Tuesday, 14 January 2020


EIGRP VRF Prefix-list and L3 VLAN routing




Requirement for this exercise.  Please find below example.

1.      To Create Layer 2 and Layer 3 Interface VLAN
2.      VLAN 1 in HeadOffice NewYork
3.      VLAN 2 in RemoteOffice Japan
4.      InterVLAN Routing across HeadOffice and Remote office
5.      Advertise New VLAN IP address range in VRF and EIGRP Routing
6.      HeadOffice to RemoteOffice Routers are running MPLS/BGP

7.      Router to Core Switches are running EIGRP in this exercise.


Commands List

Check New VLAN, Routing protocols and ACL in Core Switches and Router on both sites for new subnet IP range. New VLAN gateway IP should be PING able from both site after successfully created.
Ø  sh ip eigrp vrf Internal topology summary
Ø  ip prefix-list ACL_INTERNAL_PREFIX seq 333 permit 22.22.22.0/24 le 32
Ø  ping vrf Internal ip 22.22.22.
Ø  sh ip eigrp vrf Internal topology | i 22.22.22.
Ø  sh run | i 22.22.22.
Ø  sh vlan
Ø  sh run interface vlan 22

Note: Check ACL on Router any ACL/Prefix filter for new IP range etc... then allowed new subnet if needed. (ip prefix-list ACL_INTERNAL_PREFIX seq 333 permit 22.22.22.0/24 le 32)

Preparation Setup


1.      Create Layer 2 VLAN
2.      Create L3 VLAN and Add into vrf (EIGPR or base on your environment routing)
3.      Add prefix-list ACL if needed
4.      Ping Interface VLAN subnet IP.


New Subnet is not reflected in the EIGRP routing table yet even after creating VLAN and add to VRF for EIGRP Dynamic Routing. 1 route is missing and only 7879 routes is showing. It should be same as JapanRouter 7880 routes.

After checking routing information. Run through the configuration file (Show run). And found out ACL prefix-list is filtering for subnets. Hence, need to allow/permit new Subnet in that prefix ACL.

Check ACL on Router any ACL/Prefix filter for new IP range etc... then allowed new subnet if needed. (ip prefix-list ACL_INTERNAL_PREFIX seq 333 permit 22.22.22.0/24 le 32)




 


  
After adding Prefix ACL all routing is reflect in both site with same number of route 7880. Ping is reachable to newly created VLAN interface gateway ip address.
Check ACL on Router any ACL/Prefix filter for new IP range etc... then allowed new subnet if needed. (ip prefix-list ACL_INTERNAL_PREFIX seq 333 permit 22.22.22.0/24 le 32)






Cheers!

Yan Linn               
14-Jan-2020

Wednesday, 7 June 2017

RIP v1 with Seven VLAN lab

The network administrator needs to address seven LANs. RIP version 1 is the only routing protocol in use on the network and subnet-zero is not being used. What is the maximum number of usable IP addresses that can be supported on each LAN if the organization is using one class C address block?

A. 6
B. 8
C. 14
D. 16
E. 30
F. 32

Answer : E

Explaination:

We need 7 LANs also subnet-zero (1st subnet must be not be included). So we need 7 subnets, then the appropriate mask will be 255.255.255.224.

For example: assume that our IP address will be on 192.168.100.0 network. Then the subnet would be 
  1. 192.168.100.0
  2. 192.168.100.32
  3. 192.168.100.64
  4. 192.168.100.96
  5. 192.168.100.128
  6. 192.168.100.160
  7. 192.168.100.192
  8. 192.168.100.224
For each subnet it will have 30 usable ip addresses.
Refer to the question, the below is the topology of the network 7 network


Explanation
“The network administrator needs to address seven LANs” means we have 7 subnets < 8 = 23, so we need to borrow 3 bits from the host part (to create 8 subnets). But the title said “subnet 0 is not being used”, we cannot use the first so in fact we only have 8 – 1 = 7 subnets. We are using class C address block which has 8 bits 0 (the default subnet mask of class C is 255.255.255.0), so the number of bit 0 left is 8 – 3 = 5. Therefore the hosts per subnet will be 25 – 2 = 30 -> E is correct.
Note: There was some confusion here. The title only said “subnet 0 is not being used”, but it did not mention that the command “no ip subnet-zero” is used. Maybe that means we can still use the last subnet (called the All-Ones subnet). In other words, maybe the title implied that “the subnet 0 can be used but the network administrator ignored it for safe”. Thus the last subnet can still be used.

Packet tracker LAB

In order to have 7 subnet 7 IP address in router interface. We need to install external Module card in router. Below is the step by step guide on how to achieve this LAB to work successfully. 


Step 1 (Adding extra network module in Router 2811)
Drag and drop HWIC-4ESW to the free slot. I added 3 cards. So total 12 Network Interface will be available. Make sure power off the router before adding the module. Drag and drop HWIC-4ESW to the free slot. I added 3 cards. So total 12 Interface Network Port available to use now.



Step 2 (Assign IP Address to the newly install module)

RouterB(config)#int fa0/3/3
RouterB(config-if)#ip add
^
% Invalid input detected at '^' marker.
We cannot assign give IP address to HWIC-4ESW. Because it only support Layer 2. Like a switch port. You cannot assign IP. So what can we do as a workaround is… ???
1.       Create VLAN and Interface VLAN and IP address in Router.
2.       Assign VLAN to each interface to take effect.
Config Example
2811# vlan database
2811(vlan)# vlan 2
2811(vlan)# exit
                                                                                                                Read More continues below…

int vlan 2
ip address 192.168.100.33 255.255.255.224

and then assign the interface into that vlan

int fa0/0/1
switchport access vlan 2

Step 3 (create VLAN, Interface L3 VLAN and IP assignment, Port assignment with VLAN)

RouterB#vlan database

vlan 2
vlan 3
vlan 4
vlan 5
vlan 6
vlan 7
vlan 8
exit

int FastEthernet0/1/0  
switchport access vlan 2
int FastEthernet0/1/1    
switchport access vlan 3
int FastEthernet0/1/2    
switchport access vlan 4
int FastEthernet0/1/3
switchport access vlan 5 
int FastEthernet0/2/0    
switchport access vlan 6
int FastEthernet0/2/1    
switchport access vlan 7
int FastEthernet0/2/2    
switchport access vlan 8
   
int vlan 2
ip add 192.168.100.33  255.255.255.224
int vlan 3
ip add 192.168.100.65  255.255.255.224
int vlan 4
ip add 192.168.100.97  255.255.255.224     
int vlan 5
ip add 192.168.100.129 255.255.255.224
int vlan 6
ip add 192.168.100.161 255.255.255.224
int vlan 7
ip add 192.168.100.193 255.255.255.224
int vlan 8
ip add 192.168.100.225 255.255.255.224



Step 4 (RIP v1 configuration)
RouterA#
router rip
 network 10.0.0.0

RouterB#
router rip
network 10.0.0.0
network 192.168.100.0


Step 5 (Testing and Verification)
Now from Router A is able to ping and reach able via RIP route protocol to 192.168.100.32/27 etc 192.168.100.225/27 of RouterB seven subnet/VLAN.
RouterA show ip route will see RouterB’s subnets as a one Class C /24 as below.
R 192.168.100.0/24 [120/1] via 10.10.10.2, 00:00:14, GigabitEthernet0/0

Sh ip int bri
show ip route
show ip protocol
ping 10.10.10.2
ping 192.168.100.33
ping 192.168.100.225
sh ip route 192.168.100.225

Read More continues below…
RouterA#ping 10.10.10.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/2 ms

RouterA#ping 192.168.100.33

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.33, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms

RouterA#
RouterA#sh ip route 192.168.100.33
Routing entry for 192.168.100.0/24
Known via "rip", distance 120, metric 1
  Redistributing via rip
  Last update from 10.10.10.2 on GigabitEthernet0/0, 00:00:23 ago
  Routing Descriptor Blocks:
  * 10.10.10.2, from 10.10.10.2, 00:00:23 ago, via GigabitEthernet0/0
      Route metric is 1, traffic share count is 1

Read More continues below…


Attached is the LAB and config for reference.


All the best!

YAN LINN AUNG

7-Jun-17

Tuesday, 27 September 2016

Priority to Wifi or LAN on a PC

Priority to WiFi or LAN on a PC

Scenario
PC is connected to LAN cable in the same time connected to the WiFi network. Both connections are active and PC will choose the prefer priority interface list. Here is how to give priority to those settings. 

Check current network preference list. netstat –rn 

Based on below result Realtek PCIe GBE LAN is prefer than WiFi adapter when both network are active.

C:\Windows\System32>netstat -rn
========================================================================
Interface List
 10...8c 73 6e b5 cb 86 ......Realtek PCIe GBE Family Controller
 12...b4 74 9f f4 fe 34 ......Atheros AR9002WB-1NG Wireless Network Adapter
 39...00 ff 0e 9a 79 7c ......TeamViewer VPN Adapter
 28...00 ff e0 a9 be 07 ......Juniper Network Connect Virtual Adapter
 31...00 09 0f fe 00 01 ......Fortinet virtual adapter
             1...........................Software Loopback Interface 1


To tweak the interface priority settings

Control Panel\Network and Internet\Network Connections > Advanced > Advanced Setting> Adapters and Bindings > Connections ….

 Use up arrow and down arrow to teak the setting.



similar case.


Regards,
Yan Linn
Sep/2016

Thursday, 21 July 2016

Ruckus Controller Base AP to Standalone AP Configuration Step by Step Guide

Controller Base AP to Standalone AP Configuration Step by Step Guide

Ruckus R700 Multimedia Hotzone Wireless AP

Ruckus Wireless
Tech author: Yan Linn

Default IP:           192.168.0.1
Username:         super
Password:           sp-admin

1.       Country Code (After you select country code. Access Point will auto Reboot to take effect with the Country Code Radio settings)

Management VLAN:       11
SSID: GuestRoom VLAN: 90
SSID: Singapore VLAN: 91







Factory default the Access Point.  Click Reset Now. (To install Standalone Firmware Image)

Access Point will auto Reboot.




After reboot, able to see the Upgrade under Maintenance. Local > Choose File > standalone image.
Select the image and Click Perform Upgrade.
(you still cannot see the Radio 2.4G and 5G and Hotspot setting under Configuration. Because of Image is still Zonebase Image.)










Access Point will auto reboot.




After successfully upgrade to Standalone Image. You can see the Radio 2.4G and 5G and Hotspot setting under Configuration. You can configure now.
·         Country Code
(After you select country code. Access Point will auto Reboot to take effect with the Country Code Radio settings)
·         Wireless 2.4G and 5G (SSID, VLAN, Encryption)











Country Code  (After you select country code. Access Point will auto Reboot to take effect with the Country Code Radio settings) It will take effect for both 2.4G and 5G.

Updating Device Login username and password


Radio 2.4G. SSID: GuestRoom VLAN: 90
Wireless Availability: Enabled


Radio 5G. SSID: GuestRoom VLAN: 90
Wireless Availability: Enabled



Radio 2.4G. SSID: Singapore VLAN: 91
Wireless Availability: Enabled



Change Ethernet Port to TRUNK which is connected to Switch so that VLAN 90, 91 can go through.
 (Switch configuration eg. Switchport UntagPVIDonly vlan 11(MGMT), Tagged VLAN 90, 91. PVID 11(native VLAN) )


Static IP Address for the Access Point. After changing the MGMT IP of the AP. Change your Admin PC IP address accordingly.


Login to new MGMT IP address of AP with new username and password.


Two Ways of Factory Resetting the AP.
·         Soft Reset
·         Hard Reset (press and hold the reset button for 10 sec then release it will reset to factory)
Soft Reset
After the Access Point is taken out from Controller. HTTPS is disabled. Only SSH is able to access.
SSH to access point and enable https (set https enable).
Login as Admin.
Username and password is your Controller username and password. In this case (admin & admin)
https://172.27.3.250 (AP IP Address)
Maintenance > Reset AP to the factory default settings.




Monday, 9 May 2016

Adding Static Route to a PC

Adding Static Route to a PC

PC-PT need to access Resources on LAN 172.27.0.0 network. PC-PT cannot access LAN because of its Default Gatway is set to 172.30.0.4 Internet Router. In order to get access to LAN. PC need to add static route from command line is as below to 172.27.0.0/16 Network.

route add 172.27.0.0 mask 255.255.0.0 172.30.0.1 metric 6



route add 172.27.0.0 mask 255.255.0.0 172.30.0.1 metric 6








Monday, 11 April 2016

local disk drives available in a remote desktop session

local disk drives available in a remote desktop session


Adding local drive before remote desktop session



View from Remote Desktop PC




for more info


Thursday, 17 March 2016

Trunk link between Avaya Switches




Trunk link will form between Avaya Switches.

Using below protocol
  •  MLT > MLT
  • VLACP > VLACP

Sample config as below -
 
  • MLT 1 name "Trunk * 1" disable/enable member 1/49-50
  • no MLT1
  • no VLACP port 1/50,1/30 enable