Академический Документы
Профессиональный Документы
Культура Документы
1.1 VLAN
Create VLANs 3, 5, 18, 26, 41, 43 and 62 on switches SW1 and SW2. Create
VLAN 43 on switch SW3.
Apply VLANs to access interfaces according to the table below.
3 SW1 Eth0/0/1
5 SW1 Eth0/0/5
41 SW1 Eth0/0/4
43 SW2 Eth0/0/4
SW3 Eth0/0/22
62 SW2 Eth0/0/6
SW1 Eth0/0/21
1.3 Trunk
All links between switches SW1, SW2, SW3 and SW4 should be configured as
trunk links, allow VLANs 1 through to 4094 across all trunks.
1.4 GVRP
Enable GVRP on switches to enable SW3 and SW4 to learn statically configured
VLAN information from SW1 and SW2.
1.5 MSTP
Switches SW1, SW2, SW3 and SW4 run MSTP as follows.
VLANs 3, 5 and 18 are in instance 1 for which SW1 should be primary root and
SW2 the secondary root. VLANs 26, 41, 43 and 62 are in instance 2, for which
SW2 is the primary root and SW1 is the secondary root. The MSTP region name is
HW and revision level is 1.
Interface E0/0/20 on SW1 is directly connected to a PC. Ensure that E0/0/20 enters
the forwarding state as soon as the PC is connected and the link becomes active.
E0/0/20 should to be shut down automatically after receiving BPDUs and should
recover after 50s.
2. Section 2: IGP
Import the route to the network segment 10.1.33.0/24 where VLANIF 3 on SW1
resides into OSPF, and set the route tag to 200.
Run OSPF between R4 and BB3, add them to Area 4, and set Area 4 as an NSSA.
Add Loopback 40 on R4 and assign it a 10.1.40.4/24 IP address. Import the
network segment where it resides into OSPF and prevent its import into Area 3 and
Area 4.
2.9 RIP
Run RIPv2 on R6 and ensure that only BB1-connected S1/0/1 can send and receive
packets.
On R6, configure RIP and IS-IS to import routes from each other. Configure IS-IS
to summarize imported RIP routes so that other IS-IS routers can only view the
summarized route 212.18.0.0/22.
Configure R6 to set the cost of routes imported by IS-IS to 200 and tag to 200.
Disable RIP automatic summarization and use manual summarization on R6 so that
it sends only one route 10.1.0.0/16 to BB1.
3. Section 3: EGP
Device Device
1 2
R4 BB3
R4 R5
R5 R1
R1 R3
R1 R2
R3 SW2
R3 R2
R2 R6
R6 BB2
4. Section 4: IP Multicast
4.1 PIM
Enable multicast routing on R1, R2, R4 and SW1.
4.2 RP
The IP address of Loopback 0 on R1 is used as RP for the following multicast
ranges.
225.10.0.0 - 225.10.255.255
225.26.0.0 - 225.26.255.255
225.42.0.0 - 225.42.255.255
225.58.0.0 - 225.58.255.255
The IP address of Loopback 0 on R4 is used as RP for the following multicast
ranges.
226.37.0.0 - 226.37.255.255
226.45.0.0 - 226.45.255.255
227.37.0.0- 227.37.255.255
227.45.0.0 - 227.45.255.255
Configure minimum number of ACL rules to achieve this.
4.3 IGMP
Configure R1 G0/0/0 to send IGMP General Query messages at 5 second intervals.
The maximum response time for IGMP Query messages should be 3s on R1
G0/0/0.
Use an ACL to prevent users on R1 G0/0/0 segment from joining the multicast
group 226.37.1.1.
5. Section 5: IPv6
5.2 RIPng
Enable RIPng on the PPP link between R1 and R3.
Enable RIPng on the Ethernet link between R3 and SW2.
6. Section 6: QoS
7. Section 7: Security
7.3 uRPF
DoS attacks with forged source IP addresses occur on E2/0/1 of R3. To solve this
problem, use URPF for IPV4 packets on E2/0/1 of R3.
Configure uRPF for IPv6 packets on R3 E2/0/1. Packets with a source addresses in
the FIB may be forwarded. It is not necessary for the outbound interface in the FIB
to match the inbound interface of the packets.
Section 8: IP feature
8.1 NetStream
NMS personnel require key information in packets received by G0/0/0 on R6
through NetStream. Set the packet sampling interval to 100 ms and configure
aggregation using Protocol-Port to collect exported packets. The address of the
NetStream server is 10.1.26.200 and the port number is 6000. The exported packets
must carry BGP next hop information and MPLS information.