1. Switch 기본 설정
네트워크 장비에 처음 접근하여 기본적인 환경을 설정하는 과정입니다.
Cisco IOS 모드
Cisco 장비는 다음과 같은 주요 설정 모드를 가집니다. 각 모드마다 실행할 수 있는 명령어가 다릅니다.
- 사용자 모드 (User Mode): Router> 프롬프트로 표시되며, 장비의 상태 확인 등 제한적인 작업만 가능합니다.
- 관리자 모드 (Privileged Mode): Router# 프롬프트로 표시되며, enable 명령어로 진입합니다. 장비의 모든 설정을 조회하고 테스트를 수행할 수 있습니다.
- 전역 설정 모드 (Global Configuration Mode): Router(config)# 프롬프트로 표시되며, configure terminal 명령어로 진입합니다. 장비의 전반적인 설정을 변경할 수 있습니다.
- 인터페이스 설정 모드 (Interface Configuration Mode): Router(config-if)# 프롬프트로 표시되며, 특정 인터페이스에 대한 세부 설정을 진행합니다.
주요 기본 명령어
- 호스트 이름 변경
-
Switch(config)# hostname DSW11 - Bash
- 패스워드 설정
- enable password: 패스워드가 암호화되지 않은 채로 저장됩니다.
- enable secret: 패스워드가 암호화되어 저장되며, enable password보다 우선순위가 높습니다.
BashSwitch(config)# enable secret [패스워드] - 설정 저장 및 초기화
- 현재 실행 중인 설정을 부팅 시 사용될 설정으로 영구 저장합니다.
-
Bash
Switch# copy running-config startup-config - 저장된 부팅 설정을 삭제하여 장비를 초기화합니다 (reload 필요).
-
Bash
Switch# erase startup-config Switch# reload
Switch의 VLAN 설정 과정
1. VLAN 생성
Switch > enable
Switch # configure terminal
Switch(config) # vlan VLAN_번호
Switch(config-vlan) # name VLAN_설명
Switch(config-vlan) # exit
2. VLAN에 Port 가입
Switch > enable
Switch # configure terminal
Switch(config) # interface INTERFACE_번호
Switch(config-if) # switchport mode access
Switch(config-if) # switchport access vlan VLAN_번호
Switch(config-if) # exit
3. Inter-VLAN 통신을 위한 Router 설정
Router> enable
Router# configure terminal
Router(config)# interface fa0/0
Router(config-if)# ip address IP주소 SUBNET_MASK
Router(config-if)# no shutdown
Router(config-if)# exit
Router#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.10.0/24 is directly connected, FastEthernet0/0
L 192.168.10.254/32 is directly connected, FastEthernet0/0
192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.20.0/24 is directly connected, FastEthernet0/1
L 192.168.20.254/32 is directly connected, FastEthernet0/1
Switch VLAN Trunk Port 설정
Switch(config) # interface INTERFACE_번호
Switch(config-if)# switchport mode trunk
Switch(config-if)# exit
Router의 Trunk Port 설정
Switch(config) # interface fa0/0
Switch(config-if) # no shutdown
Switch(config-if) # exit
(2) Sub Interface 설정 (VLAN 별)
Switch(config) # interface fa0/0.SUB_INTERFACE_NUM
Switch(config-subif) # encapsulation dot1q VLAN_번호
Switch(config-subif) # ip address IP주소 SUBNET_MASK
Switch(config-subif) # exit
Router#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.10.0/24 is directly connected, FastEthernet0/0.10
L 192.168.10.254/32 is directly connected, FastEthernet0/0.10
192.168.20.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.20.0/24 is directly connected, FastEthernet0/0.20
L 192.168.20.254/32 is directly connected, FastEthernet0/0.20
Routing
Static Routing
Static Routing 구성 단계
1. Interface에 IP 주소 할당
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R1
R1(config)#interface gi0/1
R1(config-if)#ip address 192.168.1.1 255.255.255.0
R1(config-if)#no ip address 192.168.1.1 255.255.255.0
R1(config-if)#ip address 192.168.1.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to up
R1(config-if)#exit
R1(config)#interface gi0/0
R1(config-if)#ip address 10.0.0.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up
R1(config-if)#exit
R1#show ip route
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R2
R2(config)#
R2(config)#interface gi0/1
R2(config-if)#ip address 192.168.2.1 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to up
R2(config-if)#exit
R2(config)#
R2(config)#interface gi0/0
R2(config-if)#ip address 10.0.0.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to up
R2(config-if)#exit
R1#show ip route
2. Static Routing 설정
Router(config) # ip route NETWORK SUBNET_MASK NEXT_HOP_IP
Router(config) # ip route NETWORK SUBNET_MASK INTERFACE
R1(config)#ip route 192.168.2.0 255.255.255.0 10.0.0.2
R2(config)#ip route 192.168.1.0 255.255.255.0 10.0.0.1
3. Routing Table 확인
R1#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.0/24 is directly connected, GigabitEthernet0/0
L 10.0.0.1/32 is directly connected, GigabitEthernet0/0
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, GigabitEthernet0/1
L 192.168.1.1/32 is directly connected, GigabitEthernet0/1
S 192.168.2.0/24 [1/0] via 10.0.0.2
R2#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.0/24 is directly connected, GigabitEthernet0/0
L 10.0.0.2/32 is directly connected, GigabitEthernet0/0
S 192.168.1.0/24 [1/0] via 10.0.0.1
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.2.0/24 is directly connected, GigabitEthernet0/1
L 192.168.2.1/32 is directly connected, GigabitEthernet0/1
Static Routing 2
DCE(Data Communication Equipment)
- Serial 통신 구간에서 Clock을 제공하는 장비
DTE(Data Terminal Equipment)
- Serial 통신 구간에서 Clock을 제공받는 장비
1. Interface에 IP 주소 할당
Router(config)#hostname R1
R1(config)#interface gi0/0
R1(config-if)#ip address 203.230.7.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
[참고] Serial Interface 설정
R1(config)# interface s0/2/0
R1(config-if)# ip address 203.230.7.1 255.255.255.0
R1(config-if)# clock rate CLOCK_RATE
- Router의 Serial Interface가 DCE인 경우에만
R1(config-if)# no shutdown
R1(config-if)# exit
R1(config)# interface s0/2/0
R1(config-if)# ip address 203.230.7.1 255.255.255.0
R1(config-if)# clock rate 64000
R1(config-if)# no shutdown
R1(config-if)# exit
Router(config)#hostname R2
R2(config)#interface gi0/0
R2(config-if)#ip address 203.230.9.1 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#
R2(config)#interface s0/2/1
R2(config-if)#ip address 203.230.8.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#
R2(config)#interface s0/2/0
R2(config-if)#ip address 203.230.10.1 255.255.255.0
R2(config-if)#clock rate 64000
R2(config-if)#no shutdown
R2(config-if)#exit
Router(config)#hostname R3
R3(config)#interface gi0/0
R3(config-if)#ip address 203.230.11.1 255.255.255.0
R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#interface s0/2/1
R3(config-if)#ip address 203.230.10.2 255.255.255.0
R3(config-if)#no shutdown
2. Static Routing 설정
R1(config)#ip route 203.230.9.0 255.255.255.0 203.230.8.2
R1(config)#ip route 203.230.10.0 255.255.255.0 203.230.8.2
R1(config)#ip route 203.230.11.0 255.255.255.0 203.230.8.2
R2(config)#ip route 203.230.7.0 255.255.255.0 203.230.8.1
R2(config)#ip route 203.230.11.0 255.255.255.0 203.230.10.2
R3(config)#ip route 203.230.7.0 255.255.255.0 203.230.10.1
R3(config)#ip route 203.230.8.0 255.255.255.0 203.230.10.1
R3(config)#ip route 203.230.9.0 255.255.255.0 203.230.10.1
3. Routing Table 확인
Default Routing
- Routing Table에서 목적지에 대한 경로를 비교하는 기본 원칙은 Longest Prefix Match
- Stub Network의 경우 접근하고자 하는 모든 외부 네트워크에 대한 Routing Table 구성은 현실적으로 어려움.
- 다른 모든 Routing 경로에 해당하지 않는 경우 패킷을 전달하는 경로를 Default Routing이라고 함.
Router(config)# ip route 0.0.0.0 0.0.0.0 NEXT_HOP_IP
Router(config)# ip route 0.0.0.0 0.0.0.0 INTERFACE
Default Routing으로 변경
R1(config)#no ip route 203.230.9.0 255.255.255.0 203.230.8.2
R1(config)#no ip route 203.230.10.0 255.255.255.0 203.230.8.2
R1(config)#no ip route 203.230.11.0 255.255.255.0 203.230.8.2
R1(config)#ip route 0.0.0.0 0.0.0.0 203.230.8.2
R3(config)#no ip route 203.230.7.0 255.255.255.0 203.230.10.1
R3(config)#no ip route 203.230.8.0 255.255.255.0 203.230.10.1
R3(config)#no ip route 203.230.9.0 255.255.255.0 203.230.10.1
R3(config)#ip route 0.0.0.0 0.0.0.0 203.230.10.1
R1#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is 203.230.8.2 to network 0.0.0.0
203.230.7.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.7.0/24 is directly connected, GigabitEthernet0/0
L 203.230.7.1/32 is directly connected, GigabitEthernet0/0
203.230.8.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.8.0/24 is directly connected, Serial0/2/0
L 203.230.8.1/32 is directly connected, Serial0/2/0
S* 0.0.0.0/0 [1/0] via 203.230.8.2
AD / Metric
R3#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
203.230.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.10.0/24 is directly connected, Serial0/2/1
L 203.230.10.2/32 is directly connected, Serial0/2/1
203.230.11.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.11.0/24 is directly connected, GigabitEthernet0/0
L 203.230.11.1/32 is directly connected, GigabitEthernet0/0
S* 0.0.0.0/0 is directly connected, Serial0/2/1
DCE(Data Communication Equipment)
- Serial 통신 구간에서 Clock을 제공하는 장비
DTE(Data Terminal Equipment)
- Serial 통신 구간에서 Clock을 제공받는 장비
1. Interface에 IP 주소 할당
Router(config)#hostname R1
R1(config)#interface gi0/0
R1(config-if)#ip address 203.230.7.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
[참고] Serial Interface 설정
R1(config)# interface s0/2/0
R1(config-if)# ip address 203.230.7.1 255.255.255.0
R1(config-if)# clock rate CLOCK_RATE
- Router의 Serial Interface가 DCE인 경우에만
R1(config-if)# no shutdown
R1(config-if)# exit
R1(config)# interface s0/2/0
R1(config-if)# ip address 203.230.7.1 255.255.255.0
R1(config-if)# clock rate 64000
R1(config-if)# no shutdown
R1(config-if)# exit
Router(config)#hostname R2
R2(config)#interface gi0/0
R2(config-if)#ip address 203.230.9.1 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#
R2(config)#interface s0/2/1
R2(config-if)#ip address 203.230.8.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#
R2(config)#interface s0/2/0
R2(config-if)#ip address 203.230.10.1 255.255.255.0
R2(config-if)#clock rate 64000
R2(config-if)#no shutdown
R2(config-if)#exit
Router(config)#hostname R3
R3(config)#interface gi0/0
R3(config-if)#ip address 203.230.11.1 255.255.255.0
R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#interface s0/2/1
R3(config-if)#ip address 203.230.10.2 255.255.255.0
R3(config-if)#no shutdown
2. Static Routing 설정
R1(config)#ip route 203.230.9.0 255.255.255.0 203.230.8.2
R1(config)#ip route 203.230.10.0 255.255.255.0 203.230.8.2
R1(config)#ip route 203.230.11.0 255.255.255.0 203.230.8.2
R2(config)#ip route 203.230.7.0 255.255.255.0 203.230.8.1
R2(config)#ip route 203.230.11.0 255.255.255.0 203.230.10.2
R3(config)#ip route 203.230.7.0 255.255.255.0 203.230.10.1
R3(config)#ip route 203.230.8.0 255.255.255.0 203.230.10.1
R3(config)#ip route 203.230.9.0 255.255.255.0 203.230.10.1
3. Routing Table 확인
Default Routing
- Routing Table에서 목적지에 대한 경로를 비교하는 기본 원칙은 Longest Prefix Match
- Stub Network의 경우 접근하고자 하는 모든 외부 네트워크에 대한 Routing Table 구성은 현실적으로 어려움.
- 다른 모든 Routing 경로에 해당하지 않는 경우 패킷을 전달하는 경로를 Default Routing이라고 함.
Router(config)# ip route 0.0.0.0 0.0.0.0 NEXT_HOP_IP
Router(config)# ip route 0.0.0.0 0.0.0.0 INTERFACE
Default Routing으로 변경
R1(config)#no ip route 203.230.9.0 255.255.255.0 203.230.8.2
R1(config)#no ip route 203.230.10.0 255.255.255.0 203.230.8.2
R1(config)#no ip route 203.230.11.0 255.255.255.0 203.230.8.2
R1(config)#ip route 0.0.0.0 0.0.0.0 203.230.8.2
R3(config)#no ip route 203.230.7.0 255.255.255.0 203.230.10.1
R3(config)#no ip route 203.230.8.0 255.255.255.0 203.230.10.1
R3(config)#no ip route 203.230.9.0 255.255.255.0 203.230.10.1
R3(config)#ip route 0.0.0.0 0.0.0.0 203.230.10.1
R1#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is 203.230.8.2 to network 0.0.0.0
203.230.7.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.7.0/24 is directly connected, GigabitEthernet0/0
L 203.230.7.1/32 is directly connected, GigabitEthernet0/0
203.230.8.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.8.0/24 is directly connected, Serial0/2/0
L 203.230.8.1/32 is directly connected, Serial0/2/0
S* 0.0.0.0/0 [1/0] via 203.230.8.2
AD / Metric
R3#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
203.230.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.10.0/24 is directly connected, Serial0/2/1
L 203.230.10.2/32 is directly connected, Serial0/2/1
203.230.11.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.11.0/24 is directly connected, GigabitEthernet0/0
L 203.230.11.1/32 is directly connected, GigabitEthernet0/0
S* 0.0.0.0/0 is directly connected, Serial0/2/1
Distance Vector 실습 - RIP
RIP Routing Protocol 구성 단계
1. Interface에 IP Address 할당
R1(config)#interface gi0/0
R1(config-if)#ip address 203.230.7.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface s0/2/0
R1(config-if)#ip address 203.230.10.2 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface s0/2/1
R1(config-if)#ip address 203.230.11.2 255.255.255.0
R1(config-if)#clock rate 72000
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#exit
R2(config)#interface gi0/0
R2(config-if)#ip address 203.230.9.1 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface s0/2/0
R2(config-if)#ip address 203.230.10.1 255.255.255.0
R2(config-if)#clock rate 72000
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface s0/2/1
R2(config-if)#ip address 203.230.12.1 255.255.255.0
R2(config-if)#clock rate 72000
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#exit
R3(config)#interface gi0/0
R3(config-if)#ip address 203.230.8.1 255.255.255.0
R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#interface s0/2/0
R3(config-if)#ip address 203.230.11.1 255.255.255.0
R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#interface s0/2/1
R3(config-if)#ip address 203.230.12.2 255.255.255.0
R3(config-if)#no shutdown
R3(config-if)#exit
2. RIP Routing을 구성할 Router가 관리하는 모든 네트워크를 선언
Router(config)# router rip
Router(config-router)# network NETWORK
Router(config-router)# network NETWORK
Router(config-router)# exit
R1(config)#router rip
R1(config-router)#network 203.230.7.0
R1(config-router)#network 203.230.10.0
R1(config-router)#network 203.230.11.0
R1(config-router)#exit
R2(config)#router rip
R2(config-router)#network 203.230.9.0
R2(config-router)#network 203.230.10.0
R2(config-router)#network 203.230.12.0
R2(config-router)#end
R3(config)#router rip
R3(config-router)#network 203.230.8.0
R3(config-router)#network 203.230.11.0
R3(config-router)#network 203.230.12.0
R3(config-router)#end
3. Routing Table 확인
R1#show ip route
Gateway of last resort is not set
203.230.7.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.7.0/24 is directly connected, GigabitEthernet0/0
L 203.230.7.1/32 is directly connected, GigabitEthernet0/0
R 203.230.8.0/24 [120/1] via 203.230.11.1, 00:00:16, Serial0/2/1
R 203.230.9.0/24 [120/1] via 203.230.10.1, 00:00:26, Serial0/2/0
203.230.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.10.0/24 is directly connected, Serial0/2/0
L 203.230.10.2/32 is directly connected, Serial0/2/0
203.230.11.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.11.0/24 is directly connected, Serial0/2/1
L 203.230.11.2/32 is directly connected, Serial0/2/1
R 203.230.12.0/24 [120/1] via 203.230.10.1, 00:00:26, Serial0/2/0
[120/1] via 203.230.11.1, 00:00:16, Serial0/2/1
R2# show ip route
Gateway of last resort is not set
R 203.230.7.0/24 [120/1] via 203.230.10.2, 00:00:08, Serial0/2/0
R 203.230.8.0/24 [120/1] via 203.230.12.2, 00:00:00, Serial0/2/1
203.230.9.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.9.0/24 is directly connected, GigabitEthernet0/0
L 203.230.9.1/32 is directly connected, GigabitEthernet0/0
203.230.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.10.0/24 is directly connected, Serial0/2/0
L 203.230.10.1/32 is directly connected, Serial0/2/0
R 203.230.11.0/24 [120/1] via 203.230.10.2, 00:00:08, Serial0/2/0
[120/1] via 203.230.12.2, 00:00:00, Serial0/2/1
203.230.12.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.12.0/24 is directly connected, Serial0/2/1
L 203.230.12.1/32 is directly connected, Serial0/2/1
R3# show ip route
Gateway of last resort is not set
R 203.230.7.0/24 [120/1] via 203.230.11.2, 00:00:18, Serial0/2/0
203.230.8.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.8.0/24 is directly connected, GigabitEthernet0/0
L 203.230.8.1/32 is directly connected, GigabitEthernet0/0
R 203.230.9.0/24 [120/1] via 203.230.12.1, 00:00:16, Serial0/2/1
R 203.230.10.0/24 [120/1] via 203.230.11.2, 00:00:18, Serial0/2/0
[120/1] via 203.230.12.1, 00:00:16, Serial0/2/1
203.230.11.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.11.0/24 is directly connected, Serial0/2/0
L 203.230.11.1/32 is directly connected, Serial0/2/0
203.230.12.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.12.0/24 is directly connected, Serial0/2/1
L 203.230.12.2/32 is directly connected, Serial0/2/1
RIP은 기본적으로 RIPv1으로 동작하며 Classless Routing이 필요한 경우 RIPv2로 구성해야 함.
추가 명령어
(config-router)# version 2
(config-router)# no auto-summary
Link State Routing Protocol - OSPF
OSPF Routing Protocol 구성 단계
1. Interface에 IP Address 할당
(Router ID 설정을 위한 Loopback 0 Interface 설정)
R1(config)#interface loopback 0
R1(config-if)#ip address 1.1.1.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface gi0/0
R1(config-if)#ip address 203.230.7.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface s0/2/0
R1(config-if)#ip address 203.230.10.2 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface s0/2/1
R1(config-if)#ip address 203.230.11.2 255.255.255.0
R1(config-if)#clock rate 72000
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#exit
(Router ID 설정을 위한 Loopback 0 Interface 설정)
R2(config)#interface loopback 0
R2(config-if)#ip address 2.2.2.2 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface gi0/0
R2(config-if)#ip address 203.230.9.1 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface s0/2/0
R2(config-if)#ip address 203.230.10.1 255.255.255.0
R2(config-if)#clock rate 72000
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface s0/2/1
R2(config-if)#ip address 203.230.12.1 255.255.255.0
R2(config-if)#clock rate 72000
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#exit
(Router ID 설정을 위한 Loopback 0 Interface 설정)
R3(config)#interface loopback 0
R3(config-if)#ip address 3.3.3.3 255.255.255.0
R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#interface gi0/0
R3(config-if)#ip address 203.230.8.1 255.255.255.0
R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#interface s0/2/0
R3(config-if)#ip address 203.230.11.1 255.255.255.0
R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#interface s0/2/1
R3(config-if)#ip address 203.230.12.2 255.255.255.0
R3(config-if)#no shutdown
R3(config-if)#exit
2. OSPF Routing을 구성할 Router가 관리하는 모든 네트워크를 선언
Router(config)# router ospf PROCESS_ID
Router(config-router)# router-id ROUTER_ID_IP_주소
Router(config-router)# network NETWORK WILDCARD_MASK area AREA_NUM
Router(config-router)# network NETWORK WILDCARD_MASK area AREA_NUM
Router(config-router)# exit
R1(config)#router ospf 1
R1(config-router)#router-id 1.1.1.1
R1(config-router)#network 203.230.7.0 0.0.0.255 area 0
R1(config-router)#network 203.230.10.0 0.0.0.255 area 0
R1(config-router)#network 203.230.11.0 0.0.0.255 area 0
R1(config-router)#exit
R2(config)#router ospf 1
R2(config-router)#router-id 2.2.2.2
R2(config-router)#network 203.230.9.0 0.0.0.255 area 0
R2(config-router)#network 203.230.10.0 0.0.0.255 area 0
R2(config-router)#network 203.230.12.0 0.0.0.255 area 0
R2(config-router)#end
R3(config)# router ospf 1
R3(config-router)#router-id 3.3.3.3
R3(config-router)#network 203.230.8.0 0.0.0.255 area 0
R3(config-router)#network 203.230.11.0 0.0.0.255 area 0
R3(config-router)#network 203.230.12.0 0.0.0.255 area 0
R3(config-router)#end
3. Routing Table 확인
R1#show ip route
Gateway of last resort is not set
1.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 1.1.1.0/24 is directly connected, Loopback0
L 1.1.1.1/32 is directly connected, Loopback0
203.230.7.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.7.0/24 is directly connected, GigabitEthernet0/0
L 203.230.7.1/32 is directly connected, GigabitEthernet0/0
O 203.230.8.0/24 [110/65] via 203.230.11.1, 00:02:09, Serial0/2/1
O 203.230.9.0/24 [110/65] via 203.230.10.1, 00:03:08, Serial0/2/0
203.230.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.10.0/24 is directly connected, Serial0/2/0
L 203.230.10.2/32 is directly connected, Serial0/2/0
203.230.11.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.11.0/24 is directly connected, Serial0/2/1
L 203.230.11.2/32 is directly connected, Serial0/2/1
O 203.230.12.0/24 [110/128] via 203.230.10.1, 00:01:47, Serial0/2/0
[110/128] via 203.230.11.1, 00:01:47, Serial0/2/1
R2# show ip route
Gateway of last resort is not set
2.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 2.2.2.0/24 is directly connected, Loopback0
L 2.2.2.2/32 is directly connected, Loopback0
O 203.230.7.0/24 [110/65] via 203.230.10.2, 00:03:23, Serial0/2/0
O 203.230.8.0/24 [110/65] via 203.230.12.2, 00:02:07, Serial0/2/1
203.230.9.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.9.0/24 is directly connected, GigabitEthernet0/0
L 203.230.9.1/32 is directly connected, GigabitEthernet0/0
203.230.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.10.0/24 is directly connected, Serial0/2/0
L 203.230.10.1/32 is directly connected, Serial0/2/0
O 203.230.11.0/24 [110/128] via 203.230.10.2, 00:02:07, Serial0/2/0
[110/128] via 203.230.12.2, 00:02:07, Serial0/2/1
203.230.12.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.12.0/24 is directly connected, Serial0/2/1
L 203.230.12.1/32 is directly connected, Serial0/2/1
R3# show ip route
Gateway of last resort is not set
3.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 3.3.3.0/24 is directly connected, Loopback0
L 3.3.3.3/32 is directly connected, Loopback0
O 203.230.7.0/24 [110/65] via 203.230.11.2, 00:02:17, Serial0/2/0
203.230.8.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.8.0/24 is directly connected, GigabitEthernet0/0
L 203.230.8.1/32 is directly connected, GigabitEthernet0/0
O 203.230.9.0/24 [110/65] via 203.230.12.1, 00:01:58, Serial0/2/1
O 203.230.10.0/24 [110/128] via 203.230.11.2, 00:01:58, Serial0/2/0
[110/128] via 203.230.12.1, 00:01:58, Serial0/2/1
203.230.11.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.11.0/24 is directly connected, Serial0/2/0
L 203.230.11.1/32 is directly connected, Serial0/2/0
203.230.12.0/24 is variably subnetted, 2 subnets, 2 masks
C 203.230.12.0/24 is directly connected, Serial0/2/1
L 203.230.12.2/32 is directly connected, Serial0/2/1
Etherchannel 구성 방법
Switch(config) # interface range FastEthernet 0/X-FastEthernet0/Y
Switch(config-if-range) # channel-group GROUP_NUM mode MODE
Switch(config-if-range) # channel-protocol PROTOCOL
Switch(config-if-range) # exit
Etherchannel 구성 Protocol 및 모드
PAgP
- auto : Enable PAgP if a PAgP Device is detected
- 소극적 대기
- desirable : Enable PAgP unconditionally
- PAgP 구성에 대해 적극적 협상
LACP
- active : Enable LACP unconditionally
- LACP 구성에 대해 적극적 협상
- passive : Enable LACP only if a LACP Device is detected
- 소극적 대기
Etherchannel 구성 실습1
Switch>enable
Switch#configure terminal
Switch(config)#hostname DSW11
DSW11(config)#interface range fa0/21-fa0/24
DSW11(config-if-range)#channel-group 1 mode active
DSW11(config-if-range)#switchport mode access
DSW11(config-if-range)#switchport access vlan 1
DSW11(config-if-range)#exit
Switch>enable
Switch#configure terminal
Switch(config)#hostname CORE11
CORE11(config)#interface range fa0/21-fa0/24
CORE11(config-if-range)#channel-protocol lacp
CORE11(config-if-range)#channel-group 1 mode active
CORE11(config-if-range)#switchport mode access
CORE11(config-if-range)#switchport access vlan 1
CORE11(config-if-range)#exit
Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname DSW12
DSW12(config)#interface range fa0/17-fa0/20
DSW12(config-if-range)#channel-group 2 mode active
DSW12(config-if-range)#switchport trunk encapsulation dot1q
DSW12(config-if-range)#switchport mode trunk
DSW12(config-if-range)#exit
CORE11(config)#interface range fa0/17-fa0/20
CORE11(config-if-range)#channel-protocol lacp
CORE11(config-if-range)#channel-group 2 mode active
CORE11(config-if-range)#switchport trunk encapsulation dot1q
CORE11(config-if-range)#switchport mode trunk
CORE11(config-if-range)#exit
Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname DSW13
DSW13(config)#interface range fa0/13-fa0/16
DSW13(config-if-range)#no switchport
DSW13(config-if-range)#no ip address
DSW13(config-if-range)#duplex auto
DSW13(config-if-range)#speed auto
DSW13(config-if-range)#channel-group 3 mode active
DSW13(config-if-range)#exit
DSW13(config)#interface Port-channel 3
DSW13(config-if)#no switchport
DSW13(config-if)#ip address 192.168.3.2 255.255.255.0
DSW13(config-if)#exit
CORE11(config)#interface range fa0/13-fa0/16
CORE11(config-if-range)#no switchport
CORE11(config-if-range)#no ip address
CORE11(config-if-range)#duplex auto
CORE11(config-if-range)#speed auto
CORE11(config-if-range)#channel-group 3 mode active
CORE11(config-if-range)#exit
CORE11(config)#interface Port-channel 3
CORE11(config-if)#no switchport
CORE11(config-if)#ip address 192.168.3.1 255.255.255.0
CORE11(config-if)#exit
Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname DSW14
DSW14(config)#interface range fa0/9-fa0/12
DSW14(config-if-range)#channel-group 4 mode active
DSW14(config-if-range)#switchport mode access
DSW14(config-if-range)#switchport access vlan 1
DSW14(config-if-range)#exit
DSW14(config)#interface vlan 1
DSW14(config-if)#ip address 192.168.4.2 255.255.255.0
DSW14(config-if)#no shutdown
DSW14(config-if)#exit
CORE11(config)#interface range fa0/9-fa0/12
CORE11(config-if-range)#channel-group 4 mode active
CORE11(config-if-range)#switchport mode access
CORE11(config-if-range)#switchport access vlan 1
CORE11(config-if-range)#exit
CORE11(config)#interface vlan 1
CORE11(config-if)#ip address 192.168.4.1 255.255.255.0
CORE11(config-if)#no shutdown
CORE11(config-if)#exit
Etherchannel 구성 확인
각 Switch에서 다음 명령어 실행
SW#show etherchannel summary
게이트웨이 이중화
FHRP(First Hop Redundancy Protocol)
- 2개 이상의 Gateway가 가상의 IP 주소로 하나의 장비처럼 동작하도록 하는 프로토콜
FHRP 프로토콜의 종류
- HSRP(Hot Standby Router Protocol) : Cisco에서 만든 게이트웨이 이중화 프로토콜
- VRRP(Virtual Router Redundancy Protocol) : IEEE 표준 게이트웨이 이중화 프로토콜
- GLBP(Gateway Load Balancing Protocol) : 백업 게이트웨이 구성이 아닌 게이트웨이 로드밸런싱 프로토콜
게이트웨이 이중화 프로토콜 구성 실습
HSRP
1. Router의 Interface에 IP 주소 할당
1-1. Routing 구성
2. HSRP 구성
Router(config)# interface INTERFACE
Router(config-if)# standby ID ip X.X.X.X
Router(config-if)# standby ID priority PRIORITY
Router(config-if)# standby ID preempt
Router(config-if)# standby ID track EXTERNAL_INTERFACE
R1(config)#interface fa0/0
R1(config-if)#standby 1 ip 192.168.1.1
R1(config-if)#standby 1 priority 105
R1(config-if)#standby 1 preempt
R1(config-if)#standby 1 track fa0/1
R2(config)#interface fa0/0
R2(config-if)#standby 1 ip 192.168.1.1
R2(config-if)#standby 1 priority 100
R2(config-if)#standby 1 preempt
R2(config-if)#standby 1 track fa0/1
R2(config-if)#exit
R1(config)#ip route 192.168.3.0 255.255.255.0 192.168.2.1
R2(config)#ip route 192.168.3.0 255.255.255.0 192.168.2.1
R0(config)#ip route 192.168.1.0 255.255.255.0 192.168.2.2
R0(config)#ip route 192.168.1.0 255.255.255.0 192.168.2.3
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R1
R1(config)#interface fa0/0
R1(config-if)#ip address 192.168.1.2 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#
R1(config)#interface fa0/1
R1(config-if)#ip address 192.168.2.2 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R2
R2(config)#interface fa0/0
R2(config-if)#ip address 192.168.1.3 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface fa0/1
R2(config-if)#ip address 192.168.2.3 255.255.255.0
R2(config-if)#no shutdown
R2(config-if)#exit
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R0
R0(config)#interface fa0/0
R0(config-if)#ip address 192.168.3.1 255.255.255.0
R0(config-if)#no shutdown
R0(config-if)#exit
R0(config)#interface fa0/1
R0(config-if)#ip address 192.168.2.1 255.255.255.0
R0(config-if)#no shutdown
R0(config-if)#exit
'2025 Security engineer Bootcamp > 2. 네트워크 개요' 카테고리의 다른 글
| 네트워크 개요(2) (0) | 2025.09.24 |
|---|---|
| 네트워크 개요 (0) | 2025.09.20 |