Network topology & GNS3 LAB David Rohleder davro@ics.muni.cz David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB Laboratory GNS 3 modeling tool build GNS3 simulation network L2 switching basic L3 routing L2 & L3 redundancy L2 convergence L3 convergence Advanced network design configuring VLANs, trunk ports David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB GNS3 Graphical Network Simulator 3 http://www.gns3.com/ network emulation tool can simulate complex computer networks can combine real and virtual devices mostly used for Cisco IOS devices David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB Basic GNS3 usage add new virtual devices to network connect them using virtual cables configure new devices run emulated network David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB GNS3: adding new device Drag and drop new device from ” Devices Toolbar“ to ” workplace pane“ David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB Configure device Hardware setup (number and type of interfaces, etc. . . ). Include switching card (NM-16ESW) in each of your routers. David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB Configure device Hardware setup (number and type of interfaces, etc. . . ). Include switching card (NM-16ESW) in each of your routers. David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB Run and configure/setup devices David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB Run and configure/setup devices David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB Run and configure/setup devices David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB Idle PC GNS3 emulator may consume up to 100 % of your CPU emulating router processor. GNS 3 may find idle loops in emulated software and interrupt emulation to let other processes on host computer run their part. David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB Connecting devices Connect devices by drawing connection between them – select appropriate interfaces (if you plan to do switching labs, you have to connect to switching interfaces (NM-16ESW)) David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB Campus topology what is campus? Number of nearby buildings belonging to one organisation, usually connected by technology infrastructure. In computer network terms, campus usually connects: clients – wired or wireless. These devices are not built to be highly available, no need to connect them HA. servers – placed in the local datacenter are equiped with high availability components (at least two power supplies, network interfaces, iLO, etc.) campus network topology should be designed highly-available (prone to failure of X components – X should be larger than 0 – depending on ones needs) like servers. Network devices with multiple power supplies connected to multiple power distribution sources, connected to other network devices using multiple interfaces using separated physical path, etc. . . ) David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB Campus technology – hierarchical model David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB Campus technology – hierarchical model access layer – connects network end devices to computer network (clients and servers). Access layer switches are placed on premises, where it meets physical topology constraints (100m distance from clients Cat 5E cables) David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB Campus technology – hierarchical model distribution layer – aggregates links from access layer switches and connects them to core layer devices access layer – connects network end devices to computer network (clients and servers). Access layer switches are placed on premises, where it meets physical topology constraints (100m distance from clients Cat 5E cables) David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB Campus technology – hierarchical model core layer – backbone of campus computer network, usually located in the centre of campus, minimising needs for fully meshed network. Provides connection to the outside world, advanced network services (dynamic routing, firewalls, load balancers, VRRP, HSRP, etc. . . ) distribution layer – aggregates links from access layer switches and connects them to core layer devices access layer – connects network end devices to computer network (clients and servers). Access layer switches are placed on premises, where it meets physical topology constraints (100m distance from clients Cat 5E cables) David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB Campus technology – hierarchical model core layer – backbone of campus computer network, usually located in the centre of campus, minimising needs for fully meshed network. Provides connection to the outside world, advanced network services (dynamic routing, firewalls, load balancers, VRRP, HSRP, etc. . . ) distribution layer – aggregates links from access layer switches and connects them to core layer devices access layer – connects network end devices to computer network (clients and servers). Access layer switches are placed on premises, where it meets physical topology constraints (100m distance from clients Cat 5E cables) David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB L2 campus topology Pros: doesn’t matter, where is end device located. It may be part of every VLAN in campus. simplifies moving of personel in campus. No need to change firewall rules, because IP address may stay the same. Cons: broadcast and unknown unicast frames spread across whole campus STP creates tree topology, limiting use of additional communication lines running STP on big number of switches may lead to network problems (theoretically no, but. . . ” In theory there is no difference between theory and practice. In practice there is.“) David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB L3 campus topology Pros: broadcast and unknown unicast frames are limited to smaller part of campus. L3 topology can use more bandwith/lines, because advanced routing protocol don’t create tree topology STP creates smaller topology Cons: transfer od IP address between buildings is limited (almost impossible) frequent moving may lead to frequent changes of firewall rules (very impractical) David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB LAB 1: simple L2 topology Host IP P1 192.168.1.11/24 P2 192.168.1.12/24 1. make D1 root bridge in spanning tree topology 2. make D2 secondary root bridge in spanning tree topology (becomes root bridge in case of D1 failure) 3. ping from P1 to P2 4. find out path of PING and PING REPLY packets 5. disconnect line L2 (shut down line L2 on switch A1), observe how long does it take to converge 6. find out path of PING and PING REPLY packets David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB LAB 1: commands to use Router>en Router#conf t Router(config)#hostname D1 D1(config)#spanning-tree vlan 1 root primary <-- sets D1 switch as primary root D1(config)#exit D1#show spanning-tree brief <-- find out where root port is D1#show mac-address-table address D2(config)#spanning-tree vlan 1 root secondary <-- sets D2 switch as secondary root D2(config)#exit D2#show spanning-tree brief <-- find out where root port is D2#show mac-address-table address A1(config)#interface FastEthernet 1/0 A1(config-if)#shutdown <-- disable ethernet port (causes STP recalculation) David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB LAB 2: L3 topology & OSPFv2 Topology: routed campus (routing between core and distribution layer, switching between distribution and access layer) David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB LAB 2: description device description A1, A2, A3, A4 access-switch D1, D4 primary STP root D2, D3 secondary STP root C1, C2 core routers P1 VLAN 10, 192.168.10.10/24 P2 VLAN 20, 192.168.20.20/24 P3 VLAN 30, 192.168.30.30/24 P4 VLAN 40, 192.168.40.40/24 VLAN description 10 (HQ) HSRP: D1 primary, D2 secondary, default GW: 192.168.10.1 20 (ENG) HSRP: D2 primary, D1 secondary, default GW: 192.168.20.1 30 (PR) HSRP: D3 primary, D4 secondary, default GW: 192.168.30.1 40 (HR) HSRP: D4 primary, D3 secondary, default GW: 192.168.40.1 David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB LAB 2: description line description L1, L2, L3, L4, L5, L14, L15, L16, L17 switched, 802.1Q trunk L6 routed, 192.168.0.0/30, cost 50 L7 routed, 192.168.0.4/30, cost 1 L8 routed, 192.168.0.8/30, cost 10 L9 routed, 192.168.0.12/30, cost 50 L10 routed, 192.168.0.16/30, cost 1 L11 routed, 192.168.0.20/30, cost 1 L12 routed, 192.168.0.24/30, cost 20 L13 routed, 192.168.0.28/30, cost 1 All links and IP networks are in OSPF area 0 (backbone), including all VLANs (advanced: VLANs as OSPF passive interfaces). David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB LAB 2, task 1: topology and packet path 1. run traceroute command between hosts P1 and P4 2. find out L3 path of packets between P1 and P4 3. find out L2 path of packets between P1 and P4 David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB LAB 2: commands to use D1#vlan database create VLANs D1(vlan)#vlan 10 name HQ D1(vlan)#vlan 20 name ENG D1(vlan)#apply D1(vlan)#exit D1#conf t D1(config)#int Vlan 10 configure VLAN interface D1(config-if)#ip address 192.168.10.2 255.255.255.0 D1(config-if)#standby 10 ip 192.168.10.1 default GW address D1(config-if)#standby 10 priority 100 HSRP priority, higher is better D1(config-if)#no shut D1(config)#int FastEthernet 0/0 D1(config-if)#ip address 192.168.0.5 255.255.255.252 D1(config-if)#no shut D1(config-if)#ip ospf cost 50 D1(config)#router ospf 1 run OSPF process D1(config-router)#network 192.168.0.0 0.0.0.3 area 0 networks where OSPF runs D1(config-router)#network 192.168.0.4 0.0.0.3 area 0 D1(config-router)#passive-interface Vlan10 OSPF process doesn’t listen on this interface D1#show ip route David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB LAB 2, task 2: L3 convergence 1. run ping command between hosts P1 and P4, 2. disconnect line L7 and observe how many ping packets are lost. 3. Connect line L7 and observe packet loss, if any. 4. Try to minimize convergence time by lowering OSPF hello and dead timers on interfaces (advanced: OSPF point-to-point link definition on point to point links) 5. Rerun this test again. David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB References GNS3, http://www.gns3.com/ Cisco validated design, Campus Zone http://www.cisco.com/c/en/us/ solutions/enterprise/design-zone-campus/index.html Campus Network for High Availability Design Guide , http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Campus/ HA_campus_DG/hacampusdg.html IP Routing: OSPF Configuration Guide, http://www.cisco.com/c/en/us/td/ docs/ios-xml/ios/iproute_ospf/configuration/12-4/iro-12-4-book.html Configuring HSRP, http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ ipapp_fhrp/configuration/12-4/fhp-12-4-book/fhp-hsrp.html David Rohleder davro@ics.muni.cz Network topology & GNS3 LAB