Last Updated on August 9, 2020 by Admin
4.4.9 Lab – Troubleshoot Inter-VLAN Routing Answers
Lab – Troubleshoot Inter-VLAN Routing (Answers Version)
Answers Note: Red font color or gray highlights indicate text that appears in the Answers copy only.
Topology
Addressing Table
|
Device |
Interface |
IP Address |
Subnet Mask |
Default Gateway |
|
R1 |
G0/0/1.3 |
10.3.0.1 |
255.255.255.0 |
N/A |
|
R1 |
G0/0/1.4 |
10.4.0.1 |
255.255.255.0 |
N/A |
|
R1 |
G0/0/1.13 |
10.13.0.1 |
255.255.255.0 |
N/A |
|
S1 |
VLAN 3 |
10.3.0.11 |
255.255.255.0 |
10.3.0.1 |
|
S2 |
VLAN 3 |
10.3.0.12 |
255.255.255.0 |
10.3.0.1 |
|
PC-A |
NIC |
10.4.0.50 |
255.255.255.0 |
10.4.0.1 |
|
PC-B |
NIC |
10.13.0.50 |
255.255.255.0 |
10.13.0.1 |
VLAN Table
|
VLAN |
Name |
Interface Assigned |
|
3 |
Management |
S1: VLAN 3 S2: VLAN 3 |
|
4 |
Operations |
S1: F0/6 |
|
7 |
ParkingLot |
S1: F0/2-4, F0/7-24, G0/1-2 S2: F0/2-17, F0/19-24, G0/1-2 |
|
8 |
Native |
N/A |
|
13 |
Maintenance |
S2: F0/18 |
Objectives
Part 1: Evaluate Network Operation
Part 2: Gather information, create an action plan, and implement corrections
Background / Scenario
Answers Note: Preconfiguration scripts for all the devices are documented below. Cut and paste or otherwise use these to pre-configure the equipment for the student.
Router R1
enable
configure terminal
hostname R1
no ip domain lookup
enable secret class
line con 0
password cisco
login
logging synch
line vty 0 4
password cisco
login
service password-encryption
banner motd $ Authorized Users Only! $
interface g0/0/1
no shut
interface g0/0/1.3
encap dot1q 3
ip add 10.3.0.1 255.255.255.0
interface g0/0/1.4
encap dot1q 4 native
ip address 10.4.0.1 255.255.255.0
interface g0/0/1.8
! encap dot1q 8 native
encap dot1q 8
interface g0/0/1.13
encap dot1q 13
ip address 10.13.0.1 255.255.255.0
end
Switch S1
enable
config terminal
hostname S1
no ip domain-lookup
enable secret class
line con 0
password cisco
login
logging synch
line vty 0 15
password cisco
login
service password-encryption
banner motd $ Authorized Users Only! $
vlan 3
name Management
vlan 4
name Operations
vlan 7
name ParkingLot
vlan 8
name Native
!vlan 13
! name Maintenance
interface vlan 3
ip address 10.3.0.11 255.255.255.0
no shut
exit
ip default-gateway 10.3.0.1
interface range f0/2-4, f0/7-24, G0/1-2
switchport mode access
switchport access vlan 7
shutdown
interface f0/1
switchport mode trunk
! switchport trunk native vlan 8
! switchport trunk allowed vlan add 3
switchport trunk allowed vlan 4,8,13
no shutdown
interface f0/6
switchport mode access
switchport access vlan 4
no shutdown
interface f0/5
switchport mode access
! default interface fa0/5
! switchport mode trunk
switchport trunk native vlan 8
! switchport trunk allowed vlan 3,4,8,13
switchport access vlan 3
no shut
end
Switch S2
enable
config terminal
hostname S2
no ip domain-lookup
enable secret class
line con 0
password cisco
login
logging synch
line vty 0 15
password cisco
login
service password-encryption
banner motd $ Authorized Users Only! $
vlan 3
name Management
vlan 4
name Operations
vlan 7
name ParkingLot
vlan 8
name Native
vlan 13
name Maintenance
interface vlan 3
ip address 10.3.0.12 255.255.255.0
no shut
interface range f0/2-17, f0/19-24, G0/1-2
switchport mode access
switchport access vlan 7
shutdown
interface f0/18
switchport mode access
switchport access vlan 13
interface f0/1
switchport mode trunk
switchport trunk native vlan 8
switchport trunk allowed vlan 4,8
! switchport trunk allowed vlan add 3,13
ip default-gateway 10.3.0.1
end
Your Answers has preconfigured all the network equipment and has included intentional errors that are keeping the inter-VLAN routing from working. Your task is to evaluate the network and identify and correct the configuration errors to restore full connectivity. You may find errors with the configurations which are not directly related to inter-VLAN routing that impact the ability of the network devices to perform this function.
Note: The design approach used in this lab is to assess your ability to configure and troubleshoot inter-VLAN routing only. This design may not reflect networking best practices.
Note: The router used with CCNA hands-on labs it the Cisco 4221 with Cisco IOS XE Release 16.9.4 (universalk9 image). The switches used in the labs are Cisco Catalyst 2960s with Cisco IOS Release 15.2(2) (lanbasek9 image). Other routers, switches, and Cisco IOS versions can be used. Depending on the model and Cisco IOS version, the commands available and the output produced might vary from what is shown in the labs. Refer to the Router Interface Summary Table at the end of the lab for the correct interface identifiers.
Note: Ensure that the routers and switches have been erased and have no startup configurations. If you are unsure contact your Answers.
Answers Note: Refer to the Answers Lab Manual for the procedures to initialize and reload devices
Required Resources
- 1 Router (Cisco 4221 with Cisco IOS XE Release 16.9.4 universal image or comparable)
- 2 Switches (Cisco 2960 with Cisco IOS Release 15.2(2) lanbasek9 image or comparable)
- 2 PCs (Windows with a terminal emulation program, such as Tera Term)
- Console cables to configure the Cisco IOS devices via the console ports
- Ethernet cables as shown in the topology
Instructions
Part 1: Evaluate Network Operation.
Note: You may need to disable the Windows Firewall on PC–A and PC–B.
Requirement:
- No VLAN 7 trunk traffic because there is no devices in VLAN 7.
- VLAN 8 is the native VLAN.
- All trunks are static.
- End to end connectivity
Use Ping to test the following criteria and record the results in the table below.
|
From |
To |
Ping Results |
|
R1 |
S1 VLAN 3 (10.3.0.11) |
Unsuccessful |
|
R1 |
S2 VLAN 3 (10.3.0.12) |
Unsuccessful |
|
R1 |
PC-A (10.4.0.50) |
Unsuccessful |
|
R1 |
PC-B (10.13.0.50) |
Unsuccessful |
|
S1 |
S2 VLAN 3 (10.3.0.12) |
Unsuccessful |
|
S1 |
PC-A (10.4.0.50) |
Unsuccessful |
|
S1 |
PC-B (10.13.0.50) |
Unsuccessful |
|
S2 |
PC-A (10.4.0.50) |
Unsuccessful |
|
S2 |
PC-B (10.13.0.50) |
Unsuccessful |
Part 2: Gather information, create an action plan, and implement corrections.
- For each criterion that is not met, gather information by examining the running configuration and routing tables and develop a hypothesis for what is causing the malfunction.
- Create an action plan that you think will fix the issue. Develop a list of all the commands you intend to issue to fix the issue, and a list of all the commands you need to revert the configuration, should your action plan fail to correct the issue.
Hint: If you need to reset a switchport to default configuration, use the command default interface interface name.
As an example for F0/10:
S1(config)# default interface f0/10
- Execute your action plans one at a time for each criterion that fails and record the fix actions.
Router R1:
configure terminal
interface g0/0/1.8
encapsulation dot1q 8 native
exit
Switch S1:
configure terminal
default interface f0/5
interface f0/5
switchport mode trunk
switchport trunk native vlan 8
switchport trunk allowed vlan 3,4,8,13
interface f0/1
switchport trunk allowed vlan add 3,13
switchport trunk native vlan 8
vlan 13
name Maintenance
exit
Switch S2:
configure terminal
interface f0/1
switchport trunk allowed vlan add 3,13
exit
End of document
Device Configuration – Final
Router R1
R1# show run
Building configuration…
Current configuration : 1612 bytes
!
version 16.9
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
enable secret class
!
no aaa new-model
!
no ip domain lookup
!
login on-success log
!
subscriber templating
!
multilink bundle-name authenticated
!
no license smart enable
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
redundancy
mode none
!
interface GigabitEthernet0/0/0
no ip address
negotiation auto
!
interface GigabitEthernet0/0/1
no ip address
negotiation auto
!
interface GigabitEthernet0/0/1.3
encapsulation dot1Q 3
ip address 10.3.0.1 255.255.255.0
!
interface GigabitEthernet0/0/1.4
encapsulation dot1Q 4
ip address 10.4.0.1 255.255.255.0
!
interface GigabitEthernet0/0/1.8
encapsulation dot1Q 8 native
!
interface GigabitEthernet0/0/1.13
encapsulation dot1Q 13
ip address 10.13.0.1 255.255.255.0
!
interface Serial0/1/0
no ip address
!
interface Serial0/1/1
no ip address
!
ip forward-protocol nd
no ip http server
ip http secure-server
!
control-plane
!
banner motd ^C Authorized Users Only! ^C
!
line con 0
password cisco
logging synchronous
login
transport input none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password cisco
login
!
end
Switch S1
S1# show run
Building configuration…
Current configuration : 3240 bytes
!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname S1
!
boot-start-marker
boot-end-marker
!
enable secret class
!
no aaa new-model
system mtu routing 1500
!
no ip domain-lookup
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
switchport trunk native vlan 8
switchport trunk allowed vlan 3,4,8,13
switchport mode trunk
!
interface FastEthernet0/2
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/3
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/4
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/5
switchport trunk native vlan 8
switchport trunk allowed vlan 3,4,8,13
switchport mode trunk
!
interface FastEthernet0/6
switchport access vlan 4
switchport mode access
!
interface FastEthernet0/7
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/8
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/9
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/10
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/11
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/12
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/13
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/14
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/15
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/16
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/17
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/18
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/19
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/20
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/21
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/22
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/23
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/24
switchport access vlan 7
switchport mode access
shutdown
!
interface GigabitEthernet0/1
switchport access vlan 7
switchport mode access
shutdown
!
interface GigabitEthernet0/2
switchport access vlan 7
switchport mode access
shutdown
!
interface Vlan1
no ip address
!
interface Vlan3
ip address 10.3.0.11 255.255.255.0
!
ip default-gateway 10.3.0.1
ip http server
ip http secure-server
!
banner motd ^C Authorized Users Only! ^C
!
line con 0
password cisco
logging synchronous
login
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
vlan 3
name Management
vlan 4
name Operations
vlan 7
name ParkingLot
vlan 8
name Native
vlan 13
name Maintenance
end
Switch S2
Building configuration…
Current configuration : 3180 bytes
!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname S2
!
boot-start-marker
boot-end-marker
!
enable secret class
!
no aaa new-model
system mtu routing 1500
!
!
no ip domain-lookup
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
switchport trunk native vlan 8
switchport trunk allowed vlan 3,4,8,13
switchport mode trunk
!
interface FastEthernet0/2
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/3
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/4
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/5
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/6
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/7
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/8
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/9
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/10
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/11
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/12
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/13
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/14
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/15
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/16
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/17
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/18
switchport access vlan 3
switchport mode access
!
interface FastEthernet0/19
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/20
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/21
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/22
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/23
switchport access vlan 7
switchport mode access
shutdown
!
interface FastEthernet0/24
switchport access vlan 7
switchport mode access
shutdown
!
interface GigabitEthernet0/1
switchport access vlan 7
switchport mode access
shutdown
!
interface GigabitEthernet0/2
switchport access vlan 7
switchport mode access
shutdown
!
interface Vlan1
no ip address
!
interface Vlan3
ip address 10.3.0.12 255.255.255.0
!
ip default-gateway 10.3.0.1
ip http server
ip http secure-server
!
banner motd ^C Authorized Users Only! ^C
!
line con 0
password cisco
logging synchronous
login
line vty 0 4
password cisco
login
line vty 5 15
password cisco
login
!
vlan 3
name Management
vlan 4
name Operations
vlan 7
name ParkingLot
vlan 8
name Native
vlan 13
name Maintenance
end