Config Lab: Switch IP Config

Wendell Odom
By Wendell Odom August 31, 2021 21:05

This next lab begins with a switch that has been configured to allow Telnet + SSH, including password protection – except the fact that neither switch yet has an IP address. This lab asks you to add the IP configuration to the switches. Details below the fold. Enjoy!

All about Config Labs

The blog has a series of lab exercises called “Config Labs.” Each lab presents a topology with the relevant initial configuration for each device. The lab also lists new requirements, after which you should create the additional configuration to meet those requirements. You can do the lab on paper, in a text editor, or use software tools like Cisco Packet Tracer or Cisco Modeling Labs.

Once you have created your answer, you can click various tabs at the bottom of this post to see the lab answers, comments about the lab, and other helpful information.

The Lab Exercise

Lab Requirements

This lab uses the simple LAN shown in Figure 1. It shows two switches connected by a link, with a router on the side.

Figure 1 – Lab Topology

 

For this lab, you should configure the IP settings for the two LAN switches. You need to decide what IP settings need to be configured and then plan the specific configuration commands. The list of requirements includes the subnet ID to use. Specifically:

  1. Both switches use VLAN 1 as the management VLAN.
  2. Use subnet 192.168.1.0/27.
  3. Use the numerically highest IP addresses: the highest for the router’s G0/0 interface into the LAN, the next highest for SW1’s management address, and the next highest for SW2’s management address. Note that R1’s IP address has been pre-configured for the purposes of this lab.
  4. Configure SW1 and SW2 to allow communication off-subnet as well as on-subnet.
  5. Neither switch uses VLAN trunking, and all ports are in the default VLAN (1).

 

Initial Configuration

You can do this lab with the assumption that neither switch has any initial configuration. However, to make the lab more interesting, instead assume the following initial configuration. The configuration on the two switches includes the commands which, once you add the correct IP configuration, allow Telnet (both switches) and SSH (SW2 only) into the switches. The router R1 configuration includes a minimal configuration to act as the default gateway in the subnet.

 

Example 1: SW1 Config

 

Example 2: SW2 Config

 

Example 3: R1 Config

Answer Options - Click Tabs to Reveal

You can learn a lot and strengthen real learning of the topics by creating the configuration – even without a router or switch CLI. In fact, these labs were originally built to be used solely as a paper exercise!

To answer, just think about the lab. Refer to your primary learning material for CCNA, your notes, and create the configuration on paper or in a text editor. Then check your answer versus the answer post, which is linked at the bottom of the lab, just above the comments section.

You can also implement the lab using the Cisco Packet Tracer network simulator. With this option, you use Cisco’s free Packet Tracer simulator. You open a file that begins with the initial configuration already loaded. Then you implement your configuration and test to determine if it met the requirements of the lab.

(Use this link for more information about Cisco Packet Tracer.)

Use this workflow to do the labs in Cisco Packet Tracer:

  1. Download the .pkt file linked below.
  2. Open the .pkt file, creating a working lab with the same topology and interfaces as the lab exercise.
  3. Add your planned configuration to the lab.
  4. Test the configuration using some of the suggestions below.

Download this lab’s Packet Tracer File

You can also implement the lab using Cisco Modeling Labs – Personal (CML-P). CML-P (or simply CML) replaced Cisco Virtual Internet Routing Lab (VIRL) software in 2020, in effect serving as VIRL Version 2.

If you prefer to use CML, use a similar workflow as you would use if using Cisco Packet Tracer, as follows:

  1. Download the CML file (filetype .yaml) linked below.
  2. Import the lab’s CML file into CML and then start the lab.
  3. Compare the lab topology and interface IDs to this lab, as they may differ (more detail below).
  4. Add your planned configuration to the lab.
  5. Test the configuration using some of the suggestions below.

Download this lab’s CML file!

 

Network Device Info:

This table lists the interfaces listed in the lab exercise documentation versus those used in the sample CML file.

Device Lab Port  CML Port
SW1 G1/0/1 G2/1
SW1 G1/0/2 G2/2
SW1 G1/0/3 G2/3
SW1 G1/0/11 G1/1
SW2 G1/0/4 G3/1
SW2 G1/0/5 G3/2
SW2 G1/0/6 G3/3
SW2 G1/0/7 G0/1
SW2 G1/0/12 G1/2

Lab Answers Below: Spoiler Alert

Lab Answers: Configuration (Click Tab to Reveal)

Figure 1 – Lab Topology

 

Example 1: SW1 New Config

 

Example 2: SW2 Config

Commentary, Issues, and Verification Tips (Click Tabs to Reveal)

Picking the IP Addresses

This lab did not give you the specific IP addresses to configure, but it gave enough info for you to derive the IP addresses for both switches and derive the router’s IP address. This first section of the post details that bit of math.

First, as a reminder, here’s the LAN topology:

Figure 1 – Lab Topology

For the one subnet/VLAN in this lab, you used the highest three IP addresses for the network devices: the highest for R1, the next highest for SW1, and the next highest for SW2. The problem statement also listed the subnet ID (192.168.1.0/27), so all you have to do is a normal problem of finding all the addresses in the subnet, find the 3 numerically highest numbers, and use those.

In this case, subnet 192.168.1.0/27 includes these numbers:

The configuration steps will also require that you configure the subnet mask as a dotted-decimal number, so you would also need to convert /27 to its DDN equivalent of 255.255.255.224.

 

Switch Configurations

The switch configurations require some basic steps, at least as long as you know the steps.

First, to send IP packets at all, generally speaking, the switch needs:

  • An IP address assigned to one VLAN interface.
  • The VLAN needs to be active.
  • The VLAN interface needs to be enabled.

The requirements state that only VLAN 1 exists with this specific lab, so the IP address must be configured on the VLAN 1 interface. As a result, both switches need a VLAN 1 interface, with the interface vlan 1 command used to enter interface configuration mode for that interface. The interface also needs to be enabled (no shutdown).

While in interface VLAN 1 config mode, you also need to configure the IP address and mask per your earlier calculations. Many people who have not yet used the CLI much get confused about the idea of VLAN 1 versus the VLAN 1 interface. The VLAN 1 interface, configured with interface vlan 1, is the switch’s layer 3 interface into VLAN 1. Cisco also calls this a “switch virtual interface,” or SVI. So:

  • To switch Ethernet frames in VLAN 1, switch SW1 needs to be aware of VLAN 1
  • To have an interface that supports layer 3 functions within the switch that connects to VLAN 1, the switch needs to use interface VLAN 1, whose config mode is reached with command interface vlan 1.

Additionally, the requirements state that the switches must be configured to communicate off-subnet, which means they also must have a default gateway setting. A switch acts much like an IP host in regards to how its IP logic works. Like an IP host, when a switch needs to send an IP packet off-subnet, the switch sends the packet to its default gateway. R1 happens to be the only possible default gateway for SW1 and SW2 to use.

Known Issues in this Lab

This section of each Config Lab Answers post hopes to help with those issues by listing any known issues with Packet Tracer related to this lab. In this case, the issues are:

# Summary Detail
1 None No known issues related to this lab.

 

Why Would Cisco Packet Tracer Have Issues?

(Note: The below text is the same in every Config Lab.)

Cisco Packet Tracer (CPT) simulates Cisco routers and switches. However, CPT does not run the same software that runs in real Cisco routers and switches. Instead, developers wrote CPT to predict the output a real router or switch would display given the same topology and configuration – but without performing all the same tasks, an actual device has to do. On a positive note, CPT requires far less CPU and RAM than a lab full of devices so that you can run CPT on your computer as an app. In addition, simulators like CPT help you learn about the Cisco router/switch user interface – the Command Line Interface (CLI) – without having to own real devices.

CPT can have issues compared to real devices because CPT does not run the same software as Cisco devices. CPT does not support all commands or parameters of a command. CPT may supply output from a command that differs in some ways from what an actual device would give. Those differences can be a problem for anyone learning networking technology because you may not have experience with that technology on real gear – so you may not notice the differences. So this section lists differences and issues that we have seen when using CPT to do this lab.

Beyond comparing your answers to this lab’s Answers post, you can test in Cisco Packet Tracer (CPT) or Cisco Modeling Labs (CML). In fact, you can and should explore the lab once configured. For this lab, once you have completed the configuration, try these verification steps. 

  1. To test IP connectivity:
    1. Login to SW1 and SW2.
    2. Ping R1’s G0/0 IP address.
  2. To test the default gateway settings on the switches, you can create/configure a 2nd interface on the router. For instance:
    1. Login to router R1 and configure the interface loopback 1 and ip address 192.168.1.60 255.255.255.224 commands.
    2.  Return to the CLI of router SW1 and SW2 in succession, and now ping R1’s loopback address (192.168.1.60.) The ping will not work if the respective switch does not have a correct ip default-gateway setting.
  3. If using the pre-supplied files, note that the PCs should have IP addresses on the low-end of the address range in subnet 192.168.1.0/27. So, you could test IP settings on the switches by pinging those IP addresses or by using Telnet/SSH on the PCs to attempt to login to the switches.

More Labs with Related Content!

Config Lab: Switch Admin Config
Config Lab: VLAN Basics 3
Wendell Odom
By Wendell Odom August 31, 2021 21:05
Write a comment

8 Comments

  1. Emil January 23, 07:55

    Great lab Mr. Odom! I had a quick question about SW2 SSH: in a real world scenario, would you also add this command?
    ip ssh version 2

    Reply to this comment
    • certskills January 24, 17:20

      Hi Emil,
      Glad you like it! Yeah, I probably would. In reality, SSHv2 has been out so long that you’d be hard pressed to find an SSHv1 client, but making the device V2 only (by using ip ssh version 2) improves security by avoiding V1.

      Reply to this comment
  2. Calvin January 28, 20:07

    Hi Mr. Odom. I’m confused as to where the Config Labs for Chatper 5 are? Is this one of them? I can only filter by part, not by chapters (for config labs)

    Reply to this comment
    • certskills February 1, 13:33

      Hi Calvin,
      Thanks for the note. Two answers:
      1) I didn’t create any Config Labs for Chapter 5 just because the types of CLI topics in that chapter don’t really match the Config Lab style. Chapter 6 is the first chapter in sequence with Config Labs.
      2) You can search for Config Labs by chapter with a little more effort by using the “Advanced search” tool that’s listed at the top of the blog home page (blog.certskills.com). Click the button to “Go to Advanced Search”. On the right, you can choose “Config Lab 200-301”. On the left, you can click the plus signs (+) to expand an pick a book part or book chapter. EG, click “Config Lab 200-301” first, then click to expand Volume 1, click to expand part 2, and you’ll see chapter 6 and 7 listed (but not 5), implying there are some Config Labs for chapters 6 and 7. Choose either to filter to see only those for a given chapter.
      Hope this helps,
      Wendell

      Reply to this comment
  3. brahooke May 15, 19:29

    How come the labs are not organized by chapter as well as part? It would save time on my planner if I knew which of these labs were meant for Chapter 5.

    Reply to this comment
    • certskills May 18, 10:59

      Look at the top of every page, for the “advanced search” option. From there, on the left, you can drill down on the specific chapter. Then on the right, select “Config Labs”. That lists all config labs, by chapter.

      Reply to this comment
  4. Justin Travis May 22, 10:31

    the password cisco isn’t working in this lab

    Reply to this comment
View comments

Write a comment

Comment; Identify w/ Social Media or Email

Subscribe

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.

Search

Categories