Multi-Layer Switching (MLS) & EIGRP LAB

"MLS and EIGRP LAB"
Multi-Layer Switching (MLS) & Enhanced Interior Gateway Routing Protocol (EIGRP)
------------------------------------------------------

Configure the Multilayer Switch so that PCs from VLAN  2 and VLAN 3 can communicate with the Server.
 


Command explanation
"Layer 3 Switch"
conf t
int gi0/1
no switchport    # By default switchport က layer 2 မွာပဲ အလုပ္လုပ္ သည္
ip address 10.10.10.2 255.255.255.0  # no switchport လုပ္ထားမွ IP ေပးလို႔ရသည္
no shutdown
exit

## VLAN creating and IP assign
int vlan 2  
ip address 190.200.250.33 255.255.255.224
no shutdown
exit
int vlan 3
ip address 190.200.250.65 255.255.255.224
no shutdown
exit

## Interface Port ကို VLAN assign ခ်ထား
int fa0/10
switchport mode access
switchport access vlan 2
no shutdown
exit
int fa0/11
switchport mode access
switchport access vlan 3
no shutdown
exit

ip routing    # Layer 3 routing ကို enable လုပ္သည္။ 

## EIGRP creating and announcement of connected network
router eigrp 650  
network 10.10.10.0 0.0.0.255
network 190.200.250.32 0.0.0.31
network 190.200.250.64 0.0.0.31
no auto-summary   # auto-summary လုပ္ထားရင္ 190.200.250.x network class b အေနနဲ႔end                   # ျမင္မည္။ subnetmask ခြဲထားတာကို မသိေတာ့ဘဲ class A, B or C ပဲ သိေနမည္.
                        # no auto-summary လုပ္ထားမွာ Subnet mask /27 ခြဲထားတဲ့အတိုင္းသိမည္။

" Router "
conf t
int gi0/0
ip address 10.10.10.1 255.255.255.0
no shutdown
exit
int gi0/1
ip address 172.18.1.1 255.255.255.252
no shutdown
exit

router eigrp 650
network 10.10.10.0 0.0.0.255
network 172.18.1.0 0.0.0.3
no auto-summary
end
copy running-config startup-config

Server နဲ႔ PC ေတြမွာ IP ေပး Subnet ေပး Default Gateway ေပးပါ.

----------------------------------  END  --------------------------------------

Study more -- link...
http://www.certprepare.com/mls-and-eigrp-sim#more-50

Have a nice day! Thanks!

Best Regards,
Yan Linn Aung

syslog (system logging) Network Monitoring

syslog (System Logging) 

syslog is a network monitoring & management protocol. Syslog allow a network-attached device to report and log error and notification messages either locally or to a Server.

Network Monitoring လုပ္တဲ့ထဲမွာ syslog ကလည္းတစ္ခု အပါအ၀င္ျဖစ္ပါတယ္...Network မွာခ်ိတ္ဆက္ထားတဲ့ devices ေတြရဲ႕ အေျခအေနကို သိေစရန္သံုးပါတယ္။ UDP port 514 ကိုသံုးျပီး Remote Syslog server မွာလည္း log ဖမ္းထားနုိင္ပါတယ္...

ကၽြန္ေတာ္တို႔ ရင္းႏွိီးျပီးသား syslog message ေလးကေတာ့ .....
% SYS-5-Config_I: configured from console by console
SW, router ကို configure တစ္ခုခုလုပ္ျပီးတိုင္း ေပၚလာတဲ့ Message ပါ... ဘာေတြလဲဆိုတာေတာ့ ေသခ်ာသိဖို႔ ေနာက္ပုိုင္း ဆက္ေလ့လာပါမယ္...

SW, router ထဲ ၀င္လိုက္ျပီးဆိုရင္ ေပၚလာတဲ့ ေနာက္ message ေတြက Interface status ေတြပါ...
%LINK-5-CHANGED: Interface FastEthernet0/2, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up

Syslog message ေတြကို output အေနနဲ႔ device console, VTY connetcion, system buffer ျပီးေတာ့ Syslog server မွာသိမ္းထားနုိင္ပါတယ္..

syslog messages မွာ အဓိက ႏွစ္ပိုင္းရိွပါတယ္၊ Facilities and Severity Level 

Severity Level 0 to 7  

The list of severity Levels:    Highest to Lowest

0       Emergency: system is unusable

1       Alert: action must be taken immediately

2       Critical: critical conditions

3       Error: error conditions

4       Warning: warning conditions

5       Notice: normal but significant condition

6       Informational: informational messages

7       Debug: debug-level messages

Recommended practice is to use the Notice or Informational level for normal messages.

Common Facilities:  

* SYS (Operating System)
* IP   
* Interface (IF)
* Route Swtich Processor (RSP)
* OSPF
* IP Security (IP Sec)

Severity and Facility ရဲ႕ level detail ကို သိခ်င္ရင္ http://en.wikipedia.org/wiki/Syslog

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Syslog Message ကို အေသးစိတ္ေလ့လာႀကရေအာင္...

syslog format ပံုစံကဒီလိုပါ
% FACILITY-SUBFACILITY-Severity-Mnemonic:  message text

% SYS-5-Config_I : configured from console by console

ေရွ႕ဆံုးက Facility SYS - 5 က severity Notice - Mnemonic ဆိုတာ Action report ဘာျဖစ္ခဲ့လဲေျပာတာ  :  ေနာက္ဆံုးကေတာ့ စာသား message ပါပဲ...

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Configuration for syslog

<R1>#conf t
<R1>(config) #logging 10.10.10.1
<R1>(config) #service timestamps debugs datetime msec
<R1>(config) #service timestamps log datetime msec
<R1>(config) #logging facility local3
<R1>(config) #logging trap warning
<R1>#end
<R1>#show logging

logging trap informational     # severity level 0 to 7 
logging trap debugging    # Use the debug level with caution, because it can generate a large amount of syslog                                                                  traffic in a busy network.

Note

When a level is specified in the logging trap level command, the router is configured to send messages with lower severity levels as well. For example, thelogging trap warning command configures the router to send all messages with the severity warning, error, critical, and emergency. Similarly, the logging trap debug command causes the router to send all messages to the syslog server. Exercise caution while enabling the debug level. Because the debug process is assigned a high CPU priority, using it in a busy network can cause the router to crash.

logging facility local4     # Facility Level 
logging facility 22

logging 10.10.10.1  # remote server မွာ သိမ္း

logging host inside 10.10.1.1  # Log သိမ္းတဲ့အခါ 10.10.1.1 IP နဲ႔ သိမ္းမယ္
logging source-interface Loopback0   # Log သိမ္းတဲ့အခါ loopback IP နဲ႔ သိမ္းမယ္

logging timestamps          # syslog မွာ အခ်ိန္ပါထည့္မွတ္ရန္


Router(config)# service timestamps type datetime[msec] [localtime] [show-timezone]
SW-B(config)#service timestamps debug datetime msec 

SW-B(config)#service timestamps log datetime msec

Router, Swithch, Firewall configuration လုပ္ပံုေတြ ကဲြျပားပါတယ္... For more detail configuration guide 
http://www.ciscopress.com/articles/article.asp?p=426638&seqNum=3

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
A detailed explanation of the severity Levels:

DEBUG:
Info useful to developers for debugging the app, not useful during operations

INFORMATIONAL:
Normal operational messages - may be harvested for reporting, measuring throughput, etc - no action required

NOTICE:
Events that are unusual but not error conditions - might be summarized in an email to developers or admins to spot potential problems - no immediate action required

WARNING:
Warning messages - not an error, but indication that an error will occur if action is not taken, e.g. file system 85% full - each item must be resolved within a given time

ERROR:
Non-urgent failures - these should be relayed to developers or admins; each item must be resolved within a given time

ALERT:
Should be corrected immediately - notify staff who can fix the problem - example is loss of backup ISP connection

CRITICAL:
Should be corrected immediately, but indicates failure in a primary system - fix CRITICAL problems before ALERT - example is loss of primary ISP connection

EMERGENCY:

A "panic" condition - notify all tech staff on call? (earthquake? tornado?) - affects multiple apps/servers/sites...

##################### END ######################

More detail >>> Refer from >>>

http://en.wikipedia.org/wiki/Syslog

http://www.ciscopress.com/articles/article.asp?p=426638&seqNum=3

Thank You!

About switchport port-security

What is port-security?

Monitoring the switch’s port interface. To allow only permit host to connect to the Network.

By using Client MAC address we can use this. 

သတ္မွတ္ထားေသာ PC or host ကိုသာ Network ထဲမွာ ေပးသံုးခ်င္တဲ့အခါမွာ Port-security ကိုသံုးပါတယ္. PC or Client ရဲ႕ MAC-Address သံုးျပီး သတ္မွတ္နိုင္ပါတယ္. Allow လုပ္ထားတဲ့ PC မဟုတ္ဘဲ အျခား compuer / device လာတပ္တဲ့အခါ Network ထဲကို ၀င္ခြင့္ သံုးခြင့္မေပးေအာင္လုပ္ပါတယ္.

Violation mode အေနနဲ႔ ၃ မ်ိဳး ရိွတယ္…

1. Protect which discards the traffic but keeps the port up and does not send a SNMP message. The Security Violation counter not use. No count. No Log. 
2. Restrict which discards the traffic but keeps the port up and sends a SNMP message. A port security violation restricts data and causes the Security Violation counter to increment and send an SNMP trap notification.  syslog message is logged via SNMP 
3. Shutdown which discards the traffic and disables the port and sends a SNMP message. The interface is error-disabled when a security violation occurs. Administrator က switch port ကို shut / no shut လုပ္မွသာ ျပန္ျပီး သံုး၍ရမည္. Shutdown mode is the default port-security mode.
Protect & Restrict mode က နဂို allow လုပ္ထားတဲ့ device ကို ျပန္တပ္ရင္ ျပန္သံုး၍ရသည္။ 

Configuration Example:

Switch(config)# interface gig0/2
Switch(config-if)# switchport mode access
Switch(config-if)# switchport port-security
Switch(config-if)# switchport port-security maximum 1
Switch(config-if)# switchport port-security mac-address sticky
Switch(config-if)# switchport port-security violation shutdown
Switch(config-if)#end
:::::::::::::::::::::::::::::::::::::::::::::::: ::::::::::::::::::::::::::::::::::::::::::::::::
clear port-security dynamic [address <mac> | interface <interface>]
errdisable recovery cause security-violation
:::::::::::::::::::::::::::::::::::::::::::::::: ::::::::::::::::::::::::::::::::::::::::::::::::
To Verify the port security status use "show port-security"
sh port-security
sh port-security address
sh port-security interface f0/1
sh mac-address table
show interfaces status err-disabled
 show errdisable detect

Refer:  for more detail >>

http://packetlife.net/blog/2010/may/3/port-security/

http://ciscoiseasy.blogspot.sg/2010/11/lesson-25-switch-port-security.html

switchport port-security

About port-security.

To enable / configure port-security on Switch interface

1. Switch port must be access mode. Port security cannot configure in the interface Dynamic Desirable mode.
2. By default, the switchport security feature is disabled on all switchports and must be enabled.

----------------------------------------------------------

>>>   Step 1. checking interface fa0/4 admin mode status

SW#sh interfaces fa0/4 switchport

Name: Fa0/4

Switchport: Enabled

Administrative Mode: dynamic auto

Operational Mode: static access

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: native

>>>  Step 2. configuring port security in interface fa0/4

SW(config)#int fa0/4

SW(config-if)#switchport port-security 

Command rejected: FastEthernet0/4 is a dynamic port.

>>>  Step 3. configuring  interface fa0/4 as access port

SW(config)#int fa0/4

SW(config-if)#switchport mode access

SW(config-if)#switchport port-security 

SW(config-if)#end

SW#show port-security interface fastEthernet 0/4

Port Security                 : Enabled

Port Status                    : Secure-up

Violation Mode             : Shutdown

SW#show port-security 

Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action

               (Count)       (Count)        (Count)

--------------------------------------------------------------------

        Fa0/4        1          0                 0         Shutdown

----------------------------------------------------------------------

######################  END  #########################

reference from / Further Studies...

https://supportforums.cisco.com/document/26331/how-configure-port-security-cisco-catalyst-switches-run-cisco-ios-system-software

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/port_sec.html#wp1047772

CCNP Switching 642-813_Implementing Cisco IP Switched Networks (SWITCH)

Favourite website links to study CCNP switching

1. http://www.certprepare.com >>> Study Guide
2. https://www.udemy.com/ccnpswitch/?dtcode=hxtcxvkj  >>> Video Training
3. http://www.examcollection.com/642-813.html    >>> Exam pratice

This is my CCNP Switch study note.
Please help us and join to be a professional in this blog.
This is my first blog and brought to by me.

THANK YOU!

Regards,
Yan Linn Aung