In this lab you will reconfigure your lab network by changing vlans configurations on your switch.
You will no longer have a R1 router. R2 and R3 will become access routers for net1 and net2 via vlans. VRRP will be used to allow the two access routers for each network back each othre up. A combination physical/logical map of the network can be found here in png and here in pdf.
Diagrams showing physical and layer 2 connections before and after the workstation switch can be found here Before in png and Before in pdf. and After in png and After in pdf.
You will need to modify the various layer 2, layer 3, and support applications data. The needed changes are:
- make sure R1 is shtudown and sw1 is started. See http://users.cs.fiu.edu/~esj/cnt4504/start-stop.html
you want to "cnt4504-stop-system" for r1 and "cnt4504-start-system" for sw1
- Configure sw1 with name and management IP.
- You will use vlan XX1 and XX2 for net1 and net2 respectivly. XX= your group number. You will also make use of vlan YY1, (YY is your neighbors group number) which will carry your neighbors net1.
- Configure sw1 such that eth1 is access for net1, eth2 is access for net2, eth3 is a trunk port and carries both net1 and net2 vlans to R2 eth1/1 and eth4 is a trunk port and carries both net1 and net2 vlans to R3 eth1/1.
- R2 and R3 eth1/1 main interface is deconfigured and two sub-interfaces are created on them to instantiate net1 and net2. R2 will use 10.XX.1.2 on the interface eth1/1.XX1 and 10.XX.1.130 on the interface eth1/1.XX2. R3 will use 10.XX.1.3 on the interface eth1/1.XX1 and 10.XX.1.131 on the interface eth1/1.XX2.
- R2 and R3 need to have dhcp relay (ip helper-address command) set up for the new sub-interfaces that face net1/net2.
- R2 and R3 need OSPF stanza modified to advertise 10.XX.1.0/25 and 10.XX.1.128/26 to ospf (in area 1 still). They do not want to advertise the /30's any longer.
- Configure R2 and R3 to run VRRP on their eth1/1.XX1 and eth1/1.XX2 interfaces. Make R3 the highest priority. See notes from class 19 for details. For net1 use 10.XX.1.1 as the virtual IP address. Use XX (XX is your group number) as VRRP vid. For net2 use 10.XX.1.129 as the virtual IP address. Use 1XX (XX is your group number) as VRRP vid.
- dns (forward and reverse) need to be modified.
10.XX.1.1 is virt-router-net1.gXX.scs.
10.XX.1.2 is r2-n1.gXX.scs,
10.XX.1.3 is r3-n1.gXX.scs,
10.XX.1.129 is virt-router-net2.gXX.scs.
10.XX.1.130 is r2-n2.gXX.scs,
10.XX.1.131 is r3-n2.gXX.scs,
10.XX.0.5 is sw1.gXX.scs.
You will need forward and reverse entries for all of these.
DNS entries (both forward and reverse) for addresses on 10.XX.1.192/30, 10.XX.1.196/30 should be removed. r1 alias should be removed.
You should of course update the serial and reload (or restart) the named process.
At this point you should be able to boot WS1 and WS2 and run dhclient and they should get the correct address/mask and have full connectivity.
First you will need to configure the links between the switches as tagged trunk 802.1q vlan ports, and carry the vlans XX1 and YY1. (XX=your group number, YY=your neighbors group number)
Next you will trade your WS1 with your neighbor. First release your lease on ws1 by issueing the command "dhclient -r" on ws1. Then change the switch ports connected to WS1 from vlan XX1 to YY1
Your neighbor will do the same thing putting their WS1 on vlan XX1 (X=your group number)
At this point you should be able to run dhclient on your ws1 (which is now on your neighbors network) and it should get an IP on your neighbors net. Likewise for their ws1, it should get a IP on yhour network.
First do a show vrrp on R2. Include this in section 1 of your report, label it "BEFORE R3 FAILURE" and highlight the important data (master router, priority).
Then from BR start a ping to WS2.
Next you will shutdown eth1/1 on R3. Make a note of how many packets are lost. This will go into report section 1. Label it "Packets lost"
Now do a show vrrp on R2. Include this in section 1 of your report, label it "AFTER R3 FAILURE" and highlight the important data (master router, priority).
Stop the ping. Bring eth1/1 on R3 back up. (no shutdown)
Now we will fail one of the two links between your bridge and your neighbors.
Log into your sw1 and run "show show spanning-tree" (save the output to turn in in section 2 labeled "show spanning-tree default") Note if it is the root bridge or not. Both you and your neighbors switch should have a priority of 32768, so between the two switches the one with the lowest MAC addeess will be the root bridge.
Make a note which port on which switch is in discarding state. Include in your report section 2 (labeled "root bridge data" which bridge (between you and your neighbor group) started out as root bridge and which port on non-root bridge was in blocked mode (blocked mode is marked as "discard" on the arista switches).
Now start up a ping from WS0 to WS1. Then fail (shutdown) the port that spanning tree had NOT set to discarding. (eth5 or eth6) Make note of how many seconds it takes before the ping continues (and turn in in section 2 labeled "bridge recovery time"). It could take up to two minutes for spanning tree to switch over. Run the "show spanning-tree" command again when the link is failed and include that output in section 2 labeled "after link failure".
Now we will change the priority of the bridge that is NOT the root switch. Log into the switch that is NOT the root switch. Issue this command to change the priority from 32768 to 28672.
spanning-tree priority 28672
Also include in report section two the output of show spanning-tree after the priority change. Label it "Spanning tree after priority change
Grading
Function - Including all layer3 and support application changes - 30 points
Section 1 (VRRP failure) - 6 points
Section 2 (Link failure / Spanning tree) - 10 points
Question 1 - 2 points
Description of the path of a single ICMP packet going from ws2 to ws0 including interface, IP src/dest and MAC src/dest on each hop along the path. Assume current OSPF routing is set up and both R2 and R3 are up. Assume VRRP is configured on R2 and R3 as in the lab. Assume R2 and R3 are up.
Example:
packet leaves ws2 interface eth0
src IP=XX.XX.XX.XX
src mac=xx:xx:xx:xx:xx:xx
dst IP=YY.YY.YY.YY
dst mac=xx:xx:xx:xx:xx:xx
packet arrives at rW interface ZZZZ
packet leaves rW interface ZZZZ
src IP=XX.XX.XX.XX
src mac=xx:xx:xx:xx:xx:xx
dst IP=YY.YY.YY.YY
dst mac=xx:xx:xx:xx:xx:xx
packet arrives at ws0 interface eth0
Fill in all the W, X, Y, and Z's
Question 2 - 2 points
Description of the path of a single ICMP packet going from ws2 to ws0 including interface, IP src/dest and MAC src/dest on each hop along the path. Assume current OSPF routing is set up and R2 eth1/1.XX2 is UP but R3 eth1/1.XX2 is DOWN. Assume VRRP is configured on both.
Example:
packet leaves ws2 interface eth0
src IP=XX.XX.XX.XX
src mac=xx:xx:xx:xx:xx:xx
dst IP=YY.YY.YY.YY
dst mac=xx:xx:xx:xx:xx:xx
packet arrives at rW interface ZZZZ
packet leaves rW interface ZZZZ
src IP=XX.XX.XX.XX
src mac=xx:xx:xx:xx:xx:xx
dst IP=YY.YY.YY.YY
dst mac=xx:xx:xx:xx:xx:xx
packet arrives at ws0 interface eth0
Fill in all the W, X, Y, and Z's