Difference between revisions of "Datacenter CCNP 3 - december 2009"

From Teknologisk videncenter
Jump to: navigation, search
(Lokale 6)
 
(5 intermediate revisions by 2 users not shown)
Line 2: Line 2:
  
 
[[Image:IP.PNG|thumb|none|800px|Ip Tabel]]
 
[[Image:IP.PNG|thumb|none|800px|Ip Tabel]]
 +
 +
[[Image:Setup1.JPG|thumb|none|800px|Al magt til hp]]
 +
 
[[category:Cisco]][[category:IOS]]
 
[[category:Cisco]][[category:IOS]]
 
= Access Layer  =
 
= Access Layer  =
Line 713: Line 716:
  
 
== Lokale 4 ==  
 
== Lokale 4 ==  
<pre>
 
 
 
</pre>
 
 
== Lokale 5 ==
 
<pre>
 
 
 
</pre>
 
 
== Lokale 6 ==
 
 
<pre>
 
<pre>
 
Building configuration...
 
Building configuration...
  
Current configuration : 5084 bytes
+
Current configuration : 5080 bytes
 
!
 
!
 
version 12.2
 
version 12.2
Line 736: Line 727:
 
no service password-encryption
 
no service password-encryption
 
!
 
!
hostname Lokale6
+
hostname Lokale4
 
!
 
!
enable secret 5 $1$Srka$tMOedwmQMi4WzrGo.b2YX/
+
enable secret 5 $1$KOZv$LdtOuJqvW3nmYPoYysh7R1
 
enable password cisco
 
enable password cisco
 
!
 
!
Line 745: Line 736:
 
!
 
!
 
ip dhcp snooping vlan 4-6,101
 
ip dhcp snooping vlan 4-6,101
 +
ip dhcp snooping
 +
ip name-server 172.16.4.77
 
!
 
!
 
!
 
!
Line 779: Line 772:
 
!
 
!
 
interface FastEthernet0/4
 
interface FastEthernet0/4
switchport access vlan 6
 
 
  switchport mode access
 
  switchport mode access
 
  switchport port-security maximum 2
 
  switchport port-security maximum 2
Line 787: Line 779:
 
!
 
!
 
interface FastEthernet0/5
 
interface FastEthernet0/5
switchport access vlan 6
 
 
  switchport mode access
 
  switchport mode access
 +
switchport port-security maximum 2
 
  switchport port-security
 
  switchport port-security
 
  switchport port-security aging time 60
 
  switchport port-security aging time 60
Line 794: Line 786:
 
!
 
!
 
interface FastEthernet0/6
 
interface FastEthernet0/6
switchport access vlan 6
 
 
  switchport mode access
 
  switchport mode access
 
  switchport port-security maximum 2
 
  switchport port-security maximum 2
Line 936: Line 927:
 
  no ip route-cache
 
  no ip route-cache
 
!
 
!
interface Vlan6
+
interface Vlan4
 
  no ip address
 
  no ip address
 
  no ip route-cache
 
  no ip route-cache
 
!
 
!
 
interface Vlan101
 
interface Vlan101
  ip address 192.168.101.16 255.255.255.0
+
  ip address 192.168.101.14 255.255.255.0
 
  no ip route-cache
 
  no ip route-cache
 
!
 
!
Line 952: Line 943:
 
line vty 0 4
 
line vty 0 4
 
  password cisco
 
  password cisco
  no login
+
  login
 
line vty 5 15
 
line vty 5 15
 
  password cisco
 
  password cisco
  no login
+
  login
 
!
 
!
 
end
 
end
 
</pre>
 
</pre>
  
= Distribution Layer =
+
== Lokale 5 ==  
 
 
== Distribution 1 ==
 
 
<pre>
 
<pre>
 
Building configuration...
 
Building configuration...
  
Current configuration : 5273 bytes
+
Current configuration : 5080 bytes
 
!
 
!
 
version 12.2
 
version 12.2
 
no service pad
 
no service pad
service timestamps debug datetime msec
+
service timestamps debug uptime
service timestamps log datetime msec
+
service timestamps log uptime
 
no service password-encryption
 
no service password-encryption
 
!
 
!
hostname Distribution1
+
hostname Lokale5
 
!
 
!
boot-start-marker
+
enable secret 5 $1$I6yz$c61ibt/0Ifi.QQhsjBPFj1
boot-end-marker
 
!
 
enable secret 5 $1$6Cq4$2JJ2WoEIpkhErwkOkQFwb.
 
 
enable password cisco
 
enable password cisco
 
!
 
!
 
no aaa new-model
 
no aaa new-model
system mtu routing 1500
 
 
ip subnet-zero
 
ip subnet-zero
ip routing
+
!
 +
ip dhcp snooping vlan 4-6,101
 +
ip dhcp snooping
 
no ip domain-lookup
 
no ip domain-lookup
no ip dhcp use vrf connected
 
ip dhcp excluded-address 192.168.1.1 192.168.1.20
 
ip dhcp excluded-address 192.168.2.1 192.168.2.20
 
 
!
 
!
ip dhcp pool Lokale1
 
  network 192.168.1.0 255.255.255.0
 
  default-router 192.168.1.3
 
  dns-server 172.16.4.77
 
 
!
 
!
ip dhcp pool Lokale2
 
  network 192.168.2.0 255.255.255.0
 
  default-router 192.168.2.3
 
  dns-server 172.16.4.77
 
 
!
 
!
 +
no file verify auto
 
!
 
!
 +
spanning-tree mode mst
 +
spanning-tree portfast bpduguard default
 +
spanning-tree extend system-id
 +
!
 +
spanning-tree mst configuration
 +
name REGRION2
 +
revision 2
 +
instance 1 vlan 4-5
 +
instance 2 vlan 6, 101
 
!
 
!
 
!
 
!
crypto pki trustpoint TP-self-signed-201700352
+
vlan internal allocation policy ascending
enrollment selfsigned
+
!
subject-name cn=IOS-Self-Signed-Certificate-201700352
+
interface FastEthernet0/1
  revocation-check none
+
  switchport mode trunk
  rsakeypair TP-self-signed-201700352
+
  ip dhcp snooping trust
 
!
 
!
 +
interface FastEthernet0/2
 +
switchport mode trunk
 +
ip dhcp snooping trust
 
!
 
!
crypto pki certificate chain TP-self-signed-201700352
+
interface FastEthernet0/3
  certificate self-signed 01
+
switchport mode access
  30820244 308201AD A0030201 02020101 300D0609 2A864886 F70D0101 04050030
+
switchport port-security maximum 2
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
+
switchport port-security
  69666963 6174652D 32303137 30303335 32301E17 0D393330 33303130 30303130
+
switchport port-security aging time 60
  305A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
+
  spanning-tree portfast
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3230 31373030
 
  33353230 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
 
  C037C167 F4C36547 30273FA3 A9F114E7 2987E23C 45C63C19 B728D92F 3F0F5D81
 
  FA590DAD 5CB8A9F1 410A7775 BA4C8C46 99A375E7 BB4501AD 1E5EA063 BDD657C9
 
  71B08A7F 480DBA2D A1FE403E F6DB281E ED66CB2E AF2AA97C 53B93EEB 50CF3745
 
  327851B9 6D6AA1FE 985D9654 45B4F445 70729C77 93ECA5CE 3F7356F2 E256BC8B
 
  02030100 01A36E30 6C300F06 03551D13 0101FF04 05300301 01FF3019 0603551D
 
  11041230 10820E44 69737472 69627574 696F6E31 2E301F06 03551D23 04183016
 
  8014C42D FB57C926 B42FA71E BE55D5D7 13A7D8B0 1821301D 0603551D 0E041604
 
  14C42DFB 57C926B4 2FA71EBE 55D5D713 A7D8B018 21300D06 092A8648 86F70D01
 
  01040500 03818100 4953F22D D2BD99DE 3BFE27EB 9501FB2C BDF39899 07C2932A
 
  023F7F71 56190673 81803DB9 76DF3FAE 74A24B5F 9628BF08 3315D673 E5741E10
 
  8255C041 BEC57E3E AAD42992 8B299643 8930DC2D 08A68953 068AEF34 B4BE4BE1
 
  F5C8F31D 0A20310F 5C31A5B9 B69FAD5E EEC99907 1CD0CDBE EBBE9A00 6705E270
 
  AC2F7077 AAFC0B48
 
  quit
 
 
!
 
!
 +
interface FastEthernet0/4
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
 +
interface FastEthernet0/5
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
 +
interface FastEthernet0/6
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
 +
interface FastEthernet0/7
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
 +
interface FastEthernet0/8
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
spanning-tree mode mst
+
interface FastEthernet0/9
spanning-tree etherchannel guard misconfig
+
switchport mode access
spanning-tree extend system-id
+
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
spanning-tree mst configuration
+
interface FastEthernet0/10
  name REGION1
+
  switchport mode access
  revision 1
+
  switchport port-security maximum 2
  instance 1 vlan 1-2
+
  switchport port-security
  instance 2 vlan 3, 100
+
switchport port-security aging time 60
 +
  spanning-tree portfast
 
!
 
!
spanning-tree mst 1 priority 24576
+
interface FastEthernet0/11
spanning-tree mst 2 priority 28672
+
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
vlan internal allocation policy ascending
+
interface FastEthernet0/12
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
 +
interface FastEthernet0/13
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
 +
interface FastEthernet0/14
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
 +
interface FastEthernet0/15
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
interface Port-channel5
+
interface FastEthernet0/16
  no switchport
+
switchport mode access
  ip address 10.0.0.46 255.255.255.252
+
switchport port-security maximum 2
 +
switchport port-security
 +
  switchport port-security aging time 60
 +
  spanning-tree portfast
 
!
 
!
interface Port-channel7
+
interface FastEthernet0/17
  no switchport
+
switchport mode access
  ip address 10.0.0.2 255.255.255.252
+
switchport port-security maximum 2
 +
switchport port-security
 +
  switchport port-security aging time 60
 +
  spanning-tree portfast
 
!
 
!
interface FastEthernet0/1
+
interface FastEthernet0/18
  no switchport
+
  switchport mode access
  no ip address
+
switchport port-security maximum 2
  channel-group 7 mode on
+
switchport port-security
 +
  switchport port-security aging time 60
 +
  spanning-tree portfast
 
!
 
!
interface FastEthernet0/2
+
interface FastEthernet0/19
  no switchport
+
switchport mode access
  no ip address
+
switchport port-security maximum 2
  channel-group 7 mode on
+
  switchport port-security
 +
  switchport port-security aging time 60
 +
  spanning-tree portfast
 
!
 
!
interface FastEthernet0/3
+
interface FastEthernet0/20
  no switchport
+
  switchport mode access
  no ip address
+
switchport port-security maximum 2
  channel-group 5 mode on
+
switchport port-security
 +
  switchport port-security aging time 60
 +
  spanning-tree portfast
 
!
 
!
interface FastEthernet0/4
+
interface FastEthernet0/21
  no switchport
+
  switchport mode access
  no ip address
+
switchport port-security maximum 2
  channel-group 5 mode on
+
switchport port-security
 +
  switchport port-security aging time 60
 +
  spanning-tree portfast
 
!
 
!
interface FastEthernet0/5
+
interface FastEthernet0/22
  switchport trunk encapsulation dot1q
+
  switchport mode access
  switchport mode trunk
+
switchport port-security maximum 2
 +
switchport port-security
 +
  switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
interface FastEthernet0/6
+
interface FastEthernet0/23
  switchport trunk encapsulation dot1q
+
  switchport mode access
  switchport mode trunk
+
switchport port-security maximum 2
  spanning-tree mst pre-standard
+
switchport port-security
 +
  switchport port-security aging time 60
 +
  spanning-tree portfast
 
!
 
!
interface FastEthernet0/7
+
interface FastEthernet0/24
  switchport trunk encapsulation dot1q
+
  switchport access vlan 101
  switchport mode trunk
+
  switchport mode access
  spanning-tree mst pre-standard
+
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
  spanning-tree portfast
 
!
 
!
interface FastEthernet0/8
+
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
 
switchport mode trunk
 
spanning-tree mst pre-standard
 
 
!
 
!
interface FastEthernet0/9
+
interface GigabitEthernet0/2
 
!
 
!
interface FastEthernet0/10
+
interface Vlan1
 +
no ip address
 +
no ip route-cache
 
!
 
!
interface FastEthernet0/11
+
interface Vlan5
 +
no ip address
 +
no ip route-cache
 
!
 
!
interface FastEthernet0/12
+
interface Vlan101
 +
ip address 192.168.101.15 255.255.255.0
 +
no ip route-cache
 
!
 
!
interface FastEthernet0/13
+
ip http server
 
!
 
!
interface FastEthernet0/14
+
control-plane
 
!
 
!
interface FastEthernet0/15
 
 
!
 
!
interface FastEthernet0/16
+
line con 0
 +
line vty 0 4
 +
password cisco
 +
no login
 +
line vty 5 15
 +
password cisco
 +
no login
 
!
 
!
interface FastEthernet0/17
+
end
 +
</pre>
 +
 
 +
== Lokale 6 ==
 +
<pre>
 +
Building configuration...
 +
 
 +
Current configuration : 5084 bytes
 
!
 
!
interface FastEthernet0/18
+
version 12.2
 +
no service pad
 +
service timestamps debug uptime
 +
service timestamps log uptime
 +
no service password-encryption
 
!
 
!
interface FastEthernet0/19
+
hostname Lokale6
 
!
 
!
interface FastEthernet0/20
+
enable secret 5 $1$Srka$tMOedwmQMi4WzrGo.b2YX/
 +
enable password cisco
 
!
 
!
interface FastEthernet0/21
+
no aaa new-model
 +
ip subnet-zero
 
!
 
!
interface FastEthernet0/22
+
ip dhcp snooping vlan 4-6,101
 
!
 
!
interface FastEthernet0/23
 
 
!
 
!
interface FastEthernet0/24
 
 
!
 
!
interface GigabitEthernet0/1
+
no file verify auto
 
!
 
!
interface GigabitEthernet0/2
+
spanning-tree mode mst
 +
spanning-tree portfast bpduguard default
 +
spanning-tree extend system-id
 
!
 
!
interface Vlan1
+
spanning-tree mst configuration
  ip address 192.168.1.2 255.255.255.0
+
  name REGION2
  standby 1 ip 192.168.1.3
+
  revision 2
  standby 1 timers msec 150 msec 500
+
  instance 1 vlan 4-5
  standby 1 priority 200
+
  instance 2 vlan 6, 101
standby 1 preempt
 
 
!
 
!
interface Vlan2
 
ip address 192.168.2.2 255.255.255.0
 
standby 1 timers msec 150 msec 500
 
standby 2 ip 192.168.2.3
 
standby 2 priority 200
 
standby 2 preempt
 
 
!
 
!
interface Vlan3
+
vlan internal allocation policy ascending
ip address 192.168.3.2 255.255.255.0
 
standby 1 timers msec 150 msec 500
 
standby 3 ip 192.168.3.3
 
standby 3 priority 150
 
standby 3 preempt
 
 
!
 
!
interface Vlan100
+
interface FastEthernet0/1
  ip address 192.168.100.2 255.255.255.0
+
  switchport mode trunk
  standby 1 timers msec 150 msec 500
+
  ip dhcp snooping trust
standby 100 ip 192.168.100.3
 
standby 100 priority 150
 
standby 100 preempt
 
 
!
 
!
router ospf 10
+
interface FastEthernet0/2
log-adjacency-changes
+
  switchport mode trunk
network 10.0.0.0 0.0.0.3 area 10
+
  ip dhcp snooping trust
network 10.0.0.44 0.0.0.3 area 10
 
network 192.168.1.0 0.0.0.255 area 10
 
network 192.168.2.0 0.0.0.255 area 10
 
  network 192.168.3.0 0.0.0.255 area 10
 
  network 192.168.100.0 0.0.0.255 area 10
 
 
!
 
!
ip classless
+
interface FastEthernet0/3
ip http server
+
switchport mode access
ip http secure-server
+
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
 +
interface FastEthernet0/4
 +
switchport access vlan 6
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
 +
interface FastEthernet0/5
 +
switchport access vlan 6
 +
switchport mode access
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
 +
interface FastEthernet0/6
 +
switchport access vlan 6
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
control-plane
+
interface FastEthernet0/7
!
+
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
line con 0
+
interface FastEthernet0/8
line vty 0 4
+
switchport mode access
  password cisco
+
  switchport port-security maximum 2
  login
+
  switchport port-security
line vty 5 15
+
  switchport port-security aging time 60
  password cisco
+
  spanning-tree portfast
  login
 
 
!
 
!
end
+
interface FastEthernet0/9
</pre>
+
switchport mode access
 
+
switchport port-security maximum 2
== Distribution 2 ==
+
switchport port-security
<pre>
+
switchport port-security aging time 60
Building configuration...
+
spanning-tree portfast
 
 
Current configuration : 6251 bytes
 
 
!
 
!
version 12.2
+
interface FastEthernet0/10
no service pad
+
switchport mode access
service timestamps debug datetime msec
+
switchport port-security maximum 2
service timestamps log datetime msec
+
switchport port-security
no service password-encryption
+
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
hostname Distribution2
+
interface FastEthernet0/11
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
enable secret 5 $1$pEkP$V/sE.K6gTww6uBWPNRK060
+
interface FastEthernet0/12
enable password cisco
+
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
no aaa new-model
+
interface FastEthernet0/13
ip subnet-zero
+
switchport mode access
ip routing
+
switchport port-security maximum 2
ip dhcp excluded-address 192.168.3.1 192.168.3.20
+
switchport port-security
ip dhcp excluded-address 192.168.100.1 192.168.100.20
+
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
ip dhcp pool Lokale3
+
interface FastEthernet0/14
  network 192.168.3.0 255.255.255.0
+
switchport mode access
  default-router 192.168.3.3
+
switchport port-security maximum 2
  dns-server 172.16.4.77
+
switchport port-security
!
+
switchport port-security aging time 60
ip dhcp pool Management
+
spanning-tree portfast
  network 192.168.100.0 255.255.255.0
 
  default-router 192.168.100.3
 
  dns-server 172.16.4.77
 
 
!
 
!
 +
interface FastEthernet0/15
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
 +
interface FastEthernet0/16
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
crypto pki trustpoint TP-self-signed-1708353664
+
interface FastEthernet0/17
  enrollment selfsigned
+
  switchport mode access
  subject-name cn=IOS-Self-Signed-Certificate-1708353664
+
  switchport port-security maximum 2
  revocation-check none
+
switchport port-security
  rsakeypair TP-self-signed-1708353664
+
  switchport port-security aging time 60
 +
  spanning-tree portfast
 
!
 
!
 +
interface FastEthernet0/18
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
crypto pki certificate chain TP-self-signed-1708353664
+
interface FastEthernet0/19
  certificate self-signed 01
+
switchport mode access
  30820246 308201AF A0030201 02020101 300D0609 2A864886 F70D0101 04050030
+
switchport port-security maximum 2
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
+
switchport port-security
  69666963 6174652D 31373038 33353336 3634301E 170D3933 30333031 30303031
+
switchport port-security aging time 60
  30385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
+
  spanning-tree portfast
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37303833
 
  35333636 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
 
  8100BB1C 4EB2426C 154FE1EC A921C666 B8A7B001 5B32CC4A 5AEFDF28 AD1163EC
 
  99A0BD35 C035EB94 6EB3E5EF F8EF6F79 72E2C2E0 DEC9E587 5AFE353F 5A3100F2
 
  890BD9EA D189A010 1B352DF0 03F477A7 A23ACFAF D6743C5E 08FCBE6D 44EF3E4D
 
  04BFEA58 573F5ECC 6F3509D8 6B603D74 296FE485 7EDD39D8 318DD050 D2A871E8
 
  68110203 010001A3 6E306C30 0F060355 1D130101 FF040530 030101FF 30190603
 
  551D1104 12301082 0E446973 74726962 7574696F 6E322E30 1F060355 1D230418
 
  30168014 DB7110DA F3D5436A 80BA951B F015E53C 446E2C32 301D0603 551D0E04
 
  160414DB 7110DAF3 D5436A80 BA951BF0 15E53C44 6E2C3230 0D06092A 864886F7
 
  0D010104 05000381 81000A06 CB3DB008 64B56E19 2DAD6A83 22B538B5 1CD5B0D7
 
  DE7D83B9 5F64337C 0F42ED1B 3B2075C2 6A3F2A36 DE873A8F FA5546A1 EAED43DB
 
  4F7B9186 A71BA26B 8689FB18 B5E923D7 649548EE 79EB2E9B 41D542C5 2C6C18FC
 
  D9BF10E8 E66065A0 1D67F658 B837D2D8 8A5E218F E89A1D62 85029DB0 8CB27D76
 
  EC50335C 9F70886C 32DF
 
  quit
 
 
!
 
!
 +
interface FastEthernet0/20
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
 +
interface FastEthernet0/21
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
spanning-tree mode mst
+
interface FastEthernet0/22
spanning-tree extend system-id
+
  switchport mode access
!
+
  switchport port-security maximum 2
spanning-tree mst configuration
+
  switchport port-security
  name REGION1
+
  switchport port-security aging time 60
  revision 1
+
spanning-tree portfast
  instance 1 vlan 1-2
 
  instance 2 vlan 3, 100
 
!
 
spanning-tree mst 1 priority 28672
 
spanning-tree mst 2 priority 24576
 
!
 
vlan internal allocation policy ascending
 
 
!
 
!
 +
interface FastEthernet0/23
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
 +
interface FastEthernet0/24
 +
switchport access vlan 101
 +
switchport mode access
 +
switchport port-security maximum 2
 +
switchport port-security
 +
switchport port-security aging time 60
 +
spanning-tree portfast
 
!
 
!
 +
interface GigabitEthernet0/1
 
!
 
!
 +
interface GigabitEthernet0/2
 
!
 
!
 +
interface Vlan1
 +
no ip address
 +
no ip route-cache
 
!
 
!
interface Port-channel4
+
interface Vlan6
  no switchport
+
  no ip address
  ip address 10.0.0.6 255.255.255.252
+
  no ip route-cache
 
!
 
!
interface Port-channel6
+
interface Vlan101
no switchport
+
  ip address 192.168.101.16 255.255.255.0
  ip address 10.0.0.50 255.255.255.252
+
no ip route-cache
 
!
 
!
interface FastEthernet0/1
+
ip http server
no switchport
 
no ip address
 
channel-group 6 mode on
 
 
!
 
!
interface FastEthernet0/2
+
control-plane
no switchport
 
no ip address
 
channel-group 6 mode on
 
 
!
 
!
interface FastEthernet0/3
 
no switchport
 
no ip address
 
channel-group 4 mode on
 
 
!
 
!
interface FastEthernet0/4
+
line con 0
  no switchport
+
line vty 0 4
  no ip address
+
password cisco
  channel-group 4 mode on
+
  no login
 +
line vty 5 15
 +
  password cisco
 +
  no login
 
!
 
!
interface FastEthernet0/5
+
end
switchport trunk encapsulation dot1q
+
</pre>
switchport mode trunk
+
 
 +
= Distribution Layer =
 +
 
 +
== Distribution 1 ==
 +
<pre>
 +
Building configuration...
 +
 
 +
Current configuration : 5273 bytes
 
!
 
!
interface FastEthernet0/6
+
version 12.2
switchport trunk encapsulation dot1q
+
no service pad
switchport mode trunk
+
service timestamps debug datetime msec
spanning-tree mst pre-standard
+
service timestamps log datetime msec
 +
no service password-encryption
 
!
 
!
interface FastEthernet0/7
+
hostname Distribution1
switchport trunk encapsulation dot1q
 
switchport mode trunk
 
spanning-tree mst pre-standard
 
 
!
 
!
interface FastEthernet0/8
+
boot-start-marker
switchport trunk encapsulation dot1q
+
boot-end-marker
switchport mode trunk
 
spanning-tree mst pre-standard
 
 
!
 
!
interface FastEthernet0/9
+
enable secret 5 $1$6Cq4$2JJ2WoEIpkhErwkOkQFwb.
switchport mode dynamic desirable
+
enable password cisco
 
!
 
!
interface FastEthernet0/10
+
no aaa new-model
switchport mode dynamic desirable
+
system mtu routing 1500
!
+
ip subnet-zero
interface FastEthernet0/11
+
ip routing
switchport mode dynamic desirable
+
no ip domain-lookup
 +
no ip dhcp use vrf connected
 +
ip dhcp excluded-address 192.168.1.1 192.168.1.20
 +
ip dhcp excluded-address 192.168.2.1 192.168.2.20
 
!
 
!
interface FastEthernet0/12
+
ip dhcp pool Lokale1
switchport mode dynamic desirable
+
  network 192.168.1.0 255.255.255.0
 +
  default-router 192.168.1.3
 +
  dns-server 172.16.4.77
 
!
 
!
interface FastEthernet0/13
+
ip dhcp pool Lokale2
switchport mode dynamic desirable
+
  network 192.168.2.0 255.255.255.0
 +
  default-router 192.168.2.3
 +
  dns-server 172.16.4.77
 
!
 
!
interface FastEthernet0/14
 
switchport mode dynamic desirable
 
 
!
 
!
interface FastEthernet0/15
 
switchport mode dynamic desirable
 
 
!
 
!
interface FastEthernet0/16
 
switchport mode dynamic desirable
 
 
!
 
!
interface FastEthernet0/17
+
crypto pki trustpoint TP-self-signed-201700352
  switchport mode dynamic desirable
+
  enrollment selfsigned
 +
subject-name cn=IOS-Self-Signed-Certificate-201700352
 +
revocation-check none
 +
rsakeypair TP-self-signed-201700352
 
!
 
!
interface FastEthernet0/18
 
switchport mode dynamic desirable
 
 
!
 
!
interface FastEthernet0/19
+
crypto pki certificate chain TP-self-signed-201700352
  switchport mode dynamic desirable
+
  certificate self-signed 01
 +
  30820244 308201AD A0030201 02020101 300D0609 2A864886 F70D0101 04050030
 +
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
 +
  69666963 6174652D 32303137 30303335 32301E17 0D393330 33303130 30303130
 +
  305A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
 +
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3230 31373030
 +
  33353230 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
 +
  C037C167 F4C36547 30273FA3 A9F114E7 2987E23C 45C63C19 B728D92F 3F0F5D81
 +
  FA590DAD 5CB8A9F1 410A7775 BA4C8C46 99A375E7 BB4501AD 1E5EA063 BDD657C9
 +
  71B08A7F 480DBA2D A1FE403E F6DB281E ED66CB2E AF2AA97C 53B93EEB 50CF3745
 +
  327851B9 6D6AA1FE 985D9654 45B4F445 70729C77 93ECA5CE 3F7356F2 E256BC8B
 +
  02030100 01A36E30 6C300F06 03551D13 0101FF04 05300301 01FF3019 0603551D
 +
  11041230 10820E44 69737472 69627574 696F6E31 2E301F06 03551D23 04183016
 +
  8014C42D FB57C926 B42FA71E BE55D5D7 13A7D8B0 1821301D 0603551D 0E041604
 +
  14C42DFB 57C926B4 2FA71EBE 55D5D713 A7D8B018 21300D06 092A8648 86F70D01
 +
  01040500 03818100 4953F22D D2BD99DE 3BFE27EB 9501FB2C BDF39899 07C2932A
 +
  023F7F71 56190673 81803DB9 76DF3FAE 74A24B5F 9628BF08 3315D673 E5741E10
 +
  8255C041 BEC57E3E AAD42992 8B299643 8930DC2D 08A68953 068AEF34 B4BE4BE1
 +
  F5C8F31D 0A20310F 5C31A5B9 B69FAD5E EEC99907 1CD0CDBE EBBE9A00 6705E270
 +
  AC2F7077 AAFC0B48
 +
  quit
 +
!
 
!
 
!
interface FastEthernet0/20
 
switchport mode dynamic desirable
 
 
!
 
!
interface FastEthernet0/21
 
switchport mode dynamic desirable
 
 
!
 
!
interface FastEthernet0/22
 
switchport mode dynamic desirable
 
 
!
 
!
interface FastEthernet0/23
 
switchport mode dynamic desirable
 
 
!
 
!
interface FastEthernet0/24
+
spanning-tree mode mst
switchport mode dynamic desirable
+
spanning-tree etherchannel guard misconfig
 +
spanning-tree extend system-id
 
!
 
!
interface GigabitEthernet0/1
+
spanning-tree mst configuration
  switchport mode dynamic desirable
+
name REGION1
 +
revision 1
 +
instance 1 vlan 1-2
 +
  instance 2 vlan 3, 100
 
!
 
!
interface GigabitEthernet0/2
+
spanning-tree mst 1 priority 24576
switchport mode dynamic desirable
+
spanning-tree mst 2 priority 28672
 
!
 
!
interface Vlan1
+
vlan internal allocation policy ascending
ip address 192.168.1.1 255.255.255.0
 
standby 1 ip 192.168.1.3
 
standby 1 timers msec 150 msec 500
 
standby 1 priority 150
 
standby 1 preempt
 
 
!
 
!
interface Vlan2
 
ip address 192.168.2.1 255.255.255.0
 
standby 2 ip 192.168.2.3
 
standby 2 timers msec 150 msec 500
 
standby 2 priority 150
 
standby 2 preempt
 
 
!
 
!
interface Vlan3
 
ip address 192.168.3.1 255.255.255.0
 
standby 3 ip 192.168.3.3
 
standby 3 timers msec 150 msec 500
 
standby 3 priority 200
 
standby 3 preempt
 
 
!
 
!
interface Vlan100
 
ip address 192.168.100.1 255.255.255.0
 
standby 100 ip 192.168.100.3
 
standby 100 timers msec 150 msec 500
 
standby 100 priority 200
 
standby 100 preempt
 
 
!
 
!
router ospf 10
+
interface Port-channel5
log-adjacency-changes
+
  no switchport
  network 10.0.0.4 0.0.0.3 area 10
+
  ip address 10.0.0.46 255.255.255.252
  network 10.0.0.48 0.0.0.3 area 10
 
network 192.168.1.0 0.0.0.255 area 10
 
network 192.168.2.0 0.0.0.255 area 10
 
network 192.168.3.0 0.0.0.255 area 10
 
network 192.168.100.0 0.0.0.255 area 10
 
 
!
 
!
ip classless
+
interface Port-channel7
ip http server
+
no switchport
ip http secure-server
+
ip address 10.0.0.2 255.255.255.252
 
!
 
!
 +
interface FastEthernet0/1
 +
no switchport
 +
no ip address
 +
channel-group 7 mode on
 
!
 
!
ip access-list extended EXTERN
+
interface FastEthernet0/2
  permit ip 192.168.0.0 0.0.255.255 any
+
  no switchport
  permit ip 10.0.0.0 0.255.255.255 any
+
  no ip address
ip access-list extended INTERN
+
channel-group 7 mode on
permit ip any 10.0.0.0 0.255.255.255
 
permit ip any 192.168.0.0 0.0.255.255
 
deny  ip any any
 
 
!
 
!
route-map tester permit 10
+
interface FastEthernet0/3
 +
no switchport
 +
no ip address
 +
channel-group 5 mode on
 
!
 
!
route-map INTERNET permit 10
+
interface FastEthernet0/4
  match ip address INTERN
+
no switchport
 +
  no ip address
 +
channel-group 5 mode on
 
!
 
!
route-map INTERNET permit 20
+
interface FastEthernet0/5
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
!
 +
interface FastEthernet0/6
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
spanning-tree mst pre-standard
 +
!
 +
interface FastEthernet0/7
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
spanning-tree mst pre-standard
 +
!
 +
interface FastEthernet0/8
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
spanning-tree mst pre-standard
 +
!
 +
interface FastEthernet0/9
 +
!
 +
interface FastEthernet0/10
 +
!
 +
interface FastEthernet0/11
 +
!
 +
interface FastEthernet0/12
 +
!
 +
interface FastEthernet0/13
 +
!
 +
interface FastEthernet0/14
 +
!
 +
interface FastEthernet0/15
 +
!
 +
interface FastEthernet0/16
 +
!
 +
interface FastEthernet0/17
 +
!
 +
interface FastEthernet0/18
 +
!
 +
interface FastEthernet0/19
 +
!
 +
interface FastEthernet0/20
 +
!
 +
interface FastEthernet0/21
 +
!
 +
interface FastEthernet0/22
 +
!
 +
interface FastEthernet0/23
 +
!
 +
interface FastEthernet0/24
 +
!
 +
interface GigabitEthernet0/1
 +
!
 +
interface GigabitEthernet0/2
 +
!
 +
interface Vlan1
 +
ip address 192.168.1.2 255.255.255.0
 +
standby 1 ip 192.168.1.3
 +
standby 1 timers msec 150 msec 500
 +
standby 1 priority 200
 +
standby 1 preempt
 +
!
 +
interface Vlan2
 +
ip address 192.168.2.2 255.255.255.0
 +
standby 1 timers msec 150 msec 500
 +
standby 2 ip 192.168.2.3
 +
standby 2 priority 200
 +
standby 2 preempt
 +
!
 +
interface Vlan3
 +
ip address 192.168.3.2 255.255.255.0
 +
standby 1 timers msec 150 msec 500
 +
standby 3 ip 192.168.3.3
 +
standby 3 priority 150
 +
standby 3 preempt
 +
!
 +
interface Vlan100
 +
ip address 192.168.100.2 255.255.255.0
 +
standby 1 timers msec 150 msec 500
 +
standby 100 ip 192.168.100.3
 +
standby 100 priority 150
 +
standby 100 preempt
 +
!
 +
router ospf 10
 +
log-adjacency-changes
 +
network 10.0.0.0 0.0.0.3 area 10
 +
network 10.0.0.44 0.0.0.3 area 10
 +
network 192.168.1.0 0.0.0.255 area 10
 +
network 192.168.2.0 0.0.0.255 area 10
 +
network 192.168.3.0 0.0.0.255 area 10
 +
network 192.168.100.0 0.0.0.255 area 10
 +
!
 +
ip classless
 +
ip http server
 +
ip http secure-server
 +
!
 +
!
 +
!
 +
!
 +
control-plane
 +
!
 +
!
 +
line con 0
 +
line vty 0 4
 +
password cisco
 +
login
 +
line vty 5 15
 +
password cisco
 +
login
 +
!
 +
end
 +
</pre>
 +
 
 +
== Distribution 2 ==
 +
<pre>
 +
Building configuration...
 +
 
 +
Current configuration : 6251 bytes
 +
!
 +
version 12.2
 +
no service pad
 +
service timestamps debug datetime msec
 +
service timestamps log datetime msec
 +
no service password-encryption
 +
!
 +
hostname Distribution2
 +
!
 +
enable secret 5 $1$pEkP$V/sE.K6gTww6uBWPNRK060
 +
enable password cisco
 +
!
 +
no aaa new-model
 +
ip subnet-zero
 +
ip routing
 +
ip dhcp excluded-address 192.168.3.1 192.168.3.20
 +
ip dhcp excluded-address 192.168.100.1 192.168.100.20
 +
!
 +
ip dhcp pool Lokale3
 +
  network 192.168.3.0 255.255.255.0
 +
  default-router 192.168.3.3
 +
  dns-server 172.16.4.77
 +
!
 +
ip dhcp pool Management
 +
  network 192.168.100.0 255.255.255.0
 +
  default-router 192.168.100.3
 +
  dns-server 172.16.4.77
 +
!
 +
!
 +
!
 +
crypto pki trustpoint TP-self-signed-1708353664
 +
enrollment selfsigned
 +
subject-name cn=IOS-Self-Signed-Certificate-1708353664
 +
revocation-check none
 +
rsakeypair TP-self-signed-1708353664
 +
!
 +
!
 +
crypto pki certificate chain TP-self-signed-1708353664
 +
certificate self-signed 01
 +
  30820246 308201AF A0030201 02020101 300D0609 2A864886 F70D0101 04050030
 +
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
 +
  69666963 6174652D 31373038 33353336 3634301E 170D3933 30333031 30303031
 +
  30385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
 +
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37303833
 +
  35333636 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
 +
  8100BB1C 4EB2426C 154FE1EC A921C666 B8A7B001 5B32CC4A 5AEFDF28 AD1163EC
 +
  99A0BD35 C035EB94 6EB3E5EF F8EF6F79 72E2C2E0 DEC9E587 5AFE353F 5A3100F2
 +
  890BD9EA D189A010 1B352DF0 03F477A7 A23ACFAF D6743C5E 08FCBE6D 44EF3E4D
 +
  04BFEA58 573F5ECC 6F3509D8 6B603D74 296FE485 7EDD39D8 318DD050 D2A871E8
 +
  68110203 010001A3 6E306C30 0F060355 1D130101 FF040530 030101FF 30190603
 +
  551D1104 12301082 0E446973 74726962 7574696F 6E322E30 1F060355 1D230418
 +
  30168014 DB7110DA F3D5436A 80BA951B F015E53C 446E2C32 301D0603 551D0E04
 +
  160414DB 7110DAF3 D5436A80 BA951BF0 15E53C44 6E2C3230 0D06092A 864886F7
 +
  0D010104 05000381 81000A06 CB3DB008 64B56E19 2DAD6A83 22B538B5 1CD5B0D7
 +
  DE7D83B9 5F64337C 0F42ED1B 3B2075C2 6A3F2A36 DE873A8F FA5546A1 EAED43DB
 +
  4F7B9186 A71BA26B 8689FB18 B5E923D7 649548EE 79EB2E9B 41D542C5 2C6C18FC
 +
  D9BF10E8 E66065A0 1D67F658 B837D2D8 8A5E218F E89A1D62 85029DB0 8CB27D76
 +
  EC50335C 9F70886C 32DF
 +
  quit
 +
!
 +
!
 +
!
 +
spanning-tree mode mst
 +
spanning-tree extend system-id
 +
!
 +
spanning-tree mst configuration
 +
name REGION1
 +
revision 1
 +
instance 1 vlan 1-2
 +
instance 2 vlan 3, 100
 +
!
 +
spanning-tree mst 1 priority 28672
 +
spanning-tree mst 2 priority 24576
 +
!
 +
vlan internal allocation policy ascending
 +
!
 +
!
 +
!
 +
!
 +
!
 +
!
 +
interface Port-channel4
 +
no switchport
 +
ip address 10.0.0.6 255.255.255.252
 +
!
 +
interface Port-channel6
 +
no switchport
 +
ip address 10.0.0.50 255.255.255.252
 +
!
 +
interface FastEthernet0/1
 +
no switchport
 +
no ip address
 +
channel-group 6 mode on
 +
!
 +
interface FastEthernet0/2
 +
no switchport
 +
no ip address
 +
channel-group 6 mode on
 +
!
 +
interface FastEthernet0/3
 +
no switchport
 +
no ip address
 +
channel-group 4 mode on
 +
!
 +
interface FastEthernet0/4
 +
no switchport
 +
no ip address
 +
channel-group 4 mode on
 +
!
 +
interface FastEthernet0/5
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
!
 +
interface FastEthernet0/6
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
spanning-tree mst pre-standard
 +
!
 +
interface FastEthernet0/7
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
spanning-tree mst pre-standard
 +
!
 +
interface FastEthernet0/8
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
spanning-tree mst pre-standard
 +
!
 +
interface FastEthernet0/9
 +
switchport mode dynamic desirable
 +
!
 +
interface FastEthernet0/10
 +
switchport mode dynamic desirable
 +
!
 +
interface FastEthernet0/11
 +
switchport mode dynamic desirable
 +
!
 +
interface FastEthernet0/12
 +
switchport mode dynamic desirable
 +
!
 +
interface FastEthernet0/13
 +
switchport mode dynamic desirable
 +
!
 +
interface FastEthernet0/14
 +
switchport mode dynamic desirable
 +
!
 +
interface FastEthernet0/15
 +
switchport mode dynamic desirable
 +
!
 +
interface FastEthernet0/16
 +
switchport mode dynamic desirable
 +
!
 +
interface FastEthernet0/17
 +
switchport mode dynamic desirable
 +
!
 +
interface FastEthernet0/18
 +
switchport mode dynamic desirable
 +
!
 +
interface FastEthernet0/19
 +
switchport mode dynamic desirable
 +
!
 +
interface FastEthernet0/20
 +
switchport mode dynamic desirable
 +
!
 +
interface FastEthernet0/21
 +
switchport mode dynamic desirable
 +
!
 +
interface FastEthernet0/22
 +
switchport mode dynamic desirable
 +
!
 +
interface FastEthernet0/23
 +
switchport mode dynamic desirable
 +
!
 +
interface FastEthernet0/24
 +
switchport mode dynamic desirable
 +
!
 +
interface GigabitEthernet0/1
 +
switchport mode dynamic desirable
 +
!
 +
interface GigabitEthernet0/2
 +
switchport mode dynamic desirable
 +
!
 +
interface Vlan1
 +
ip address 192.168.1.1 255.255.255.0
 +
standby 1 ip 192.168.1.3
 +
standby 1 timers msec 150 msec 500
 +
standby 1 priority 150
 +
standby 1 preempt
 +
!
 +
interface Vlan2
 +
ip address 192.168.2.1 255.255.255.0
 +
standby 2 ip 192.168.2.3
 +
standby 2 timers msec 150 msec 500
 +
standby 2 priority 150
 +
standby 2 preempt
 +
!
 +
interface Vlan3
 +
ip address 192.168.3.1 255.255.255.0
 +
standby 3 ip 192.168.3.3
 +
standby 3 timers msec 150 msec 500
 +
standby 3 priority 200
 +
standby 3 preempt
 +
!
 +
interface Vlan100
 +
ip address 192.168.100.1 255.255.255.0
 +
standby 100 ip 192.168.100.3
 +
standby 100 timers msec 150 msec 500
 +
standby 100 priority 200
 +
standby 100 preempt
 +
!
 +
router ospf 10
 +
log-adjacency-changes
 +
network 10.0.0.4 0.0.0.3 area 10
 +
network 10.0.0.48 0.0.0.3 area 10
 +
network 192.168.1.0 0.0.0.255 area 10
 +
network 192.168.2.0 0.0.0.255 area 10
 +
network 192.168.3.0 0.0.0.255 area 10
 +
network 192.168.100.0 0.0.0.255 area 10
 +
!
 +
ip classless
 +
ip http server
 +
ip http secure-server
 +
!
 +
!
 +
ip access-list extended EXTERN
 +
permit ip 192.168.0.0 0.0.255.255 any
 +
permit ip 10.0.0.0 0.255.255.255 any
 +
ip access-list extended INTERN
 +
permit ip any 10.0.0.0 0.255.255.255
 +
permit ip any 192.168.0.0 0.0.255.255
 +
deny  ip any any
 +
!
 +
route-map tester permit 10
 +
!
 +
route-map INTERNET permit 10
 +
match ip address INTERN
 +
!
 +
route-map INTERNET permit 20
 
  match ip address EXTERN
 
  match ip address EXTERN
  set ip next-hop 10.0.0.10
+
  set ip next-hop 10.0.0.10
!
+
!
!
+
!
control-plane
+
control-plane
!
+
!
 +
!
 +
line con 0
 +
line vty 0 4
 +
exec-timeout 0 0
 +
password cisco
 +
logging synchronous
 +
login
 +
line vty 5 15
 +
exec-timeout 0 0
 +
password cisco
 +
logging synchronous
 +
login
 +
!
 +
end
 +
</pre>
 +
 
 +
== Distribution 3 ==
 +
<pre>
 +
 
 +
Building configuration...
 +
 
 +
Current configuration : 5220 bytes
 +
!
 +
version 12.2
 +
no service pad
 +
service timestamps debug datetime msec
 +
service timestamps log datetime msec
 +
no service password-encryption
 +
!
 +
hostname Distribution3
 +
!
 +
boot-start-marker
 +
boot-end-marker
 +
!
 +
enable secret 5 $1$36zr$fFbFrAnE1AxVLaskUDIQD0
 +
enable password cisco
 +
!
 +
no aaa new-model
 +
system mtu routing 1500
 +
ip subnet-zero
 +
ip routing
 +
ip name-server 172.16.4.77
 +
no ip dhcp use vrf connected
 +
ip dhcp excluded-address 192.168.4.1 192.168.4.20
 +
ip dhcp excluded-address 192.168.5.1 192.168.5.20
 +
!
 +
ip dhcp pool Lokale4
 +
  network 192.168.4.0 255.255.255.0
 +
  dns-server 172.16.4.77
 +
  default-router 192.168.4.3
 +
!
 +
ip dhcp pool Lokale5
 +
  network 192.168.5.0 255.255.255.0
 +
  dns-server 172.16.4.77
 +
  default-router 192.168.5.3
 +
!
 +
!
 +
!
 +
!
 +
crypto pki trustpoint TP-self-signed-410825728
 +
enrollment selfsigned
 +
subject-name cn=IOS-Self-Signed-Certificate-410825728
 +
revocation-check none
 +
rsakeypair TP-self-signed-410825728
 +
!
 +
!
 +
crypto pki certificate chain TP-self-signed-410825728
 +
certificate self-signed 01
 +
  30820244 308201AD A0030201 02020101 300D0609 2A864886 F70D0101 04050030
 +
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
 +
  69666963 6174652D 34313038 32353732 38301E17 0D393330 33303130 30303035
 +
  375A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
 +
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3431 30383235
 +
  37323830 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
 +
  E8DB7DE8 3C07C5D1 3D6049B8 DC0094CD 71D511F2 78B9A43D D0F5E49E 40814DAF
 +
  2373C9A1 DC611C26 1B180668 E627A4BE AFC6A372 92879186 CFCF36E7 FC6FDA3F
 +
  FCF8C9C4 EF116036 60470590 09190B6B 982A3DA6 DA7B88CB 0EF93063 CD52301C
 +
  E33A3217 C59114B9 3C20FFFD 1EF08197 F1C0A28F CDBE2EE2 34323521 5CA41B83
 +
  02030100 01A36E30 6C300F06 03551D13 0101FF04 05300301 01FF3019 0603551D
 +
  11041230 10820E44 69737472 69627574 696F6E33 2E301F06 03551D23 04183016
 +
  80140A7F 8FAB416A B162C720 BCE7FFCA E02F3B74 A63A301D 0603551D 0E041604
 +
  140A7F8F AB416AB1 62C720BC E7FFCAE0 2F3B74A6 3A300D06 092A8648 86F70D01
 +
  01040500 03818100 3C73A52B 612FDA78 C5FF0E2E 6B46CAF6 9A2D6124 1CC557A7
 +
  6ABB3C6E 3FEE163A 4AEB1048 4E45D624 5FB62290 237E51EF 435366D2 7A8C1F0C
 +
  02563314 400970F4 084F20D0 88C37F70 D4BF2678 CFEA2506 09EF05FE 9682FA84
 +
  1F37E1FF F017DB0E 26733D14 525CBC67 711422F9 B9124797 C70F04A6 CB9E4164
 +
  4567DD47 DB5B34E7
 +
  quit
 +
!
 +
!
 +
!
 +
!
 +
!
 +
!
 +
spanning-tree mode mst
 +
spanning-tree etherchannel guard misconfig
 +
spanning-tree extend system-id
 +
!
 +
spanning-tree mst configuration
 +
name REGION2
 +
revision 2
 +
instance 1 vlan 4-5
 +
instance 2 vlan 6, 101
 +
!
 +
spanning-tree mst 1 priority 24576
 +
spanning-tree mst 2 priority 28672
 +
!
 +
vlan internal allocation policy ascending
 +
!
 +
!
 +
!
 +
!
 +
interface Port-channel2
 +
no switchport
 +
ip address 10.0.0.42 255.255.255.252
 +
!
 +
interface Port-channel8
 +
no switchport
 +
ip address 10.0.0.26 255.255.255.252
 +
!
 +
interface FastEthernet0/1
 +
no switchport
 +
no ip address
 +
channel-group 8 mode on
 +
!
 +
interface FastEthernet0/2
 +
no switchport
 +
no ip address
 +
channel-group 8 mode on
 +
!
 +
interface FastEthernet0/3
 +
no switchport
 +
no ip address
 +
channel-group 2 mode on
 +
!
 +
interface FastEthernet0/4
 +
no switchport
 +
no ip address
 +
channel-group 2 mode on
 +
!
 +
interface FastEthernet0/5
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
!
 +
interface FastEthernet0/6
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
!
 +
interface FastEthernet0/7
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
!
 +
interface FastEthernet0/8
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
!
 +
interface FastEthernet0/9
 +
!
 +
interface FastEthernet0/10
 +
!
 +
interface FastEthernet0/11
 +
!
 +
interface FastEthernet0/12
 +
!
 +
interface FastEthernet0/13
 +
!
 +
interface FastEthernet0/14
 +
!
 +
interface FastEthernet0/15
 +
!
 +
interface FastEthernet0/16
 +
!
 +
interface FastEthernet0/17
 +
!
 +
interface FastEthernet0/18
 +
!
 +
interface FastEthernet0/19
 +
!
 +
interface FastEthernet0/20
 +
!
 +
interface FastEthernet0/21
 +
!
 +
interface FastEthernet0/22
 +
!
 +
interface FastEthernet0/23
 +
!
 +
interface FastEthernet0/24
 +
!
 +
interface GigabitEthernet0/1
 +
!
 +
interface GigabitEthernet0/2
 +
!
 +
interface Vlan1
 +
no ip address
 +
!
 +
interface Vlan4
 +
ip address 192.168.4.2 255.255.255.0
 +
standby 4 ip 192.168.4.3
 +
standby 4 timers msec 150 msec 500
 +
standby 4 priority 200
 +
standby 4 preempt
 +
!
 +
interface Vlan5
 +
ip address 192.168.5.2 255.255.255.0
 +
standby 5 ip 192.168.5.3
 +
standby 5 timers msec 150 msec 500
 +
standby 5 priority 200
 +
standby 5 preempt
 +
!
 +
interface Vlan6
 +
ip address 192.168.6.2 255.255.255.0
 +
standby 6 ip 192.168.6.3
 +
standby 6 timers msec 150 msec 500
 +
standby 6 priority 150
 +
standby 6 preempt
 +
!
 +
interface Vlan101
 +
ip address 192.168.101.2 255.255.255.0
 +
standby 101 ip 192.168.101.3
 +
standby 101 timers msec 150 msec 500
 +
standby 101 priority 150
 +
standby 101 preempt
 +
!
 +
router ospf 1
 +
log-adjacency-changes
 +
network 10.0.0.24 0.0.0.3 area 20
 +
network 10.0.0.40 0.0.0.3 area 20
 +
network 192.168.4.0 0.0.0.255 area 20
 +
network 192.168.5.0 0.0.0.255 area 20
 +
network 192.168.6.0 0.0.0.255 area 20
 +
network 192.168.101.0 0.0.0.255 area 20
 +
!
 +
ip classless
 +
ip http server
 +
ip http secure-server
 +
!
 +
!
 +
!
 +
!
 +
control-plane
 +
!
 +
!
 +
line con 0
 +
line vty 0 4
 +
password cisco
 +
login
 +
line vty 5 15
 +
password cisco
 +
login
 +
!
 +
end
 +
 
 +
Distribution3#
 +
 
 +
 
 +
</pre>
 +
 
 +
== Distribution 4 ==
 +
<pre>
 +
Building configuration...
 +
 
 +
Current configuration : 5295 bytes
 +
!
 +
version 12.2
 +
no service pad
 +
service timestamps debug datetime msec
 +
service timestamps log datetime msec
 +
no service password-encryption
 +
!
 +
hostname Distribution4
 +
!
 +
boot-start-marker
 +
boot-end-marker
 +
!
 +
enable secret 5 $1$xp9V$.44zXpqSHz6qF52fkXu9T.
 +
enable password cisco
 +
!
 +
no aaa new-model
 +
system mtu routing 1500
 +
ip subnet-zero
 +
ip routing
 +
no ip domain-lookup
 +
ip name-server 172.16.4.77
 +
no ip dhcp use vrf connected
 +
ip dhcp excluded-address 192.168.6.1 192.168.6.20
 +
ip dhcp excluded-address 192.168.101.1 192.168.101.20
 +
!
 +
ip dhcp pool Lokale6
 +
  network 192.168.6.0 255.255.255.0
 +
  default-router 192.168.6.3
 +
  dns-server 172.16.4.77
 +
!
 +
ip dhcp pool Management
 +
  network 192.168.101.0 255.255.255.0
 +
  default-router 192.168.101.3
 +
  dns-server 172.16.4.77
 +
!
 +
!
 +
!
 +
!
 +
crypto pki trustpoint TP-self-signed-3566145536
 +
enrollment selfsigned
 +
subject-name cn=IOS-Self-Signed-Certificate-3566145536
 +
revocation-check none
 +
rsakeypair TP-self-signed-3566145536
 +
!
 +
!
 +
crypto pki certificate chain TP-self-signed-3566145536
 +
certificate self-signed 01
 +
  30820246 308201AF A0030201 02020101 300D0609 2A864886 F70D0101 04050030
 +
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
 +
  69666963 6174652D 33353636 31343535 3336301E 170D3933 30333031 30303031
 +
  30315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
 +
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 35363631
 +
  34353533 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
 +
  8100CE09 DBDE13D1 3C071CB5 0C7242ED 6C030B46 A861E78F 12321E15 37C4F9CC
 +
  BFA848E5 B67F9CE4 A4EA8B3B 937A1A6F 9E864A37 BBC54F78 E43B0455 CBB26B58
 +
  33F2E5BC 03CE1615 51E8E8DA B18F2126 682F0D26 AD5D62B4 31A26B18 5F29A54D
 +
  90CEF185 C8AD0CC4 0A7CCCC3 757C1655 A872C303 01D64A02 9632C40F 9BFDC544
 +
  66A30203 010001A3 6E306C30 0F060355 1D130101 FF040530 030101FF 30190603
 +
  551D1104 12301082 0E446973 74726962 7574696F 6E342E30 1F060355 1D230418
 +
  30168014 3ADDFEC4 95C6E919 93FE7E64 C24CBD8E 65AE4DDE 301D0603 551D0E04
 +
  1604143A DDFEC495 C6E91993 FE7E64C2 4CBD8E65 AE4DDE30 0D06092A 864886F7
 +
  0D010104 05000381 810073B3 E87E0B0E 471CF94D 2864E4C5 8FD24940 EECF8E29
 +
  BE029B2C 5A41332F 737230AB A601DF9D 6E6537A8 8F15B2A6 0721201F BFEE8EE6
 +
  51A5F253 960B6046 D44D4ADD 3FD06E0D E5556AA0 1EAFF320 BBC39DF2 DC475E40
 +
  D8D30835 05FFD99C 6098224D FAB9A1BE B69E9C68 F4BC09C1 FCDAB18B A167A4A2
 +
  0E116E1B 5D9BC026 EBE1
 +
  quit
 +
!
 +
!
 +
!
 +
!
 +
!
 +
!
 +
spanning-tree mode mst
 +
spanning-tree etherchannel guard misconfig
 +
spanning-tree extend system-id
 +
!
 +
spanning-tree mst configuration
 +
name REGION2
 +
revision 2
 +
instance 1 vlan 4-5
 +
instance 2 vlan 6, 101
 +
!
 +
spanning-tree mst 1 priority 28672
 +
spanning-tree mst 2 priority 24576
 +
!
 +
vlan internal allocation policy ascending
 +
!
 +
!
 +
!
 +
!
 +
interface Port-channel3
 +
no switchport
 +
ip address 10.0.0.22 255.255.255.252
 +
!
 +
interface Port-channel9
 +
no switchport
 +
ip address 10.0.0.38 255.255.255.252
 +
!
 +
interface FastEthernet0/1
 +
no switchport
 +
no ip address
 +
channel-group 9 mode on
 +
!
 +
interface FastEthernet0/2
 +
no switchport
 +
no ip address
 +
channel-group 9 mode on
 +
!
 +
interface FastEthernet0/3
 +
no switchport
 +
no ip address
 +
channel-group 3 mode on
 +
!
 +
interface FastEthernet0/4
 +
no switchport
 +
no ip address
 +
channel-group 3 mode on
 +
!
 +
interface FastEthernet0/5
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
!
 +
interface FastEthernet0/6
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
!
 +
interface FastEthernet0/7
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
!
 +
interface FastEthernet0/8
 +
switchport trunk encapsulation dot1q
 +
switchport mode trunk
 +
!
 +
interface FastEthernet0/9
 +
!
 +
interface FastEthernet0/10
 +
!
 +
interface FastEthernet0/11
 +
!
 +
interface FastEthernet0/12
 +
!
 +
interface FastEthernet0/13
 +
!
 +
interface FastEthernet0/14
 +
!
 +
interface FastEthernet0/15
 +
!
 +
interface FastEthernet0/16
 +
!
 +
interface FastEthernet0/17
 +
!
 +
interface FastEthernet0/18
 +
!
 +
interface FastEthernet0/19
 +
!
 +
interface FastEthernet0/20
 +
!
 +
interface FastEthernet0/21
 +
!
 +
interface FastEthernet0/22
 +
!
 +
interface FastEthernet0/23
 +
!
 +
interface FastEthernet0/24
 +
!
 +
interface GigabitEthernet0/1
 +
!
 +
interface GigabitEthernet0/2
 +
!
 +
interface Vlan1
 +
no ip address
 +
!
 +
interface Vlan4
 +
ip address 192.168.4.1 255.255.255.0
 +
standby 4 ip 192.168.4.3
 +
standby 4 timers msec 150 msec 500
 +
standby 4 priority 150
 +
standby 4 preempt
 +
!
 +
interface Vlan5
 +
ip address 192.168.5.1 255.255.255.0
 +
standby 5 ip 192.168.5.3
 +
standby 5 timers msec 150 msec 500
 +
standby 5 priority 150
 +
standby 5 preempt
 +
!
 +
interface Vlan6
 +
ip address 192.168.6.1 255.255.255.0
 +
standby 6 ip 192.168.6.3
 +
standby 6 timers msec 150 msec 500
 +
standby 6 priority 200
 +
standby 6 preempt
 +
!
 +
interface Vlan101
 +
ip address 192.168.101.1 255.255.255.0
 +
standby 101 ip 192.168.101.3
 +
standby 101 timers msec 150 msec 500
 +
standby 101 priority 200
 +
standby 101 preempt
 +
!
 +
router ospf 1
 +
log-adjacency-changes
 +
network 10.0.0.20 0.0.0.3 area 20
 +
network 10.0.0.36 0.0.0.3 area 20
 +
network 10.0.0.56 0.0.0.3 area 20
 +
network 192.168.4.0 0.0.0.255 area 20
 +
network 192.168.5.0 0.0.0.255 area 20
 +
network 192.168.6.0 0.0.0.255 area 20
 +
network 192.168.101.0 0.0.0.255 area 20
 +
!
 +
ip classless
 +
ip http server
 +
ip http secure-server
 +
!
 +
!
 +
!
 +
!
 +
control-plane
 +
!
 +
!
 +
line con 0
 +
line vty 0 4
 +
password cisco
 +
login
 +
line vty 5 15
 +
password cisco
 +
login
 +
!
 +
end
 +
</pre>
 +
 
 +
= Core Layer =
 +
 
 +
== Core 1 ==
 +
<pre>
 +
 
 +
Building configuration...
 +
 
 +
Current configuration : 3530 bytes
 +
!
 +
version 12.2
 +
no service pad
 +
service timestamps debug uptime
 +
service timestamps log uptime
 +
no service password-encryption
 +
!
 +
hostname Core1
 +
!
 +
enable secret 5 $1$BXJI$n2TaAv/v.uCcaK5s7Uuu60
 +
enable password cisco
 +
!
 +
no aaa new-model
 +
ip subnet-zero
 +
ip routing
 +
!
 +
!
 +
!
 +
!
 +
no file verify auto
 +
spanning-tree mode pvst
 +
spanning-tree extend system-id
 +
!
 +
vlan internal allocation policy ascending
 +
!
 +
!
 +
interface Port-channel1
 +
no switchport
 +
ip address 10.0.0.13 255.255.255.252
 +
!
 +
interface Port-channel3
 +
no switchport
 +
ip address 10.0.0.21 255.255.255.252
 +
ip policy route-map internet
 +
!
 +
interface Port-channel4
 +
no switchport
 +
ip address 10.0.0.5 255.255.255.252
 +
ip policy route-map internet
 +
!
 +
interface Port-channel7
 +
no switchport
 +
ip address 10.0.0.1 255.255.255.252
 +
ip policy route-map internet
 +
!
 +
interface Port-channel8
 +
no switchport
 +
ip address 10.0.0.25 255.255.255.252
 +
ip policy route-map internet
 +
!
 +
interface FastEthernet0/1
 +
no switchport
 +
no ip address
 +
channel-group 7 mode on
 +
!
 +
interface FastEthernet0/2
 +
no switchport
 +
no ip address
 +
channel-group 7 mode on
 +
!
 +
interface FastEthernet0/3
 +
no switchport
 +
no ip address
 +
channel-group 4 mode on
 +
!
 +
interface FastEthernet0/4
 +
no switchport
 +
no ip address
 +
channel-group 4 mode on
 +
!
 +
interface FastEthernet0/5
 +
no switchport
 +
ip address 10.0.0.9 255.255.255.252
 +
!
 +
interface FastEthernet0/6
 +
no switchport
 +
no ip address
 +
channel-group 1 mode on
 +
!
 +
interface FastEthernet0/7
 +
no switchport
 +
no ip address
 +
channel-group 1 mode on
 +
!
 +
interface FastEthernet0/8
 +
no switchport
 +
ip address 10.0.0.17 255.255.255.252
 +
!
 +
interface FastEthernet0/9
 +
no switchport
 +
no ip address
 +
channel-group 3 mode on
 +
!
 +
interface FastEthernet0/10
 +
no switchport
 +
no ip address
 +
channel-group 3 mode on
 +
!
 +
interface FastEthernet0/11
 +
no switchport
 +
no ip address
 +
channel-group 8 mode on
 +
!
 +
interface FastEthernet0/12
 +
no switchport
 +
no ip address
 +
channel-group 8 mode on
 +
!
 +
interface FastEthernet0/13
 +
no switchport
 +
no ip address
 +
!
 +
interface FastEthernet0/14
 +
no switchport
 +
no ip address
 +
!
 +
interface FastEthernet0/15
 +
no switchport
 +
no ip address
 +
!
 +
interface FastEthernet0/16
 +
no switchport
 +
no ip address
 +
!
 +
interface FastEthernet0/17
 +
no switchport
 +
no ip address
 +
!
 +
interface FastEthernet0/18
 +
no switchport
 +
no ip address
 +
!
 +
interface FastEthernet0/19
 +
no switchport
 +
no ip address
 +
!
 +
interface FastEthernet0/20
 +
no switchport
 +
no ip address
 +
!
 +
interface FastEthernet0/21
 +
no switchport
 +
no ip address
 +
!
 +
interface FastEthernet0/22
 +
no switchport
 +
no ip address
 +
!
 +
interface FastEthernet0/23
 +
no switchport
 +
no ip address
 +
!
 +
interface FastEthernet0/24
 +
no switchport
 +
no ip address
 +
!
 +
interface GigabitEthernet0/1
 +
!
 +
interface GigabitEthernet0/2
 +
!
 +
interface Vlan1
 +
no ip address
 +
!
 +
router ospf 10
 +
log-adjacency-changes
 +
network 10.0.0.0 0.0.0.3 area 10
 +
network 10.0.0.4 0.0.0.3 area 10
 +
network 10.0.0.8 0.0.0.3 area 30
 +
network 10.0.0.12 0.0.0.3 area 0
 +
network 10.0.0.16 0.0.0.3 area 30
 +
network 10.0.0.20 0.0.0.3 area 20
 +
network 10.0.0.24 0.0.0.3 area 20
 +
!
 +
ip classless
 +
ip http server
 +
!
 +
!
 +
ip access-list extended test
 +
deny  ip 192.168.3.0 0.0.0.255 10.0.0.0 0.0.0.255
 +
deny  ip 192.168.3.0 0.0.0.255 192.168.0.0 0.0.255.255
 +
permit ip 192.168.3.0 0.0.0.255 any
 +
!
 +
!
 +
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
 +
route-map internet permit 5
 +
match ip address test
 +
set ip next-hop 10.0.0.18
 +
!
 +
route-map internet permit 10
 +
match ip address prefix-list DEFAULT
 +
set ip next-hop 10.0.0.10
 +
!
 +
!
 +
control-plane
 +
!
 +
!
 +
line con 0
 +
line vty 0 4
 +
password cisco
 +
no login
 +
line vty 5 15
 +
password cisco
 +
no login
 
!
 
!
line con 0
 
line vty 0 4
 
exec-timeout 0 0
 
password cisco
 
logging synchronous
 
login
 
line vty 5 15
 
exec-timeout 0 0
 
password cisco
 
logging synchronous
 
login
 
 
!
 
!
 
end
 
end
</pre>
 
 
== Distribution 3 ==
 
<pre>
 
  
</pre>
+
Core1#
  
== Distribution 4 ==
 
<pre>
 
 
</pre>
 
 
= Core Layer =
 
 
== Core 1 ==
 
<pre>
 
  
 
</pre>
 
</pre>

Latest revision as of 14:24, 14 December 2009

Datacenter CCNP 3
Ip Tabel
Al magt til hp

Access Layer

Lokale 1

Building configuration...

Current configuration : 4993 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Lokale1
!
enable secret 5 $1$uw0B$hEkCpsrPMRzcE5hX5UGo90
enable password cisco
!
ip subnet-zero
!
ip dhcp snooping vlan 1 100
ip ssh time-out 120
ip ssh authentication-retries 3
!
!
spanning-tree mode mst
spanning-tree portfast bpduguard default
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
spanning-tree mst configuration
 name REGION1
 revision 1
 instance 1 vlan 1-2
 instance 2 vlan 3, 100
!
!
!
!
!
interface FastEthernet0/1
 switchport mode trunk
 ip dhcp snooping trust
!
interface FastEthernet0/2
 switchport mode trunk
 ip dhcp snooping trust
!
interface FastEthernet0/3
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/4
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/5
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/6
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/7
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/8
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/9
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/10
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/11
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/12
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/13
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/14
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/15
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/16
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/20
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/21
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/22
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/23
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/24
 switchport access vlan 100
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan100
 ip address 192.168.100.11 255.255.255.0
 no ip route-cache
!
ip http server
!
line con 0
line vty 0 4
 password cisco
 login
line vty 5 15
 password cisco
 login
!
!
end

Lokale 2

Building configuration...

Current configuration : 5556 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Lokale2
!
enable secret 5 $1$2P6t$ucjfqPwCMeUBxZyTLav3i.
enable password cisco
!
ip subnet-zero
!
ip dhcp snooping vlan 1 100
ip dhcp snooping
ip ssh time-out 120
ip ssh authentication-retries 3
!
!
spanning-tree mode mst
spanning-tree portfast bpduguard default
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
spanning-tree mst configuration
 name REGION1
 revision 1
 instance 1 vlan 1-2
 instance 2 vlan 3, 100
!
!
!
!
!
interface FastEthernet0/1
 switchport mode trunk
 ip dhcp snooping trust
!
interface FastEthernet0/2
 switchport mode trunk
 ip dhcp snooping trust
!
interface FastEthernet0/3
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/4
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/5
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/6
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/7
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/8
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/9
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/10
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/11
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/12
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/13
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/14
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/15
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/16
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/20
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/21
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/22
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/23
 switchport access vlan 2
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/24
 switchport access vlan 100
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan100
 ip address 192.168.100.12 255.255.255.0
 no ip route-cache
!
ip http server
!
line con 0
line vty 0 4
 password cisco
 login
line vty 5 15
 password cisco
 login
!
!
end

Lokale 3

Building configuration...

Current configuration : 4981 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Lokale3
!
enable secret 5 $1$LOyI$LS5WuzEu24t1OzAwUJP6/.
enable password cisco
!
ip subnet-zero
!
ip dhcp snooping vlan 1 100
ip dhcp snooping
ip ssh time-out 120
ip ssh authentication-retries 3
!
!
spanning-tree mode mst
spanning-tree portfast bpduguard default
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
spanning-tree mst configuration
 name REGION1
 revision 1
 instance 1 vlan 1-2
 instance 2 vlan 3, 100
!
!
!
!
!
interface FastEthernet0/1
 switchport mode trunk
 ip dhcp snooping trust
!
interface FastEthernet0/2
 switchport mode trunk
 ip dhcp snooping trust
!
interface FastEthernet0/3
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/4
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/5
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/6
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/7
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/8
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/9
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/10
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/11
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/12
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/13
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/14
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/15
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/16
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/20
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/21
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/22
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/23
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/24
 description Management vlan 100
 switchport access vlan 100
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security aging time 60
 spanning-tree portfast
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
interface Vlan100
 ip address 192.168.100.13 255.255.255.0
 no ip route-cache
!
ip http server
!
line con 0
line vty 0 4
 password cisco
 login
line vty 5 15
 password cisco
 login
!
!
end

Lokale 4

Building configuration...

Current configuration : 5080 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Lokale4
!
enable secret 5 $1$KOZv$LdtOuJqvW3nmYPoYysh7R1
enable password cisco
!
no aaa new-model
ip subnet-zero
!
ip dhcp snooping vlan 4-6,101
ip dhcp snooping
ip name-server 172.16.4.77
!
!
!
no file verify auto
!
spanning-tree mode mst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
!
spanning-tree mst configuration
 name REGION2
 revision 2
 instance 1 vlan 4-5
 instance 2 vlan 6, 101
!
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
 switchport mode trunk
 ip dhcp snooping trust
!
interface FastEthernet0/2
 switchport mode trunk
 ip dhcp snooping trust
!
interface FastEthernet0/3
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/4
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/5
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/6
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/7
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/8
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/9
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/10
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/11
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/12
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/13
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/14
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/15
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/16
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/20
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/21
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/22
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/23
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/24
 switchport access vlan 101
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 no ip route-cache
!
interface Vlan4
 no ip address
 no ip route-cache
!
interface Vlan101
 ip address 192.168.101.14 255.255.255.0
 no ip route-cache
!
ip http server
!
control-plane
!
!
line con 0
line vty 0 4
 password cisco
 login
line vty 5 15
 password cisco
 login
!
end

Lokale 5

Building configuration...

Current configuration : 5080 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Lokale5
!
enable secret 5 $1$I6yz$c61ibt/0Ifi.QQhsjBPFj1
enable password cisco
!
no aaa new-model
ip subnet-zero
!
ip dhcp snooping vlan 4-6,101
ip dhcp snooping
no ip domain-lookup
!
!
!
no file verify auto
!
spanning-tree mode mst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
!
spanning-tree mst configuration
 name REGRION2
 revision 2
 instance 1 vlan 4-5
 instance 2 vlan 6, 101
!
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
 switchport mode trunk
 ip dhcp snooping trust
!
interface FastEthernet0/2
 switchport mode trunk
 ip dhcp snooping trust
!
interface FastEthernet0/3
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/4
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/5
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/6
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/7
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/8
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/9
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/10
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/11
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/12
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/13
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/14
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/15
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/16
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/20
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/21
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/22
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/23
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/24
 switchport access vlan 101
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 no ip route-cache
!
interface Vlan5
 no ip address
 no ip route-cache
!
interface Vlan101
 ip address 192.168.101.15 255.255.255.0
 no ip route-cache
!
ip http server
!
control-plane
!
!
line con 0
line vty 0 4
 password cisco
 no login
line vty 5 15
 password cisco
 no login
!
end

Lokale 6

Building configuration...

Current configuration : 5084 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Lokale6
!
enable secret 5 $1$Srka$tMOedwmQMi4WzrGo.b2YX/
enable password cisco
!
no aaa new-model
ip subnet-zero
!
ip dhcp snooping vlan 4-6,101
!
!
!
no file verify auto
!
spanning-tree mode mst
spanning-tree portfast bpduguard default
spanning-tree extend system-id
!
spanning-tree mst configuration
 name REGION2
 revision 2
 instance 1 vlan 4-5
 instance 2 vlan 6, 101
!
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
 switchport mode trunk
 ip dhcp snooping trust
!
interface FastEthernet0/2
 switchport mode trunk
 ip dhcp snooping trust
!
interface FastEthernet0/3
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/4
 switchport access vlan 6
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/5
 switchport access vlan 6
 switchport mode access
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/6
 switchport access vlan 6
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/7
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/8
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/9
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/10
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/11
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/12
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/13
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/14
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/15
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/16
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/20
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/21
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/22
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/23
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface FastEthernet0/24
 switchport access vlan 101
 switchport mode access
 switchport port-security maximum 2
 switchport port-security
 switchport port-security aging time 60
 spanning-tree portfast
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 no ip route-cache
!
interface Vlan6
 no ip address
 no ip route-cache
!
interface Vlan101
 ip address 192.168.101.16 255.255.255.0
 no ip route-cache
!
ip http server
!
control-plane
!
!
line con 0
line vty 0 4
 password cisco
 no login
line vty 5 15
 password cisco
 no login
!
end

Distribution Layer

Distribution 1

Building configuration...

Current configuration : 5273 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Distribution1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$6Cq4$2JJ2WoEIpkhErwkOkQFwb.
enable password cisco
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
ip routing
no ip domain-lookup
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.20
ip dhcp excluded-address 192.168.2.1 192.168.2.20
!
ip dhcp pool Lokale1
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.3
   dns-server 172.16.4.77
!
ip dhcp pool Lokale2
   network 192.168.2.0 255.255.255.0
   default-router 192.168.2.3
   dns-server 172.16.4.77
!
!
!
!
crypto pki trustpoint TP-self-signed-201700352
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-201700352
 revocation-check none
 rsakeypair TP-self-signed-201700352
!
!
crypto pki certificate chain TP-self-signed-201700352
 certificate self-signed 01
  30820244 308201AD A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 32303137 30303335 32301E17 0D393330 33303130 30303130
  305A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3230 31373030
  33353230 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
  C037C167 F4C36547 30273FA3 A9F114E7 2987E23C 45C63C19 B728D92F 3F0F5D81
  FA590DAD 5CB8A9F1 410A7775 BA4C8C46 99A375E7 BB4501AD 1E5EA063 BDD657C9
  71B08A7F 480DBA2D A1FE403E F6DB281E ED66CB2E AF2AA97C 53B93EEB 50CF3745
  327851B9 6D6AA1FE 985D9654 45B4F445 70729C77 93ECA5CE 3F7356F2 E256BC8B
  02030100 01A36E30 6C300F06 03551D13 0101FF04 05300301 01FF3019 0603551D
  11041230 10820E44 69737472 69627574 696F6E31 2E301F06 03551D23 04183016
  8014C42D FB57C926 B42FA71E BE55D5D7 13A7D8B0 1821301D 0603551D 0E041604
  14C42DFB 57C926B4 2FA71EBE 55D5D713 A7D8B018 21300D06 092A8648 86F70D01
  01040500 03818100 4953F22D D2BD99DE 3BFE27EB 9501FB2C BDF39899 07C2932A
  023F7F71 56190673 81803DB9 76DF3FAE 74A24B5F 9628BF08 3315D673 E5741E10
  8255C041 BEC57E3E AAD42992 8B299643 8930DC2D 08A68953 068AEF34 B4BE4BE1
  F5C8F31D 0A20310F 5C31A5B9 B69FAD5E EEC99907 1CD0CDBE EBBE9A00 6705E270
  AC2F7077 AAFC0B48
  quit
!
!
!
!
!
!
spanning-tree mode mst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
spanning-tree mst configuration
 name REGION1
 revision 1
 instance 1 vlan 1-2
 instance 2 vlan 3, 100
!
spanning-tree mst 1 priority 24576
spanning-tree mst 2 priority 28672
!
vlan internal allocation policy ascending
!
!
!
!
interface Port-channel5
 no switchport
 ip address 10.0.0.46 255.255.255.252
!
interface Port-channel7
 no switchport
 ip address 10.0.0.2 255.255.255.252
!
interface FastEthernet0/1
 no switchport
 no ip address
 channel-group 7 mode on
!
interface FastEthernet0/2
 no switchport
 no ip address
 channel-group 7 mode on
!
interface FastEthernet0/3
 no switchport
 no ip address
 channel-group 5 mode on
!
interface FastEthernet0/4
 no switchport
 no ip address
 channel-group 5 mode on
!
interface FastEthernet0/5
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/6
 switchport trunk encapsulation dot1q
 switchport mode trunk
 spanning-tree mst pre-standard
!
interface FastEthernet0/7
 switchport trunk encapsulation dot1q
 switchport mode trunk
 spanning-tree mst pre-standard
!
interface FastEthernet0/8
 switchport trunk encapsulation dot1q
 switchport mode trunk
 spanning-tree mst pre-standard
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 ip address 192.168.1.2 255.255.255.0
 standby 1 ip 192.168.1.3
 standby 1 timers msec 150 msec 500
 standby 1 priority 200
 standby 1 preempt
!
interface Vlan2
 ip address 192.168.2.2 255.255.255.0
 standby 1 timers msec 150 msec 500
 standby 2 ip 192.168.2.3
 standby 2 priority 200
 standby 2 preempt
!
interface Vlan3
 ip address 192.168.3.2 255.255.255.0
 standby 1 timers msec 150 msec 500
 standby 3 ip 192.168.3.3
 standby 3 priority 150
 standby 3 preempt
!
interface Vlan100
 ip address 192.168.100.2 255.255.255.0
 standby 1 timers msec 150 msec 500
 standby 100 ip 192.168.100.3
 standby 100 priority 150
 standby 100 preempt
!
router ospf 10
 log-adjacency-changes
 network 10.0.0.0 0.0.0.3 area 10
 network 10.0.0.44 0.0.0.3 area 10
 network 192.168.1.0 0.0.0.255 area 10
 network 192.168.2.0 0.0.0.255 area 10
 network 192.168.3.0 0.0.0.255 area 10
 network 192.168.100.0 0.0.0.255 area 10
!
ip classless
ip http server
ip http secure-server
!
!
!
!
control-plane
!
!
line con 0
line vty 0 4
 password cisco
 login
line vty 5 15
 password cisco
 login
!
end

Distribution 2

Building configuration...

Current configuration : 6251 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Distribution2
!
enable secret 5 $1$pEkP$V/sE.K6gTww6uBWPNRK060
enable password cisco
!
no aaa new-model
ip subnet-zero
ip routing
ip dhcp excluded-address 192.168.3.1 192.168.3.20
ip dhcp excluded-address 192.168.100.1 192.168.100.20
!
ip dhcp pool Lokale3
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.3
   dns-server 172.16.4.77
!
ip dhcp pool Management
   network 192.168.100.0 255.255.255.0
   default-router 192.168.100.3
   dns-server 172.16.4.77
!
!
!
crypto pki trustpoint TP-self-signed-1708353664
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1708353664
 revocation-check none
 rsakeypair TP-self-signed-1708353664
!
!
crypto pki certificate chain TP-self-signed-1708353664
 certificate self-signed 01
  30820246 308201AF A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 31373038 33353336 3634301E 170D3933 30333031 30303031
  30385A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37303833
  35333636 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100BB1C 4EB2426C 154FE1EC A921C666 B8A7B001 5B32CC4A 5AEFDF28 AD1163EC
  99A0BD35 C035EB94 6EB3E5EF F8EF6F79 72E2C2E0 DEC9E587 5AFE353F 5A3100F2
  890BD9EA D189A010 1B352DF0 03F477A7 A23ACFAF D6743C5E 08FCBE6D 44EF3E4D
  04BFEA58 573F5ECC 6F3509D8 6B603D74 296FE485 7EDD39D8 318DD050 D2A871E8
  68110203 010001A3 6E306C30 0F060355 1D130101 FF040530 030101FF 30190603
  551D1104 12301082 0E446973 74726962 7574696F 6E322E30 1F060355 1D230418
  30168014 DB7110DA F3D5436A 80BA951B F015E53C 446E2C32 301D0603 551D0E04
  160414DB 7110DAF3 D5436A80 BA951BF0 15E53C44 6E2C3230 0D06092A 864886F7
  0D010104 05000381 81000A06 CB3DB008 64B56E19 2DAD6A83 22B538B5 1CD5B0D7
  DE7D83B9 5F64337C 0F42ED1B 3B2075C2 6A3F2A36 DE873A8F FA5546A1 EAED43DB
  4F7B9186 A71BA26B 8689FB18 B5E923D7 649548EE 79EB2E9B 41D542C5 2C6C18FC
  D9BF10E8 E66065A0 1D67F658 B837D2D8 8A5E218F E89A1D62 85029DB0 8CB27D76
  EC50335C 9F70886C 32DF
  quit
!
!
!
spanning-tree mode mst
spanning-tree extend system-id
!
spanning-tree mst configuration
 name REGION1
 revision 1
 instance 1 vlan 1-2
 instance 2 vlan 3, 100
!
spanning-tree mst 1 priority 28672
spanning-tree mst 2 priority 24576
!
vlan internal allocation policy ascending
!
!
!
!
!
!
interface Port-channel4
 no switchport
 ip address 10.0.0.6 255.255.255.252
!
interface Port-channel6
 no switchport
 ip address 10.0.0.50 255.255.255.252
!
interface FastEthernet0/1
 no switchport
 no ip address
 channel-group 6 mode on
!
interface FastEthernet0/2
 no switchport
 no ip address
 channel-group 6 mode on
!
interface FastEthernet0/3
 no switchport
 no ip address
 channel-group 4 mode on
!
interface FastEthernet0/4
 no switchport
 no ip address
 channel-group 4 mode on
!
interface FastEthernet0/5
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/6
 switchport trunk encapsulation dot1q
 switchport mode trunk
 spanning-tree mst pre-standard
!
interface FastEthernet0/7
 switchport trunk encapsulation dot1q
 switchport mode trunk
 spanning-tree mst pre-standard
!
interface FastEthernet0/8
 switchport trunk encapsulation dot1q
 switchport mode trunk
 spanning-tree mst pre-standard
!
interface FastEthernet0/9
 switchport mode dynamic desirable
!
interface FastEthernet0/10
 switchport mode dynamic desirable
!
interface FastEthernet0/11
 switchport mode dynamic desirable
!
interface FastEthernet0/12
 switchport mode dynamic desirable
!
interface FastEthernet0/13
 switchport mode dynamic desirable
!
interface FastEthernet0/14
 switchport mode dynamic desirable
!
interface FastEthernet0/15
 switchport mode dynamic desirable
!
interface FastEthernet0/16
 switchport mode dynamic desirable
!
interface FastEthernet0/17
 switchport mode dynamic desirable
!
interface FastEthernet0/18
 switchport mode dynamic desirable
!
interface FastEthernet0/19
 switchport mode dynamic desirable
!
interface FastEthernet0/20
 switchport mode dynamic desirable
!
interface FastEthernet0/21
 switchport mode dynamic desirable
!
interface FastEthernet0/22
 switchport mode dynamic desirable
!
interface FastEthernet0/23
 switchport mode dynamic desirable
!
interface FastEthernet0/24
 switchport mode dynamic desirable
!
interface GigabitEthernet0/1
 switchport mode dynamic desirable
!
interface GigabitEthernet0/2
 switchport mode dynamic desirable
!
interface Vlan1
 ip address 192.168.1.1 255.255.255.0
 standby 1 ip 192.168.1.3
 standby 1 timers msec 150 msec 500
 standby 1 priority 150
 standby 1 preempt
!
interface Vlan2
 ip address 192.168.2.1 255.255.255.0
 standby 2 ip 192.168.2.3
 standby 2 timers msec 150 msec 500
 standby 2 priority 150
 standby 2 preempt
!
interface Vlan3
 ip address 192.168.3.1 255.255.255.0
 standby 3 ip 192.168.3.3
 standby 3 timers msec 150 msec 500
 standby 3 priority 200
 standby 3 preempt
!
interface Vlan100
 ip address 192.168.100.1 255.255.255.0
 standby 100 ip 192.168.100.3
 standby 100 timers msec 150 msec 500
 standby 100 priority 200
 standby 100 preempt
!
router ospf 10
 log-adjacency-changes
 network 10.0.0.4 0.0.0.3 area 10
 network 10.0.0.48 0.0.0.3 area 10
 network 192.168.1.0 0.0.0.255 area 10
 network 192.168.2.0 0.0.0.255 area 10
 network 192.168.3.0 0.0.0.255 area 10
 network 192.168.100.0 0.0.0.255 area 10
!
ip classless
ip http server
ip http secure-server
!
!
ip access-list extended EXTERN
 permit ip 192.168.0.0 0.0.255.255 any
 permit ip 10.0.0.0 0.255.255.255 any
ip access-list extended INTERN
 permit ip any 10.0.0.0 0.255.255.255
 permit ip any 192.168.0.0 0.0.255.255
 deny   ip any any
!
route-map tester permit 10
!
route-map INTERNET permit 10
 match ip address INTERN
!
route-map INTERNET permit 20
 match ip address EXTERN
 set ip next-hop 10.0.0.10
!
!
control-plane
!
!
line con 0
line vty 0 4
 exec-timeout 0 0
 password cisco
 logging synchronous
 login
line vty 5 15
 exec-timeout 0 0
 password cisco
 logging synchronous
 login
!
end

Distribution 3


Building configuration...

Current configuration : 5220 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Distribution3
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$36zr$fFbFrAnE1AxVLaskUDIQD0
enable password cisco
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
ip routing
ip name-server 172.16.4.77
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.4.1 192.168.4.20
ip dhcp excluded-address 192.168.5.1 192.168.5.20
!
ip dhcp pool Lokale4
   network 192.168.4.0 255.255.255.0
   dns-server 172.16.4.77
   default-router 192.168.4.3
!
ip dhcp pool Lokale5
   network 192.168.5.0 255.255.255.0
   dns-server 172.16.4.77
   default-router 192.168.5.3
!
!
!
!
crypto pki trustpoint TP-self-signed-410825728
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-410825728
 revocation-check none
 rsakeypair TP-self-signed-410825728
!
!
crypto pki certificate chain TP-self-signed-410825728
 certificate self-signed 01
  30820244 308201AD A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 34313038 32353732 38301E17 0D393330 33303130 30303035
  375A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3431 30383235
  37323830 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
  E8DB7DE8 3C07C5D1 3D6049B8 DC0094CD 71D511F2 78B9A43D D0F5E49E 40814DAF
  2373C9A1 DC611C26 1B180668 E627A4BE AFC6A372 92879186 CFCF36E7 FC6FDA3F
  FCF8C9C4 EF116036 60470590 09190B6B 982A3DA6 DA7B88CB 0EF93063 CD52301C
  E33A3217 C59114B9 3C20FFFD 1EF08197 F1C0A28F CDBE2EE2 34323521 5CA41B83
  02030100 01A36E30 6C300F06 03551D13 0101FF04 05300301 01FF3019 0603551D
  11041230 10820E44 69737472 69627574 696F6E33 2E301F06 03551D23 04183016
  80140A7F 8FAB416A B162C720 BCE7FFCA E02F3B74 A63A301D 0603551D 0E041604
  140A7F8F AB416AB1 62C720BC E7FFCAE0 2F3B74A6 3A300D06 092A8648 86F70D01
  01040500 03818100 3C73A52B 612FDA78 C5FF0E2E 6B46CAF6 9A2D6124 1CC557A7
  6ABB3C6E 3FEE163A 4AEB1048 4E45D624 5FB62290 237E51EF 435366D2 7A8C1F0C
  02563314 400970F4 084F20D0 88C37F70 D4BF2678 CFEA2506 09EF05FE 9682FA84
  1F37E1FF F017DB0E 26733D14 525CBC67 711422F9 B9124797 C70F04A6 CB9E4164
  4567DD47 DB5B34E7
  quit
!
!
!
!
!
!
spanning-tree mode mst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
spanning-tree mst configuration
 name REGION2
 revision 2
 instance 1 vlan 4-5
 instance 2 vlan 6, 101
!
spanning-tree mst 1 priority 24576
spanning-tree mst 2 priority 28672
!
vlan internal allocation policy ascending
!
!
!
!
interface Port-channel2
 no switchport
 ip address 10.0.0.42 255.255.255.252
!
interface Port-channel8
 no switchport
 ip address 10.0.0.26 255.255.255.252
!
interface FastEthernet0/1
 no switchport
 no ip address
 channel-group 8 mode on
!
interface FastEthernet0/2
 no switchport
 no ip address
 channel-group 8 mode on
!
interface FastEthernet0/3
 no switchport
 no ip address
 channel-group 2 mode on
!
interface FastEthernet0/4
 no switchport
 no ip address
 channel-group 2 mode on
!
interface FastEthernet0/5
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/6
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/7
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/8
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
!
interface Vlan4
 ip address 192.168.4.2 255.255.255.0
 standby 4 ip 192.168.4.3
 standby 4 timers msec 150 msec 500
 standby 4 priority 200
 standby 4 preempt
!
interface Vlan5
 ip address 192.168.5.2 255.255.255.0
 standby 5 ip 192.168.5.3
 standby 5 timers msec 150 msec 500
 standby 5 priority 200
 standby 5 preempt
!
interface Vlan6
 ip address 192.168.6.2 255.255.255.0
 standby 6 ip 192.168.6.3
 standby 6 timers msec 150 msec 500
 standby 6 priority 150
 standby 6 preempt
!
interface Vlan101
 ip address 192.168.101.2 255.255.255.0
 standby 101 ip 192.168.101.3
 standby 101 timers msec 150 msec 500
 standby 101 priority 150
 standby 101 preempt
!
router ospf 1
 log-adjacency-changes
 network 10.0.0.24 0.0.0.3 area 20
 network 10.0.0.40 0.0.0.3 area 20
 network 192.168.4.0 0.0.0.255 area 20
 network 192.168.5.0 0.0.0.255 area 20
 network 192.168.6.0 0.0.0.255 area 20
 network 192.168.101.0 0.0.0.255 area 20
!
ip classless
ip http server
ip http secure-server
!
!
!
!
control-plane
!
!
line con 0
line vty 0 4
 password cisco
 login
line vty 5 15
 password cisco
 login
!
end

Distribution3#


Distribution 4

Building configuration...

Current configuration : 5295 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Distribution4
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$xp9V$.44zXpqSHz6qF52fkXu9T.
enable password cisco
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
ip routing
no ip domain-lookup
ip name-server 172.16.4.77
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.6.1 192.168.6.20
ip dhcp excluded-address 192.168.101.1 192.168.101.20
!
ip dhcp pool Lokale6
   network 192.168.6.0 255.255.255.0
   default-router 192.168.6.3
   dns-server 172.16.4.77
!
ip dhcp pool Management
   network 192.168.101.0 255.255.255.0
   default-router 192.168.101.3
   dns-server 172.16.4.77
!
!
!
!
crypto pki trustpoint TP-self-signed-3566145536
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3566145536
 revocation-check none
 rsakeypair TP-self-signed-3566145536
!
!
crypto pki certificate chain TP-self-signed-3566145536
 certificate self-signed 01
  30820246 308201AF A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 33353636 31343535 3336301E 170D3933 30333031 30303031
  30315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 35363631
  34353533 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100CE09 DBDE13D1 3C071CB5 0C7242ED 6C030B46 A861E78F 12321E15 37C4F9CC
  BFA848E5 B67F9CE4 A4EA8B3B 937A1A6F 9E864A37 BBC54F78 E43B0455 CBB26B58
  33F2E5BC 03CE1615 51E8E8DA B18F2126 682F0D26 AD5D62B4 31A26B18 5F29A54D
  90CEF185 C8AD0CC4 0A7CCCC3 757C1655 A872C303 01D64A02 9632C40F 9BFDC544
  66A30203 010001A3 6E306C30 0F060355 1D130101 FF040530 030101FF 30190603
  551D1104 12301082 0E446973 74726962 7574696F 6E342E30 1F060355 1D230418
  30168014 3ADDFEC4 95C6E919 93FE7E64 C24CBD8E 65AE4DDE 301D0603 551D0E04
  1604143A DDFEC495 C6E91993 FE7E64C2 4CBD8E65 AE4DDE30 0D06092A 864886F7
  0D010104 05000381 810073B3 E87E0B0E 471CF94D 2864E4C5 8FD24940 EECF8E29
  BE029B2C 5A41332F 737230AB A601DF9D 6E6537A8 8F15B2A6 0721201F BFEE8EE6
  51A5F253 960B6046 D44D4ADD 3FD06E0D E5556AA0 1EAFF320 BBC39DF2 DC475E40
  D8D30835 05FFD99C 6098224D FAB9A1BE B69E9C68 F4BC09C1 FCDAB18B A167A4A2
  0E116E1B 5D9BC026 EBE1
  quit
!
!
!
!
!
!
spanning-tree mode mst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
spanning-tree mst configuration
 name REGION2
 revision 2
 instance 1 vlan 4-5
 instance 2 vlan 6, 101
!
spanning-tree mst 1 priority 28672
spanning-tree mst 2 priority 24576
!
vlan internal allocation policy ascending
!
!
!
!
interface Port-channel3
 no switchport
 ip address 10.0.0.22 255.255.255.252
!
interface Port-channel9
 no switchport
 ip address 10.0.0.38 255.255.255.252
!
interface FastEthernet0/1
 no switchport
 no ip address
 channel-group 9 mode on
!
interface FastEthernet0/2
 no switchport
 no ip address
 channel-group 9 mode on
!
interface FastEthernet0/3
 no switchport
 no ip address
 channel-group 3 mode on
!
interface FastEthernet0/4
 no switchport
 no ip address
 channel-group 3 mode on
!
interface FastEthernet0/5
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/6
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/7
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/8
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
!
interface Vlan4
 ip address 192.168.4.1 255.255.255.0
 standby 4 ip 192.168.4.3
 standby 4 timers msec 150 msec 500
 standby 4 priority 150
 standby 4 preempt
!
interface Vlan5
 ip address 192.168.5.1 255.255.255.0
 standby 5 ip 192.168.5.3
 standby 5 timers msec 150 msec 500
 standby 5 priority 150
 standby 5 preempt
!
interface Vlan6
 ip address 192.168.6.1 255.255.255.0
 standby 6 ip 192.168.6.3
 standby 6 timers msec 150 msec 500
 standby 6 priority 200
 standby 6 preempt
!
interface Vlan101
 ip address 192.168.101.1 255.255.255.0
 standby 101 ip 192.168.101.3
 standby 101 timers msec 150 msec 500
 standby 101 priority 200
 standby 101 preempt
!
router ospf 1
 log-adjacency-changes
 network 10.0.0.20 0.0.0.3 area 20
 network 10.0.0.36 0.0.0.3 area 20
 network 10.0.0.56 0.0.0.3 area 20
 network 192.168.4.0 0.0.0.255 area 20
 network 192.168.5.0 0.0.0.255 area 20
 network 192.168.6.0 0.0.0.255 area 20
 network 192.168.101.0 0.0.0.255 area 20
!
ip classless
ip http server
ip http secure-server
!
!
!
!
control-plane
!
!
line con 0
line vty 0 4
 password cisco
 login
line vty 5 15
 password cisco
 login
!
end

Core Layer

Core 1


Building configuration...

Current configuration : 3530 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Core1
!
enable secret 5 $1$BXJI$n2TaAv/v.uCcaK5s7Uuu60
enable password cisco
!
no aaa new-model
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
interface Port-channel1
 no switchport
 ip address 10.0.0.13 255.255.255.252
!
interface Port-channel3
 no switchport
 ip address 10.0.0.21 255.255.255.252
 ip policy route-map internet
!
interface Port-channel4
 no switchport
 ip address 10.0.0.5 255.255.255.252
 ip policy route-map internet
!
interface Port-channel7
 no switchport
 ip address 10.0.0.1 255.255.255.252
 ip policy route-map internet
!
interface Port-channel8
 no switchport
 ip address 10.0.0.25 255.255.255.252
 ip policy route-map internet
!
interface FastEthernet0/1
 no switchport
 no ip address
 channel-group 7 mode on
!
interface FastEthernet0/2
 no switchport
 no ip address
 channel-group 7 mode on
!
interface FastEthernet0/3
 no switchport
 no ip address
 channel-group 4 mode on
!
interface FastEthernet0/4
 no switchport
 no ip address
 channel-group 4 mode on
!
interface FastEthernet0/5
 no switchport
 ip address 10.0.0.9 255.255.255.252
!
interface FastEthernet0/6
 no switchport
 no ip address
 channel-group 1 mode on
!
interface FastEthernet0/7
 no switchport
 no ip address
 channel-group 1 mode on
!
interface FastEthernet0/8
 no switchport
 ip address 10.0.0.17 255.255.255.252
!
interface FastEthernet0/9
 no switchport
 no ip address
 channel-group 3 mode on
!
interface FastEthernet0/10
 no switchport
 no ip address
 channel-group 3 mode on
!
interface FastEthernet0/11
 no switchport
 no ip address
 channel-group 8 mode on
!
interface FastEthernet0/12
 no switchport
 no ip address
 channel-group 8 mode on
!
interface FastEthernet0/13
 no switchport
 no ip address
!
interface FastEthernet0/14
 no switchport
 no ip address
!
interface FastEthernet0/15
 no switchport
 no ip address
!
interface FastEthernet0/16
 no switchport
 no ip address
!
interface FastEthernet0/17
 no switchport
 no ip address
!
interface FastEthernet0/18
 no switchport
 no ip address
!
interface FastEthernet0/19
 no switchport
 no ip address
!
interface FastEthernet0/20
 no switchport
 no ip address
!
interface FastEthernet0/21
 no switchport
 no ip address
!
interface FastEthernet0/22
 no switchport
 no ip address
!
interface FastEthernet0/23
 no switchport
 no ip address
!
interface FastEthernet0/24
 no switchport
 no ip address
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
!
router ospf 10
 log-adjacency-changes
 network 10.0.0.0 0.0.0.3 area 10
 network 10.0.0.4 0.0.0.3 area 10
 network 10.0.0.8 0.0.0.3 area 30
 network 10.0.0.12 0.0.0.3 area 0
 network 10.0.0.16 0.0.0.3 area 30
 network 10.0.0.20 0.0.0.3 area 20
 network 10.0.0.24 0.0.0.3 area 20
!
ip classless
ip http server
!
!
ip access-list extended test
 deny   ip 192.168.3.0 0.0.0.255 10.0.0.0 0.0.0.255
 deny   ip 192.168.3.0 0.0.0.255 192.168.0.0 0.0.255.255
 permit ip 192.168.3.0 0.0.0.255 any
!
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
route-map internet permit 5
 match ip address test
 set ip next-hop 10.0.0.18
!
route-map internet permit 10
 match ip address prefix-list DEFAULT
 set ip next-hop 10.0.0.10
!
!
control-plane
!
!
line con 0
line vty 0 4
 password cisco
 no login
line vty 5 15
 password cisco
 no login
!
!
end

Core1#


Core 2


Building configuration...

Current configuration : 3574 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Core2
!
enable secret 5 $1$8LPE$BNGBYpQDx1Jey86SO5.zu.
enable password cisco
!
no aaa new-model
ip subnet-zero
ip routing
ip host dist1 10.0.0.2
ip host core1 10.0.0.1
ip host gw1 10.0.0.10
ip host ac6 192.168.101.16
ip host ac5 192.168.101.15
ip host ac4 192.168.101.14
ip host ac3 192.168.100.13
ip host ac2 192.168.100.12
ip host ac1 192.168.100.11
ip host dist4 10.0.0.38
ip host dist3 10.0.0.26
ip host dist2 10.0.0.50
ip host core2 10.0.0.29
ip host gw2 10.0.0.18
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
interface Port-channel1
 no switchport
 ip address 10.0.0.14 255.255.255.252
!
interface Port-channel2
 no switchport
 ip address 10.0.0.41 255.255.255.252
 ip policy route-map internet
!
interface Port-channel5
 no switchport
 ip address 10.0.0.45 255.255.255.252
 ip policy route-map internet
!
interface Port-channel6
 no switchport
 ip address 10.0.0.49 255.255.255.252
 ip policy route-map internet
!
interface Port-channel9
 no switchport
 ip address 10.0.0.37 255.255.255.252
 ip policy route-map internet
!
interface FastEthernet0/1
 no switchport
 ip address 10.0.0.29 255.255.255.252
!
interface FastEthernet0/2
 no switchport
 ip address 10.0.0.33 255.255.255.252
!
interface FastEthernet0/3
 no switchport
 no ip address
 channel-group 9 mode on
!
interface FastEthernet0/4
 no switchport
 no ip address
 channel-group 9 mode on
!
interface FastEthernet0/5
 no switchport
 no ip address
 channel-group 2 mode on
!
interface FastEthernet0/6
 no switchport
 no ip address
 channel-group 2 mode on
!
interface FastEthernet0/7
 no switchport
 no ip address
 channel-group 1 mode on
!
interface FastEthernet0/8
 no switchport
 no ip address
 channel-group 1 mode on
!
interface FastEthernet0/9
 no switchport
 no ip address
 channel-group 5 mode on
!
interface FastEthernet0/10
 no switchport
 no ip address
 channel-group 5 mode on
!
interface FastEthernet0/11
 no switchport
 no ip address
 channel-group 6 mode on
!
interface FastEthernet0/12
 no switchport
 no ip address
 channel-group 6 mode on
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
!
router ospf 1
 log-adjacency-changes
 network 10.0.0.12 0.0.0.3 area 0
 network 10.0.0.28 0.0.0.3 area 30
 network 10.0.0.32 0.0.0.3 area 30
 network 10.0.0.36 0.0.0.3 area 20
 network 10.0.0.40 0.0.0.3 area 20
 network 10.0.0.44 0.0.0.3 area 10
 network 10.0.0.48 0.0.0.3 area 10
!
ip classless
ip http server
!
!
ip access-list extended test
 deny   ip 192.168.3.0 0.0.0.255 10.0.0.0 0.0.0.255
 deny   ip 192.168.3.0 0.0.0.255 192.168.0.0 0.0.255.255
 permit ip 192.168.3.0 0.0.0.255 any
!
!
ip prefix-list DEFAULT seq 5 permit 0.0.0.0/0
route-map internet permit 5
 match ip address test
 set ip next-hop 10.0.0.30
!
route-map internet permit 10
 match ip address prefix-list DEFAULT
 set ip next-hop 10.0.0.34
!
!
control-plane
!
!
line con 0
line vty 0 4
 exec-timeout 0 0
 password cisco
 logging synchronous
 login
line vty 5 15
 exec-timeout 0 0
 password cisco
 login
!
!
end

Core2#


Gateways

Gateway 1


Building configuration...

Current configuration : 2317 bytes
!
! Last configuration change at 09:09:32 UTC Mon Dec 14 2009
! NVRAM config last updated at 13:00:01 UTC Fri Dec 11 2009
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Gateway1
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$SVTy$kFFE8ZQHYNjdhokEH84Gn0
enable password cisco
!
no aaa new-model
!
resource policy
!
ip cef
!
!
!
!
no ip domain lookup
ip host dist3 10.0.0.26
ip host dist2 10.0.0.50
ip host core1 10.0.0.1
ip host core2 10.0.0.29
ip host dist1 10.0.0.2
ip host ac3 192.168.100.13
ip host ac2 192.168.100.12
ip host dist4 10.0.0.38
ip host ac6 192.168.101.16
ip host ac5 192.168.101.15
ip host ac4 192.168.101.14
ip host gw1 10.0.0.10
ip host gw2 10.0.0.18
ip host ac1 192.168.100.11
!
!
!
voice-card 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.254.0.1 255.255.255.255
!
interface FastEthernet0/0
 ip address 10.0.0.10 255.255.255.252
 ip nat inside
 ip virtual-reassembly
 speed auto
 full-duplex
 no mop enabled
!
interface FastEthernet0/1
 ip address 10.0.0.30 255.255.255.252
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1/0
 switchport access vlan 20
!
interface FastEthernet0/1/1
 shutdown
!
interface FastEthernet0/1/2
 shutdown
!
interface FastEthernet0/1/3
 shutdown
!
interface Serial0/2/0
 no ip address
 shutdown
 no fair-queue
 clock rate 2000000
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan20
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
!
router ospf 1
 log-adjacency-changes
 network 10.0.0.8 0.0.0.3 area 30
 network 10.0.0.28 0.0.0.3 area 30
 default-information originate
!
ip route 0.0.0.0 0.0.0.0 dhcp
!
!
ip http server
no ip http secure-server
ip nat inside source list Internet interface Vlan20 overload
ip nat inside source static tcp 10.254.0.1 23 interface Vlan20 23
!
ip access-list extended Internet
 permit ip 10.0.0.0 0.0.0.255 any
 permit ip 192.168.0.0 0.7.255.255 any
 permit ip 192.168.100.0 0.0.0.255 any
 permit ip 192.168.101.0 0.0.0.255 any
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 exec-timeout 0 0
 password cisco
 login
line vty 5 15
 exec-timeout 0 0
 password cisco
 login
!
scheduler allocate 20000 1000
end

Gateway1#


Gateway 2


Building configuration...

Current configuration : 2228 bytes
!
! No configuration change since last restart
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Gateway2
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$vuPD$gxv5UIIr85nInRV.U0A4y/
enable password cisco
!
no aaa new-model
!
resource policy
!
ip cef
!
!
!
!
ip host ac4 192.168.101.14
ip host gw1 10.0.0.10
ip host gw2 10.0.0.18
ip host core1 10.0.0.1
ip host core2 10.0.0.29
ip host dist1 10.0.0.2
ip host dist2 10.0.0.50
ip host dist3 10.0.0.26
ip host dist4 10.0.0.38
ip host ac1 192.168.100.11
ip host ac2 192.168.100.12
ip host ac3 192.168.100.13
ip host ac5 192.168.101.15
ip host ac6 192.168.101.16
!
!
!
voice-card 0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.254.0.2 255.255.255.255
!
interface FastEthernet0/0
 ip address 10.0.0.34 255.255.255.252
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
 no mop enabled
!
interface FastEthernet0/1
 ip address 10.0.0.18 255.255.255.252
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/3/0
 switchport access vlan 10
!
interface FastEthernet0/3/1
 shutdown
!
interface FastEthernet0/3/2
 shutdown
!
interface FastEthernet0/3/3
 shutdown
!
interface Serial0/1/0
 no ip address
 shutdown
 no fair-queue
 clock rate 2000000
!
interface Serial0/1/1
 no ip address
 shutdown
 clock rate 2000000
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan10
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
!
router ospf 1
 log-adjacency-changes
 network 10.0.0.16 0.0.0.3 area 30
 network 10.0.0.32 0.0.0.3 area 30
 default-information originate
!
ip route 0.0.0.0 0.0.0.0 192.168.138.1
!
!
ip http server
no ip http secure-server
ip nat inside source list Internet interface Vlan10 overload
ip nat inside source static tcp 10.254.0.2 23 interface Vlan10 23
!
ip access-list extended Internet
 permit ip 10.0.0.0 0.0.0.255 any
 permit ip 192.168.0.0 0.7.255.255 any
 permit ip 192.168.100.0 0.0.0.255 any
 permit ip 192.168.101.0 0.0.0.255 any
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
scheduler allocate 20000 1000
end

Gateway2#