This project showcases my ability to configure networks and network devices. It also showcases my knowledge on topics such as: Dynamic Routing, Inter-VLAN Routing, IPv4 & IPv6, Spanning Tree, DHCP, First-Hop Redundancy, EtherChannels, Port Security, Logging Messages, DNS, and More.
Feel free to check out the Packet Tracer file to see every network device's configuration!
- ROAS Configuration
- Office Configuration
- Collapsed Core & IPv6 Configuration
- OSPF Configurations
- PAT Configuration
- Known Issues & Misconfigurations
3 subnets and 3 VLANs, the router takes care of the inter-VLAN routing. Unused Interfaces are shutdown as well.
Subinterfaces are configured for each VLAN to allow for Inter-VLAN Routing. Each subinterface uses the first available IP Address in that subnet. Each PC has connectivity and can also contact the DNS server.
The Router forwards all DNS Requests to the DNS Server, and this allows the PCs to ping each other using names.
Port Security is enabled on the access switch; only 1 device is allowed on each interface, and the MAC Address is stored on the device. Violation Mode is also enabled, so that the interface stays up and sends messages.
Multiple hosts connected to access switches, with a couple of servers running, and two routers configured with HSRP as well as being DHCP servers.
A voice VLAN is configured for the VoIP phone.
VTP is enabled on the switches, all of them running version 2, and 3 of three switches running in client mode, and one switch running in server mode.
The servers have manually configured addresses; the first 10 usable IP addresses are excluded from the DHCP pool.
The default gateways of the end hosts are configured to be the Virtual IP Address used by both routers. Router 2 is configured as the active router, and Router 3 is configured as the standby router. Preemption is also enabled.
Logging is also enabled and is sent to the server from the routers. All alerts will be sent to the server regardless of severity.
The Routers are also able to access the FTP server and download files from it.
NOTE: This screenshot was taken prior to the manual configuration of the server's IP Address (which is why the IP Address is different from the one in the overview of the network).
Rapid-PVST is enabled on all switches. All the switches have the default priority. Switch 2 becomes the Root Bridge because it has the lowest MAC Address out of the 4 switches.
Port Security is enabled on both access switches, with a maximum of 1 MAC Address per interface, with the one exception being the interface that has the end host and the VoIP phone.
DHCP Snooping is also enabled on all the switches, with the interfaces connected to end hosts being untrusted and the interfaces connected to other network devices being trusted.
This is a standard two-tier campus design, 3 access switches, and 2 distribution switches. There are 3 VLANs, and the distribution switches handle the Inter-VLAN routing.
Each SVI uses the first available address of the respective VLAN Subnet, and all hosts can ping each other.
A Layer 3 Etherchannel is also configured for load balancing between the distribution switches, as well as OSPFv3 enabled on the routers and distribution switches. An NTP Server is also supposed to be enabled on the network, but due to Packet Tracer's limitations, IPv6 NTP is not supported.
HSRP would have also been configured on each SVI to allow for redundancy between the two distribution switches in case one fails.
This network in particular has a lot of issues, which are further discussed in Known Issues & Misconfigurations.
OSPF has been configured and allows hosts in ROAS and the Office network to communicate with each other.
There are multiple OSPF routers to allow for redundancy.
Both sides can communicate with each other.
Each interface in the OSPF routers uses a /30 mask, as well as has its network types set as point-to-point to skip the BR/BDR elections.
For the SVIs in the ROAS network, they are advertised, and this allows each host in each VLAN to communicate with others outside their network.
Since HSRP is configured in the office network, both routers have interfaces connected to OSPF routers in case one of the other fails, and they need to reach the outside networks.
PAT is configured on this network. PAT allows for multiple end hosts to use the same IP Address, which allows us to conserve IP Addresses.
The ACL configured on the router allows for any host in the 172.31.10.0 subnet to have its IP Address translated.
Both end hosts use private Class B IP Addresses inside the network, but use the Router's outside IP Address when communicating with other end hosts in other networks.
Before it exits the network, the packet source is the end host's private IP Address.
The source of the IP Address is now using the Router's outside IP Address as it travels throughout the network.
When the reply is sent back to the host, it uses the Router's IP Addresses as its destination IP.
Finally, when the packet arrives back at the router, it swaps out the destination IP Address to the host's private IP Address.
- IPv6 Hosts occasionally lose connectivity; some PCs can ping each other, while others cannot. Reopening the labs fixes it (sometimes).
- When putting the SVIs in OSPv3 areas, hosts lose connectivity. Removing the areas and reopening the lab seems to fix the connectivity, but this also means the SVIs cannot be advertised.
- HSRP for IPv6 isn't supported (from what I know), meaning SVIs are not currently redundant.
- NTP for IPv6 cannot be configured (CLI does not give the option to input an IPv6 address).
- When opening the lab, the first few pings won't work (ARP takes a while).
- FTP downloads are slow (I'm assuming this is a packet tracer issue).
- OSPv3 for IPv6 isn't configured properly.
- Due to how large the lab is, it can sometimes act weird, especially when it has been open for a while.
- Because of how large the lab is, when using simulation mode, it is flooded with NDP, STP, OSPF, HSRP, and other protocols, making it hard to see the specific packet you are looking for.
- DHCP will sometimes give PCs different addresses than before (PC0 will get 10.32.0.11, other times it will get 10.32.0.12); it's not really an issue, just something to note.
- End hosts using DHCP have to be manually set to DHCP mode every time the lab is opened.