Práctica 2 con GNS3
Video
Video para instalar un switch capa 3 en gns3
Montaje
Realizamos el siguiente montaje:
Configuración del Router
| R1# | configure terminal | conf t | Entra en el modo de configuracion del terminal |
| R1(config)# | interface fastEhernet 0/0 | int f0/0 | Entra en la configuración del puerto f0/0 |
| R1(config-if)# | ip address dhcp | Pone el puerto en modo dhcp (ip dinámica) | |
| R1(config-if)# | no shutdown | no sh | Activa el puerto (pasa de down a up) |
| R1(config-if)# | exit | Vuelve al modo configuracion | |
| R1(config)# | exit | Vuelva al modo privilegiado | |
| R1# | ping 8.8.8.8 | Comprobamos si tenemos conexión a internet |
Si hay conexión a internet saldrá:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/21/24 ms
R1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. R1(config)#interface f1/0 R1(config-if)#no shutdown R1(config-if)#exit R1(config)#interface f1/0.10 R1(config-subif)#encapsulation dot1Q 10 R1(config-subif)#ip address 192.168.10.1 255.255.255.0 R1(config-subif)#exit R1(config)#int f1/0.20 R1(config-subif)#encapsulation dot1Q 20 R1(config-subif)#ip address 192.168.20.1 255.255.255.0 R1(config-subif)#exit R1(config)#int f1/0.30 R1(config-subif)#encapsulation dot1Q 30 R1(config-subif)#ip address 192.168.30.1 255.255.255.0 R1(config-subif)#exit R1(config)#exit R1#show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 192.168.122.147 YES DHCP up up FastEthernet1/0 unassigned YES unset up up FastEthernet1/0.10 192.168.10.1 YES manual up up FastEthernet1/0.20 192.168.20.1 YES manual up up FastEthernet1/0.30 192.168.30.1 YES manual up up FastEthernet1/1 unassigned YES unset administratively down down R1# R1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. R1(config)#ip dhcp pool VLAN10 R1(dhcp-config)#network 192.168.10.0 255.255.255.0 R1(dhcp-config)#default-router 192.168.10.1 R1(dhcp-config)#dns-server 8.8.8.8 R1(dhcp-config)#exit R1(config)#ip dhcp pool VLAN20 R1(dhcp-config)#network 192.168.20.0 255.255.255.0 R1(dhcp-config)#default-router 192.168.20.1 R1(dhcp-config)#dns-server 8.8.8.8 R1(dhcp-config)#exit R1(config)#ip dhcp pool VLAN30 R1(dhcp-config)#network 192.168.30.0 255.255.255.0 R1(dhcp-config)#default-router 192.168.30.1 R1(dhcp-config)#dns-server 8.8.8.8 R1(dhcp-config)#exit R1(config)# R1(config)#ip dhcp excluded-address 192.168.10.1 192.168.10.99 R1(config)#ip dhcp excluded-address 192.168.10.150 192.168.10.255 R1(config)#ip dhcp excluded-address 192.168.20.1 192.168.20.49 R1(config)#ip dhcp excluded-address 192.168.20.100 192.168.20.255 R1(config)#exit
Configuración del Switch
ESW1#vlan ?
database Configure VLAN database
ESW1#vlan databaseESW1(vlan)#vlan 10 name VLAN10VLAN 10 modified:
Name: VLAN10
ESW1(vlan)#vlan 20 name VLAN20VLAN 20 modified:
Name: VLAN20
ESW1(vlan)#vlan 30 name VLAN30VLAN 30 modified:
Name: VLAN30
ESW1(vlan)#exitAPPLY completed.Exiting....ESW1#sh vlan-switch
VLAN Name Status Ports
1 default active Fa0/0, Fa0/1, Fa0/2, Fa0/3
Fa0/4, Fa0/5, Fa0/6, Fa0/7
Fa0/8, Fa0/9, Fa0/10, Fa0/11
Fa0/12, Fa0/13, Fa0/14, Fa0/15
10 VLAN10 active20 VLAN20 active30 VLAN30 active1002 fddi-default active1003 token-ring-default active1004 fddinet-default active1005 trnet-default active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
1 enet 100001 1500 - - - - - 1002 100310 enet 100010 1500 - - - - - 0 020 enet 100020 1500 - - - - - 0 030 enet 100030 1500 - - - - - 0 01002 fddi 101002 1500 - - - - - 1 10031003 tr 101003 1500 1005 0 - - srb 1 10021004 fdnet 101004 1500 - - 1 ibm - 0 0
ESW1#configure terminalESW1(config)#int f0/0ESW1(config-if)#switchport trunk encapsulation dot1qESW1(config-if)#switchport trunk allowed vlan allESW1(config-if)#switchport mode trunkESW1(config-if)#no shut
ESW1(config-if)#exitESW1(config)#int f0/1ESW1(config-if)#no shESW1(config-if)#
ESW1(config-if)#switchport access vlan 10
ESW1(config-if)#exitESW1(config)#int f0/2ESW1(config-if)#switchport access vlan 20
ESW1(config-if)#no shutdownESW1(config-if)#exitESW1(config)#int f0/3ESW1(config-if)#switchport access vlan 30
ESW1(config-if)#no shESW1(config-if)#exitESW1(config)#exitESW1#sh ip int brInterface IP-Address OK? Method Status ProtocolFastEthernet0/0 unassigned YES unset up upFastEthernet0/1 unassigned YES unset up upFastEthernet0/2 unassigned YES unset up upFastEthernet0/3 unassigned YES unset up upFastEthernet0/4 unassigned YES unset up downFastEthernet0/5 unassigned YES unset up downFastEthernet0/6 unassigned YES unset up downFastEthernet0/7 unassigned YES unset up downFastEthernet0/8 unassigned YES unset up downFastEthernet0/9 unassigned YES unset up downFastEthernet0/10 unassigned YES unset up downFastEthernet0/11 unassigned YES unset up downFastEthernet0/12 unassigned YES unset up downFastEthernet0/13 unassigned YES unset up downFastEthernet0/14 unassigned YES unset up downFastEthernet0/15 unassigned YES unset up downVlan1 unassigned YES NVRAM administratively down downESW1#
Configurar PC
VPCS-1>ip dhcp
DDORA IP 192.168.10.100/24 GW 192.168.10.1
VPCS-2>ip dhcp
DDORA IP 192.168.20.50/24 GW 192.168.20.1
VPCS-3>ip dhcp
DDORA IP 192.168.30.2/24 GW 192.168.30.1
NOTA.- Los PC cogen IP, pero no tienen acceso a internet.
Comprobamos haciendo:
VPCS-1>ping 8.8.8.8
Obtenemos: 8.8.8.8 icmp_seq=1 timeout , etc
Si hacemos ping a unicarlos.com:
VPCS-1>ping unicarlos.com
Cannot resolve unicarlos.com
Tenemos que configurar la NAT para dar los permisos necesarios para que podamos acceder a internet.
Configuración de la NAT
Vamos a configurar la NAT sobre las sub-interfaces.
La NAT se configura en el Router.
R1#configure terminalEnter configuration commands, one per line. End with CNTL/Z.R1(config)#int f0/0R1(config-if)#ip nat outsideR1(config-if)#exitR1(config)#int f1/0.10R1(config-subif)#ip nat insideR1(config-subif)#exitR1(config)#int f1/0.20R1(config-subif)#ip nat insideR1(config-subif)#exitR1(config)#int f1/0.30R1(config-subif)#ip nat insideR1(config-subif)#exitR1(config)#access-list 100 permit ip 192.168.10.0 0.0.0.255 anyR1(config)#access-list 100 permit ip 192.168.20.0 0.0.0.255 anyR1(config)#access-list 100 permit ip 192.168.30.0 0.0.0.255 anyR1(config)#ip nat inside source list 100 interface f0/0 overloadR1(config)#exitR1#
Comprobamos la conexion a internet
Tras activar el NAT en el router, vamos a cualquier PC y hacemos un ping.
VPCS-1>ping unicarlos.com
y obtenemos respuesta (conexion a internet correcta)
unicarlos.com resolved to 129.121.22.19584 bytes from 129.121.22.195 icmp_seq=1 ttl=48 time=185.284 ms84 bytes from 129.121.22.195 icmp_seq=2 ttl=48 time=184.525 ms84 bytes from 129.121.22.195 icmp_seq=3 ttl=48 time=185.367 ms84 bytes from 129.121.22.195 icmp_seq=4 ttl=48 time=200.310 ms84 bytes from 129.121.22.195 icmp_seq=5 ttl=48 time=185.429 ms
Guardar configuraciones
Cuando todo este correcto (antes de parar el router o el switch), debemos guardar la configuracion.
En el Router:
R1# write
En el Switch:
ESW1# write