Lab: Campus Network WIP

Intro

In this lab we will configure a basic campus network. This will include access, a collapsed core, WAN connectivity including NAT, as well as OOB management and basic security policies.

There will be a firewall portion included but if you do not have a firewall image this can be omitted with the ISR connecting directly to the ISP-EDGE device.

OOB management will be setup using a external connector in bridge mode enabling devices to get local network IPs for SSH. This can also be omitted in exchange for the built in terminal in CML.

There may be wireless portions added once CML gets wireless simulation capabilities in CML 2.10.

Features will include:

  • NAT Translations and simulated web
  • HSRP for multiple VLANs
  • Nexus devices with  Active/Active vPC pair
  • SSH Configurations for applicable devices
  • DHCP Configurations with relay
  • Using the vPAN for East/West traffic monitoring using Port Mirroring

Topologies

Network topologies and port/IP diagrams will be provided here.



Configuration

OOB and SSH

First we will configure out of band management.

If you are not going to use OOB in favor for CMLs native console terminal you can skip this portion of the setup. We will be using that to setup OOB anyway.

You may need to adjust your IP config for whatever network address range you will be using for the external connector.

For example my IP range is 192.168.40.x/24 and I have set reservations in my network for addresses .100-120 for use as OOB management.

Create MGMT VRF

(conf)#vrf definition MGMT
(config-router-vrf)#address-family ipv4

Setup switchport

(config-if)#no switchport
(config-if)#vrf forwarding MGMT

You have two options for ip addressing

DHCP

(config-if)#ip address dhcp

Static address

(config-if)#ip address 192.168.40.101 255.255.255.0

We now need to set a route for the switch to use for this network. IE the default gateway.

(conf)#ip route vrf MGMT 0.0.0.0 0.0.0.0 192.168.40.1


We can now show the routing table for our MGMT interface

#show ip route vrf MGMT



Nexus Core Switches

This configuration will NOT be an explainer for vPC. Please use VPC as a knowledge base if need be instead.

Enable needed features and setup the vPC interfaces, Domain, keepalive, and peer-link.

(config)#feature vpc

(config)#feature lacp

(config)#feature hsrp

(config)#feature interface-vlan


VRF for keepalive link and add the interface to it.

(config)#vrf "context" "VPC_KEEPALIVE"


(config)#int "e1/62"

(config-if)#no switchport

(config-if)#vrf member "VPC_KEEPALIVE"

(config-if)#ip address "172.16.0.x/30"

(config-if)#no shutdown

Popular posts from this blog

  This will be a follow along for studying the ENCOR and any exams that follow. As well as any misc information that relates such as python scripting etc. The first portion will be basic notes that I decided needed to be my base. This includes but isn't limited to topics such as basic network principles, the layer 2 process, SSH setup, IOS upgrades. This first section will most likely align with the CCENT. I will focus on Cisco for the time being, but I would like to get into Junos (OS?) and Aruba OS. Syntax and basic info on documentation Syntax for commands will be as follows: Any portion of the command with "example" should be an object that you can change. For example, in the line ip vrf "name" the portion "name" is a name you can give to identify this specific vrf. At times this "example" will identify an identifier you can change or an option that is needed for input, but it will always denote something that is configurable. The descrip...
Read more