Step to step for CCIE -- The CCIE Experience

Senin, 22 Juli 2013

Welcome CCIE Collaboration, good bye CCIE Voice

During this 10th anniversary year of the CCIE Voice certification, Cisco is pleased to announce the next generation of Expert-level IT skills training and assessment for telecom, unified communications, and video staff. CCIE Voice is evolving to become CCIE Collaboration, reflecting advances in networked collaboration solutions beyond simple audio phone calls. The new CCIE Collaboration certification will expand to include Cisco's leading solutions for voice, video, IM, presence, and call centers. The CCIE Voice certification will be retired as of February 14, 2014.
Collaboration is unique in its potential to affect every workplace employee, business partner, and customer. No longer just a voice call or IM session, workplace collaboration now happens in real time within a variety of integrated applications.
A candidate can use either the CCIE Voice or CCIE Collaboration written exam as part of a CCIE Collaboration certification. If a candidate passes either the CCIE Voice written exam or the CCIE Collaboration written exam, combined with the CCIE Collaboration lab exam, they will attain a CCIE Collaboration certification.

CCIE Voice

The last day to take the CCIE Voice Written exam is November 20, 2013.
The last day to take the CCIE Voice Lab exam is February 13, 2014.

CCIE Collaboration

The CCIE Collaboration Written exam availability begins November 21, 2013.
The CCIE Collaboration Lab exam availability begins February 14, 2014.

CCIE Mobile lab schedule in 2013

CCIE MOBILE LAB in the world

Jakarta, Indonesia	Jul 15 - 19	R	Routing & Switching, Security
Mexico City, Mexico	Jul 22 - 26	R	Routing & Switching, Security
Lagos, Nigeria	Jul 29 - Aug 2	R	Routing & Switching, Security
Dalian, PR China	Jul 29 - Aug 2	R	Routing & Switching, Security
Vancouver, Canada	Aug 5 - 9	R	Routing & Switching, Security and Voice
Johannesburg, South Africa	Aug 12 - 16	R	Routing & Switching, Security
Singapore, Singapore	Aug 19 - 23	R	Routing & Switching, Security and Voice
Riyadh, Saudi Arabia	Aug 25 - 29	R	Routing & Switching, Security
Shanghai, PR China	Sep 2 - 6	R	Routing & Switching, Security and Voice
Istanbul, Turkey	Sep 9 - 13	R	Routing & Switching, Security
Jakarta, Indonesia	Sep 16 - 20	R	Routing & Switching, Security
Moscow, Russia	Sep 23 - 27	R	Routing & Switching, Security
Sao Paulo, Brazil	Sep 30 - Oct 4	R	Routing & Switching, Security
Chengdu, PR China	Oct 14 - 18	R	Routing & Switching, Security
Lagos, Nigeria	Oct 21 - 25	R	Routing & Switching, Security and Voice
Mexico City, Mexico	Oct 28 - Nov 1	R	Routing & Switching, Security and Voice
Singapore, Singapore	Nov 11 - 15	R	Routing & Switching, Security and Voice
Toronto, Canada	Nov 25 - 29	R	Routing & Switching, Security and Voice
London, United Kingdom	Dec 2 - 6	R	Routing & Switching, Security and Voice
Shanghai, PR China	Dec 9 - 13	R	Routing & Switching, Security and Voice

Minggu, 25 Desember 2011

BGP path manipulation using MED

pada posting ini kita akan melihat bagaimana kita manipulate path bgp...
pastikan dulu intial config ping ke masing-masing router bisa berjalan...dan tambahkan protocol IGP di iBGP supaya BGP bisa up...
ada soal seperti ini, ***konfigurasi bagaimana AS#12 ke AS#6 menggunakan R1 sebagai exit point...anda hanya bisa melakukan confignya di R4 menggunakan outbound direction MED....***
berikut confignya...

R1
interface Loopback0
ip address 10.1.1.1 255.255.255.255
!
interface Loopback100
ip address 100.1.1.1 255.255.255.255
interface FastEthernet0/0.12
encapsulation dot1Q 12
ip address 10.1.12.1 255.255.255.0
ip router isis
no snmp trap link-status
isis circuit-type level-1
!
interface FastEthernet0/0.13
encapsulation dot1Q 13
ip address 10.1.13.1 255.255.255.0
no snmp trap link-status
router isis
net 49.0001.0000.0000.0001.00
is-type level-1
passive-interface Loopback0
!
router bgp 12
bgp router-id 10.1.1.1
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.1.1.2 remote-as 12
neighbor 10.1.1.2 update-source Loopback0
neighbor 10.1.13.3 remote-as 34
!
address-family ipv4
neighbor 10.1.1.2 activate
neighbor 10.1.1.2 send-community both
neighbor 10.1.1.2 route-reflector-client
neighbor 10.1.1.2 next-hop-self
neighbor 10.1.13.3 activate
neighbor 10.1.13.3 send-community both
no auto-summary
no synchronization
network 10.1.1.1 mask 255.255.255.255 route-map SET_COM
network 100.1.1.1 mask 255.255.255.255
exit-address-family
ip bgp-community new-format
ip prefix-list SET_NET seq 5 permit 100.1.1.1/32
logging alarm informational
route-map SET_COM permit 10
set community 1:1
!

R2
interface Loopback0
ip address 10.1.1.2 255.255.255.255
interface FastEthernet0/0.12
encapsulation dot1Q 12
ip address 10.1.12.2 255.255.255.0
ip router isis
no snmp trap link-status
isis circuit-type level-1
!
interface FastEthernet0/0.24
encapsulation dot1Q 24
ip address 10.1.24.2 255.255.255.0
no snmp trap link-status
router isis
net 49.0001.0000.0000.0002.00
is-type level-1
passive-interface Loopback0
!
router bgp 12
bgp router-id 10.1.1.2
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.1.1.1 remote-as 12
neighbor 10.1.1.1 update-source Loopback0
neighbor 10.1.24.4 remote-as 34
!
address-family ipv4
neighbor 10.1.1.1 activate
neighbor 10.1.1.1 send-community both
neighbor 10.1.1.1 next-hop-self
neighbor 10.1.24.4 activate
neighbor 10.1.24.4 send-community both
no auto-summary
no synchronization
network 10.1.1.2 mask 255.255.255.255 route-map ORIGIN
exit-address-family
ip bgp-community new-format
route-map ORIGIN permit 10
set origin incomplete
set community 2:2
!
route-map ORIGIN permit 20
!
route-map SET_COM permit 10
set community 2:2

R3
interface Loopback0
ip address 10.1.1.3 255.255.255.255

interface FastEthernet0/0.13
encapsulation dot1Q 13
ip address 10.1.13.3 255.255.255.0
no snmp trap link-status
!
interface FastEthernet0/0.34
encapsulation dot1Q 34
ip address 10.1.34.3 255.255.255.0
ip ospf network point-to-point
ip ospf mtu-ignore
no snmp trap link-status
!
interface FastEthernet0/0.35
encapsulation dot1Q 35
ip address 10.1.35.3 255.255.255.0
no snmp trap link-status
router ospf 1
router-id 10.1.1.3
log-adjacency-changes
passive-interface Loopback0
network 10.1.1.3 0.0.0.0 area 0
network 10.1.34.0 0.0.0.255 area 0
!
router bgp 34
bgp router-id 10.1.1.3
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.1.1.4 remote-as 34
neighbor 10.1.1.4 update-source Loopback0
neighbor 10.1.13.1 remote-as 12
neighbor 10.1.35.5 remote-as 6
neighbor 10.1.35.5 local-as 7735
!
address-family ipv4
neighbor 10.1.1.4 activate
neighbor 10.1.1.4 send-community both
neighbor 10.1.1.4 route-reflector-client
neighbor 10.1.1.4 next-hop-self
neighbor 10.1.13.1 activate
neighbor 10.1.13.1 send-community both
neighbor 10.1.13.1 route-map IN_TO_R1 in
neighbor 10.1.13.1 route-map OUT_TO_R1 out
neighbor 10.1.35.5 activate
no auto-summary
no synchronization
network 10.1.1.3 mask 255.255.255.255 route-map SET_COM
exit-address-family

ip bgp-community new-format
ip as-path access-list 1 permit _5$
ip prefix-list R1 seq 5 permit 10.1.1.1/32
logging alarm informational
!
route-map OUT_TO_R1 permit 10
match as-path 1
set metric 66666
!
route-map OUT_TO_R1 permit 20
!
route-map SET_COM permit 10
set community 3:3
!
route-map IN_TO_R1 permit 10
match ip address prefix-list R1
set local-preference 75
!
route-map IN_TO_R1 permit 20

R4
interface Loopback0
ip address 10.1.1.4 255.255.255.255
interface FastEthernet0/0.24
encapsulation dot1Q 24
ip address 10.1.24.4 255.255.255.0
no snmp trap link-status
!
interface FastEthernet0/0.34
encapsulation dot1Q 34
ip address 10.1.34.4 255.255.255.0
ip ospf network point-to-point
ip ospf mtu-ignore
no snmp trap link-status
!
interface FastEthernet0/0.46
encapsulation dot1Q 46
ip address 10.1.46.4 255.255.255.0
no snmp trap link-status
router ospf 1
router-id 10.1.1.4
log-adjacency-changes
passive-interface Loopback0
network 10.1.1.4 0.0.0.0 area 0
network 10.1.34.0 0.0.0.255 area 0
!
router bgp 34
bgp router-id 10.1.1.4
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.1.1.3 remote-as 34
neighbor 10.1.1.3 update-source Loopback0
neighbor 10.1.1.6 remote-as 6
neighbor 10.1.1.6 ebgp-multihop 5
neighbor 10.1.1.6 update-source FastEthernet0/0.46
neighbor 10.1.24.2 remote-as 12
!
address-family ipv4
neighbor 10.1.1.3 activate
neighbor 10.1.1.3 send-community both
neighbor 10.1.1.3 next-hop-self
neighbor 10.1.1.6 activate
neighbor 10.1.1.6 send-community both
neighbor 10.1.24.2 activate
neighbor 10.1.24.2 send-community both
neighbor 10.1.24.2 route-map COM out
no auto-summary
no synchronization
network 10.1.1.4 mask 255.255.255.255 route-map SET_COM
exit-address-family
ip route 10.1.1.6 255.255.255.255 10.1.46.6
ip bgp-community new-format
ip community-list 1 permit 6:6
ip prefix-list R2 seq 5 permit 10.1.1.2/32
logging alarm informational
!
route-map COM permit 10
match community 1
set as-path prepend 34 34 34
!
route-map SET_COM permit 10
set origin incomplete
set community 4:4
!
route-map IN_TO_R2 permit 10
match ip address prefix-list R2
set local-preference 55
!
route-map IN_TO_R2 permit 20

R5
!
interface Loopback0
ip address 10.1.1.5 255.255.255.255
interface FastEthernet0/0.35
encapsulation dot1Q 35
ip address 10.1.35.5 255.255.255.0
no snmp trap link-status
router bgp 5
bgp router-id 10.1.1.5
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.1.35.3 remote-as 7735
neighbor 10.1.35.3 local-as 6 no-prepend
!
address-family ipv4
neighbor 10.1.35.3 activate
neighbor 10.1.35.3 send-community
neighbor 10.1.35.3 allowas-in
no auto-summary
no synchronization
network 10.1.1.5 mask 255.255.255.255 route-map SET_COM
exit-address-family
ip bgp-community new-format
route-map SET_COM permit 10
set community 5:5

R6
interface Loopback0
ip address 10.1.1.6 255.255.255.255
interface FastEthernet0/0.46
encapsulation dot1Q 46
ip address 10.1.46.6 255.255.255.0
no snmp trap link-status

router bgp 6
bgp router-id 10.1.1.6
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.1.46.4 remote-as 34
neighbor 10.1.46.4 update-source Loopback0
!
address-family ipv4
neighbor 10.1.46.4 activate
neighbor 10.1.46.4 send-community both
neighbor 10.1.46.4 allowas-in
no auto-summary
no synchronization
network 10.1.1.6 mask 255.255.255.255 route-map SET_COM
exit-address-family
ip bgp-community new-format

route-map SET_COM permit 10
set community 6:6

kita bisa verifikasi disini....

R2#sh ip bgp
BGP table version is 10, local router ID is 10.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
r>i10.1.1.1/32      10.1.1.1                 0      100      0 i
*> 10.1.1.2/32      0.0.0.0                  0         32768 ?
*>i10.1.1.3/32      10.1.1.1                 0    100      0 34 i
*>i10.1.1.4/32      10.1.1.1                 0    100      0 34 ?
*>i10.1.1.5/32      10.1.1.1             66666 100      0 34 7735 6 5 i
*>i10.1.1.6/32      10.1.1.1                 0      100      0 34 6 i
*                    10.1.24.4                         0      34 34 34 34 6 i
*>i100.1.1.1/32     10.1.1.1                 0    100      0 i
R2#

Sabtu, 24 Desember 2011

Dual Wan with OER

pada posting ini akan dicontohkan menggunakan 2 ISP dengan command OER....

berikut config yang digunakan untuk OER...

fa0/0 : connected to IM2

fa0/1: connected to Telkom

vlan1: local LAN

***pertama kita assign OER master***

oer master

policy-rules OER-MAP

traceroute probe-delay 10000

keepalive 1

logging

***Match interface external yang menuju ke WAN***

border *LAN-IP* key-chain key1

interface Vlan1 internal

interface FastEthernet0/1 external

interface FastEthernet0/0 external

learn

throughput

delay

periodic-interval 1

monitor-period 2

prefixes 10000

expire after time 1

aggregation-type prefix-length 32

max prefix total 10000

no max range receive

backoff 180 360

mode route control

mode select-exit best

resolve loss priority 1 variance 1

resolve delay priority 2 variance 5

resolve utilization priority 3 variance 5

resolve range priority 5

oer border

local Vlan1

master *LAN-IP* key-chain key1

!***tracking menggunakan IP SLA***

track 99 rtr 99 reachability

delay down 15 up 10

!***tracking menggunakan IP SLA***

track 173 rtr 173 reachability

delay down 15 up 10

class-map type inspect match-any priv-pub-traffic

match protocol http

match protocol https

match protocol ftp

match protocol ssh

match protocol appleqtc

match protocol bittorrent

match protocol dns

match protocol echo

match protocol h323

match protocol ymsgr

match protocol telnet

match protocol udp

match protocol icmp

match protocol tcp

policy-map type inspect priv-pub-policy

class type inspect priv-pub-traffic

inspect

class class-default

zone security public

zone security private

zone-pair security priv-pub source private destination public

service-policy type inspect priv-pub-policy

interface FastEthernet0/0

ip address *IM2* 255.255.255.248

ip nat outside

ip virtual-reassembly

zone-member security public

duplex auto

speed auto

interface FastEthernet0/1

ip address *TELKOM* 255.255.255.248

ip nat outside

ip virtual-reassembly

zone-member security public

duplex auto

speed auto

interface Vlan1

ip address *LAN-IP* 255.255.255.0

ip nat inside

ip virtual-reassembly

zone-member security private

ip local policy route-map LOCAL-TRAFFIC-EGRESS

no ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 FastEthernet0/0 *IM2-GW* 20 tag 99 track 99

ip route 0.0.0.0 0.0.0.0 FastEthernet0/1 *TELKOM-GW* 10 tag 173 track 173

ip nat translation dns-timeout 10

ip nat inside source route-map NAT-ISP-TELKOM interface FastEthernet0/1 overload oer

ip nat inside source route-map NAT-ISP-IM2 interface FastEthernet0/0 overload oer

ip access-list standard IP-SOURCE-TELKOM

permit *TELKOM-IP*

ip access-list standard IP-SOURCE-IM2

permit *IM2-IP*

ip access-list standard LAN

permit *LAN-SUBNET* 0.0.0.255

***tracking menggunakan IP SLA***

ip sla 99

icmp-echo *IM2-TEST-IP* source-interface FastEthernet0/0

timeout 1500

frequency 20

ip sla schedule 99 life forever start-time now

ip sla 173

icmp-echo *TELKOM-TEST-IP* source-interface FastEthernet0/1

timeout 1500

frequency 20

ip sla schedule 173 life forever start-time now

route-map NAT-ISP-IM2 permit 10

match ip address LAN

match interface FastEthernet0/0

route-map LOCAL-TRAFFIC-EGRESS permit 10

match ip address IP-SOURCE-TELKOM

set ip next-hop *TELKOM-GW*

set interface FastEthernet0/1

route-map LOCAL-TRAFFIC-EGRESS permit 20

match ip address IP-SOURCE-IM2

set ip next-hop *IM2-GW*

set interface FastEthernet0/0

route-map LOCAL-TRAFFIC-EGRESS permit 30

match ip address NAT-ACL LAN

set interface Vlan1

route-map NAT-ISP-TELKOM permit 10

match ip address LAN

match interface FastEthernet0/1

oer-map OER-MAP 10

match oer learn delay

set traceroute reporting

oer-map OER-MAP 20

match oer learn throughput

set traceroute reporting

dengan ini, router dapat menggunakan 2 ISP untuk traffic ke outside...

sekian posting ini....

EEM Applet Script configuration

pada posting ini saya akan mencontohkan fungsi dari IOS EEM--Embedded Event Manger, jika kita melakukan shutdown pada interface lo0, dengan fungsi EEM ini, interface lo0 akan bisa dengan automatically up kembali....
mari kita lihat example dari EEM....

di R1 kita buat dulu interface lo0, lalu kita ketik EEM commandnya :
R1#conf t
R1(config)#inter lo0

R1(config-if)#ip add 1.1.1.1 255
*Mar 1 00:03:14.971: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0,
changed state to u
R1(config-if)#ip add 1.1.1.1 255.255.255.255
R1(config-if)#event manager applet Lo0
R1(config-applet)#event syslog occurs 2 pattern "Loopback0, changed state to admin"
R1(config-applet)#action 1.0 syslog msg "testing shutdown loopback0 - automatic no shut sendiri"
R1(config-applet)#action 1.1 syslog msg "Lo0 down, automatic lo0 nyala lagi"
R1(config-applet)#action 1.2 cli command "enable"
R1(config-applet)#action 1.3 cli command "configure ter"
R1(config-applet)#action 1.4 cli command "int lo0"
R1(config-applet)#action 1.5 cli command "no shut"
R1(config-applet)#action 1.6 syslog msg "OK lo0 sudah aktif kembali"
R1(config-applet)#
R1(config-applet)#do sh run | s event

event manager applet Lo0
event syslog occurs 2 pattern "Loopback0, changed state to admin"
action 1.0 syslog msg "testing shutdown loopback0 - automatic no shut sendiri"
action 1.1 syslog msg "Lo0 down, automatic lo0 nyala lagi"
action 1.2 cli command "enable"
action 1.3 cli command "configure ter"
action 1.4 cli command "int lo0"
action 1.5 cli command "no shut"
action 1.6 syslog msg "OK lo0 sudah aktif kembali"
R1(config-applet)#end

R1#
R1#conf t
R1(config)#
R1(config-if)#inter lo0
R1(config-if)#no shu
R1(config-if)#no shutdown
R1(config-if)#
*Mar 1 00:05:57.531: %LINK-3-UPDOWN: Interface Loopback0, changed state to up
*Mar 1 00:05:58.531: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0,
changed state to up
R1(config-if)#end
R1#
*Mar 1 00:06:04.967: %SYS-5-CONFIG_I: Configured from console by console
R1#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#inter lo0
R1(config-if)#shu
R1(config-if)#
*Mar 1 00:07:49.459: %LINK-5-CHANGED: Interface Loopback0, changed state to adm
inistratively down
*Mar 1 00:07:49.487: %HA_EM-6-LOG: Lo0: testing shutdown loopback0 - automatic
no shut sendiri
*Mar 1 00:07:49.487: %HA_EM-6-LOG: Lo0: Lo0 down, automatic lo0 nyala lagi
*Mar 1 00:07:49.963: %HA_EM-6-LOG: Lo0: OK lo0 sudah aktif kembali
*Mar 1 00:07:49.979: %SYS-5-CONFIG_I: Configured from console by vty0
*Mar 1 00:07:51.939: %LINK-3-UPDOWN: Interface Loopback0, changed state to up
R1(config-if)#do sh ip inter bri
% Ambiguous command: "do sh ip inter bri"
R1(config-if)#do sh ip inter bri
Interface IP-Address OK? Method Status Prot
ocol
FastEthernet0/0 unassigned YES unset administratively down down

FastEthernet0/1 unassigned YES unset administratively down down

Loopback0 1.1.1.1 YES manual up up

R1(config-if)#

dari sesi diatas dapat terlihat ketika interface lo0 di shutdown, maka interface lo0 tersebut akan otomatis no shut sendiri karena telah menggunakan applet EEM di Router ini...

sekian posting EEM ini...

Jumat, 23 Desember 2011

Using Kron for automatic backup config your router

pada posting ini, saya akan mencontohkan cara menggunakan automatic backup dengan archive dan Kron...

Menggunakan Archive :
pertama yang harus ada adalah tftpserver, bisa menggunakan 3CDaemon atau tftp32, pastikan tftp ini aktif selalu...

lalu kita coba cara backup config menggunakan archive....
R1#conf t
R1(config)#archive
R1(config-archive)#path tftp://10.10.10.100/backup-cfg ***untuk menempatkan config file di IP yang tertera dan nama backup filenya***
R1(config-archive)#time-period 1440 ***simpan dalam waktu 24jam***
R1(config-archive)#write-memory
R1(config-archive)#end
R1#
R1#write
Building configuration... ***perhatikan waktu write-memory***
[OK]!!
R1#
R1#write
Building configuration...
[OK]!!

waktu kita ketik write-memory, akan tersimpan file didalam directory di tftpserver yang sedang aktif....

Sekarang menggunakan Kron:
R1#conf t
R1(config)#kron-policy
R1(config-kron-policy)#kron policy-list netx
R1(config-kron-policy)#cli sh running-config | redirect tftp://10.10.10.100/netxbackup-cfg
R1(config-kron-policy)#exit
R1(config)#kron occurence netx-kron at 10:00 recurring
R1(config-kron-occurence)#policy-list netx
R1(config-kron-occurence)#end
R1# sh kron schedule
Kron Occurence Schedule
netx-kron incative. will run again in 0 days 18:16:48 at 10:00 on

R1#cloct set 9:59:30 31 Dec 2011
R1#sh kron schedule
Kron Occurence Schedule
netx-kron incative. will run again in 0 days 00:00:29 at 10:00 on

R1#sh kron schedule
Kron Occurence Schedule
netx-kron incative. will run again in 0 days 00:00:01 at 10:00 on

R1#sh kron schedule
Kron Occurence Schedule
netx-kron active. will run again in 0 days 23:59:58 at 10:00 on

lalu kita lihat di tftp akan ada tambahan backup file dengan nama netxbackup-cfg di directory tftpserver anda....
silahkan anda buka file tersebut dengan notepad atau wordpad..

sekian untuk posting ini...

Rabu, 21 Desember 2011

RSTP, MST Configuration

Pertama gunakan EIGRP AS 2003, dan pastikan walker1 dan walker2 bisa ping..lalu kita lanjut ke walker1:

hostname walker1
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan192
! ip address 172.16.192.16 255.255.255.0

Configurasi VTP di walker1

walker1#vlan database
walker1(vlan)#vtp domain walker
walker1(vlan)#vtp server
walker1(vlan)#vtp password psv2

lanjut ke konfigurasi VLAN port :

interface FastEthernet0/3
 switchport access vlan 300
! assigned to VLAN 300
 switchport mode access
 spanning-tree portfast
! Portfast used in 802.1w
 no ip address
!
interface FastEthernet0/5
 switchport access vlan 100
! assigned to VLAN 100
 switchport mode access
spanning-tree portfast
! Portfast used in 802.1w
 no ip address
!
interface FastEthernet0/8
 switchport access vlan 100
! assigned to VLAN 100
 switchport mode access
 spanning-tree portfast
! Portfast used in 802.1w
 no ip address

dilanjutkan dengan configurasi portfast :

walker1(config)#interface range fastEthernet 0/10 - 15
walker1(config-if-range)#switchport mode access
walker1(config-if-range)#switchport access vlan 20
walker1(config-if-range)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
 host. Connecting hubs, concentrators, switches, bridges, etc... to this
 interface  when portfast is enabled, can cause temporary bridging loops.
 Use with CAUTION
%Portfast will be configured in 6 interfaces due to the range command
 but will only have effect when the interfaces are in a non-trunking mode.
walker1(config-if-range)#exit

untuk memverifikasi VLAN dan VTP status :

walker1#show vlan
VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/4,
                                                Fa0/6, Fa0/9, Fa0/16
                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                                Fa0/21, Fa0/22, Fa0/23, Fa0/24
20   psv2_vlan20                      active    Fa0/10, Fa0/11, Fa0/12, Fa0/13
  Fa0/14, Fa0/15
100  psv2_vlan100                     active    Fa0/5, Fa0/8
192  psv2_vlan192                     active
300  psv2_vlan300                     active    Fa0/3
1002 fddi-default                     active
1003 token-ring-default               active
1004 fddinet-default                  active
1005 trnet-default                    active
VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        0      0
20   enet  100020     1500  -      -      -        -    -        0      0
100  enet  100100     1500  -      -      -        -    -        0      0
192  enet  100192     1500  -      -      -        -    -        0      0
300  enet  100300     1500  -      -      -        -    -        0      0
1002 fddi  101002     1500  -      -      -        -    -        0      0
1003 tr    101003     1500  -      -      -        -    srb      0      0
1004 fdnet 101004     1500  -      -      1        ieee -        0      0
1005 trnet 101005     1500  -      -      1        ibm  -        0      0
walker1#
walker1#show vtp status
VTP Version                     : 2
Configuration Revision          : 3
Maximum VLANs supported locally : 1005
Number of existing VLANs        : 9
VTP Operating Mode              : Server
VTP Domain Name                 : walker
VTP Pruning Mode                : Enabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0xEF 0xD8 0x4D 0x0A 0x57 0x8F 0x7E 0x14
Configuration last modified by 172.16.192.16 at 3-1-93 01:10:51
Local updater ID is 172.16.192.16 on interface Vl192 (lowest numbered VLAN interface)
walker1#

Konfigurasi Trunking di walker1 :

walker1(config)#interface gigabit 0/2
walker1(config-if)#switchport trunk encapsulation dot1q
walker1(config-if)#switchport mode trunk
walker1(config-if)#exit
walker1(config)#interface fast 0/17
walker1(config-if)#switchport trunk encapsulation dot1q
walker1(config-if)#switchport mode trunk
walker1(config-if)#exit

Konfigurasi MST pada walker1 :

walker1(config)#spanning-tree mst config        
walker1(config-mst)#name walker                 
walker1(config-mst)#revision 1                  
walker1(config-mst)#instance 1 vlan 2-300

walker1(config-mst)#exit

walker1(config)#spanning-tree mst 1 root primary    
walker1(config)#spanning-tree mode mst

MST configuration di walker1 :

walker1#show spanning-tree mst 1
###### MST01        vlans mapped:   2-300
Bridge      address 000a.8a0e.ba80  priority  24577 (24576 sysid 1)
Root        this switch for MST01
Interface        role state cost      prio type
---------------- ---- ----- --------- ---- --------------------------------
Fa0/3            desg FWD   200000    128  edge P2P
Fa0/5            desg FWD   2000000   128  edge SHR
Fa0/8            desg FWD   200000    128  edge P2P
Fa0/10           desg FWD   2000000   128  edge SHR
Fa0/17           desg FWD   200000    128  P2P
Gi0/2            desg FWD   20000     128  P2P
walker1#show spanning-tree root
                                        Root    Hello Max Fwd
MST Instance           Root ID          Cost    Time  Age Dly  Root Port
---------------- -------------------- --------- ----- --- ---  ------------
MST00            32768 0004.275e.f0c0    200000    2   20  15  Gi0/2
MST01            24577 000a.8a0e.ba80         0    2   20  15
walker1#

untuk testing RSTP dan MST :

surgery#ping
Protocol [ip]:
Target IP address: 172.16.30.7
Repeat count [5]: 10000
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 10000, 100-byte ICMP Echos to 172.16.30.7, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!..!
 Gig 0/2 dropped
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 99 percent (9998/10000), round-trip min/avg/max = 1/2/20 ms

konfigurasi SVI interface :

interface Vlan20
 ip address 172.16.2.16 255.255.255.0
!
interface Vlan100
 ip address 172.16.10.16 255.255.255.0
!
interface Vlan192
 ip address 172.16.192.16 255.255.255.0
!
interface Vlan300
 ip address 172.16.30.16 255.255.255.0

Untuk konfigurasi di walker2 :

hostname walker2
!
enable secret 5 $1$oTsK$C95mG2YeDzQ4w3ecs0CkS0
!
spanning-tree mode mst
spanning-tree extend system-id
!
spanning-tree mst configuration
 name walker
 revision 1
 instance 1 vlan 2-300
!
interface FastEthernet0/1
 switchport access vlan 300
 switchport mode access
 no ip address
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport trunk encapsulation dot1q
 switchport mode trunk
 no ip address
!
interface GigabitEthernet0/2
 switchport trunk encapsulation dot1q
 switchport mode trunk
 no ip address
!
interface Vlan1
 no ip address
 shutdown
!
interface VLAN192
 ip address 172.16.192.13 255.255.255.0
 no ip directed-broadcast
 no ip route-cache
!
ip default-gateway 172.16.192.16

Konfigurasi Protected ports :

walker1(config)#interface range fastEthernet 0/10 - 15
walker1(config-if-range)#switchport protected
walker1(config-if-range)#^z
walker1#
walker1#show interfaces fastEthernet 0/10 switchport
Name: Fa0/10
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 20 (psv2_vlan20)
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Protected: true
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled

Voice VLAN: none (Inactive)
Appliance trust: none

sekian untuk posting ini...

SG

Senin, 22 Juli 2013

Welcome CCIE Collaboration, good bye CCIE Voice

CCIE Mobile lab schedule in 2013

Minggu, 25 Desember 2011

BGP path manipulation using MED

Sabtu, 24 Desember 2011

Dual Wan with OER

EEM Applet Script configuration

Jumat, 23 Desember 2011

Using Kron for automatic backup config your router

Rabu, 21 Desember 2011

RSTP, MST Configuration