Cisco | Implementasi VLAN, PVST, HSRP dan DHCP
Ketemu lg di blog ini, hari ini saya menulis mengenai :
1. VLAN
2. Routing VLAN
3. DHCP
4. EtherChannel
5. HSRP
6. PVST
- Di Core swith (core1, core2, S3, S4, S5, S6) kita create vlan (10,20,30,40,100,101),
- Lalu vlannya di routing di core switch (core1 dan core2)
- Interface dan IP Vlan dikaitfkan, #lihat konfigurasinya
- Aktifkan DHCP server di router. #lihat konfigurasi dibawah
- Aktifkan HSRP (redudancy) di core1 dan core2, #lihat konfigurasi dibawah
Tujuannya adalah:
- masing-masing vlan (vlan 10,30 100 root bridgeny adalah di core1)
- masing-masing vlan (vlan 20,40 101 root bridgeny adalah di core2)
- Jadi beban trafik berbagi di kedua core switch sesuai root bridge yg sdh ditentukan pd masing-masing vlan.
- Ketika salah satu core swith mati, network tetap reachable (walaupun ada downtime sebentr) karena kita pake 2 core + aktifkan HSRP.
IP address
PC vlan 10:
ip dhcp
ip add 172.16.10.1
sm 255.255.255.0
gw 172.16.10.252 # ip virtual HSRP
PC vlan 20:
ip dhcp
ip add 172.16.20.1
sm 255.255.255.0
gw 172.16.20.252 # ip virtual HSRP
PC vlan 30:
ip dhcp
ip add 172.16.30.1
sm 255.255.255.0
gw 172.16.30.252 # ip virtual HSRP
PC vlan 40:
ip dhcp
ip add 172.16.40.1
sm 255.255.255.0
gw 172.16.40.252 # ip virtual HSRP
SERVER-DB vlan 100:
ip statik
ip add 172.16.100.1
sm 255.255.255.0
gw 172.16.100.252 # ip virtual HSRP
SERVER-WEB vlan 101:
ip statik
ip add 172.16.101.1
sm 255.255.255.0
gw 172.16.101.252 # ip virtual HSRP
Berikut Konfigurasinya
Konfigurasi SW-Core1
Konfigurasi SW-Core1
hostname SW-CS1
vlan 10
name Sales
exivlan 20
name Marekting
exi
vlan 30
name HR
exi
vlan 40
name Operation
exi
vlan 100
name SERVER-DB
exi
vlan 101
name SERVER-WEB
exi
spanning-tree mode pvst
interface ra gigabitEthernet 1/0/1-2
switchport trunk encapsulation dot1q
switchport mode trunk
exit
spanning-tree vlan 10,30,100 root primary
spanning-tree vlan 20,40,101 root secondary
exit
vlan 10
name Sales
exivlan 20
name Marekting
exi
vlan 30
name HR
exi
vlan 40
name Operation
exi
vlan 100
name SERVER-DB
exi
vlan 101
name SERVER-WEB
exi
spanning-tree mode pvst
interface ra gigabitEthernet 1/0/1-2
switchport trunk encapsulation dot1q
switchport mode trunk
exit
spanning-tree vlan 10,30,100 root primary
spanning-tree vlan 20,40,101 root secondary
exit
Konfigurasi SW-Core2
hostname SW-CS2
vlan 10
name Sales
exi
vlan 20
name Marekting
exi
vlan 30
name HR
exi
vlan 40
name Operation
exi
vlan 100
name SERVER-DB
exi
vlan 101
name SERVER-WEB
exi
spanning-tree mode pvst
interface ra gigabitEthernet 1/0/1-2
switchport trunk encapsulation dot1q
switchport mode trunk
exit
spanning-tree vlan 20,40,101 root primary
spanning-tree vlan 10,30,100 root secondary
exit
--------
Konfigurasi S3
hostname S3
vlan 10
name Sales
exi
vlan 20
name Marekting
exi
vlan 30
name HR
exi
vlan 40
name Operation
exi
vlan 100
name SERVER-DB
exi
vlan 101
name SERVER-WEB
exi
spanning-tree mode pvst
int ra fa0/1-3
switchport mode trunk
exit
-----------------
Konfigurasi S4
hostname S4
vlan 10
name Sales
exi
vlan 20
name Marekting
exi
vlan 30
name HR
exi
vlan 40
name Operation
exi
vlan 100
name SERVER-DB
exi
vlan 101
name SERVER-WEB
exi
spanning-tree mode pvst
int ra fa0/1-3
switchport mode trunk
exit
--------
Konfigurasi S5
hostname S5
vlan 10
name Sales
exi
vlan 20
name Marekting
exi
vlan 30
name HR
exi
vlan 40
name Operation
exi
vlan 100
name SERVER-DB
exi
vlan 101
name SERVER-WEB
exi
spanning-tree mode pvst
int ra fa0/24
switchport mode trunk
exit
int fa0/1
switchport mode access
switchport access vlan 10
spanning-tree portfast
spanning-tree bpduguard enable
exit
int fa0/2
switchport mode access
switchport access vlan 20
spanning-tree portfast
spanning-tree bpduguard enable
exit
int fa0/3
switchport mode access
switchport access vlan 30
spanning-tree portfast
spanning-tree bpduguard enable
exit
int fa0/4
switchport mode access
switchport access vlan 40
spanning-tree portfast
spanning-tree bpduguard enable
exit
-----------
Konfigurasi S6
hostname S6
vlan 10
name Sales
exi
vlan 20
name Marekting
exi
vlan 30
name HR
exi
vlan 40
name Operation
exi
vlan 100
name SERVER-DB
exi
vlan 101
name SERVER-WEB
exi
spanning-tree mode pvst
int ra fa0/24
switchport mode trunk
exit
int fa0/2
switchport mode access
switchport access vlan 100
exit
int fa0/3
switchport mode access
switchport access vlan 101
exit
==============
#ETHERCHANNEL (CS1 dan CS2)
interface ra gigabitEthernet 1/0/23-24
channel-group 1 mode active
exit
interface port-channel 1
switchport trunk encapsulation dot1q
switchport mode trunk
---------------
#KONFIGURASI HSRP CORE-1
SW-CS1
interface Vlan10
ip address 172.16.10.254 255.255.255.0
standby 1 ip 172.16.10.252
standby 1 priority 110
standby 1 preempt
!
interface Vlan20
ip address 172.16.20.254 255.255.255.0
standby 1 ip 172.16.20.252
standby 1 priority 110
standby 1 preempt
!
interface Vlan30
ip address 172.16.30.254 255.255.255.0
standby 1 ip 172.16.30.252
standby 1 priority 110
standby 1 preempt
!
interface Vlan40
ip address 172.16.40.254 255.255.255.0
standby 1 ip 172.16.40.252
standby 1 priority 110
standby 1 preempt
!
interface Vlan100
ip address 172.16.100.254 255.255.255.0
standby 1 ip 172.16.100.252
standby 1 priority 110
standby 1 preempt
!
interface Vlan101
ip address 172.16.101.254 255.255.255.0
standby 1 ip 172.16.101.252
standby 1 priority 110
standby 1 preempt
!
int gi1/0/22
switchport trunk encapsulation dot1q
switchport mode trunk
exit
--------
#KONFIGURASI HSRP CORE-2
SW-CS2
interface Vlan10
ip address 172.16.10.253 255.255.255.0
standby 1 ip 172.16.10.252
standby 1 preempt
standby 1 track GigabitEthernet1/0/22
!
interface Vlan20
ip address 172.16.20.253 255.255.255.0
standby 1 ip 172.16.20.252
standby 1 preempt
standby 1 track GigabitEthernet1/0/22
!
interface Vlan30
ip address 172.16.30.253 255.255.255.0
standby 1 ip 172.16.30.252
standby 1 preempt
standby 1 track GigabitEthernet1/0/22
!
interface Vlan40
ip address 172.16.40.253 255.255.255.0
standby 1 ip 172.16.40.252
standby 1 preempt
standby 1 track GigabitEthernet1/0/22
!
interface Vlan100
ip address 172.16.100.253 255.255.255.0
standby 1 ip 172.16.100.252
standby 1 preempt
standby 1 track GigabitEthernet1/0/22
!
interface Vlan101
ip address 172.16.101.253 255.255.255.0
standby 1 ip 172.16.101.252
standby 1 preempt
standby 1 track GigabitEthernet1/0/22
!
int gi1/0/22
switchport trunk encapsulation dot1q
switchport mode trunk
exit
=====================
#KONFIGURASI DHCP-SERVER
vlan 10
!
vlan 20
!
vlan 30
!
vlan 40
ip dhcp excluded-address 172.16.10.250 172.16.10.254
ip dhcp excluded-address 172.16.20.250 172.16.10.254
ip dhcp excluded-address 172.16.30.250 172.16.10.254
ip dhcp excluded-address 172.16.40.250 172.16.10.254
ip dhcp pool vlan10
network 172.16.10.0 255.255.255.0
default-router 172.16.10.252
dns-server 172.16.10.252
exi
ip dhcp pool vlan20
network 172.16.20.0 255.255.255.0
default-router 172.16.20.252
dns-server 172.16.20.252
exi
ip dhcp pool vlan30
network 172.16.30.0 255.255.255.0
default-router 172.16.30.252
dns-server 172.16.30.252
exi
ip dhcp pool vlan40
network 172.16.40.0 255.255.255.0
default-router 172.16.40.252
dns-server 172.16.40.252
exit
int vlan 10
no shut
ip add 172.16.10.250 255.255.255.0
exit
int vlan 20
no shut
ip add 172.16.20.250 255.255.255.0
exit
int vlan 30
no shut
ip add 172.16.30.250 255.255.255.0
exit
int vlan 40
no shut
ip add 172.16.40.250 255.255.255.0
exit
int ra gi1/0/1-2
switchport trunk encapsulation dot1q
switchport mode trunk
exit
hostname S3
vlan 10
name Sales
exi
vlan 20
name Marekting
exi
vlan 30
name HR
exi
vlan 40
name Operation
exi
vlan 100
name SERVER-DB
exi
vlan 101
name SERVER-WEB
exi
spanning-tree mode pvst
int ra fa0/1-3
switchport mode trunk
exit
-----------------
Konfigurasi S4
hostname S4
vlan 10
name Sales
exi
vlan 20
name Marekting
exi
vlan 30
name HR
exi
vlan 40
name Operation
exi
vlan 100
name SERVER-DB
exi
vlan 101
name SERVER-WEB
exi
spanning-tree mode pvst
int ra fa0/1-3
switchport mode trunk
exit
--------
Konfigurasi S5
hostname S5
vlan 10
name Sales
exi
vlan 20
name Marekting
exi
vlan 30
name HR
exi
vlan 40
name Operation
exi
vlan 100
name SERVER-DB
exi
vlan 101
name SERVER-WEB
exi
spanning-tree mode pvst
int ra fa0/24
switchport mode trunk
exit
int fa0/1
switchport mode access
switchport access vlan 10
spanning-tree portfast
spanning-tree bpduguard enable
exit
int fa0/2
switchport mode access
switchport access vlan 20
spanning-tree portfast
spanning-tree bpduguard enable
exit
int fa0/3
switchport mode access
switchport access vlan 30
spanning-tree portfast
spanning-tree bpduguard enable
exit
int fa0/4
switchport mode access
switchport access vlan 40
spanning-tree portfast
spanning-tree bpduguard enable
exit
-----------
Konfigurasi S6
hostname S6
vlan 10
name Sales
exi
vlan 20
name Marekting
exi
vlan 30
name HR
exi
vlan 40
name Operation
exi
vlan 100
name SERVER-DB
exi
vlan 101
name SERVER-WEB
exi
spanning-tree mode pvst
int ra fa0/24
switchport mode trunk
exit
int fa0/2
switchport mode access
switchport access vlan 100
exit
int fa0/3
switchport mode access
switchport access vlan 101
exit
==============
#ETHERCHANNEL (CS1 dan CS2)
interface ra gigabitEthernet 1/0/23-24
channel-group 1 mode active
exit
interface port-channel 1
switchport trunk encapsulation dot1q
switchport mode trunk
---------------
#KONFIGURASI HSRP CORE-1
SW-CS1
interface Vlan10
ip address 172.16.10.254 255.255.255.0
standby 1 ip 172.16.10.252
standby 1 priority 110
standby 1 preempt
!
interface Vlan20
ip address 172.16.20.254 255.255.255.0
standby 1 ip 172.16.20.252
standby 1 priority 110
standby 1 preempt
!
interface Vlan30
ip address 172.16.30.254 255.255.255.0
standby 1 ip 172.16.30.252
standby 1 priority 110
standby 1 preempt
!
interface Vlan40
ip address 172.16.40.254 255.255.255.0
standby 1 ip 172.16.40.252
standby 1 priority 110
standby 1 preempt
!
interface Vlan100
ip address 172.16.100.254 255.255.255.0
standby 1 ip 172.16.100.252
standby 1 priority 110
standby 1 preempt
!
interface Vlan101
ip address 172.16.101.254 255.255.255.0
standby 1 ip 172.16.101.252
standby 1 priority 110
standby 1 preempt
!
int gi1/0/22
switchport trunk encapsulation dot1q
switchport mode trunk
exit
--------
#KONFIGURASI HSRP CORE-2
SW-CS2
interface Vlan10
ip address 172.16.10.253 255.255.255.0
standby 1 ip 172.16.10.252
standby 1 preempt
standby 1 track GigabitEthernet1/0/22
!
interface Vlan20
ip address 172.16.20.253 255.255.255.0
standby 1 ip 172.16.20.252
standby 1 preempt
standby 1 track GigabitEthernet1/0/22
!
interface Vlan30
ip address 172.16.30.253 255.255.255.0
standby 1 ip 172.16.30.252
standby 1 preempt
standby 1 track GigabitEthernet1/0/22
!
interface Vlan40
ip address 172.16.40.253 255.255.255.0
standby 1 ip 172.16.40.252
standby 1 preempt
standby 1 track GigabitEthernet1/0/22
!
interface Vlan100
ip address 172.16.100.253 255.255.255.0
standby 1 ip 172.16.100.252
standby 1 preempt
standby 1 track GigabitEthernet1/0/22
!
interface Vlan101
ip address 172.16.101.253 255.255.255.0
standby 1 ip 172.16.101.252
standby 1 preempt
standby 1 track GigabitEthernet1/0/22
!
int gi1/0/22
switchport trunk encapsulation dot1q
switchport mode trunk
exit
=====================
#KONFIGURASI DHCP-SERVER
vlan 10
!
vlan 20
!
vlan 30
!
vlan 40
ip dhcp excluded-address 172.16.10.250 172.16.10.254
ip dhcp excluded-address 172.16.20.250 172.16.10.254
ip dhcp excluded-address 172.16.30.250 172.16.10.254
ip dhcp excluded-address 172.16.40.250 172.16.10.254
ip dhcp pool vlan10
network 172.16.10.0 255.255.255.0
default-router 172.16.10.252
dns-server 172.16.10.252
exi
ip dhcp pool vlan20
network 172.16.20.0 255.255.255.0
default-router 172.16.20.252
dns-server 172.16.20.252
exi
ip dhcp pool vlan30
network 172.16.30.0 255.255.255.0
default-router 172.16.30.252
dns-server 172.16.30.252
exi
ip dhcp pool vlan40
network 172.16.40.0 255.255.255.0
default-router 172.16.40.252
dns-server 172.16.40.252
exit
int vlan 10
no shut
ip add 172.16.10.250 255.255.255.0
exit
int vlan 20
no shut
ip add 172.16.20.250 255.255.255.0
exit
int vlan 30
no shut
ip add 172.16.30.250 255.255.255.0
exit
int vlan 40
no shut
ip add 172.16.40.250 255.255.255.0
exit
int ra gi1/0/1-2
switchport trunk encapsulation dot1q
switchport mode trunk
exit
VERIFIKASI:
#sh standby brief
#sh spanning-tree vlan [xx]
#sh spanning-tree vlan [xx]
#lakukan ping dari vlan 10 ke server-web dan server-DB perhatikan trafik core switch yg mana yg dilewati
#lakukan ping dari vlan 10,20,30,40 ke server, lg ping sedang jalan, coba matikan core swith 1, apakah kasih reachable ??
Posting Komentar untuk "Cisco | Implementasi VLAN, PVST, HSRP dan DHCP "