Configure

Study the scheme. Split the network into subnets, addressing 5.87.0.0/24. Each PC is on a separate network. Perform basic configuration of all network devices. Raise only SSH protocol for management. Configure a separate VLAN for each PC on the switches and forward them to the router. Enable Port Fast BPDU Guard on internal interfaces. Enable Rapid PVST. Configure the OSPF protocol for routers, not including networks on internal interfaces. Raise a floating static route for OSPF protocol redundancy. Configure the GRE 1 protocol for the R1 - R2 - R4 route, GRE 2 for the R1 – R3 - R4 route, the routing method for connecting GRE and LAN is OSPF Configure the ACL to manage all devices only with MGT1 PC (SSH). Configure all devices time and data transfer to Syslog server (Server0). Transfer the image and start-up configuration to TFTP Server0. Configure backup downloading from TFTP images on routers. Check the network operability in case of failure of the OSPF protocol. Answer Key Cisco Packet Tracer project R1 startup configure file R2 startup configure file R3 startup configure file R4 startup configure file S1 startup configure file S1 startup configure file

A tunnel is organized between the two branches via the ISP. For redundancy, a second tunnel is organized over the network of another ISP. Scheme with IP-addresses: Switching to the backup route is performed when OSPF connectivity is lost through the tunnel over the network of the ISP “A”. BFD is used to quickly evaluate connectivity. The settings for routers: Router WEST hostname WEST no ip domain lookup interface Loopback0 no shutdown description PC_A ip address 172.16.1.1 255.255.255.0 interface Tunnel0 no shutdown ip address 172.16.12.1 255.255.255.252 bfd interval 50 min_rx 50 multiplier 3 tunnel source 10.1.1.1 tunnel destination 10.2.2.1 interface Tunnel1 no shutdown description RESERV ip address 172.16.21.1 255.255.255.252 ip ospf cost 1500 bfd interval 50 min_rx 50 multiplier 3 tunnel source 10.3.3.1 tunnel destination 10.4.4.1 interface GigabitEthernet0/0 no shutdown description to_ISP_A ip address 10.1.1.1 255.255.255.252 duplex auto speed auto media-type rj45 interface GigabitEthernet0/1 no shutdown description to_ISP_B ip address 10.3.3.1 255.255.255.252 duplex auto speed auto media-type rj45 router ospf 1 log-adjacency-changes detail network 172.16.1.0 0.0.0.255 area 0 network 172.16.12.0 0.0.0.3 area 0 network 172.16.21.0 0.0.0.3 area 0 bfd all-interfaces ip route 10.2.2.0 255.255.255.252 10.1.1.2 ip route 10.4.4.0 255.255.255.252 10.3.3.2 line con 0 exec-timeout 0 0 logging synchronous Router EAST ...

Starting from IOS 15.1 cisco command history is appeared. It outputs a pretty nice ASCII diagram of interfaces loading. For enable: (config)# interface GigabitEthernet 0/1 (config-if)# history bps Now you can see the result using the command: # show interface GigabitEthernet 0/1 history 60sec input The different periods (60sec, 60min, 72hour) and different traffic directions (input, output, both) are available.

Если осталась старая конфигурация, удалить и перезапустить Cisco>enable Cisco#erase startup-config Cisco#reload Cisco>enable Новая конфигурация Cisco#configure terminal Назвать роутер Cisco(config)#hostname R1 Хранить пароли в файле конфигурации в зашифрованном виде R1(config)#service password-encryption Отключить управление по http, https, CDP R1(config)#no ip http server R1(config)#no ip http secure-server R1(config)#no cdp run Отключить интерпретацию неправильно введенных команд как DNS-запрос R1(config)#no ip domain lookup Пароль на подключение по консольному порту R1(config)#line console 0 R1(config-line)#password cisco R1(config-line)#login local R1(config-line)#exit ...

Настроить Event Manager для логгирования всех выполненных на роутере команд: event manager applet CLIaccounting event cli pattern ".*" sync no skip no action 1.0 syslog priority informational msg "$_cli_msg" set 2.0 _exit_status 1 Включить логгирование: archive log config logging enable logging size 1000 notify syslog hidekeys По умолчанию logging size 100 если этого достаточно, команду можно не вводить. Посмотреть лог: show archive log config all Все выполненные команды будут дублироваться на консоль. Если это не надо, отключить вывод: no logging console Включить: logging console ...