Hello, my name is Tyler McMinn with Aruba networks, and this is Networking Essentials part three. We are following up from the last video discussion on network design, where we're going to actually get into building our labs up. We have a quick review on how we actually connect to our gear and then we're going to be jumping in and rebuilding what we did in part two over about a dozen different videos, we're going to do in just two short quick steps where we'll build out the switching piece in the first video then in the second portion will add the routing or the IP addressing and test our reachability. If you remember at the end part two, we proposed a problem that would occur if you had PC1 in one VLAN and PC4 in another, and we'd never quite solved that, but that's what we're going to be doing in this part. Without further ado, let's jump on in and take a look. Let's get into the actual lab demonstration where we're going to configure the switch with factory resets, shutdown unused ports, bring out the ones we're going to use, configure a IP address so we can actually ping or SSH to the switch if we'd like to, and validate our ports statistics. We're not as concerned about the addressing nor the ports statistics, we really just want to get this running in the lab environment so we're going do that quickly. The second part of this will be to configure the PCs, PC1 and PC3 here, so PC1 bridged over to PC3 and as long as we're in the same VLAN and they share the same subnet in their addressing, we should see that they're actually pinging each other. In the next video, we'll go through adding PC4 and actually connecting Access-2. But for this one, we just want to take this first step to validate that the switch is up and running on Access-1 and that we can reach between PC1 and PC3, test our pings there. If you remember that took a few videos in our part two series, in this series, we're going to move a little bit faster. Let's jump in to the actual lab, you can see I've got Access-1 here, I've removed the redundant link so we just have a single link between the switches, again, not good for production but fine for a lab when we're just playing around and we've got Access-1 up and running here, I believe. Let's take a look at that guy, yeah, here's Access-1, I'm going to go ahead and log in and It looks like the host name is still on there, so there are few things I need to remove here. Says it will take time to process, but that wasn't very much time at all. You can see my host name has gone, "Show interphase brief." All of my ports are access ports, they're all administratively down, which is not really factory for a 6,000 series, those would all be up but that's okay, we'll repeat that stuff anyway. "Show IP interface brief" and I have no link aggregation, I have no IP addressing and if I show spanning-tree, that should be enabled and it is. I would say that's probably good enough, the only difference on a 6,000 series is that all of my interfaces, 1/1/1 through 1/1/9 would be enabled by default. This is what it would look like at factory. The very first thing we're going to do is go in and validate that indeed, show interphase brief, everything is back at basics here, we would want to go through and shutdown the ports that we're not going to use. Meanwhile, the ports that were all of the interfaces for security reasons and then enable the interfaces that we want to actually run. With that example, it was not great because it was only shutting down the first six let's shutdown all of the interfaces, 1/1/1 through 1/1/9 do a simple shutdown and then the ports I'm going to use, let's check out the diagram here, we're going to be using port one, port three, and port two on this access switch. How can I represent those interfaces? Well, I can actually just do arrange command because they happen all be in a row, but if they didn't, I could use a comma and then arrange if I wanted to, I could do all sort of stuff. Let's do a, "No shutdown" to bring those up and then, how do we validate interface brief? There you go, ports one, two, and three, ports one and three face my PC, one and three and port two right here in the middle is going to be my cross connection to Access-2. Looking pretty good. Yeah, validate that. That is indeed what we got and then we can go in and assign a management IP address just to make sure we can ping. They're using 101 in this one sure, let's go with that, that sounds great, so configure. Actually I'm using 101 in this one. Again, we don't have to put configure terminal, you just put configure in there. We're going under the only VLAN interface that I have, so show VLANs here, I just have VLAN 1, I don't have any of the other ones yet so we go under interface VLAN 1 and simply put in the address that we want to use, and we're using the 192.168 in this example, so 192.168.1.101/24. It should be up already, in fact, you can see it is actually up and running but if it wasn't, I could do a no shutdown just to make sure. Yeah, now we have an address assigned, "Show IP interface brief" to validate. With the IP command, you get to see the layer three, without the IP command, you would just see, "Show interface brief," you would just see the layer one, layer two information. IP in your commands tends to bolster a layer three view. That was adding up the edge and access ports. Let's throw on the VLANs and then we'll assign those to port one and port three as well as set a trunk link on port two. The first thing I want to do is create VLAN 20 and 90. We can name them if we like. We don't have to in this example. But you can create all your VLANs in one single command or with a dash, you could create a range of VLANs. They're now created. I'm not going to bother naming them, that would just add a description, which is fine if you wanted to do that. We can validate, show VLAN that now 20 and 29 are created but not assigned to a port. The next step is, I want to assign them individually, 99 to PC-1, 20 to PC-3. Now, doing this is going to break my pings between those guys. Right now, they're both in VLAN 1. Theoretically, if they were in the same subnet, they'd be able to ping each other. This would actually break it. But I like the idea of assigning VLAN 99. What we can do is put in VLAN 99, assign our address. We're going to use 170.16.99.1 for PC-1. Then on interface 1/1/3, we'll move that over to VLAN 99 as well. Let's just cut to the chase and just do that now. How do I assign VLAN 99 to ports 1 and 3? I go under interfaces 1/1/1 and I can do 1/1/3 at the same time. It's a VLAN access command to pop them into whatever VLAN. Under VLAN 99, they now have their assignment. They are up and running show interface brief. With that show interphase brief command, I can also see that they are access ports for VLAN 99. They're looking pretty good. The only thing I need to do now is just really assign IP addresses to those guys. Let's do that as well. Back to the lab diagram. Let's open up these Linux machines. On windows, I've showed several times how you would go in and change the address in windows. That's a good one to review, and some of those prior videos. I'm just going to simply put in the address that I want to use. PC-1 will be 99.1, PC-3, we're going to make 99.3. Press "Enter" there, checks for duplicates. While that's doing that, we'll put in the second one. Check for duplicates, and then just to show IP to validate that yes indeed it is 99.1, and this is 99.3. Not the same subnet as the switch, because the switch is under VLAN 1 for its out-of-band or it's in-band management address. Generally using VLAN 1 is not a great idea, but that's okay. At least you saw how to put an address on there. That's fine for now. I guess the million dollar question is, can they ping each other? Well, let's give it a shot. 172.16.99.3 from PC-1, that's going to send a ping in this VLAN 99, it'll actually send it untagged without any VLAN, and then the switch will ping it within VLAN 99 to another connected port in VLAN 99. It'll strip away the VLAN tag. Not really used one at all and forwarded along, but it only goes in VLAN 99. So it's not going to cross over this VLAN 1. Assign port on port 2. We're going to need to take care of that in just a minute. But the results should be a successful ping. In fact, we are seeing those pings take place. We could go to the switch to a show interface status and validate that we're seeing traffic go across. We could do a show MAC address table on the switch as well and see that we've now learned our MAC addresses for these two devices. Pretty cool. In fact, we've even picked up a MAC address from something else on VLAN one across that trunk link. But it's not actually a trunk link. If I do a show interface trunk, we don't have any trunks yet. It's an empty table. That brings us to the next part is I need to add VLAN 99 to that trunk, or to VLAN or to interface 1/1/2. How do I do that? Well, I have VLAN 99, it's ready to go, but it's not on port 2. Port 2 is still part of the default VLAN 1. There's port 2 right there, 1/1/2. Let's go under interface 1/1/2 and let's change that using a VLAN command and instead of VLAN access as an option there, I'm going to do VLAN trunk. So VLAN trunk, and then what are my options? Rush to MAC again. I can show what VLANs are allowed. I could change the native VLAN to be VLAN 99. Let's do both. Let's allow all or we could say VLANs 1, 20, and 99. Let's make the native VLAN 99 just for extra little, for the sake of doing it. When I do a show interface trunk here, you can see that it's now fully configured with 99 being the native and all my other VLANs being allowed. At this point, I'm good to go. Can I ping PC-4? Well, it depends, if Access-1 was fully restored or reset, then no, because only VLAN 1 is going to be accepted on this Access-2 interface. That ping should still fail, but we did get the addressing in place. We validated that we can ping between PC-1 and PC-3 and we set up our trunk link going across here. The next portion will be to define the trunking on the other side on Access-2, create VLANs 20, 99, set up the trunk link, update the address on PC-4, and then we can validate if we're able to ping from PC-1 to PC-4. The rub here is that PC-4 is going to be in VLAN 20 rather than VLAN 99, which is what we've been using on PC-1 and PC-3. So we're still missing something here at the end of the day. But that's good for now. Thank you for your time on this. The next video, we'll go ahead and continue on with the lab and pick it up from there.
