SW1(config)#vlan 99 SW1(config-vlan)#exit SW1(config)#vlan 100 SW1(config-vlan)#exit SW1(config)#vlan 300 SW1(config-vlan)#exit
SW1(config)#interface gigabitEthernet 0/1 SW1(config-if)#switchport mode access SW1(config-if)#switchport access vlan 300 SW1(config-if)#exit
SW1(config)#interface range fastEthernet 0/1-2, fastEthernet 0/5-6 SW1(config-if-range)#switchport trunk encapsulation dot1q SW1(config-if-range)#switchport mode trunk SW1(config-if-range)#exit
SW2(config)#interface range fastEthernet 0/1-4 SW2(config-if-range)#switchport trunk encapsulation dot1q SW2(config-if-range)#switchport mode trunk SW2(config-if-range)#exit
SW3(config)#interface range fastEthernet 0/3-6, gigabitEthernet 0/1 SW3(config-if-range)#switchport trunk encapsulation dot1q SW3(config-if-range)#switchport mode trunk SW3(config-if-range)#exit
// loopback BR1(config)#interface loopback 101 // ipv4- BR1(config-if)#ip address 2.2.2.2 255.255.255.255 // ipv6 BR1(config-if)#ipv6 enable // ipv6- BR1(config-if)#ipv6 address 2001:B:A::1/64 // BR1(config-if)#exit BR1(config)#
show ipv6 interface brief
command:
BR1#show ipv6 interface brief ... Loopback101 [up/up] FE80::2D0:97FF:FE94:5022 //link-local 2001:B:A::1 //IPv6- ... BR1#
FE80::2D0:97FF:FE94:5022
is the link-local address that is assigned when ipv6 is enabled on the interface with the ipv6 enable
command.
BR1#show ip interface brief ... Loopback101 2.2.2.2 YES manual up up ... BR1#
// BR1(config)#interface gigabitEthernet 0/0 // BR1(config-if)#no shutdown BR1(config-if)#ipv6 enable BR1(config-if)#ipv6 address 2001:B:C::1/64 BR1(config-if)#exit BR1(config)#
show ipv6 interface brief
command:
BR1#show ipv6 interface brief GigabitEthernet0/0 [up/up] FE80::290:CFF:FE9D:4624 //link-local 2001:B:C::1 //IPv6- ... Loopback101 [up/up] FE80::2D0:97FF:FE94:5022 //link-local 2001:B:A::1 //IPv6-
ISP(config)#interface loopback 0 ISP(config-if)#ip address 8.8.8.8 255.255.255.255 ISP(config-if)#ipv6 enable ISP(config-if)#ipv6 address 2001:A:C::1/64 ISP(config-if)#exit ISP(config)#
show ipv6 interface brief
command to verify that the interface is configured correctly. Then the g0 / 0 interface is configured:
BR1(config)#interface gigabitEthernet 0/0 BR1(config-if)#no shutdown BR1(config-if)#ip address 30.30.30.1 255.255.255.252 BR1(config-if)#exit BR1(config)#
BR1(config)#interface loopback 100 BR1(config-if)#ip address 1.1.1.1 255.255.255.255 BR1(config-if)#ipv6 enable BR1(config-if)#ipv6 address 2001:A:B::1/64 BR1(config-if)#exit BR1(config)#
RTR1(config)#interface gigabitEthernet 0/1 RTR1(config-if)#no shutdown RTR1(config-if)#exit
// 100 RTR1(config)#interface gigabitEthernet 0/1.100 // dot1q vlan'a 100 RTR1(config-subif)#encapsulation dot1Q 100 RTR1(config-subif)#ipv6 enable RTR1(config-subif)#ipv6 address 2001:100::1/64 RTR1(config-subif)#exit // 300 RTR1(config)#interface gigabitEthernet 0/1.300 // dot1q vlan'a 100 RTR1(config-subif)#encapsulation dot1Q 300 RTR1(config-subif)#ipv6 enable RTR1(config-subif)#ipv6 address 2001:300::2/64 RTR1(config-subif)#exit
encapsulation dot1Q 300
subinterface will skip only vlan packets with the number 300.
RTR2(config)#interface gigabitEthernet 0/1 RTR2(config-if)#no shutdown RTR2(config-if)#ipv6 enable RTR2(config-if)#ipv6 address 2001:300::3/64 RTR2(config-if)#exit RTR2(config)#
BR1(config)#interface gigabitEthernet 0/0 BR1(config-if)#no shutdown BR1(config-if)#ip address 30.30.30.2 255.255.255.252 BR1(config-if)#exit BR1(config)#
RTR1(config-subif)#ipv6 unicast-routing
// SW1(config)#interface vlan 100 SW1(config-if)#ipv6 enable // ipv6 SW1(config-if)#ipv6 address autoconfig SW1(config-if)#exit
show ipv6 interface brief
command:
SW1#show ipv6 interface brief ... Vlan100 [up/up] FE80::A8BB:CCFF:FE80:C000 // link-local 2001:100::A8BB:CCFF:FE80:C000 // IPv6-
// vlan 100 SW1(config)#interface vlan 100 // link-local SW1(config-if)#ipv6 address fe80::10 link-local SW1(config-if)#exit
SW1#show ipv6 interface brief ... Vlan100 [up/up] FE80::10 //link-local c 2001:100::10 //IPv6-
range
keyword and then listing all interfaces:
// RTR1(config)#interface range gigabitEthernet 0/1.100, gigabitEthernet 0/1.300, loopback 100 // link-local RTR1(config-if)#ipv6 address fe80::1 link-local RTR1(config-if)#exit
RTR1#show ipv6 interface brief gigabitEthernet 0/1.100 [up/up] FE80::1 2001:100::1 gigabitEthernet 0/1.300 [up/up] FE80::1 2001:300::2 Loopback100 [up/up] FE80::1 2001:A:B::1
range
command, and then you should write commands to translate the desired vlan and then turn off the interfaces. For example, at switch SW1, according to L1 topology, ports f0 / 3-4, f0 / 7-8, f0 / 11-24 and g0 / 2 will be turned off. For this example, the setting will be as follows:
// SW1(config)#interface range fastEthernet 0/3-4, fastEthernet 0/7-8, fastEthernet 0/11-24, gigabitEthernet 0/2 // access SW1(config-if-range)#switchport mode access // VLAN 99 SW1(config-if-range)#switchport access vlan 99 // SW1(config-if-range)#shutdown SW1(config-if-range)#exit
SW1#show ip interface brief Interface IP-Address OK? Method Status Protocol ... fastEthernet 0/3 unassigned YES unset administratively down down
SW1#show ip vlan ... 99 VLAN0099 active Fa0/3, Fa0/4, Fa0/7, Fa0/8 Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/20, Fa0/21, Fa0/22 Fa0/23, Fa0/24, Gig0/2 ...
// 60; : 2; : 30 SW1#login block-for 60 attempts 2 within 30
SW1#show login ... If more than 2 login failures occur in 30 seconds or less, logins will be disabled for 60 seconds. ...
// SSH 2 Router(config)#ip ssh version 2 Please create RSA keys (of at least 768 bits size) to enable SSH v2. Router(config)#
// RSA Router(config)#crypto key generate rsa % Please define a hostname other than Router. Router(config)#
Router(config)#hostname R1 R1(config)#crypto key generate rsa % Please define a domain-name first. R1(config)#
R1(config)#ip domain-name wsrvuz19.ru R1(config)#crypto key generate rsa How many bits in the modulus [512]: 1024 % Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
RTR1(config)#crypto key generate rsa How many bits in the modulus [512]: 1024 % Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
// R1(config)#line vty 0 4 // SSH RTR1(config-line)#transport input ssh RTR1(config-line)#exit
// ssh RTR1(config)#do ssh -l wsrvuz19 1.1.1.1 Password: RTR1#
-l
key, the login of the existing user is entered, and then the password. After authentication, the transition immediately to the privileged mode occurs, which means that SSH is configured correctly.Source: https://habr.com/ru/post/457916/