 94 would be the default gateway 201 or 1.94 okay of course that will be a slash 27 and this one will be a slash 26 and they will both actually be on this cable and on this interface which is why we need to use sub interfaces okay let's quickly get into some configuration now first things first we'll go into a switch now you can see why split the screen in half okay so there's a switch 24 port layer 2 switch bring up the command line interface I will type enable which we can shorten to ena and we'll give the switch name so we'll go into configuration terminal mode shortened to top T or type hostname I'll type host and hit tab to finish the command SW one switch now is house name of SW one I will type exit and I will type show IP interface brief just to see which ports have cables in the port one has a cable in port 10 has a cable in that's this PC this PC hit the spacebar to go down a page at a time port 0/24 that also has a cable in which is a trunk link between the two switches okay let's see what VLANs we've got show the LAN brief okay so we've got the default VLANs on the switch one 1,002 1,003 1,004 1,005 little active but all of the ports are in the default VLAN 1 which is the way it should be when switches first powered up with known configuration all the ports should be in VLAN 1 what we now need to do is we need to create a V lens and these VLANs will be create from global configuration mode come fatigue and Victor Mille VLAN 10 drops us into VLAN configuration mode will name this VLAN sales and exit I'll use the up arrow to save typing I pro 3 times VLAN 20 a perro perro up arrow name I don't know let's call it accounts and up arrow 3 times to exit probably been quick to type exit there okay I'm going to hit control Z control said Trump's you right back from however deep you are in configuration mode you'll jump you're right back to privilege mode okay and then I'll use the up arrow to do a show VLAN brief now we can see that we've got air two VLANs sales and accounts and they're both active we need to do now let's put the switch ports in so we'll put ports 1 2 9 in VLAN 10 so global configuration mode coffee/tea interface I'll just type int and hit tab are for range hit tab FA fast ethernet hit tab the tab will save you so much time 0 /one space - space 9 it's very important that you type it in like that access the correct way of doing it zero four slash one space - space nine okay now we're in interface range we're actually configuring all of those interfaces at once I'm going to type switch port code access to make it an access switch port and access switch port can only be in the one VLAN well actually one data VLAN on one voice VLAN but we won't go there it's not a trunk link trunk link would normally carry all the VLANs and it will type switch port access VLAN 10 ok while we're here we're going to put spanning-tree portfast on we get a little warning popping up saying be very careful with this command spanning tree is designed to detect layer 2 loops bridging loops because it layer two you have no time to live field the time to live field the TTL is it layer 3 it's in an IP packet I will stop a packet from going round and round forever but there is no TTL field at layer 2 so potentially speaking a packet could around around in a loop forever so we have spanning tree protocol designed to block loops you like to have redundancy in the network but if you have redundant links between switches and is enough to configure it to create a loop and you can get a loop and the frame will go round around that loop broadcasting coming out of all of the ports and totally destroy your network ok so what we normally use is we have spanning tree to detect those loops but in this particular case these ports are all going to pcs so there shouldn't be any chance of a loop so rather than have the ports down for 50 seconds while spanning tree does its loop detection and finally brings it up we can put spanning-tree portfast on and that will bring it up very very quickly indeed very useful if you run into HCP which we will be shortly okay so let's exit that to drop us back into normal configuration mode I will use the up arrow again to find the interfaces and now we'll move back or say interface fastest in to face range fastethernet 0 4 / 10 space - space will go up to 20 and user up arrow again switch book mode access switch port access VLAN 20 great okay so what we've done is we create the VLANs we've named the VLANs we've put the switch box into the VLANs on the one switch what we need to do now is we need to make sure that fastethernet 0 24 which is the link between the switches is configured as a trunk link so back to configuration mode interface fastethernet 0/1 for now have switch book mode access made it an access link I'm sure you can guess the switchboard mode mode trunk make it a trunk link ok that is now a trunk link and for the moment I think that's everything we need to do on this switch so I'm going to do a control Z and I could type copy run start copy running-config startup config like that to save the configuration anything in square brackets is the default so I just hit enter or I could use the OL command WR which is short for write terminal which is a lot quicker to type ok we'll now move into the second switch see what's happening over there okey-dokey let's see what we've got going on here so first thing to do go into configuration mode compte and give the switcher hostname it's w2 very important it's so easy to end up putting the wrong configuration on the wrong device if everything is called switching Rooter ok excellent now I'm going to hit control Z just for a moment and I'm going to do a show peel an brief notice our brief eh show - SH you can abbreviate any command as long as you don't abbreviate the command so much that it's ambiguous more than one command begins with that character if you do that what you will get is you'll get something that looks like this if I type E and hit enter it doesn't know what o which command I want if I type in question mark it's actually telling me that there are three commands that begin with a so it's an ambiguous command ok now I can see that we do not have any VLANs on here let's try something I'm going to the port that's connected to the other switch with a configure terminal and interface fastethernet 0/1 t4 this is going to be the trunk link connecting to the other switch I'm going to type switch port mode trunk while I'm here actually I'm just going to go back one I'm going to go into interface Fast Ethernet 0 23 which is the link up to the router and make that a trunk link as well I can use my up arrow to save commands a little control Z on a WR just to make sure I save the configuration we'll use the up arrow now to find show VLAN brief ok we're good to go and I'm going to create the VLANs on this switch ok so figure terminal VLAN 10 now what did I call that P land sales wasn't it sales and exit up arrow VLAN 20 name accounts and I'm gonna do as controls it and a WR it's always good to save your configuration just in case you get a power cut and we'll have a look look show VLAN brief we now have every lens but notice we don't have any ports in those VLANs now I'm not sure which port I put that PC in but I can check from the command line show IP interface brief short to show it int brief or show it interrupt okay so look fastethernet 0 10 and sign up and up well if you sign up and up it's got cable with a PC on the end of it in this case so that's the port I plugged it into okay if I steal net 0 24 is also up and up that's my trunk link to the other switch so now let's put some ports in let's do exactly what we did with the last one so compte interface range fast ethernet good use at the tab there 0 1 - 9 switch port code access switch port access VLAN I love that tab 10 exit up arrow select ports 0 1 2 0 sorry 0 10 - 0 20 and we'll do the same thing again so we'll do a switch port mode access and a switch port access VLAN 20 and we'll do a control set the WR just make sure we've saved everything I'll use the up arrow again to find show VLAN brief that's looking good in fact that's looking really really good ok now interestingly notice that part fastethernet 0 24 does not show up in that list why does fastethernet 0 24 not show up in that list because it's not associated with a specific VLAN fastethernet 0 24 is the trunk link because it's the trunk link is associated with all the VLANs by default well all the VLANs can flow through it by default so it doesn't show up in the list fast ethernet 0 23 is also a trunk link and it does show up in the list but that's only because the link is down if you look at the diagram on the other side you can see the link is currently down because the route on the other end is down so until this link comes up and it relights which realizes it's a trunk link we're still seeing fast ethernet 0 23 we want to know some information about the trunk links we can say show interface trunk and you can see there we go Fast Ethernet 0 24 it's on it's a trunk link it's using the I Triple E institute of electrical electronic engineers 802 dot1q encapsulation and trunk in this particular case paws allowed on the trunk all of them ports that are actually in the trunk the default one and the two felines that we created so VLAN one VLAN 10 VLAN 20 okay so that's looking good everything is done on the switches I do believe so we can do a write on there just to make sure and move on to the router okay now things get a little bit more interesting we're moving on to the layer 3 device you notice by default this port is not enabled on the router it's actually in a shutdown State it's a very good reason for that if you break into a Rooter then you can of course all kinds of havoc on a network in many ways it's one of the most important devices on the entire network so it's quite secure by default ok this Rooter is known as Rooter so the first thing to do is to give it a good host name in a short for enable compte click a terminal hostname or one not very imaginative I know but it'll do the job ok now we're going to go into the interface fastethernet 0/0 the one pointing down to the switch and just to make sure we're going to type no IP address because we do not want to IP address on the physical interface and then we'll do a no shutdown switch the interface on and you can see the lights gone green the light is green on this end it's orange on the other end because the spanning tree protocol so we did not switch spanning tree protocol to port fast on this sensor will take a long time for this particular port to go live 50 seconds in fact but that's a good thing because it's a trunk link and you should be very very careful with spanning-tree portfast access links yes trunk links very careful with that ok now we now have a green light the link is up both ends ok we're now going to do an exit we do not need an IP address on the physical interface because we're going to create two sub interface and these will have the IP addresses that we the IP addresses 201 162 and 201 194 they will be our default gateways okay here we go so more reading configuration mode interface fastethernet 0/0 dot 10 now I could use any number I like you can create literally millions of sub interfaces well the number goes up to millions I wouldn't create millions on one particular router of course because that would be crazy but you can create considerable number of sub interfaces on a router but the designation number can be absolutely enormous in this particular case because this is going to be for VLAN 10 I'll create the sub interface as fastethernet 0 4 / 0 10 make sense ties in with VLAN 10 ok now if I try to put an IP address on the interface I'm going to have a problem I'll show you exactly what I mean IP address 200 dot one dot one dot what do I want 62 okay highest IP address VLAN 10 subnet followed by a / 26 mask which is 255 255 255 there's 8 bits plus 8 bits plus 8 bits there's 24 bits there plus first 2 bits in the fourth octet which is 64 128 bit in the 64 bit to give us 192 so we've got 8 16 24 those two bits there 192 there you go that will happen because currently we have not set the encapsulation up on this sub interface so let's do that encapsulation dot1q followed by the VLAN tag that is going to be expected on this particular sub interface this is something two-phase 10 so that's VLAN tag 10 now if I hit the up arrow and put that IP address back in no problem whatsoever okay we don't need to do an eyes shut because the sub interface should already be up because the main interface is up I'm going to type exit very quickly we'll do the other interface so interface fastethernet 0/0 20 these are not real interfaces of course these are logical interfaces their sub interfaces you can't stick a cable in it the cable goes in the physical interface real interface fastethernet 0/0 but these are logical sub interfaces okay other sub interface created let's do it in the right order this time so encapsulation dot1q 20 and let's put the IP address for this default gateway which will be 201 190 for the highest IP address on the 201 1 64 subnet ok I'll go to the end of that pay into that line and what is a slash twenty seven mask well that will be 255 255 255 is 24 plus the first three bits in the fourth octet that will be the 128-bit the 64-bit and the 32-bit 128 64 32 added together will give us 2 to 4 ok looking good patrols ed WR if I now do a show IP interface brief you will notice I have a fast ethernet interface the physical interface no IP address is assigned but it's up and up up at layer 1 upper layer 2 we can see the correct protocol fastethernet 0/0 10 does have an IP address on it up and up and so does fastethernet 0/0 20 which other course these are air sub interfaces and these are the default gateways for the pcs in their respective VLANs okay now we all we need to do now we set up DHCP let's just try something first ready show IP route if we do a show IP route we can see that there are two networks the 201 1 0 / 26 Network which is directly connected to the router out of the Fast Ethernet 0 0 10 sub interface this is the VLAN out over here VLAN 10 and we have another network 201 1 64 / 27 directly connected this time out of Fast Ethernet 0 0 20 the other sub interface and this is the VLAN VLAN 20 with the 201 1 64 / 27 something on it and of course so is this one they are both in VLAN 20 even though they're on different switches so we need to create how many DHCP pools well there are two subnets and there are their network addresses so we need to DHCP pause and here we go figure terminal IP dhcp pool I will call this pool VLAN 10 and we'll create a network and this defines the addresses that can be given out they can be only addresses in this network 200 dot one dot one dot 0 and in subnet mask which has to be in longhand so that will be 255 255 255 192 excellent what a default router on default router will give out the default gateway this command here the network command will give out the IP address and the subnet mask the default route command will give out the default gateway which for the VLAN 10 subnet is 201 162 201 162 excellent job done exit that definitely going to use the up-arrow for this one okay IP dhcp pool VLAN 20 and we want the VLAN 20 subnet which will be a 2 to 4 subnet mask and a network address of 201 164 excellent now a default Rooter will be 201 194 and we're done there is only one thing to do now let's put our excluded addresses in will exclude the first 5 addresses from each pool this is unusual compte you would expect it to be done under the IP pool the IP dhcp pool but it's not Stan under global configuration IP dhcp excluded address how good is that tab I just typed the X and hit tab ok so will exclude the first set of addresses which will be from 200 1.1.1 we set the first 5 didn't we so we'll go up to 200 dot one dot 1.5 ok so the first address should be handed out by this DHCP pool would be 200 121.6 because the first 5 will be excluded from being handed out why would you do this well possibly your service we're going to have static addresses in that particular network so you don't want to hand out IP addresses that are already configured statically on the servers okay and we'll do the one for the other excluded range which will be let's go back to the first one because it will be easier that way 201 165 will be the first address on the 64 subnet that will go up to 201 170 there's our 5 addresses to be excluded so the first address in the VLAN 20 subnet should be 201 171 and the other one will be 201 172 and this should be 201 1 6 time to check what dual-control Zed and a WR or do a show IP dhcp bindings actually I think it's just binding there we go so currently no DHCP IP addresses have been handed out by the router that is not surprising the PCs haven't asked for any yet next job into the PCs will do VLAN 10 first and we'll move this over here so as we can see things actually happening we go to the desktop the command prompt the type ipconfig just to see what IP address we have and we have no IP addresses ok I'm going to put click on the IP configuration tab and go to DHCP and yes it did exactly what we hoped it would is given us the first address that's allowed in the first pool and that address is 201 1 6 it's given us the correct subnet mask 255 255 255 192 / 26 and the correct default gateway address which is the address on subnet for VLAN on the sub interface for VLAN 10 fantastic so look at the IP config command one more time and that's looking pretty good let's move that across a little bit so as we can see what's happening easier ideal let's run the show IP dhcp binding and we can see that the IP address has indeed been given out by the router there's our IP address there's the MAC address of the device it gave it out to how can we see that on the PC IP config space /all and there we go let's have a little look physical address 0 0 D 0 did it editor 3a ec2 precisely the same address we've got over here excellent okay so that works ok let's try VLAN 20 desktop command prompt ipconfig /all might as well do the big one okay now IP address now what should this get this should get 71 it does 201 171 with the slash twenty seven mask and the default gateway address of 201 194 absolutely fantastic ok let's double check your IP addressing IP config space four slash all 201 171 fantastic and let's try this one as well just to finish it off now this is also in the VLAN 20 even though it's on a different switch IP config space four slash all and here we go should get 72 and it does fantastic excellent look at that alright show IP dhcp bindings 1.6 do VLAN 10 1.71 and 1.72 2 v 9 20 let's see if the pc can ping from VLAN 20 which is where this one is in to VLAN 10 the other pc 201 1.6 I'm now pinging from a PC in VLAN 20 to a PC VLAN 10 and let's see if it works and it's a slight delay there this is where you cross your fingers and yes it works they interestingly look at that the first packet timed out why did that first packet time out the other three got through the reason for that is up the address resolution protocol if I type up minus a you can see that the very first thing this PC had to do was go and find the IP address of the default gateway in order to get to a remote subnet VLAN 20 is a remote subnet he has to go through the Rooter to get to it so the first thing this PC had to do was contact the default gateway the router and you had to get the default gateways MAC address so it would have used the ARP the address resolution protocol in order to get the default gateways MAC address if I run those pings again we should see all four come through because it's already got the MAC address okay layer two Ethernet segments they use MAC addresses for communication so the very first thing that had to happen we had to get that MAC address so we use the address resolution protocol to do that fantastic okay so what are we done we've gone on a switch we put a hostname we've created VLANs we've named the VLANs we've put switch ports into the VLANs we've created a trunk link between the switches which carries all the active VLANs in this case VLAN 1 the default VLAN 10 and VLAN 20 you created a trunk link up to the router we created sub interfaces on the rooters and on those sub interfaces we set the encapsulation to the correct VLAN number so it expects the correctly tagged VLAN on each sub interface and we've put the IP address for each of the VLANs subnets VLAN 10 200 1 1 0 subnet the highest usable IP address is 201 162 so they set default gateway VLAN 20 to 201 160 for subnet the highest IP address is 201 194 so that's the default gateway and there you go we have configured what's known as Rooter on a stick I hope you found that useful and that's me signing off from this configuration video don't forget to keep an eye on the website keep an eye on YouTube remote training solutions and I'll see if I could put some more videos up to go through some more concepts in the wonderful world of Cisco yes there's nothing else that beats a bit of Cisco configuration yeah thank you very much indeed

Info

Channel: RemoteTrainingSolutions

Views: 119,118

Rating: undefined out of 5

Keywords: Cisco, Routers, VLAN's, DHCP, CCNA

Id: 84tUEklrvic

Channel Id: undefined

Length: 40min 3sec (2403 seconds)

Published: Tue Mar 17 2015