Anda di halaman 1dari 69

CCNA R&S Bootcamp

Lab 1 Internetworking
Lab Tulis 1
Pada sesi ini, anda akan menyelesaikan Lab dibawah ini untuk memastikan bahwa anda sudah benar-benar sudah mampu menerima informasi dan konsep yang telah di ajarkan oleh Instruktur: Lab 1.1: Pendefinisian Lapisan OSI dan Perangkat-perangkatnya Lab 1.2: Identifikasi Collision dan Broadcast Domain Lab 1.3: Konversi Biner/Desimal/Hexadesimal

Lab Tulis 1.1: Pendefinisian Lapisan OSI dan Perangkat-perangkatnya


Deskripsi Perangkat ini mengirim dan menerima mengenai Lapisan Network Lapisan ini membuat sebuah virtual circuit sebelum mengirimkannya antar dua end station (perangkat akhir). Lapisan ini menggunakan layanan access point. Perangkat ini menggunakan hardware addresses (alamat fisik) untuk menyaring sebuah network. Ethernet didefinisikan pada lapisan ini. Lapisan ini mendukung flow control dan sequencing. Perangkat ini dapat menghitung jarak menuju sebuah remote network. Logical addressing (alamat logika) digunakan pada lapisan ini. Hardware addresses (alamat fisik) didefinisikan pada lapisan ini. Perangkat ini menciptakan sebuah collision domain yang besar dan satu broadcast domain yang besar pula. Perangkat ini menciptakan banyak collision domain yang lebih kecil, tetapi jaringan masih memiliki satu broadcast domain yang besar. Perangkat ini tidak pernah menjalankan koneksi full duplex. Perangkat ini memisahkan collision domain dan broadcast domains. Perangkat atau Lapisam OSI

Lab Tulis 1.2: Identifikasi Collision dan Broadcast Domain


Gambar dibawah ini, coba identifikasi collision domain dan broadcast domain pada setiap perangkat spesifik dibawah ini: A. Hub B. Bridge C. Switch D. Router

CCNA R&S Bootcamp

Lab Tulis 1.3: Konversi Biner/Desimal/Hexadesimal 1. Konversi dari decimal IP address ke format biner.
128 Lengkapi tabel dibawah ini untuk menunjukkan 192.168.10.15 dalam format biner. 64 32 16 8 4 2 1 Biner

128

Lengkapi tabel dibawah ini untuk menunjukkan 172.16.20.55 dalam format biner. 64 32 16 8 4 2 1

Biner

128

Lengkapi tabel dibwah ini untuk menunjukkan 10.11.12.99 dalam format biner. 64 32 16 8 4 2

Biner

2. Konversi format biner dibawah ini ke format desimal IP address.


128 Lengkapi tabel dibawah ini untuk menunjukkan 11001100.00110011.10101010.01010101 ke dalam format desimal IP address. 64 32 16 8 4 2 1 Desimal

CCNA R&S Bootcamp

128

Lengkapi tabel dibawah ini untuk menunjukkan 11000110.11010011.00111001.11010001 kedalam format desimal IP address. 64 32 16 8 4 2 1 Desimal

128

Lengkapi tabel dibawah ini untuk menunjukkan 10000100.11010010.10111000.10100110 kedalam format desimal IP address. 64 32 16 8 4 2 1 Desimal

3. Konversi format biner dibawah ini kedalam format hexadesimal.


128 Lengkapi tabel dibawah ini untuk menunjukkan 11011000.00011011.00111101.01110110 kedalam format hexadesimal. 64 32 16 8 4 2 1 Hexadesima l

128

Lengkapi tabel dibawah ini untuk menunjukkan 11001010.11110101.10000011.11101011 kedalam format hexadesimal. 64 32 16 8 4 2 1 Hexadesima l

128

Lengkapi tabel dibawah ini untuk menunjukkan 10000100.11010010.01000011.10110011 kedalam format hexadesimal. 64 32 16 8 4 2 1 Hexadesima l

CCNA R&S Bootcamp

Lab 2 Introduction to TCP/IP


Lab Tulis 2
Jawablah pertanyaan dibawah ini tentang TCP/IP: 1. Sebutkan rentang Class C address dalam desimal dan biner? Jawab:

2. Lapisan apakah dalam DoD model setara dengan lapisan Transport dari OSI model?
Jawab:

3. Sebutkan rentang alamat yang sah Class A network address?


Jawab:

4. Digunakan untuk apakah alamat 127.0.0.1?


Jawab:

5. Bagaimana cara anda menemukan network address dari sebuah daftar IP address?
Jawab:

6. Bagaimana cara anda menemukan broadcast address dari sebuah daftar IP address?
Jawab:

7. Sebutkan rentang Class A private IP address?


Jawab:

8. Sebutkan Class B private IP address?


Jawab:

9. Sebutkan Class C private IP address?


Jawab:

10. Sebutkan semua karakter yang dapat anda gunakan dalam pengalamatan hexadecimal?
Jawab:

CCNA R&S Bootcamp

Lab 3 Subnetting, Variable Length Subnet Masks (VLSMs), and Troubleshooting TCP/IP
Labs 3
Pada sesi ini, anda akan menyelesaikan Lab dibawah ini untuk memastikan bahwa anda sudah benar-benar sudah mampu menerima informasi dan konsep yang telah di ajarkan oleh Instruktur: Lab 3.1: Latihan Subnet #1 Lab 3.2: Latihan Subnet #2 Lab 3.3: Latihan Subnet #3

Lab Tulis 3.1: Latihan Subnet #1


Tuliskan subnet, broadcast address, dan rentang valid host utnuk pertanyaan 1 hingga 6:

1. 192.168.100.25/30
Jawab:

2. 192.168.100.37/28
Jawab:

3. 192.168.100.66/27
Jawab:

4. 192.168.100.17/29
Jawab:

5. 192.168.100.99/26
Jawab:

6. 192.168.100.99/25
Jawab:

7. Anda memiliki sebuah Class B network dan membutuhkan 29 subnet. Apa mask yang cocok?
Jawab:

8. Apakah broadcast address dari 192.168.192.10/29?


Jawab:

9. Berapa banyak host yang tersedia untuk sebuah Class C /29 mask?
Jawab:

CCNA R&S Bootcamp

10. Apakah subnet untuk host ID 10.16.3.65/23?


Jawab:

Lab Tulis 3.2: Latihan Subnet


Diberikan sebuah Class B network dan identifikasi bit jaringan (CIDR), Lengkapi tabel dibawah ini untuk mengidentifikasi subnet mask dan jumlah host address yang mungkin untuk tiap mask. Classful Address Subnet Mask Jumlah host per Subnet (2x 2) /16 /17 /18 /19 /20 /21 /22 /23 /24 /25 /26 /27 /28 /29 /30

Lab Tulis 3.3: Latihan Subnet


Desimal IP Address 10.25.66.154/23 172.31.254.12/24 192.168.20.123/28 63.24.89.21/18 128.1.1.254/20 208.100.54.209/30 Address Class Jumlah dari Subnet dan Host Bit Jumlah dari Subnet (2x) Jumlah dari Host (2x 2)

CCNA R&S Bootcamp

Lab 4 Ciscos Internetworking Operating System (IOS) and Security Device Manager (SDM)
Hands-on Lab
Pada sesi ini, anda akan melakukan command (perintah) pada sebuah Cisco router yang akan membantu anda memahami apa yang anda pelajari pada Bab ini.

Perangkat (Hostname ) R1 R2

IOS Version c2600-i-mz.122-28.bin c2600-i-mz.122-28.bin

Interface FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1 FastEthernet0/0

IP Address 192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30 192.168.5.1/24

R3

c2600-i-mz.122-28.bin

CCNA R&S Bootcamp

SW1 SW2 SW3 PC1 PC2 PC3

c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin

FastEthernet0/1 Serial0/0 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0 FastEthernet0 FastEthernet0

192.168.4.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

Catatan: Perlu anda ketahui, setiap Platform memiliki fitur, nama interface, dan jumlah interface yang berbeda-beda. Mohon untuk melakukan verifikasi terlebih dahulu jika anda menggunakan Platform yang berbeda dari keterangan diatas agar konfigurasi anda dapat berhasil dilakukan. Pada Hands-on Lab Bab ini terdapat beberapa lab yang harus anda selesaikan agar Initial Configuration (Konfigurasi Awal dapat berhasil dilakukan): Masuk ke sebuah Router Menghapus semua Konfigurasi Router (Factory Default) Menyesuaikan waktu dan Membuat Banner Membuat Password o Password standard Console, VTY untuk R1 dan R3 o Kombinasi username password Console dan VTY untuk R2

Membuat Hostname, Description, IP Address, dan Clock Rate Menyimpan Konfigurasi Router Test Konektifitas dan Verifikasi Konfigurasi

Pada Hands-on Lab Bab ini terdapat 6 lab yang harus anda selesaikan agar Initial Configuration (Konfigurasi Awal dapat berhasil dilakukan):

Konfigurasi Router R1(DTE) menggunakan CLI:


--- System Configuration Dialog --Continue with configuration dialog? [yes/no]: no Press RETURN to get started! Router>enable Router#config t Router(config)#exit Router#erase startup-config Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] [OK] Erase of nvram: complete %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram Router#reload Proceed with reload? [confirm] %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command. --- System Configuration Dialog --Continue with configuration dialog? [yes/no]: no

CCNA R&S Bootcamp

Press RETURN to get started! Router>enable Router#clock set 09:00:00 01 jan 2012 Router#config t Router(config)#hostname R1 R1(config)#banner motd # Enter TEXT message. End with the character '#'. "Selamat Datang ke Router R1"# R1(config)#enable secret cisco R1(config)#line console 0 R1(config-line)#password cisco R1(config-line)#login R1(config-line)#exit R1(config)#line vty 0 4 R1(config-line)#password cisco R1(config-line)#login R1(config-line)#exit R1(config)#interface fa0/0 R1(config-if)#description "terhubung ke SW1 fa0/24" R1(config-if)#ip address 192.168.1.1 255.255.255.0 R1(config-if)#no shut R1(config-if)#exit R1(config)#interface se0/0 R1(config-if)#description "terhubung ke R2 se-0/0" R1(config-if)#ip address 192.168.2.1 255.255.255.252 R1(config-if)#no shut R1(config-if)#exit R1(config)#exit R1#copy run start Destination filename [startup-config]? Building configuration... [OK] R1#

Konfigurasi Router R2(DCE) menggunakan CLI:


--- System Configuration Dialog --Continue with configuration dialog? [yes/no]: no Press RETURN to get started! Router>enable Router#config t Router(config)#exit Router#erase startup-config Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] [OK] Erase of nvram: complete %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram Router#reload

CCNA R&S Bootcamp

Proceed with reload? [confirm] %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command. --- System Configuration Dialog --Continue with configuration dialog? [yes/no]: no Press RETURN to get started! Router>enable Router#clock set 09:00:00 1 jan 2012 Router#config t Router(config)#hostname R2 R2(config)#banner motd # Enter TEXT message. End with the character '#'. "Selamat Datang di Router R2"# R2(config)#username admin privilege 15 password cisco R2(config)#username user1 password cisco R2(config)#line console 0 R2(config-line)#login local R2(config-line)#exit R2(config)#line vty 0 4 R2(config-line)#login local R2(config-line)#exit R2(config)#interface fa0/0 R2(config-if)#description "terhubung ke SW1 fa0/24" R2(config-if)#ip address 192.168.3.1 255.255.255.0 R2(config-if)#no shut R2(config-if)#exit R2(config)#interface se0/0 R2(config-if)#description "terhubung ke R1 se-0/0" R2(config-if)#ip address 192.168.2.2 255.255.255.252 R2(config-if)#clock rate 64000 R2(config-if)#no shut R2(config-if)#exit R2(config)#int se0/1 R2(config-if)#description "terhubung ke R3 se-0/0" R2(config-if)#ip add 192.168.4.1 255.255.255.252 R2(config-if)#clock rate 64000 R2(config-if)#no shut R2(config-if)#exit R2(config)#exit R2#copy run start Destination filename [startup-config]? Building configuration... [OK] R2#

Konfigurasi Router R3(DTE) menggunakan CLI:


--- System Configuration Dialog --Continue with configuration dialog? [yes/no]: no

10

CCNA R&S Bootcamp

Press RETURN to get started! Router>enable Router#config t Router(config)#exit Router#erase startup-config Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] [OK] Erase of nvram: complete %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram Router#reload Proceed with reload? [confirm] %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command. --- System Configuration Dialog --Continue with configuration dialog? [yes/no]: no Press RETURN to get started! Router>enable Router#clock set 09:00:00 1 jan 2012 Router#config t Router(config)#hostname R3 R3(config)#enable password cisco R3(config)#service password-encryption R3(config)#line console 0 R3(config-line)#password cisco R3(config-line)#login R3(config-line)#exit R3(config)#line vty 0 4 R3(config-line)#password ciso R3(config-line)#password cisco R3(config-line)#login R3(config-line)#exit R3(config)#interface fa0/0 R3(config-if)#description "terhubung ke SW1 fa0/24" R3(config-if)#ip address 192.168.5.1 255.255.255.0 R3(config-if)#no shut R3(config-if)#exit R3(config)#interface se0/0 R3(config-if)#description "terhubung ke R2 se-0/1" R3(config-if)#ip address 192.168.4.2 255.255.255.252 R3(config-if)#no shut R3(config-if)#exit R3(config)#exit R3#write Building configuration... [OK] R3#

Test Konektifitas dan Verifikasi Konfigurasi:


R1#ping 192.168.2.2 Type escape sequence to abort.

11

CCNA R&S Bootcamp

Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/25/32 ms R1# R1#show ip interface brief Interface IP-Address FastEthernet0/0 FastEthernet0/1 Serial0/0 R1# 192.168.1.1 unassigned 192.168.2.1

OK? Method Status YES manual up YES unset

Protocol up

administratively down down up

YES manual up

R1#show running-config Building configuration... Current configuration : 688 bytes ! version 12.2 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname R1 ! enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0 ! interface FastEthernet0/0 description "terhubung ke SW1 fa0/24" ip address 192.168.1.1 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address duplex auto speed auto shutdown ! interface Serial0/0 description "terhubung ke R2 se-0/0" ip address 192.168.2.1 255.255.255.252 ! ip classless ! banner motd ^C "Selamat Datang ke Router R1"^C ! line con 0 password cisco login line vty 0 4 password cisco login ! end

12

CCNA R&S Bootcamp

R1# Catatan: Lakukan juga Test Konektifitas dan Verifikasi pada R2 dan R3

Lab 5 Managing a Cisco Internetwork


Hands-on Lab
Untuk menyelesaikan sesi lab berikut, Lakukan konfigurasi lanjutan dari Lab 4 dengan menyelesaikan point-point yang disebutkan dibawah ini.

Perangkat (Hostname ) R1 R2

IOS Version c2600-i-mz.122-28.bin c2600-i-mz.122-28.bin

Interface FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1

IP Address 192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30

13

CCNA R&S Bootcamp

R3 SW1 SW2 SW3 PC1 PC2 PC3

c2600-i-mz.122-28.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin

FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0 FastEthernet0 FastEthernet0

192.168.5.1/24 192.168.4.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

Berikut adalah Lab yang harus anda selesaikan pada Bab ini, Lab ini hanya dilakukan di Router R1 sebagai contoh. Jika anda menginginkannya, anda dapat melakukannya untuk Router lain: Melakukan Back-up IOS Router anda Melakukan Upgrade atau Restore IOS Router anda Melakunan Back-up dan Restore Konfigurasi Router anda Menggunakan Cisco Discovery Protocol (CDP) untuk Monitoring dan Manajemen Penggunaan Resolving Hostname

Melakukan Back-up IOS pada Router R1:


R1#show flash: System flash directory: File Length Name/status 3 5571584 c2600-i-mz.122-28.bin 2 28282 sigdef-category.xml 1 227537 sigdef-default.xml [5827403 bytes used, 58188981 available, 64016384 total] 63488K bytes of processor board System flash (Read/Write) R1#copy flash tftp Source filename []? c2600-i-mz.122-28.bin Address or name of remote host []? 192.168.1.2 Destination filename [c2600-i-mz.122-28.bin]? Writing c2600-i-mz.122 28.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 5571584 bytes] 5571584 bytes copied in 6.189 secs (900000 bytes/sec) R1#

Melakukan Upgrade atau Restore IOS pada Router R1:

R1#copy tftp flash Address or name of remote host []? 192.168.1.2 Source filename []? c2600-advipservicesk9-mz.124-15.T1.bin Destination filename [c2600-advipservicesk9-mz.124-15.T1.bin]? Accessing tftp://192.168.1.2/c2600-advipservicesk9-mz.124-15.T1.bin... Loading c2600-advipservicesk9-mz.124-15.T1.bin from 192.168.1.2: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

14

CCNA R&S Bootcamp

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 33591768 bytes] 33591768 bytes copied in 36.892 secs (95603 bytes/sec) R1#show flash System flash directory: File Length Name/status 4 33591768 c2600-advipservicesk9-mz.124-15.T1.bin 3 5571584 c2600-i-mz.122-28.bin 2 28282 sigdef-category.xml 1 227537 sigdef-default.xml [39419171 bytes used, 24597213 available, 64016384 total] 63488K bytes of processor board System flash (Read/Write) R1#delete flash: Delete filename []?c2600-i-mz.122-28.bin Delete flash:/c2600-i-mz.122-28.bin? [confirm] R1#config t R1(config)#boot system flash c2600-advipservicesk9-mz.124-15.T1.bin R1(config)#exit R1#write Building configuration... [OK] R1#reload Proceed with reload? [confirm] %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.

R1#show version Cisco IOS Software, 2600 Software (C2600-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 06:21 by pt_rel_team ROM: System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1) Copyright (c) 2000 by cisco Systems, Inc. System returned to ROM by power-on System image file is "c2600-advipservicesk9-mz.124-15.T1.bin" This product contains cryptographic features and is subject to United States and local country laws governing import, export, transfer and use. Delivery of Cisco cryptographic products does not imply third-party authority to import, export, distribute or use encryption. Importers, exporters, distributors and users are responsible for compliance with U.S. and local country laws. By using this product you agree to comply with applicable laws and regulations. If you are unable to comply with U.S. and local laws, return this product immediately. A summary of U.S. laws governing Cisco cryptographic products may be found at: http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

15

CCNA R&S Bootcamp

If you require further assistance please contact us by sending email to export@cisco.com. cisco 2621 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory Processor board ID JAD05190MTZ (4292891495) M860 processor: part number 0, mask 49 2 FastEthernet/IEEE 802.3 interface(s) 1 Low-speed serial(sync/async) network interface(s) 32K bytes of NVRAM. 16384K bytes of processor board System flash (Read/Write) Configuration register is 0x2102 R1#

Melakukan Back-up dan Restore Konfigurasi pada Router R1:


R1#copy run tftp Address or name of remote host []? 192.168.1.2 Destination filename [R1-confg]? Writing running-config....!! [OK - 745 bytes] 745 bytes copied in 3.141 secs (0 bytes/sec) R1# R1#copy tftp run Address or name of remote host []? 192.168.1.2 Source filename []? R1-confg Destination filename [running-config]? Accessing tftp://192.168.1.2/R1-confg... Loading R1-confg from 192.168.1.2: ! [OK - 745 bytes] 745 bytes copied in 0.063 secs (11825 bytes/sec) R1# %SYS-5-CONFIG_I: Configured from console by console R1#

Menggunakan Cisco Discovery Protocol (CDP) untuk Monitoring & Manajemen pada Router R1:
R1(config)#cdp run R1(config)#exit

R1#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Local Intrfce Holdtme Capability Platform Port ID Switch Fas 0/0 124 S 2950 Fas 0/24 R2 Ser 0/0 124 R C2600 Ser 0/0 R1#show cdp entry * Device ID: Switch Entry address(es):

16

CCNA R&S Bootcamp

Platform: cisco 2950, Capabilities: Switch Interface: FastEthernet0/0, Port ID (outgoing port): FastEthernet0/24 Holdtime: 138 Version : Cisco Internetwork Operating System Software IOS (tm) C2950 Software (C2950-I6Q4L2-M), SOFTWARE(fc1) Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Wed 18-May-05 22:31 by jharirba advertisement version: 2 Duplex: full --------------------------Device ID: R2 Entry address(es): IP address : 192.168.2.2 Platform: cisco C2600, Capabilities: Router Interface: Serial0/0, Port ID (outgoing port): Serial0/0 Holdtime: 138 Version : Cisco Internetwork Operating System Software IOS (tm) C2600 Software (C2600-I-M), Version 12.2(28), RELEASE SOFTWARE (fc5) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Wed 27-Apr-04 19:01 by miwang advertisement version: 2 Duplex: full R1# show cdp interface FastEthernet0/0 is up, line protocol is up Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthernet0/1 is administratively down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds Serial0/0 is up, line protocol is up Sending CDP packets every 60 seconds Holdtime is 180 seconds R1#

Version

12.1(22)EA4,

RELEASE

Penggunaan Resolving Hostname pada Router R1:


R1# config t R1(config)#ip host R2 192.168.2.2 R1(config)#exit

R1#ping 192.168.2.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 17/31/46 ms R1#ping R2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds: !!!!!

17

CCNA R&S Bootcamp

Success rate is 100 percent (5/5), round-trip min/avg/max = 31/31/32 ms R1#telnet R2 Trying 192.168.2.2 ...Open "Selamat Datang di Router R2" User Access Verification Username: admin Password: R2#

Lab 6 IP Routing
Hands-on Labs
Pada hands-on lab ini, lakukan konfigurasi sesuai topologi dibawah ini. Berikut adalah Lab yang harus anda selesaikan pada Bab ini: Konfigurasi Static Route pada R1,R2,R3 Verifikasi Static Route pada R1, R2, R3 Konfigurasi RIP pada R1, R2, R3 Verifikasi RIP pada R1, R2, R3

Perangkat (Hostname

IOS Version

Interface

IP Address

18

CCNA R&S Bootcamp

) R1 R2

c2600-i-mz.122-28.bin c2600-i-mz.122-28.bin

R3 SW1 SW2 SW3 PC1 PC2 PC3

c2600-i-mz.122-28.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin

FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1 FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0 FastEthernet0 FastEthernet0

192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30 192.168.5.1/24 192.168.4.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

Konfigurasi Static Route pada R1,R2,R3


R1#config t R1(config)#ip route 192.168.3.0 255.255.255.0 192.168.2.2 R1(config)#ip route 192.168.4.0 255.255.255.252 192.168.2.2 R1(config)#ip route 192.168.5.0 255.255.255.0 192.168.2.2 R1(config)#exit R1# R2#config t R2(config)#ip route 192.168.1.0 255.255.255.0 192.168.2.1 R2(config)#ip route 192.168.5.0 255.255.255.0 192.168.4.2 R2(config)#exit R2# R3#config t R3(config)#ip route 192.168.1.0 255.255.255.0 192.168.4.1 R3(config)#ip route 192.168.2.0 255.255.255.252 192.168.4.1 R3(config)#ip route 192.168.3.0 255.255.255.0 192.168.4.1 R3(config)#exit R3#

Verifikasi Static Route pada R1, lakukan sendiri untuk R2 dan R3:

R1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set C C S S S 192.168.1.0/24 192.168.2.0/30 192.168.2.0 192.168.3.0/24 192.168.4.0/30 192.168.4.0 192.168.5.0/24 is directly connected, FastEthernet0/0 is subnetted, 1 subnets is directly connected, Serial0/0 [1/0] via 192.168.2.2 is subnetted, 1 subnets [1/0] via 192.168.2.2 [1/0] via 192.168.2.2

19

CCNA R&S Bootcamp

R1#ping 192.168.3.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.3.254, timeout is 2 seconds: .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 80/90/94 ms R1#ping 192.168.5.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.5.254, timeout is 2 seconds: .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 80/109/125 ms R1#

Konfigurasi RIP pada R1, R2, R3


R1#config t R1(config)#no ip route 192.168.3.0 255.255.255.0 192.168.2.2 R1(config)#no ip route 192.168.4.0 255.255.255.252 192.168.2.2 R1(config)#no ip route 192.168.5.0 255.255.255.0 192.168.2.2 R1(config)#router rip R1(config-router)#network 192.168.1.0 R1(config-router)#network 192.168.2.0 R1(config-router)#exit R1(config)#exit R1#write Building configuration... [OK] R1# R2#config t R2(config)#no ip route 192.168.1.0 255.255.255.0 192.168.2.1 R2(config)#no ip route 192.168.5.0 255.255.255.0 192.168.4.2 R2(config)#router rip R2(config-router)#network 192.168.2.0 R2(config-router)#network 192.168.3.0 R2(config-router)#network 192.168.4.0 R2(config-router)#exit R2(config)#exit R2#write Building configuration... [OK] R2# R3#config t R3(config)#no ip route 192.168.1.0 255.255.255.0 192.168.4.1 R3(config)#no ip route 192.168.2.0 255.255.255.252 192.168.4.1 R3(config)#no ip route 192.168.3.0 255.255.255.0 192.168.4.1 R3(config)#router rip R3(config-router)#network 192.168.4.0 R3(config-router)#network 192.168.5.0 R3(config-router)#exit R3(config)#exit

20

CCNA R&S Bootcamp

R3#write Building configuration... [OK] R3#

Verifikasi RIP pada R1, lakukan sendiri untuk R2 dan R3:


R1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set C C R R R 192.168.1.0/24 192.168.2.0/30 192.168.2.0 192.168.3.0/24 192.168.4.0/24 192.168.5.0/24 is directly connected, FastEthernet0/0 is subnetted, 1 subnets is directly connected, Serial0/0 [120/1] via 192.168.2.2, 00:00:23, Serial0/0 [120/1] via 192.168.2.2, 00:00:23, Serial0/0 [120/2] via 192.168.2.2, 00:00:23, Serial0/0

R1#show ip rip database 192.168.1.0/24 directly connected, FastEthernet0/0 192.168.2.0/30 directly connected, Serial0/0 192.168.3.0/24 [1] via 192.168.2.2, 00:00:01, Serial0/0 192.168.4.0/24 [1] via 192.168.2.2, 00:00:01, Serial0/0 192.168.5.0/24 [2] via 192.168.2.2, 00:00:01, Serial0/0 R1#ping 192.168.3.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.3.254, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 78/85/94 ms R1#ping 192.168.5.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.5.254, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 94/114/125 ms R1#

21

CCNA R&S Bootcamp

Lab 7 Enhanced IGRP (EIGRP) and Open Shortest Path First (OSPF)
Hands-on Labs
Pada hands-on lab ini, lakukan konfigurasi sesuai topologi dibawah ini. Berikut adalah Lab yang harus anda selesaikan pada Bab ini: Konfigurasi EIGRP dengan AS Number 10 Verifikasi EIGRP Konfigurasi OSPF dengan Process-ID 10 dan menggunakan Backbone Area 0 Verifikasi OSPF Konfigurasi OSPF pada BMA (Broadcast Multi-Access) Network o Telusuri Proses pemilihan OSPF DR dan DBR o Menjadikan Router R3 sebagai DR dengan Router-ID paling Tinggi o Menjadikan Router R2 interface fa0/0 menjadi DR dengan Priority 255

22

CCNA R&S Bootcamp

Perangkat (Hostname ) R1 R2

IOS Version c2600-i-mz.122-28.bin c2600-i-mz.122-28.bin

Interface FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1 FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0 FastEthernet0 FastEthernet0

IP Address 192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30 192.168.5.1/24 192.168.4.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

R3 SW1 SW2 SW3 PC1 PC2 PC3

c2600-i-mz.122-28.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin

Konfigurasi EIGRP dengan AS Number 10 pada R1, R2, dan R3:


R1#config t R1(config)#router eigrp 10 R1(config-router)#network 192.168.1.0 R1(config-router)#network 192.168.2.0 R1(config-router)#exit R1(config)#exit R1#write Building configuration... [OK] R1# R2#config t R2(config)#router eigrp 10 R2(config-router)#network 192.168.2.0

23

CCNA R&S Bootcamp

R2(config-router)#network 192.168.3.0 R2(config-router)#network 192.168.4.0 R2(config-router)#exit R2(config)#exit R2#write Building configuration... [OK] R2# R3#config t R3(config)#router eigrp 10 R3(config-router)#network 192.168.4.0 R3(config-router)#network 192.168.5.0 R3(config-router)#exit R3(config)#exit R3# R3#write Building configuration... [OK] R3#

Verifikasi EIGRP pada Router R1, lakukan hal yang sama pada Router R2 dan R3:
R1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set C D C D D D 192.168.1.0/24 is directly connected, FastEthernet0/0 192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks 192.168.2.0/24 is a summary, 00:05:04, Null0 192.168.2.0/30 is directly connected, Serial0/0 192.168.3.0/24 [90/20514560] via 192.168.2.2, 00:03:40, Serial0/0 192.168.4.0/24 [90/21024000] via 192.168.2.2, 00:03:35, Serial0/0 192.168.5.0/24 [90/21026560] via 192.168.2.2, 00:02:04, Serial0/0

R1#show ip eigrp neighbors IP-EIGRP neighbors for process 10 H Address Interface 0 192.168.2.2 Se0/0

Hold Uptime (sec) 13 00:03:50

SRTT (ms) 40

RTO

Q Cnt 1000 0

Seq Num 11

R1#show ip eigrp traffic IP-EIGRP Traffic Statistics for process 10 Hellos sent/received: 140/52 Updates sent/received: 4/5 Queries sent/received: 0/0 Replies sent/received: 0/0 Acks sent/received: 5/4 Input queue high water mark 1, 0 drops SIA-Queries sent/received: 0/0 SIA-Replies sent/received: 0/0

24

CCNA R&S Bootcamp

R1#show ip eigrp topology IP-EIGRP Topology Table for AS 10 Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, r - Reply status P 192.168.1.0/24, 1 successors, FD is 28160 via Connected, FastEthernet0/0 P 192.168.2.0/30, 1 successors, FD is 20512000 via Connected, Serial0/0 P 192.168.2.0/24, 1 successors, FD is 20512000 via Summary (20512000/0), Null0 P 192.168.3.0/24, 1 successors, FD is 20514560 via 192.168.2.2 (20514560/28160), Serial0/0 P 192.168.4.0/24, 1 successors, FD is 21024000 via 192.168.2.2 (21024000/20512000), Serial0/0 P 192.168.5.0/24, 1 successors, FD is 21026560 via 192.168.2.2 (21026560/20514560), Serial0/0 R1#show ip eigrp interfaces IP-EIGRP interfaces for process 10 Interface Fa0/0 Se0/0 R1# Peers 0 1 Xmit Queue Un/Reliable 0/0 0/0 Mean SRTT 1236 1236 Pacing Time Un/Reliable 0/10 0/10 Multicast Flow Timer 0 0 Pending Routes 0 0

Konfigurasi OSPF dengan Process-ID 10 Area 0 pada R1, R2, dan R3:
R1#config t R1(config)#no router eigrp 10 R1(config)#router ospf 10 R1(config-router)#network 192.168.1.0 0.0.0.255 area 0 R1(config-router)#network 192.168.2.0 0.0.0.3 area 0 R1(config-router)#exit R1(config)#exit R1#write Building configuration... [OK] R1# R2#config t R2(config)#no router eigrp 10 R2(config)#router ospf 10 R2(config-router)#network 192.168.2.0 0.0.0.3 area 0 R2(config-router)#network 192.168.3.0 0.0.0.255 area 0 R2(config-router)#network 192.168.4.0 0.0.0.3 area 0 R2(config-router)#exit R2(config)#exit R2#write Building configuration... [OK] R2# R3#config t R3(config)#no router eigrp 10

25

CCNA R&S Bootcamp

R3(config)#router ospf 10 R3(config-router)#network 192.168.4.0 0.0.0.3 area 0 R3(config-router)#network 192.168.5.0 0.0.0.255 area 0 R3(config-router)#exit R3(config)#exit R3#write Building configuration... [OK] R3#

Verifikasi OSPF pada Router R1, lakukan hal yang sama pada Router R2 dan R3:
R1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set C C O R O O 192.168.1.0/24 is directly connected, FastEthernet0/0 192.168.2.0/30 is subnetted, 1 subnets 192.168.2.0 is directly connected, Serial0/0 192.168.3.0/24 [110/782] via 192.168.2.2, 00:03:53, Serial0/0 192.168.4.0/24 is variably subnetted, 2 subnets, 2 masks 192.168.4.0/24 [120/1] via 192.168.2.2, 00:00:22, Serial0/0 192.168.4.0/30 [110/1562] via 192.168.2.2, 00:03:41, Serial0/0 192.168.5.0/24 [110/1563] via 192.168.2.2, 00:01:51, Serial0/0 Dead Time 00:00:33 Address 192.168.2.2 Interface Serial0/0

R1#show ip ospf neighbor Neighbor ID Pri State 192.168.4.1 0 FULL/

R1#show ip ospf database OSPF Router with ID (192.168.2.1) (Process ID 10) Router Link States (Area 0) Link ID 192.168.2.1 192.168.4.1 192.168.5.1 ADV Router 192.168.2.1 192.168.4.1 192.168.5.1 Age 250 138 126 Seq# 0x80000003 0x80000005 0x80000003 Checksum 0x00731a 0x009a65 0x0095e8 Link count 3 5 3

R1#show ip ospf interface FastEthernet0/0 is up, line protocol is up Internet address is 192.168.1.1/24, Area 0 Process ID 10, Router ID 192.168.2.1, Network Type BROADCAST, Cost: 1 Transmit Delay is 1 sec, State DR, Priority 1 Designated Router (ID) 192.168.2.1, Interface address 192.168.1.1 No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:03 Index 1/1, flood queue length 0 Next 0x0(0)/0x0(0)

26

CCNA R&S Bootcamp

Last flood scan length is 1, maximum is 1 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 0, Adjacent neighbor count is 0 Suppress hello for 0 neighbor(s) Serial0/0 is up, line protocol is up Internet address is 192.168.2.1/30, Area 0 Process ID 10, Router ID 192.168.2.1, Network Type POINT-TO-POINT, Cost: 781 Transmit Delay is 1 sec, State POINT-TO-POINT, Priority 0 No designated router on this network No backup designated router on this network Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:02 Index 2/2, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 1, maximum is 1 Last flood scan time is 0 msec, maximum is 0 msec Neighbor Count is 1 , Adjacent neighbor count is 1 Adjacent with neighbor 192.168.4.1 Suppress hello for 0 neighbor(s) R1#

Konfigurasi OSPF pada BMA (Broadcast Multi-Access) Network:

R1#config t

27

CCNA R&S Bootcamp

R1(config)#interface fa0/0 R1(config-if)#no description R1(config-if)#description "terhubung ke SW-BMA fa0/1" R1(config-if)#exit R1(config)#exit R1#write Building configuration... [OK] R1# R2#config t R2(config)#int fa0/0 R2(config-if)#no ip address R2(config-if)#ip add 192.168.1.2 255.255.255.0 R2(config-if)#no description R2(config-if)#description "terhubung ke SW-BMA fa0/2" R2(config-if)#exit R2(config)#router ospf 10 R2(config-router)#no network 192.168.3.0 0.0.0.255 area 0 R2(config-router)#network 192.168.1.0 0.0.0.255 area 0 R2(config-router)#exit R2(config)#exit R2#write Building configuration... [OK] R2# R3#config t R3(config)#int fa0/0 R3(config-if)#no ip add R3(config-if)#no description R3(config-if)#ip add 192.168.1.3 255.255.255.0 R3(config-if)#description "terhubung ke SW-BMA fa0/3" R3(config-if)#exit R3(config)#router ospf 10 R3(config-router)#no network 192.168.5.0 0.0.0.255 area 0 R3(config-router)#network 192.168.1.0 0.0.0.255 area 0 R3(config-router)#exit R3(config)#exit R3#write Building configuration... [OK] R3#

Telusuri Proses pemilihan OSPF DR dan DBR:


R1#show ip ospf neighbor
Neighbor ID 192.168.4.1 192.168.5.1 192.168.4.1 R1# R1# Pri 1 1 0 State FULL/BDR FULL/DROTHER FULL/ Dead Time 00:00:38 00:00:34 00:00:30 Address 192.168.1.2 192.168.1.3 192.168.2.2 Interface FastEthernet0/0 FastEthernet0/0 Serial0/0

R2#show ip ospf neighbor

28

CCNA R&S Bootcamp

Neighbor ID 192.168.2.1 192.168.5.1 192.168.2.1 192.168.5.1 R2#

Pri 1 1 0 0

State FULL/DR FULL/DROTHER FULL/ FULL/ -

Dead Time 00:00:38 00:00:34 00:00:30 00:00:35

Address 192.168.1.1 192.168.1.3 192.168.2.1 192.168.4.2

Interface FastEthernet0/0 FastEthernet0/0 Serial0/0 Serial0/1

R3#show ip ospf neighbor


Neighbor ID 192.168.2.1 192.168.4.1 192.168.4.1 R3# Pri 1 1 0 State FULL/DR FULL/BDR FULL/ Dead Time 00:00:31 00:00:32 00:00:37 Address 192.168.1.1 192.168.1.2 192.168.4.1 Interface FastEthernet0/0 FastEthernet0/0 Serial0/0

Menjadikan Router R3 sebagai DR dengan Router-ID paling Tinggi:


Perangkat (Hostname) R1 R2 R3 Router-ID 10.10.1.1 10.10.2.1 10.10.3.1

R1#config t R1(config)#router ospf 10 R1(config-router)#rou R1(config-router)#router-id 10.10.1.1 R1(config-router)#exit R1(config)#exit R1#write Building configuration... [OK] R1# R2#config t Enter configuration commands, one per line. R2(config)#router ospf 10 R2(config-router)#router-id 10.10.2.1 R2(config-router)#exit R2(config)#exit R2#write Building configuration... [OK] R2# R3#config t R3(config)#router ospf 10 R3(config-router)#router-id 10.10.3.1 R3(config-router)#exit R3(config)#exit R3#write Building configuration... [OK] R3# R1#show ip ospf neighbor

End with CNTL/Z.

29

CCNA R&S Bootcamp

Neighbor ID 10.10.2.1 10.10.3.1 10.10.2.1 R1#

Pri 1 1 0

State FULL/BDR FULL/DR FULL/ -

Dead Time 00:00:39 00:00:32 00:00:37

Address 192.168.1.2 192.168.1.3 192.168.2.2

Interface FastEthernet0/0 FastEthernet0/0 Serial0/0

R2#show ip ospf neighbor


Neighbor ID 10.10.3.1 10.10.1.1 10.10.1.1 10.10.3.1 R2# Pri 1 1 0 0 State FULL/DR FULL/DROTHER FULL/ FULL/ Dead Time 00:00:38 00:00:32 00:00:33 00:00:37 Address 192.168.1.3 192.168.1.1 192.168.2.1 192.168.4.2 Interface FastEthernet0/0 FastEthernet0/0 Serial0/0 Serial0/1

R3#sh ip ospf neighbor


Neighbor ID 10.10.1.1 10.10.2.1 10.10.2.1 R3# Pri 1 1 0 State FULL/DROTHER FULL/BDR FULL/ Dead Time 00:00:33 00:00:36 00:00:39 Address 192.168.1.1 192.168.1.2 192.168.4.1 Interface FastEthernet0/0 FastEthernet0/0 Serial0/0

Menjadikan Router R2 interface fa0/0 menjadi DR dengan Priority 255:


R2#config t R2(config)#interface fa0/0 R2(config-if)#ip ospf priority 255 R2(config-if)#exit R2(config)#exit R2#

R1#show ip ospf neighbor


Neighbor ID 10.10.3.1 10.10.2.1 10.10.2.1 R1# Pri 1 255 0 State FULL/BDR FULL/DR FULL/ Dead Time 00:00:31 00:00:31 00:00:35 Address 192.168.1.3 192.168.1.2 192.168.2.2 Interface FastEthernet0/0 FastEthernet0/0 Serial0/0

R2#show ip ospf neighbor


Neighbor ID 10.10.3.1 10.10.1.1 10.10.1.1 10.10.3.1 R2# Pri 1 1 0 0 State FULL/BDR FULL/DROTHER FULL/ FULL/ Dead Time 00:00:32 00:00:32 00:00:36 00:00:30 Address 192.168.1.3 192.168.1.1 192.168.2.1 192.168.4.2 Interface FastEthernet0/0 FastEthernet0/0 Serial0/0 Serial0/1

R3#show ip ospf neighbor


Neighbor ID 10.10.1.1 10.10.2.1 10.10.2.1 R3# Pri 1 255 0 State FULL/DROTHER FULL/DR FULL/ Dead Time 00:00:33 00:00:33 00:00:32 Address 192.168.1.1 192.168.1.2 192.168.4.1 Interface FastEthernet0/0 FastEthernet0/0 Serial0/0

30

CCNA R&S Bootcamp

Lab 8 & Lab 9 Layer 2 Switching and Spanning Tree Protocol (STP) & VLAN
Hands-on Lab
Pada Lab untuk Bab ini, anda akan melakukan beberapa konfigurasi dibawah ini: Konfigurasi Dasar dari Switch o Konfigurasi VTP o Konfigurasi Port Trunk o Konfigurasi Port Akses

Konfigurasi R1 sebagai Inter-VLAN Routing menggunakan protocol 802.1q Verifikasi Konektifitas Konfigurasi dan Verifikasi Spanning Tree Protocol o Optimisasi STP o Configure PVST Rapid Spanning Tree Protocol Mengelola the MAC Address Table & Konfigurasi Port Security

31

CCNA R&S Bootcamp

Mengelola Sistem Operasi Switch dan File Konfigurasi o Backup dan Restore the Cisco IOS File ke Switch dari TFTP Server o Backup dan Restore Konfigurasi File dari TFTP Server o Recover Passwords on the Catalyst 2950

Perangkat (Hostname ) R1

Default Gateway IOS Version c2600-i-mz.122-28.bin Interface FastEthernet0/0 FastEthernet0/1.10 FastEthernet0/1.20 FastEthernet0/1.30 FastEthernet0/1.99 Serial0/0 VLAN 99 VLAN 99 VLAN 99 FastEthernet0 FastEthernet0 FastEthernet0 IP Address 172.17.10.1/24 172.17.20.1/24 172.17.30.1/24 172.17.99.1 /24 172.17.99.11/24 172.17.99.12/24 172.17.99.13/24 172.17.10.21/24 172.17.20.22/24 172.17.30.23/24 172.17.99.1 172.17.99.1 172.17.99.1 172.17.10.1 172.17.20.1 172.17.30.1

SW1 SW2 SW3 PC1 PC2 PC3

c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin

Perangkat (Hostname ) SW1 SW2

Port Fa0/1 0/4 Fa0/1 0/4 Fa0/11 Fa0/18 Fa0/6 Fa0/1 0/4 FastEthernet0 FastEthernet0

Fungsi 802.1q Trunks (Native VLAN 99) 802.1q Trunks (Native VLAN 99) VLAN 10 Faculty/Staff VLAN 20 Students VLAN 30 Guest (Default) 802.1q Trunks (Native VLAN 99) 172.17.10.21/24 172.17.20.22/24

Network 172.17.99.0 /24 172.17.99.0 /24 172.17.10.0 /24 172.17.20.0 /24 172.17.30.0 /24 172.17.99.0 /24 172.17.10.1 172.17.20.1

SW3 PC1 PC2

32

CCNA R&S Bootcamp

PC3 Perangkat (Hostname ) SW1 SW2 SW3 VLAN VLAN 99 VLAN 10 VLAN 20 VLAN 30

FastEthernet0

172.17.30.23/24

172.17.30.1

VTP Mode Operasi Server Client Client VLAN Name management faculty-staff students guest

VTP Domain Lab Lab Lab

VTP Password cisco cisco cisco

Konfigurasi SW1:

Switch>enable Switch#erase start Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] [OK] Erase of nvram: complete %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram Switch#reload Proceed with reload? [confirm] Switch>enable Switch#config t Switch(config)#hostname SW1 SW1(config)#enable secret cisco SW1(config)#line console 0 SW1(config-line)#password cisco SW1(config-line)#login SW1(config-line)#exit SW1(config)#line vty 0 4 SW1(config-line)#password cisco SW1(config-line)#login SW1(config-line)#exit SW1(config)#no ip domain lookup SW1(config)#ip default-gateway 172.17.99.1 SW1(config)#exit SW1#write Building configuration... [OK] SW1# SW1#config t Enter configuration commands, one per line. SW1(config)#interface range fa0/1-24 SW1(config-if-range)#shutdown SW1(config-if-range)#exit SW1(config)#vtp mode server Device mode already VTP SERVER. SW1(config)#vtp domain Lab Changing VTP domain name from NULL to Lab SW1(config)#vtp password cisco End with CNTL/Z.

33

CCNA R&S Bootcamp

Setting device VLAN database password to cisco SW1(config)#interface range fa0/1-5 SW1(config-if-range)#switchport mode trunk SW1(config-if-range)#switchport trunk native vlan 99 SW1(config-if-range)#no shutdown SW1(config-if-range)#exit SW1(config)#vlan 99 SW1(config-vlan)#name management SW1(config-vlan)#exit SW1(config)#vlan 10 SW1(config-vlan)#name faculty-staff SW1(config-vlan)#exit SW1(config)#vlan 20 SW1(config-vlan)#name students SW1(config-vlan)#exit SW1(config)#vlan 30 SW1(config-vlan)#name guest SW1(config-vlan)#exit SW1(config)#interfac vlan 99 SW1(config-if)#ip address 172.17.99.11 255.255.255.0 SW1(config-if)#no shutdown SW1(config-if)#exit SW1(config)# SW1#show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Fa0/1, Fa0/2, Fa0/5, Fa0/6 Fa0/7, Fa0/8, Fa0/9, Fa0/10 Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/20, Fa0/21, Fa0/22 Fa0/23, Fa0/24 10 faculty-staff active 20 students active 30 guest active 99 management active 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active SW1#

Konfigurasi SW2:
Switch>enable Switch#erase start Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] [OK] Erase of nvram: complete %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram Switch#reload Proceed with reload? [confirm]

34

CCNA R&S Bootcamp

Switch>enable Switch#config t Switch(config)#hostname SW2 SW2(config)#enable secret cisco SW2(config)#line console 0 SW2(config-line)#password cisco SW2(config-line)#login SW2(config-line)#exit SW2(config)#line vty 0 4 SW2(config-line)#password cisco SW2(config-line)#login SW2(config-line)#exit SW2(config)#no ip domain lookup SW2(config)#ip default-gateway 172.17.99.1 SW2(config)#exit SW2#write Building configuration... SW2#config t SW2(config)#interface range fa0/1-24 SW2(config-if-range)#shutdown SW2(config-if-range)#exit SW2(config)#vtp mode client Setting device to VTP CLIENT mode. SW2(config)#vtp domain Lab Domain name already set to Lab. SW2(config)#vtp password cisco Setting device VLAN database password to cisco SW2(config)#interface range fa0/1-4 SW2(config-if-range)#switchport mode trunk SW2(config-if-range)#switchport trunk native vlan 99 SW2(config-if-range)#no shutdown SW2(config-if-range)#exit SW2(config)#interface fa0/11 SW2(config-if)#switchport access vlan 10 SW2(config-if)#no shutdown SW2(config-if)#exit SW2(config)#interface fa0/18 SW2(config-if)#switchport access vlan 20 SW2(config-if)#no shutdown SW2(config-if)#exit SW2(config)#interface fa0/6 SW2(config-if)#switchport access vlan 30 SW2(config-if)#no shutdown SW2(config-if)#exit SW2(config)#interface vlan 99 SW2(config-if)#ip address 172.17.99.12 255.255.255.0 SW2(config-if)#no shutdown SW2(config-if)#exit

35

CCNA R&S Bootcamp

SW2(config)#exit SW2#write Building configuration... [OK] SW2# SW2#show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Fa0/5, Fa0/7, Fa0/8, Fa0/9 Fa0/10, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/19 Fa0/20, Fa0/21, Fa0/22, Fa0/23 Fa0/24 10 faculty-staff active Fa0/11 20 students active Fa0/18 30 guest active Fa0/6 99 management active 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active SW2#

Konfigurasi SW3:

Switch>enable Switch#erase start Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] [OK] Erase of nvram: complete %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram Switch#reload Proceed with reload? [confirm] Switch>enable Switch#config t Switch(config)#hostname SW3 SW3(config)#enable secret cisco SW3(config)#line console 0 SW3(config-line)#password cisco SW3(config-line)#login SW3(config-line)#exit SW3(config)#line vty 0 4 SW3(config-line)#password cisco SW3(config-line)#login SW3(config-line)#exit SW3(config)#no ip domain lookup SW3(config)#ip default-gateway 172.17.99.1 SW3(config)#exit SW3#write Building configuration... SW3#config t

36

CCNA R&S Bootcamp

SW3(config)#interface range fa0/1-24 SW3(config-if-range)#shutdown SW3(config-if-range)#exit SW3(config)#vtp mode client Setting device to VTP CLIENT mode. SW3(config)#vtp domain Lab Domain name already set to Lab. SW3(config)#vtp password cisco Setting device VLAN database password to cisco SW3(config)#interface range fa0/1-4 SW3(config-if-range)#switchport mode trunk SW3(config-if-range)#switchport trunk native vlan 99 SW3(config-if-range)#no shutdown SW3(config-if-range)#exit SW3(config)#interface vlan 99 SW3(config-if)#ip address 172.17.99.13 255.255.255.0 SW3(config-if)#no shutdown SW3(config-if)#exit SW3(config)#exit SW3#write Building configuration... [OK] SW3# SW3#show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa0/24 10 faculty-staff active 20 students active 30 guest active 99 management active 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active SW3#

Konfigurasi R1 sebagai Inter-VLAN Routing menggunakan protocol 802.1q:


R1#erase startup-config Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] [OK] Erase of nvram: complete %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram R1#reload Proceed with reload? [confirm] Router>enable

37

CCNA R&S Bootcamp

Router#config t Router(config)#hostname R1 R1(config)#enable secret cisco R1(config)#line console 0 R1(config-line)#password cisco R1(config-line)#login R1(config-line)#exit R1(config)#line vty 0 4 R1(config-line)#password cisco R1(config-line)#login R1(config-line)#exit R1(config)#interface fa0/1 R1(config-if)#no ip address R1(config-if)#no shutdown R1(config-if)#exit R1(config)#interface fa0/1.10 R1(config-subif)#encapsulation dot1Q 10 R1(config-subif)#ip address 172.17.10.1 255.255.255.0 R1(config-subif)#exit R1(config)#interface fa0/1.20 R1(config-subif)#encapsulation dot1Q 20 R1(config-subif)#ip address 172.17.20.1 255.255.255.0 R1(config-subif)#exit R1(config)#interface fa0/1.30 R1(config-subif)#encapsulation dot1Q 30 R1(config-subif)#ip address 172.17.30.1 255.255.255.0 R1(config-subif)#exit R1(config)#interface fa0/1.99 R1(config-subif)#encapsulation dot1Q 99 native R1(config-subif)#ip address 172.17.99.1 255.255.255.0 R1(config-subif)#exit R1(config)#interface fa0/0 R1(config-if)#description "terhubung ke web/tftp server" R1(config-if)#ip address 172.17.50.1 255.255.255.0 R1(config-if)#no shutdown R1(config-if)#exit R1(config)#ip route 0.0.0.0 0.0.0.0 172.17.50.254 R1(config)#exit R1#write Building configuration... [OK] R1#

Verifikasi Konektifitas PC1 dan SW1, lakukan sendiri untuk perangkat yang lain:
PC1>ping 172.17.10.1 Pinging 172.17.10.1 with 32 bytes of data: Reply from 172.17.10.1: bytes=32 time=204ms TTL=255 Reply from 172.17.10.1: bytes=32 time=110ms TTL=255

38

CCNA R&S Bootcamp

Reply from 172.17.10.1: bytes=32 time=80ms TTL=255 Reply from 172.17.10.1: bytes=32 time=80ms TTL=255 Ping statistics for 172.17.10.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 80ms, Maximum = 204ms, Average = 118ms PC1>ping 172.17.20.22 Pinging 172.17.20.22 with 32 bytes of data: Reply Reply Reply Reply from from from from 172.17.20.22: 172.17.20.22: 172.17.20.22: 172.17.20.22: bytes=32 bytes=32 bytes=32 bytes=32 time=188ms time=188ms time=172ms time=156ms TTL=127 TTL=127 TTL=127 TTL=127

Ping statistics for 172.17.20.22: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip times in milli-seconds: Minimum = 156ms, Maximum = 188ms, Average = 172ms PC1>ping 172.17.30.23 Pinging 172.17.30.23 with 32 bytes of data: Reply Reply Reply Reply from from from from 172.17.30.23: 172.17.30.23: 172.17.30.23: 172.17.30.23: bytes=32 bytes=32 bytes=32 bytes=32 time=172ms time=172ms time=188ms time=125ms TTL=127 TTL=127 TTL=127 TTL=127

Ping statistics for 172.17.30.23: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip times in milli-seconds: Minimum = 125ms, Maximum = 188ms, Average = 161ms PC1>ping 172.17.50.254 Pinging 172.17.50.254 with 32 bytes of data: Reply Reply Reply Reply from from from from 172.17.50.254: 172.17.50.254: 172.17.50.254: 172.17.50.254: bytes=32 bytes=32 bytes=32 bytes=32 time=156ms time=125ms time=110ms time=109ms TTL=127 TTL=127 TTL=127 TTL=127

Ping statistics for 172.17.50.254: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 109ms, Maximum = 156ms, Average = 125ms PC1> SW1#ping 172.17.99.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.17.99.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 31/34/47 ms

39

CCNA R&S Bootcamp

SW1#ping 172.17.50.254 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.17.50.254, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 35/57/63 ms SW1#

Konfigurasi dan Verifikasi Spanning Tree Protocol:


SW1#show spanning-tree vlan 10 VLAN0010 Spanning tree enabled protocol ieee Root ID Priority 32778 Address 0000.0C76.1D62 This bridge is the root Hello Time 2 sec Max Age 20 sec Bridge ID Priority Address Hello Time Aging Time Role ---Desg Desg Desg Desg Desg Sts --FWD FWD FWD FWD FWD

Forward Delay 15 sec

32778 (priority 32768 sys-id-ext 10) 0000.0C76.1D62 2 sec Max Age 20 sec Forward Delay 15 sec 20 Cost --------19 19 19 19 19 Prio.Nbr -------128.1 128.2 128.3 128.4 128.5 Type -------------------------------P2p P2p P2p P2p P2p

Interface ---------------Fa0/1 Fa0/2 Fa0/3 Fa0/4 Fa0/5

SW1#show spanning-tree vlan 20 VLAN0020 Spanning tree enabled protocol ieee Root ID Priority 32788 Address 0000.0C76.1D62 This bridge is the root Hello Time 2 sec Max Age 20 sec Bridge ID Priority Address Hello Time Aging Time Role ---Desg Desg Desg Desg Desg Sts --FWD FWD FWD FWD FWD

Forward Delay 15 sec

32788 (priority 32768 sys-id-ext 20) 0000.0C76.1D62 2 sec Max Age 20 sec Forward Delay 15 sec 20 Cost --------19 19 19 19 19 Prio.Nbr -------128.1 128.2 128.3 128.4 128.5 Type -------------------------------P2p P2p P2p P2p P2p

Interface ---------------Fa0/1 Fa0/2 Fa0/3 Fa0/4 Fa0/5

SW1#show spanning-tree vlan 30 VLAN0030 Spanning tree enabled protocol ieee Root ID Priority 32798 Address 0000.0C76.1D62 This bridge is the root Hello Time 2 sec Max Age 20 sec

Forward Delay 15 sec

40

CCNA R&S Bootcamp

Bridge ID

Priority Address Hello Time Aging Time Role ---Desg Desg Desg Desg Desg Sts --FWD FWD FWD FWD FWD

32798 (priority 32768 sys-id-ext 30) 0000.0C76.1D62 2 sec Max Age 20 sec Forward Delay 15 sec 20 Cost --------19 19 19 19 19 Prio.Nbr -------128.1 128.2 128.3 128.4 128.5 Type -------------------------------P2p P2p P2p P2p P2p

Interface ---------------Fa0/1 Fa0/2 Fa0/3 Fa0/4 Fa0/5

SW1#show spanning-tree vlan 99 VLAN0099 Spanning tree enabled protocol ieee Root ID Priority 32867 Address 0000.0C76.1D62 This bridge is the root Hello Time 2 sec Max Age 20 sec Bridge ID Priority Address Hello Time Aging Time Role ---Desg Desg Desg Desg Desg Sts --FWD FWD FWD FWD FWD

Forward Delay 15 sec

32867 (priority 32768 sys-id-ext 99) 0000.0C76.1D62 2 sec Max Age 20 sec Forward Delay 15 sec 20 Cost --------19 19 19 19 19 Prio.Nbr -------128.1 128.2 128.3 128.4 128.5 Type -------------------------------P2p P2p P2p P2p P2p

Interface ---------------Fa0/1 Fa0/2 Fa0/3 Fa0/4 Fa0/5 SW1#

Optimisasi STP, dengan Memilih SW1 sebagai Root Bridge/Switch secara manual:
Karena terdapat instance STP yang terpisah pada setiap VLAN yang aktif, maka pemilihan Root Bridge/Switch hanya terjadi pada VLAN tertentu saja. Secara default switch akan melakukan pemilihan bedasarkan kombinasi Priority dan MAC Address terkecil, dimana secara default Switch memiliki Priority adalah 32768. Sehingga penting sekali anda melakukan pemilihan Root secara manual karena beberapa alasan berikut: Karena Root Bridge/Switch bertanggung jawab men-generate (menghasilkan) BPDU pada STP 802.1D sehingga Root Switch/Bridge harus memiliki kemampuan untuk menangani Processing Load tambahan tersebut Penempatan Root Bridge/Switch biasanya ditempat yang bisa dijangkau secara optimal oleh switch yang lain. Biasanya pada Switch Distribution SW1#config t SW1(config)#spanningSW1(config)#spanning-tree vl SW1(config)#spanning-tree vlan 10 pri SW1(config)#spanning-tree vlan 10 priority <0-61440> bridge priority in increments SW1(config)#spanning-tree vlan 10 priority SW1(config)#spanning-tree vlan 20 priority

? of 4096 4096 4096

41

CCNA R&S Bootcamp

SW1(config)#spanning-tree vlan 30 priority 4096 SW1(config)#spanning-tree vlan 99 priority 4096 SW1(config)#exit SW1#show spanning-tree vlan 10 VLAN0010 Spanning tree enabled protocol ieee Root ID Priority 4106 Address 0000.0C76.1D62 This bridge is the root Hello Time 2 sec Max Age 20 sec Bridge ID Priority Address Hello Time Aging Time Role ---Desg Desg Desg Desg Desg Sts --FWD FWD FWD FWD FWD

Forward Delay 15 sec

4106 (priority 4096 sys-id-ext 10) 0000.0C76.1D62 2 sec Max Age 20 sec Forward Delay 15 sec 20 Cost --------19 19 19 19 19 Prio.Nbr -------128.1 128.2 128.3 128.4 128.5 Type -------------------------------P2p P2p P2p P2p P2p

Interface ---------------Fa0/1 Fa0/2 Fa0/3 Fa0/4 Fa0/5 SW1#

Configure PVST Rapid Spanning Tree Protocol:


SW1#config t SW1(config)#spanning-tree mode ? pvst Per-Vlan spanning tree mode rapid-pvst Per-Vlan rapid spanning tree mode SW1(config)#spanning-tree mode rapid-pvst SW1(config)#exit SW1#write Building configuration... [OK] SW1# SW2#config t SW2(config)#spanning-tree mode ? pvst Per-Vlan spanning tree mode rapid-pvst Per-Vlan rapid spanning tree mode SW2(config)#spanning-tree mode rapid-pvst SW2(config)#exit SW2#write Building configuration... [OK] SW2# SW3#config t SW3(config)#spanning-tree mode ? pvst Per-Vlan spanning tree mode rapid-pvst Per-Vlan rapid spanning tree mode

42

CCNA R&S Bootcamp

SW3(config)#spanning-tree mode rapid-pvst SW3(config)#exit SW3#write Building configuration... [OK] SW3#

Mengelola the MAC Address Table & Konfigurasi Port Security:


SW2#show mac-address-table Mac Address Table ------------------------------------------Vlan ---1 10 20 30 99 Mac Address ----------0003.e4bc.7c01 0003.e4bc.7c02 0003.e4bc.7c01 0003.e4bc.7c01 0003.e4bc.7c01 Type -------DYNAMIC DYNAMIC DYNAMIC DYNAMIC DYNAMIC Ports ----Fa0/2 Fa0/1 Fa0/2 Fa0/2 Fa0/2

SW2#config t SW2(config)#interface fa0/11 SW2(config-if)#switchport port-security ? mac-address Secure mac address maximum Max secure addresses violation Security violation mode <cr> SW2(config-if)#switchport port-security maximum 2 SW2(config-if)#switchport port-security mac-address ? H.H.H 48 bit mac address sticky Configure dynamic secure addresses as sticky SW2(config-if)#switchport port-security mac-address sti SW2(config-if)#switchport port-security mac-address sticky SW2(config-if)#switchport port-security violation protect SW2(config-if)#exit SW2(config)#exit SW2#write Building configuration... [OK] SW2#

Backup dan Restore the Cisco IOS File ke Switch dari TFTP Server:
SW1#show flash Directory of flash:/ 1 2 -rw-rw3058048 796 <no date> <no date> c2950-i6q4l2-mz.121-22.EA4.bin vlan.dat

64016384 bytes total (60957540 bytes free) SW1#copy flash tftp Source filename []? c2950-i6q4l2-mz.121-22.EA4.bin Address or name of remote host []? 172.17.50.254 Destination filename [c2950-i6q4l2-mz.121-22.EA4.bin]? Writing c2950-i6q4l2-mz.121-

43

CCNA R&S Bootcamp

22.EA4.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 3058048 bytes] 3058048 bytes copied in 3.39 secs (902000 bytes/sec) SW1# SW1#copy tftp flash Address or name of remote host []? 172.17.50.254 Source filename []? c2950-i6q4l2-mz.121-22.EA8.bin Destination filename [c2950-i6q4l2-mz.121-22.EA8.bin]? Accessing tftp://172.17.50.254/c2950-i6q4l2-mz.121-22.EA8.bin... Loading c2950-i6q4l2-mz.121-22.EA8.bin from 172.17.50.254: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [OK - 3117390 bytes] 3117390 bytes copied in 3.516 secs (886629 bytes/sec) SW1#show flash: Directory of flash:/ 1 3 2 -rw-rw-rw3058048 3117390 796 <no date> <no date> <no date> c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA8.bin vlan.dat

64016384 bytes total (57840150 bytes free) SW1#delete flash: Delete filename []?c2950-i6q4l2-mz.121-22.EA4.bin Delete flash:/c2950-i6q4l2-mz.121-22.EA4.bin? [confirm] SW1#config t SW1(config)#boot system ? WORD pathlist of boot file(s) ... file1;file2;... SW1(config)#boot system 2950-i6q4l2-mz.121-22.EA8.bin SW1(config)#exit SW1#write Building configuration... [OK] SW1#reload Proceed with reload? [confirm]

Recover Passwords on the Catalyst 2950: 1. Pastikan PC anda terhubung menggunakan Kabel Console ke Console port pada Switch, dan jangan lupa 2. 3.
aktifkan Hyperterminal sesuai dengan standar konfigurasi. Matikan Switch, kemudian nyalakan disaat bersamaan tekan tombol MODE dan tahan hingga SYS LED (lampu SYS) berhenti berkedip dan nyala Saat itu anda akan menemukan di Hyperterminal anda tulisan dibawah ini The system has been interrupted prior to initializing the flash files system. The following commands will initialize the flash files system, and finish loading the operating system software: flash_init load_helper boot

4. Setelah loading selesai, lakukan perintah dibawah ini, dan perhatian jangan lupa mengetik titik dua (:) setelah

44

CCNA R&S Bootcamp

perintah dir flash: switch:flash_init switch:load_helper switch:dir flash:

5. Kemudian ketik perintah dibawah ini agar mengganti nama file konfigurasi lama yang berisi password dengan
nama lain: rename flash:config.text flash:config.old

6. Restart sistem dengan perintah Boot 7. Setelah masuk ke Switch lakukan perintah berikut ini:

Switch#rename flash:config.old flash:config.text Switch#copy flash:config.text system:running-config Source filename [config.text]?[enter] Destination filename [running-config][enter] The configuration file is now reloaded. Change the old unknown passwords as follows: ALSwitch#configure terminal ALSwitch(config)#no enable secret ALSwitch(config)#enable secret class ALSwitch(config)#line console 0 ALSwitch(config-line)#password cisco ALSwitch(config-line)#exit ALSwitch(config)#line vty 0 15 ALSwitch(config-line)#password cisco ALSwitch(config-line)#end ALSwitch#copy running-config startup-config Destination filename [startup-config]?[enter] Building configuration... [OK] ALSwitch#

Lab 10 Security
Hands-on Labs
Pada sesi ini, anda akan menyelesaikan dua lab yaitu Standard Access List dan Extended Accesslist dengan skenario masing-masing. Pastikan Anda konfigurasi jaringan anda menggunakan OSPF 10 area 10. Standard IP Access List o Scenario: PC1 tidak bisa akses ke PC3

Extended IP Access List o Skenario-1: PC3 tidak bisa PING ke Server1 tetapi bisa Web Browsing o Skenario-2: PC2 bisa PING ke Server1 tetapi tidak bisa Web Browsing

45

CCNA R&S Bootcamp

Perangkat (Hostname ) R1 R2

IOS Version c2600-i-mz.122-28.bin c2600-i-mz.122-28.bin

Interface FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1 FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0 FastEthernet0 FastEthernet0

IP Address 192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30 192.168.5.1/24 192.168.4.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

R3 SW1 SW2 SW3 PC1 PC2 PC3

c2600-i-mz.122-28.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin

Standard Access List (Best Practice: Letakkan ACL dekat dengan Destination):
R3#config t R3(config)#access-list 1 deny host 192.168.1.254 R3(config)#access-list 1 permit any R3(config)#int se0/0 R3(config-if)#ip access-group 1 in R3(config-if)#exit R3(config)#exit R3#write Building configuration... [OK] R3# PC1>ping 192.168.5.254

46

CCNA R&S Bootcamp

Pinging 192.168.5.254 with 32 bytes of data: Request Request Request Request timed timed timed timed out. out. out. out.

Ping statistics for 192.168.5.254: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), PC1>

Extended Access List (Best Practice: Letakkan ACL dekat dengan Source):

R1#config t R1(config)#access-list 100 deny icmp host 192.168.5.254 host 192.168.1.2 R1(config)#access-list 100 deny tcp host 192.168.3.254 host 192.168.1.2 eq 80 R1(config)#access-list 100 permit ip any any R1(config)#exit R1(config)#interface se0/0 R1(config-if)#ip access-group 100 in R1(config-if)#exit R1(config)#exit R1#write Building configuration... [OK] R1# PC3>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of data: Request Request Request Request timed timed timed timed out. out. out. out.

Ping statistics for 192.168.1.2: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), PC3>

47

CCNA R&S Bootcamp

PC2>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of data: Reply Reply Reply Reply from from from from 192.168.1.2: 192.168.1.2: 192.168.1.2: 192.168.1.2: bytes=32 bytes=32 bytes=32 bytes=32 time=111ms time=154ms time=141ms time=141ms TTL=126 TTL=126 TTL=126 TTL=126

Ping statistics for 192.168.1.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 111ms, Maximum = 154ms, Average = 136ms PC2>

48

CCNA R&S Bootcamp

49

CCNA R&S Bootcamp

Lab 11 Network Address Translation (NAT)


Hands-on Lab
Pada Hands-on Lab Bab ini anda kan mencoba melakukan konfigurasi PAT (Port Address Translation) sesuai dengan Topologi dibawah ini, dimana R1 bertindak sebagai ISP yang akan mentranslasikan Network 192.168.3.0/24, 192.168.4.0/24, dan 192.168.5.0/24. Anda konfigurasi jaringan anda menggunakan OSPF 10 area 10 (LAB-7).

Perangkat (Hostname ) R1 (ISP) R2

IOS Version c2600-i-mz.122-28.bin c2600-i-mz.122-28.bin

Interface FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1 FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0 FastEthernet0 FastEthernet0

IP Address 192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30 192.168.5.1/24 192.168.4.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

R3 SW1 SW2 SW3 PC1 PC2 PC3

c2600-i-mz.122-28.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin

50

CCNA R&S Bootcamp

Hands-on Lab 11.1: Preparing for NAT


R1#config t R1(config)#interface fa0/0 R1(config-if)#ip nat out R1(config-if)#ip nat outside R1(config-if)#exit R1(config)#interface se0/0 R1(config-if)#ip nat inside R1(config-if)#exit R1(config)#access-list 1 permit R1(config)#access-list 1 permit R1(config)#access-list 1 permit R1(config)#ip nat pool internet R1(config)#ip nat inside source R1(config)#exit R1#write Building configuration... [OK] R1# PC>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of data: Reply Reply Reply Reply from from from from 192.168.1.2: 192.168.1.2: 192.168.1.2: 192.168.1.2: bytes=32 bytes=32 bytes=32 bytes=32 time=156ms time=125ms time=125ms time=136ms TTL=126 TTL=126 TTL=126 TTL=126 192.168.3.0 192.168.4.0 192.168.5.0 192.168.1.1 list 1 pool 0.0.0.255 0.0.0.255 0.0.0.255 192.168.1.1 netmask 255.255.255.0 internet overload

Ping statistics for 192.168.1.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 125ms, Maximum = 156ms, Average = 135ms PC> R1#show ip nat translations Pro Inside global Inside local icmp 192.168.1.1:10 192.168.3.254:10 icmp 192.168.1.1:11 192.168.3.254:11 icmp 192.168.1.1:12 192.168.3.254:12 icmp 192.168.1.1:9 192.168.3.254:9 tcp 192.168.1.1:1028 192.168.5.254:1028 tcp 192.168.1.1:1029 192.168.5.254:1029 R1# Outside local 192.168.1.2:10 192.168.1.2:11 192.168.1.2:12 192.168.1.2:9 192.168.1.2:80 192.168.1.2:80 Outside global 192.168.1.2:10 192.168.1.2:11 192.168.1.2:12 192.168.1.2:9 192.168.1.2:80 192.168.1.2:80

51

CCNA R&S Bootcamp

Lab 12 Ciscos Wireless Technologies


Hands-on Labs
Pada Hands-on Lab berikut, anda akan melakukan konfigurasi Wireless Router Cisco sesuai dengan topologi dibawah ini (LAB-7):

Perangkat (Hostname ) R1 (ISP) R2

IOS Version c2600-i-mz.122-28.bin c2600-i-mz.122-28.bin

Interface FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1 FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0 FastEthernet0 FastEthernet0 Internet0/0 Access Point LAN DHCP Range

IP Address 192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30 192.168.5.1/24 192.168.4.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24 192.168.1.2/24 192.168.0.1/24 192.168.0.2/24 s.d 192.168.0.254/24

R3 SW1 SW2 SW3 PC1 PC2 PC3 Wireless Router3

c2600-i-mz.122-28.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin

52

CCNA R&S Bootcamp

Konfigurasi Wireless Router3 Menggunakan Web Utility: 1. Akses melalui URL standar.
Arahkan browser anda ke http://192.168.1.1.

2. Masukkan informasi autentikasi.

3. Ganti alamat Internet0/0 menjadi alamat static

53

CCNA R&S Bootcamp

4. Set alamat IP untuk interface Internet0/0 menjadi 192.168.1.2/24 dan Default-Gateway 192.168.1.1

5. Aktifkan DHCP Server dengan range Valid pada Network 192.168.0.0/24, dan jangan lupa di simpan
(save)

6. Periksa koneksi pada Laptop3


PC>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of data: Reply Reply Reply Reply from from from from 192.168.1.2: 192.168.1.2: 192.168.1.2: 192.168.1.2: bytes=32 bytes=32 bytes=32 bytes=32 time=78ms time=93ms time=94ms time=94ms TTL=255 TTL=255 TTL=255 TTL=255

Ping statistics for 192.168.1.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds:

54

CCNA R&S Bootcamp

Minimum = 78ms, Maximum = 94ms, Average = 89ms PC>

Lab 13 Internet Protocol Version 6 (IPv6)


Hands-On Lab
Pada Hands-on Lab berikut, anda akan melakukan konfigurasi IPv6 pada setiap Router sesuai dengan topologi dibawah ini: Konfigurasi RIPng Verifikasi RIPng Konfigurasi EIGRPv6 (AS:10) Verifikasi EIGRPv6 Konfigurasi OSPFv3 (Process-ID: 10, Area 0) Verifikasi OSPFv3

Perangkat (Hostname ) R1 R2

IOS Version c1841-advipservicesk9-mz.124-15.T1.bin c1841-advipservicesk9-mz.124-15.T1.bin

Interface FastEthernet0/0 FastEthernet0/1 Serial0/0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0/0 Serial0/1/0 FastEthernet0/0 FastEthernet0/1 Serial0/0/0 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0/1 24

IP Address 2001:DB8:0:1::1/64 FC00:0:0:1::1/64 2001:DB8:0:2::1/64 FC00:0:0:1::2/64 FC00:0:0:2::1/64 2001:DB8:0:3::1/64 FC00:0:0:2::2/64 -

R3 SW1 SW2 SW3

c1841-advipservicesk9-mz.124-15.T1.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin

55

CCNA R&S Bootcamp

PC1 PC2 PC3

FastEthernet0 FastEthernet0 FastEthernet0

Autoconfig Autoconfig Autoconfig

Konfigurasi RIPng pada R1, R2, dan R3:

Router>enable Router#config t Router(config)#hostname R1 R1(config)#ipv6 unicast-routing R1(config)#interface fa0/0 R1(config-if)#ipv6 enable R1(config-if)#ipv6 address 2001:DB8:0:1::1/64 R1(config-if)#ipv6 rip 1 enable R1(config-if)#no shut R1(config-if)#exit R1(config)#interface se0/0/0 R1(config-if)#ipv6 enable R1(config-if)#ipv6 address FC00:0:0:1::1/64 R1(config-if)#ipv6 rip 1 enable R1(config-if)#no shut R1(config-if)#exit R1(config)#exit R1#write Building configuration... [OK] R1# Router>enable Router#config t Router(config)#hostname R2 R2(config)#ipv6 unicast-routing R2(config)#int se0/0/0 R2(config-if)#ipv6 enable R2(config-if)#ipv6 address FC00:0:0:1::2/64 R2(config-if)#ipv6 rip 1 enable R2(config-if)#clock rate 64000 R2(config-if)#no shut R2(config-if)#exit R2(config)#interface se0/1/0 R2(config-if)#ipv6 enable R2(config-if)#ipv6 address FC00:0:0:2::1/64 R2(config-if)#ipv6 rip 1 enable R2(config-if)#clock rate 64000 R2(config-if)#no shut R2(config-if)#exit R2(config)#interface fa0/0 R2(config-if)#ipv6 enable R2(config-if)#ipv6 address 2001:DB8:0:2::1/64 R2(config-if)#ipv6 rip 1 enable R2(config-if)#no shut R2(config-if)#exit

56

CCNA R&S Bootcamp

R2(config)#exit R2#write Building configuration... [OK] R2# Router>enable Router#config t Router#hostname R3 Router(config)#ipv6 unicast-routing R3(config)#int se0/0/0 R3(config-if)#ipv6 enable R3(config-if)#ipv6 add FC00:0:0:2::2/64 R3(config-if)#ipv6 rip 1 enable R3(config-if)#no shut R3(config-if)#exit R3(config)#int fa0/0 R3(config-if)#ipv6 enable R3(config-if)#ip R3(config-if)#ipv6 add 2001:DB8:0:3::1/64 R3(config-if)#ipv6 rip 1 enable R3(config-if)#no shut R3(config-if)#exit R3(config)#exit R3# R3#write Building configuration... [OK] R3#

Verifikasi RIPng pada R1 dan PC1. (lakukan sendiri untuk R2, R3, PC2 dan PC3):

R1#show ipv6 route IPv6 Routing Table - 8 entries Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP U - Per-user Static route, M - MIPv6 I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 D - EIGRP, EX - EIGRP external C 2001:DB8:0:1::/64 [0/0] via ::, FastEthernet0/0 L 2001:DB8:0:1::1/128 [0/0] via ::, FastEthernet0/0 R 2001:DB8:0:2::/64 [120/1] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 R 2001:DB8:0:3::/64 [120/2] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 C FC00:0:0:1::/64 [0/0] via ::, Serial0/0/0 L FC00:0:0:1::1/128 [0/0] via ::, Serial0/0/0 R FC00:0:0:2::/64 [120/1] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 L FF00::/8 [0/0] via ::, Null0

57

CCNA R&S Bootcamp

R1#show ipv6 rip database RIP process "1" local RIB 2001:DB8:0:2::/64, metric 1, installed Serial0/0/0/FE80::206:2AFF:FE8E:BD6E, expires in 169 sec 2001:DB8:0:3::/64, metric 2, installed Serial0/0/0/FE80::206:2AFF:FE8E:BD6E, expires in 169 sec FC00:0:0:2::/64, metric 1, installed Serial0/0/0/FE80::206:2AFF:FE8E:BD6E, expires in 169 sec R1# PC1>ping 2001:DB8:0:2:260:70FF:FED5:8002 Pinging 2001:DB8:0:2:260:70FF:FED5:8002 with 32 bytes of data: Reply Reply Reply Reply from from from from 2001:DB8:0:2:260:70FF:FED5:8002: 2001:DB8:0:2:260:70FF:FED5:8002: 2001:DB8:0:2:260:70FF:FED5:8002: 2001:DB8:0:2:260:70FF:FED5:8002: bytes=32 bytes=32 bytes=32 bytes=32 time=281ms time=140ms time=139ms time=143ms TTL=126 TTL=126 TTL=126 TTL=126

Ping statistics for 2001:DB8:0:2:260:70FF:FED5:8002: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 139ms, Maximum = 281ms, Average = 175ms PC1>ping 2001:DB8:0:3:2E0:A3FF:FE79:8BEB Pinging 2001:DB8:0:3:2E0:A3FF:FE79:8BEB with 32 bytes of data: Reply Reply Reply Reply from from from from 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: bytes=32 bytes=32 bytes=32 bytes=32 time=297ms time=174ms time=188ms time=174ms TTL=125 TTL=125 TTL=125 TTL=125

Ping statistics for 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 174ms, Maximum = 297ms, Average = 208ms PC1>

Konfigurasi EIGRPv6 (AS:10) pada R1, R2, dan R3:


R1>enable R1#config t R1(config)#ipv6 router eigrp 10 R1(config-rtr)#router-id 1.1.1.1 R1(config-rtr)#no shut R1(config-if)#exit

R1(config)#interface fa0/0 R1(config-if)#no ipv6 rip 1 enable R1(config-if)#ipv6 eigrp ? <1-65535> AS number R1(config-if)#ipv6 eigrp 10 R1(config-if)#exit R1(config)#interface se0/0/0 R1(config-if)#no ipv6 rip 1 enable

58

CCNA R&S Bootcamp

R1(config-if)#ipv6 eigrp 10 R1(config-if)#exit R1(config)#exit R1#write Building configuration... [OK] R1# R2>enable R2#config t R2(config)#ipv6 router eigrp 10 R2(config-rtr)#router-id 2.2.2.2 R2(config-rtr)#no shutdown R2(config-rtr)#exit R2(config)#int se0/0/0 R2(config-if)#no ipv6 rip 1 enable R2(config-if)#ipv6 eigrp 10 R2(config-if)#exit R2(config)#int se0/1/0 R2(config-if)#no ipv6 rip 1 enable R2(config-if)#ipv6 eigrp 10 R2(config-if)#exit R2(config)#int fa0/0 R2(config-if)#no ipv6 rip 1 enable R2(config-if)#ipv6 eigrp 10 R2(config-if)#exit R2(config)#exit R2#write Building configuration... [OK] R2# R3>enable R3#config t R3(config)#ipv6 router eigrp 10 R3(config-rtr)#router-id 3.3.3.3 R3(config-rtr)#no shut R3(config-rtr)#exit R3(config)#int se0/0/0 R3(config-if)#no ipv6 rip 1 enable R3(config-if)#ipv6 eigrp 10 R3(config-if)#exit R3(config)#int fa0/0 R3(config-if)#no ipv6 rip 1 enable R3(config-if)#ipv6 eigrp 10 R3(config-if)#exit R3(config)#exit R3#write Building configuration... [OK] R3#

59

CCNA R&S Bootcamp

Verifikasi EIGRPv6 (AS:10) pada R1 dan PC1. (Lakukan sendiri untuk R2, R3, PC2 dan PC3):
R1#show ipv6 route IPv6 Routing Table - 8 entries Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP U - Per-user Static route, M - MIPv6 I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 D - EIGRP, EX - EIGRP external C 2001:DB8:0:1::/64 [0/0] via ::, FastEthernet0/0 L 2001:DB8:0:1::1/128 [0/0] via ::, FastEthernet0/0 D 2001:DB8:0:2::/64 [90/20514560] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 D 2001:DB8:0:3::/64 [90/21026560] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 C FC00:0:0:1::/64 [0/0] via ::, Serial0/0/0 L FC00:0:0:1::1/128 [0/0] via ::, Serial0/0/0 D FC00:0:0:2::/64 [90/21024000] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 L FF00::/8 [0/0] via ::, Null0 R1#show ipv6 eigrp neighbors IPv6-EIGRP neighbors for process 10 H Address Interface Hold Uptime (sec) 0 FE80::206:2AFF:FE8E:BD6ESe0/0/0 13 R1#show ipv6 eigrp topology IPv6-EIGRP Topology Table for AS 10/ID(1.1.1.1) Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, r - Reply status P 2001:DB8:0:1::/64, 1 successors, FD is 28160 via Connected, FastEthernet0/0 P FC00:0:0:1::/64, 1 successors, FD is 20512000 via Connected, Serial0/0/0 P FC00:0:0:2::/64, 1 successors, FD is 21024000 via FE80::206:2AFF:FE8E:BD6E (21024000/20512000), Serial0/0/0 P 2001:DB8:0:2::/64, 1 successors, FD is 20514560 via FE80::206:2AFF:FE8E:BD6E (20514560/28160), Serial0/0/0 P 2001:DB8:0:3::/64, 1 successors, FD is 21026560 via FE80::206:2AFF:FE8E:BD6E (21026560/20514560), Serial0/0/0 R1# PC1>ping 2001:DB8:0:2:260:70FF:FED5:8002 Pinging 2001:DB8:0:2:260:70FF:FED5:8002 with 32 bytes of data: Reply from 2001:DB8:0:2:260:70FF:FED5:8002: bytes=32 time=141ms TTL=126 Reply from 2001:DB8:0:2:260:70FF:FED5:8002: bytes=32 time=156ms TTL=126 Reply from 2001:DB8:0:2:260:70FF:FED5:8002: bytes=32 time=125ms TTL=126

SRTT RTO (ms) 00:10:01 40

Q Cnt

Seq Num 1000 0

60

CCNA R&S Bootcamp

Reply from 2001:DB8:0:2:260:70FF:FED5:8002: bytes=32 time=141ms TTL=126 Ping statistics for 2001:DB8:0:2:260:70FF:FED5:8002: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 125ms, Maximum = 156ms, Average = 140ms PC1>ping 2001:DB8:0:3:2E0:A3FF:FE79:8BEB Pinging 2001:DB8:0:3:2E0:A3FF:FE79:8BEB with 32 bytes of data: Reply Reply Reply Reply from from from from 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: bytes=32 bytes=32 bytes=32 bytes=32 time=172ms time=172ms time=172ms time=187ms TTL=125 TTL=125 TTL=125 TTL=125

Ping statistics for 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 172ms, Maximum = 187ms, Average = 175ms PC1>

Konfigurasi OSPFv3 (Process-ID:10, Area:0) pada R1, R2, dan R3:


R1#config t R1(config)#no ipv6 router eigrp 10 R1(config)#ipv6 router ospf 10 R1(config-rtr)#router-id 1.1.1.1 R1(config-rtr)#exit R1(config)#int fa0/0 R1(config-if)#no ipv6 eigrp 10 R1(config-if)#ipv6 ospf 10 area 0 R1(config-if)#exit R1(config)#int se0/0/0 R1(config-if)#no ipv6 eigrp 10 R1(config-if)#ipv6 ospf 10 area 0 R1(config-if)#exit R1(config)#exit R1#write Building configuration... [OK] R1# R2>enable R2#config t R2(config)#no ipv6 router eigrp 10 R2(config)#ipv6 router ospf 10 R2(config-rtr)#router-id 2.2.2.2 R2(config-rtr)#exit R2(config)#int se0/0/0 R2(config-if)#no ipv6 eigrp 10 R2(config-if)#ipv6 ospf 10 area 0 R2(config-if)#exit R2(config)#int fa0/0

61

CCNA R&S Bootcamp

R2(config-if)#no ipv6 eigrp 10 R2(config-if)#ipv6 ospf 10 area 0 R2(config-if)#exit R2(config)#int se0/1/0 R2(config-if)#no ipv6 eigrp 10 R2(config-if)#ipv6 ospf 10 area 0 R2(config-if)#exit R2(config)#exit R2#write Building configuration... [OK] R2# R3>enable R3#config t R3(config)#no ipv6 router eigrp 10 R3(config)#ipv6 router ospf 10 R3(config-rtr)#router-id 3.3.3.3 R3(config-rtr)#exit R3(config)#int se0/0/0 R3(config-if)#no ipv6 eigrp 10 R3(config-if)#ipv6 ospf 10 area 0 R3(config-if)#exit R3(config)#int fa0/0 R3(config-if)#no ipv6 eigrp 10 R3(config-if)#ipv6 ospf 10 area 0 R3(config-if)#exit R3(config)#exit R3#write Building configuration... [OK] R3#

Verifikasi OSPFv3 (Process-ID:10, Area:0) pada R1 dan PC1, (lakukan sendiri pada R2, R3, PC2, dan PC3):
R1#show ipv6 route IPv6 Routing Table - 8 entries Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP U - Per-user Static route, M - MIPv6 I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary O - OSPF intra, OI - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 D - EIGRP, EX - EIGRP external C 2001:DB8:0:1::/64 [0/0] via ::, FastEthernet0/0 L 2001:DB8:0:1::1/128 [0/0] via ::, FastEthernet0/0 O 2001:DB8:0:2::/64 [110/781] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 O 2001:DB8:0:3::/64 [110/1562] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 C FC00:0:0:1::/64 [0/0] via ::, Serial0/0/0 L FC00:0:0:1::1/128 [0/0]

62

CCNA R&S Bootcamp

O L

via ::, Serial0/0/0 FC00:0:0:2::/64 [110/781] via FE80::206:2AFF:FE8E:BD6E, Serial0/0/0 FF00::/8 [0/0] via ::, Null0

R1#show ipv6 ospf neighbor Neighbor ID 2.2.2.2 Pri 0 State FULL/ Dead Time 00:00:31 Interface ID 3 Interface Serial0/0/0

R1#show ipv6 ospf database OSPF Router with ID (1.1.1.1) (Process ID 10) Router Link States (Area 0) ADV Router 1.1.1.1 2.2.2.2 3.3.3.3 ADV Router 1.1.1.1 1.1.1.1 2.2.2.2 ADV Router 1.1.1.1 2.2.2.2 3.3.3.3 R1# Age 317 114 114 Seq# 0x80000002 0x80000003 0x80000002 Link count Bits 1 2 1

Link (Type-8) Link States (Area 0) Age Seq# Link ID 448 0x80000001 1 321 0x80000003 3 317 0x80000002 3 Intra Area Prefix Link Age Seq# 426 0x80000002 223 0x80000003 92 0x80000002 States (Area 0) Link ID Ref-lstype 2 0x2001 2 0x2001 2 0x2001 Ref-LSID 0 0 0

PC1>ping 2001:DB8:0:2:260:70FF:FED5:8002 Pinging 2001:DB8:0:2:260:70FF:FED5:8002 with 32 bytes of data: Reply Reply Reply Reply from from from from 2001:DB8:0:2:260:70FF:FED5:8002: 2001:DB8:0:2:260:70FF:FED5:8002: 2001:DB8:0:2:260:70FF:FED5:8002: 2001:DB8:0:2:260:70FF:FED5:8002: bytes=32 bytes=32 bytes=32 bytes=32 time=94ms TTL=126 time=141ms TTL=126 time=141ms TTL=126 time=156ms TTL=126

Ping statistics for 2001:DB8:0:2:260:70FF:FED5:8002: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 94ms, Maximum = 156ms, Average = 133ms PC>ping 2001:DB8:0:3:2E0:A3FF:FE79:8BEB Pinging 2001:DB8:0:3:2E0:A3FF:FE79:8BEB with 32 bytes of data: Reply Reply Reply Reply from from from from 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: bytes=32 bytes=32 bytes=32 bytes=32 time=156ms time=172ms time=188ms time=171ms TTL=125 TTL=125 TTL=125 TTL=125

Ping statistics for 2001:DB8:0:3:2E0:A3FF:FE79:8BEB: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

63

CCNA R&S Bootcamp

Approximate round trip times in milli-seconds: Minimum = 156ms, Maximum = 188ms, Average = 171ms PC1>

Lab 14 Wide Area Networks


Hands-on Lab
Pada sesi ini, anda akan mengkonfigurasi beberapa poin dibawah ini Konfigurasi dan verifikasi Enkapsulasi PPP menggunakan Autentikasi CHAP Konfigurasi dan Verifikasi Frame Relay

Konfigurasi dan verifikasi Enkapsulasi PPP menggunakan Autentikasi CHAP


Pastikan anda telah melakukan konfigurasi OSPF (Process-ID: 10, Area:0)untuk topologi dibawah ini (gunakan stepby-step pada Hands-on Lab Bab 7):

Perangkat (Hostname ) R1 R2

IOS Version c2600-i-mz.122-28.bin c2600-i-mz.122-28.bin

Interface FastEthernet0/0 FastEthernet0/1 Serial0/0 FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1 FastEthernet0/0 FastEthernet0/1 Serial0/0

IP Address 192.168.1.1/24 192.168.2.1/30 192.168.3.1/24 192.168.2.2/30 192.168.4.1/30 192.168.5.1/24 192.168.4.2/30

R3

c2600-i-mz.122-28.bin

64

CCNA R&S Bootcamp

SW1 SW2 SW3 PC1 PC2 PC3

c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin

FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0 FastEthernet0 FastEthernet0

192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

R1#config t R1(config)#username R2 password cisco R1(config)#interface se0/0 R1(config-if)#encapsulation ppp R1(config-if)#ppp authentication chap R1(config-if)#exit R1(config)#exit R1#write Building configuration... [OK] R1# R2#config t R2(config)#username R1 password cisco R2(config)#username R3 password cisco R2(config)#interface se0/0 R2(config-if)#encapsulation ppp R2(config-if)#ppp authentication chap R2(config-if)#exit R2(config)#exit R2#write Building configuration... [OK] R2# R3#config t R3(config)#username R2 password cisco R3(config)#interface se0/0 R3(config-if)#encapsulation ppp R3(config-if)#ppp authentication chap R3(config-if)#exit R3(config)#exit R3#write Building configuration... [OK] R3# Verifikasi pada R1, lakukan sendiri pada R2 dan R3: R1#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route

65

CCNA R&S Bootcamp

Gateway of last resort is not set C C O R O O 192.168.1.0/24 is directly connected, FastEthernet0/0 192.168.2.0/30 is subnetted, 1 subnets 192.168.2.0 is directly connected, Serial0/0 192.168.3.0/24 [110/782] via 192.168.2.2, 00:07:28, Serial0/0 192.168.4.0/24 is variably subnetted, 2 subnets, 2 masks 192.168.4.0/24 [120/1] via 192.168.2.2, 00:00:06, Serial0/0 192.168.4.0/30 [110/1562] via 192.168.2.2, 00:06:34, Serial0/0 192.168.5.0/24 [110/1563] via 192.168.2.2, 00:06:23, Serial0/0

R1#show interface se0/0 Serial0/0 is up, line protocol is up (connected) Hardware is HD64570 Description: "terhubung ke R2 se-0/0" Internet address is 192.168.2.1/30 MTU 1500 bytes, BW 128 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, loopback not set, keepalive set (10 sec) LCP Open Open: IPCP, CDPCP Last input never, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/0/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 96 kilobits/sec 5 minute input rate 30 bits/sec, 0 packets/sec 5 minute output rate 30 bits/sec, 0 packets/sec 26 packets input, 1820 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 22 packets output, 1404 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up R1#

66

CCNA R&S Bootcamp

Konfigurasi dan Verifikasi Frame Relay


Pastikan anda telah melakukan konfigurasi OSPF (Process-ID: 10, Area:0)untuk topologi dibawah ini (gunakan stepby-step pada Hands-on Lab Bab 7):

Perangkat (Hostname ) R1 R2

IOS Version c2600-i-mz.122-28.bin c2600-i-mz.122-28.bin

Interface FastEthernet0/0 FastEthernet0/1 Serial0/0 (DLCI: 102) FastEthernet0/0 FastEthernet0/1 Serial0/0 Serial0/1 FastEthernet0/0 FastEthernet0/1 Serial0/0 (DLCI: 201) FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0/1 24 FastEthernet0 FastEthernet0 FastEthernet0

IP Address 192.168.1.1/24 192.168.2.1/30 192.168.5.1/24 192.168.2.2/30 192.168.1.254/24 192.168.3.254/24 192.168.5.254/24

R3 SW1 SW2 SW3 PC1 PC2 PC3

c2600-i-mz.122-28.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin c2950-i6q4l2-mz.121-22.EA4.bin

FR-Switch#config t

67

CCNA R&S Bootcamp

FR-Switch(config)#frame-relay switching FR-Switch(config)#interface serial 0/0 FR-Switch(config-if)#clock rate 64000 FR-Switch(config-if)#encapsulation frame-relay FR-Switch(config-if)#frame-relay intf-type dce FR-Switch(config-if)#frame-relay route 102 interface serial 0/1 201 FR-Switch(config-if)#no shutdown FR-Switch(config-if)#exit FR-Switch(config)#interface serial 0/1 FR-Switch(config-if)#clock rate 64000 FR-Switch(config-if)#encapsulation frame-relay FR-Switch(config-if)#frame-relay intf-type dce FR-Switch(config-if)#frame-relay route 201 interface serial 0/0 102 FR-Switch(config-if)#no shutdown FR-Switch(config-if)#exit FR-Switch(config)#exit FR-Switch#write Building configuration... [OK] FR-Switch# R1#config t R1(config)#interface serial 0/0 R1(config-if)#encapsulation frame-relay R1(config-if)#no frame-relay inverse-arp R1(config-if)#frame-relay map ip 192.168.2.2 102 broadcast R1(config-if)#no shutdown R1(config-if)#exit R1(config)#exit R1#write Building configuration... [OK] R1# R2#config t R2(config)#interface serial 0/0 R2(config-if)#encapsulation frame-relay R2(config-if)#no frame-relay inverse-arp R2(config-if)#frame-relay map ip 192.168.2.1 201 broadcast R2(config-if)#no shutdown R2(config-if)#exit R2(config)#exit R2#write Building configuration... [OK] R2# R1#ping 192.168.2.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.2.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms

68

CCNA R&S Bootcamp

R2#ping 192.168.2.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms

69