Expert Reference Series of White Papers

1-800-COURSES www.globalknowledge.com
Building a Cisco
Certication Lab
Copyright 2012 Global Knowledge Training LLC. All rights reserved. 2
Building a Cisco Certication Lab
Joe Rinehart, MBA, CCIE #14256, CCNP/DP/VP
Introduction
Along my journey from CCNA to CCIE, I have had to go through the task of periodically building lab environ-
ments to give me hands-on experience. This was especially critical in the CCIE Lab, which involved multiple
devices, protocols, and tasks to complete. When I rst began teaching CCNA courses, I came up with the idea of
creating a scaled-down version of a lab exam to assist with hands-on learning.
Everyone learns a little differently, but the general methods of learning are:
Visual: Involves the use of the eyes, including diagrams, reading, and printed materials
Auditory: Involves the use of the ears including lectures, sounds, and related materials
Kinesthetic: Involves the use of real-time hands-on learning
Everyone can learn using kinesthetic methods, but typically people favor either visual or auditory as a primary
learning style. As a result, using either visual or auditory materials with hands-on learning creates a very strong
and compelling learning model This is yet another reason that I place a great emphasis on labs scenarios for
technical training.
There are two primary phases to creating a lab for study purposes, the rst is design, and the other is the actual
physical assembly of the components. In some cases you may be able to create a multiple-use environment from
the ground up, but starting with some idea of the goal in mind is a better idea.
Phase I: Design
The purpose of any design process is to create a specic type of outcome, usually related to goals. Knowing
what technology and/or certication you want to practice with can help decide how many resources you might
need to assemble. For example, a CCNA-level lab may only require a handful of routers and one switch, where a
Cisco Unied Communications Lab may require phones, servers, switches, routers, and so on. For our purposes,
lets just concentrate on a CCENT/CCNA-level lab environment.
Creating anything turns out better with a design or blueprint, which is the exact terminology that Cisco uses
when outlining their exams. Simplifying the contents of the CCNA (640-802), the requirements would include:
VLAN, Trunks, and Spanning Tree
Frame-Relay WAN
Copyright 2012 Global Knowledge Training LLC. All rights reserved. 3
RIPV2, OSPF, and EIGRP Routing
IPV6
WLAN (administration only)
Access-Lists
Figure 1: CCNA Lab Design
Fortunately, even many older Cisco routers and switches are capable of supporting the requirements listed
above, from IOS version 12.3 and later (my recommendation, 12.4, is far better). Even more to the point, the
switching component(s) can involve less expensive Layer 2 platforms and be limited to just one or two. Translat-
ing this into specic requirements, the equipment list might look like this:
4 Routers (2600 or above, with Trunking Support)
1-2 Switches (2900XL, 2950, or newer)
1 Frame Relay switch (can be a module in one of the routers)
1 ASA-5505 (optional, for access)
Phase II: Build
There are three generally accepted ways to access equipment for a lab. First, you can rent rack time from a wide
number of vendors, which can save on your power bill and simplify practice. Second, for routing platforms, you
can use an emulator or simulator, such as Packet Tracer or GNS3. Finally, you can get your own equipment and
assemble your own lab, which I think is the best choice. You can utilize spare equipment at work, request some
from your local Cisco Users Group, or purchase your own using Craigslist or eBay. Here is a parts list that can
make the process straightforward.
Copyright 2012 Global Knowledge Training LLC. All rights reserved. 4
4 - Cisco 2620/21 with 1 WIC1-T card
Figure 2: Cisco 2620
2 2912-XL-EN (2924 would be 24 ports)

Figure 3: Cisco 2912-XL
1 ASA-5505 (Base License)

Figure 4: Cisco ASA-5505
NM-4A/S Module for 2600 Series

Figure 5: Cisco NM-4A/S
6 Cat-5 Ethernet Cables

Figure 6: Ethernet Cables
3 DCE to DTE Serial Back to Back Cables

Figure 7: Serial Cables
Correctly assembling these components into an easily accessible lab is fairly simple, and I have built enough
of them over the years to help simplify the process. One item not listed above that can be helpful is a terminal
server, which establishes console-based access to all of the devices in the lab. In the simplest setup, you can

Copyright 2012 Global Knowledge Training LLC. All rights reserved. 5
simply swap the console cable between each device, but when you have 8 or more devices (as I typically do) a
terminal server is a big help.
Step 1: Rack, Stack & Power
While it may not seem like a big deal, the logistics of power and space can actually cause major headaches.
To start with, if you operate your lab at home, you will have to foot the power bill, which is one reason I have
hosted mine at work when possible. Ideally, a network cabinet or rack is helpful for the physical assembly, and
dont despair if you only need a small one. Creativity is your best friend here; I discovered that an old Exabtyte
tape drive cabinet with the guts removed was a great improvised substitute. Power can be as simple as a
power strip or surge protector, but be very careful not to overload it or you can create a re hazard. At this
point, run your power cords from the equipment into the strip and plug everything into it. If it looks sloppy, use
cable straps to bundle the cords or fasten them to the rack.
Step 2: LAN Cabling
The second basic step in assembling your certication lab is probably the easiest, namely, cabling the LAN con-
nections. You can use CAT 5/6 cables of any length, but the shorter the better; the exception is adequate length
to comfortably reach between devices. Cable all router LAN ports to the switch(es), and if you are using multiple
switches, cable between the switches with at least two cords.
Step 3: Serial Interface Cabling
The WIC-1T style cards utilize 60-pin connectors similar
to older fxed-confguration devices such as the 1600
and 2500 series (see Figure 8).
As described in the parts list, you need a specic type
of serial cable for back-to-back connections. Remember
that interfaces can operate as DTE or DCE; depending on
the cable involved, you can purchase DB-60 DTE to DCE
cables from a variety of sources (one is www.anthony-
panda.com where I have personally purchased equip-
ment). If you have spare cables in your work environment, typically DTE, then you can just use or purchase the
corresponding DCE cable and connect them together.
Phase III: Congure
Now for the fun part of the project, conguring it for actual operation. The real conguration tasks will be
reserved for lab exercises, but some initial setup will help things run more smoothly. The tasks involved are as
follows.
Step 1: Frame-Relay Switch Conguration
I have used a variety of different devices over the years for this function, from a Cisco 7010 (huge power-sucking
heat generator) to the NM-8A/S module in my current lab environment. The module is a much better approach
Figure 8: WIC-1T
Copyright 2012 Global Knowledge Training LLC. All rights reserved. 6
because it accomplishes the same thing while using existing hardware real estate. The only drawback is that the
interfaces are lower speed (128K typically) but in a lab environment that is not problematic.
Remember the interface naming conventions on Cisco routers, namely slot/port, and with modules the slot is
usually going to be 1/X. Assuming use of the module in the parts list, the interfaces would be as follows.
Serial 1/0
Serial 1/1
Serial 1/2
Serial 1/3
Confguration is fairly straightforward; you have to supply frame-relay Data Link Connection Identifers (DLCI,
the Layer 2 addresses in frame-relay) and a few other settings. For the sake of simplicity assume that Router 1 is
connected to S1/0, Router 2 is connected to S1/1, and so forth.
The rst step is to enable the router to perform frame-relay switching, which is congured in global congura-
tion mode using the frame-relay switching command. The conguration for the rst port would be as follows,
with annotations explaining the signicance of the commands.
interface Serial 1/0 Physical interface being confgured
encapsulation frame-relay Layer 2 encapsulation type
clock-rate 128000 Port speed (use top speed available)
frame-relay intf-type dce Designates DCE switch interface
frame-relay route 102 interface serial 1/1 201 Describes the DLCI of frames coming
frame-relay route 103 interface serial 1/3 301 into the interface, and then the
frame-relay route 104 interface serial 1/1 401 destination DLCI and interface

The concept here is simple: the router on the other end of the cable (DTE side) sends traffc tagged with one
of the DLCI values (e.g., 102, 103, 104) and then sends it out the interface with a new DLCI number (e.g., 201,
301, 401), and it arrives on the DTE port of the destination router. This is basically the same logic used by service
providers with enormous switches. You can do the same type of thing with ATM- or MPLS-confgured ports, but
for ATM you need specifc interface types. Following this, you need to confgure the rest of the ports to perform
the same type of switching tasks.
Step 2: Create Basic Template Congurations.
I recommend one nal task just to make things easier when you want to erase congurations and start over
when you start a new set of lab tasks. Create a set of basic parameters that you will use at the start of most
every lab, and that will remain constant. Here are the ones that I would recommend.
1. Hostname
I prefer to use a single letter that describes the device, R for router, S for switch, F for rewall, etc. Following
that is a numerical value that just describes where the device sits in the topology. Sometimes I include a model
Copyright 2012 Global Knowledge Training LLC. All rights reserved. 7
number just so I know the capabilities of the device. For instance, if the rst router in the lab pod is a 2620, I
would make the hostname R1-2620.
2. Device access
The device access ports probably will not change substantially so setting the parameters is a good idea. Usually
you will only need console or telnet/SSH access but setting the AUX settings for routers is a good idea as well.
Basic settings for each are suggested as follows.
line con 0 Console Port
privilege level 15 Enters privileged mode right away
password xxxxx Species a password when needed
No login Logs you in directly without intervention
line aux 0 Auxiliary (modem) Port
password xxxxx Species a password to access the system
transport input all Allows any protocol for access (telnet, etc.)
login Requires a login process for access
line vty 0 <maximum #> Virtual Terminal Port (remote access)
password xxxxx Species a password to access the system
transport input all Allows any protocol for access (telnet, etc.)
login Requires a login process for access
3. LAN Settings
Most routers that you would use in a lab have the capability of supporting VLAN trunking on LAN interfaces.
That being the case, set the encapsulation type on the switch(es) to trunking encapsulation right off the bat and
dont change it.
4. WAN Settings
Serial interfaces on Cisco routers default to HDLC encapsulation by default, so make certain that you set the
ports to frame-relay encapsulation. That way, the interfaces will be up/up when you start off and you will not
have to waste time troubleshooting issues that really are not issues.
5. Device Defaults
A few settings are helpful on routers and switches simply so you do not have to deal with ongoing irritating
issues. A big help is to disable DNS lookups when you mistype a command, which is the no ip domain-lookup
command in global conguration mode. Setting the time zone is helpful also.
To keep your template congurations readily available, copy them to ash memory using the copy running-
cong ash: command. When you are done with a lab exercise, you can issue the write erase command and
Copyright 2012 Global Knowledge Training LLC. All rights reserved. 8
reboot. Once the device has completed the boot process, issue the copy ash:<lename> running-cong
command and then reload the conguration.
Conclusion
Building a fexible lab environment is an essential and critical part of any certifcation study environment. The
rst step, either the CCENT or CCNA, requires an environment that is complete enough to cover all of the exam
topics, but simple and inexpensive enough to easily construct. Learning concepts is important, but applying
those principles in a practical manner reinforces learning, as well as prepares for simulation questions that are
an integral part of Cisco exams today.
Images courtesy of Cisco and AnthonyPanda.com.
Learn More
To learn more about how you can improve productivity, enhance efciency, and sharpen your competitive edge,
Global Knowledge suggests the following courses:
ICND1 - Interconnecting Cisco Network Devices 1
ICND2 - Interconnecting Cisco Network Devices 2
CCENT e-Camp
CCNAX - CCNA Boot Camp v1.1
Visit www.globalknowledge.com or call 1-800-COURSES (1-800-268-7737) to speak with a Global
Knowledge training advisor.
About the Author
Joe Rinehart, MBA, CCIE #14256, CCNP/DP/VP is a professional trainer specializing in technology, business, and
social media. He is also a successful speaker and published author, as well as a columnist for the Federal Way
Mirror. He is active in the social media space, managing one of the largest groups on LinkedIn, as well as serving
on the national steering committee of the Cisco Collaboration Users Group. Joe also serves as president of the
Seattle Cisco Users Group, serving technology professionals throughout the Puget Sound region.
Joe Rinehart, MBA, CCIE #14256, CCNP/DP/VP
President and CEO
Gracestone Professionals, LLC
jrinehart@gracestonecompany.com
Twitter: jjrinehart