Hng dn thc hnh Thit k mng

Nhm bin son: Trn Don Thnh - L Bo Thin Ngy hon thnh: 20/3/200 Trng i hc khoa hc t nhin Thnh Ph H Ch Minh

Mc lc
1 Lm quen vi chng trnh Router Sim...............................................................................3 1.1 Thit lp mt mng trong Router Sim...........................................................................3 1.2 Kt ni cc thit b trong Router Sim............................................................................3 1.3 Net Detective..................................................................................................................4 2 Cu hnh Router.....................................................................................................................5 2.1 ng nhp vo router.....................................................................................................5 2.2 Xem thng tin mt router...............................................................................................5 2.3 t Password cho router................................................................................................5 2.4 Cu hnh cho router........................................................................................................6 3 Ci t Routing......................................................................................................................6 3.1 Cu hnh Static routing..................................................................................................6 3.2 Cu hnh Default routing................................................................................................7 3.3 Cu hnh RIP routing.....................................................................................................7 3.4 Cu hnh IGRP routing..................................................................................................7 4 Cu hnh Switch....................................................................................................................8 4.1 Kt ni n Switch v t password..............................................................................8 4.2 t hostname cho Switch...............................................................................................9 4.3 t IP Address cho Switch............................................................................................9 4.4 Cu hnh VLANs..........................................................................................................10 4.5 Cu hnh Trunk port.....................................................................................................12 5 Backup v Restore Cisco Router IOS.................................................................................13 5.1 K thut hi phc mt khu.........................................................................................13 5.2 Sao chp d phng Cisco IOS.....................................................................................14 5.3 Hi phc hoc nng cp IOS.......................................................................................15 5.4 Sao lu d phng cu hnh Cisco................................................................................17 5.5 Hi phc Cu hnh Cisco Router t tftp server...........................................................18 5.6 S dng Cisco Discovery Protocol ly thng tin v cc thit b lng ging..........18 5.7 S dng telnet...............................................................................................................21 5.8 To mt bng cc Host trn mt Router v ly IP ca mt Host................................23 6 Cu hnh IPX Routing.........................................................................................................25 6.1 Cu hnh nh tuyn IPX c bn..................................................................................25 6.2 Cu hnh IPX cho Internetwork (mng o trong sim).................................................25 6.3 Kim tra li IPX Internetwork.....................................................................................26 6.4 Thm mt mng IPX ph.............................................................................................27 6.5 Thm mt mng IPX ph s dng Subinterface.........................................................28 6.6 Kim tra li vi CDP v IPX ping...............................................................................28 7 Cu hnh Access-Lists.........................................................................................................29 7.1 Danh sch a ch IP chun cho php truy cp vo mng...........................................29 7.2 Kim tra li Danh sch truy cp chun........................................................................29 1

7.3 Gn mt Danh sch IP truy cp mng vo mt dng VTY........................................30 7.4 Danh sch IP truy cp mng m rng.........................................................................30 7.5 Kim tra li danh sch truy cp IP m rng................................................................32 7.6 Danh sch truy cp IPX chun.....................................................................................32 7.7 Kim tra li danh sch truy cp IPX chun.................................................................33 8 Cu hnh Truy cp t xa......................................................................................................33 8.1 Cu hnh PPP Encapsulation........................................................................................33 8.2 Kim tra PPP Encapsulation........................................................................................34 8.3 Cu hnh PPP Authentication dng CHAP..................................................................34 8.4 Kim tra PPP Authentication.......................................................................................35 8.5 Tm hiu v Cu hnh Frame Relay.............................................................................36 8.6 Cu hnh Frame Relay Switching................................................................................38 8.7 Cu hnh Frame Relay vi Subinterface......................................................................39 8.8 Kim tra li Frame Relay.............................................................................................40

1 Lm quen vi chng trnh Router Sim

Chng trnh Router Sim l mt chng trnh gi lp dng cho vic thit lp mt mng my tnh vi cc thit b nh: Router, Switch v cc my tnh. Cc mn chnh trong trong RouterSim: Network Visualizer Screen L mn hnh giao din ho chnh trong Router Sim 3.0. y l ni bn s to v cu hnh cc thit b c ko, th vo trong mn hnh Network Visualizer. Nhn p chut ln thit b cu hnh mt thit b , khi s chuyn sang mn hnh Simulation. Simulation Screen L mn hnh gi lp cc thit b, dng cu hnh cc thit b nh router, switch, 1.1 Thit lp mt mng trong Router Sim 1. Nhp chut vo nt Net Visualizer, khi mn hnh li Network Visualizer s xut hin. 2. Ko cc thit b t ca s bn trn tri th vo mn hnh Net Visualizer. 3. Tip tc ko cc thit b cn thit to thnh mt mng my tnh. Ch :: C mt gii hn trong s lng cc thit b c th ko th vo trong mn hnh Network Visualizer: o 5 2501 Routers o 1 2600 Router o 6 1900A Switches o 8 Hosts Mun b mt thit b ra khi mn hnh Net Visualizer, chng ta ko thit b vo thng rc di tri mn hnh. Nu chng ta mun xa ton b cc thit b, click vo nt Clear Visualizer. 1.2 Kt ni cc thit b trong Router Sim Sau khi ko th cc thit b trong mn hnh Network Visualizer, chng ta phi kt ni chng li vi nhau. 1. Nhp chut phi trn thit b.

2. Nhp chut trn cc cng mun kt ni, v d: E0, S0, S1. 3. i vi cc cng S0, S1, s yu cu kt ni DTE hay DCE. Ch i vi DCE chng ta phi cu hnh clock rate cho cng . 4. Tng t chng ta nhn chut phi ln thit b cn kt ni ti v click chut tri ln port kt ni. Nu mun b cc kt ni chng ta lm tng t nh vic kt ni: 1. Click chut phi ln thit b. 2. Click chut tri ln kt ni mun b. 3. Chng trnh s hi chng ta mun b kt ni hay khng? OK 1.3 Net Detective

Nu bn khng thnh tho trong vic s dng router v switch , bn c th gp phi trng hp thc thi mt lnh no m n khng thc hin theo mnh mun, v bn khng bit mnh sai ch no. Chng ta s s dng Net Detective xem ti sao mng b li. V d: nu bn khng thnh cng trong vic ping gia 2501 A v 2501C, Net Detective s cung cp mng b li ch no.

2 Cu hnh Router
2.1 ng nhp vo router kt ni vo router chng ta nhn enter t mn hnh Network Visualizer, chng ta s vo user mode. Trong ch user mode chng ta ch c th s dng c mt s lnh nh: ping, traceroute, Mun cu hnh router chng ta vo trong ch privileged mode, bng cch s dng lnh enable vo privileged mode ( Router# ) Dng lnh logout, exit thot Cc du nhc trong Router: o Router # : ang ch privileged (enable) o Router (config) # : ang ch global config mode (config) o Router (config-if) # : ang ch config cc interface ca router (interface ethernet0) o Router (config-subif) # : subinterfacce (int f0/0.1) o Router (config-line) # : cu hnh trn cc line (line console 0) o Router (config-router) # : Cu hnh routing (router rip) Xem thng tin mt router ? : Xem cc lnh c th thc hin c ch ny command? : Xem cc lnh c cc k t bt u nh vy Command ? : Xem cc tham s ca mt lnh show version : Xem version ca HDH ca router show running-config (sh run), show startup-config (sh start) o Xem cu hnh ang chy ca router v cu hnh ca router c lu trong NVRAM. t Password cho router Trong router chng ta c 5 password bo v router. Hai password u tin bo v ch privileged mode, khi s dng lnh enable. V 3 password khc dng bo v router khi ngi dng ng nhp t console port, auxiliary port hoc l telnet ( mc user mode). 2.3.1 Password cho Privileged mode Config T : vo cu hnh router (Router(config)#) enable secret : t password cho router (1) enable password : t password cho router (2) o Ch : Khi t password theo lnh (1) th password trong lnh (2) s khng c tc dng na.

2.2

2.3

2.3.2 Password cho console port, auxiliary port v Telnet - S dng lnh line c password user mode cho cc cng ph nh:
Router(config)#line ? <0-6> First Line number aux Auxiliary line console Primary terminal line vty Virtual terminal

Trong : o aux: config router qua modem o console : config router thng qua console port o vty : config router qua telnet. (Nu khng c t password th khng th s dng Telnet cu hnh router) - Line [aux/console/vty] [0] - Login - Password <pass> 2.3.3 2.4 M ha mt m Config t Service password-encryption Bt u t password nh trn No service password-encryption Cu hnh cho router

2.4.1 Ci t cu thng bo khi logon vo router - banner motd # Cu thng bo # 2.4.2 Cu hnh cc giao tip ca router interface (int) e0/ s0/ s1 / [fastethernet 0/0] no shutdown (no shut) ip address A.B.C.D subnetmask ip address A.B.C.D subnetmask secondary description (desc) cu miu t

2.4.3 t Router hostname - con t - hostname Tn_ca_router

3 Ci t Routing
3.1 Cu hnh Static routing Chng ta s phi xy dng bng routing tnh cho mi router => c th dn ng cho ton mng. Chng ta phi cu hnh cho tt c cc router th vic tm ng mi c th hot ng c. 6

Cc lnh cu hnh router: - con t - ip route NetID Subnetmask DestIP - - exit - show ip route V d:
Router#con t Router(config)#ip route 172.16.20.0 255.255.255.0 172.16.20.1 Router(config)#ip route 172.16.30.0 255.255.255.0 172.16.20.1 Router(config)#ip route 172.16.40.0 255.255.255.0 172.16.20.1 Router(config)#exit Router#

3.2

Cu hnh Default routing Cu hnh Default routing th khng ging nh cu hnh default gate-way trtrn host. Nn nh rng router l dafault gateway v chng ta khng th t mt default gateway trn router. Default gateway s thc hin : nu mt packet cho mt mng khng nm trong routing table th router s chuyn packet ny n mt default route. Chng ta ch c th cu hnh default routing trn cc router gc, l cc router ch c mt ng in v out. Cu hnh default routing s dng cc lnh sau: - con t - no ip route NetID Subnetmask DestIP - ip route 0.0.0.0 0.0.0.0 DestIP - ip classless - exit V d:
Router>en Router#con t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#ip route 0.0.0.0 0.0.0.0 172.16.20.1 Router(config)#ip classless Router(config)#exit Router#

3.3 3.4

Cu hnh RIP routing con t router rip network 172.16.0.0 ^z

Cu hnh IGRP routing - con t - router IGRP 10 - network 172.16.0.0 7

^z

4 Cu hnh Switch
4.1 Kt ni n Switch v t password Nhp p vo switch cn cu hnh s nhn c cc thng tin sau:
Catalyst 1900 Management Console Copyright (c) Cisco Systems, Inc. 1993-1999 All rights reserved. Enterprise Edition Software Ethernet Address: 00-30-80-C7-BE-C0 PCA Number: 73-3122-04 PCA Serial Number: FAB033723WJ Model Number: WS-C1912-A System Serial Number: FAB0338S10A Power Supply S/N: APQ032404SA PCB Serial Number: FAB033723WJ,73-3122-04 ------------------------------------------------1 user(s) now active on Management Console. User Interface Menu [M] Menus [K] Command Line Enter Selection:K

Nhn K vo CLI (Command Line Interface)

CLI session with the switch is open. To end the CLI session, enter [Exit].

t password cho switch chng ta thi hnh cc lnh sau:

>enable #config t Enter configuration commands, one per line. (config)# (config)#enable password level 1 user (config)#enable password level 15 priv (config)#exit

End with CNTL/Z.

Level 1 : l password vo user mode Level 15: l password vo privilge mode

Chng ta s kim tra cc password bng cch thot ra ngoi v login vo li. Ban u s l password vo user mode v tip theo l password cho privileged mode.
Catalyst 1900 Management Console Copyright (c) Cisco Systems, Inc. 1993-1999 All rights reserved. Enterprise Edition Software Ethernet Address: 00-30-80-C7-BE-C0

PCA Number: 73-3122-04 PCA Serial Number: FAB033723WJ Model Number: WS-C1912-A System Serial Number: FAB0338S10A Power Supply S/N: APQ032404SA PCB Serial Number: FAB033723WJ,73-3122-04 ------------------------------------------------1 user(s) now active on Management Console. User Interface Menu [M] Menus [K] Command Line Enter Selection: Enter password: **** CLI session with the switch is open. To end the CLI session, enter [Exit]. >en Enter password:**** #

4.2

t hostname cho Switch Hostname trong switch cng ging nh trong router ch c ngha logic. C ngha l n khng gi mt chc nng no trong mng hay phn gii tn bt c ci g. Tuy nhin n cng c ch gip chng ta xc nh c l switch no khi kt ni vo n. Thng thng ngi ta t hostname cho switch da vo ci vng n phc v. Cc lnh t hostname cho Switch 1900 tng t nh trong router :
#con t Enter configuration commands, one per line. (config)#hostname PMMang01 PMMang01(config)# End with CNTL/Z.

4.3

t IP Address cho Switch Chng ta khng cn t IP cho Switch, ch cn gn vo l n s hot ng nh HUB. Nhng chng ta t IP cho Switch chng ta c th cu hnh n thng qua Telnet hay l cc cng trnh qun l khc. Hoc phc v cho VLAN hoc cc tnh nng khc. Mc nh Switch khng c IP v Default gateway. (s dng lnh show ip xem thng tin (trong ch privileged mode))
PMMang01#show ip IP Address: 0.0.0.0 Subnet Mask: 0.0.0.0 Default Gateway: 0.0.0.0 Management VLAN: 1 Domain name: Name server 1: 0.0.0.0 Name server 2: 0.0.0.0 HTTP server : Enabled HTTP port : 80 RIP : disabled PMMang01#

S dng cc lnh sau ci t IP cho switch:

PMMang01#show ip IP Address: 0.0.0.0 Subnet Mask: 0.0.0.0 Default Gateway: 0.0.0.0 Management VLAN: 1 Domain name: Name server 1: 0.0.0.0 Name server 2: 0.0.0.0 HTTP server : Enabled HTTP port : 80 RIP : disabled PMMang01#con t Enter configuration commands, one per line. End with CNTL/Z. PMMang01(config)#ip address 172.16.10.16 255.255.255.0 PMMang01(config)#ip default-gateway 172.16.10.1 PMMang01(config)#exit PMMang01#sh ip IP Address: 172.16.10.16 Subnet Mask: 255.255.255.0 Default Gateway: 172.16.10.1 Management VLAN: 1 Domain name: Name server 1: 0.0.0.0 Name server 2: 0.0.0.0 HTTP server : Enabled HTTP port : 80 RIP : disabled PMMang01#

4.4

Cu hnh VLANs Chng ta c th cu hnh 64 VLAN trn Switch 1900. Chng ta s dng cc lnh sau: vlan [vlan#] name [vlan name] V d:
PMMang1#con t Enter configuration commands, one per line. PMMang1(config)#vlan 1 name sales PMMang1(config)#vlan 2 name marketing PMMang1(config)#vlan 4 name mis PMMang1(config)#exit End with CNTL/Z.

xem thng tin cc vlan trong switch, s dng lnh sh vlan

PMMang1#sh vlan VLAN Name Status Ports -------------------------------------1 sales Enabled 1-12, AUI, A, B 2 marketing Enabled 4 mis Enabled 1002 fddi-default Suspended 1003 token-ring-default Suspended 1004 fddinet-default Suspended 1005 trnet-default Suspended --------------------------------------

10

VLAN Type SAID MTU Parent RingNo BridgeNo Stp Trans1 Trans2 -------------------------------------------------------------------------1 Ethernet 100001 1500 0 0 0 Unkn 0 0 2 Ethernet 100002 1500 0 0 0 Unkn 0 0 4 Ethernet 100003 1500 0 0 0 Unkn 0 0 1002 FDDI 101002 1500 0 0 0 Unkn 0 0 1003 Token-Ring 101003 1500 0 0 0 Unkn 0 0 1004 FDDI-Net 101004 1500 0 0 0 IEEE 0 0 1005 Token-Ring-Net 101005 1500 0 0 0 IBM 0 0 -------------------------------------------------------------------------PMMang1#

rng tt c cc port u thuc VLAN 1 => Chng ta s cu hnh phn cc port v cc VLAN khc nhau.
PMMang1#con t Enter configuration commands, one per line. End with CNTL/Z. PMMang1(config)#int e0/1 PMMang1(config-if)#vlan-membership ? dynamic Set VLAN membership type as dynamic static Set VLAN membership type as static PMMang1(config-if)#vlan-membership static ? <1-1005> ISL VLAN index PMMang1(config-if)#vlan-membership static 1 PMMang1(config-if)#int e0/2 PMMang1(config-if)#vlan-membership static 2 PMMang1(config-if)#int e0/4 PMMang1(config-if)#vlan-membership static 4 PMMang1(config-if)#^Z %SYS-5-CONFIG_I: Configured from console by console PMMang1#show vlan VLAN Name Status Ports -------------------------------------1 sales Enabled 3,5-12, AUI, A, B 2 marketing Enabled 2 4 mis Enabled 4 1002 fddi-default Suspended 1003 token-ring-default Suspended 1004 fddinet-default Suspended 1005 trnet-default Suspended -------------------------------------PMMang1#

Chng ta c th xem cc thng tin cc port thuc VLAN no bng cch:

PMMang1#show vlan-membership Port VLAN Membership Type ----------------------------1 1 Static 2 2 Static 3 1 Static 4 4 Static 5 1 Static 6 1 Static 7 1 Static

11

8 9 10 11 12 AUI A B PMMang1#

1 1 1 1 1 1 1 1

Static Static Static Static Static Static Static Static

4.5

Cu hnh Trunk port Trunk link l lin kt 100 hoc 1000Mbps gia 2 switch, gia switch v router hoc gia switch v server. Trunk link l cu ni cho nhiu VLANm t 1 1005 cng 1 lc. Chng ta khng th s dng trunk link cho lin kt 10Mbps. cu hnh port fast ethernet s dng lnh : trunk [parameter]
PMMang1#con t Enter configuration commands, PMMang1(config)#int f0/26 PMMang1(config-if)#trunk ? auto Set DISL state desirable Set DISL state nonegotiate Set DISL state off Set DISL state on Set DISL state PMMang1(config-if)#trunk on PMMang1(config-if)# one per line. to to to to to AUTO DESIRABLE NONEGOTIATE OFF ON End with CNTL/Z.

Trong : Interface tr thnh trunk ch khi thit b kt ni c cu hnh on hoc desirable. Nu thit b kt ni c cu hnh hoc on, desirable hoc auto n s dn xp tr thnh trunk port. Interface l cng ISL trunk th n s khng iu nh vi bt k thit b no gn vo n. kim tra cc trunk port chng ta s dng lnh show trunk [port_number]
PMMang1#sh trunk ? A Trunk A B Trunk B PMMang1#sh trunk a DISL state: On , Trunking: On , Encapsulation type: ISL PMMang1#

Trong Switch 1900 cng 26 c xc nh bi trunk A v cng f0/27 l trunk B.

12

5 Backup v Restore Cisco Router IOS

5.1 K thut hi phc mt khu Tt c cc Router Cisco u c mt thanh ghi mm 16 bit c lu trong NVRAM. Thanh ghi cu hnh c t mc nh khi ng t b nh flash v tm kim c file cu hnh t NVRAM. Bng cch thay i thanh ghi cu hnh ta c th hi phc mt khu. Bit 6 ca thanh ghi cu hnh c s dng xc nh cho Router bit l c cu hnh t NVRAM hay khng. Gi tr mc nh ca thanh ghi cu hnh l 0x2102 (bit 6 = 0). hi phc mt khu ta cn phi bt bit 6 ln tc l yu cu Router b qua khng c cu hnh t NVRAM. Gi tr cn t cho thanh ghi cu hnh bt bit 6 l 0x2142. 1. Ta c th xem gi tr ca thanh ghi cu hnh hin thi bng lnh show version.
2500A#show version
Cisco Internetwork Operating System Software IOS (tm) 2500 Software (C2500-JS-L), Version 12.0(8), RELEASE SOFTWARE (fc1)

[output cut] Configuration register is 0x2102

Dng cui cho bit gi tr ca thanh ghi cu hnh. 2. Ta c th thay i gi tr bng lnh config-register.
2500A(config)#config-register 0x0101 2500A(config)#^Z 2500A#sh ver [cut] Configuration register is 0x2102 (will be 0x0101 at next reload)

Lu l cc thay i trn router ch c tc dng sau khi router khi ng li. 3. Vi router 2500A ta g lnh reload ti du nhc c quyn (privileged mode)
2500A#reload

4. Khi router ang khi ng nhn ctrl-delete, ta s vo ch qun l ROM

System Bootstrap, Version 11.0(10c), SOFTWARE Copyright (c) 1986-1996 by cisco Systems 2500 processor with 14336 Kbytes of main memory Abort at 0x10151E4 (PC) >

Lu l i vi router thc th nhn ctrl-break 5. thay i thanh ghi cu hnh ca cc router 2500 nhn o. N s hin ra mt menu cc la chn ci t cho thanh ghi cu hnh. thay i thanh ghi cu hnh ta nhp lnh o/r sau l gi tr mi ca thanh ghi cu hnh.
System Bootstrap, Version 11.0(10c), SOFTWARE Copyright (c) 1986-1996 by cisco Systems 2500 processor with 14336 Kbytes of main memory Abort at 0x1098FEC (PC) >o Configuration register = 0x2102 at last boot Bit# Configuration register option settings: 15 Diagnostic mode disabled 14 IP broadcasts do not have network numbers 13 Boot default ROM software if network boot fails 12-11 Console speed is 9600 baud 10 IP broadcasts with ones 08 Break disabled 07 OEM disabled

13

06 Ignore configuration disabled 03-00 Boot file is cisco2-2500 (or 'boot system' command) >o/r 0x2142

Sau khi thay i thanh ghi cu hnh bt bit 6. Ta nhn i khi to li router
>o/r 0x2142 >i System Bootstrap, Version 11.0(10c), SOFTWARE Copyright (c) 1986-1996 by cisco Systems

6. Cho php router khi ng li hon ton, n s cho ta vo ch Setup 7. Chn No vo ch setup v g enable vo ch c quyn 8. G copy startup-config running-config, lnh ny s chp tp tin config sn ln b nh. Bi v ta vt qua im i mt khu nn ta by gi ang trong phn cu hnh. 9. i mt khu v lu cu hnh li 10. i thanh ghi cu hnh tr li 0x2102
2500A#config t 2500A(config)#config-register 0x2102

nh vy l ta thnh cng trong vic hi phc mt khu trn Router 2500A 11. i vi cc router 2600 th c mt s thao tc hi khc sau khi khi ng ta nhn ctrl-delete
2600A#reload System Bootstrap, Version 11.3(2)XA4, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by cisco Systems, Inc. TAC:Home:SW:IOS:Specials for info PC = 0xfff0a530, Vector = 0x500, SP = 0x680127b0 C2600 platform with 32768 Kbytes of main memory PC = 0xfff0a530, Vector = 0x500, SP = 0x80004374 monitor: command "boot" aborted due to user interrupt rommon 1 >

12. thay i thanh ghi cu hnh trn 2600 ta dng confreg

rommon 1 > confreg 0x2142

sau khi ng li
rommon 1 > reset

13. Sau khi khi ng li ta chn no vo ch setup, sau lm tng t cc bc nh 2500 5.2 Sao chp d phng Cisco IOS Trc khi nang cp hay hi phc mt Cisco IOS, bn nn sao chp mt bn c sn vo mt my c tftp d phng trong trng hp bn mi khng chy. Bn c th dng bt k my tftp no lm vic ny. Mc nh, b nh flash trong router c dng lu Cisco IOS. Sau y s m t phng php kim tra kch thc ca b nh flash, sao chp mt Cisco IOS t b nh flash vo mt my tftp, sau sao chp mt IOS t my tftp vo b nh. 1. Trc khi nng cp IOS trong router ca bn, cn phi kim tra la rng b nh flash lu file mi. Bn c th kim tra kch thc flash v cc file ang lu trong fn thng qua lnh show flash (sh fla).
2500A#show flash System flash directory: File Length Name/status 1 8121000 c2500-js-l.112-18.bin [8121064 bytes used, 8656152 available, 16777216 total]

14

16384K bytes of processor board System flash (Read ONLY) 2500A#

2. Lu tn tp tin trong v d l c2500-js-l.112-18.bin. Tn ca file xc nh nn v c cu thnh nh sau: - c2500 l nn. - j ch ta bit file l mt enterprise image - s ch ta bit bao gm c phn kh nng m rng. - l ch ta bit n c th xo khi flash v khng nn. - 11.2-18 l s xem li - .bin cho bit Cisco IOS l tp tin thi hnh c. 3. Dng cui cng cho bit flash c 16Mb tc l tha ch cho mt file 10Mb ca chng ta. Khi kim tra li dung lng ca b nh flash c th cha file ta mun, ta tin hnh cng vic sao chp d phng. 4. B quyt thnh cng l phi bo m phi c mt kt ni tt n my tftp. Ta c th kim tra iu ny bng cch ping n my t mn hnh console ca router nh sau:
2500A#ping 172.16.60.3 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.60.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/8 ms

5. Sau khi ping my tftp m bo IP ca n ang hot ng, bn c th dng lnh sao chp tftp sao chp IOS n my nh di y. Lu rng sau khi nhn enter tn ca tp tin trong b nh c hin th. iu ny lm bn d dng hn.
2500A#copy flash tftp System flash directory: File Length Name/status 1 8121000 c2500-js-l.112-18.bin [8121064 bytes used, 8656152 available, 16777216 total] Address or name of remote host [255.255.255.255]? 172.16.60.3 Source file name? c2500-js-l.112-18.bin Destination file name [c2500-js-l.112-18.bin]? (press enter) Verifying checksum for 'c2500-js-l.112-18.bin')file #1)...OK Copy '/c2500-js-l.112-18' from Flash to server as '/c2500-js-l.112-18'? [yes/no]y !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!! [output cut] Upload to server done Flash copy took 00:02:30 [hh:mm:ss] 2500A#

trong v d trn, ton b b nh flash c chp thnh cng vo my tftp. a ch ca my xa chnh l a ch ca my tftp. Tp tin ngun chnh l tp tin trn b nh flash. 5.3 Hi phc hoc nng cp IOS Bn c th cn phi hi phc IOS vo b nh flash thay th mt tp tin c sn m b hng hoc l cn nng cp IOS. Bn c th download tp tin t mt my tftp n b nh flash bng lnh copy tftp flash lnh ny yu cu a ch IP ca my tftp v tn tp tin ta cn download vo b nh flash. 1. G copy tftp flash t du nhc lnh trng thi c quyn. bn s thy mt thng ip hng dn bn l router phi khi ng liv chy di ch ROM based IOS image thc hin qu trnh ny. 15

2500A#copy tftp flash **** NOTICE ****

Flash load helper v1.0 This process will accept the copy options and then terminate the current system image to use the ROM based image for the copy. Routing functionality will not be available during that time. If you are logged in via telnet, this connection will terminate. Users with console access can see the results of the copy operation. ---- ******** ---Proceed? [confirm](press return)

2. Sau khi nhn enter xc nhn l bn hiu v router cn phi khi ng li, router s hin th nh di y. Khi router s dng my tftp, n s nh a ch ny v ch yu cu bn khng nh li m thi.
System flash directory: File Length Name/status 1 8121000 /c2500-js-l.112-18 [8121064 bytes used, 8656152 available, 16777216 total] Address or name of remote host [172.16.60.3]? (press return)

3. Dng i lnh k l tn ca tp tin m bn mun chp vo flash. Tn tp tin cn nng cp l c2500-js65i-l.120-9.bin.

Source file name? c2500-js56i-l.120-9.bin Destination file name [c2500-js56i-l.120-9.bin]? (press return) Accessing file 'c2500-js56i-l.120-9.bin' on 172.16.60.3... Loading c2500-js56i-l.120-9.bin from 172.16.60.3 (via Ethernet0): ! [OK]

4. Sau khi bn cho router ng dn v tn tp tin, n s hi bn xc nhn rng bn hiu ni dung ca flash s b xo. Bn s c hi 3 ln m bo chc l bn thc s mun xo b nh flash. Nu bn cha thc hin lnh copy run start, bn s c yu cu lm iu bi v router cn phi khi ng li.
Erase flash device before writing? [confirm] (press return) Flash contains files. Are you sure you want to erase?[confirm](press return) System configuration has been modified. Save? [yes/no]: y Building configuration... [OK] Copy 'c2500-js56i-l.120-9.bin' from server as 'c2500-js56i-l.120-9.bin' into Flash WITH erase? [yes/no] y

5. Sau khi xc nhn xo b nh flash, router phi khi ng li chy mt h iu hnh IOS nh t ROM bi v bn khng th xo flash file nu n ang c s dng. Ton b nhng g cha trong flash s b xo v tp tin t my tftp s c chp vo b nh flash.
%SYS-5-RELOAD: Reload requested %FLH: c2500-js56i-l.120-9.bin from 172.16.60.3 to flash ... System flash directory: File Length Name/status 1 8121000 /c2500-js-l.112-18 [8121064 bytes used, 8656152 available, 16777216 total] Accessing file 'c2500-js56i-l.120-9.bin' on 172.16.60.3... Loading c2500-js56i-l.120-9.bin .from 172.16.60.3 (via Ethernet0): ! [OK] Erasing device... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee Loading c2500-js56i-l.120-9.bin from 172.16.60.3 (via Ethernet0): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!! [output cut]

Dng cha cc k t e cho bit ni dung ca flash ang c xo. Mi du chm than (!) tc alf mt phn ca UDP c truyn. 6. Mt khi chp xong, bn s nhn c thng ip sau:
[OK - 10935532/16777216 bytes]

16

Verifying checksum... OK (0x2E3A) Flash copy took 0:06:14 [hh:mm:ss] %FLH: Re-booting system after download

Sau khi tp tin c chp vo flash v checksum xong, router s khi ng li chy tp tin IOS mi. Lu l trong bi tp s khng c tp tin thc. y ch l bi tp th hin n thc hin nh th no. 5.4 Sao lu d phng cu hnh Cisco Bt k thay i no bn lm trn cu hnh router u c lu trong tp tin runningconfig. Nu bn khng thc hin lnh copy run start sau khi thay i running-config th cc thay i s mt nu router khi ng li hay b mt in. Bn c th cn to mt sao lu d phng khc cho thng tin cu hnh trong trng hp router hoc switch hon ton cht hay lm ti liu. Bi ny s m t lm cch no sao chp cu hnh ca router n mt my tftp. 1. chp cu hnh router t mt router n my tftp, bn c th dng lnh copy runningconfig tftp hoc copy starting-config tftp. C hai lnh u sao lu cu hnh router ang chy trn DRAM hoc c lu trn NVRAM. 2. kim tra li cu hnh trn DRAM, s dng lnh show running-config (sh run) nh sau:
2500A#sh run Building configuration... Current configuration: ! version 12.0

Thng tin cu hnh hin ti l ang chy phin bn 12.0 ca IOS. 3. Tip theo phi kim tra cu hnh lu trong NVRAM. xem ta dng lnh show starting-config (sh start) nh sau:
2500A#sh start Using 366 out of 32762 bytes ! version 11.2

dng th 2 cho bit cu hnh d phng chim ch bao nhiu. Trong v d ny, NVRAM l 32KB v ch c 366 bytes c s dng. Lu rng phin bn ca cu hnh trong NVRAM l 11.2 (bi v ta khng sao chp running-config vo startup-config t lc nng cp router). nu bn khng chc cc tp tin l ging nhau v tp tin running-config l ci m bn cn dng th dng lnh copy running-config startup-config cho hai tp tin u ging nhau. Bng cch sao lu d phng vo NVRAM nh di y, bn c bo m l runningconfig s lun c c ln nu router phi khi ng li. Trong h iu hnh IOS 12.0, bn c yu cu nhp tn tp tin mun dng. Tng t, trong v d ny, bi v IOS l 11.2 vo ln cui chy copy run start, router s cho bn bit n s thay th tp tin vi tp tin phin bn 12.0.
2500A#copy running-config startup-config Destination filename [startup-config]? (press enter) Warning: Attempting to overwrite an NVRAM configuration previously written by a different version of the system image. Overwrite the previous NVRAM configuration?[confirm](press return) Building configuration...

17

[OK]

4. By gi khi bn chy show starting-config, phin bn l 12.0:

2500A#show startup-config Using 487 out of 32762 bytes ! version 12.0

5. Khi tp tin c chp vo NVRAM, bn c th to mt sao lu d phng th hai vo my tftp bng cch dng lnh copy running-config tftp (copy run tftp) nh sau:
2500A#copy run tftp Address or name of remote host []? 172.16.60.3 Destination filename [2500A-confg]? 2500A-confg !! 487 bytes copied in 12.236 secs (40 bytes/sec) 2500A#

6. Lu l ch xut hin hai du chm than (!), tc l 2 UDP ack. Nu tn my cu hnh, lnh s t ng dng tn my cng vi confg nh l tn ca tp tin 5.5 Hi phc Cu hnh Cisco Router t tftp server Nu bn thay i cu hnh router trong running-config v mun hi phc li ging trong startup-config th dng lnh copy startup-config running-config (copy start run). Bn cng c th dng lnh c, config mem, hi phc cu hnh. Tt nhin, iu ny ch c khi bn chp running-config vo NVRAM trc khi thay i. 1. Nu bn chp cu hnh router vo my tftp nh l mt sao lu d phng th 2, bn c th hi phc cu hnh dng lnh copy tftp running-config (copy tftp run) hoc copy tftp startup-config (copy tftp start) nh sau:
2500A#copy tftp run Address or name of remote host []? 172.16.60.3 Source filename []? 2500A-confg Destination filename [running-config]? (press return) Accessing tftp://172.16.60.3/2500A-confg... Loading 2500A-confg from 172.16.60.3 (via Ethernet0): !! [OK - 487/4096 bytes] 487 bytes copied in 5.400 secs (97 bytes/sec) 2500A# 00:38:31: %SYS-5-CONFIG: Configured from tftp://172.16.60.3/2500A-confg 2500A#

5.6

S dng Cisco Discovery Protocol ly thng tin v cc thit b lng ging

CDP l mt giao thc thch ng c thit k bi Cisco gip cc nh qun tr thu thp cc thng tien v cc thit b gn ni b v cc thit b xa. Bn c th ly thng tin phn cng cng nh thng tin giao thc ca cc thit b lng ging. Thng tin ny rt hu dng i vi nhng rc ri v lm su liu v mng. 1. u tin ly thng tin CDP trn router ca bn bng cch ly CDP Timer v Holdtime Information. Dng lnh show cdp (sh cdp) s cho bit hai tham s CDP chung m c th cu hnh trn thit b ca Cisco. Kt qu xut ra ging nh sau:
Router#sh cdp Global CDP information:

18

Sending CDP packets every 60 seconds Sending a holdtime value of 180 seconds Router#

- CDP Timer cho bit khong thi gian gia cc packet CDP c gi i n tt c cc cng hot ng. - CDP holdtime l khong thi gian m thit b s gi packet nhn c t thit b lng ging. C Cisco router v switch dng chung tham s. 2. S dng lnh chung xem cdp holdtime v cdp timer cu hnh chng trn router.
Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#cdp ? holdtime Specify the holdtime (in sec) to be sent in packets timer Specify the rate at which CDP packets are sent(in sec) run Router(config)#cdp timer 90 Router(config)#cdp holdtime 240 Router(config)#^Z

3. bn c th tt CDP hon ton trn router bng lnh no cdp run trong ch cu hnh chung ca router (global configuration mode). Bt CDP dng cdp run.
Router(config)#no cdp run Router(config)#cdp run Router(config)#^Z

4. tt hoc m CDP trn mt cng router, dng no cdp enable v cdp enable.
Router(config)#interface ethernet 0 Router(config-if)#no cdp enable Router(config-if)#cdp enable Router(config-if)#^Z

5. Lnh show cdp neighbor (sh cdp nei) cho bit thng tin v cc thit b kt ni trc tip. Cn phi nh cc CDP packet khng c gi thng qua Cisco switch v bn ch thy nhng g kt ni trc tip. Trn mt router kt ni n switch, bn s khong thy cc thit b kt ni n switch. Sau y l kt qu thc hin trn 2500A.
Todd2500A#sh cdp nei Capability Codes: R S - Switch, H - Host, Device ID Local 1900C Eth 2500E Ser Todd2501# Router, T - Trans Bridge, B - Source Route Bridge I - IGMP, r - Repeater Intrfce Holdtme Capability Platform Port ID 0 238 T S 1900 1 0 138 R 2500 Ser 0

Di y l bng gii thch cc ct hin th ca router Ct Gii thch Device ID Hostname ca thit b kt ni trc tip Local Interface Cng hoc giao din m bn nhn c CDP packet t n. Holdtime Thi gian Reuter gi thng tin nhn t thit b . Capability Chc nng ca cc lng ging nh router, switch, repeater. M kh nng c lit k ti phn u ca mn hnh kt qu Platform Loi ca thit b Cisco. Trong mn hnh xut trn, mt Cisco 2509, Cisco 2511 v Catalyst 5000 gn vo switch. 2509 ch thy switch v router 2501 qua cng tun t 0 ca n. Port ID Cng hoc giao din ca thit b lng ging m t CDP packet pht ra.

19

6. Mt lnh khc cung cp thng tin ca cc lng ging l show cdp neighbor detail (show cdp nei de) v c th chy trn router ln switch. Lnh ny cho bit thng tin chi tit v mi thit b kt ni vo n nh mt router xut sau:
Todd2500A#sh cdp neighbor detail ------------------------Device ID: 1900C Entry address(es): IP address: 172.16.60.2 Platform: cisco 1900, Capabilities: Trans-Bridge Switch Interface: Ethernet0, Port ID (outgoing port): 1 Holdtime : 166 sec Version : V9.00 ------------------------Device ID: 2500E Entry address(es): IP address: 172.16.20.1 Platform: cisco 2500, Capabilities: Router Interface: Serial0, Port ID (outgoing port): Serial0 Holdtime : 154 sec Version : Cisco Internetwork Operating System Software IOS (tm) 3000 Software (IGS-J-L), Version 11.1(5), RELEASE SOFTWARE (fc1)Copyright (c) 1986-1996 by cisco Systems, Inc.Compiled Mon 05-Aug-96 11:48 by mkamson Todd2500E#

Trn y cho bit tn v a ch IP ca cc thit b kt ni trc tip. Ngoi mt s thng tin ging nh lnh sh cdp nei, cn c thm phin bn ca IOS. 7. Lnh show cdp entry * hin th thng tin tng t nh show cdp nei de. Sau y l v d ca lnh ny.
Todd2509#sh cdp entry * ------------------------Device ID: 1900C Entry address(es): IP address: 172.16.60.2 Platform: cisco 1900, Capabilities: Trans-Bridge Switch Interface: Ethernet0, Port ID (outgoing port): 1 Holdtime : 166 sec Version : V9.00 ------------------------Device ID: 2500E Entry address(es): IP address: 172.16.20.1 Platform: cisco 2500, Capabilities: Router Interface: Serial0, Port ID (outgoing port): Serial0 Holdtime : 154 sec Version : Cisco Internetwork Operating System Software IOS (tm) 3000 Software (IGS-J-L), Version 11.1(5), RELEASE SOFTWARE (fc1)Copyright (c) 1986-1996 by cisco Systems, Inc.Compiled Mon 05-Aug-96 11:48 by mkamson Todd2500E#

8. Lnh show cdp traffic hin th thng tin ng truyn ca interface, bao gm c s lng CDP packet gi v nhn v cc li vi CDP. Kt qu ca lnh trn router.
2500A#sh cdp traffic CDP counters : Packets output: 13, Input: 8 Hdr syntax: 0, Chksum error: 0, Encaps failed: 0

20

No memory: 0, Invalid packet: 0, Fragmented: 0 2500A#

5.7 S dng telnet Telnet l mt giao thc u cui o v l mt phn ca b giao thc TCP/IP. Telnet cho php bn to kt ni n thit b xa v ly thng tin, chy chng trnh. Sau khi router v switch c cu hnh, bn c th s dng chng trnh Telnet cu hnh v kim tra router v switch thay v phi dng cng gn cp. Bn dng Telnet bng cch nh telnet t bt k du nhc i lnh no. Mt khu VTY phi c ci t trn router lm iu ny. Bn khng th dng CDP ly thng tin v router v switch m khng kt ni trc tip n thit b ca bn. Tuy nhin, bn c th dng telnet kt ni n cc thit b lng ging v dng CDP trn ly thng tin cc thit b xa. 1. Sau y l cch b telnet v mt khu t router 2600A.
2600A>enable 2600A#config t Enter configuration commands, one per line. End with CNTL/Z. 2600A(config)#no enable secret 2600A(config)#no enable password 2600A(config)#line vty 0 4 2600A(config-line)#no password 2600A(config-line)#^Z 2600A#

2. Bn c th dng telnet t bt c du nhc lnh no ca router nh sau:

Todd2500A#telnet 172.16.10.2 Trying 172.16.10.2 ... Open Password required, but none set [Connection to 172.16.10.2 closed by foreign host] Todd2500A#

Nh rng cng VTY trn router c cu hnh login tc l bn phi t mt khu VTY hoc s dng lnh no login. 3. Trong mt Cisco router, bn khng cn s dng telnet. Ch cn nhp mt a ch IP l router t hiu bn cn s dng telnet.
Todd2500A#172.16.10.2 Trying 172.16.10.2 ... Open User Access Verification Password: 2600A>

4. y l lc nhp mt khu VTY trn router m bn mun telnet vo. Sau y l v d

2600A#config t Enter configuration commands, one per line. End with CNTL/Z. 2600A(config)#line vty 0 4 2600A(config-line)#login 2600A(config-line)#password todd 2600A(config-line)#^Z 2600A#

5. By gi kt ni vi router mt ln na (t 2500A)
Todd2500A#172.16.10.2 Trying 172.16.10.2 ... Open User Access Verification

21

Password: 2600A>

6. Nh l mt khu VTY l mt khu ch ngi dng, khng phi mt khu enable Sau y l kt qu khi th chuyn sang ch c quyn sau khi telnet vo 2600A:
2600A>en % No password set 2600A>

y l mt chc nng bo mt tt. Bn khng mun ai ch telnet vo thit b ca bn v c th ch enable l vo c ch c quyn. Bn phi nhp mt khu enable hoc enable secret password s dng telnet cu hnh thit b ca bn t xa. 7. Nu bn telnet n mt router hoc switch, bn c th ct kt ni bng exit. Tuy nhin, nu bn mun vn gi kt ni trong khi quay li vi thit b ca mnh, nhn Ctrl-Shift-6, sau nhn X. Sau y l v d
2500A#telnet 172.16.10.1 Trying 172.16.10.1 ... Open User Access Verification Password: 2500E> [press cntl+shift+6 then x] 2500A#

Theo trn, bn telnet vo router 2500E, sau nhp mt khu vo ch ngi dng. Tip theo nhn Ctrl-Shift-6, sau X, tr v 2500A. 8. Bn cng c th telnet vo switch 1900. Tuy nhin bn phi ci mt khu level 15 hoc enable secret trong switch trc khi c th truy cp vo thng qua ng dng telnet. Trong v d sau y l telnet vo switch 1900:
Todd2509#telnet 172.16.60.2 Trying 172.16.60.2 ... Open Catalyst 1900 Management Console Copyright (c) Cisco Systems, Inc. 1993-1999 All rights reserved. Enterprise Edition Software Ethernet Address: 00-B0-64-75-6B-C0 PCA Number: 73-3122-04 PCA Serial Number: FAB040131E2 Model Number: WS-C1912-A System Serial Number: FAB0401U0JQ Power Supply S/N: PHI033108SD PCB Serial Number: FAB040131E2,73-3122-04 ------------------------------------------------1 user(s) now active on Management Console. User Interface Menu [M] Menus [K] Command Line Enter Selection:

9. Lc ny nhn Ctrl-Shift-6, sau X, tr v router 2500A. 10. xem kt ni to t router n mt thit b xa, s dng lnh show sessions nh sau:
2500A#sh sessions Conn Host Address Byte Idle Conn Name 1 172.16.10.1 172.16.10.1 0 0 172.16.10.1 * 2 172.16.60.2 172.16.60.2 0 0 172.16.60.2

22

2500A#

11. h du * bn cnh kt ni th 2 tc l session 2 l session cui. ta c th quay li session cui bng cch g Enter 2 ln. 12. Bn c th hin th tt c cc console hot ng v cc cng VTY ang dng trong Router ca mnh bng lnh show users nh sau:
2500A#sh users Line User Host(s) Idle Location * 0 con 0 172.16.10.1 00:07:52 172.16.60.2 00:07:18

Trn mn hnh xut ta thy con i din cho console cc b. console ny kt ni n 2 IP hay thit b xa. 13. G lnh show users t router 2500E m 2500A telnet vo.
2500E>sh users Line User Host(s) Idle Location 0 con 0 idle 9 * 2 vty 0

Kt qu cho thy console ang hot ng v cng VTY2 ang c s dng. Du * cho bit session ang c s dng hin ti. 14. Bn c th kt thc mt session bng nhiu cch khc nhau. Exit hoc disconnect l hai cch nhanh nht kt thc t xa. 15. kt thc mt session telnet trn my cc b, s dng lnh disconnect nh sau:
2500A#disconnect ? <1-2> The number of an active network connection WORD The name of an active network connection <cr> 2500A#disconnect 1 Closing connection to 172.16.10.1 [confirm] 2500A#

Trong v d trn ta dng kt ni s 1 v kt ni n router 2500e chnh l kt ni cn ng. Dng lnh show sessions xem cc kt ni. 5.8 To mt bng cc Host trn mt Router v ly IP ca mt Host Nhm mc ch s dng tn host thay v a ch IP kt ni n mt thit b t xa, thit b m bn s dng phi c kh nng chuyn tn host sang IP. Sau y l cch to mt bng host trn router ca bn chuyn tn host sang IP. 1. Mt bng host cung cp vic phn gii tn ch cho router m n c xy dng. Lnh to mt bng host l:
ip host name ip_address

2. Sau y l v d v cu hnh mt bng host vi 2 phn t cung cp tn cho router 2500E v switch 1900C:
2500A#config t Enter configuration commands, one per line. End with CNTL/Z. 2500A(config)#ip host ? WORD Name of host 2500A(config)#ip host 2500e ? <0-65535> Default telnet port number A.B.C.D Host IP address (maximum of 8) 2500A(config)#ip host 2500e 172.16.10.1 ? A.B.C.D Host IP address (maximum of 8) <cr>

23

2500A(config)#ip host 2500e 172.16.10.1 2500A(config)#ip host 1900c 172.16.60.2 2500A(config)#^Z

3. xem bng host, ta dng lnh show hosts nh sau:

2500A#sh hosts Default domain is not set Name/address lookup uses domain service Name servers are 255.255.255.255 Host Flags Age Type Address(es) 2500e (perm, OK) 0 IP 172.16.10.1 1900c (perm, OK) 0 IP 172.16.60.2 2500A#

Trong kt qu trn, bn c th thy 2 tn host v a ch IP tng ng. Ch perm trong ct flag cho bit phn t ny c cu hnh bng tay. Nu l temp th n c cung cp bi DNS. 4. kim tra xem bng host c lm vic khng, ti du nhc i lnh g tn host tc l s dng telnet. Dng tn host telnet vo thit b xa, sau nhn Ctrl-Shift-6, sau X tr v mn hnh 2500A.
2500A#2500e Trying 2500e (172.16.10.1)... Open User Access Verification Password: 2500E>(control+shift+6,then x) 2500A# 2500A#1900c Trying 1900c (172.16.60.2)... Open Catalyst 1900 Management Console Copyright (c) Cisco Systems, Inc. 1993-1999 All rights reserved. Enterprise Edition Software Ethernet Address: 00-B0-64-75-6B-C0 PCA Number: 73-3122-04 PCA Serial Number: FAB040131E2 Model Number: WS-C1912-A System Serial Number: FAB0401U0JQ Power Supply S/N: PHI033108SD PCB Serial Number: FAB040131E2,73-3122-04 ------------------------------------------------1 user(s) now active on Management Console. User Interface Menu [M] Menus [K] Command Line Enter Selection: (control+shift+6,then x) 2500A#

5. Lu trong cc phn t xut ra bng lnh show session di y th tn host c hin th thay v a ch IP bi v a ch IP c x l.
2500A Conn 1 * 2 2500A #sh sess Host Address Byte 1900c 172.16.60.2 0 2500e 172.16.10.1 0 # Idle 0 0 Conn Name 1900c 2500e

6. Bn c th xo tn host t bng bng cch s dng lnh no ip host nh sau:

2500A(config)#no ip host 2500e

24

6 Cu hnh IPX Routing

6.1 Cu hnh nh tuyn IPX c bn 1. cu hnh nh tuyn IPX, ta s dng ipx routing global configuration.
2500A#config t 2500A(config)#ipx routing

khi bn kch hot nh tuyn IPX trong router, RIP v SAP t ng kch hot. Tuy nhin s khng c g xy ra cho n khi bn cu hnh cng c nhn vi cc a ch IPX. 2. Khi bn kch hot nh tuyn IPX trn router, bc tip theo l kch hot IPX trn cng c nhn. y l mt v d cu hnh hon chnh IPX trn 2500A:
2500A#config t 2500A(config)#ipx routing 2500A(config)#int e0 2500A(config-if)#ipx network 10

Ch n gin vy thi. IPX l mt giao thc rt mau phc hi bi v n broadcast mi th. Tuy nhin chnh l vn trong mng ln hn. S nt mng c cung cp bi ngi qun tr. 6.2 Cu hnh IPX cho Internetwork (mng o trong sim)

Ta ch cu hnh IPX c bn tc l rt d dng cu hnh. S ca cc nt mng m ta s dng ph thuc vo s ca subnet m ta dng trong mi mng. Tuy nhin, IPX s khng nh hng g n IP nn ng lo lng. 1. Kt ni n router 2500A v cu hnh nh tuyn IPX sau thm s mng IPX vo c hai cng. Ethernet0 kt ni vo subnet 60 nn s mng IPX ca n l 60. Cng Serial 0 kt ni vo subnet 20 nn s mng IPX ca n l 20.
2500A>enable 2500A#config t 2500A(config)#ipx routing 2500A(config)#interface ethernet0 2500A(config-if)#ipx network 60 2500A(config-if)#interface serial0 2500A(config-if)#ipx network 20 2500A(config-if)#^z 2500A#

2. Kt ni n router 2500B, 2500C, 2500D, 2500E v cu hnh n nh sau:

2500B>enable 2500B#config t 2500B(config)#ipx routing 2500B(config)#interface ethernet0 2500B(config-if)#ipx network 70 2500B(config-if)#interface serial0 2500B(config-if)#ipx network 30 2500B(config-if)#^z 2500B# 2500C>enable 2500C#config t 2500C(config)#ipx routing 2500C(config)#interface ethernet0 2500C(config-if)#ipx network 80 2500C(config-if)#interface serial0

25

2500C(config-if)#ipx network 40 2500C(config-if)#^z 2500C# 2500D>enable 2500D#config t 2500D(config)#ipx routing 2500D(config)#interface ethernet0 2500D(config-if)#ipx network 90 2500D(config-if)#interface serial0 2500D(config-if)#ipx network 50 2500D(config-if)#^z 2500D# 2500E>enable 2500E#config t 2500E(config)#ipx routing 2500E(config)#interface ethernet0 2500E(config-if)#ipx network 10 2500E(config-if)#interface serial0 2500E(config-if)#ipx network 20 2500E(config-if)#interface serial1 2500E(config-if)#ipx network 30 2500E(config-if)#^z 2500E#

3. Kt ni n router 2600A v cu hnh nh sau:

2600A>enable 2600A#config t 2600A(config)#ipx routing 2600A(config)#interface fastethernet0/0.1 2600A(config-subif)#ipx network 10 2600A(config-subif)#interface fastethernet0/0.2 2600A(config-subif)#ipx network 2 2600A(config-subif)#interface fastethernet0/0.3 2600A(config-subif)#ipx network 3 2600A(config-subif)#interface serial0/0 2600A(config-if)#ipx network 40 2600A(config-if)#interface serial0/1 2600A(config-if)#ipx network 50 2600A(config-if)#^z 2600A#

6.3

Kim tra li IPX Internetwork

Chng ta cu hnh IPX trn ton b internetwork. Nn nh l s mng IPX v s subnet khng cn phi ging nhau nh lm, vic lm nh vy ch nhm mc ch qun tr. 1. T router 2500A, s dng lnh show ipx route xem ton b cc tuyn IPX. Sau y s hin th cc tuyn IPX RIP tm c. ... Lu l c 11 tuyn trong bng nh tuyn ca 2500C. Hai ni trc tip vi router cn hai c xc nh bi IPX RIP. 2. Lm tng t vi cc router 2500B, C, D, E v 2600A 3. T router 2500A, dng lnh show protocols xem a ch IPX ca mi cng

26

Bn phi nhn thanh space cho n khi thy cu hnh ca cng. Lnh ny hin th thng tin ca giao thc nh tuyn ca mi cng ang hot ng. 4. G lnh show ipx interface xem s mng IPX cho mi cng Nh rng s mng IPX lun c t ng phn cho s dng a ch MAC ca cng lin kt vi s mng . 5. Lnh show ipx server s hin th bng SAP xy dng bi router. Bi v chng ta khng c my dch v Novell no trn mng lc ny nn s khng c g c hin th. 6. Dng lnh debug ipx routing activity xem thng tin RIP c gi v nhn trn router. 6.4 Thm mt mng IPX ph

Phn ny s hng dn bn thm cc chc nng vo mng IPX sn c ca bn trn router 2500A -> 2500D. Bng cch dng lnh IPX verification c trnh by trn, bn s thy mng Ethernet ng s dng kiu frame IPX ca Novell-Ether(802.3). Nu bn mun h tr kiu frame khc ngoi Novell-Ether, bn c th dng lnh secondary trong mng Ethernet (bn khng th lm iu ny i vi cng serial. 1. Thm mt mng khc dng kiu frame 802.2 trn mng Ethernet kt ni n router 2500A, ta s dng s mng IPX l 60a.
2500A#config t 2500A(config)#interface ethernet0 2500A(config-if)#ipx network 60a encapsulation sap secondary 2500A(config-if)#^z 2500A#

Nu bn khng s dng lnh secondary ti cui mi lnh, kiu frame 802.3 s c thay th bi 802.2 (SAP) 2. Kim tra li cu hnh ny bng lnh show running-config. Bn s nhn thy hai mng IPX chy trong cng Ethenet 0. 3. G lnh show ipx route. Lu l mng IPX 60a c hin th l kt ni trc tip nhng vi mt k t c tc l secondary. 4. Thm mt mng IPX ph chy theo kiu frame Ethernet_II trn router 2500B. Dng s mng IPX 70a.
2500B#config t 2500B(config)#interface ethernet0 2500B(config-if)#ipx network 70a encapsulation arpa secondary 2500B(config-if)#^z 2500B#

5. Thm mt mng IPX ph chy theo kiu frame SNAP trn router 2500C. S dng s mng IPX l 70a.
2500C#config t 2500C(config)#interface ethernet0 2500C(config-if)#ipx network 80a encapsulation snap secondary 2500C(config-if)#^z 2500C#

Vic ci t nhiu loi mng khc nhau nh vy l khng cn thit trong thc t. y ch l hng dn hiu v cch thc ci t cho 4 kiu frame khc nhau ca IPX.

27

6.5 Thm mt mng IPX ph s dng Subinterface. Subinterface l mt cch khc thc hin cc lnh secondary trn cng Ethernet. to mt subinterface, bn dng lnh interface vi mt chm v mt s. V d ethernet0.55. S subinterface ch quan trng trong qun tr v phi khc nhau trn mng internetwork. 1. Cho n lc ny, trn router 2500A, ta c hai kiu frame c cu hnh l 802.3 v 802.2. Ta cu hnh Ethernet_II v SNAP s dng hai subinterface.
2500A#config t 2500A(config)#interface ethernet0.1 2500A(config-subif)#ipx network 60b encap arpa 2500A(config-subif)#interface ethernet0.2 2500A(config-subif)#ipx network 60c encap snap 2500A(config-subif)#^z 2500A#

Vic cu hnh quan trng nht cn lu l s subinterface .1 v .2. Bn c th s dng bt k s no. Lu l lnh encapsulation c s dng trong subinterface thay v secondary v chng ta cng s dng s mng IPX khc. 2. Trn router 2500B, chng ta c 802.3 v Ethernet_II. Cu hnh 802.2 v SNAP s dng 2 subinterface.
2500B#config t 2500B(config)#interface ethernet0.1 2500B(config-subif)#ipx network 70b encap sap 2500B(config-subif)#interface ethernet0.2 2500B(config-subif)#ipx network 70c encap snap 2500B(config-subif)#^z 2500B#

3. Trn router 2500C, chng ta c 802.3 v SNAP. Cu hnh 802.2 v SNAP dng 2 subinterface.
2500C#config t 2500C(config)#interface ethernet0.1 2500C(config-subif)#ipx network 80b encap sap 2500C(config-subif)#interface ethernet0.2 2500C(config-subif)#ipx network 80c encap arpa 2500C(config-subif)#^z 2500C#

4. Bi v ta khng thm mt mng ph trn router 2500D, by gi ta s ci t nh l bi luyn tp. Thrm 3 kiu frame cn li vo 2500D s dng s mng IPX 90a, 90b, 90c. To 802.2 s dng secondary v Ethernet_II, SNAP dng subinterface.
2500D#config t 2500D(config)#interface ethernet0 2500D(config-if)#ipx network 90a encapsulation sap secondary 2500D(config-if)#interface ethernet0.1 2500D(config-subif)#ipx network 90b encap arpa 2500D(config-subif)#interface ethernet0.2 2500D(config-subif)#ipx network 90c encap snap 2500D(config-subif)#^z 2500D#

6.6

Kim tra li vi CDP v IPX ping

28

Bn c th kim tra li mng IPX bng cch s dng cc lnh CDP v IPX Ping. Lnh CDP c th s dng tm a ch IPX ca router lng ging v sau a ch c th s dng vi lnh IPX Ping. 1. Kt ni n 2500A v dng CDP tm a ch IPX ca 2500E.
2500A#show cdp neighbor detail

2. Dng a ch IPX m CDP hin th Ping router 2500E

2500A#ping ipx address

3. Telnet vo 2500E v ly a ch IPX ca 2500B, sau tr v 2500A console v ping 2500B vi IPX.
2500A#telnet 172.16.20.1 2500E#show cdp neighbor detail 2500E#[cntl+shift+6 then x] 2500A#ping ipx address

7 Cu hnh Access-Lists
7.1 Danh sch a ch IP chun cho php truy cp vo mng

Phn ny hng dn bn cm truy cp vo mng 172.16.60.0 t cc host G v H. Danh sch truy cp c th phc tp bi v nu bn khng to danh sch mt cch chnh xc, bn c th lm cho mng b down. 1. Kim tra l bn c th ping t 1900C v bn c th ping my E t my G v H. 2. Kt ni vo 2500A v to mt danh sch truy cp m cm truy cp t G v H khi mun vo 172.16.60.0
2500A#config t 2500A(config)#access-list 10 deny host 172.16.80.3 2500A(config)#access-list 10 deny host 172.16.90.3 2500A(config)#access-list 10 permit any

Lu l danh sch ny cn phi c to gn vi mng ch nht, v th m ta to ti 2500A. 3. Thm danh sch truy cp cho cng serial 0 ca 2500A.
2500A(config)#interface serial 0 2500A(config-if)#ip access-group 10 in

Dng lnh trn cp nht danh sch truy cp 10 vo serial 0 v lc tt c cc packet i vo. 4. Kim tra thy rng G v H khng th no ping 172.16.60.2 v 172.16.60.3 5. Nu danh sch truy cp chnh xc, tt c cc thit b khc s c th vo mng 172.16.60.0. Ping t 2500C v kim tra l c th thy 172.16.60.2 v 172.16.60.3 7.2 Kim tra li Danh sch truy cp chun

1. Kt ni n 2500A v xem danh sch truy cp bng lnh show access-list

2500A#show access-list

29

2. Bn c th nhp show ip access-list hoc show-access-list 10 ly thng tin cu hnh danh sch.
2500A#show access-list 10

3. xem cng no ng p dng danh sch, dng lnh show ip interface.

2500A#show access-list 10

4. Lnh show running-config rt tt xem c danh sch truy cp v cng c p dng danh sch .
2500A#show running-config

7.3

Gn mt Danh sch IP truy cp mng vo mt dng VTY

Bn s rt kh khn trong vic dng mt user telnet vo router bi v bt k cng hot ng no ca router u nh nhau cho vic truy cp VTY. Tuy nhin, bn c th dng danh sch IP truy cp chun iu khin bng cch t danh sch truy cp ln chnh cc dng VTY. 1. To mt danh sch IP truy cp m cho php ch mt s host c th telnet vo router. 2. p dng danh sch ny vo cc dng VTY vi lnh access-class. Chng ta s dng host G v H telnet vo router 2600A.
2600A#config t 2600A(config)#access-list 10 deny host 172.16.80.3 2600A(config)#access-list 10 deny host 172.16.90.3 2600A(config)#access-list 10 permit any

1. Kim tra rng G v H c th telnet vo 2600A. 2. Kt ni vo 2600A v cm telnet i vi G v H nhng cho php cc thit b khc telnet vo 2600A.
2600A(config)#line vty 0 4 2600A(config-line)#access-class 10 in 2600A(config-line)#^z 2600A#

3. p dng danh sch truy cp trc tip vo cc dng VTY v khng phi interface.
2600A(config)#line vty 0 4 2600A(config-line)#access-class 10 in 2600A(config-line)#^z 2600A#

4. Kim tra rng G v H khng th telnet vo 2600A. 5. Kitm tra rng 2500C vn c th telnet vo 2600A.
2500C#telnet 172.16.40.1

7.4

Danh sch IP truy cp mng m rng

Chng ta s xo danh sch truy cp IP chun trn 2500A v thay bng mt danh sch ngn gn hn. Chng ta cn G v H s dng cc dch v trong mng 172.16.60.0 nhng ta khng cho php telnet vo switch 1900C. 1. Xo danh sch truy cp khi 2500A
2500A#config t

30

2500A(config)#no access-list 10

2. Xo danh sch truy cp khi cng serial 0 ca 2500A

2500A(config)#interface serial 0 2500A(config-if)#no ip access-group 10 in

Lu ch cn nhp no access-list 10 on xo danh sch truy cp nhng bn phi nhp ton b lnh xo danh sch khi cng ca router. 3. Kim tra thy G v H c th ping 172.16.60.2 v 3. 4. To danh sch truy cp trong 2500A cm telnet vo 172.16.60.0 nhng vn cho G v H ping E.
2500A#config t 2500A(config)#access-list 110 deny tcp host 172.16.80.3 172.16.60.0 0.0.0.255 eq telnet 2500A(config)#access-list 110 deny tcp host 172.16.90.3 172.16.60.0 0.0.0.255 eq telnet 2500A(config)#access-list 110 permit ip any any

Danh sch truy cp ny cm a ch ngun l 172.16.80.3 v 172.16.90.3 khng c kt ni vo mng 172.16.60.0 5. Cp nhp danh sch ny vo serial 0 ca 2500A lc cc gi i vo.
2500A(config)#interface serial 0 2500A(config-if)#ip access-group 110 in 2500A(config-if)#^z 2500A#

Danh sch tng t c th xy dng trn 2600A v 2500E. C th ni tt nht cu hnh danh sch ny l trn 2600A v lc cc gi c gng vt ra Fastethernet 0/0. iu ny cho php dng cc packet s b t chi khi n 172.16.60.0 nhng trc khi n c a vo mng xng sng. 6. Nu bn mun dng cc gi gn vi ngun, to danh sch truy cp IP m rng trn 2600A. u tin xo cu hnh trn 2500A.
2500A#config t 2500A(config)#no access-list 110

7. Xo danh sch truy cp trn serial 0 ca 2500A.

2500A(config)#interface serial 0 2500A(config-if)#no ip access-group 110 in

8. To mt danh sch truy cp trn 2600A cm telnet vo 172.16.60.0 nhng vn cho php G v H ping E.
2600A#config t 2600A(config)#access-list 110 deny tcp host 172.16.80.3 172.16.60.0 0.0.0.255 eq telnet 2600A(config)#access-list 110 deny tcp host 172.16.90.3 172.16.60.0 0.0.0.255 eq telnet 2600A(config)#access-list 110 permit ip any any

9. By gi p dng danh sch ny cho cng fastethernet 0/0 ca 2500A lc cc gi ra khi router n 172.16.60.0
2600A(config)#interface fastethernet0/0 2600A(config-if)#ip access-group 110 out 2600A(config-if)#^z 2600A#

10. Kim tra danh sch truy cp bng cch th telnet 172.16.60.2 Tt c cc thit b khc phi c th telnet vo 172.16.60.2.

31

7.5 Kim tra li danh sch truy cp IP m rng Chng ta dng cc lnh tng t nh lm kim tra danh sch truy cp IP chun. n 2600A v kim tra danh sch . Nn nh telnet thc s l mt cng c tt kim tra li mng ca mnh. 1. T 2600A, g show access-list xem danh sch cu hnh.
2600#show access-list

2. Dng lnh show access-list 110 xem mt mnh danh sch 110
2600#show access-list 110

3. Xem cc danh sch ch trn router.

2600#show ip access-list

4. Kim tra cng no c ci t mt danh sch truy cp bng show ip interface trn router 2600.
2600#show ip interface

7.6

Danh sch truy cp IPX chun

Danh sch truy cp IPX c cu hnh tng t nh cc danh sch khc. Bn dng lnh access-list to cho mnh danh sch truy cp ca cc kim tra packet v sau p dng vo danh sch cho mt cng vi lnh access-group. Danh sch truy cp IPX chun s dng my ngun hoc ch hoc a ch mng lc. cch cu hnh rt ging vi cu hnh cho IP. Cc tham s cu hnh danh sch truy cp IPX chun l access-list 800-899 deny/permit source_address destination_address Ta s cu hnh danh sch truy cp IPX chun trn 2600A chn mng IPX 70 khng b hin th n 2500C v 2500D. iu ny rt ch li trong mt mng sn xut khi bn khng mun mng Lan ca phng ti chnh b hin ra trn mng. 1. Kt ni n 2600A v xy dng mt danh sch truy cp IPX cm mng IPX 70 vo fastethernet 0/0.
2600A#config t 2600A(config)#access-list 810 deny 70 -1

Danh sch truy cp n gin ny cm cc packet IPX vi ngun l mng IPX hoc 70 vi mt ch l mng IPX bt k. 2. p dng danh sch truy cp ny cho cng fastethernet 0/0 vi lnh ipx access-group.
2600A(config)#interface fastethernet 0/0 2600A(config-if)#ipx access-group 110 in 2600A(config-if)#^z 2600A#

Sau mt vi giy, 2600A, 2500C v 2500D s khng th thy mt tuyn no n IPX 70 trong bng nh tuyn IPX. Trong cc router thc cn phi mt n 60 giy.

32

7.7

Kim tra li danh sch truy cp IPX chun

Chng lm cc cng vic kim tra danh sch truy cp IPX hu nh tng t vi vic kim tra cho IP. 1. Kim tra li mng IPX 70 bit rng n khng xut hin trong bng nh tuyn ca 2600A.
2600A#show ipx route

2. Kim tra li mng IPX 70 bit n khng xut hin trong bng nh tuyn ca 2500D
2500D#show ipx route

3. Kim tra li mng IPX 70 bit n khng xut hin trong bng nh tuyn ca 2500E
2500E#show ipx route

4. Dng lnh show access-list kim tra li danh sch ca bn trn 2600A.
2600A#show access-list

5. xem ring danh sch truy cp IPX, dng lnh show ipx access-list
2600A#show ipx access-list

6. Bn cng c th dng lnh show access-list 810

2600A#show access-list 810

7. Kim tra li cng m danh sch truy cp ang p dng trn router 2600A bng cch dng lnh show ipx interface
2600A#show ipx interface

8 Cu hnh Truy cp t xa
8.1 Cu hnh PPP Encapsulation Encapsulation l s kt hp mt cu trc bn trong mt cu trc khc (VD: d liu theo chun TCP/IP c ng gi bn trong mt frame ATM.). Tm dch l ng gi. PPP l mt giao thc tng data-link c s dng qua cc thit b truyn thng quay s tun t khng ng b v s dng LCP xy dng v duy tr kt ni data-link. Mc ch c bn ca PPP l vn chuyn cc packet tng th 3 thng qua mt lin kt im-im ca tng Data Link. Giao thc HDLC (High-Level Data-Link Control) l mt giao thc im-im s dng trn cc ng leased line. Khng c s dng xc thc trong HDLC v l chun ng gi mc nh c dng bi cc router Cisco trn cc kt ni tun t ng b. Cisco HDLC l mt phng thc c quyn giao tip vi bt k nh cung cp h tr HDLC no. Nu bn mun hoc cho php xc thc trn kt ni tun t hoc kt ni t router Cisco n router ca cc nh cung cp khc, khi cn phi cu hnh PPP trn cng serial. Phn ny s hng dn bn cu hnh PPP trn 4 mng tun t v thay th HDLC thnh mt phng thc ng gi trn lin kt tun t. 1. Kt ni n 2500E v tahy i phng thc ng gi (encapsulation) trn kt ni serial t HDLC sang PPP.
2500E>enable 2500E#config t 2500E(config)#interface serial 0 2500E(config-if)#encapsulation ppp 2500E(config-if)#interface serial 1

33

2500E(config-if)#encapsulation ppp 2500E(config-if)#^z 2500E#

2. Kt ni n 2600A v thay i nh trn.

2600A>enable 2600A#config t 2600A(config)#interface serial 0/0 2600A(config-if)#encapsulation ppp 2600A(config-if)#interface serial 0/1 2600A(config-if)#encapsulation ppp 2600A(config-if)#^z 2600A#

3. Lm tng t vi cc router 2500A, 2500B, 2500C, 2500D. 8.2 Kim tra PPP Encapsulation

Mt khi thay th HDLC bng phng thc encapsulation tun t, bn cn kim tra li xem mng ca mnh c cn ang hot ng. u tin phi kim tra bng lnh show ip route bo m tt c cc tuyn IP v IPX u n. 1. T cc router u s dng lnh show ip route kim tra mng vn hot ng. 2. T 2600A, dng lnh interface thy ng gi lin kt tun t.
2600A#show interface s0/0 2600A#show interface s0/1

3. T 2500E, kim tra encapsulation bng lnh show interface

2500E#show interface s0 2500E#show interface s1

8.3

Cu hnh PPP Authentication dng CHAP

By gi mng dng PPP v bn c th s dng xc thc PPP cm cc user khng cho php kt ni vo mng. Mc d, thng thng cch ny c dng vi dial-up, n vn c th dng vi serial. Phn ny hng dn bn cu hnh xc thc PPP trn tt c cc cng serial ca cc router s dng giao thc CHAP. Giao thc Challenge Authentication c dng ti thi im khi ng ca mt lin kt v ti thi im kim tra lin kt bo m router vn ang giao tip vi cng mt my ch. Sau khi PPP kt thc giai on khi to ca n, router cc b gi mt yu cu thch thc n thit b xa. Thit b kia gi mt gi tr tnh ton s dng mt hm bm mt chiu gi l MD5. Router cc b s kim tra gi tr bm m ho ny bo m n ng. Nu gi tr khng ng, lin kt s b ngt ngay lp tc. cu hnh xc thc PPP, u tin t tn ca router nu n cha c t (bt buc). Sau dng tn user v mt khu router xa kt ni c n router ca bn. V d, nu bn kt ni n 2500A v mun cu hnh xc thc, bn s t tn host v to tn user bao gm c router m bn s kt ni vo, trong v d sau l 2500E.
Router#config t

34

Enter configuration commands, one per line. End with CNTL/Z. Router(config)#hostname 2500A 2500A(config)#username 2500E password cisco

Khi s dng lnh hostname, nh l tn user l tn ca router xa kt ni n router ca bn. Phn bit hoa thng. mt khu trn c hai router u phi ging nhau. l mt mt khu text v c th hin ra bng lnh show run. Bn phi c tn user v mt khu cu hnh cho mi h thng xa m bn s kt ni n. Router xa phi c cu hnh vi cc tn user v mt khu. Sau khi bn t tn my, tn user, mt khu th chn xc thc.
2500A#config t Enter configuration commands, one per line. End with CNTL/Z. 2500A(config)#int s0 2500A(config-if)#ppp authentication chap 2500A(config-if)#^Z 2500A#

1. Kt ni n 2500A v to tn user l 2500E v mt khu l cisco. Sau cu hnh cng serial 0 s dng xc thc PPP ca chap.
2500A#config t 2500A(config)#username 2500E password cisco 2500A(config)#interface serial 0 2500A(config-if)#ppp authentication chap 2500A(config-if)#^z 2500A#

2. Kt ni n 2500B to 2500E vi mt khu cisco.

2500B#config t 2500B(config)#username 2500E password cisco 2500B(config)#interface serial 0 2500B(config-if)#ppp authentication chap 2500B(config-if)#^z 2500B#

3. Kt ni n 2500C v to 2600A vi mk cisco.

2500C#config t 2500C(config)#username 2600A password cisco 2500C(config)#interface serial 0 2500C(config-if)#ppp authentication chap 2500C(config-if)#^z 2500C#

4. Kt ni n 2500D v to 2600A vi mk cisco. 5. Kt ni n 2600A v to 2500C, 2500D vi mk cisco.

2500E#config t 2500E(config)#username 2500A password cisco 2500E(config)#username 2500B password cisco 2500E(config)#interface serial 0 2500E(config-if)#ppp authentication chap 2500E(config-if)#interface serial 1 2500E(config-if)#ppp authentication chap 2500E(config-if)#^z 2500E#

8.4

Kim tra PPP Authentication

35

Mt khi cu hnh xong PPP vi phn xc thc l mt phng thc ng gi tun t, bn cn phi kim tra li xem mng ca mnh c hot ng khng. Lnh u tin dng l show ip route bo m cc tuyn IP v IPX u hot ng. Tip theo l dng lnh show interface. 1. T cc router 2500A, 2500B, 2500C, 2500D, 2500E, 2600A g
show ip route

2. T 2600A, dng lnh show interface xem ng gi lin kt tun t.

2600A#show interface s0/0 2600A#show interface s0/1

3. T 2500E, dng lnh show interface xem ng gi lin kt tun t.

2500A#show interface s0 2500A#show interface s1

8.5

Tm hiu v Cu hnh Frame Relay

Frame Relay cung cp mt cng giao tip gia DTE (data terminal equipment) v DCE (data circuit-terminating equipment, nh l switch). DTE bao gm cc thit b u cui, PC, router, bridgescustomer-owned end node v cc thit b mng. DCE bao gm cc thit b carrier-owned internetworking. Frame Relay s dng Virtual Circuit. Frame Relay cung cp kt ni nh hng, lin kt tng Data-Link thng qua virtual circuit(VC). Cc VC ny l cc kt ni logic to bi hai DTE thng qua mt mng chuyn mch gi (c xc nh bng mt DLCI, Data Link Connection Identifier). Tng t, Frame Relay s dng c PVC (Permanent Virtual Circuit) v SVC (Switched Virtual Circuit dnh cho dial up), mc d hu ht cc mng Frame Relay dng PVC. Virtual circuit ny cung cp mt ng dn y n mng ch trc khi gi frame u tin i. Cu hnh Frame Relay Encapsulation Khi cu hnh FR trn router Cisco, bn cn phi xc nh n nh l mt encapsulation trn cng serial. Ch c 2 loi encapsulation: Cisco v IETF (Internet Engineering Task Force). Kt qu xut di y th hin hai phng thc encapsulation khc nhau khi chn FR trn router cisco ca bn
RouterA(config)#int s0 RouterA(config-if)#encapsulation frame-relay ? ietf Use RFC1490 encapsulation <cr>

Encapsulation mc nh l Cisco tr khi bn nhp bng tay IETF. Ngoi ra, Cisco l kiu dng kt ni gia hai thit b Cisco. Bn s c la chn s dng IETF encapsulation nu bn cn phi kt ni gia mt thit b Cisco v mt thit b khc khng phi ca Cisco. Frame Relay DLCI FR virtual circuit (PVC) c xc nh bi Data Link Connection Identifier (DLCI). Mt nh cung cp dch v Frame Relay nh cng ty in thoi thng thng s gn gi tr DLCI, gi tr c dng trong FR phn bit gia cc VC trn mng. Bi v rt nhiu VC c th b ngt trn mt cng FR nhiu im, nhiu DLCI thng c lin kt vi n.

36

i vi thit b IP ti mi im cui ca mt VC, giao tip, a ch IP ca chng cn phi map n cc DLCI. Vic lin kt ny c th thc hin nh l mt mt thit b nhiu im m c th xc nh mng RT mt VC ch thch hp cho cc packet c gi qua thit b vt l. Vic lin kt ny cng c th thc hin t ng bi IARP (Inverse ARP) hoc bng tay thng qua lnh Frame Relay map. S DLCI dng ch nh mt PVC thng c gn bi nh cung cp v bt u l 16. Cu hnh mt s DLCI p dng vo mt cng th hin di y:
2500A(config-if)#frame-relay interface-dlci ? <16-1007> Define a DLCI as part of the current subinterface 2500A(config-if)#frame-relay interface-dlci 16

Frame Relay RMI Local Management Interface (LMI) c pht trin vo nm 1990 bi Cisco System, StrataCom, Northern Telecom v Digital Equipment Corporation, sau tr thnh Gangof-four LMI hay Cisco LMI. Nhm ny nhn giao thc Frame Relay c bn t CCIT v thm phn m rng vo cc tnh nng ca giao thc cho php thit b mng giao tip d dng vi mng Frame Relay. LMI l chun tn hiu gia mt thit b CPE (router) v mt frame switch. LMI chu trch nhim qun l v duy tr trng thi gia cc thit b ny. Nu bn khng dng tnh nng auto-sense ca LMI, bn phi kim tra nh cung cp Frame Relay xc nh kiu no c dng. Kiu mc nh l Cisco, tuy nhin bn c th i sang ANSI hay Q.933A. Ba kiu LMI khc nhau ny c m t trong phn kt qu di y:
2500A(config-if)#frame-relay lmi-type ? cisco ansi q933a 2500A(config-if)#frame-relay lmi-type ansi

Bn c th c nhiu VC trn mt cng serial v coi chng nh l cc cng khc nhau, c th gi chng l subinterface. tng xem subinterface nh l mt hardware interface c nh ngha bi IOS. Mt thun li m ta t c thng qua s dng subinterface l kh nng gn cc c im ca cc tng mng khc nhau vo mi subinterface v VC nh l nh tuyn IP trn mt VC v IPX trn mt VC khc. Subinterface vi Frame Relay Bn nh ngha subinterface vi lnh int s0.subinterface numbet nh sau: u tin bn ci t encapsulation trn cng serial, sau bn c th nh ngha subinterface.
2500A(config)#int s0 2500A(config)#encapsulation frame-relay 2500A(config)#int s0.? <0-4294967295> Serial interface number 2500A(config)#int s0.16 ? multipoint Treat as a multipoint link point-to-point Treat as a point-to-point link

Bn c th nh ngha hu nh khng gii hn cc subinterface trn mt cng vt l. Trong v d trn, chng ta chn subinterface 16 bi v s i din cho s DLCI gn cho cng . Tuy nhin, bn c th chn bt k s no khc gia 0 v 4.292.967.295.

37

8.6 Cu hnh Frame Relay Switching By gi chng ta c nn tng cu hnh Frame Relay trn router Cisco. Phn ny s hng dn bn cu hnh 2500E v 2600A nh l mt Frame Relay Switch. Sau bn s cu hnh 2500A 2500D thnh cc kt ni Frame Relay t xa. Mng xng sng Ethernet s khng hot ng trong phn cu hnh ny. tin hnh iu ny, bn cn phi xo cu hnh trn 2 router u bi v cu hnh Frame Relay switching hon ton khc vi nhng g ta c. 1. T 2500E, g erase start sau reload
2500E#erase start 2500E#reload

2. T 2600A lm tng t 3. Kt ni n 2500E v cu hnh hostname v mt khu

Router>enable Router#config t Router(config)#hostname 2500E 2500E(config)#enable secret todd 2500E(config)#line vty 0 4 2500E(config-line)#login 2500E(config-line)#password cisco 2500E(config-line)#line console 0 2500E(config-line)#login 2500E(config-line)#password cisco 2500E(config-line)#^z 2500E#

4. Kt ni vi 2600A v cu hnh hostname v mt khu.

Router>enable Router#config t Router(config)#hostname 2600A 2600A(config)#enable secret todd 2600A(config)#line vty 0 4 2600A(config-line)#login 2600A(config-line)#password cisco 2600A(config-line)#line console 0 2600A(config-line)#login 2600A(config-line)#password cisco 2600A(config-line)#^z 2600A#

Mt khi router ca bn r rng, bn c th bin chng thnh mt frame relay switch vi lnh frame-relay switching. Tuy nhin, l phn d. Bn cn phi lin kt mi DLCI trn switch. C hai router ch c 2 kt ni, v th s khng tn nhiu thi gian nhng bn c c t PVC nn s phi mt cng mt cht. V 2500A v 2600A s khng kt ni vi mng xng sng, chng ta c th dng chung cu hnh
2500A serial serial 2600A serial serial 0 DLCI 16 1DLCI 17 0/0 DLCI 16 0/1 DLCI 17

38

Trn frame relay switch, s dng lnh frame relay route lin kt mi DLCI. V d:
2600A(config)#interface serial 0/0 2600A(config-if)#frame-relay route 16 interface Serial0/1 17

Lnh ny yu cu switch nu n nhn mt frame trn serial 0/0 vi PVC 16, gi n ra serial 0/1 dng PVC 17. Xin nhc li l mng ca chng ta vi cu hnh ny s ch c 2 tuyn nn n khng mt thi gian. 5. Kt ni n 2500E v cu hnh Frame Switching. Khng c a ch IP c gn cho cc cng ca router. Nn nh y l cc chc nng tng Data Link nn IP khng nh hng g n cu hnh ny.
2500E#config t 2500E(config)#frame-relay switching 2500E(config)#interface serial 0 2500E(config)#clock rate 56000 2500E(config-if)#frame intf-type dce 2500E(config-if)#frame-relay route 16 interface serial1 17 2500E(config-if)#interface serial 1 2500E(config-if)#frame-relay route 17 interface serial0 16 2500E(config-if)#^z 2500E#

6. Kt ni n 2600A v cu hnh Frame Switching

2600A#config t 2600A(config)#frame-relay switching 2600A(config)#interface serial 0/0 2500A(config)#clock rate 56000 2500A(config-if)#frame intf-type dce 2600A(config-if)#frame-relay route 16 interface serial0/1 17 2600A(config-if)#interface serial 0/1 2600A(config-if)#frame-relay route 17 interface serial0/0 16 2600A(config-if)#^z 2600A#

By gi th c hai router frame-relay u c cu hnh, bn phi cu hnh router xa. 8.7 Cu hnh Frame Relay vi Subinterface

Phn ny s hng dn bn kt ni n 2500A 2500D v cu hnh chng cho frame relay s dng subinterface. V frame relay switch khng s dng nh a ch IP, kt ni t 2500A n 2500B s s dng mt subnet v xut hin nh l mt kt ni trc tip. Dng subnet 172.16.10.0 v s mng IPX l 10 gia cc router . 1. Kt ni n 2500A v cu hnh cng serial 0 vi Frame relay subinterface. thc hin iu ny bn phi xo a ch IP v s mng IPX trong cng serial.
2500A#config t 2500A(config)#interface serial 0 2500A(config-if)#no ip address 2500A(config-if)#no ipx network 2500A(config-if)#encapsulation frame-relay 2500A(config-if)#interface serial0.16 point-to-point 2500A(config-subif)#ip address 172.16.10.1 255.255.255.0 2500A(config-subif)#ipx network 10

39

2500A(config-subif)#frame-relay interface-dlci 16 2500A(config-subif)#^z 2500A#

2. Lm tng t vi 2500B
2500B#config t 2500B(config)#interface serial 0 2500B(config-if)#no ip address 2500B(config-if)#no ipx network 2500B(config-if)#encapsulation frame-relay 2500B(config-if)#interface serial0.16 point-to-point 2500B(config-subif)#ip address 172.16.10.2 255.255.255.0 2500B(config-subif)#ipx network 10 2500B(config-subif)#frame-relay interface-dlci 17 2500B(config-subif)#^z 2500B#

3. Kim tra li kt ni Frame-Relay ang chy. Ping t 2500A n 2500E.

2500E#ping 172.16.10.2

4. Kt ni n 2500C v cu hnh cng serial 0 vi Frame Relay subinterface. S dng chung a ch IP v s mng IPX v Frame Relay switching router khng kt ni.
2500C#config t 2500C(config)#interface serial 0 2500C(config-if)#no ip address 2500C(config-if)#no ipx network 2500C(config-if)#encapsulation frame-relay 2500C(config-if)#interface serial0.16 point-to-point 2500C(config-subif)#ip address 172.16.10.1 255.255.255.0 2500C(config-subif)#ipx network 10 2500C(config-subif)#frame-relay interface-dlci 16 2500C(config-subif)#^z 2500C#

5. Kt ni n 2500D v lm tng t
2500D#config t 2500D(config)#interface serial 0 2500D(config-if)#no ip address 2500D(config-if)#no ipx network 2500D(config-if)#encapsulation frame-relay 2500D(config-if)#interface serial0.16 point-to-point 2500D(config-subif)#ip address 172.16.10.2 255.255.255.0 2500D(config-subif)#ipx network 10 2500D(config-subif)#frame-relay interface-dlci 17 2500D(config-subif)#^z 2500D#

6. Kim tra kt ni Frame-Relay ang hot ng. Ping t 2500C n 2500D

2500C#ping 172.16.10.2

8.8

Kim tra li Frame Relay

C nhiu cch kim tra li trng thi ca cc cng v PVC ca bn khi b dng Frame Relay Encapsulation. Vn c th dng lnh show frame-relay vi du ? bit cc thng s ca lnh.
2500A>sho frame ? ip show frame relay IP statistics lmi show frame relay lmi statistics

40

map Frame-Relay map table pvc show frame relay pvc statistics route show frame relay route traffic Frame-Relay protocol statistics

1. Lnh show frame-relay lmi s ho bit thng k ca mt giao thng LMI trao i gia router ni b v Frame Relay switch.
2500A#sh frame lmi LMI Statistics for interface Serial0 (Frame Relay DTE) LMI TYPE = CISCO Invalid Unnumbered info 0 Invalid Prot Disc 0 Invalid dummy Call Ref 0 Invalid Msg Type 0 Invalid Status Message 0 Invalid Lock Shift 0 Invalid Information ID 0 Invalid Report IE Len 0 Invalid Report Request 0 Invalid Keep IE Len 0 Num Status Enq. Sent 0 Num Status msgs Rcvd 0 Num Update Status Rcvd 0 Num Status Timeouts 0 Router#

Kt qu hin th cho bit cc li LMI cng vi loi LMI. 2. Lnh show frame pvc s lit k tt c cc PVC c cu hnh v s DLCI. N cung cp trng thi ca mi kt ni PVC v thng k truyn ti. N cng cho bn s lng packet BECN v FECN nhn c trn router.
2500A#sho frame pvc PVC Statistics for interface Serial0 (Frame Relay DTE) DLCI = 16,DLCI USAGE = LOCAL,PVC STATUS =ACTIVE,INTERFACE = Serial0.1 input pkts 50977876 output pkts 41822892 in bytes 3137403144 out bytes 3408047602 dropped pkts 5 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 9393 out DE pkts 0 pvc create time 7w3d, last time pvc status changed 7w3d

xem thng tin v PVC 16, g lnh show frame-relay pvc 16. 3. Bn cng c th dng lnh show interface kim tra thng lng LMI. Lnh ny hin th thng tin v encapsulation cng vi thng tin ca lp 2 v 3. LMI DLCI, in m trong lnh, c dng nh ngha kiu LMI c dng. Nu l 1023, l kiu mc inh Cisco. Nu LMI DLCI l 0, l ANSI LMI.
2500A#sho int s0 Serial0 is up, line protocol is up Hardware is HD64570 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 2/255 Encapsulation FRAME-RELAY, loopback not set, keepalive set (10 sec) LMI enq sent 451751,LMI stat recvd 451750,LMI upd recvd 164,DTE LMI up LMI enq recvd 0, LMI stat sent 0, LMI upd sent 0 LMI DLCI 1023 LMI type is CISCO frame relay DTE
Broadcast queue 0/64, broadcasts sent/dropped 0/0, interface broadcasts 839294

Lnh show interface hin th thng tin dng, giao thc, DLCI v LMI. 4. Lnh show frame map cho bn bit vic lin kt tng mng vi DLCI (Network layerto-DLCI mapping)
2500A#show frame map Serial0 (up): ipx 10.0007.7842.3575 dlci 16(0x10,0x400), dynamic, broadcast,, status defined, active Serial0 (up): ip 172.16.10.1 dlci 16(0x10,0x400), dynamic, broadcast,, status defined, active

Lu l c hai loi lin kt, mt cho IP v 1 cho IPX. Thm vo , a ch ca tng mng c cung cp bi giao thc Inverse ARP (IARP). Nu mt ngi qun tr lin kt cc a ch ny, kt qu hin th s cho l static.

41