17.8.1 Lab – Design and Build a Small Network
Objectives
Explain how a small network of directly connected segments is created, configured, and verified.
Background /Scenario
Note: This activity is best completed in groups of 2-3 students.
Design and build a network from scratch.
- Your design must include a minimum of one Cisco 4321 router, two Cisco 2960 switches, and two PCs.
- Fully configure the network and use IPv4 or IPv6 (subnetting must be included as a part of your addressing scheme).
- Verify the network using at least five show commands.
- Secure the network using SSH, secure passwords and console passwords (minimum).
Create a rubric to use for informal peer grading. Present your Capstone Project to the class and be able to answer questions from your peers and Instructor!
Instructor Note: This optional Modeling Activity is suggested to be a graded assignment after completing all the chapters. Students should be able to show how small networks are designed, configured, verified, and secured. Documentation is a large factor of this project and students must be able to explain their network design and verification using show commands.
Required Resources
- Packet Tracer
- Student/group-created rubric for assessment of the assignment
Reflection Questions
1. What was the most difficult portion of this activity?
Answers will vary.
2. Why do you think network documentation is so important to this activity and in the real world?
Documentation is imperative to good network management and without it, network administrators have to recreate topologies, physically check addressing, etc. This takes time, which could be used elsewhere.
A suggested rubric and documentation examples are provided below:
Note: This rubric includes a total of 100 points for the points earned category (if minimum standards are met). Instructors may wish to consider adding bonus points for additional/advanced work in any requirement category.
Requirement | Points Earned |
---|---|
Physical Topology – minimum 1 Cisco 4321 router, 2 Cisco 2960 switches, 2 PCs | (20 suggested) |
Logical Addressing – subnetting used? | (20 suggested |
Connectivity test – ping the router | (20 suggested) |
Show commands (at least 5 documented as baseline) | (20 suggested) |
Security – SSH, secure passwords, console security – documented by show running-configuration | (20 suggested) |
Create a small network of directly connected segments, at a minimum 1 router, 2 switches and 2 PCs, and include a screenshot of the network in your final documentation.
Configure the network to include switches, routers, and end devices and use your own network addressing. You must use subnetting of some type and you can use either IPv4 or IPv6 logical addressing. Create a table showing your physical addressing scheme for the router, switch, and PC and include it in your final documentation.
Device Name | IP Address | Subnet Mask |
---|---|---|
Cap_rtr | G0/0/0 – 192.168.1.1
G0/0/1 – 192.168.1.33 |
255.255.255.224
255.255.255.224 |
Cap_sw1 | VLAN1 – 192.168.1.20 | 255.255.255.224 |
Cap_sw2 | VLAN1 – 192.168.1.62 | 255.255.255.224 |
Cap_PC1 | F0 – 192.168.1.10 | 255.255.255.224 |
Cap_PC2 | F0 – 192.168.1.40 | 255.255.255.224 |
Verify the network by using show commands (at least 5) to provide a performance baseline. Be able to discuss why you chose the show commands you selected and what the output means (use all Packet Tracer activities for Chapters 1-17). Keep screenshots of your output and include in your final documentation.
Cap_rtr# show arp Protocol Address Age (min) Hardware Addr Type Interface Internet 192.168.1.1 - 00D0.9741.9101 ARPA GigabitEthernet0/0/0 Internet 192.168.1.10 1 000A.4120.9039 ARPA GigabitEthernet0/0/0 Internet 192.168.1.33 - 00D0.9741.9102 ARPA GigabitEthernet0/0/1 Internet 192.168.1.40 1 00D0.BCC3.BBEB ARPA GigabitEthernet0/0/1 Internet 192.168.1.62 0 0060.4779.5A11 ARPA GigabitEthernet0/0/1 Cap_rtr# show int g0/0/0 GigabitEthernet0/0/0 is up, line protocol is up (connected) Hardware is Lance, address is 00d0.9741.9101 (bia 00d0.9741.9101) Internet address is 192.168.1.1/27 MTU 1500 bytes, BW 1000000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Full-duplex, 100Mb/s, media type is RJ45 ARP type: ARPA, ARP Timeout 04:00:00, Last input 00:00:08, output 00:00:05, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: fifo Output queue :0/40 (size/max) 5 minute input rate 27 bits/sec, 0 packets/sec 5 minute output rate 23 bits/sec, 0 packets/sec 8 packets input, 1024 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 input packets with dribble condition detected 7 packets output, 896 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Cap_rtr# show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 192.168.1.0/24 is variably subnetted, 4 subnets, 2 masks C 192.168.1.0/27 is directly connected, GigabitEthernet0/0/0 L 192.168.1.1/32 is directly connected, GigabitEthernet0/0/0 C 192.168.1.32/27 is directly connected, GigabitEthernet0/0/1 L 192.168.1.33/32 is directly connected, GigabitEthernet0/0/1 Cap_sw1# show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa0/24 Gig0/1, Gig0/2 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active Cap_sw2> traceroute 192.168.1.10 Type escape sequence to abort. Tracing the route to 192.168.1.10 1 192.168.1.33 39 msec 0 msec 0 msec 2 192.168.1.10 13 msec 21 msec 15 msec
Secure the network using common configuration to include SSH, secure passwords, console security, etc. and verify the commands configured by enacting a show running-configuration screen as output. Include in your final documentation.
Identify elements of the model that map to real-world applications:
All facets of this activity map to IT-related content and real-world applications because this is a culminating activity for all the Chapters.
Answers:
Router>enable Router#config terminal Router(config-if)#hostname Cap_rtr Cap_rtr(config)#enable secret class Cap_rtr(config)#line console 0 Cap_rtr(config-line)#password cisco Cap_rtr(config-line)#login Cap_rtr(config-line)#line vty 0 4 Cap_rtr(config-line)#password cisco Cap_rtr(config-line)#login Cap_rtr(config-line)#exit Cap_rtr(config)#service password-encryption Cap_rtr(config)#ip domain-name capstone.lab Cap_rtr(config)#crypto key generate rsa The name for the keys will be: Cap_rtr.capstone.lab Choose the size of the key modulus in the range of 360 to 4096 for your General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes. How many bits in the modulus [512]: 1024 % Generating 1024 bit RSA keys, keys will be non-exportable...[OK] Cap_rtr(config)#username SSHAdmin secret p@ssword Cap_rtr(config)#line vty 0 4 Cap_rtr(config-line)#transport input ssh Cap_rtr(config-line)#login local Cap_rtr(config-line)#exit Cap_rtr(config)#interface g0/0/0 Cap_rtr(config-if)#ip add 192.168.1.1 255.255.255.224 Cap_rtr(config-if)#no shutdown Cap_rtr(config-if)#interface g0/0/1 Cap_rtr(config-if)#ip address 192.168.1.33 255.255.255.224 Cap_rtr(config-if)#no shutdown