This is our lab.

This is our lab.

This is our lab.

If some one want to donate abit money or even a pieces of cake, we are welcome and appreciate, it will be used to keep the freelabnetworks running.

This is our lab.

If some one want to donate abit money or even a pieces of cake, we are welcome and appreciate, it will be used to keep the freelabnetworks running.

Cisco 802.1Q Tunneling aka Q-in-Q

Cisco 802.1Q Tunneling aka Q-in-Q

Q-in-Q is a feature often used by service provider as a layer 2 VPN.
The configuration is very simple, put a 802.1Q tag on interface that it receives from customer and on interface that it out to customer other side. A different VLAN tag for each customer can separate the traffic from different customers. Set dot1q tunnel on both edge of service provider.

One of benefit of this technique is that it’s easy to implement, you don’t need to run any routing protocols inside service provider and also between provider and customer. From customers perspective, it’s just like their sites are directly connected on layer 2.

You can use freelabnetworks to configure Q-in-Q.

The following example is like site-A direcly connected with site-B.

SW2 as Customer-site-A
SW3 as Customer-site-B
SW4 as Service-provider-cloud

Before Q-in-Q configured:

#Customer-site-A (SW2)
SW2#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW4              Fas 0/5            122          S I      WS-C3550-2Fas 0/3

#Customer-site-B (SW3)
SW3#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW4              Fas 0/5            171          S I      WS-C3550-2Fas 0/5

After Q-in-Q configured:

#Customer-site-A (SW2)
SW2#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW3              Fas 0/5            152          S I      WS-C2950G-Fas 0/5

#Customer-site-B (SW3)
SW3#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW2              Fas 0/5            164          S I      WS-C2950G-Fas 0/5

Q-in-Q configured on Service-provider-cloud (SW4) :

SW4#show running-config interface FastEthernet 0/3
Building configuration...
Current configuration : 222 bytes
!
interface FastEthernet0/3
 switchport access vlan 23
 switchport mode dot1q-tunnel
 no ip address
 l2protocol-tunnel cdp
 l2protocol-tunnel stp
 l2protocol-tunnel vtp
 no cdp enable
 spanning-tree bpdufilter enable
end

SW4#show running-config interface FastEthernet 0/5
Building configuration...
Current configuration : 222 bytes
!
interface FastEthernet0/5
 switchport access vlan 23
 switchport mode dot1q-tunnel
 no ip address
 l2protocol-tunnel cdp
 l2protocol-tunnel stp
 l2protocol-tunnel vtp
 no cdp enable
 spanning-tree bpdufilter enable
end

SW4#show interfaces FastEthernet 0/3 switchport 
Name: Fa0/3
Switchport: Enabled
Administrative Mode: tunnel
Operational Mode: tunnel
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 23 (QinQ)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none 
Administrative private-vlan mapping: none 
Operational private-vlan: none 
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled

Voice VLAN: none (Inactive)
Appliance trust: none

SW4#show interfaces FastEthernet 0/5 switchport 
Name: Fa0/5
Switchport: Enabled
Administrative Mode: tunnel
Operational Mode: tunnel
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 23 (QinQ)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none 
Administrative private-vlan mapping: none 
Operational private-vlan: none 
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled

Voice VLAN: none (Inactive)
Appliance trust: none

Q-in-Q is a feature often used by service provider as a layer 2 VPN.
The configuration is very simple, put a 802.1Q tag on interface that it receives from customer and on interface that it out to customer other side. A different VLAN tag for each customer can separate the traffic from different customers. Set dot1q tunnel on both edge of service provider.

One of benefit of this technique is that it’s easy to implement, you don’t need to run any routing protocols inside service provider and also between provider and customer. From customers perspective, it’s just like their sites are directly connected on layer 2.

You can use freelabnetworks to configure Q-in-Q.

The following example is like site-A direcly connected with site-B.

SW2 as Customer-site-A
SW3 as Customer-site-B
SW4 as Service-provider-cloud

Before Q-in-Q configured:

#Customer-site-A (SW2)
SW2#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW4              Fas 0/5            122          S I      WS-C3550-2Fas 0/3

#Customer-site-B (SW3)
SW3#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW4              Fas 0/5            171          S I      WS-C3550-2Fas 0/5

After Q-in-Q configured:

#Customer-site-A (SW2)
SW2#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW3              Fas 0/5            152          S I      WS-C2950G-Fas 0/5

#Customer-site-B (SW3)
SW3#show cdp neighbors FastEthernet 0/5
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
                  S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID        Local Intrfce     Holdtme    Capability  Platform  Port ID
SW2              Fas 0/5            164          S I      WS-C2950G-Fas 0/5

Q-in-Q configured on Service-provider-cloud (SW4) :

SW4#show running-config interface FastEthernet 0/3
Building configuration...
Current configuration : 222 bytes
!
interface FastEthernet0/3
 switchport access vlan 23
 switchport mode dot1q-tunnel
 no ip address
 l2protocol-tunnel cdp
 l2protocol-tunnel stp
 l2protocol-tunnel vtp
 no cdp enable
 spanning-tree bpdufilter enable
end

SW4#show running-config interface FastEthernet 0/5
Building configuration...
Current configuration : 222 bytes
!
interface FastEthernet0/5
 switchport access vlan 23
 switchport mode dot1q-tunnel
 no ip address
 l2protocol-tunnel cdp
 l2protocol-tunnel stp
 l2protocol-tunnel vtp
 no cdp enable
 spanning-tree bpdufilter enable
end

SW4#show interfaces FastEthernet 0/3 switchport 
Name: Fa0/3
Switchport: Enabled
Administrative Mode: tunnel
Operational Mode: tunnel
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 23 (QinQ)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none 
Administrative private-vlan mapping: none 
Operational private-vlan: none 
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled

Voice VLAN: none (Inactive)
Appliance trust: none

SW4#show interfaces FastEthernet 0/5 switchport 
Name: Fa0/5
Switchport: Enabled
Administrative Mode: tunnel
Operational Mode: tunnel
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 23 (QinQ)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none 
Administrative private-vlan mapping: none 
Operational private-vlan: none 
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled

Voice VLAN: none (Inactive)
Appliance trust: none

Recovery Password Cisco Router

Recovery Password Cisco Router

If you have a problem with accessing Cisco router cause forgotten the password, hope this tutorial will help you to find out how to fix it.

• If you can access the router, type show version at the prompt, and record the configuration register setting.
• 0x2102 boots and loads your saved configuration.
  0x2142 boots and by-passes the configuration and allows you to view/edit the save configuration if you need to do any kind of password recovery, etc.
• Use the power switch in order to turn off the router, and then turn the router back on.
• Press Ctrl + Break on the terminal keyboard a couple of time after power up in order to put the router into ROMmon.
• If the break sequence does not work, refer to Standard Break Key Sequence Combinations During Password Recovery for other key combinations. 
• Type confreg 0x2142
• rommon 1 > confreg 0x2142
• Type reset
• rommon 2 > reset
•  Type no in the intial cofiguration dialog
• Would you like to enter the initial configuration dialog? [yes/no]: no
• Do not type copy running-config startup-config or write. These commands erase your startup configuration.
• If you really want to restore your existing configuration,
• Type copy startup-config running-config
• Router#copy startup-config running-config
• Type configure terminal. 
• Type enable secret <password> in order to change the enable secret password.
• Type config-register 0x2102
• Type write memory or copy running-config startup-config in order to commit the changes.

 Reference : 
http://www.cisco.com/c/en/us/support/docs/routers/2600-series-multiservice-platforms/22188-pswdrec-2600.html  

If you have a problem with accessing Cisco router cause forgotten the password, hope this tutorial will help you to find out how to fix it.

• If you can access the router, type show version at the prompt, and record the configuration register setting.
• 0x2102 boots and loads your saved configuration.
  0x2142 boots and by-passes the configuration and allows you to view/edit the save configuration if you need to do any kind of password recovery, etc.
• Use the power switch in order to turn off the router, and then turn the router back on.
• Press Ctrl + Break on the terminal keyboard a couple of time after power up in order to put the router into ROMmon.
• If the break sequence does not work, refer to Standard Break Key Sequence Combinations During Password Recovery for other key combinations. 
• Type confreg 0x2142
• rommon 1 > confreg 0x2142
• Type reset
• rommon 2 > reset
•  Type no in the intial cofiguration dialog
• Would you like to enter the initial configuration dialog? [yes/no]: no
• Do not type copy running-config startup-config or write. These commands erase your startup configuration.
• If you really want to restore your existing configuration,
• Type copy startup-config running-config
• Router#copy startup-config running-config
• Type configure terminal. 
• Type enable secret <password> in order to change the enable secret password.
• Type config-register 0x2102
• Type write memory or copy running-config startup-config in order to commit the changes.

 Reference : 
http://www.cisco.com/c/en/us/support/docs/routers/2600-series-multiservice-platforms/22188-pswdrec-2600.html  

VTP (Virtual Trunking Protocol)

VTP (Virtual Trunking Protocol)

VTP is a cisco proprietary protocol that reduce vlan administration effort in switch network.

Normally, If you define a vlans on a switch in switched network, you should added them also on other switch in switched network, this can be a home work if involving a large number of switches and is also prone to error.

VTP makes your life easy, VTP allows you to add, delete and rename vlans on a single switch and this information will propagated to all other switch in the VTP domain.

In this manner, VTP allows for more consistent vlan configuration and monitoring of vlan by central administration.

VTP has three different modes :
- Server
This is the default mode on all cisco switch, a switch must be in VTP server mode to be able to create, modify and delete vlans.

- Client
a switch in VTP client mode raceive information from VTP servers, but a VTP client cannot create, modify and delete vlans. so, switch that are in VTP client mode will just learn and pass VTP information.

- Transparent
a switch in transparent mode receive VTP and forwards the to any configured trunk links. they can create, modify and delete vlans in their own vlan database but the database is kept isolate from the VTP domain and isn't advertised at all to other parties.

Let's find out how it's works for free only at freelabnetworks.blogspot.com.

If I’ve missed anything please speak up in the comments and let me know.

VTP is a cisco proprietary protocol that reduce vlan administration effort in switch network.

Normally, If you define a vlans on a switch in switched network, you should added them also on other switch in switched network, this can be a home work if involving a large number of switches and is also prone to error.

VTP makes your life easy, VTP allows you to add, delete and rename vlans on a single switch and this information will propagated to all other switch in the VTP domain.

In this manner, VTP allows for more consistent vlan configuration and monitoring of vlan by central administration.

VTP has three different modes :
- Server
This is the default mode on all cisco switch, a switch must be in VTP server mode to be able to create, modify and delete vlans.

- Client
a switch in VTP client mode raceive information from VTP servers, but a VTP client cannot create, modify and delete vlans. so, switch that are in VTP client mode will just learn and pass VTP information.

- Transparent
a switch in transparent mode receive VTP and forwards the to any configured trunk links. they can create, modify and delete vlans in their own vlan database but the database is kept isolate from the VTP domain and isn't advertised at all to other parties.

Let's find out how it's works for free only at freelabnetworks.blogspot.com.

If I’ve missed anything please speak up in the comments and let me know.

Rentals

Rentals

 

Overview

We offers rack rentals that support all requirement including Routing & Switching, and Security with dedicated equipment. 

Pricing

TBA

 

Overview

We offers rack rentals that support all requirement including Routing & Switching, and Security with dedicated equipment. 

Pricing

TBA

Mikrotik

Mikrotik

Mikrotik is a device that give you all function of routing even though the switch function can be done as well. you can get ospf, bgp, mpls, vpls, 802.1q trunking, wireless access point, firewall and many more at a price below $100.

there are many various type of mikrotik, you can find on  www.routerboard.com / www.mikrotik.co.id 

Most of service provider use them for their high feature and low cost,
Let's find out what can we done use the box for free only at freelabnetworks.blogspot.com.

If I’ve missed anything please speak up in the comments and let me know.

Enjoy.

Mikrotik is a device that give you all function of routing even though the switch function can be done as well. you can get ospf, bgp, mpls, vpls, 802.1q trunking, wireless access point, firewall and many more at a price below $100.

there are many various type of mikrotik, you can find on  www.routerboard.com / www.mikrotik.co.id 

Most of service provider use them for their high feature and low cost,
Let's find out what can we done use the box for free only at freelabnetworks.blogspot.com.

If I’ve missed anything please speak up in the comments and let me know.

Enjoy.

Online Lab

Online Lab

Current Topology !

The lab is free and open for 24 hour, just login anytime.

Please follow these simple rule :

- Do not change the line vty settings. 

- Do not erase the IOS image of format the flash filesystem. 

- Lab will be roll back to default configuration every midnight.

- Username will be change every day.

To login, use a telnet client like putty, linux/unix telnet or secure crt and telnet to TCP port 1001, 1002, 1003, etc, or just click the on the bellow links.

Main Lab  
(Cisco Lab)

SW2   :  lab.freelabnetworks.com 1002
SW3   :  lab.freelabnetworks.com 1003
SW4   :  lab.freelabnetworks.com 1004

RT2   :  lab.freelabnetworks.com 2002
RT3   :  lab.freelabnetworks.com 2003

(Mikrotik Lab)

User : lab 
Pass : [Enter]
 
RT4   :  lab.freelabnetworks.com 30040
RT5   :  lab.freelabnetworks.com 30050

Please share your thoughts with us in the comment section of this post.
Thanks.

Current Topology !

The lab is free and open for 24 hour, just login anytime.

Please follow these simple rule :

- Do not change the line vty settings. 

- Do not erase the IOS image of format the flash filesystem. 

- Lab will be roll back to default configuration every midnight.

- Username will be change every day.

To login, use a telnet client like putty, linux/unix telnet or secure crt and telnet to TCP port 1001, 1002, 1003, etc, or just click the on the bellow links.

Main Lab  
(Cisco Lab)

SW2   :  lab.freelabnetworks.com 1002
SW3   :  lab.freelabnetworks.com 1003
SW4   :  lab.freelabnetworks.com 1004

RT2   :  lab.freelabnetworks.com 2002
RT3   :  lab.freelabnetworks.com 2003

(Mikrotik Lab)

User : lab 
Pass : [Enter]
 
RT4   :  lab.freelabnetworks.com 30040
RT5   :  lab.freelabnetworks.com 30050

Please share your thoughts with us in the comment section of this post.
Thanks.