Networking Task 1 for CCNA
- Your Distribution Switch will be the root bridge and it should always remain root bridge.
- All the switches should run separate instance of STP for each VLAN & should support DOT1Q encapsulation on trunk links.
- Distribution switch will only be the VTP server switch.
- VTP version 2 should run on all switches.
- The DMZ switch should always remain with CR value of 0.
- VTP domain will be LOCUZ.
- Your VTP messages should pass securely.
- Multiple Links between switches should be combined into a logical link.
- The Load balance method for bundled links should be source+destination IP.
- Users will be part of VLAN 10 (DATA) with subnet 192.168.1.0/24.
- All devices will be part of Management VLAN 20 (MGMT) with subnet 172.16.1.0/29.
- Servers will be part of VLAN 50 (DMZ) with subnet 10.100.100.0/25.
- The switches will not participate in any Layer 3 activity beside their own management.
- When user sending any Traffic for VLAN 50 from Access Switch, It should not pass through Distribution Switch in any case.
- User connected ports should come up in milliseconds all time.
- Unused ports should be Shut Down on all switches.
- On access switch, If any one connect a switch to any port then the port should go into Temporary Block.
- ISP provided information.
Your Public IP: 126.96.36.199/29
Next Hop IP: 188.8.131.52
- On internet side 184.108.40.206 must be there. For testing create a loop back interface and assign this IP.
- Configure a Default route towards ISP. Customer is using this ISP for temporary use. In future if any new ISP added to the Router and if any new default route configured then the newly configured Default route should become Primary.
- All the LAN users should receive IP address and DNS info dynamically.
- The internet or ISP router should not get to know about information about any Internal private IP.
- The server should be accessed from Internet using IP 220.127.116.11 and from LAN users it should be access using IP 10.100.100.100.
- The server should only access for ICMP & HTTP services from internet users.
- Internal users should only communicate for HTTP, HTTPS & ICMP services from internet.
Note: Apply your best practice for rest of the things.
Task By: Saubhagya Mishra
CCIE Routing & Switching certified