Saturday, 24 January 2026

Route Map Redistribution and configuration

 

Why use a route map for redistribution?


Without a route-map, you redistribute everything. That's often a bad idea. You might leak routes you shouldn't, cause routing loops, or create security risks. By default, all the routes are redistributed with the metric and metric-type defined when we configure redistribution. When we want to assign different metrics, metric-type or security, we use a route-map. 

 The simple idea of using a route map in redistribution 

  • Filter: only redistribute specific prefixes
  • Modify: change metrics, tag, or route types during the exchange 
  • Control: apply logic with permit or deny statements 


 Let's see the configuration:-

Topology:-


Goal: 

  • Configure the topology as per the diagram
  • Configure the IP addresses as per the topology
  • Configure OSPF as per the topology in area 0
  • Configure RIPv2 on router 3 and advertise loopbacks interfaces
  • Configure ACL permit 192.168.31.0 192.168.32.0 192.168.33.0
  • Configure route map set metric 2000 for 192.168.31.0
  • Configure route map set metric 1000 and metric-type 1
  • Redistribute RIPv2 into OSPF with a route-map 


R1(config)#interface serial 5/0
R1(config-if)#ip address 12.1.1.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#exit

R1(config)#interface fastethernet 0/0
R1(config-if)#ip address 10.1.1.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#no keepalive
R1(config-if)#exit

R1(config)#interface loopback 1
R1(config-if)#ip address 192.168.11.1 255.255.255.0
R1(config-if)#exit
R1(config)#interface loopback 2
R1(config-if)#ip address 192.168.12.1 255.255.255.0
R1(config-if)#exit
R1(config)#interface loopback 3
R1(config-if)#ip address 192.168.13.1 255.255.255.0
R1(config-if)#exit
R1(config)#interface loopback 4
R1(config-if)#ip address 192.168.14.1 255.255.255.0
R1(config-if)#exit
R2(config)#interface serial 5/0
R2(config-if)#ip address 12.1.1.2 255.0.0.0
R2(config-if)#no shutdown
R2(config-if)#exit

R2(config)#interface serial 5/1
R2(config-if)#ip address 23.1.1.1 255.0.0.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface fastethernet 0/0
R2(config-if)#ip address 20.1.1.1 255.0.0.0
R2(config-if)#no shutdown
R2(config-if)#no keepalive
R2(config-if)#exit

R2(config)#interface loopback 1
R2(config-if)#ip address 192.168.21.1 255.255.255.0
R2(config-if)#exit
R2(config)#interface loopback 2
R2(config-if)#ip address 192.168.22.1 255.255.255.0
R2(config-if)#exit
R2(config)#interface loopback 3
R2(config-if)#ip address 192.168.23.1 255.255.255.0
R2(config-if)#exit
R2(config)#interface loopback 4
R2(config-if)#ip address 192.168.24.1 255.255.255.0
R2(config-if)#exit


R3(config)#interface fastethernet 0/0
R3(config-if)#ip address 30.1.1.1 255.0.0.0
R3(config-if)#no shutdown
R3(config-if)#no keepalive
R3(config-if)#exit

R3(config)#interface serial 5/1
R3(config-if)#ip address 23.1.1.2 255.0.0.0
R3(config-if)#no shutdown
R3(config-if)#exit

R3(config)#interface loopback 1
R3(config-if)#ip address 192.168.31.1 255.255.255.0
R3(config-if)#exit
R3(config)#interface loopback 2
R3(config-if)#ip address 192.168.32.1 255.255.255.0
R3(config-if)#exit
R3(config)#interface loopback 3
R3(config-if)#ip address 192.168.33.1 255.255.255.0
R3(config-if)#exit
R3(config)#interface loopback 4
R3(config-if)#ip address 192.168.34.1 255.255.255.0
R3(config-if)#exit


R1(config)#router ospf 1
R1(config-router)#router-id 10.1.1.1
R1(config-router)#network 0.0.0.0 0.0.0.0 area 0
R1(config-router)#exit

*Jan 24 11:24:24.267: %OSPF-5-ADJCHG: Process 1, Nbr 20.1.1.1 on Serial5/0 from LOADING to FULL, Loading Done

R2(config)#router ospf 1
R2(config-router)#router-id 20.1.1.1
R2(config-router)#network 12.0.0.0 0.255.255.255 area 0
R2(config-router)#network 23.0.0.0 0.255.255.255 area 0
R2(config-router)#network 20.0.0.0 0.255.255.255 area 0
R2(config-router)#network 192.168.21.0 255.0.0.0 area 0
R2(config-router)#network 192.168.22.0 255.0.0.0 area 0
R2(config-router)#network 192.168.23.0 255.0.0.0 area 0
R2(config-router)#network 192.168.24.0 255.0.0.0 area 0
R2(config-router)#exit

*Jan 24 11:24:24.167: %OSPF-5-ADJCHG: Process 1, Nbr 10.1.1.1 on Serial5/0 from LOADING to FULL, Loading Done

R3(config)#router ospf 1
R3(config-router)#router-id 30.1.1.1
R3(config-router)#network 23.0.0.0 0.255.255.255 area 0
R3(config-router)#network 30.0.0.0 0.255.255.255 area 0
R3(config-router)#exit

*Jan 24 11:35:25.335: %OSPF-5-ADJCHG: Process 1, Nbr 20.1.1.1 on Serial5/1 from LOADING to FULL, Loading Done

R3(config)#router rip
R3(config-router)#version 2
R3(config-router)#network 192.168.31.0
R3(config-router)#network 192.168.32.0
R3(config-router)#network 192.168.33.0
R3(config-router)#network 192.168.34.0
R3(config-router)#exit

R3(config)#access-list 10 permit 192.168.31.0 255.0.0.0
R3(config)#access-list 20 permit 192.168.32.0 255.0.0.0
R3(config)#access-list 30 permit 192.168.33.0 255.0.0.0


R3#show access-lists
Standard IP access list 10
    10 permit 0.168.31.0, wildcard bits 255.0.0.0 (1 match)
Standard IP access list 20
    10 permit 0.168.32.0, wildcard bits 255.0.0.0 (1 match)
Standard IP access list 30
    10 permit 0.168.33.0, wildcard bits 255.0.0.0

R3(config)#route-map OSPF permit 10
R3(config-route-map)#match ip address 10
R3(config-route-map)#set metric 2000
R3(config-route-map)#exit

R3(config)#route-map OSPF permit 20
R3(config-route-map)#match ip address 20
R3(config-route-map)#set metric 1000
R3(config-route-map)#set metric-type type-1
R3(config-route-map)#exit

R3(config)#route-map OSPF permit 30
R3(config-route-map)#exit

R3(config)#router ospf 1
R3(config-router)#redistribute rip subnets route-map OSPF
R3(config-router)#exit
R3(config)#end

R3#show route-map OSPF
route-map OSPF, permit, sequence 10
  Match clauses:
    ip address (access-lists): 10
  Set clauses:
    metric 2000
  Policy routing matches: 0 packets, 0 bytes
route-map OSPF, permit, sequence 20
  Match clauses:
    ip address (access-lists): 20
  Set clauses:
    metric 1000
    metric-type type-1
  Policy routing matches: 0 packets, 0 bytes
route-map OSPF, permit, sequence 30
  Match clauses:
  Set clauses:
  Policy routing matches: 0 packets, 0 bytes


R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.12.0/24 is directly connected, Loopback2
C    192.168.13.0/24 is directly connected, Loopback3
C    192.168.14.0/24 is directly connected, Loopback4
O E2 192.168.31.0/24 [110/2000] via 12.1.1.2, 00:46:06, Serial5/0
     192.168.24.0/32 is subnetted, 1 subnets
O       192.168.24.1 [110/65] via 12.1.1.2, 00:46:06, Serial5/0
O    20.0.0.0/8 [110/65] via 12.1.1.2, 00:46:06, Serial5/0
O    23.0.0.0/8 [110/128] via 12.1.1.2, 00:46:06, Serial5/0
C    192.168.11.0/24 is directly connected, Loopback1
     192.168.21.0/32 is subnetted, 1 subnets
O       192.168.21.1 [110/65] via 12.1.1.2, 00:46:06, Serial5/0
C    10.0.0.0/8 is directly connected, FastEthernet0/0
     192.168.23.0/32 is subnetted, 1 subnets
O       192.168.23.1 [110/65] via 12.1.1.2, 00:46:07, Serial5/0
     192.168.22.0/32 is subnetted, 1 subnets
O       192.168.22.1 [110/65] via 12.1.1.2, 00:46:07, Serial5/0
O E2 192.168.34.0/24 [110/20] via 12.1.1.2, 00:46:07, Serial5/0
C    12.0.0.0/8 is directly connected, Serial5/0
O E1 192.168.32.0/24 [110/1128] via 12.1.1.2, 00:46:07, Serial5/0
O E2 192.168.33.0/24 [110/20] via 12.1.1.2, 00:46:07, Serial5/0
O    30.0.0.0/8 [110/129] via 12.1.1.2, 00:46:07, Serial5/0



IF YOU LIKE THIS BLOG, PLEASE VISIT MY YOUTUBE CHANNEL 

By at No comments:
Labels: , ,

Thursday, 15 January 2026

IPv6 Redistribution between EIGRPv3, OSPFv3 and RIPng

 **IPv6 Route Redistribution** 

Route redistribution in IPv6 allows different routing protocols (e.g., OSPFv3, EIGRP for IPv6, BGP, RIPng, IS-IS) to exchange routing information within the same network. This is useful in multi-vendor or multiprotocol environments where migration or integration is required.

 


**Key Points:**

- Redistribution is typically configured on routers that run multiple routing protocols.

- Careful planning is needed to avoid routing loops, suboptimal paths, or convergence issues.

- Use route filtering, metrics, and administrative distance tuning to control redistribution.

- Default metrics often need manual assignment when redistributing between protocols (e.g., OSPF to EIGRP).

 

**Example Use Case:** 

Connecting an OSPFv3 domain with a BGP IPv6 network, allowing internal routes to be advertised externally and vice versa.

 

**Configuration Note:** 

Always verify routes after redistribution and ensure prefix lengths and next-hop addresses are correctly advertised.


Let's see the configuration:-


Task:

  • Configure the topology as per the diagram
  • Configure the IPv6 addresses as per the topology
  • Configure EIGRPv3 on router 1 and advertise directly 
  • Configure OSPFv3 on router 2 and advertise FastEthernet 2/0 - 3/0
  • Configure EIGRPv3 on router 2 and advertise FastEthernet 0/0
  • Configure OSPFv3 on router 3 and advertise FastEthernet 3/0
  • Configure RIPng on router 3 and advertise FastEthernet 2/0
  • Configure redistribution between EIGRPv3 and OSPFv3 and vice versa 
  • Configure redistribution between RIPng and OSPFv3 and vice versa
  • Make sure all the routes are exchanged 
  • ensure the connectivity and verify with show commands



R1(config)#ipv6 unicast-routing
R1(config)#interface fastethernet 0/0
R1(config-if)#ipv6 address 2001:1122:1122:1122::1/64
R1(config-if)#no shutdown
R1(config-if)#exit

R1(config)#interface fastethernet 2/0
R1(config-if)#ipv6 address fc00:1111:1111:1111::1/64
R1(config-if)#no shutdown
R1(config-if)#no keepalive
R1(config-if)#exit
R1(config)#

R2(config)#ipv6 unicast-routing
R2(config)#interface fastethernet 0/0
R2(config-if)#ipv6 address 2001:1122:1122:1122::2/64
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface fastethernet 2/0
R2(config-if)#ipv6 address fc00:2222:2222:2222::1/64
R2(config-if)#no shutdown
R2(config-if)#no keepalive
R2(config-if)#exit
R2(config)#interface fastethernet 3/0
R2(config-if)#ipv6 address 2001:2233:2233:2233::1/64
R2(config-if)#no shutdown
R2(config-if)#exit



R3#show ipv6 interface brief
FastEthernet0/0            [administratively down/down]
    unassigned
ATM1/0                     [administratively down/down]
    unassigned
FastEthernet2/0            [up/up]
    FE80::C803:A5FF:FE68:38
    FC00:3333:3333:3333::1
FastEthernet3/0            [up/up]
    FE80::C803:A5FF:FE68:54
    2001:2233:2233:2233::2


R1(config)#ipv6 router eigrp 65100
R1(config-rtr)#no shutdown
R1(config-rtr)#router-id 11.11.11.11
R1(config-rtr)#exit

R1(config)#interface fastethernet 0/0
R1(config-if)#ipv6 eigrp 65100
R1(config-if)#exit

R1(config)#interface fastethernet 2/0
R1(config-if)#ipv6 eigrp 65100
R1(config-if)#exit

R2(config)#ipv6 router eigrp 65100
R2(config-rtr)#no shutdown
R2(config-rtr)#router-id 22.22.22.22
R2(config-rtr)#exit

R2(config)#interface fastethernet 0/0
R2(config-if)#ipv6 eigrp 65100
R2(config-if)#exit

R2(config)#IPv6 router ospf 100
R2(config-rtr)#router-id 22.22.22.22
R2(config-rtr)#exit

R2(config)#interface fastethernet 2/0
R2(config-if)#ipv6 ospf 100 area 0
R2(config-if)#exit

R2(config)#interface fastethernet 3/0
R2(config-if)#ipv6 ospf 100 area 0
R2(config-if)#exit


R3(config)#IPv6 router ospf 100
R3(config-rtr)#router-id 33.33.33.33
R3(config-rtr)#exit

R3(config)#interface fastethernet 3/0
R3(config-if)#ipv6 ospf 100 area 0
R3(config-if)#exit


R3(config)#ipv6 unicast-routing
R3(config)#interface fastEthernet 2/0
R3(config-if)#ipv6 rip internetworks enable
R3(config-if)#exit


R2(config)#ipv6 router ospf 100
R2(config-rtr)#redistribute eigrp 65100 metric 100 metric-type 1 include-connected
R2(config-rtr)#exit

R2(config)#ipv6 router eigrp 65100
R2(config-rtr)#redistribute ospf 100 include-connected metric 1000 2000 255 1 1500
 metric <bw> <delay> <reliability> <load> <mtu>
R2(config-rtr)#exit

R3(config)#ipv6 router ospf 100
R3(config-rtr)#redistribute rip internetworks include-connected metric 100 metric-type 1
R3(config-rtr)#exit


R1#show ipv6 route
IPv6 Routing Table - Default - 8 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
       I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
       EX - EIGRP external
       O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
       ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
C   2001:1122:1122:1122::/64 [0/0]
     via FastEthernet0/0, directly connected
L   2001:1122:1122:1122::1/128 [0/0]
     via FastEthernet0/0, receive
EX  2001:2233:2233:2233::/64 [170/3074560]
     via FE80::C802:59FF:FE98:0, FastEthernet0/0
C   FC00:1111:1111:1111::/64 [0/0]
     via FastEthernet2/0, directly connected
L   FC00:1111:1111:1111::1/128 [0/0]
     via FastEthernet2/0, receive
EX  FC00:2222:2222:2222::/64 [170/3074560]
     via FE80::C802:59FF:FE98:0, FastEthernet0/0
EX  FC00:3333:3333:3333::/64 [170/3074560]
     via FE80::C802:59FF:FE98:0, FastEthernet0/0
L   FF00::/8 [0/0]
     via Null0, receive

R2#show ipv6 protocol
IPv6 Routing Protocol is "connected"
IPv6 Routing Protocol is "eigrp 65100"
  EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
  EIGRP maximum hopcount 100
  EIGRP maximum metric variance 1
  Interfaces:
    FastEthernet0/0
  Redistribution:
    Redistributing protocol ospf 100 with metric 0 include-connected
  Maximum path: 16
  Distance: internal 90 external 170

IPv6 Routing Protocol is "ospf 100"
  Interfaces (Area 0):
    FastEthernet3/0
    FastEthernet2/0
  Redistribution:
    Redistributing protocol eigrp 65100 with metric 100 type 1 include-connected

If you like this blog, please visit our YOUTUBE channel https://www.youtube.com/@internetworkss


By at No comments:
Labels: , , , ,

Monday, 12 January 2026

IPv6 EIGRP: The Next-Generation Routing Protocol

 IPv6 EIGRP: The Next-Generation Routing Protocol

As networks transition to IPv6, routing protocols must evolve too. Enter EIGRP for IPv6 – Cisco’s enhanced interior gateway protocol, now ready for the modern internet.

 

What is IPv6 EIGRP?

IPv6 EIGRP is the IPv6-enabled version of Cisco’s advanced distance-vector protocol. It retains EIGRP’s popular features – rapid convergence, low bandwidth usage, and support for VLSM – while fully embracing IPv6 addressing and communication.




 

Key Advantages

Dual-Stack Ready: Runs alongside IPv4 EIGRP, allowing gradual migration

Separate Process: IPv6 EIGRP operates as an independent protocol instance

Link-local addressing: uses IPv6 link-local addresses for neighbor discovery

Same Dual Algorithm: Maintains the reliable loop-free path selection

 

Configuration Highlights

 

R1(config)#ipv6 unicast-routing
R1(config)#ipv6 router eigrp 65100
R1(config-rtr)#no shutdown
R1(config-rtr)#router-id 11.11.11.11
R1(config-rtr)#exit
R1(config)#interface fastethernet 0/0
R1(config-if)#ipv6 eigrp 65100
R1(config-if)#exit  

Let's see the configuration :

Topology:










TASK
  • Configure the topology as per the diagram 
  • Configure IPv6 addresses as per the topology
  • Configure IPv6 EIGRP AS 65100
  • Make sure both routers communicate 
  • Verify with show commands 
R1(config)#ipv6 unicast-routing
R1(config)#
R1(config)#interface fastethernet 0/0
R1(config-if)#ipv6 address 2001:1122:1122:1122::1/64
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#
R1(config)#
R1(config)#interface fastethernet 2/0
R1(config-if)#ipv6 address fc00:1111:1111:1111::1/64
R1(config-if)#no shutdown
R1(config-if)#no keepalive
R1(config-if)#exit


R2(config)#ipv6 unicast-routing
R2(config)#
R2(config)#interface fastethernet 0/0
R2(config-if)#ipv6 address 2001:1122:1122:1122::2/64
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#
R2(config)#interface fastethernet 2/0
R2(config-if)#ipv6 address fc00:2222:2222:2222::1/64
R2(config-if)#no shutdown
R2(config-if)#no keepalive
R2(config-if)#exit


R1(config)#ipv6 router eigrp 65100
R1(config-rtr)#no shutdown
R1(config-rtr)#router-id 11.11.11.11
R1(config-rtr)#exit
R1(config)#
R1(config)#interface fastethernet 0/0
R1(config-if)#ipv6 eigrp 65100
R1(config-if)#exit
R1(config)#
R1(config)#interface fastethernet 2/0
R1(config-if)#ipv6 eigrp 65100
R1(config-if)#exit


R2(config)#ipv6 router eigrp 65100
R2(config-rtr)#no shutdown
R2(config-rtr)#router-id 22.22.22.22
R2(config-rtr)#exit
R2(config)#
R2(config)#interface fastethernet 0/0
R2(config-if)#ipv6 eigrp 65100
R2(config-if)#exit
R2(config)#
R2(config)#interface fastethernet 2/0
R2(config-if)#ipv6 eigrp 65100
R2(config-if)#exit


R1#show ipv6 route
IPv6 Routing Table - Default - 6 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
       B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
       I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
       EX - EIGRP external
       O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
       ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
C   2001:1122:1122:1122::/64 [0/0]
     via FastEthernet0/0, directly connected
L   2001:1122:1122:1122::1/128 [0/0]
     via FastEthernet0/0, receive
C   FC00:1111:1111:1111::/64 [0/0]
     via FastEthernet2/0, directly connected
L   FC00:1111:1111:1111::1/128 [0/0]
     via FastEthernet2/0, receive
D   FC00:2222:2222:2222::/64 [90/30720]
     via FE80::C802:59FF:FE98:0, FastEthernet0/0
L   FF00::/8 [0/0]
     via Null0, receive

R1#show ipv6 eigrp neighbor
IPv6-EIGRP neighbors for process 65100
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                            (sec)         (ms)       Cnt Num
0   Link-local address:     Fa0/0             12 00:01:21  906  5000  0  5
    FE80::C802:59FF:FE98:0

R1#show ipv6 interface brief
FastEthernet0/0            [up/up]
    FE80::C801:A5FF:FED4:0
    2001:1122:1122:1122::1
ATM1/0                     [administratively down/down]
    unassigned
FastEthernet2/0            [up/up]
    FE80::C801:A5FF:FED4:38
    FC00:1111:1111:1111::1

R1#ping fc00:2222:2222:2222::1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to FC00:2222:2222:2222::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/29/56 ms



















By at No comments:
Labels: ,

Sunday, 4 January 2026

Cisco IP Source Guard (IPSG) and configuration

 **Cisco IP Source Guard (IPSG)**

 

**Purpose:** 

IP Source Guard is a security feature on Cisco switches designed to prevent IP address spoofing attacks. It restricts IP traffic on untrusted switch ports by filtering traffic based on the DHCP snooping binding database or manually configured IP-to-MAC bindings.

 




**How It Works:** 

1. **DHCP Snooping Dependency:** IPSG relies on the DHCP snooping binding table to learn valid IP-MAC-interface bindings. 

2. **Traffic Filtering:** When enabled on an access or untrusted port, the switch drops any IP traffic with a source IP address that does not match a valid binding in the DHCP snooping table (or a static entry). 

3. **Dynamic Enforcement:** Initially, only DHCP packets are allowed. After a client receives a valid IP via DHCP, subsequent traffic from that client is permitted only if the source IP matches the assigned address.

 

**Benefits:** 

- Prevents attackers from spoofing another host’s IP address. 

- Limits malicious traffic from unauthorized IP addresses. 

- Works in conjunction with DHCP snooping and Dynamic ARP Inspection (DAI) for layered security.

 

**Typical Use:** 

Deployed on access switch ports in enterprise networks to ensure endpoint integrity and mitigate man-in-the-middle or spoofing-based attacks.

 

**Configuration Note:** 

IPSG is configured at the interface level (`ip verify source`) and is most effective when DHCP snooping is already enabled.

 

Let's see the configuration:-

Topology:-

Goal:

  • Configure the topology as per the diagram
  • Configure the IP addresses on PCs 192.168.1.51/24 - 192.168.1.53/24
  • Configure VLAN 50 and assign ports Ethernet 0/0 - 0/3
  • Configure the IP address to VLAN 50
  • Configure portfast and portsecurity on the range Ethernet 0/0 - 0/3
  • Configure DHCP snooping on VLAN 50
  • Configure static mapping binding IP to MAC
  • Verify with the show commands


PC1> show ip

NAME        : PC1[1]
IP/MASK     : 192.168.1.51/24
GATEWAY     : 192.168.1.50
DNS         :
MAC         : 00:50:79:66:68:00
LPORT       : 10004
RHOST:PORT  : 127.0.0.1:10005
MTU:        : 1500


PC2> show ip

NAME        : PC2[1]
IP/MASK     : 192.168.1.52/24
GATEWAY     : 192.168.1.50
DNS         :
MAC         : 00:50:79:66:68:01
LPORT       : 10006
RHOST:PORT  : 127.0.0.1:10007
MTU:        : 1500


PC3> show ip

NAME        : PC3[1]
IP/MASK     : 192.168.1.53/24
GATEWAY     : 192.168.1.50
DNS         :
MAC         : 00:50:79:66:68:02
LPORT       : 10008
RHOST:PORT  : 127.0.0.1:10009
MTU:        : 1500


PC4> show ip

NAME        : PC4[1]
IP/MASK     : 192.168.1.54/24
GATEWAY     : 192.168.1.50
DNS         :
MAC         : 00:50:79:66:68:03
LPORT       : 10010
RHOST:PORT  : 127.0.0.1:10011
MTU:        : 1500

switch(config)#vlan 50
switch(config-vlan)#name internetworks

switch(config-vlan)#interface range ethernet 0/0 - 3
switch(config-if-range)#switchport
switch(config-if-range)#switchport mode access
switch(config-if-range)#switchport access vlan 50
switch(config-if-range)#exit

switch#show vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Et1/0, Et1/1, Et1/2, Et1/3
                                                Et2/0, Et2/1, Et2/2, Et2/3
                                                Et3/0, Et3/1, Et3/2, Et3/3
10   VLAN0010                         active
50   internetworks                    active    Et0/0, Et0/1, Et0/2, Et0/3


switch(config)#interface vlan 50
switch(config-if)#ip address 192.168.1.50 255.255.255.0
switch(config-if)#no shutdown
switch(config-if)#exit


switch#show arp
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  192.168.1.50            -   aabb.cc80.0100  ARPA   Vlan50
Internet  192.168.1.51            0   0050.7966.6800  ARPA   Vlan50
Internet  192.168.1.52            0   0050.7966.6801  ARPA   Vlan50
Internet  192.168.1.53            0   0050.7966.6802  ARPA   Vlan50


switch(config)#interface range ethernet 0/0 - 3
switch(config-if-range)#switchport port-security
switch(config-if-range)#ip verify source port-security
switch(config-if-range)#exit

switch(config)#ip dhcp snooping
switch(config)#ip dhcp snooping vlan 50
switch(config)#end


switch(config)# ip source binding 0050.7966.6800 vlan 50 192.168.1.51 interface ethernet 0/0
switch(config)# ip source binding 0050.7966.6801 vlan 50 192.168.1.52 interface ethernet 0/1
switch(config)# ip source binding  0050.7966.6802 vlan 50 192.168.1.53 interface ethernet 0/2
switch(config)#end

switch#show ip source binding
MacAddress          IpAddress        Lease(sec)  Type           VLAN  Interface
------------------  ---------------  ----------  -------------  ----  ----------                                                                                                                                   ----------
00:50:79:66:68:00   192.168.1.51     infinite    static          50    Ethernet0                                                                                                                                   /0
00:50:79:66:68:01   192.168.1.52     infinite    static          50    Ethernet0                                                                                                                                   /1
00:50:79:66:68:02   192.168.1.53     infinite    static          50    Ethernet0                                                                                                                                   /2
Total number of bindings: 3

switch#show ip verify source
Interface  Filter-type  Filter-mode  IP-address       Mac-address        Vlan
---------  -----------  -----------  ---------------  -----------------  ----
Et0/0      ip-mac       active       192.168.1.51     00:50:79:66:68:00  50
Et0/1      ip-mac       active       192.168.1.52     00:50:79:66:68:01  50
Et0/2      ip-mac       active       192.168.1.53     00:50:79:66:68:02  50
Et0/3      ip-mac       active       deny-all         deny-all           50



If you like this blog, visit our YouTube channel https://www.youtube.com/@internetworkss



By at No comments:
Labels:
Subscribe to: Comments (Atom)

Route Map Redistribution and configuration

  Why use a route map for redistribution? Without a route-map, you redistribute everything. That's often a bad idea. You might leak rout...