Datacenter CCNP 3 - december 2009
From Teknologisk videncenter
Contents
Access Layer
Lokale 1
Building configuration... Current configuration : 4993 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Lokale1 ! enable secret 5 $1$uw0B$hEkCpsrPMRzcE5hX5UGo90 enable password cisco ! ip subnet-zero ! ip dhcp snooping vlan 1 100 ip ssh time-out 120 ip ssh authentication-retries 3 ! ! spanning-tree mode mst spanning-tree portfast bpduguard default no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! spanning-tree mst configuration name REGION1 revision 1 instance 1 vlan 1-2 instance 2 vlan 3, 100 ! ! ! ! ! interface FastEthernet0/1 switchport mode trunk ip dhcp snooping trust ! interface FastEthernet0/2 switchport mode trunk ip dhcp snooping trust ! interface FastEthernet0/3 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/4 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/5 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/6 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/7 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/8 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/9 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/10 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/11 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/12 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/13 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/14 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/15 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/16 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/17 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/18 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/19 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/20 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/21 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/22 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/23 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/24 switchport access vlan 100 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 no ip address no ip route-cache shutdown ! interface Vlan100 ip address 192.168.100.11 255.255.255.0 no ip route-cache ! ip http server ! line con 0 line vty 0 4 password cisco login line vty 5 15 password cisco login ! ! end
Lokale 2
Building configuration... Current configuration : 5556 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Lokale2 ! enable secret 5 $1$2P6t$ucjfqPwCMeUBxZyTLav3i. enable password cisco ! ip subnet-zero ! ip dhcp snooping vlan 1 100 ip dhcp snooping ip ssh time-out 120 ip ssh authentication-retries 3 ! ! spanning-tree mode mst spanning-tree portfast bpduguard default no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! spanning-tree mst configuration name REGION1 revision 1 instance 1 vlan 1-2 instance 2 vlan 3, 100 ! ! ! ! ! interface FastEthernet0/1 switchport mode trunk ip dhcp snooping trust ! interface FastEthernet0/2 switchport mode trunk ip dhcp snooping trust ! interface FastEthernet0/3 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/4 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/5 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/6 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/7 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/8 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/9 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/10 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/11 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/12 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/13 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/14 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/15 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/16 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/17 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/18 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/19 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/20 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/21 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/22 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/23 switchport access vlan 2 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/24 switchport access vlan 100 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 no ip address no ip route-cache shutdown ! interface Vlan100 ip address 192.168.100.12 255.255.255.0 no ip route-cache ! ip http server ! line con 0 line vty 0 4 password cisco login line vty 5 15 password cisco login ! ! end
Lokale 3
Building configuration... Current configuration : 4981 bytes ! version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Lokale3 ! enable secret 5 $1$LOyI$LS5WuzEu24t1OzAwUJP6/. enable password cisco ! ip subnet-zero ! ip dhcp snooping vlan 1 100 ip dhcp snooping ip ssh time-out 120 ip ssh authentication-retries 3 ! ! spanning-tree mode mst spanning-tree portfast bpduguard default no spanning-tree optimize bpdu transmission spanning-tree extend system-id ! spanning-tree mst configuration name REGION1 revision 1 instance 1 vlan 1-2 instance 2 vlan 3, 100 ! ! ! ! ! interface FastEthernet0/1 switchport mode trunk ip dhcp snooping trust ! interface FastEthernet0/2 switchport mode trunk ip dhcp snooping trust ! interface FastEthernet0/3 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/4 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/5 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/6 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/7 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/8 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/9 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/10 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/11 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/12 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/13 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/14 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/15 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/16 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/17 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/18 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/19 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/20 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/21 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/22 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/23 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/24 description Management vlan 100 switchport access vlan 100 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security aging time 60 spanning-tree portfast ! interface Vlan1 no ip address no ip route-cache shutdown ! interface Vlan100 ip address 192.168.100.13 255.255.255.0 no ip route-cache ! ip http server ! line con 0 line vty 0 4 password cisco login line vty 5 15 password cisco login ! ! end
Lokale 4
Building configuration... Current configuration : 5080 bytes ! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Lokale4 ! enable secret 5 $1$KOZv$LdtOuJqvW3nmYPoYysh7R1 enable password cisco ! no aaa new-model ip subnet-zero ! ip dhcp snooping vlan 4-6,101 ip dhcp snooping ip name-server 172.16.4.77 ! ! ! no file verify auto ! spanning-tree mode mst spanning-tree portfast bpduguard default spanning-tree extend system-id ! spanning-tree mst configuration name REGION2 revision 2 instance 1 vlan 4-5 instance 2 vlan 6, 101 ! ! vlan internal allocation policy ascending ! interface FastEthernet0/1 switchport mode trunk ip dhcp snooping trust ! interface FastEthernet0/2 switchport mode trunk ip dhcp snooping trust ! interface FastEthernet0/3 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/4 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/5 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/6 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/7 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/8 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/9 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/10 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/11 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/12 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/13 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/14 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/15 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/16 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/17 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/18 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/19 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/20 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/21 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/22 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/23 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/24 switchport access vlan 101 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 no ip address no ip route-cache ! interface Vlan4 no ip address no ip route-cache ! interface Vlan101 ip address 192.168.101.14 255.255.255.0 no ip route-cache ! ip http server ! control-plane ! ! line con 0 line vty 0 4 password cisco login line vty 5 15 password cisco login ! end
Lokale 5
Building configuration... Current configuration : 5080 bytes ! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Lokale5 ! enable secret 5 $1$I6yz$c61ibt/0Ifi.QQhsjBPFj1 enable password cisco ! no aaa new-model ip subnet-zero ! ip dhcp snooping vlan 4-6,101 ip dhcp snooping no ip domain-lookup ! ! ! no file verify auto ! spanning-tree mode mst spanning-tree portfast bpduguard default spanning-tree extend system-id ! spanning-tree mst configuration name REGRION2 revision 2 instance 1 vlan 4-5 instance 2 vlan 6, 101 ! ! vlan internal allocation policy ascending ! interface FastEthernet0/1 switchport mode trunk ip dhcp snooping trust ! interface FastEthernet0/2 switchport mode trunk ip dhcp snooping trust ! interface FastEthernet0/3 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/4 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/5 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/6 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/7 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/8 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/9 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/10 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/11 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/12 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/13 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/14 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/15 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/16 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/17 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/18 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/19 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/20 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/21 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/22 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/23 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/24 switchport access vlan 101 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 no ip address no ip route-cache ! interface Vlan5 no ip address no ip route-cache ! interface Vlan101 ip address 192.168.101.15 255.255.255.0 no ip route-cache ! ip http server ! control-plane ! ! line con 0 line vty 0 4 password cisco no login line vty 5 15 password cisco no login ! end
Lokale 6
Building configuration... Current configuration : 5084 bytes ! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Lokale6 ! enable secret 5 $1$Srka$tMOedwmQMi4WzrGo.b2YX/ enable password cisco ! no aaa new-model ip subnet-zero ! ip dhcp snooping vlan 4-6,101 ! ! ! no file verify auto ! spanning-tree mode mst spanning-tree portfast bpduguard default spanning-tree extend system-id ! spanning-tree mst configuration name REGION2 revision 2 instance 1 vlan 4-5 instance 2 vlan 6, 101 ! ! vlan internal allocation policy ascending ! interface FastEthernet0/1 switchport mode trunk ip dhcp snooping trust ! interface FastEthernet0/2 switchport mode trunk ip dhcp snooping trust ! interface FastEthernet0/3 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/4 switchport access vlan 6 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/5 switchport access vlan 6 switchport mode access switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/6 switchport access vlan 6 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/7 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/8 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/9 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/10 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/11 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/12 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/13 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/14 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/15 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/16 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/17 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/18 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/19 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/20 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/21 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/22 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/23 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface FastEthernet0/24 switchport access vlan 101 switchport mode access switchport port-security maximum 2 switchport port-security switchport port-security aging time 60 spanning-tree portfast ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 no ip address no ip route-cache ! interface Vlan6 no ip address no ip route-cache ! interface Vlan101 ip address 192.168.101.16 255.255.255.0 no ip route-cache ! ip http server ! control-plane ! ! line con 0 line vty 0 4 password cisco no login line vty 5 15 password cisco no login ! end
Distribution Layer
Distribution 1
Building configuration... Current configuration : 5273 bytes ! version 12.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Distribution1 ! boot-start-marker boot-end-marker ! enable secret 5 $1$6Cq4$2JJ2WoEIpkhErwkOkQFwb. enable password cisco ! no aaa new-model system mtu routing 1500 ip subnet-zero ip routing no ip domain-lookup no ip dhcp use vrf connected ip dhcp excluded-address 192.168.1.1 192.168.1.20 ip dhcp excluded-address 192.168.2.1 192.168.2.20 ! ip dhcp pool Lokale1 network 192.168.1.0 255.255.255.0 default-router 192.168.1.3 dns-server 172.16.4.77 ! ip dhcp pool Lokale2 network 192.168.2.0 255.255.255.0 default-router 192.168.2.3 dns-server 172.16.4.77 ! ! ! ! crypto pki trustpoint TP-self-signed-201700352 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-201700352 revocation-check none rsakeypair TP-self-signed-201700352 ! ! crypto pki certificate chain TP-self-signed-201700352 certificate self-signed 01 30820244 308201AD A0030201 02020101 300D0609 2A864886 F70D0101 04050030 30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 32303137 30303335 32301E17 0D393330 33303130 30303130 305A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3230 31373030 33353230 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100 C037C167 F4C36547 30273FA3 A9F114E7 2987E23C 45C63C19 B728D92F 3F0F5D81 FA590DAD 5CB8A9F1 410A7775 BA4C8C46 99A375E7 BB4501AD 1E5EA063 BDD657C9 71B08A7F 480DBA2D A1FE403E F6DB281E ED66CB2E AF2AA97C 53B93EEB 50CF3745 327851B9 6D6AA1FE 985D9654 45B4F445 70729C77 93ECA5CE 3F7356F2 E256BC8B 02030100 01A36E30 6C300F06 03551D13 0101FF04 05300301 01FF3019 0603551D 11041230 10820E44 69737472 69627574 696F6E31 2E301F06 03551D23 04183016 8014C42D FB57C926 B42FA71E BE55D5D7 13A7D8B0 1821301D 0603551D 0E041604 14C42DFB 57C926B4 2FA71EBE 55D5D713 A7D8B018 21300D06 092A8648 86F70D01 01040500 03818100 4953F22D D2BD99DE 3BFE27EB 9501FB2C BDF39899 07C2932A 023F7F71 56190673 81803DB9 76DF3FAE 74A24B5F 9628BF08 3315D673 E5741E10 8255C041 BEC57E3E AAD42992 8B299643 8930DC2D 08A68953 068AEF34 B4BE4BE1 F5C8F31D 0A20310F 5C31A5B9 B69FAD5E EEC99907 1CD0CDBE EBBE9A00 6705E270 AC2F7077 AAFC0B48 quit ! ! ! ! ! ! spanning-tree mode mst spanning-tree etherchannel guard misconfig spanning-tree extend system-id ! spanning-tree mst configuration name REGION1 revision 1 instance 1 vlan 1-2 instance 2 vlan 3, 100 ! spanning-tree mst 1 priority 24576 spanning-tree mst 2 priority 28672 ! vlan internal allocation policy ascending ! ! ! ! interface Port-channel5 no switchport ip address 10.0.0.46 255.255.255.252 ! interface Port-channel7 no switchport ip address 10.0.0.2 255.255.255.252 ! interface FastEthernet0/1 no switchport no ip address channel-group 7 mode on ! interface FastEthernet0/2 no switchport no ip address channel-group 7 mode on ! interface FastEthernet0/3 no switchport no ip address channel-group 5 mode on ! interface FastEthernet0/4 no switchport no ip address channel-group 5 mode on ! interface FastEthernet0/5 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/6 switchport trunk encapsulation dot1q switchport mode trunk spanning-tree mst pre-standard ! interface FastEthernet0/7 switchport trunk encapsulation dot1q switchport mode trunk spanning-tree mst pre-standard ! interface FastEthernet0/8 switchport trunk encapsulation dot1q switchport mode trunk spanning-tree mst pre-standard ! interface FastEthernet0/9 ! interface FastEthernet0/10 ! interface FastEthernet0/11 ! interface FastEthernet0/12 ! interface FastEthernet0/13 ! interface FastEthernet0/14 ! interface FastEthernet0/15 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 ip address 192.168.1.2 255.255.255.0 standby 1 ip 192.168.1.3 standby 1 timers msec 150 msec 500 standby 1 priority 200 standby 1 preempt ! interface Vlan2 ip address 192.168.2.2 255.255.255.0 standby 1 timers msec 150 msec 500 standby 2 ip 192.168.2.3 standby 2 priority 200 standby 2 preempt ! interface Vlan3 ip address 192.168.3.2 255.255.255.0 standby 1 timers msec 150 msec 500 standby 3 ip 192.168.3.3 standby 3 priority 150 standby 3 preempt ! interface Vlan100 ip address 192.168.100.2 255.255.255.0 standby 1 timers msec 150 msec 500 standby 100 ip 192.168.100.3 standby 100 priority 150 standby 100 preempt ! router ospf 10 log-adjacency-changes network 10.0.0.0 0.0.0.3 area 10 network 10.0.0.44 0.0.0.3 area 10 network 192.168.1.0 0.0.0.255 area 10 network 192.168.2.0 0.0.0.255 area 10 network 192.168.3.0 0.0.0.255 area 10 network 192.168.100.0 0.0.0.255 area 10 ! ip classless ip http server ip http secure-server ! ! ! ! control-plane ! ! line con 0 line vty 0 4 password cisco login line vty 5 15 password cisco login ! end
Distribution 2
Building configuration... Current configuration : 6251 bytes ! version 12.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Distribution2 ! enable secret 5 $1$pEkP$V/sE.K6gTww6uBWPNRK060 enable password cisco ! no aaa new-model ip subnet-zero ip routing ip dhcp excluded-address 192.168.3.1 192.168.3.20 ip dhcp excluded-address 192.168.100.1 192.168.100.20 ! ip dhcp pool Lokale3 network 192.168.3.0 255.255.255.0 default-router 192.168.3.3 dns-server 172.16.4.77 ! ip dhcp pool Management network 192.168.100.0 255.255.255.0 default-router 192.168.100.3 dns-server 172.16.4.77 ! ! ! crypto pki trustpoint TP-self-signed-1708353664 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-1708353664 revocation-check none rsakeypair TP-self-signed-1708353664 ! ! crypto pki certificate chain TP-self-signed-1708353664 certificate self-signed 01 30820246 308201AF A0030201 02020101 300D0609 2A864886 F70D0101 04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 31373038 33353336 3634301E 170D3933 30333031 30303031 30385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37303833 35333636 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100BB1C 4EB2426C 154FE1EC A921C666 B8A7B001 5B32CC4A 5AEFDF28 AD1163EC 99A0BD35 C035EB94 6EB3E5EF F8EF6F79 72E2C2E0 DEC9E587 5AFE353F 5A3100F2 890BD9EA D189A010 1B352DF0 03F477A7 A23ACFAF D6743C5E 08FCBE6D 44EF3E4D 04BFEA58 573F5ECC 6F3509D8 6B603D74 296FE485 7EDD39D8 318DD050 D2A871E8 68110203 010001A3 6E306C30 0F060355 1D130101 FF040530 030101FF 30190603 551D1104 12301082 0E446973 74726962 7574696F 6E322E30 1F060355 1D230418 30168014 DB7110DA F3D5436A 80BA951B F015E53C 446E2C32 301D0603 551D0E04 160414DB 7110DAF3 D5436A80 BA951BF0 15E53C44 6E2C3230 0D06092A 864886F7 0D010104 05000381 81000A06 CB3DB008 64B56E19 2DAD6A83 22B538B5 1CD5B0D7 DE7D83B9 5F64337C 0F42ED1B 3B2075C2 6A3F2A36 DE873A8F FA5546A1 EAED43DB 4F7B9186 A71BA26B 8689FB18 B5E923D7 649548EE 79EB2E9B 41D542C5 2C6C18FC D9BF10E8 E66065A0 1D67F658 B837D2D8 8A5E218F E89A1D62 85029DB0 8CB27D76 EC50335C 9F70886C 32DF quit ! ! ! spanning-tree mode mst spanning-tree extend system-id ! spanning-tree mst configuration name REGION1 revision 1 instance 1 vlan 1-2 instance 2 vlan 3, 100 ! spanning-tree mst 1 priority 28672 spanning-tree mst 2 priority 24576 ! vlan internal allocation policy ascending ! ! ! ! ! ! interface Port-channel4 no switchport ip address 10.0.0.6 255.255.255.252 ! interface Port-channel6 no switchport ip address 10.0.0.50 255.255.255.252 ! interface FastEthernet0/1 no switchport no ip address channel-group 6 mode on ! interface FastEthernet0/2 no switchport no ip address channel-group 6 mode on ! interface FastEthernet0/3 no switchport no ip address channel-group 4 mode on ! interface FastEthernet0/4 no switchport no ip address channel-group 4 mode on ! interface FastEthernet0/5 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/6 switchport trunk encapsulation dot1q switchport mode trunk spanning-tree mst pre-standard ! interface FastEthernet0/7 switchport trunk encapsulation dot1q switchport mode trunk spanning-tree mst pre-standard ! interface FastEthernet0/8 switchport trunk encapsulation dot1q switchport mode trunk spanning-tree mst pre-standard ! interface FastEthernet0/9 switchport mode dynamic desirable ! interface FastEthernet0/10 switchport mode dynamic desirable ! interface FastEthernet0/11 switchport mode dynamic desirable ! interface FastEthernet0/12 switchport mode dynamic desirable ! interface FastEthernet0/13 switchport mode dynamic desirable ! interface FastEthernet0/14 switchport mode dynamic desirable ! interface FastEthernet0/15 switchport mode dynamic desirable ! interface FastEthernet0/16 switchport mode dynamic desirable ! interface FastEthernet0/17 switchport mode dynamic desirable ! interface FastEthernet0/18 switchport mode dynamic desirable ! interface FastEthernet0/19 switchport mode dynamic desirable ! interface FastEthernet0/20 switchport mode dynamic desirable ! interface FastEthernet0/21 switchport mode dynamic desirable ! interface FastEthernet0/22 switchport mode dynamic desirable ! interface FastEthernet0/23 switchport mode dynamic desirable ! interface FastEthernet0/24 switchport mode dynamic desirable ! interface GigabitEthernet0/1 switchport mode dynamic desirable ! interface GigabitEthernet0/2 switchport mode dynamic desirable ! interface Vlan1 ip address 192.168.1.1 255.255.255.0 standby 1 ip 192.168.1.3 standby 1 timers msec 150 msec 500 standby 1 priority 150 standby 1 preempt ! interface Vlan2 ip address 192.168.2.1 255.255.255.0 standby 2 ip 192.168.2.3 standby 2 timers msec 150 msec 500 standby 2 priority 150 standby 2 preempt ! interface Vlan3 ip address 192.168.3.1 255.255.255.0 standby 3 ip 192.168.3.3 standby 3 timers msec 150 msec 500 standby 3 priority 200 standby 3 preempt ! interface Vlan100 ip address 192.168.100.1 255.255.255.0 standby 100 ip 192.168.100.3 standby 100 timers msec 150 msec 500 standby 100 priority 200 standby 100 preempt ! router ospf 10 log-adjacency-changes network 10.0.0.4 0.0.0.3 area 10 network 10.0.0.48 0.0.0.3 area 10 network 192.168.1.0 0.0.0.255 area 10 network 192.168.2.0 0.0.0.255 area 10 network 192.168.3.0 0.0.0.255 area 10 network 192.168.100.0 0.0.0.255 area 10 ! ip classless ip http server ip http secure-server ! ! ip access-list extended EXTERN permit ip 192.168.0.0 0.0.255.255 any permit ip 10.0.0.0 0.255.255.255 any ip access-list extended INTERN permit ip any 10.0.0.0 0.255.255.255 permit ip any 192.168.0.0 0.0.255.255 deny ip any any ! route-map tester permit 10 ! route-map INTERNET permit 10 match ip address INTERN ! route-map INTERNET permit 20 match ip address EXTERN set ip next-hop 10.0.0.10 ! ! control-plane ! ! line con 0 line vty 0 4 exec-timeout 0 0 password cisco logging synchronous login line vty 5 15 exec-timeout 0 0 password cisco logging synchronous login ! end
Distribution 3
Building configuration... Current configuration : 5220 bytes ! version 12.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Distribution3 ! boot-start-marker boot-end-marker ! enable secret 5 $1$36zr$fFbFrAnE1AxVLaskUDIQD0 enable password cisco ! no aaa new-model system mtu routing 1500 ip subnet-zero ip routing ip name-server 172.16.4.77 no ip dhcp use vrf connected ip dhcp excluded-address 192.168.4.1 192.168.4.20 ip dhcp excluded-address 192.168.5.1 192.168.5.20 ! ip dhcp pool Lokale4 network 192.168.4.0 255.255.255.0 dns-server 172.16.4.77 default-router 192.168.4.3 ! ip dhcp pool Lokale5 network 192.168.5.0 255.255.255.0 dns-server 172.16.4.77 default-router 192.168.5.3 ! ! ! ! crypto pki trustpoint TP-self-signed-410825728 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-410825728 revocation-check none rsakeypair TP-self-signed-410825728 ! ! crypto pki certificate chain TP-self-signed-410825728 certificate self-signed 01 30820244 308201AD A0030201 02020101 300D0609 2A864886 F70D0101 04050030 30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 34313038 32353732 38301E17 0D393330 33303130 30303035 375A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3431 30383235 37323830 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100 E8DB7DE8 3C07C5D1 3D6049B8 DC0094CD 71D511F2 78B9A43D D0F5E49E 40814DAF 2373C9A1 DC611C26 1B180668 E627A4BE AFC6A372 92879186 CFCF36E7 FC6FDA3F FCF8C9C4 EF116036 60470590 09190B6B 982A3DA6 DA7B88CB 0EF93063 CD52301C E33A3217 C59114B9 3C20FFFD 1EF08197 F1C0A28F CDBE2EE2 34323521 5CA41B83 02030100 01A36E30 6C300F06 03551D13 0101FF04 05300301 01FF3019 0603551D 11041230 10820E44 69737472 69627574 696F6E33 2E301F06 03551D23 04183016 80140A7F 8FAB416A B162C720 BCE7FFCA E02F3B74 A63A301D 0603551D 0E041604 140A7F8F AB416AB1 62C720BC E7FFCAE0 2F3B74A6 3A300D06 092A8648 86F70D01 01040500 03818100 3C73A52B 612FDA78 C5FF0E2E 6B46CAF6 9A2D6124 1CC557A7 6ABB3C6E 3FEE163A 4AEB1048 4E45D624 5FB62290 237E51EF 435366D2 7A8C1F0C 02563314 400970F4 084F20D0 88C37F70 D4BF2678 CFEA2506 09EF05FE 9682FA84 1F37E1FF F017DB0E 26733D14 525CBC67 711422F9 B9124797 C70F04A6 CB9E4164 4567DD47 DB5B34E7 quit ! ! ! ! ! ! spanning-tree mode mst spanning-tree etherchannel guard misconfig spanning-tree extend system-id ! spanning-tree mst configuration name REGION2 revision 2 instance 1 vlan 4-5 instance 2 vlan 6, 101 ! spanning-tree mst 1 priority 24576 spanning-tree mst 2 priority 28672 ! vlan internal allocation policy ascending ! ! ! ! interface Port-channel2 no switchport ip address 10.0.0.42 255.255.255.252 ! interface Port-channel8 no switchport ip address 10.0.0.26 255.255.255.252 ! interface FastEthernet0/1 no switchport no ip address channel-group 8 mode on ! interface FastEthernet0/2 no switchport no ip address channel-group 8 mode on ! interface FastEthernet0/3 no switchport no ip address channel-group 2 mode on ! interface FastEthernet0/4 no switchport no ip address channel-group 2 mode on ! interface FastEthernet0/5 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/6 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/7 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/8 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/9 ! interface FastEthernet0/10 ! interface FastEthernet0/11 ! interface FastEthernet0/12 ! interface FastEthernet0/13 ! interface FastEthernet0/14 ! interface FastEthernet0/15 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 no ip address ! interface Vlan4 ip address 192.168.4.2 255.255.255.0 standby 4 ip 192.168.4.3 standby 4 timers msec 150 msec 500 standby 4 priority 200 standby 4 preempt ! interface Vlan5 ip address 192.168.5.2 255.255.255.0 standby 5 ip 192.168.5.3 standby 5 timers msec 150 msec 500 standby 5 priority 200 standby 5 preempt ! interface Vlan6 ip address 192.168.6.2 255.255.255.0 standby 6 ip 192.168.6.3 standby 6 timers msec 150 msec 500 standby 6 priority 150 standby 6 preempt ! interface Vlan101 ip address 192.168.101.2 255.255.255.0 standby 101 ip 192.168.101.3 standby 101 timers msec 150 msec 500 standby 101 priority 150 standby 101 preempt ! router ospf 1 log-adjacency-changes network 10.0.0.24 0.0.0.3 area 20 network 10.0.0.40 0.0.0.3 area 20 network 192.168.4.0 0.0.0.255 area 20 network 192.168.5.0 0.0.0.255 area 20 network 192.168.6.0 0.0.0.255 area 20 network 192.168.101.0 0.0.0.255 area 20 ! ip classless ip http server ip http secure-server ! ! ! ! control-plane ! ! line con 0 line vty 0 4 password cisco login line vty 5 15 password cisco login ! end Distribution3#
Distribution 4
Building configuration... Current configuration : 5295 bytes ! version 12.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Distribution4 ! boot-start-marker boot-end-marker ! enable secret 5 $1$xp9V$.44zXpqSHz6qF52fkXu9T. enable password cisco ! no aaa new-model system mtu routing 1500 ip subnet-zero ip routing no ip domain-lookup ip name-server 172.16.4.77 no ip dhcp use vrf connected ip dhcp excluded-address 192.168.6.1 192.168.6.20 ip dhcp excluded-address 192.168.101.1 192.168.101.20 ! ip dhcp pool Lokale6 network 192.168.6.0 255.255.255.0 default-router 192.168.6.3 dns-server 172.16.4.77 ! ip dhcp pool Management network 192.168.101.0 255.255.255.0 default-router 192.168.101.3 dns-server 172.16.4.77 ! ! ! ! crypto pki trustpoint TP-self-signed-3566145536 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-3566145536 revocation-check none rsakeypair TP-self-signed-3566145536 ! ! crypto pki certificate chain TP-self-signed-3566145536 certificate self-signed 01 30820246 308201AF A0030201 02020101 300D0609 2A864886 F70D0101 04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 33353636 31343535 3336301E 170D3933 30333031 30303031 30315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 35363631 34353533 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100CE09 DBDE13D1 3C071CB5 0C7242ED 6C030B46 A861E78F 12321E15 37C4F9CC BFA848E5 B67F9CE4 A4EA8B3B 937A1A6F 9E864A37 BBC54F78 E43B0455 CBB26B58 33F2E5BC 03CE1615 51E8E8DA B18F2126 682F0D26 AD5D62B4 31A26B18 5F29A54D 90CEF185 C8AD0CC4 0A7CCCC3 757C1655 A872C303 01D64A02 9632C40F 9BFDC544 66A30203 010001A3 6E306C30 0F060355 1D130101 FF040530 030101FF 30190603 551D1104 12301082 0E446973 74726962 7574696F 6E342E30 1F060355 1D230418 30168014 3ADDFEC4 95C6E919 93FE7E64 C24CBD8E 65AE4DDE 301D0603 551D0E04 1604143A DDFEC495 C6E91993 FE7E64C2 4CBD8E65 AE4DDE30 0D06092A 864886F7 0D010104 05000381 810073B3 E87E0B0E 471CF94D 2864E4C5 8FD24940 EECF8E29 BE029B2C 5A41332F 737230AB A601DF9D 6E6537A8 8F15B2A6 0721201F BFEE8EE6 51A5F253 960B6046 D44D4ADD 3FD06E0D E5556AA0 1EAFF320 BBC39DF2 DC475E40 D8D30835 05FFD99C 6098224D FAB9A1BE B69E9C68 F4BC09C1 FCDAB18B A167A4A2 0E116E1B 5D9BC026 EBE1 quit ! ! ! ! ! ! spanning-tree mode mst spanning-tree etherchannel guard misconfig spanning-tree extend system-id ! spanning-tree mst configuration name REGION2 revision 2 instance 1 vlan 4-5 instance 2 vlan 6, 101 ! spanning-tree mst 1 priority 28672 spanning-tree mst 2 priority 24576 ! vlan internal allocation policy ascending ! ! ! ! interface Port-channel3 no switchport ip address 10.0.0.22 255.255.255.252 ! interface Port-channel9 no switchport ip address 10.0.0.38 255.255.255.252 ! interface FastEthernet0/1 no switchport no ip address channel-group 9 mode on ! interface FastEthernet0/2 no switchport no ip address channel-group 9 mode on ! interface FastEthernet0/3 no switchport no ip address channel-group 3 mode on ! interface FastEthernet0/4 no switchport no ip address channel-group 3 mode on ! interface FastEthernet0/5 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/6 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/7 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/8 switchport trunk encapsulation dot1q switchport mode trunk ! interface FastEthernet0/9 ! interface FastEthernet0/10 ! interface FastEthernet0/11 ! interface FastEthernet0/12 ! interface FastEthernet0/13 ! interface FastEthernet0/14 ! interface FastEthernet0/15 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 no ip address ! interface Vlan4 ip address 192.168.4.1 255.255.255.0 standby 4 ip 192.168.4.3 standby 4 timers msec 150 msec 500 standby 4 priority 150 standby 4 preempt ! interface Vlan5 ip address 192.168.5.1 255.255.255.0 standby 5 ip 192.168.5.3 standby 5 timers msec 150 msec 500 standby 5 priority 150 standby 5 preempt ! interface Vlan6 ip address 192.168.6.1 255.255.255.0 standby 6 ip 192.168.6.3 standby 6 timers msec 150 msec 500 standby 6 priority 200 standby 6 preempt ! interface Vlan101 ip address 192.168.101.1 255.255.255.0 standby 101 ip 192.168.101.3 standby 101 timers msec 150 msec 500 standby 101 priority 200 standby 101 preempt ! router ospf 1 log-adjacency-changes network 10.0.0.20 0.0.0.3 area 20 network 10.0.0.36 0.0.0.3 area 20 network 10.0.0.56 0.0.0.3 area 20 network 192.168.4.0 0.0.0.255 area 20 network 192.168.5.0 0.0.0.255 area 20 network 192.168.6.0 0.0.0.255 area 20 network 192.168.101.0 0.0.0.255 area 20 ! ip classless ip http server ip http secure-server ! ! ! ! control-plane ! ! line con 0 line vty 0 4 password cisco login line vty 5 15 password cisco login ! end
Core Layer
Core 1
Building configuration... Current configuration : 3530 bytes ! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Core1 ! enable secret 5 $1$BXJI$n2TaAv/v.uCcaK5s7Uuu60 enable password cisco ! no aaa new-model ip subnet-zero ip routing ! ! ! ! no file verify auto spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! ! interface Port-channel1 no switchport ip address 10.0.0.13 255.255.255.252 ! interface Port-channel3 no switchport ip address 10.0.0.21 255.255.255.252 ip policy route-map internet ! interface Port-channel4 no switchport ip address 10.0.0.5 255.255.255.252 ip policy route-map internet ! interface Port-channel7 no switchport ip address 10.0.0.1 255.255.255.252 ip policy route-map internet ! interface Port-channel8 no switchport ip address 10.0.0.25 255.255.255.252 ip policy route-map internet ! interface FastEthernet0/1 no switchport no ip address channel-group 7 mode on ! interface FastEthernet0/2 no switchport no ip address channel-group 7 mode on ! interface FastEthernet0/3 no switchport no ip address channel-group 4 mode on ! interface FastEthernet0/4 no switchport no ip address channel-group 4 mode on ! interface FastEthernet0/5 no switchport ip address 10.0.0.9 255.255.255.252 ! interface FastEthernet0/6 no switchport no ip address channel-group 1 mode on ! interface FastEthernet0/7 no switchport no ip address channel-group 1 mode on ! interface FastEthernet0/8 no switchport ip address 10.0.0.17 255.255.255.252 ! interface FastEthernet0/9 no switchport no ip address channel-group 3 mode on ! interface FastEthernet0/10 no switchport no ip address channel-group 3 mode on ! interface FastEthernet0/11 no switchport no ip address channel-group 8 mode on ! interface FastEthernet0/12 no switchport no ip address channel-group 8 mode on ! interface FastEthernet0/13 no switchport no ip address ! interface FastEthernet0/14 no switchport no ip address ! interface FastEthernet0/15 no switchport no ip address ! interface FastEthernet0/16 no switchport no ip address ! interface FastEthernet0/17 no switchport no ip address ! interface FastEthernet0/18 no switchport no ip address ! interface FastEthernet0/19 no switchport no ip address ! interface FastEthernet0/20 no switchport no ip address ! interface FastEthernet0/21 no switchport no ip address ! interface FastEthernet0/22 no switchport no ip address ! interface FastEthernet0/23 no switchport no ip address ! interface FastEthernet0/24 no switchport no ip address ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 no ip address ! router ospf 10 log-adjacency-changes network 10.0.0.0 0.0.0.3 area 10 network 10.0.0.4 0.0.0.3 area 10 network 10.0.0.8 0.0.0.3 area 30 network 10.0.0.12 0.0.0.3 area 0 network 10.0.0.16 0.0.0.3 area 30 network 10.0.0.20 0.0.0.3 area 20 network 10.0.0.24 0.0.0.3 area 20 ! ip classless ip http server ! ! ip access-list extended test deny ip 192.168.3.0 0.0.0.255 10.0.0.0 0.0.0.255 deny ip 192.168.3.0 0.0.0.255 192.168.0.0 0.0.255.255 permit ip 192.168.3.0 0.0.0.255 any ! ! ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0 route-map internet permit 5 match ip address test set ip next-hop 10.0.0.18 ! route-map internet permit 10 match ip address prefix-list DEFAULT set ip next-hop 10.0.0.10 ! ! control-plane ! ! line con 0 line vty 0 4 password cisco no login line vty 5 15 password cisco no login ! ! end Core1#
Core 2
Building configuration... Current configuration : 3574 bytes ! version 12.2 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Core2 ! enable secret 5 $1$8LPE$BNGBYpQDx1Jey86SO5.zu. enable password cisco ! no aaa new-model ip subnet-zero ip routing ip host dist1 10.0.0.2 ip host core1 10.0.0.1 ip host gw1 10.0.0.10 ip host ac6 192.168.101.16 ip host ac5 192.168.101.15 ip host ac4 192.168.101.14 ip host ac3 192.168.100.13 ip host ac2 192.168.100.12 ip host ac1 192.168.100.11 ip host dist4 10.0.0.38 ip host dist3 10.0.0.26 ip host dist2 10.0.0.50 ip host core2 10.0.0.29 ip host gw2 10.0.0.18 ! ! ! ! no file verify auto spanning-tree mode pvst spanning-tree extend system-id ! vlan internal allocation policy ascending ! ! interface Port-channel1 no switchport ip address 10.0.0.14 255.255.255.252 ! interface Port-channel2 no switchport ip address 10.0.0.41 255.255.255.252 ip policy route-map internet ! interface Port-channel5 no switchport ip address 10.0.0.45 255.255.255.252 ip policy route-map internet ! interface Port-channel6 no switchport ip address 10.0.0.49 255.255.255.252 ip policy route-map internet ! interface Port-channel9 no switchport ip address 10.0.0.37 255.255.255.252 ip policy route-map internet ! interface FastEthernet0/1 no switchport ip address 10.0.0.29 255.255.255.252 ! interface FastEthernet0/2 no switchport ip address 10.0.0.33 255.255.255.252 ! interface FastEthernet0/3 no switchport no ip address channel-group 9 mode on ! interface FastEthernet0/4 no switchport no ip address channel-group 9 mode on ! interface FastEthernet0/5 no switchport no ip address channel-group 2 mode on ! interface FastEthernet0/6 no switchport no ip address channel-group 2 mode on ! interface FastEthernet0/7 no switchport no ip address channel-group 1 mode on ! interface FastEthernet0/8 no switchport no ip address channel-group 1 mode on ! interface FastEthernet0/9 no switchport no ip address channel-group 5 mode on ! interface FastEthernet0/10 no switchport no ip address channel-group 5 mode on ! interface FastEthernet0/11 no switchport no ip address channel-group 6 mode on ! interface FastEthernet0/12 no switchport no ip address channel-group 6 mode on ! interface FastEthernet0/13 ! interface FastEthernet0/14 ! interface FastEthernet0/15 ! interface FastEthernet0/16 ! interface FastEthernet0/17 ! interface FastEthernet0/18 ! interface FastEthernet0/19 ! interface FastEthernet0/20 ! interface FastEthernet0/21 ! interface FastEthernet0/22 ! interface FastEthernet0/23 ! interface FastEthernet0/24 ! interface GigabitEthernet0/1 ! interface GigabitEthernet0/2 ! interface Vlan1 no ip address ! router ospf 1 log-adjacency-changes network 10.0.0.12 0.0.0.3 area 0 network 10.0.0.28 0.0.0.3 area 30 network 10.0.0.32 0.0.0.3 area 30 network 10.0.0.36 0.0.0.3 area 20 network 10.0.0.40 0.0.0.3 area 20 network 10.0.0.44 0.0.0.3 area 10 network 10.0.0.48 0.0.0.3 area 10 ! ip classless ip http server ! ! ip access-list extended test deny ip 192.168.3.0 0.0.0.255 10.0.0.0 0.0.0.255 deny ip 192.168.3.0 0.0.0.255 192.168.0.0 0.0.255.255 permit ip 192.168.3.0 0.0.0.255 any ! ! ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0 route-map internet permit 5 match ip address test set ip next-hop 10.0.0.30 ! route-map internet permit 10 match ip address prefix-list DEFAULT set ip next-hop 10.0.0.34 ! ! control-plane ! ! line con 0 line vty 0 4 exec-timeout 0 0 password cisco logging synchronous login line vty 5 15 exec-timeout 0 0 password cisco login ! ! end Core2#
Gateways
Gateway 1
Building configuration... Current configuration : 2317 bytes ! ! Last configuration change at 09:09:32 UTC Mon Dec 14 2009 ! NVRAM config last updated at 13:00:01 UTC Fri Dec 11 2009 ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Gateway1 ! boot-start-marker boot-end-marker ! enable secret 5 $1$SVTy$kFFE8ZQHYNjdhokEH84Gn0 enable password cisco ! no aaa new-model ! resource policy ! ip cef ! ! ! ! no ip domain lookup ip host dist3 10.0.0.26 ip host dist2 10.0.0.50 ip host core1 10.0.0.1 ip host core2 10.0.0.29 ip host dist1 10.0.0.2 ip host ac3 192.168.100.13 ip host ac2 192.168.100.12 ip host dist4 10.0.0.38 ip host ac6 192.168.101.16 ip host ac5 192.168.101.15 ip host ac4 192.168.101.14 ip host gw1 10.0.0.10 ip host gw2 10.0.0.18 ip host ac1 192.168.100.11 ! ! ! voice-card 0 ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 10.254.0.1 255.255.255.255 ! interface FastEthernet0/0 ip address 10.0.0.10 255.255.255.252 ip nat inside ip virtual-reassembly speed auto full-duplex no mop enabled ! interface FastEthernet0/1 ip address 10.0.0.30 255.255.255.252 ip nat inside ip virtual-reassembly duplex auto speed auto ! interface FastEthernet0/1/0 switchport access vlan 20 ! interface FastEthernet0/1/1 shutdown ! interface FastEthernet0/1/2 shutdown ! interface FastEthernet0/1/3 shutdown ! interface Serial0/2/0 no ip address shutdown no fair-queue clock rate 2000000 ! interface Vlan1 no ip address shutdown ! interface Vlan20 ip address dhcp ip nat outside ip virtual-reassembly ! router ospf 1 log-adjacency-changes network 10.0.0.8 0.0.0.3 area 30 network 10.0.0.28 0.0.0.3 area 30 default-information originate ! ip route 0.0.0.0 0.0.0.0 dhcp ! ! ip http server no ip http secure-server ip nat inside source list Internet interface Vlan20 overload ip nat inside source static tcp 10.254.0.1 23 interface Vlan20 23 ! ip access-list extended Internet permit ip 10.0.0.0 0.0.0.255 any permit ip 192.168.0.0 0.7.255.255 any permit ip 192.168.100.0 0.0.0.255 any permit ip 192.168.101.0 0.0.0.255 any ! ! ! ! ! ! ! control-plane ! ! ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 exec-timeout 0 0 password cisco login line vty 5 15 exec-timeout 0 0 password cisco login ! scheduler allocate 20000 1000 end Gateway1#
Gateway 2
Building configuration... Current configuration : 2228 bytes ! ! No configuration change since last restart ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Gateway2 ! boot-start-marker boot-end-marker ! enable secret 5 $1$vuPD$gxv5UIIr85nInRV.U0A4y/ enable password cisco ! no aaa new-model ! resource policy ! ip cef ! ! ! ! ip host ac4 192.168.101.14 ip host gw1 10.0.0.10 ip host gw2 10.0.0.18 ip host core1 10.0.0.1 ip host core2 10.0.0.29 ip host dist1 10.0.0.2 ip host dist2 10.0.0.50 ip host dist3 10.0.0.26 ip host dist4 10.0.0.38 ip host ac1 192.168.100.11 ip host ac2 192.168.100.12 ip host ac3 192.168.100.13 ip host ac5 192.168.101.15 ip host ac6 192.168.101.16 ! ! ! voice-card 0 ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 10.254.0.2 255.255.255.255 ! interface FastEthernet0/0 ip address 10.0.0.34 255.255.255.252 ip nat inside ip virtual-reassembly duplex auto speed auto no mop enabled ! interface FastEthernet0/1 ip address 10.0.0.18 255.255.255.252 ip nat inside ip virtual-reassembly duplex auto speed auto ! interface FastEthernet0/3/0 switchport access vlan 10 ! interface FastEthernet0/3/1 shutdown ! interface FastEthernet0/3/2 shutdown ! interface FastEthernet0/3/3 shutdown ! interface Serial0/1/0 no ip address shutdown no fair-queue clock rate 2000000 ! interface Serial0/1/1 no ip address shutdown clock rate 2000000 ! interface Vlan1 no ip address shutdown ! interface Vlan10 ip address dhcp ip nat outside ip virtual-reassembly ! router ospf 1 log-adjacency-changes network 10.0.0.16 0.0.0.3 area 30 network 10.0.0.32 0.0.0.3 area 30 default-information originate ! ip route 0.0.0.0 0.0.0.0 192.168.138.1 ! ! ip http server no ip http secure-server ip nat inside source list Internet interface Vlan10 overload ip nat inside source static tcp 10.254.0.2 23 interface Vlan10 23 ! ip access-list extended Internet permit ip 10.0.0.0 0.0.0.255 any permit ip 192.168.0.0 0.7.255.255 any permit ip 192.168.100.0 0.0.0.255 any permit ip 192.168.101.0 0.0.0.255 any ! ! ! ! ! ! ! control-plane ! ! ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 password cisco login ! scheduler allocate 20000 1000 end Gateway2#