Hot Standby Router Protocol (HSRP)

We implement HSRP in our core routers so that whenever we perform network maintenance, there's minimal impact in our network infrastructure. We allocate a /29 IP address subnet that would be assigned for the HSRP Virtual IP (VIP), PE Router 1, PE Router 2 and for other device such as ASA firewall context/gateway.

We usually buy the Cisco 3560/3750 Catalyst switch but it's already nearing EOS/EOL this year. We're now getting the Cisco 3650 Catalyst switch but I recently encountered an error in one that was deployed to a client:

May 13 14:01:09.903 UTC: %AAA-3-ACCT_LOW_MEM_UID_FAIL: AAA unable to create UID for incoming calls due to insufficient processor memory

A reboot of the switch usually resolves this kind of memory issue but the error might re-occur in the future. So I did an switch IOS upgrade instead to avoid any risk. The switch's CPU and memory usage greatly improved afterwards.

3560X#show version | inc IOS
Cisco IOS Software, C3560E Software (C3560E-UNIVERSALK9-M), Version 15.0(2)SE2, RELEASE SOFTWARE (fc1)

3560X(config)#boot system flash:c3560e-universalk9-mz.150-2.SE7.bin 
3560X(config)#do show run | inc boot
boot-start-marker
boot-end-marker
3560X(config)#do show boot
BOOT path-list      : flash:c3560e-universalk9-mz.150-2.SE7.bin
Config file         : flash:/config.text
Private Config file : flash:/private-config.text
Enable Break        : no
Manual Boot         : no
HELPER path-list    :
Auto upgrade        : yes
Auto upgrade path   :
NVRAM/Config file
      buffer size:   524288
Timeout for Config
          Download:    0 seconds
Config Download
       via DHCP:       disabled (next boot: disabled)

<RELOAD>

3560X#show version | inc IOS
Cisco IOS Software, C3560E Software (C3560E-UNIVERSALK9-M), Version 15.0(2)SE7, RELEASE SOFTWARE (fc1)

The switch's memory usage of the switch significantly dropped from 94% down to 21%.

I learned a connector tip in MS Visio 2010 where the lines "jump" or arc with each other to make it look cleaner. It's located under Home > Connector. Draw or make a line and copy/paste another line.

 

ALS1(config)#enable secret cisco
ALS1(config)#line vty 0 15
ALS1(config-line)#password cisco
ALS1(config-line)#login
ALS1(config-line)#exit
ALS1(config)#interface vlan 1
ALS1(config-if)#ip address 172.16.1.101 255.255.255.0
ALS1(config-if)#no shutdown
ALS1(config-if)#
00:04:45: %LINK-3-UPDOWN: Interface Vlan1, changed state to up
00:04:46: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up


ALS2(config)#enable secret cisco
ALS2(config)#line vty 0 15
ALS2(config-line)#password cisco
ALS2(config-line)#login
ALS2(config-line)#exit
ALS2(config)#interface vlan 1
ALS2(config-if)#ip address 172.16.1.102 255.255.255.0
ALS2(config-if)#no shutdown


DLS1(config)#enable secret cisco
DLS1(config)#line vty 0 15
DLS1(config-line)#password cisco
DLS1(config-line)#login
DLS1(config-line)#interface vlan 1
DLS1(config-if)#ip address 172.16.1.3 255.255.255.0
DLS1(config-if)#no shutdown
DLS1(config-if)#
*Mar  1 00:05:59.485: %LINK-3-UPDOWN: Interface Vlan1, changed state to up
*Mar  1 00:06:00.492: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up


DLS2(config)#enable secret cisco
DLS2(config)#line vty 0 15
DLS2(config-line)#password cisco
DLS2(config-line)#login
DLS2(config-line)#exit
DLS2(config)#interface vlan 1
DLS2(config-if)#ip address 172.16.1.4 255.255.255.0
DLS2(config-if)#no shutdown
DLS2(config-if)#
*Mar  1 00:07:19.286: %LINK-3-UPDOWN: Interface Vlan1, changed state to up
*Mar  1 00:07:20.292: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up


ALS1(config)#ip default-gateway 172.16.1.1


ALS2(config)#ip default-gateway 172.16.1.1


DLS1(config)#interface range fastethernet0/7-8
DLS1(config-if-range)#shutdown     // IT'S A GOOD PRACTICE TO SHUTDOWN PORTS BEFORE PORT CHANNEL IS CREATED
*Mar  1 00:09:20.249: %LINK-5-CHANGED: Interface FastEthernet0/7, changed state to administratively down
*Mar  1 00:09:20.258: %LINK-5-CHANGED: Interface FastEthernet0/8, changed state to administratively down
*Mar  1 00:09:21.256: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down
*Mar  1 00:09:21.264: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down
DLS1(config-if-range)#switchport trunk encapsulation dot1q
DLS1(config-if-range)#switchport mode trunk
DLS1(config-if-range)#channel-group 1 mode desirable
Creating a port-channel interface Port-channel 1

DLS1(config-if-range)#no shutdown
DLS1(config-if-range)#
*Mar  1 00:10:02.343: %LINK-3-UPDOWN: Interface FastEthernet0/7, changed state to up
*Mar  1 00:10:02.352: %LINK-3-UPDOWN: Interface FastEthernet0/8, changed state to up
*Mar  1 00:10:14.968: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up
*Mar  1 00:10:15.908: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up

DLS1(config-if-range)#interface range fastethernet0/9-10
DLS1(config-if-range)#shutdown
DLS1(config-if-range)#
*Mar  1 00:11:17.430: %LINK-5-CHANGED: Interface FastEthernet0/9, changed state to administratively down
*Mar  1 00:11:17.438: %LINK-5-CHANGED: Interface FastEthernet0/10, changed state to administratively down
*Mar  1 00:11:18.437: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9, changed state to down
*Mar  1 00:11:18.445: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/10, changed state to down
DLS1(config-if-range)#switchport trunk encapsulation dot1q
DLS1(config-if-range)#switchport mode trunk
DLS1(config-if-range)#channel-group 2 mode desirable
Creating a port-channel interface Port-channel 2

DLS1(config-if-range)#no shutdown
DLS1(config-if-range)#
*Mar  1 00:11:40.767: %LINK-3-UPDOWN: Interface FastEthernet0/9, changed state to up
*Mar  1 00:11:40.767: %LINK-3-UPDOWN: Interface FastEthernet0/10, changed state to up
*Mar  1 00:11:53.325: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9, changed state to up
*Mar  1 00:11:53.350: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/10, changed state to up

DLS1(config-if-range)#interface range fastethernet0/11-12
DLS1(config-if-range)#shutdown
DLS1(config-if-range)#switchport trunk encapsulation dot1q
*Mar  1 00:12:35.041: %LINK-5-CHANGED: Interface FastEthernet0/11, changed state to administratively down
*Mar  1 00:12:35.050: %LINK-5-CHANGED: Interface FastEthernet0/12, changed state to administratively down
*Mar  1 00:12:35.060: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down
*Mar  1 00:12:36.074: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down
DLS1(config-if-range)#switchport mode trunk
DLS1(config-if-range)#channel-group 3 mode desirable
Creating a port-channel interface Port-channel 3

DLS1(config-if-range)#no shutdown
DLS1(config-if-range)#
*Mar  1 00:12:57.456: %LINK-3-UPDOWN: Interface FastEthernet0/11, changed state to up
*Mar  1 00:12:57.464: %LINK-3-UPDOWN: Interface FastEthernet0/12, changed state to up
*Mar  1 00:13:10.626: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to up
*Mar  1 00:13:10.668: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to up


DLS2(config)#interface range fastethernet0/7-8
DLS2(config-if-range)#shutdown
DLS2(config-if-range)#
*Mar  1 00:15:56.720: %LINK-5-CHANGED: Interface FastEthernet0/7, changed state to administratively down
*Mar  1 00:15:56.737: %LINK-5-CHANGED: Interface FastEthernet0/8, changed state to administratively down
*Mar  1 00:15:57.727: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down
*Mar  1 00:15:57.744: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down
DLS2(config-if-range)#switchport trunk encapsulation dot1q
DLS2(config-if-range)#switchport mode trunk
DLS2(config-if-range)#channel-group 1 mode desirable
Creating a port-channel interface Port-channel 1

DLS2(config-if-range)#no shutdown
DLS2(config-if-range)#
*Mar  1 00:16:21.467: %LINK-3-UPDOWN: Interface FastEthernet0/7, changed state to up
*Mar  1 00:16:21.475: %LINK-3-UPDOWN: Interface FastEthernet0/8, changed state to up
*Mar  1 00:16:34.242: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up
*Mar  1 00:16:34.997: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up

DLS2(config)#interface range fastethernet0/9-10
DLS2(config-if-range)#shutdown
DLS2(config-if-range)#
*Mar  1 00:17:15.162: %LINK-5-CHANGED: Interface FastEthernet0/9, changed state to administratively down
*Mar  1 00:17:15.179: %LINK-5-CHANGED: Interface FastEthernet0/10, changed state to administratively down
*Mar  1 00:17:16.169: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9, changed state to down
*Mar  1 00:17:16.185: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/10, changed state to down
DLS2(config-if-range)#switchport trunk encapsulation dot1q
DLS2(config-if-range)#switchport mode trunk
DLS2(config-if-range)#channel-group 2 mode desirable
Creating a port-channel interface Port-channel 2

DLS2(config-if-range)#no shutdown
DLS2(config-if-range)#
*Mar  1 00:17:37.568: %LINK-3-UPDOWN: Interface FastEthernet0/9, changed state to up
*Mar  1 00:17:37.576: %LINK-3-UPDOWN: Interface FastEthernet0/10, changed state to up
*Mar  1 00:17:50.688: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9, changed state to up
*Mar  1 00:17:50.965: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/10, changed state to up

DLS2(config)#interface range fastethernet0/11-12
DLS2(config-if-range)#shutdown
*Mar  1 00:18:18.773: %LINK-5-CHANGED: Interface FastEthernet0/11, changed state to administratively down
*Mar  1 00:18:18.798: %LINK-5-CHANGED: Interface FastEthernet0/12, changed state to administratively down
*Mar  1 00:18:19.780: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down
*Mar  1 00:18:19.805: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down
DLS2(config-if-range)#switchport trunk encapsulation dot1q
DLS2(config-if-range)#switchport mode trunk
DLS2(config-if-range)#channel-group 3 mode desirable
Creating a port-channel interface Port-channel 3

DLS2(config-if-range)#no shutdown
DLS2(config-if-range)#
*Mar  1 00:18:45.776: %LINK-3-UPDOWN: Interface FastEthernet0/11, changed state to up
*Mar  1 00:18:45.784: %LINK-3-UPDOWN: Interface FastEthernet0/12, changed state to up
*Mar  1 00:18:51.598: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to up
*Mar  1 00:18:51.631: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to up
*Mar  1 00:18:52.587: %LINK-3-UPDOWN: Interface Port-channel3, changed state to up
*Mar  1 00:18:53.594: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel3, changed state to up


ALS1(config)#interface range fastethernet0/7-8
ALS1(config-if-range)#shutdown
ALS1(config-if-range)#
00:22:14: %LINK-5-CHANGED: Interface FastEthernet0/7, changed state to administratively down
00:22:14: %LINK-5-CHANGED: Interface FastEthernet0/8, changed state to administratively down
00:22:15: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down
00:22:15: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down
ALS1(config-if-range)#switchport trunk encapsulation dot1q
ALS1(config-if-range)#switchport mode trunk
ALS1(config-if-range)#channel-group 1 mode desirable
Creating a port-channel interface Port-channel 1

ALS1(config-if-range)#no shutdown
ALS1(config-if-range)#
00:22:43: %LINK-3-UPDOWN: Interface FastEthernet0/7, changed state to up
00:22:43: %LINK-3-UPDOWN: Interface FastEthernet0/8, changed state to up
00:22:48: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up
00:22:48: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up
00:22:49: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up
00:22:50: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changed state to up

ALS1(config)#interface range fastethernet0/4-5
ALS1(config-if-range)#shutdown
ALS1(config-if-range)#
00:29:07: %LINK-5-CHANGED: Interface FastEthernet0/4, changed state to administratively down
00:29:07: %LINK-5-CHANGED: Interface FastEthernet0/5, changed state to administratively down
00:29:08: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to down
00:29:08: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to down
ALS1(config-if-range)#switchport trunk encapsulation dot1q
ALS1(config-if-range)#switchport mode trunk
ALS1(config-if-range)#channel-group 2 mode desirable
Creating a port-channel interface Port-channel 2

ALS1(config-if-range)#no shutdown
ALS1(config-if-range)#
00:29:38: %LINK-3-UPDOWN: Interface FastEthernet0/4, changed state to up
00:29:38: %LINK-3-UPDOWN: Interface FastEthernet0/5, changed state to up
00:29:44: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to up
00:29:44: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to up
00:29:45: %LINK-3-UPDOWN: Interface Port-channel2, changed state to up
00:29:46: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel2, changed state to up

ALS1(config)#interface range fastethernet0/1-2
ALS1(config-if-range)#shutdown
ALS1(config-if-range)#
00:30:45: %LINK-5-CHANGED: Interface FastEthernet0/1, changed state to administratively down
00:30:45: %LINK-5-CHANGED: Interface FastEthernet0/2, changed state to administratively down
00:30:46: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
00:30:46: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down
ALS1(config-if-range)#switchport trunk encapsulation dot1q
ALS1(config-if-range)#switchport mode trunk
ALS1(config-if-range)#channel-group 3 mode desirable
Creating a port-channel interface Port-channel 3

ALS1(config-if-range)#no shutdown
ALS1(config-if-range)#
00:31:11: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
00:31:11: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to up
00:31:24: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up
00:31:24: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up


ALS2(config)#interface range fastethernet0/7-8
ALS2(config-if-range)#shutdown
ALS2(config-if-range)#
00:32:30: %LINK-5-CHANGED: Interface FastEthernet0/7, changed state to administratively down
00:32:31: %LINK-5-CHANGED: Interface FastEthernet0/8, changed state to administratively down
00:32:32: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down
ALS2(config-if-range)#
00:32:32: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down
ALS2(config-if-range)#switchport trunk encapsulation dot1q
ALS2(config-if-range)#switchport mode trunk
ALS2(config-if-range)#channel-group 1 mode desirable
Creating a port-channel interface Port-channel 1

ALS2(config-if-range)#no shutdown
ALS2(config-if-range)#
00:33:02: %LINK-3-UPDOWN: Interface FastEthernet0/7, changed state to up
00:33:02: %LINK-3-UPDOWN: Interface FastEthernet0/8, changed state to up
ALS2(config-if-range)#
00:33:07: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up
00:33:07: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up
ALS2(config-if-range)#
00:33:08: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up
00:33:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changed state to up

ALS2(config)#interface range fastethernet0/4-5
ALS2(config-if-range)#switchport trunk encapsulation dot1q
ALS2(config-if-range)#switchport mode trunk
ALS2(config-if-range)#channel-group 2 mode desirable
Creating a port-channel interface Port-channel 2

ALS2(config-if-range)#
00:33:50: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to down
00:33:50: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down
00:33:50: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to down
ALS2(config-if-range)#
00:33:52: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel2, changed state to up
00:33:52: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/4, changed state to up
00:33:52: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/5, changed state to up
ALS2(config-if-range)#
00:33:53: %LINK-3-UPDOWN: Interface Port-channel2, changed state to up

ALS2(config)#interface range fastethernet0/1-2
ALS2(config-if-range)#switchport trunk encapsulation dot1q
ALS2(config-if-range)#switchport mode trunk
ALS2(config-if-range)#channel-group 3 mode desirable
Creating a port-channel interface Port-channel 3

ALS2(config-if-range)#
00:35:00: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
00:35:01: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to down
ALS2(config-if-range)#
00:35:02: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel3, changed state to up
00:35:03: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
00:35:03: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up
ALS2(config-if-range)#
00:35:04: %LINK-3-UPDOWN: Interface Port-channel3, changed state to up


DLS1#show interfaces trunk

Port        Mode             Encapsulation  Status        Native vlan
Po1         on               802.1q         trunking      1
Po2         on               802.1q         trunking      1
Po3         on               802.1q         trunking      1

Port        Vlans allowed on trunk
Po1         1-4094
Po2         1-4094
Po3         1-4094

Port        Vlans allowed and active in management domain
Po1         1
Po2         1
Po3         1

Port        Vlans in spanning tree forwarding state and not pruned
Po1         1
Po2         1
Po3         1

DLS1#show etherchannel summary
Flags:  D - down        P - bundled in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator

        M - not in use, minimum links not met
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 3
Number of aggregators:           3

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(SU)         PAgP      Fa0/7(P)    Fa0/8(P)
2      Po2(SU)         PAgP      Fa0/9(P)    Fa0/10(P)
3      Po3(SU)         PAgP      Fa0/11(P)   Fa0/12(P)


DLS2#show interfaces trunk

Port        Mode             Encapsulation  Status        Native vlan
Po1         on               802.1q         trunking      1
Po2         on               802.1q         trunking      1
Po3         on               802.1q         trunking      1

Port        Vlans allowed on trunk
Po1         1-4094
Po2         1-4094
Po3         1-4094

Port        Vlans allowed and active in management domain
Po1         1
Po2         1
Po3         1

Port        Vlans in spanning tree forwarding state and not pruned
Po1         1
Po2         1
Po3         1

DLS2#show etherchannel summary
Flags:  D - down        P - bundled in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator

        M - not in use, minimum links not met
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 3
Number of aggregators:           3

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(SU)         PAgP      Fa0/7(P)    Fa0/8(P)
2      Po2(SU)         PAgP      Fa0/9(P)    Fa0/10(P)
3      Po3(SU)         PAgP      Fa0/11(P)   Fa0/12(P)


ALS1#show interfaces trunk

Port        Mode         Encapsulation  Status        Native vlan
Po1         on           802.1q         trunking      1
Po2         on           802.1q         trunking      1
Po3         on           802.1q         trunking      1

Port        Vlans allowed on trunk
Po1         1-4094
Po2         1-4094
Po3         1-4094

Port        Vlans allowed and active in management domain
Po1         1
Po2         1
Po3         1

Port        Vlans in spanning tree forwarding state and not pruned
Po1         1
Po2         none
Po3         none

ALS1#show etherchannel summary
Flags:  D - down        P - in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 3
Number of aggregators:           3

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(SU)         PAgP      Fa0/7(P)    Fa0/8(P)
2      Po2(SU)         PAgP      Fa0/4(P)    Fa0/5(P)
3      Po3(SU)         PAgP      Fa0/1(P)    Fa0/2(P)


ALS2#show interfaces trunk

Port        Mode         Encapsulation  Status        Native vlan
Po1         on           802.1q         trunking      1
Po2         on           802.1q         trunking      1
Po3         on           802.1q         trunking      1

Port        Vlans allowed on trunk
Po1         1-4094
Po2         1-4094
Po3         1-4094

Port        Vlans allowed and active in management domain
Po1         1
Po2         1
Po3         1

Port        Vlans in spanning tree forwarding state and not pruned
Po1         none
Po2         1
Po3         1

ALS2#show etherchannel summary
Flags:  D - down        P - in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 3
Number of aggregators:           3

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(SU)         PAgP      Fa0/7(P)    Fa0/8(P)
2      Po2(SU)         PAgP      Fa0/4(P)    Fa0/5(P)
3      Po3(SU)         PAgP      Fa0/1(P)    Fa0/2(P)


ALS1(config)#vtp mode client
Setting device to VTP CLIENT mode.
ALS1(config)#do show vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Client
VTP Domain Name                 :
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00


ALS2(config)#vtp mode client
Setting device to VTP CLIENT mode.
ALS2(config)#do show vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Client
VTP Domain Name                 :
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00


DLS1(config)#vtp domain SWPOD
Changing VTP domain name from NULL to SWPOD
DLS1(config)#v
*Mar  1 00:39:23.146: %SW_VLAN-6-VTP_DOMAIN_NAME_CHG: VTP domain name changed to SWPOD
DLS1(config)#vtp version 2
DLS1(config)#vlan 10
DLS1(config-vlan)#name Finance
DLS1(config-vlan)#vlan 20
DLS1(config-vlan)#name Engineering
DLS1(config-vlan)#vlan 30
DLS1(config-vlan)#name Server-Farm1
DLS1(config-vlan)#vlan 40
DLS1(config-vlan)#name Server-Farm2

DLS1#show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/13, Fa0/14
                                                Fa0/15, Fa0/16, Fa0/17, Fa0/18
                                                Fa0/19, Fa0/20, Fa0/21, Fa0/22
                                                Fa0/23, Fa0/24, Gi0/1, Gi0/2
10   Finance                          active
20   Engineering                      active
30   Server-Farm1                     active
40   Server-Farm2                     active
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        0      0
10   enet  100010     1500  -      -      -        -    -        0      0
20   enet  100020     1500  -      -      -        -    -        0      0
30   enet  100030     1500  -      -      -        -    -        0      0

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
40   enet  100040     1500  -      -      -        -    -        0      0
1002 fddi  101002     1500  -      -      -        -    -        0      0
1003 trcrf 101003     4472  1005   3276   -        -    srb      0      0
1004 fdnet 101004     1500  -      -      -        ieee -        0      0
1005 trbrf 101005     4472  -      -      15       ibm  -        0      0


VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7       7       off

Remote SPAN VLANs
------------------------------------------------------------------------------


Primary Secondary Type              Ports
------- --------- ----------------- ------------------------------------------

DLS1#show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/13, Fa0/14
                                                Fa0/15, Fa0/16, Fa0/17, Fa0/18
                                                Fa0/19, Fa0/20, Fa0/21, Fa0/22
                                                Fa0/23, Fa0/24, Gi0/1, Gi0/2
10   Finance                          active
20   Engineering                      active
30   Server-Farm1                     active
40   Server-Farm2                     active
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        0      0
10   enet  100010     1500  -      -      -        -    -        0      0
20   enet  100020     1500  -      -      -        -    -        0      0
30   enet  100030     1500  -      -      -        -    -        0      0

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
40   enet  100040     1500  -      -      -        -    -        0      0
1002 fddi  101002     1500  -      -      -        -    -        0      0
1003 trcrf 101003     4472  1005   3276   -        -    srb      0      0
1004 fdnet 101004     1500  -      -      -        ieee -        0      0
1005 trbrf 101005     4472  -      -      15       ibm  -        0      0


VLAN AREHops STEHops Backup CRF
---- ------- ------- ----------
1003 7       7       off

Remote SPAN VLANs
------------------------------------------------------------------------------


Primary Secondary Type              Ports
------- --------- ----------------- ------------------------------------------

DLS1#show vtp status
VTP Version                     : running VTP2
Configuration Revision          : 5
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 9
VTP Operating Mode              : Server
VTP Domain Name                 : SWPOD
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Enabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x7F 0x53 0x2C 0x4F 0xA6 0x4F 0x7E 0x34
Configuration last modified by 172.16.1.3 at 3-1-93 00:40:15
Local updater ID is 172.16.1.3 on interface Vl1 (lowest numbered VLAN interface found)


DLS1(config)#interface fastethernet0/6
DLS1(config-if)#switchport mode access
DLS1(config-if)#switchport access vlan 30
DLS1(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface  when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION

%Portfast has been configured on FastEthernet0/6 but will only
 have effect when the interface is in a non-trunking mode.


DLS2(config)#interface fastethernet0/6
DLS2(config-if)#switchport mode access
DLS2(config-if)#switchport access vlan 40
DLS2(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface  when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION

%Portfast has been configured on FastEthernet0/6 but will only
 have effect when the interface is in a non-trunking mode.


ALS1(config)#interface fastethernet0/6
ALS1(config-if)#switchport mode access
ALS1(config-if)#switchport access vlan 10
ALS1(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface  when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION

%Portfast has been configured on FastEthernet0/6 but will only
 have effect when the interface is in a non-trunking mode.


ALS2(config)#interface fastethernet0/6
ALS2(config-if)#switchport mode access
ALS2(config-if)#switchport access vlan 20
ALS2(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface  when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION

%Portfast has been configured on FastEthernet0/6 but will only
 have effect when the interface is in a non-trunking mode.


Payroll (Host A):

C:\Users\Payroll>ipconfig

Windows IP Configuration

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::4562:9b92:c15f:91ff%10
   IPv4 Address. . . . . . . . . . . : 172.16.10.100
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 172.16.10.1

C:\Users\Payroll>ping 172.16.40.100    // PING FROM PAYROLL HOST A TO SQL SERVER

Pinging 172.16.40.100 with 32 bytes of data:
Reply from 172.16.10.100: Destination host unreachable.
Reply from 172.16.10.100: Destination host unreachable.
Reply from 172.16.10.100: Destination host unreachable.
Reply from 172.16.10.100: Destination host unreachable.

Ping statistics for 172.16.40.100:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),


DLS1(config)#interface vlan 1
DLS1(config-if)#standby 1 ip 172.16.1.1    // VIRTUAL GATEWAY IP
DLS1(config-if)#standby 1 preempt    // ALLOWS ROUTER WITH HIGHER PRIORITY TO BECOME ACTIVE
DLS1(config-if)#standby 1 priority 150     // DLS1 IS THE ACTIVE ROUTER FOR VLANs 1, 10, AND 20 SINCE PRIORITY IS HIGHER (150 > 100)
DLS1(config-if)#exit
DLS1(config)#interface vlan 10
*Mar  1 00:59:12.617: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up
*Mar  1 00:59:17.868: %HSRP-5-STATECHANGE: Vlan1 Grp 1 state Speak -> Standby
*Mar  1 00:59:18.363: %HSRP-5-STATECHANGE: Vlan1 Grp 1 state Standby -> Active
DLS1(config-if)#ip address 172.16.10.3 255.255.255.0
DLS1(config-if)#standby 1 ip 172.16.10.1
DLS1(config-if)#standby 1 preempt
DLS1(config-if)#standby 1 priority 150
DLS1(config-if)#exit
DLS1(config)#
*Mar  1 01:00:05.767: %HSRP-5-STATECHANGE: Vlan10 Grp 1 state Speak -> Standby
*Mar  1 01:00:06.262: %HSRP-5-STATECHANGE: Vlan10 Grp 1 state Standby -> Active
DLS1(config)#interface vlan 20
*Mar  1 01:00:19.726: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to up
DLS1(config-if)#ip address 172.16.20.3 255.255.255.0
DLS1(config-if)#standby 1 ip 172.16.20.1
DLS1(config-if)#standby 1 preempt
DLS1(config-if)#standby 1 priority 150
DLS1(config-if)#exit
DLS1(config)#
*Mar  1 01:01:03.514: %HSRP-5-STATECHANGE: Vlan20 Grp 1 state Speak -> Standby
*Mar  1 01:01:04.009: %HSRP-5-STATECHANGE: Vlan20 Grp 1 state Standby -> Active
DLS1(config)#interface vlan 30
DLS1(config-if)#
*Mar  1 01:01:12.758: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan30, changed state to up
DLS1(config-if)#ip address 172.16.30.3 255.255.255.0
DLS1(config-if)#standby 1 ip 172.16.30.1
DLS1(config-if)#standby 1 preempt
DLS1(config-if)#standby 1 priority 100     // DLS1 IS THE STANDBY ROUTER FOR VLANs 30 AND 40
DLS1(config-if)#exit
DLS1(config)#
*Mar  1 01:01:54.400: %HSRP-5-STATECHANGE: Vlan30 Grp 1 state Speak -> Standby
*Mar  1 01:01:54.903: %HSRP-5-STATECHANGE: Vlan30 Grp 1 state Standby -> Active
DLS1(config)#interface vlan 40
DLS1(config-if)#
*Mar  1 01:02:03.115: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan40, changed state to up
DLS1(config-if)#ip address 172.16.40.3 255.255.255.0
DLS1(config-if)#standby 1 ip 172.16.40.1
DLS1(config-if)#standby 1 preempt
DLS1(config-if)#standby 1 priority 100
DLS1(config-if)#
*Mar  1 01:03:40.943: %HSRP-5-STATECHANGE: Vlan40 Grp 1 state Speak -> Standby
*Mar  1 01:03:41.438: %HSRP-5-STATECHANGE: Vlan40 Grp 1 state Standby -> Active


DLS2(config)#ip routing
DLS2(config)#interface vlan 1
DLS2(config-if)#standby 1 ip 172.16.1.1
DLS2(config-if)#standby 1 preempt
DLS2(config-if)#standby 1 priority 100     // DLS2 IS THE STANDBY ROUTER FOR VLANs 1, 10 AND 20
DLS2(config-if)#exit
DLS2(config)#
*Mar  1 01:09:26.713: %HSRP-5-STATECHANGE: Vlan1 Grp 1 state Speak -> Standby
DLS2(config)#interface vlan 10
DLS2(config-if)#
*Mar  1 01:09:50.378: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up
DLS2(config-if)#ip address 172.16.10.4 255.255.255.0
DLS2(config-if)#standby 1 ip 172.16.10.1
DLS2(config-if)#standby 1 preempt
DLS2(config-if)#standby 1 priority 100
DLS2(config-if)#exit
DLS2(config)#
*Mar  1 01:10:33.671: %HSRP-5-STATECHANGE: Vlan10 Grp 1 state Speak -> Standby
DLS2(config)#interface vlan 20
DLS2(config-if)#
*Mar  1 01:10:53.401: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to up
DLS2(config-if)#ip address 172.16.20.4 255.255.255.0
DLS2(config-if)#standby 1 ip 172.16.20.1
DLS2(config-if)#standby 1 preempt
DLS2(config-if)#standby 1 priority 100
DLS2(config-if)#exit
DLS2(config)#
*Mar  1 01:11:31.930: %HSRP-5-STATECHANGE: Vlan20 Grp 1 state Speak -> Standby
DLS2(config)#interface vlan 30
DLS2(config-if)#
*Mar  1 01:11:55.468: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan30, changed state to up
DLS2(config-if)#ip address 172.16.30.4 255.255.255.0
DLS2(config-if)#standby 1 ip 172.16.30.1
DLS2(config-if)#standby 1 preempt
DLS2(config-if)#standby 1 priority 150     // DLS2 IS THE ACTIVE ROUTER FOR VLANs 30 AND 40
DLS2(config-if)#exit
DLS2(config)#
*Mar  1 01:12:21.096: %HSRP-5-STATECHANGE: Vlan30 Grp 1 state Listen -> Active
DLS2(config)#interface vlan 40
DLS2(config-if)#
*Mar  1 01:12:35.272: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan40, changed state to up
DLS2(config-if)#ip address 172.16.40.4 255.255.255.0
DLS2(config-if)#standby 1 ip 172.16.40.1
DLS2(config-if)#standby 1 preempt
DLS2(config-if)#standby 1 priority 150
DLS2(config-if)#
*Mar  1 01:13:04.440: %HSRP-5-STATECHANGE: Vlan40 Grp 1 state Listen -> Active


DLS1#show standby
Vlan1 - Group 1  
  State is Active   
    2 state changes, last state change 00:14:49
  Virtual IP address is 172.16.1.1  
  Active virtual MAC address is 0000.0c07.ac01
    Local virtual MAC address is 0000.0c07.ac01 (v1 default)
  Hello time 3 sec, hold time 10 sec   
    Next hello sent in 2.128 secs
  Preemption enabled
  Active router is local  
  Standby router is 172.16.1.4, priority 100 (expires in 9.396 sec)   
  Priority 150 (configured 150)
  IP redundancy name is "hsrp-Vl1-1" (default)
Vlan10 - Group 1  
  State is Active  
    2 state changes, last state change 00:14:02
  Virtual IP address is 172.16.10.1
  Active virtual MAC address is 0000.0c07.ac01
    Local virtual MAC address is 0000.0c07.ac01 (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 1.541 secs
  Preemption enabled
  Active router is local
  Standby router is 172.16.10.4, priority 100 (expires in 7.894 sec)
  Priority 150 (configured 150)
  IP redundancy name is "hsrp-Vl10-1" (default)
Vlan20 - Group 1  
  State is Active   
    2 state changes, last state change 00:13:06
  Virtual IP address is 172.16.20.1
  Active virtual MAC address is 0000.0c07.ac01
    Local virtual MAC address is 0000.0c07.ac01 (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 0.400 secs
  Preemption enabled
  Active router is local
  Standby router is 172.16.20.4, priority 100 (expires in 8.800 sec)
  Priority 150 (configured 150)
  IP redundancy name is "hsrp-Vl20-1" (default)
Vlan30 - Group 1   
  State is Standby   
    4 state changes, last state change 00:02:08
  Virtual IP address is 172.16.30.1
  Active virtual MAC address is 0000.0c07.ac01
    Local virtual MAC address is 0000.0c07.ac01 (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 2.480 secs
  Preemption enabled
  Active router is 172.16.30.4, priority 150 (expires in 8.482 sec)
  Standby router is local
  Priority 100 (default 100)
  IP redundancy name is "hsrp-Vl30-1" (default)
Vlan40 - Group 1   
  State is Standby   
    4 state changes, last state change 00:01:32
  Virtual IP address is 172.16.40.1
  Active virtual MAC address is 0000.0c07.ac01
    Local virtual MAC address is 0000.0c07.ac01 (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 0.190 secs
  Preemption enabled
  Active router is 172.16.40.4, priority 150 (expires in 9.195 sec)
  Standby router is local
  Priority 100 (default 100)
  IP redundancy name is "hsrp-Vl40-1" (default)


DLS2#show standby
Vlan1 - Group 1   
  State is Standby  
    1 state change, last state change 00:06:30
  Virtual IP address is 172.16.1.1
  Active virtual MAC address is 0000.0c07.ac01
    Local virtual MAC address is 0000.0c07.ac01 (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 0.249 secs
  Preemption enabled
  Active router is 172.16.1.3, priority 150 (expires in 9.984 sec)
  Standby router is local
  Priority 100 (default 100)
  IP redundancy name is "hsrp-Vl1-1" (default)
Vlan10 - Group 1  
  State is Standby  
    1 state change, last state change 00:05:23
  Virtual IP address is 172.16.10.1
  Active virtual MAC address is 0000.0c07.ac01
    Local virtual MAC address is 0000.0c07.ac01 (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 0.508 secs
  Preemption enabled
  Active router is 172.16.10.3, priority 150 (expires in 9.396 sec)
  Standby router is local
  Priority 100 (default 100)
  IP redundancy name is "hsrp-Vl10-1" (default)
Vlan20 - Group 1  
  State is Standby   
    1 state change, last state change 00:04:26
  Virtual IP address is 172.16.20.1
  Active virtual MAC address is 0000.0c07.ac01
    Local virtual MAC address is 0000.0c07.ac01 (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 1.506 secs
  Preemption enabled
  Active router is 172.16.20.3, priority 150 (expires in 8.943 sec)
  Standby router is local
  Priority 100 (default 100)
  IP redundancy name is "hsrp-Vl20-1" (default)
Vlan30 - Group 1   
  State is Active   
    1 state change, last state change 00:03:37
  Virtual IP address is 172.16.30.1
  Active virtual MAC address is 0000.0c07.ac01
    Local virtual MAC address is 0000.0c07.ac01 (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 0.929 secs
  Preemption enabled
  Active router is local
  Standby router is 172.16.30.3, priority 100 (expires in 8.927 sec)
  Priority 150 (configured 150)
  IP redundancy name is "hsrp-Vl30-1" (default)
Vlan40 - Group 1   
  State is Active   
    1 state change, last state change 00:02:54
  Virtual IP address is 172.16.40.1
  Active virtual MAC address is 0000.0c07.ac01
    Local virtual MAC address is 0000.0c07.ac01 (v1 default)
  Hello time 3 sec, hold time 10 sec
    Next hello sent in 1.641 secs
  Preemption enabled
  Active router is local
  Standby router is 172.16.40.3, priority 100 (expires in 9.639 sec)
  Priority 150 (configured 150)
  IP redundancy name is "hsrp-Vl40-1" (default)


DLS1#show standby ?
  BVI              Bridge-Group Virtual Interface
  FastEthernet     FastEthernet IEEE 802.3
  GigabitEthernet  GigabitEthernet IEEE 802.3z
  Port-channel     Ethernet Channel of interfaces
  Vlan             Catalyst Vlans
  all              Include groups in disabled state
  brief            Brief output
  capability       HSRP capability
  delay            Group initialisation delay
  internal         Internal HSRP information
  redirect         HSRP ICMP redirect information
  |                Output modifiers
  <cr>

DLS1#show standby brief
                     P indicates configured to preempt.
                     |
Interface   Grp Prio P State    Active          Standby         Virtual IP
Vl1         1   150  P Active   local           172.16.1.4      172.16.1.1
Vl10        1   150  P Active   local           172.16.10.4     172.16.10.1
Vl20        1   150  P Active   local           172.16.20.4     172.16.20.1
Vl30        1   100  P Standby  172.16.30.4     local           172.16.30.1
Vl40        1   100  P Standby  172.16.40.4     local           172.16.40.1


DLS2#show standby brief
                     P indicates configured to preempt.
                     |
Interface   Grp Prio P State    Active          Standby         Virtual IP
Vl1         1   100  P Standby  172.16.1.3      local           172.16.1.1
Vl10        1   100  P Standby  172.16.10.3     local           172.16.10.1
Vl20        1   100  P Standby  172.16.20.3     local           172.16.20.1
Vl30        1   150  P Active   local           172.16.30.3     172.16.30.1
Vl40        1   150  P Active   local           172.16.40.3     172.16.40.1


DLS1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     172.16.0.0/24 is subnetted, 5 subnets
C       172.16.40.0 is directly connected, Vlan40
C       172.16.30.0 is directly connected, Vlan30
C       172.16.20.0 is directly connected, Vlan20
C       172.16.10.0 is directly connected, Vlan10
C       172.16.1.0 is directly connected, Vlan1


DLS2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     172.16.0.0/24 is subnetted, 5 subnets
C       172.16.40.0 is directly connected, Vlan40
C       172.16.30.0 is directly connected, Vlan30
C       172.16.20.0 is directly connected, Vlan20
C       172.16.10.0 is directly connected, Vlan10
C       172.16.1.0 is directly connected, Vlan1


C:\Users\Payroll>ping 172.16.40.100    // PING FROM PAYROLL HOST A TO SQL SERVER

Pinging 172.16.40.100 with 32 bytes of data:
Reply from 172.16.40.100: bytes=32 time=1ms TTL=127
Reply from 172.16.40.100: bytes=32 time=1ms TTL=127
Reply from 172.16.40.100: bytes=32 time<1ms TTL=127
Reply from 172.16.40.100: bytes=32 time=1ms TTL=127

Ping statistics for 172.16.40.100:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms

C:\Users\Payroll>tracert 172.16.40.100

Tracing route to 172.16.40.100 over a maximum of 30 hops

  1     2 ms    <1 ms     1 ms  172.16.10.3     // DLS1
  2     1 ms    <1 ms    <1 ms  172.16.40.100

Trace complete.


SQL-Server:

C:\Users\SQL-Server>ipconfig

Windows IP Configuration

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::9416:ccf3:aa3:6460%11
   IPv4 Address. . . . . . . . . . . : 172.16.40.100
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 172.16.40.1


C:\Users\SQL-Server>ping 172.16.20.100     // PING FROM SQL-SERVER TO ENGINEERING HOST B

Pinging 172.16.20.100 with 32 bytes of data:
Reply from 172.16.20.100: bytes=32 time<1ms TTL=127
Reply from 172.16.20.100: bytes=32 time<1ms TTL=127
Reply from 172.16.20.100: bytes=32 time<1ms TTL=127
Reply from 172.16.20.100: bytes=32 time<1ms TTL=127

Ping statistics for 172.16.20.100:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms


C:\Users\SQL-Server>tracert 172.16.20.100

Tracing route to ENGINEERING-PC [172.16.20.100]
over a maximum of 30 hops:

  1     2 ms     1 ms     1 ms  172.16.40.4    // DLS2
  2    <1 ms    <1 ms    <1 ms  ENGINEERING-PC [172.16.20.100]

Trace complete.

DLS2(config)#interface range fastethernet0/7-12
DLS2(config-if-range)#shutdown
DLS2(config-if-range)#
2511-TS#1
[Resuming connection 1 to dls1 ... ]

DLS1#
*Mar  1 01:25:58.826: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down
*Mar  1 01:25:58.834: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down
*Mar  1 01:25:58.842: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel3, changed state to down
*Mar  1 01:25:59.832: %LINK-3-UPDOWN: Interface FastEthernet0/11, changed state to down
*Mar  1 01:25:59.857: %LINK-3-UPDOWN: Interface Port-channel3, changed state to down
*Mar  1 01:25:59.857: %LINK-3-UPDOWN: Interface FastEthernet0/12, changed state to down
*Mar  1 01:26:04.815: %HSRP-5-STATECHANGE: Vlan40 Grp 1 state Standby -> Active   // DLS1 PREEMPTS AND BECOME ACTIVE ROUTER FOR VLANs 30 AND 40
*Mar  1 01:26:06.509: %HSRP-5-STATECHANGE: Vlan30 Grp 1 state Standby -> Active 

DLS1#show standby brief
                     P indicates configured to preempt.
                     |
Interface   Grp Prio P State    Active          Standby         Virtual IP
Vl1         1   150  P Active   local           unknown         172.16.1.1
Vl10        1   150  P Active   local           unknown         172.16.10.1
Vl20        1   150  P Active   local           unknown         172.16.20.1
Vl30        1   100  P Active   local           unknown         172.16.30.1   
Vl40        1   100  P Active   local           unknown         172.16.40.1  


DLS2(config)#interface range fastethernet0/7-12
DLS2(config-if-range)#no shut

<OUTPUT TRUNCATED>


*Mar  1 01:28:45.255: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changed state to up
*Mar  1 01:28:45.415: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel2, changed state to up
*Mar  1 01:28:45.591: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel3, changed state to up
*Mar  1 01:29:13.290: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up
*Mar  1 01:29:13.290: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan10, changed state to up
*Mar  1 01:29:13.290: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to up
*Mar  1 01:29:13.290: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan30, changed state to up
*Mar  1 01:29:17.141: %HSRP-5-STATECHANGE: Vlan30 Grp 1 state Listen -> Active   // DLS2 PREEMPTS AND TAKES OVER THE ACTIVE ROUTER ROLE FOR VLANs 30 AND 40
*Mar  1 01:29:34.312: %HSRP-5-STATECHANGE: Vlan1 Grp 1 state Speak -> Standby
*Mar  1 01:29:34.312: %HSRP-5-STATECHANGE: Vlan10 Grp 1 state Speak -> Standby
*Mar  1 01:29:34.312: %HSRP-5-STATECHANGE: Vlan20 Grp 1 state Speak -> Standby

DLS2#show standby brief
                     P indicates configured to preempt.
                     |
Interface   Grp Prio P State    Active          Standby         Virtual IP
Vl1         1   100  P Standby  172.16.1.3      local           172.16.1.1
Vl10        1   100  P Standby  172.16.10.3     local           172.16.10.1
Vl20        1   100  P Standby  172.16.20.3     local           172.16.20.1
Vl30        1   150  P Active   local           172.16.30.3     172.16.30.1  
Vl40        1   150  P Active   local           172.16.40.3     172.16.40.1  

Inter-VLAN Routing with an Internal Route Processor and Monitoring CEF Functions

I finally got my CCDP cert and I'm glad my quick detour from CCNP Security have paid off. All of our company's core routing/switching, firewall/security, VoIP and SAN technologies made a lot more sense when I studied for this exam. I was able to deepened my understanding of the technologies and the strategies that were used in our network infrastructure.

Since the SITCS 300-207 book is set to be released in September this year, my next goal is yet again another detour and that is to finish my CompTIA Security+.

This is another lab that I did during my CCDP study.

Switch(config)#hostname ALS1
ALS1(config)#enable secret cisco
ALS1(config)#line vty 0 15
ALS1(config-line)#password cisco
ALS1(config-line)#login
ALS1(config-line)#interface vlan 1
ALS1(config-if)#ip address 172.16.1.101 255.255.255.0
ALS1(config-if)#no shutdown

ALS1(config)#ip default-gateway 172.16.1.1


Switch(config)#hostname ALS2
ALS2(config)#enable secret cisco
ALS2(config)#line vty 0 15
ALS2(config-line)#password cisco
ALS2(config-line)#login
ALS2(config-line)#interface vlan 1
ALS2(config-if)#ip address 172.16.1.102 255.255.255.0
ALS2(config-if)#no shutdown
ALS2(config-if)#
*Mar  1 00:21:10.127: %LINK-3-UPDOWN: Interface Vlan1, changed state to up
*Mar  1 00:21:11.134: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up
ALS2(config)#ip default-gateway 172.16.1.1


Switch(config)#hostname DLS1
DLS1(config)#enable secret cisco
DLS1(config)#line vty 0 15
DLS1(config-line)#password cisco
DLS1(config-line)#login
DLS1(config-line)#interface vlan 1
DLS1(config-if)#ip address 172.16.1.1 255.255.255.0
DLS1(config-if)#no shutdown
DLS1(config-if)#
00:01:24: %LINK-3-UPDOWN: Interface Vlan1, changed state to up
00:01:25: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up


DLS1(config)#interface range fastethernet0/7-8
DLS1(config-if-range)#switchport trunk encapsulation dot1q
DLS1(config-if-range)#switchport mode trunk
00:13:03: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down
00:13:03: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down
00:13:03: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down
00:13:06: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up
00:13:07: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up
DLS1(config-if-range)#channel-group 1 ?
  mode  Etherchannel Mode of the interface

DLS1(config-if-range)#channel-group 1 mode ?
  active     Enable LACP unconditionally
  auto       Enable PAgP only if a PAgP device is detected
  desirable  Enable PAgP unconditionally
  on         Enable Etherchannel only
  passive    Enable LACP only if a LACP device is detected

DLS1(config-if-range)#channel-group 1 mode desirable
Creating a port-channel interface Port-channel 1

DLS1(config-if-range)#
00:13:17: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down
00:13:17: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down

DLS1(config)#interface range fastethernet0/4-5
DLS1(config-if-range)#switchport trunk encapsulation dot1q
DLS1(config-if-range)#switchport mode trunk
DLS1(config-if-range)#channel-group 2 mode desirable
Creating a port-channel interface Port-channel 2


ALS1(config)#interface range fastethernet0/11-12
ALS1(config-if-range)#switchport trunk encapsulation dot1q
ALS1(config-if-range)#switchport mode trunk
ALS1(config-if-range)#
*Mar  1 00:32:19.907: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down
*Mar  1 00:32:19.915: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down
*Mar  1 00:32:22.927: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to up
*Mar  1 00:32:22.944: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to up
ALS1(config-if-range)#channel-group 1 mode desirable
Creating a port-channel interface Port-channel 1

ALS1(config-if-range)#
*Mar  1 00:32:35.099: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down
*Mar  1 00:32:35.124: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down
*Mar  1 00:32:43.705: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to up
*Mar  1 00:32:44.922: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to up


ALS1(config-if-range)#interface range fastethernet0/7-8
ALS1(config-if-range)#switchport trunk encapsulation dot1q
ALS1(config-if-range)#switchport mode trunk
ALS1(config-if-range)#channel-group 2 mode desirable
Creating a port-channel interface Port-channel 2

ALS1(config-if-range)#
*Mar  1 00:33:19.877: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to down
*Mar  1 00:33:19.894: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to down
*Mar  1 00:33:21.882: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel2, changed state to up
*Mar  1 00:33:22.595: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up
*Mar  1 00:33:22.788: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/7, changed state to up
*Mar  1 00:33:23.577: %LINK-3-UPDOWN: Interface Port-channel2, changed state to up


ALS2(config)#interface range fastethernet0/11-12
ALS2(config-if-range)#switchport trunk encapsulation dot1q
ALS2(config-if-range)#switchport mode trunk
ALS2(config-if-range)#channel-group 1 mode desirable
Creating a port-channel interface Port-channel 1

ALS2(config-if-range)#
*Mar  1 00:34:13.405: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to down
*Mar  1 00:34:13.413: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down
*Mar  1 00:34:13.422: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to down
*Mar  1 00:34:15.401: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changed state to up
*Mar  1 00:34:16.106: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to up
*Mar  1 00:34:16.215: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to up
*Mar  1 00:34:17.087: %LINK-3-UPDOWN: Interface Port-channel1, changed state to up


ALS2(config-if-range)#interface range fastethernet0/9-10
ALS2(config-if-range)#switchport trunk encapsulation dot1q
ALS2(config-if-range)#switchport mode trunk
ALS2(config-if-range)#channel-group 2 mode desirable
Creating a port-channel interface Port-channel 2

ALS2(config-if-range)#
*Mar  1 00:34:43.444: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up
*Mar  1 00:34:45.902: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9, changed state to down
*Mar  1 00:34:45.919: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/10, changed state to down
*Mar  1 00:34:47.907: %LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel2, changed state to up
*Mar  1 00:34:48.553: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/10, changed state to up
*Mar  1 00:34:48.620: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9, changed state to up
*Mar  1 00:34:49.543: %LINK-3-UPDOWN: Interface Port-channel2, changed state to up


ALS1#show interfaces trunk

Port        Mode             Encapsulation  Status        Native vlan
Po1         on               802.1q         trunking      1
Po2         on               802.1q         trunking      1

Port        Vlans allowed on trunk
Po1         1-4094
Po2         1-4094

Port        Vlans allowed and active in management domain
Po1         1
Po2         1

Port        Vlans in spanning tree forwarding state and not pruned
Po1         1
Po2         1


ALS2#show interfaces trunk

Port        Mode             Encapsulation  Status        Native vlan
Po1         on               802.1q         trunking      1
Po2         on               802.1q         trunking      1

Port        Vlans allowed on trunk
Po1         1-4094
Po2         1-4094

Port        Vlans allowed and active in management domain
Po1         1
Po2         1

Port        Vlans in spanning tree forwarding state and not pruned
Po1         1
Po2         1


DLS1#show interfaces trunk

Port        Mode         Encapsulation  Status        Native vlan
Po1         on           802.1q         trunking      1
Po2         on           802.1q         trunking      1

Port        Vlans allowed on trunk
Po1         1-4094
Po2         1-4094

Port        Vlans allowed and active in management domain
Po1         1
Po2         1

Port        Vlans in spanning tree forwarding state and not pruned
Po1         1
Po2         none


ALS1#show etherchannel summary
Flags:  D - down        P - bundled in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator

        M - not in use, minimum links not met
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 2
Number of aggregators:           2

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(SU)         PAgP      Fa0/11(P)   Fa0/12(P)
2      Po2(SU)         PAgP      Fa0/7(P)    Fa0/8(P)


ALS2#show etherchannel summary
Flags:  D - down        P - bundled in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator

        M - not in use, minimum links not met
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 2
Number of aggregators:           2

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(SU)         PAgP      Fa0/11(P)   Fa0/12(P)
2      Po2(SU)         PAgP      Fa0/9(P)    Fa0/10(P)


DLS1#show etherchannel summary
Flags:  D - down        P - in port-channel
        I - stand-alone s - suspended
        H - Hot-standby (LACP only)
        R - Layer3      S - Layer2
        U - in use      f - failed to allocate aggregator
        u - unsuitable for bundling
        w - waiting to be aggregated
        d - default port


Number of channel-groups in use: 2
Number of aggregators:           2

Group  Port-channel  Protocol    Ports
------+-------------+-----------+-----------------------------------------------
1      Po1(SU)         PAgP      Fa0/7(P)    Fa0/8(P)
2      Po2(SU)         PAgP      Fa0/4(P)    Fa0/5(P)


ALS1(config)#vtp mode ?
  client       Set the device to client mode.
  server       Set the device to server mode.
  transparent  Set the device to transparent mode.

ALS1(config)#vtp mode client
Setting device to VTP CLIENT mode.


ALS2(config)#vtp mode client
Setting device to VTP CLIENT mode.


ALS1#show vtp status
VTP Version                     : running VTP1 (VTP2 capable)  
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Client  
VTP Domain Name                 :
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00


ALS2#show vtp status
VTP Version                     : running VTP1 (VTP2 capable)  
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Client  
VTP Domain Name                 :
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00


DLS1#show vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 :
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 172.16.1.1 on interface Vl1 (lowest numbered VLAN interface found)


DLS1(config)#vtp domain SWPOD
Changing VTP domain name from NULL to SWPOD
DLS1(config)#vtp version ?
  <1-2>  Set the adminstrative domain VTP version number

DLS1(config)#vtp version 2
DLS1(config)#vlan 100
DLS1(config-vlan)#name Finance
DLS1(config-vlan)#vlan 200
DLS1(config-vlan)#name Engineering

DLS1#show vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/6
                                                Gi0/1
100  Finance                          active
200  Engineering                      active
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup

DLS1#show vtp status
VTP Version                     : 2
Configuration Revision          : 3  
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 7   
VTP Operating Mode              : Server  
VTP Domain Name                 : SWPOD  
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Enabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xC1 0xB0 0xDC 0x78 0x62 0x1B 0xA3 0x3B
Configuration last modified by 172.16.1.1 at 3-1-93 00:32:03
Local updater ID is 172.16.1.1 on interface Vl1 (lowest numbered VLAN interface found)


ALS1#show vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/9, Fa0/10
                                                Fa0/13, Fa0/14, Fa0/15, Fa0/16
                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                                Fa0/21, Fa0/22, Fa0/23, Fa0/24
                                                Gi0/1, Gi0/2
100  Finance                          active  
200  Engineering                      active   
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup


ALS1#show vtp status
VTP Version                     : running VTP2  
Configuration Revision          : 3   
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 7  
VTP Operating Mode              : Client  
VTP Domain Name                 : SWPOD   
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Enabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xC1 0xB0 0xDC 0x78 0x62 0x1B 0xA3 0x3B
Configuration last modified by 172.16.1.1 at 3-1-93 00:32:03  


ALS2#show vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/13, Fa0/14, Fa0/15, Fa0/16
                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                                Fa0/21, Fa0/22, Fa0/23, Fa0/24
                                                Gi0/1, Gi0/2
100  Finance                          active   
200  Engineering                      active   
1002 fddi-default                     act/unsup
1003 trcrf-default                    act/unsup
1004 fddinet-default                  act/unsup
1005 trbrf-default                    act/unsup

ALS2#show vtp status
VTP Version                     : running VTP2  
Configuration Revision          : 3   
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 7   
VTP Operating Mode              : Client    
VTP Domain Name                 : SWPOD   
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Enabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xC1 0xB0 0xDC 0x78 0x62 0x1B 0xA3 0x3B
Configuration last modified by 172.16.1.1 at 3-1-93 00:32:03    


ALS1(config)#interface fastethernet0/6
ALS1(config-if)#switchport mode access
ALS1(config-if)#switchport access vlan 100


ALS2(config)#interface fastethernet0/6
ALS2(config-if)#switchport mode access
ALS2(config-if)#switchport access vlan 200


Finance (Host A):

C:\Users\John Lloyd>ipconfig

Windows IP Configuration

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::4562:9b92:c15f:91ff%10
   IPv4 Address. . . . . . . . . . . : 172.16.100.101
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 172.16.100.1


C:\Users\John Lloyd>ping 172.16.200.101     // PING FROM FINANCE HOST A TO ENGINEERING HOST B

Pinging 172.16.200.101 with 32 bytes of data:
Reply from 172.16.100.101: Destination host unreachable.
Reply from 172.16.100.101: Destination host unreachable.
Reply from 172.16.100.101: Destination host unreachable.
Reply from 172.16.100.101: Destination host unreachable.

Ping statistics for 172.16.200.101:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

  
C:\Users\John Lloyd>ping 172.16.1.1   // PING FROM FINANCE HOST A TO DLS1 MANAGEMENT IP

Pinging 172.16.1.1 with 32 bytes of data:
Reply from 172.16.100.101: Destination host unreachable.
Reply from 172.16.100.101: Destination host unreachable.
Reply from 172.16.100.101: Destination host unreachable.
Reply from 172.16.100.101: Destination host unreachable.

Ping statistics for 172.16.1.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),


DLS1(config)#interface vlan 100
DLS1(config-if)#
00:46:29: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan100, changed state to up
DLS1(config-if)#ip address 172.16.100.1 255.255.255.0
DLS1(config-if)#no shutdown
DLS1(config-if)#interface vlan 200
DLS1(config-if)#
00:46:43: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan200, changed state to up
DLS1(config-if)#ip address 172.16.200.1 255.255.255.0
DLS1(config-if)#no shutdown
DLS1(config-if)#exit
DLS1(config)#ip routing   // MULTILAYER SWITCH TO ACT AS A LAYER 3 DEVICE TO ROUTE BETWEEN VLANS

DLS1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     172.16.0.0/24 is subnetted, 3 subnets
C       172.16.200.0 is directly connected, Vlan200
C       172.16.1.0 is directly connected, Vlan1
C       172.16.100.0 is directly connected, Vlan100


C:\Users\John Lloyd>ping 172.16.200.101    // PING FROM FINANCE HOST A TO ENGINEERING HOST B

Pinging 172.16.200.101 with 32 bytes of data:
Reply from 172.16.200.101: bytes=32 time=1ms TTL=127
Reply from 172.16.200.101: bytes=32 time<1ms TTL=127
Reply from 172.16.200.101: bytes=32 time=1ms TTL=127
Reply from 172.16.200.101: bytes=32 time=1ms TTL=127

Ping statistics for 172.16.200.101:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 1ms, Average = 0ms


Engineering (Host B):

C:\Users\john.lagura>ipconfig

Windows IP Configuration

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::9416:ccf3:aa3:6460%11
   IPv4 Address. . . . . . . . . . . : 172.16.200.101
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 172.16.200.1


C:\Users\john.lagura>ping 172.16.1.1      // PING FROM ENGINEERING HOST B TO DLS1 VLAN 1 MANAGEMENT IP

Pinging 172.16.1.1 with 32 bytes of data:
Reply from 172.16.1.1: bytes=32 time=1ms TTL=255
Reply from 172.16.1.1: bytes=32 time=1ms TTL=255
Reply from 172.16.1.1: bytes=32 time=3ms TTL=255
Reply from 172.16.1.1: bytes=32 time=1ms TTL=255

Ping statistics for 172.16.1.1:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 3ms, Average = 1ms


C:\Users\john.lagura>telnet 172.16.1.1     // TELNET TO DLS1

User Access Verification

Password:
DLS1>


DLS1#show ip cef   // CEF IS AN ADVANCED IP LOOKUP AND FORWARDING ALGORITHM; LESS CPU-INTENSIVE THAN

ROUTE CACHING; ENABLED BY DEFAULT
Prefix               Next Hop             Interface
0.0.0.0/0            no route
0.0.0.0/32           receive
172.16.1.0/24        attached             Vlan1
172.16.1.0/32        receive              Vlan1
172.16.1.1/32        receive              Vlan1
172.16.1.101/32      attached             Vlan1
172.16.1.255/32      receive              Vlan1
172.16.100.0/24      attached             Vlan100
172.16.100.0/32      receive              Vlan100
172.16.100.1/32      receive              Vlan100
172.16.100.101/32    attached             Vlan100
172.16.100.255/32    receive              Vlan100
172.16.200.0/24      attached             Vlan200
172.16.200.0/32      receive              Vlan200
172.16.200.1/32      receive              Vlan200
172.16.200.101/32    attached             Vlan200
172.16.200.255/32    receive              Vlan200
224.0.0.0/4          drop
224.0.0.0/24         receive
255.255.255.255/32   receive


DLS1#show ip interface vlan 100
Vlan100 is up, line protocol is up
  Internet address is 172.16.100.1/24
  Broadcast address is 255.255.255.255
  Address determined by setup command
  MTU is 1500 bytes
  Helper address is not set
  Directed broadcast forwarding is disabled
  Outgoing access list is not set
  Inbound  access list is not set
  Proxy ARP is enabled
  Local Proxy ARP is disabled
  Security level is default
  Split horizon is enabled
  ICMP redirects are always sent
  ICMP unreachables are always sent
  ICMP mask replies are never sent
  IP fast switching is enabled
  IP CEF switching is enabled  
  IP CEF switching turbo vector  
  IP multicast fast switching is disabled
  IP multicast distributed fast switching is disabled
  IP route-cache flags are Fast, CEF
  Router Discovery is disabled
  IP output packet accounting is disabled
  IP access violation accounting is disabled
  TCP/IP header compression is disabled
  RTP/IP header compression is disabled
  Probe proxy name replies are disabled
  Policy routing is disabled
  Network address translation is disabled
  WCCP Redirect outbound is disabled
  WCCP Redirect inbound is disabled
  WCCP Redirect exclude is disabled
  BGP Policy Mapping is disabled

DLS1#show ip cef detail
IPv4 CEF is enabled for distributed and running
VRF Default:
 20 prefixes (20/0 fwd/non-fwd)
 Table id 0
 Database epoch:        1 (20 entries at this epoch)

0.0.0.0/0, epoch 1, flags default route handler
  no route
0.0.0.0/32, epoch 1, flags receive
  Special source: receive
  receive
172.16.1.0/24, epoch 1, flags attached, connected, cover dependents, need deagg
  Covered dependent prefixes: 4
    need deagg: 3
    notify cover updated: 1
  attached to Vlan1
172.16.1.0/32, epoch 1, flags receive
  Dependent covered prefix type cover need deagg cover 172.16.1.0/24
  Interface source: Vlan1
  receive for Vlan1
172.16.1.1/32, epoch 1, flags receive
  Dependent covered prefix type cover need deagg cover 172.16.1.0/24
  Interface source: Vlan1
  receive for Vlan1
172.16.1.101/32, epoch 1, flags attached
  Adj source: IP adj out of Vlan1, addr 172.16.1.101
   Dependent covered prefix type adjfib cover 172.16.1.0/24
  attached to Vlan1
172.16.1.255/32, epoch 1, flags receive
  Dependent covered prefix type cover need deagg cover 172.16.1.0/24
  Interface source: Vlan1
  receive for Vlan1
172.16.100.0/24, epoch 1, flags attached, connected, cover dependents, need deagg
  Covered dependent prefixes: 4
    need deagg: 3
    notify cover updated: 1
  attached to Vlan100
172.16.100.0/32, epoch 1, flags receive
  Dependent covered prefix type cover need deagg cover 172.16.100.0/24
  Interface source: Vlan100
  receive for Vlan100
172.16.100.1/32, epoch 1, flags receive
  Dependent covered prefix type cover need deagg cover 172.16.100.0/24
  Interface source: Vlan100
  receive for Vlan100
172.16.100.101/32, epoch 1, flags attached
  Adj source: IP adj out of Vlan100, addr 172.16.100.101
   Dependent covered prefix type adjfib cover 172.16.100.0/24
  attached to Vlan100
172.16.100.255/32, epoch 1, flags receive
  Dependent covered prefix type cover need deagg cover 172.16.100.0/24
  Interface source: Vlan100
  receive for Vlan100
172.16.200.0/24, epoch 1, flags attached, connected, cover dependents, need deagg
  Covered dependent prefixes: 4
    need deagg: 3
    notify cover updated: 1
  attached to Vlan200
172.16.200.0/32, epoch 1, flags receive
  Dependent covered prefix type cover need deagg cover 172.16.200.0/24
  Interface source: Vlan200
  receive for Vlan200
172.16.200.1/32, epoch 1, flags receive
  Dependent covered prefix type cover need deagg cover 172.16.200.0/24
  Interface source: Vlan200
  receive for Vlan200
172.16.200.101/32, epoch 1, flags attached
  Adj source: IP adj out of Vlan200, addr 172.16.200.101
   Dependent covered prefix type adjfib cover 172.16.200.0/24
  attached to Vlan200
172.16.200.255/32, epoch 1, flags receive
  Dependent covered prefix type cover need deagg cover 172.16.200.0/24
  Interface source: Vlan200
  receive for Vlan200
224.0.0.0/4, epoch 1
  Special source: drop
  drop
224.0.0.0/24, epoch 1, flags receive
  Special source: receive
  receive
255.255.255.255/32, epoch 1, flags receive
  Special source: receive
  receive