1
00:00:00,510 --> 00:00:02,460
Let's start with the access switches.

2
00:00:02,969 --> 00:00:07,650
Switch three and switch four are not going to do into VLAN routing.

3
00:00:07,950 --> 00:00:10,590
These are going to be configured as a layer two switches.

4
00:00:10,590 --> 00:00:18,960
So I should change the symbol of these switches to be simple ethernet switches.

5
00:00:19,870 --> 00:00:25,870
They are simply going to be layer two switches that provide connectivity to the rest of the network.

6
00:00:25,870 --> 00:00:27,610
So change the symbol.

7
00:00:28,950 --> 00:00:30,360
Of both these switches.

8
00:00:33,960 --> 00:00:41,130
They will have one IP address configured and that IP address is only used for management purposes.

9
00:00:41,520 --> 00:00:50,430
So the IP address configured on the switches is only to allow Telnet or SSH to the switches for management

10
00:00:50,430 --> 00:00:51,270
purposes.

11
00:00:51,570 --> 00:00:54,360
They're not going to do any kind of routing.

12
00:00:54,930 --> 00:01:00,850
User devices shouldn't typically be able to ping talent or SSH to the access switches.

13
00:01:00,870 --> 00:01:05,340
So on switch three confetti interface.

14
00:01:05,430 --> 00:01:07,330
VLAN one.

15
00:01:07,350 --> 00:01:10,980
This is known as a switched virtual interface or SVI.

16
00:01:12,210 --> 00:01:17,820
If I type do show IP interface, brief on the switch and scroll down.

17
00:01:17,820 --> 00:01:28,590
You can see that the SVI has been created, but it was shut down previously when I did the command show

18
00:01:28,590 --> 00:01:32,970
IP interface brief, the SVI interface was not created.

19
00:01:34,360 --> 00:01:41,470
So by using the command interface VLAN one, I've created this switch virtual interface.

20
00:01:42,160 --> 00:01:52,810
So IP address ten .1. 100.3 subnet mask is going to be a slash 24 and I need to know shut the SVI because

21
00:01:52,810 --> 00:01:55,570
by default it's administratively down.

22
00:01:56,410 --> 00:01:58,150
Top end ping.

23
00:01:59,370 --> 00:02:06,600
Before I do a ping show IP interface, brief notice the interface is now up so I should be able to ping

24
00:02:06,600 --> 00:02:10,650
myself ten one 103 and I can.

25
00:02:11,400 --> 00:02:17,900
So I'll save that config and then I'll go to switch for once again show IP interface brief.

26
00:02:20,430 --> 00:02:25,380
No sfai currently exists only the physical interfaces interface.

27
00:02:25,380 --> 00:02:27,390
VLAN one IP address.

28
00:02:28,510 --> 00:02:32,110
In this example, it will be 10.1 104.

29
00:02:33,220 --> 00:02:38,710
So IP address 10.1 and 104 slash 24 mosque.

30
00:02:40,420 --> 00:02:41,410
No, shut it.

31
00:02:42,610 --> 00:02:45,000
Save the config interface.

32
00:02:45,010 --> 00:02:48,820
VLAN one has come up, as you can see over there.

33
00:02:52,100 --> 00:02:55,550
Ping 10.1 at 100.3.

34
00:02:56,750 --> 00:02:57,950
Ping succeeds.

35
00:02:58,370 --> 00:03:03,830
The first ping failed because the switch had to do a NOP for the mac address of switch three.

36
00:03:04,070 --> 00:03:08,480
But notice switch four is now able to ping switch three.

37
00:03:09,050 --> 00:03:13,940
And by the same token, switch three is now able to ping switch four.

38
00:03:14,390 --> 00:03:17,900
So that's a good sign because it means our links are up.

39
00:03:18,290 --> 00:03:25,730
In a moment, I'll discuss CDP and LDAP or Cisco Discovery Protocol and Link Discovery Protocol and

40
00:03:25,730 --> 00:03:31,850
show you how to check the connections between switches on switch one and switch two.

41
00:03:32,150 --> 00:03:40,580
We need to configure multiple IP addresses one per VLAN because these switches will be doing inter VLAN

42
00:03:40,580 --> 00:03:41,210
routing.

43
00:03:41,210 --> 00:03:42,890
So on switch one.

44
00:03:44,760 --> 00:03:55,470
Show IP interface brief at the moment no service are configured so interface VLAN one IP address 10.1

45
00:03:55,470 --> 00:03:59,730
100 12552450.

46
00:03:59,760 --> 00:04:03,900
No shut interface vlan.

47
00:04:07,200 --> 00:04:07,950
Ten.

48
00:04:08,340 --> 00:04:11,670
IP address 10.1 10.1.

49
00:04:11,850 --> 00:04:13,740
Slash 24.

50
00:04:15,150 --> 00:04:28,650
No shut interface VLAN 20 or interface VLAN 20 rather IP address 10.1 or 20.1 slash 24.

51
00:04:29,010 --> 00:04:32,910
No shut control Z or control z.

52
00:04:33,240 --> 00:04:34,320
Show.

53
00:04:34,800 --> 00:04:37,020
IP Interface Brief.

54
00:04:38,300 --> 00:04:39,740
At the moment.

55
00:04:40,600 --> 00:04:50,050
Only VLAN one is up VLAN ten and VLAN 20 are down and that's because we don't have any interfaces configured

56
00:04:50,050 --> 00:04:52,660
in a VLAN ten or VLAN 20.

57
00:04:53,050 --> 00:04:58,330
I'm going to show you in a moment how to explicitly configure these ports as trunk ports, and then

58
00:04:58,330 --> 00:05:01,180
we should see that those services come up.

59
00:05:01,780 --> 00:05:03,850
Now switch to.

60
00:05:05,480 --> 00:05:21,170
Show IP interface brief no service interface v interface VLAN one IP Address ten .1. 100.2 slash 24

61
00:05:21,650 --> 00:05:41,300
no shut interface VLAN ten IP address 10.1 ten two slash 24 No shut interface VLAN 20 IP address ten

62
00:05:41,300 --> 00:05:46,580
.1. 22 Slash 24.

63
00:05:46,610 --> 00:05:49,880
No shut end show.

64
00:05:50,300 --> 00:05:53,420
IP Interface Brief.

65
00:05:54,340 --> 00:05:56,410
Once again, villain one is up.

66
00:05:57,310 --> 00:06:00,010
VLAN ten and VLAN 20 are down.

67
00:06:00,010 --> 00:06:06,790
And that's once again because when we use the command show interface gigabit zero zero switch port as

68
00:06:06,790 --> 00:06:07,690
an example.

69
00:06:08,020 --> 00:06:16,600
You'll notice that the port is configured for VLAN one but no other vlans have been explicitly configured

70
00:06:16,600 --> 00:06:17,710
across this port.

71
00:06:18,100 --> 00:06:24,910
The access VLAN is VLAN one by default if DHCP or dynamic trunk protocol doesn't negotiate with the

72
00:06:24,910 --> 00:06:27,870
other side to form a trunk trunking.

73
00:06:27,880 --> 00:06:30,460
A native VLAN is VLAN one by default.

74
00:06:30,550 --> 00:06:38,020
So we only have interface vlan one up, the other interfaces are down.

75
00:06:38,140 --> 00:06:42,820
But as that time management VLAN, we are okay to use that for testing.

76
00:06:42,820 --> 00:06:45,700
So can switch to ping switch one.

77
00:06:45,700 --> 00:06:46,780
Yes, it can.

78
00:06:48,470 --> 00:06:50,340
Should be able to ping itself, which it can.

79
00:06:50,360 --> 00:06:51,770
What about switch three?

80
00:06:52,720 --> 00:06:53,470
Which it can.

81
00:06:53,470 --> 00:06:55,150
And what about switch for?

82
00:06:55,800 --> 00:06:56,850
Yes, it can.

83
00:06:56,940 --> 00:07:00,640
So we have IP connectivity in our network.

84
00:07:00,660 --> 00:07:02,430
The switches can ping each other.

85
00:07:02,820 --> 00:07:04,740
Let's do another test on switch one.

86
00:07:04,740 --> 00:07:06,150
Can it ping itself?

87
00:07:07,320 --> 00:07:08,040
Yes, it can.

88
00:07:08,040 --> 00:07:09,350
Can its ping switch to.

89
00:07:09,360 --> 00:07:11,310
Yes, it can switch three.

90
00:07:12,220 --> 00:07:14,290
Yes it can switch for.

91
00:07:14,800 --> 00:07:15,820
Yes, it can.

92
00:07:16,540 --> 00:07:18,010
And I'll save the config.

93
00:07:18,430 --> 00:07:22,030
So we've configured IP addresses on the switches.

94
00:07:22,360 --> 00:07:28,300
Can the switches ping router three, which is in the management vlan.

95
00:07:29,080 --> 00:07:36,820
So on switch one once again paying ten one 125 three or 253 rather.

96
00:07:38,110 --> 00:07:39,130
Yes, it can.

97
00:07:39,130 --> 00:07:43,210
So switch one can ping the IP address of router three.

98
00:07:44,010 --> 00:07:49,590
Now these routers acting as PCs are going to be put into separate VLANs.

99
00:07:49,590 --> 00:07:55,560
So we'll do the pinging when we configure those devices in a separate VLAN.

100
00:07:55,800 --> 00:08:01,440
At the moment we haven't got VLAN ten configured properly in the network, so we can't test connectivity

101
00:08:01,440 --> 00:08:03,930
between our PCs and the switches.