This document is exclusive property of Cisco Systems, Inc Permission is granted to print and copy this document for non-commercial distribution and exclusive use by instructors in the CCNP: Optimizing Converged Networks v5.0 course as part of an official Cisco Networking Academy Program CCNP: Optimizing Converged Networks Lab Configuration Guide Topology Diagrams Figure 1-1: Ethernet Connectivity Diagram for Modules – 1-9 CCNP: Optimizing Converged Networks v5.0 - Lab Configuration Guide Copyright © 2007, Cisco Systems, Inc Figure 1-2: Serial Connectivity Diagram for Modules – Discussion The diagrams shown above describe Ethernet and serial connectivity between the routers of your pod These 13 connections, serial and Ethernet, will be used as the master template for most labs in the CCNP4 (Optimizing Converged Cisco Networks (ONT)) curricula The notable exceptions are the labs in Module 6, which will be discussed later All the labs in Modules through assume that you have complete control over each of the devices in your pod, including access to the switch to configure VLANs and assign switchports as access ports on a VLAN or as trunk ports Although most labs not make use of every single link, you should cable your pod according to the both diagrams in order to avoid re-cabling your pod for each scenario Modules 3, 4, 5: Quality of Service Scenarios The Quality of Service (QoS) labs in the ONT curriculum will use all of the Ethernet and serial connections in the topology diagrams shown on pages and of this document, but not every connection will be used in every lab 2-9 CCNP: Optimizing Converged Networks v5.0 - Lab Configuration Guide Copyright © 2007, Cisco Systems, Inc Therefore, cable your pod of four routers and one switch with the connections shown The Cisco Networking Academy Program intends to provide access to Cisco’s Pagent toolset for these labs The Pagent toolset functions on top of the typical Cisco IOS image, but comes bundled with the IOS image You will also need a license key provided by Cisco for each individual router on which you intend to use the Pagent-IOS image Download the Pagent-IOS image and copy it into R4’s flash memory When prompted, use the Machine ID that Pagent generates to retrieve your license key The Quality of Service (QoS) labs in the ONT curriculum suggest that you use Pagent’s TGN traffic generation tool to test the QoS tools implemented in each lab The authors have designed two basic topologies to be used for connectivity to the traffic generator on R4 You will use the Basic Pagent Configuration primarily to test QoS tools in isolation Traffic is generated on R4’s Fast Ethernet 0/0 interface, which is destined for R4’s Fast Ethernet 0/1 interface The purpose being that traffic traverses your topology from end to end so that you can observe bottlenecks The traffic may need to pass over Ethernet VLANs or point-to-point serial links before arriving back at R4 The IOS configurations for R4, with which you should begin each of the labs that use the Basic Pagent Configuration, are provided in ONT Lab 3.1: Preparing for QoS Figure 2-1 illustrates the general description of the Basic Pagent Configuration, while Figure 2-2 illustrates a specific example of how the Basic Pagent Configuration could be applied in a single-router network topology 3-9 CCNP: Optimizing Converged Networks v5.0 - Lab Configuration Guide Copyright © 2007, Cisco Systems, Inc Figure 2-1: Figure 2-2: 4-9 Basic Pagent Configuration A Sample Topology using the Basic Pagent Configuration CCNP: Optimizing Converged Networks v5.0 - Lab Configuration Guide Copyright © 2007, Cisco Systems, Inc Only one switch should be used for these labs When the diagrams show two switches, this is simply for the purpose of showing the logical segmentation of the VLANs Configure the switchports shown in the diagram to access the VLANs shown For instance, if you were configuring the general topology for Figure 2-1, you would use the following configuration: ALS1# configure terminal ALS1(config)# interface fastethernet0/1 ALS1(config-if)# switchport access vlan 10 ALS1(config-if)# switchport mode access ALS1(config-if)# interface fastethernet0/7 ALS1(config-if)# switchport access vlan 10 ALS1(config-if)# switchport mode access ALS1(config-if)# interface fastethernet0/8 ALS1(config-if)# switchport access vlan 20 ALS1(config-if)# switchport mode access If you were configuring the Sample Topology shown in Figure 2-2, you would add the following configuration to ALS1 to connect R1’s FastEthernet 0/1 interface to VLAN 20: ALS1(config)# interface fastethernet0/2 ALS1(config-if)# switchport access vlan 20 ALS1(config-if)# switchport mode access Since each of the labs that use the Basic Pagent Configuration may use R1, R2 or R3 as the exit point of the network topology, you will be told which interface to configure on the switch in the Preparation step of each of the Basic Pagent Configuration labs Key Point Our intent in providing the configuration in Lab 3.1 is that you would use these as a basic starting point in these labs so that you not need to reconfigure basic connectivity and traffic generation in each scenario However, you may indeed need to add additional configuration to the switch in order to achieve the connectivity desired in each lab You will use the Advanced Pagent Configuration primarily to test QoS tools in integration labs These labs are designed to demonstrate traffic traversing from one LAN environment through a WAN connection and back into another LAN environment 5-9 CCNP: Optimizing Converged Networks v5.0 - Lab Configuration Guide Copyright © 2007, Cisco Systems, Inc Figure 2-3: Advanced Pagent Configuration After aggregating the two serial links between R3 and R4, the bandwidth across each link funnels down from 100 Mbps to a maximum of 2.048 Mbps (E1 speed) across the link from R2 to R3 This allows you to see how QoS tools function at each bottleneck as traffic passes in a loop through R1 Ỉ R4 Ỉ R3 Ỉ R2 Finally, in Appendix A of this guide, a diagram of possible quality of service scenarios is given that you can use if you should choose to create your own labs based on the Advanced Pagent Configuration We provide this with the intent that instructors and students experiment with different QoS technologies beyond the implementations in these labs Module 6: Wireless Scenarios The first three wireless scenarios in the CCNP: Optimizing Converged Networks (ONT) curriculum corresponds with the wireless scenarios in the CCNP: Building Multilayer Switched networks (BCMSN) curriculum Labs 6.1 and 6.2 guide students through setting up a basic wireless network using lightweight access points (LWAPs) and a WLAN controller Three extension labs then guide students through connecting to the WLANs and implementing wireless security features Thus, Labs 6.1 and 6.2 should be accomplished in entirety before beginning Labs 6.3, 6.4, and 6.5 Because these labs have been taken from the BCMSN curriculum, they use a set of switches, a WLAN controller (either a network module or an external WLAN controller), and a set of access points You will also need at most two hosts to accomplish these labs since much of the configuration of the WLAN controller is done via HTTP 6-9 CCNP: Optimizing Converged Networks v5.0 - Lab Configuration Guide Copyright © 2007, Cisco Systems, Inc Since different academies have elected to buy external WLAN controllers, while others have elected to buy the one of the NM-AIR-WLC modules, we provide both topology diagrams Select the one most appropriate to your pod Figure 3-1: Ethernet Connectivity Diagram for Module 6, External WLAN Controller 7-9 CCNP: Optimizing Converged Networks v5.0 - Lab Configuration Guide Copyright © 2007, Cisco Systems, Inc Figure 3-2: Ethernet Connectivity Diagram for Module 6, Internal WLAN Controller 8-9 CCNP: Optimizing Converged Networks v5.0 - Lab Configuration Guide Copyright © 2007, Cisco Systems, Inc Appendix A 9-9 CCNP: Optimizing Converged Networks v5.0 - Lab Configuration Guide Copyright © 2007, Cisco Systems, Inc Figure 5-5: Verify Existing VLAN Interfaces Click the WLANs button at the top of the web interface This shows you all configured WLANs on the WLC Currently the only one listed is the one created during the setup wizard 30 - 39 CCNP: Optimizing Converged Networks v5.0 - Lab 6-5 Copyright © 2007, Cisco Systems, Inc Figure 5-6: Viewing Existing WLANs with Security Policies Click Edit for the WLAN listed The default security policy is 802.1X, which is the security policy we want Make sure that the administrative status of the WLAN is enabled Change the IP interface of the WLAN to VLAN2, and assign the RADIUS server created earlier Click Apply when all changes are configured Click OK if a warning appears 31 - 39 CCNP: Optimizing Converged Networks v5.0 - Lab 6-5 Copyright © 2007, Cisco Systems, Inc Figure 5-7: Editing the Configuration for WLAN 32 - 39 CCNP: Optimizing Converged Networks v5.0 - Lab 6-5 Copyright © 2007, Cisco Systems, Inc Figure 5-8: Editing the Configuration for WLAN 1, Security Options Step 6: Configure the Wireless Client On Host B, open up the Cisco Aironet Desktop Utility (ADU) either using the icon on the desktop or the program shortcut in the start menu If you not have the Cisco Aironet Desktop Utility installed, consult Lab 6.3: Configuring a Wireless Client Once in the ADU, click the Profile Management tab Next, click New to make a new profile 33 - 39 CCNP: Optimizing Converged Networks v5.0 - Lab 6-5 Copyright © 2007, Cisco Systems, Inc Figure 6-1: Cisco ADU Profile Management Tab Use a profile name and service set identifier (SSID) of “ccnppod” since this was the SSID configured earlier Use any client name desired Here, “cisco” is the name used 34 - 39 CCNP: Optimizing Converged Networks v5.0 - Lab 6-5 Copyright © 2007, Cisco Systems, Inc Figure 6-2: Configuring Profile Options and SSID Under the Security tab, set the security type as 802.1x After selecting the security method, click Configure 35 - 39 CCNP: Optimizing Converged Networks v5.0 - Lab 6-5 Copyright © 2007, Cisco Systems, Inc Figure 6-3: Wireless Security Options Choose Automatically Prompt for User Name and Password as the authentication setting Click OK when done, and then click OK again to close the new profile window 36 - 39 CCNP: Optimizing Converged Networks v5.0 - Lab 6-5 Copyright © 2007, Cisco Systems, Inc Figure 6-4: LEAP Configuration Options On the profile list, select the new profile and click Activate 37 - 39 CCNP: Optimizing Converged Networks v5.0 - Lab 6-5 Copyright © 2007, Cisco Systems, Inc Figure 6-5: Selecting a Wireless Profile When prompted to enter a username and password, enter in the credentials created earlier on the ACS server, and then click OK (username and password of “cisco”) Figure 6-6: ADU LEAP Authentication Dialog You should see all authentication steps be successful If not, troubleshoot 38 - 39 CCNP: Optimizing Converged Networks v5.0 - Lab 6-5 Copyright © 2007, Cisco Systems, Inc Figure 6-7: ADU LEAP Authentication Checklist Under the Current Status tab, make sure you have received a correct IP address for the VLAN and the link is authenticated Figure 6-8: Current Wireless Profile Status 39 - 39 CCNP: Optimizing Converged Networks v5.0 - Lab 6-5 Copyright © 2007, Cisco Systems, Inc Case Study: QoS and MLPPP Instructions Implement the International Travel Agency network shown in the topology diagram and using the information and the instructions in the scenario Implement the design on the lab set of routers Verify that all configurations are operational and functioning according to the guidelines This lab requires you to have the advanced Pagent configuration set up as shown in Lab 3.1: Preparing for QoS Topology Diagram Scenario The International Travel Agency is evaluating Quality of Service (QoS) strategies in their test environment using a traffic generator This lab should be completed using the IOS command-line interface (CLI), without using Cisco Security Device Manager (SDM) • • • • • 1-2 Set up R4 using the advanced Pagent configuration and start traffic generation (Certain configuration changes may change the traffic generation status so traffic generation may need to be restarted later in the lab.) Configure all interfaces using the subnetting scheme shown in the diagram, with the exception of the serial links between R3 and R4 Use a clock rate of 800000 on the serial link between R2 and R3 Configure the serial links between R3 and R4 to run at mbps Bind the serial links between R3 and R4 using PPP multilink and address it as shown in the diagram CCNP: Optimizing Converged Networks v5.0 - Case Study Copyright © 2007, Cisco Systems, Inc • • • • • • • • • • • • • 2-2 Use weighted fair queuing (WFQ) on the PPP multilink Enable the PPP multilink interleaving with a maximum interleaving delay of 20 ms The International Travel Agency network should be running Open Shortest Path First (OSPF) in AS Use Network-based Application Recognition (NBAR) on R1 to discover which traffic types are being generated from the traffic generator Determine three different traffic classes and mark them with varying IP precedence for each class (this is subjective) Use NBAR to classify packets Perform this marking outbound on R1 towards R4 Make sure the various classes not exceed megabits/second for each class Do not configure queuing strategies to accomplish this task Configure low latency queuing (LLQ) on R3 for the link between R2 and R3 Allocate bandwidth for each IP precedence you configured earlier Also allocate some bandwidth for OSPF packets, and place this traffic in the priority queue Bandwidth amounts are subjective, but not exceed the capacity of the link CCNP: Optimizing Converged Networks v5.0 - Case Study Copyright © 2007, Cisco Systems, Inc Case Study: QoS and MLPPP Answer Key Note: Certain parts of this lab are subjective in the sense that they are capable of multiple solutions Your configurations are correct even if they are not exactly like those shown as long as they meet the criteria in the instructions Final Configurations R1#show run hostname R1 ! class-map match-any high match protocol ntp class-map match-any medium match protocol telnet match protocol xwindows match protocol ssh class-map match-any low match protocol pop3 match protocol http match protocol smtp match protocol ftp ! policy-map mypolicy class high set precedence police 3000000 class medium set precedence police 3000000 class low set precedence police 3000000 ! interface FastEthernet0/0 ip address 172.16.10.1 255.255.255.0 ip nbar protocol-discovery no shutdown ! interface FastEthernet0/1 ip address 172.16.14.1 255.255.255.0 service-policy output mypolicy ! router ospf network 172.16.0.0 0.0.255.255 area ! end R2#show run hostname R2 ! interface FastEthernet0/0 ip address 172.16.20.2 255.255.255.0 no shutdown ! interface Serial0/0/1 ip address 172.16.23.3 255.255.255.0 1-3 CCNP: Optimizing Converged Networks v5.0 - Case Study Answer Key Copyright © 2007, Cisco Systems, Inc clock rate 800000 no shutdown ! router ospf network 172.16.0.0 0.0.255.255 area ! end R3#show run hostname R3 ! class-map match-all prec4 match precedence class-map match-all prec5 match precedence class-map match-all prec3 match precedence class-map match-all ospf match protocol ospf ! policy-map mypolicy class ospf priority 100 class prec5 bandwidth 100 class prec4 bandwidth 400 class prec3 bandwidth 200 ! interface Multilink1 ip address 172.16.34.3 255.255.255.0 fair-queue ppp multilink ppp multilink fragment delay 20 ppp multilink interleave ppp multilink group ! interface Serial0/0/1 ip address 172.16.23.3 255.255.255.0 service-policy output mypolicy ! interface Serial0/1/0 no ip address encapsulation ppp clock rate 2000000 ppp multilink ppp multilink group no shutdown ! interface Serial0/1/1 no ip address encapsulation ppp clock rate 2000000 ppp multilink ppp multilink group no shutdown ! router ospf network 172.16.0.0 0.0.255.255 area ! end 2-3 CCNP: Optimizing Converged Networks v5.0 - Case Study Answer Key Copyright © 2007, Cisco Systems, Inc R4#show run hostname R4 ! interface Multilink1 ip address 172.16.34.4 255.255.255.0 fair-queue ppp multilink ppp multilink interleave ppp multilink group ppp multilink fragment delay 20 ! interface FastEthernet0/1 ip address 172.16.14.4 255.255.255.0 no shutdown ! interface Serial0/0/0 ip address 172.16.34.4 255.255.255.0 encapsulation ppp ppp multilink ppp multilink group no shutdown ! interface Serial0/0/1 no ip address encapsulation ppp ppp multilink ppp multilink group no shutdown ! router ospf network 172.16.0.0 0.0.255.255 area ! end 3-3 CCNP: Optimizing Converged Networks v5.0 - Case Study Answer Key Copyright © 2007, Cisco Systems, Inc ... restored after the lab 17 - 28 CCNP: Optimizing Converged Networks v5.0 - Lab 2-1 Copyright © 2007, Cisco Systems, Inc 18 - 28 CCNP: Optimizing Converged Networks v5.0 - Lab 2-1 Copyright © 2007,... Converged Networks v5.0 - Lab 2-1 Copyright © 2007, Cisco Systems, Inc Figure 5-6 : CIPC Installation Prompt Click Install to begin installing CIPC 13 - 28 CCNP: Optimizing Converged Networks v5.0 - Lab. ..CCNP: Optimizing Converged Networks Lab Configuration Guide Topology Diagrams Figure 1-1 : Ethernet Connectivity Diagram for Modules – 1-9 CCNP: Optimizing Converged Networks v5.0 - Lab Configuration