Épreuve de Mise en Situation Professionnelle
Infrastructure Réseau
Multi-sites
Relier deux sites via WAN avec DHCP, VLANs, VTP, EtherChannel et Spanning Tree.
2
Routeurs
4
Switches
5
VLANs
4
PCs
01
Topologie
[PC0-VLAN10] [PC1-VLAN20] [PC2-VLAN30]
| | |
[S2 - VTP CLIENT] [S3]
| | | |
+--EtherChannel Grp1--+ +--EtherChannel Grp2--+
| |
[S1 - VTP SERVER]
|
R1 (DHCP + Router-on-a-stick)
|
WAN 10.0.17.0/30
|
R2
|
[Switch2]
|
[PC3 - VLAN55]
02
Plan d'adressage
| Équipement | Interface | Adresse IP | Masque | Rôle |
|---|---|---|---|---|
| R1 | Gig0/1.10 | 192.168.10.1 | /24 | Passerelle VLAN 10 |
| R1 | Gig0/1.20 | 192.168.20.1 | /24 | Passerelle VLAN 20 |
| R1 | Gig0/1.30 | 192.168.30.1 | /24 | Passerelle VLAN 30 |
| R1 | Gig0/0 (WAN) | 10.0.17.1 | /30 | Lien WAN |
| R2 | Gig0/0 (WAN) | 10.0.17.2 | /30 | Lien WAN |
| R2 | Gig0/1 | 172.30.17.1 | /25 | Passerelle VLAN 55 |
| PC0 | Fa0 | DHCP → 192.168.10.x | /24 | VLAN 10 |
| PC1 | Fa0 | DHCP → 192.168.20.x | /24 | VLAN 20 |
| PC2 | Fa0 | DHCP → 192.168.30.x | /24 | VLAN 30 |
| PC3 | Fa0 | 172.30.17.x | /25 | VLAN 55 |
03
VLANs
| VLAN | Nom | Usage | Réseau |
|---|---|---|---|
| 10 | User | PC0 | 192.168.10.0/24 |
| 20 | N-U | PC1 | 192.168.20.0/24 |
| 30 | Natif_cfg | PC2 | 192.168.30.0/24 |
| 99 | NATIF | VLAN natif trunk | — |
| 100 | NON_USED | Inutilisé | — |
| 55 | — | PC3 (site R2) | 172.30.17.0/25 |
04
Configurations
R1 — Base + Interfaces + DHCP
! === Configuration de base === hostname R1 no ip domain-lookup enable secret cisco line console 0 password cisco ; login line vty 0 4 password cisco ; login transport input telnet service password-encryption ! === Sous-interfaces VLAN (Router-on-a-stick) === interface Gig0/1 no shutdown interface Gig0/1.10 encapsulation dot1Q 10 ip address 192.168.10.1 255.255.255.0 interface Gig0/1.20 encapsulation dot1Q 20 ip address 192.168.20.1 255.255.255.0 interface Gig0/1.30 encapsulation dot1Q 30 ip address 192.168.30.1 255.255.255.0 interface Gig0/1.99 encapsulation dot1Q 99 native interface Gig0/0 ip address 10.0.17.1 255.255.255.252 no shutdown ! === DHCP === ip dhcp excluded-address 192.168.10.1 192.168.10.10 ip dhcp excluded-address 192.168.20.1 192.168.20.10 ip dhcp excluded-address 192.168.30.1 192.168.30.10 ip dhcp pool VLAN10 network 192.168.10.0 255.255.255.0 default-router 192.168.10.1 dns-server 8.8.8.8 ip dhcp pool VLAN20 network 192.168.20.0 255.255.255.0 default-router 192.168.20.1 dns-server 8.8.8.8 ip dhcp pool VLAN30 network 192.168.30.0 255.255.255.0 default-router 192.168.30.1 dns-server 8.8.8.8 ! === Route statique vers R2 === ip route 172.30.17.0 255.255.255.128 10.0.17.2 do wr
R2 — Site distant
hostname R2 ! ... (même config de base que R1) ... interface Gig0/0 ip address 10.0.17.2 255.255.255.252 no shutdown interface Gig0/1 ip address 172.30.17.1 255.255.255.128 no shutdown ! Route retour vers site R1 ip route 192.168.0.0 255.255.0.0 10.0.17.1 do wr
S1 — VTP Serveur + EtherChannel + STP
hostname S1 ! === VTP Serveur === vtp mode server vtp domain VotreNom vtp password cisco ! === Création des VLANs === vlan 10 ; name User vlan 20 ; name N-U vlan 30 ; name Natif_cfg vlan 99 ; name NATIF vlan 100 ; name NON_USED ! === Trunk vers R1 === interface Fa0/5 switchport mode trunk switchport trunk native vlan 99 ! === EtherChannel Groupe 1 → S2 === interface range Fa0/1-2 switchport mode trunk switchport trunk native vlan 99 channel-group 1 mode active ! === EtherChannel Groupe 2 → S3 === interface range Fa0/3-4 switchport mode trunk switchport trunk native vlan 99 channel-group 2 mode active ! === Spanning Tree === spanning-tree mode rapid-pvst spanning-tree vlan 10,20,30,99 root primary do wr
S2 & S3 — VTP Client + Ports Access
hostname S2 (ou S3) ! === VTP Client === vtp mode client vtp domain VotreNom vtp password cisco ! === EtherChannel vers S1 === interface range Fa0/1-2 switchport mode trunk switchport trunk native vlan 99 channel-group 1 mode active ! === Ports access (S2 uniquement) === interface Fa0/2 switchport mode access switchport access vlan 10 ← PC0 interface Fa0/3 switchport mode access switchport access vlan 20 ← PC1 ! === Port access (S3 uniquement) === interface Fa0/2 switchport mode access switchport access vlan 30 ← PC2 spanning-tree mode rapid-pvst do wr
05
Ordre de configuration recommandé
1
R1 — Routeur principal
Base + WAN + sous-interfaces VLAN + DHCP + route statique vers R2
2
R2 — Routeur site distant
Base + WAN + interface LAN 172.30.17.1 + route statique vers R1
3
S1 — VTP Serveur (switch central)
Base + VLANs + VTP server + Trunk + EtherChannel (groupes 1 & 2) + STP root
4
S2 — VTP Client
Base + VTP client + EtherChannel groupe 1 + ports access VLAN 10 & 20
5
S3 — VTP Client
Base + VTP client + EtherChannel groupe 2 + port access VLAN 30
6
Switch2 (site R2)
Base + trunk vers R2 + port access PC3
7
Vérification finale
DHCP sur tous les PCs → ping inter-VLAN → ping R2 → ping PC3
06
Commandes de vérification
show vtp status
Vérifier VTP mode & domaine
show vlan brief
Vérifier les VLANs créés
show interfaces trunk
Vérifier les trunks actifs
show etherchannel summary
Vérifier les groupes EtherChannel
show spanning-tree
Vérifier S1 = root bridge
show ip dhcp binding
Vérifier les IPs distribuées
show ip route
Vérifier la table de routage
ping 172.30.17.1
Tester R1 → R2