ICND1 Labs

Lab 4-1: Enhancing a Switched Network

Visual Topology

Command Line

Command Description
encapsulation dot1q vlan Enables IEEE 802.1Q encapsulation on a routers sub-interface
no ip address Removes any ip address currently configured on the interface
show interfaces trunk Displays trunking information
show vlan Displays vlan information
show vlans Verify the vlan and trunking configuration on a router on a stick
switchport access vlan vlan Assign a port to a vlan
switchport mode mode Defines DTP modes options available are access, trunk, dynamic desirable or dynamic auto
switchport trunk allowed vlan vlan list Filters which vlans are permitted over a trunk connection.
vlan number Creates a vlan

Physical Topology Diagram

  • Task 1: Creating a VLAN and assigning Switchports.
  • Task 2: Configure a Trunk connection on a Router.

Lab 4-1: Enhancing a Switched Network

Task 1: Creating a VLAN and assigning Switchports.

Step 1: Access the CLI on the router and make sure the connection between the two routers is shutdown.

Step 2: Access the CLI on the switch.

Step 3: Create vlan 2 on your switch and name it SALES

SWx(config)#vlan 2
SWx(config-vlan)#name SALES

Step 4: Re-assign interface fa0/1 to vlan 2

SWx(config-if)#switchport mode access
SWx(config-if)#switchport access vlan 2

Step 5: Configure Fa0/12 as a trunk connection

SWx(config-if)#switchport mode trunk

Step 6: Change the IP address on the PC to 10.2.2.100 with a 255.255.255.0 mask and a default gateway of 10.2.2.1

Step 7: From your PC try and Ping the IP address of your switch.

This should fail! Why ?

Task 2: Configure a Trunk connection on a Router.

Now that we have configured the switch to support a trunk connection between itself and the router, the next stage involves us setting up the router so it understands the IEEE 802.1Q frame encapsulation.

Step 1: Access the CLI on the router.

Step 2: Navigate to the interface mode which connects the router to the switch. Hint.. fa0/0 or gi0/0

Step 3: Shutdown the interface.

Step 4: Remove any current IP address using the no ip address command.

Step 5: Create a new sub-interface using the following command.

Rx(config)#interface fa0/0.1

or

Rx(config)#interface gi0/0.1

Step 6: Assign an ip address of 10.1.1.1 255.255.255.0

Step 7: Issue the following command to support IEEE 801.1Q encapsulation linking it to vlan 1 and make this the native vlan.

Rx(config-subif)#encap dot1q 1 native

Step 8: Create a second sub-interface

Rx(config)interface fa0/0.2

or

Rx(config)interface gi0/0.2

Step 8: Assign an ip address of 10.2.2.1 255.255.255.0

Step 9: Setup IEEE 802.1Q encapsulation with a link to vlan 2

Rx(config-subif)#encap dot1q 2

What is the difference between the native vlan and a non-native vlan ?

Step 10: Issue the no shutdown command on the physical interface, this will automatically enable all sub-interfaces.

Step 11: Check your PC can ping its default gateway.

Step 12: Try and ping the IP address of the switch, this should now be successful.

If it fails then check the following.

The switch will need a default gateway set to 10.1.1.1 because the path of the ping from the PC to the switch is via the router.

Explanation: The port attached to the PC has been assigned to Vlan 2 but the IP address of the switch is still in vlan 1, therefore the Ping packet will travel from the PC to its def ault gateway (the router) because the source IP address and the destination IP address are not located in the same IP subnet. The router upon receiving the Ping packet will direct it to sub interface fa0/0.2 or gi0/0.2 because it’s been linked to vlan 2, i t will then examine the destination IP address after stripping the layer 2 header and redirect it out of sub-interface fa0/0.1 or gi0/0.1 but it will need to rebuild a new layer 2 header before going across the trunk to the switch.

Step 13: Save all your configs.

Lab Answer Keys:

[sociallocker id=”4139″]

Task 1: Creating a VLAN and assigning Switchports.

Step 2: Access the CLI on the switch.

Step 3: Create vlan 2 on your switch and name it SALES
SW>en
SW#conf t
SW(config)#vlan 2
SW(config-vlan)#name SALES

Step 4: Re-assign interface fa0/1 to vlan 2

SW(config-vlan)#int fa0/1
SW(config-if)#switchport mode access
SW(config-if)#switchport access vlan 2

Step 5: Configure Fa0/12 as a trunk connection

SW(config-if)#int fa0/12
SW(config-if)#switchport mode trunk

Step 7: From your PC try and Ping the IP address of your switch.

This should fail! Why ?

Because the IP address of the switch is assigned to Vlan 1 and the port connected to the PC is now in Vlan 2 (logically separated) Routing is required between the two Vlan’s.

Task 2: Configure a Trunk connection on a Router.

Now that we have configured the switch to support a trunk connection between itself and the router, the next stage involves us setting up the router so it understands the IEEE 802.1Q frame encapsulation.

Step 1: Access the CLI on the router.

Step 2: Navigate to the interface mode which connects the router to the switch. Hint.. fa0/0 or gi0/0

R>en
R#conf t
R(config)#int fa0/0

or

R(config)#int gi0/0

Step 3: Shutdown the interface.

R(config-if)#shut

Step 4: Remove any current IP address using the no ip address command.

R(config-if)#no ip address

Step 5: Create a new sub-interface using the following command.

R(config)interface fa0/0.1

or

R(config)interface gi0/0.1

Step 6: Assign an ip address of 10.1.1.1 255.255.255.0

R(config-subif)#ip address 10.1.1.1 255.255.255.0

Step 7: Issue the following command to support IEEE 801.1Q encapsulation linking it to vlan 1 and make this the native vlan.

R(config-subif)#encap dot1q 1 native

Step 8: Create a second sub-interface

R(config)#interface fa0/0.2

or

R(config)#interface gi0/0.2

Step 8: Assign an ip address of 10.2.2.1 255.255.255.0

R(config-subif)#ip address 10.2.2.1 255.255.255.0

Step 9: Setup IEEE 802.1Q encapsulation with a link to vlan 2

R(config-subif)#encap dot1q 2

What is the difference between the native vlan and a non-native vlan ?

Native is untagged across a trunk connection, default id vlan 1.

Step 10: Issue the no shutdown command on the physical interface, this will automatically enable all sub-interfaces.

R(config-subif)#exit
R(config)#int fa0/0

or

R(config)#int gi0/0
R(config-if)#no shut

Step 11: Check your PC can ping its default gateway.

Step 12: Try and ping the IP address of the switch, this should now be successful.

If it fails then check the following.

The switch will need a default gateway set to 10.1.1.1 because the path of the ping from the PC to the switch is via the router.

Explanation: The port attached to the PC has been assigned to Vlan 2 but the IP address of the switch is still in vlan 1, therefore the Ping packet will travel from the PC to its default gateway (the router) because the source IP address and the destination IP address are not located in the same IP subnet. The router upon receiving the Ping packet will direct it to sub interface fa0/0.2 or gi0/0.2 because it’s been linked to vlan 2, it will then examine the destination IP address after stripping the layer 2 header and redirect it out of sub-interface
fa0/0.1 or gi0/0.1 but it will need to rebuild a new layer 2 header before going across the trunk to the switch.

[/sociallocker]

Related Articles

Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments
Back to top button