Drawing 2: Logical Topology
Configuration tasks
Task 1: Topology set-‐up
1. Configure the Nexus 5500 switches with hostnames of “SW2” and “SW3”. The Nexus 7000 VDC’s should already have hostnames through the loading of the initial configuration. Use switchto
vdc and switchback to move between different switches on the Nexus 7000.
2. Create the VLANs as are required on the switches as shown in drawing 2
3. Configure IP addressing on SVI and interfaces according to drawing 2
4. Configure all switches to have a Loopback0 interface with an IP address of 198.18.0.Z/32
where Z is the router number / host address as specified in drawing 2
Task 2: Port-‐Channels
1. Configure Ethernet3/1 and Ethernet3/2 on SW1-1 and Ethernet1/1 and Ethernet
1/2 on SW2 to be a single logical connection to carry the VLAN required as stated in drawing 2. Use number 1 for this connection.
2. Configure Ethernet3/5 and Ethernet3/6 on SW1-2 and Ethernet1/1 and
Ethernet1/2 on SW3 to be a single logical connection to carry the VLAN required as stated in drawing 2. Use number 2 for this connection.
3. Configure logical interface 1 to negotiate it’s bundling capabilities between the switches
4. SW2 should never actively start negotiating link bundling
5. Logical interface 1 is used for bandwidth reasons and should therefore shutdown when there is less than 20Gbps capacity available in the bundle
6. Logical interface 1 should mark interfaces as hot-‐standby when additional interfaces are added to the bundle
7. Configure Ethernet1/5 and Ethernet1/6 on SW2 and SW3 to negotiate a link bundle. Use
number 3 for this interface.
8. Configure logical interface 3 with IP addressing in the 198.18.23.0/24 subnet. Use host IP addresses as previously used for these switches.
10. There are plans to increase the capacity between SW2 and SW3 to 80Gbps with additional interfaces for resiliency purposes. Ensure that Ethernet1/5 is always chosen to participate in the bundle and Ethernet1/6 should be selected as a hot-‐standby link when additional interfaces are added to the bundle.
11. Logical interface 3 should use a very fast detection mechanism to signal the removal of an interface in the bundle
12. Configure SW2 and SW3 to load-‐balance between the interfaces in link-‐bundles using the most packet header information as possible.
13. Remove any configuration related to interface bundle 1 and 2 from the switches before continuing with the next task
Task 3: Virtual Port-‐channels (vPCs)
1. Ensure it’s possible to create Multi-‐Chassis Link Aggregation Groups (link bundles) on SW1-1 and SW1-2. Use ID 100 for this.
2. SW1-2 should be the primary device
3. Ensure it’s possible to create Multi-‐Chassis Link Aggregation Groups (link bundles) on SW2 and
SW3. Use ID 200 for this.
4. Send keep alive messages across the mgmt0 interfaces of domain 200 switches
5. Use a dedicated SVI with IP addressing in the subnet of 198.18.5.0/24 to send keep alive messages between switches in domain 100. Ensure that the keep alive messages are not using the global IP routing table. Use Ethernet3/10 on SW1-1 and Ethernet 3/12 on
SW1-2 for this.
6. Configure Ethernet3/9 on SW1-1 and Ethernet3/11 on SW1-2 as peer-‐link
7. Bundle Ethernet1/7 and Ethernet1/8 on SW2 and SW3 and configure this as the peer-‐ link
8. Ensure domain 100 brings up its vPCs once a peer fails or reboots. Delay this process for 5
minutes.
9. SW2 and SW3 should be seen as a single Spanning-‐Tree root with a priority of 8192
11. Configure a vPC connection between SW2, SW3 and SW1-2. Use Ethernet3/5 and
Ethernet3/7 on SW1-2, Ethernet1/3 on SW2 and Ethernet1/3 on SW3. Use number 102 for this connection.
12. Use the remaining connections between SW1-1, SW1-2, SW2 and SW3 and bundle them in a single logical interface with number 103.
13. Ensure all VLANs required for Drawing 2 are allowed on the vPC links
14. Use 1234.5678.90ab as the single MAC address that is used for the identification of domain
100 LACP packets
Task 4: Graceful Restart / Non-‐Stop Forwarding
1. Configure dynamic routing protocols according to drawing 2. Ensure Loopback interfaces of
SW2 and SW1-1 can ping each other and SW1-2 and SW3 can ping each other
2. Ensure that the routers running OSPF keep their routing information and keep forwarding traffic to neighbors when they are rebooting
3. An older router that will take a little over 2 minutes to reboot will be connected to SW2. Ensure that your configuration supports this
4. Ensure that SW3 supports ISSU
5. SW3 should keep routes from restarting neighbors for 5 minutes
6. Signal a restart as fast as possible on SW3
Task 5: HSRP
1. Ensure that hosts on VLAN 111 are always able to reach their default gateway, when one of the 2 switches fails
2. Use a Cisco proprietary protocol for this use, which uses a single active default gateway 3. Use the .1 host IP address as the default gateway for this network segment
4. Make the switches primary and backup according to the best practice
5. Use a hashed key of “IPexpertYEAR1” to secure this protocol from now until December 31st
the same year. At January 1st one year later the key should change to “IPexpertYEAR2”.
6. When the backup switch is active and the primary switch comes back online after a reboot. Ensure that it will take back the active role after the switch is up for 3 minutes
7. Give this process a name of “IPexpertVLAN111”
8. A switch should declare it’s neighbor down within 1 second
9. When one of the Ethernet uplinks fails the priority should be lowered with 1/10th of the configured priority value
10. When a second Ethernet uplink fails the switch should stop forwarding Layer 3 traffic and send traffic across the vPC peer-‐link
11. The default gateway MAC address should be the MAC address of one of the physical Ethernet interfaces
Task 6: VRRP
1. Ensure that hosts on VLAN 121 are always able to reach their default gateway, when one of the 2 switches fails
2. Use a standards based protocol for this use, which uses a single active default gateway 3. When clients on VLAN 121 issue an ARP request for the Default Gateway it should respond
with MAC address 0000.5E00.0174 without configuring this MAC address in the configuration
4. Use the .254 host IP address as the default gateway for this network segment 5. Configure SW1-2 as the primary switch using a value of 200
6. Use a clear text password of “IPexpert” to secure the protocol
7. Ensure a higher priority backup router does not take over the role of a lower priority active router. Configure this only on the current primary switch.
8. Ensure that SW1-2 becomes the standby router after 30 seconds, when the Loopback address of SW3 disappears from the routing-‐table
9. Switches should declare their neighbors down in 10 seconds
Task 7: GLBP
1. Ensure that hosts on VLAN 222 are always able to reach their default gateway, when one of the 2 switches fails
2. Use a load balancing Cisco proprietary protocol
3. Use the .55 host IP address as the default gateway for this network segment 4. Both routers should be capable of forwarding traffic.
5. SW1-1 should be answering all ARP requests
6. When the Loopback address of one of the upstream switches disappears from the routing table the switches should no longer be AVF
7. Delay the take over of the AVF role for a standby switch for 3 minutes if any current AVF fails
8. The router should become the AVG after 30 seconds if it has a higher priority than the current AVG
Task 8: Virtual Port-‐Channels (vPCs) and FabricPath
1. Load the initial configuration of Chapter 4 Task 8 on the Nexus 7000 switch to stage the Virtual Device Contexts needed for this lab
2. Configure the FabricPath network to stretch VLAN 666 between all Leaf switches 3. Ensure the PC connected to SW2 and SW3 is able to connect using a virtual Port-‐Channel with
number 100 on all places where necessary to configure a number
Chapter 5: Data
Center Storage
Networking
Chapter 5: Data Center Storage networking is intended to let you be familiar with the Storage
Networking features on the Cisco MDS switches. Configuring traditional Fibre Channel networks and basic Fibre Channel features.
We highly recommend creating your own diagram at the beginning of each lab so you are able to draw on your own diagram, making it much easier when you step into the real lab.
Multiple topology drawings are available for this chapter.
General Rules
• Try to diagram out the task. Draw your own connections the way you like it
• Create a checklist to aid as you work thru the lab
• Take a very close read of the tasks to ensure you don’t miss any points during grading!
• Take your time. This is not a Mock Lab, so no time constraints are in place for finishing this particular chapter
Estimated Time to Complete: 5 hours
Pre-‐setup
• Connect to the MDS switches within the topology
• Use the central topology drawing at the start of this workbook
• The switches start with a blank configuration. You will be creating parts of your own Initial Configuration for later labs.
• This lab is intended to be used with online rack access provided by our partner Proctor Labs
(www.proctorlabs.com). Connect to the terminal server and complete the configuration tasks as
detailed below