Difference between revisions of "Hotel case study - VLANs"

From csn
Jump to navigation Jump to search
 
(2 intermediate revisions by the same user not shown)
Line 4: Line 4:
 
'''What you need to do'''<br>
 
'''What you need to do'''<br>
 
* You should create and name one VLAN for hotel staff and a separate VLAN for Guests on each floor of the hotel.  This will require three VLANs at each site.
 
* You should create and name one VLAN for hotel staff and a separate VLAN for Guests on each floor of the hotel.  This will require three VLANs at each site.
 +
* You should configure trunks between the access and distribution layer devices.
 +
* You should place the access layer ports used by the PCs in appropriate VLANs.
  
 
'''Where to configure this'''<br>
 
'''Where to configure this'''<br>
Line 10: Line 12:
 
So every access layer and distribution layer device that deals with a particular VLAN needs to have that VLAN present and every link between the two layers needs to be a trunk. Often the VLAN and trunks will need to cover more links than are necessary for bare connectivity because we are also providing redundant paths for reliability.
 
So every access layer and distribution layer device that deals with a particular VLAN needs to have that VLAN present and every link between the two layers needs to be a trunk. Often the VLAN and trunks will need to cover more links than are necessary for bare connectivity because we are also providing redundant paths for reliability.
  
'''How you will know it is configured correctly'''<br>
+
'''How you will I know it is configured correctly'''<br>
You can use the show vlan and  
+
You can use the '''show vlan''' and '''show interfaces trunk''' commands to verify VLAN and trunk creation and the assignment of ports (interfaces) to VLANs.
The hostname can be seen in the device prompt. When unconfigured, devices default to the names "Router" and "Switch". Once configured correctly the device should have the same prompt as its name.
+
You can assign IP addresses to the hosts and verify that all hosts within a VLAN can ping each otherHosts in different VLANs should not be able to ping one-another even if they are in the same VLAN.
 
 
Suggestion
 
Throughout this case study, you have many devices to configure, often with the same or similar commands. It is worthwhile creating a sequence of common commands in an editor such as "notepad" or "gedit" and pasting these into your switches and routers to save time. For example, the following can be pasted into each switch to set the VTP mode.
 
 
 
enable
 
conf t
 
vtp mode transparent
 
 
 
 
 
Providing a meaningful hostname prevents confusion when remotely accessing a switch or router. 
 
The addition of the command "vtp mode transparent" allows EVE to successfully capture your VLAN information from switches during export. This will become more meaningful as we move through the switching topics.
 
 
 
 
 
Configure the hostnames as indicated in the topology diagram and add the command "vtp mode transparent" to each switch. Note that the ISP router is preconfigured and you should not make changes on that device as it is not owned by the California Hotel group.
 
 
 
 
 
The hostname on every device and "vtp mode transparent" on each switch (Access and Distribution)".
 
 
 
The hostname can be seen in the device prompt.  When unconfigured, devices default to the names "Router" and "Switch"Once configured correctly the device should have the same prompt as its name.
 
 
 
'''Suggestion'''<br>
 
Throughout this case study, you have many devices to configure, often with the same or similar commands. It is worthwhile creating a sequence of common commands in an editor such as "notepad" or "gedit" and pasting these into your switches and routers to save time. For example, the following can be pasted into each switch to set the VTP mode.
 
enable
 
conf t
 
vtp mode transparent
 
  
 
'''What questions could I see on the practical exam?'''<br>
 
'''What questions could I see on the practical exam?'''<br>
* You might need to set or change a hostname.
+
* You might need to assign a port to a new VLAN, simulating the reassignment of a location.
 
+
* There could be a fault in the network, caused by a user being in the incorrect VLAN.
    You might need to set or change a hostname.
+
* There could be a fault in the network, caused by a link not being a trunk.
* Use VTP mode transparent as this will force EVE to save your VLAN information in the running configuration.
+
* There could be a fault in the network, caused by a VLAN not being present on a switch.
 
 
* Trunks should be implemented between the distribution and access switches to provide redundant connections.
 
* The access switch port connecting to each PC should be placed in an appropriate VLAN.
 

Latest revision as of 08:57, 8 March 2020

VLANs and trunks

Explanation

What you need to do

  • You should create and name one VLAN for hotel staff and a separate VLAN for Guests on each floor of the hotel. This will require three VLANs at each site.
  • You should configure trunks between the access and distribution layer devices.
  • You should place the access layer ports used by the PCs in appropriate VLANs.

Where to configure this
VLANs define the security roles for devices at the access layer. The VLANs provide a separation of traffic that forms the basis of security at this layer. In order to provide connectivity between VLANs we need routing and that function is delivered by the distribution layer. Thus the VLANs need to be present on that layer as well. To carry VLAN information (tags) between the access and the distribution layer, our links need to be configured as trunks.

So every access layer and distribution layer device that deals with a particular VLAN needs to have that VLAN present and every link between the two layers needs to be a trunk. Often the VLAN and trunks will need to cover more links than are necessary for bare connectivity because we are also providing redundant paths for reliability.

How you will I know it is configured correctly
You can use the show vlan and show interfaces trunk commands to verify VLAN and trunk creation and the assignment of ports (interfaces) to VLANs. You can assign IP addresses to the hosts and verify that all hosts within a VLAN can ping each other. Hosts in different VLANs should not be able to ping one-another even if they are in the same VLAN.

What questions could I see on the practical exam?

  • You might need to assign a port to a new VLAN, simulating the reassignment of a location.
  • There could be a fault in the network, caused by a user being in the incorrect VLAN.
  • There could be a fault in the network, caused by a link not being a trunk.
  • There could be a fault in the network, caused by a VLAN not being present on a switch.
Retrieved from "https://csn.murdoch.edu.au/mediawiki/index.php?title=Hotel_case_study_-_VLANs&oldid=349"