Home > VLAN Routing

VLAN Routing

April 28th, 2013 in Guide Go to comments

In this article we will discuss about the configuration on the switches of the TSHOOT Demo ticket. We post the topology here for your reference.

Layer2/3 topology

Main Configuration on DSW1 and ASW1

DSW1:

ip routing
vtp mode transparent
!
vlan 10
name CLIENT_VLAN
!
vlan 98
name NATIVE_VLAN
!
vlan 99
name PARKING_LOT
!
interface range Fa1/0/2 – 18, Fa1/0/20 – 48, Gi1/0/1 – 4
switchport access vlan 99
switchport mode access
shutdown
!
interface FastEthernet1/0/1
description Link to R4
no switchport
ip address 172.16.1.14 255.255.255.252
!
interface FastEthernet1/0/19
description Trunk to ASW1
switchport access vlan 99
switchport trunk encapsulation dot1q
switchport trunk native vlan 98
switchport trunk allowed vlan 10,98
switchport mode trunk
!
interface Vlan10
ip address 172.16.2.1 255.255.255.0
!
router eigrp 16
network 172.16.1.0 0.0.0.255
network 172.16.2.0 0.0.0.255
passive-interface default
no passive-interface FastEthernet0/1

ASW1:

vtp mode transparent
!
vlan 10
name CLIENT_VLAN
!
vlan 98
name NATIVE_VLAN
!
vlan 99
name PARKING_LOT
!
interface FastEthernet1/0/1
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface FastEthernet1/0/2
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface range Fa1/0/3 – 18, Fa1/0/20 – 48, Gi1/0/1 – 4
switchport access vlan 99
switchport mode access
shutdown
!
interface FastEthernet1/0/19
description Link to DSW1
switchport trunk encapsulation dot1q
switchport trunk native vlan 98
switchport trunk allowed vlan 10,98
switchport mode trunk

From the output above we learn that:

+ VTP is disabled on both switches.
+ DSW1: running EIGRP (Layer 3 switch) while ASW1 is pure layer 2 switch
+ Configuration VLANs on both switches as follows:
a) VLAN 10: CLIENT_VLAN (two computers are assigned to this VLAN)
b) VLAN 98: NATIVE_VLAN (no ports are assigned to this VLAN. This VLAN exists just to make sure traffic from other VLANs are tagged)
c) VLAN 99: PARKING_LOT (unused ports are assigned to this VLAN)
+ Fa1/0/19 is the trunking port between two switches
+ Only VLAN 10 and 98 are allowed to go through 2 switches.
+ Default gateway on two PCs are 172.16.2.1 which is the IP address of Interface VLAN 10 on DSW1.
+ EIGRP updated is only sent and received on fa1/0/1 which connects from DSW1 to R4
+ On ASW1, spanning-tree PortFast feature is enabled on fa1/0/1 & fa1/0/2 which are connected to two PCs.

Note: On DSW1, under interface Fa1/0/19 we can see this command:

switchport access vlan 99

but this port is set as trunk port (switchport mode trunk) so how can a command for access port be there? Well, in fact we have set this port to trunk mode so the switchport access vlan 99 command has no effect at all. It only affects when you change this port to an access port and this port would be assigned to VLAN 99.

The IP address of interface VLAN 10 (172.16.2.1/24) is set as the default gateway on Host 1 & Host 2. In general, a Switch Virtual Interface (SVI) represents a logical Layer 3 interface on a switch and it can be used to interconnect Layer 3 networks using routing protocols (like RIP, OSPF, EIGRP…). When packets reach this SVI, the Layer 3 switch will look up in its routing table to see if there is an entry to route the packets to the destination. In this case, packets sent from Host 1 & 2 reach 172.16.2.1 (because this IP is also the default gateway set on Host 1 & 2), then DSW1 looks up in its routing table for a suitable entry to the destination.

Quick reminder: VLAN interfaces or switched virtual interfaces (SVI) are logical layer 3 routable interface. Generally, SVIs are often used to accomplish InterVLAN routing on a Layer 3 switch. From there, you would point the client devices to the VLAN interface to use as it’s default gateway. When a packet arrives on that interface, the Layer 3 switch will do a routing table lookup and perform routing process like a normal packet.

In the next part we will try to do above topology in Packet Tracer. But Packet Tracer does not understand redistribute static route into EIGRP so we simplify the configuration by running EIGRP on all routers.

Physical topology

Tasks in the lab:

+ VTP is disabled on both switches.
+ DSW1: running EIGRP (Layer 3 switch) while ASW1 is pure layer 2 switch
+ Configuration VLANs on both switches as follows:
a) VLAN 10: CLIENT_VLAN (two computers are assigned to this VLAN)
b) VLAN 98: NATIVE_VLAN (no ports are assigned to this VLAN. This VLAN exists just to make sure traffic from other VLANs are tagged)
c) VLAN 99: PARKING_LOT (unused ports are assigned to this VLAN)
+ Fa0/19 is the trunking port between two switches
+ Only VLAN 10 and 98 are allowed to go through 2 switches.
+ Default gateway on two PCs are 172.16.2.1 which is the IP address of Interface VLAN 10 on DSW1.
+ EIGRP updated is only sent and received on fa0/1 which connects from DSW1 to R4
+ On ASW1, spanning-tree PortFast feature is enabled on fa0/1 & fa0/2 which are connected to two PCs.

Configuration

ASW1
hostname ASW1
!
vtp mode transparent
!
vlan 10
name CLIENT_VLAN
!
vlan 98
name NATIVE_VLAN
!
vlan 99
name PARKING_LOT
!
interface FastEthernet0/1
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/2
switchport access vlan 10
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/19
description Link to DSW1
switchport trunk encapsulation dot1q
switchport trunk native vlan 98
switchport trunk allowed vlan 10,98
switchport mode trunk
DSW1
hostname DSW1
ip routing
!
vtp mode transparent
!
vlan 10
name CLIENT_VLAN
!
vlan 98
name NATIVE_VLAN
!
vlan 99
name PARKING_LOT
!
interface FastEthernet0/1
description Link to R4
no switchport
ip address 172.16.1.14 255.255.255.252
no shutdown
!
interface FastEthernet0/19
description Trunk to ASW1
switchport access vlan 99
switchport trunk encapsulation dot1q
switchport trunk native vlan 98
switchport trunk allowed vlan 10,98
switchport mode trunk
!
interface Vlan10
ip address 172.16.2.1 255.255.255.0
!
router eigrp 16
network 172.16.1.0 0.0.0.255
network 172.16.2.0 0.0.0.255
passive-interface default
no passive-interface FastEthernet0/1
R0
hostname R0
!
interface FastEthernet0/0
ip address 172.16.1.13 255.255.255.252
no shutdown
!
interface FastEthernet0/1
ip address 209.65.200.225 255.255.255.252
no shutdown
!
router eigrp 16
network 172.16.0.0
network 209.65.200.0
R1
hostname R1
!
interface FastEthernet0/0
ip address 209.65.200.226 255.255.255.252
no shutdown
!
router eigrp 16
network 209.65.200.0

Also configure IP addresses and default gateways of the two computers as follows:

PC0
IP: 172.16.2.3/24
Default gateway: 172.16.2.1
PC1
IP: 172.16.2.4/24
Default gateway: 172.16.2.1

Now two hosts can ping 209.65.200.226.

The Packet Tracer initial and final configs can be downloaded here:
Initial Configs: http://www.pmsas.pr.gov.br/wp-content/?id=networktut-300-135&exam=download/TSHOOT_demo_VLAN_switches_initial.zip
Final Configs: http://www.pmsas.pr.gov.br/wp-content/?id=networktut-300-135&exam=download/TSHOOT_demo_VLAN_switches_finalConfigs.zip

Comments (50) Comments
  1. Sherif
    May 16th, 2013

    pls can anybody tell me how the questions will look like is it going to come with the diagram or just as it is on this ticket. pls reply to labite80@yahoo.com> thank you all

  2. Kay
    May 19th, 2013

    Same question as well. I got no idea how the questions look and how we go about them or what’s the requirement. Can someone pls explain to me on kessogeh@yahoo.com. Thanks

  3. Apsara
    May 29th, 2013

    Hi All,
    Passed the exam with 945.Thanks to networktut.
    I uses belal & katthaks strategy.Thanks to all for sharing such a helpful information.God bless all. & all the best for all who are going to take the exam.Just prepare well.check the ticket right down the possible answer on the erasable pad one by one & then you can be sure for answers.

  4. Anonymous
    July 12th, 2013

    does anybody know the link where I can download the latest version of packet tracer please

  5. hirako shinji
    October 28th, 2013

    please what is katthaks strategy?

  6. Ramader
    November 28th, 2013

    what is belal strategy? please help. I am about to take my TSHOOT exam within a short period of time.

  7. Ramader
    November 29th, 2013

    Belal Strategy; any one who can send me the links. Thanks for your help in advance!

  8. soyes
    January 15th, 2014

    DSW switches are visible . I cant find ASW switches. Where do you find/click ASW switches in case you want to troubleshoot in the real exam?

  9. Alex
    January 23rd, 2014

    Hi, Can sum1 pls explain me this config on DSW1. what is the difference between switcport access vlan 99 and switchport trunk native Vlan 98?

    interface FastEthernet1/0/19
    description Trunk to ASW1
    switchport access vlan 99
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 98
    switchport trunk allowed vlan 10,98
    switchport mode trunk

  10. Anonymous
    February 4th, 2014

    please anybody reply to me, this demo still valid

  11. Prince
    March 8th, 2014

    @Alex

    For a given switch port can’t be trunk port and access port at same time.

    “switchport mode access vlan 99” command tell that port belong to Vlan 99. So it share same broadcast traffic as other ports in Vlan 99.

    “switchport native vlan 99” command tell the switch don’t add Vlan tag for the Vlan 99 those traffics carries by this trunk link. The native Vlan should be same at both the ends of the trunk. Otherwise it’ll give ‘native vlan mismatch’ error. By default the default Vlan is Vlan 1.

    Hope you understand my explanation!

  12. Martin
    March 19th, 2014

    Hello,
    I wanne made the TShoot exam in June, to recertify my my CCNP. Can anyone tell me if the TShoot Questions are the seme at the moment???

    Thanks in advance

  13. ITJ
    April 11th, 2014

    To Alex = the difference between switchport access vlan 99 and switchport trunk native Vlan 98 is very simple, Valn 99 is a tagged vlan while vlan 98 is not a tagged vlan, breakdown means any system that is connected to interface FastEthernet1/0/19 belongs to vlan 99, however no system belongs to vlan 99. it could be used for voice vlan. more explanation means if device connected to vlan 99 sends a frame it will be taged with the vlan and transmitted to the destination where vlan 99 is and then the tag is stripped off and sent through the port that belongs to vlan 99 to the system it is diestined for.
    Thank you

  14. MRA
    April 14th, 2014

    switchport trunk allowed vlan 10 will make things work ..why needed to add 98 here…can any one plz confirm ?

  15. sami
    April 25th, 2014

    hi all
    subscribe to that channel http://www.youtube.com/user/Joynetworks for free
    thanks

  16. VomitosArcaz
    May 22nd, 2014

    Hi mates!!

    I want to prepare this exam and I have this dumps:

    -Cisco.Exact-Exams.642-832.v2014-01-11.by.MMFSH.238q
    -74 Cisco.ActualTests.642-832.v2013-04-29.by.Igor.70q
    -33 Cisco.Certkey.642-832.v2014-01-24.by.Toni.14q

    Which is the valid dump?

    Regards!

  17. Rami2000
    June 7th, 2014

    Thanks networktut, I passed exam today. and all questions here

  18. AR
    June 9th, 2014

    Hi All,

    Cleared the 642-832 exam on Friday 6th June 2014……………….Now i am a CCNP :)

    Thanks to Network TUT and Khattak Strategy…………… Just follow these and you shall clear it without any hassle. This exam is much easier than Route or Switch exam….

    Please ensure that one has a hands on using GNS3 Software…. Thanks to the person who took the pain to create the Tshoot Topology in GNS3

    In all it took me just 2 weeks of preparation to clear the exam.

    All the best fo the exam

    Kind Regards,
    Abhinandan

  19. MOHAMMAD
    June 15th, 2014

    @ AR,

    are the above labs included in the exam or just they are for practicing.

    only the tickets are included.

    your response is a highly appreciated.

  20. walvarez
    July 9th, 2014

    Just cleared the test 1000 out of 1000
    Everything here applied.

  21. Azeem
    July 23rd, 2014

    Can anyone please send me valid dums and tickets of T-shott.
    I will be really thankful to him

    Azeem@cib.gov.sa

  22. Rich
    September 9th, 2014

    Do you still get a CCNP wallet card from cisco once certified.

  23. Mian
    October 7th, 2014
  24. Tom
    October 10th, 2014

    hello Mir, please help me with IOS image for GNS2 juniper router .. thanks!!

  25. tt
    October 12th, 2014

    HI guys can someone help with link to downoading tshoot gns3 lab? thanks

  26. mack
    October 22nd, 2014

    Thank you networktut.com. wrote my tshoot exam on the 21st of Oct. score 1000/1000. All tickets still valid. However the MCQ and DD have been modified but relatively the same answers.
    Regards.

  27. Haseeb
    November 17th, 2014

    Hi all,
    Passed the exam with score 1000/1000. Alhamdulillah,
    All the questions are 100% valid. Please study Naren Flowchart in combination with networktut Tickets. You will get 100% result, in sha Allah..

  28. Yasmeen
    November 18th, 2014

    @haseeb
    Congrates! Would you please help me download the latest vce version??
    Thanks in advance

  29. Fadi
    November 18th, 2014

    HEllo guys,
    thanks to 9TUT i passed my exman with success all the ticket above are still available
    Therefore, i was trying to find something about IS-IS routing protocol but did not find something clear and interesting ! i will be really thankful if someone can give me a good link about IS-IS + MPLS Traffic Engineer (with LAB ) it’s urgent

    many thanks in advance
    regards

    fadi

  30. Fadi
    November 18th, 2014

    just found a good link for IS-IS need a LAB now please :)
    and something for MPLS traffic engineer ( student lab will be perfect :)

  31. Speedy
    November 23rd, 2014

    Hi Guys,
    Passed 945 2 days ago,
    this dump is still 101% Valid.
    1 drag n drop and 2 multiple choice.
    Labs.
    1.Vlan Filter (DSW1)
    2.IPV6 (R2)
    3.Redistribution (R4)
    4.Port Security (ASW1)
    5.IPV4 L3 Sec – R1 ACL (R1)
    6.OSPF Authentication (R1)
    7.Wrong BGP Neighbor (R1)
    8.Passive Int-EIGRP (R4)
    9.NAT ACL (R1)
    10.DHCP Range (R4)
    11.Switchport VLAN 10 (ASW1)
    12.HSRP (DSW1)
    13.

  32. Speedy
    November 23rd, 2014

    one more in Lab
    13.Switchport trunk (ASW1)

    1.the Drag and Drop were match the following EEM,SDM and it was SCP&TFTP instead of FTP.

    2.FCAPS is a network maintenance model defined by ISO. What does it stand for?

    – I Answered –

    Fault Management
    Configuration Management
    Security Management

    3.The following commands are issued on a Cisco router:

    Router(config)#access-list 199 permit tcp host 10.1.1.1 host 172.16.1.1
    Router(config)#access-list 199 permit tcp host 172.16.1.1 host 10.1.1.1
    Router(config)#exit
    Router#debug ip packet 199

    What would be the output shown on the console?

    – I Answered – All IP packets between 10.1.1.1 to 172.16.1.1

  33. victor
    November 25th, 2014

    i passed tshoot today with 986…this dump is still valid

  34. ringphel
    December 13th, 2014

    Does anyone know where i can find the answer for first diagram coding http://wenku.baidu.com/view/c119a1240722192e4536f617.html

  35. John
    December 26th, 2014

    All U need is Network Tut when preparing for T-Shoot –

  36. Sam
    January 2nd, 2015

    Hi All,
    Done the exam with 1000/1000
    As I always say, trust networktut 100% and all are valid.
    My advice is dont waste your time and refer networktut, TSHOOT_Strategy_by_Khattak, Tshoot Flow Chart by Naren and Igor dump.
    Really easy exam and you can do it within two days, you can do before 29th Jan without wasting time.
    I got 2 MCQ, 1 D&D and 13 TTs – No EIGRP Wrong AS and IP Helper address.
    Thanks a lot networktut, Khattak, Naren.
    Now I am CCNP….
    Cheers….!

  37. yoblr
    January 9th, 2015

    Today I’ve got 986/1000
    Special Thanks to Khattak stratergy
    Now I’m CCNP :)
    Cheers…………….!

  38. jemmo
    January 16th, 2015

    hi everybody,
    after separating the questions into 10.x.x.x and 169.x.x.x we do pings on 10.2.1.1.
    some comments say that we should ping 10.1.1.1. How do we decide on whether to ping 10.1.1.1 or 10.2.1.1 ?

  39. cabeção
    January 17th, 2015

    I’m sorry not to comment in the right place. The site will update the new CCNP V2?

  40. Jose Molina
    January 22nd, 2015

    I don’t understand why many people keep asking if those tickets or topology is still a valid and if you can provide the latest vce. For this test everything is explained in networktut. That’s it.

  41. ccnp hopeful
    January 22nd, 2015

    I love the packettracer labs provided. Anyone else notice that in the “Working Topology” the web server is not PINGable from client 1? I enjoyed troubleshooting it, and noticed that OSPF authentication was missing from R1, just as it is in one of the TT’s. Anyway, good luck to all, and remember, memorizing Q&A might get you to pass the test, but if you dont understand the answers, you wont go far in a job interview. Please use this and any other dumps as a tool, not your only source from which to study.

  42. Buddy
    January 24th, 2015

    ccnp hopeful:
    Pls study answers to your questions/comments @ Ticket # 1 Forum Page # 20!

  43. mani
    January 24th, 2015

    I passed yesterday tshoot.1000 marks.ccnp certified now.thanks for naren flowchart , gns3 talk , networktut and khatak. Use naren flowchart.after that do ur basic trouble shoot refer gns3 talk. No IP helper and no wrong as ticket.

  44. Laith
    January 31st, 2015

    hi guys
    Please if anyone passed exam 300-135 let me know
    Thanks

  45. HENRYCOREL
    February 19th, 2015

    HI ALL…PLS CAN ANYONE PROVIDE THE LATEST TSHOOT TOPOLOGY FOR CCNP 300-135. THANKS

  46. RANCID_2099
    March 5th, 2015

    I just took the TSHOOT exam version 300-135, unfortunately I did not pass. While there are many similarities to the old 642-832 version (mostly in the troubleshooting tickets, there are differences in the multiple choice questions and an addition of an HSRP scenario separate and different from the traditional ticket scenario in the exam, also the addition a IPSEC and GRE focused questions.

    I did not memorize all of the questions that were new to the exam but I can tell you that they are IPSEC and GRE related. To be more specific you will receive questions in regards to the benefits of using GRE in conjunction with IPSEC (you must choose three answers for that one). Also the exam asks which mode for IPSEC encrypts and reduces over head (only valid choices are between tunnel and transport mode).

  47. Anonymous
    August 26th, 2016

    good

  48. Ford
    November 20th, 2016

    How to go about being a premium member

vceplus-200-125    | boson-200-125    | training-cissp    | actualtests-cissp    | techexams-cissp    | gratisexams-300-075    | pearsonitcertification-210-260    | examsboost-210-260    | examsforall-210-260    | dumps4free-210-260    | reddit-210-260    | cisexams-352-001    | itexamfox-352-001    | passguaranteed-352-001    | passeasily-352-001    | freeccnastudyguide-200-120    | gocertify-200-120    | passcerty-200-120    | certifyguide-70-980    | dumpscollection-70-980    | examcollection-70-534    | cbtnuggets-210-065    | examfiles-400-051    | passitdump-400-051    | pearsonitcertification-70-462    | anderseide-70-347    | thomas-70-533    | research-1V0-605    | topix-102-400    | certdepot-EX200    | pearsonit-640-916    | itproguru-70-533    | reddit-100-105    | channel9-70-346    | anderseide-70-346    | theiia-IIA-CIA-PART3    | certificationHP-hp0-s41    | pearsonitcertification-640-916    | anderMicrosoft-70-534    | cathMicrosoft-70-462    | examcollection-cca-500    | techexams-gcih    | mslearn-70-346    | measureup-70-486    | pass4sure-hp0-s41    | iiba-640-916    | itsecurity-sscp    | cbtnuggets-300-320    | blogged-70-486    | pass4sure-IIA-CIA-PART1    | cbtnuggets-100-101    | developerhandbook-70-486    | lpicisco-101    | mylearn-1V0-605    | tomsitpro-cism    | gnosis-101    | channel9Mic-70-534    | ipass-IIA-CIA-PART1    | forcerts-70-417    | tests-sy0-401    | ipasstheciaexam-IIA-CIA-PART3    | mostcisco-300-135    | buildazure-70-533    | cloudera-cca-500    | pdf4cert-2v0-621    | f5cisco-101    | gocertify-1z0-062    | quora-640-916    | micrcosoft-70-480    | brain2pass-70-417    | examcompass-sy0-401    | global-EX200    | iassc-ICGB    | vceplus-300-115    | quizlet-810-403    | cbtnuggets-70-697    | educationOracle-1Z0-434    | channel9-70-534    | officialcerts-400-051    | examsboost-IIA-CIA-PART1    | networktut-300-135    | teststarter-300-206    | pluralsight-70-486    | coding-70-486    | freeccna-100-101    | digitaltut-300-101    | iiba-CBAP    | virtuallymikebrown-640-916    | isaca-cism    | whizlabs-pmp    | techexams-70-980    | ciscopress-300-115    | techtarget-cism    | pearsonitcertification-300-070    | testking-2v0-621    | isacaNew-cism    | simplilearn-pmi-rmp    | simplilearn-pmp    | educationOracle-1z0-809    | education-1z0-809    | teachertube-1Z0-434    | villanovau-CBAP    | quora-300-206    | certifyguide-300-208    | cbtnuggets-100-105    | flydumps-70-417    | gratisexams-1V0-605    | ituonline-1z0-062    | techexams-cas-002    | simplilearn-70-534    | pluralsight-70-697    | theiia-IIA-CIA-PART1    | itexamtips-400-051    | pearsonitcertification-EX200    | pluralsight-70-480    | learn-hp0-s42    | giac-gpen    | mindhub-102-400    | coursesmsu-CBAP    | examsforall-2v0-621    | developerhandbook-70-487    | root-EX200    | coderanch-1z0-809    | getfreedumps-1z0-062    | comptia-cas-002    | quora-1z0-809    | boson-300-135    | killtest-2v0-621    | learncia-IIA-CIA-PART3    | computer-gcih    | universitycloudera-cca-500    | itexamrun-70-410    | certificationHPv2-hp0-s41    | certskills-100-105    | skipitnow-70-417    | gocertify-sy0-401    | prep4sure-70-417    | simplilearn-cisa    |
http://www.pmsas.pr.gov.br/wp-content/    | http://www.pmsas.pr.gov.br/wp-content/    |