MikroTik Training Module Understanding VLAN Translation/Rewrites using Switches and Routers

Similar documents

Understanding VLAN Translation/Rewrites using Switches and Routers

Network Architecture Validated designs utilizing MikroTik in the Data Center

GregSowell.com. Mikrotik Basics

MIKROTIK NETWORK SIMULATOR

VLAN in MikroTik. By Mohammed Khomeini Bin ABU MUM Indonesia, 2013

Quality of Service in wireless Point-to-Point Links

Introduction. What is a Remote Console? What is the Server Service? A Remote Control Enabled (RCE) Console

Lab Diagramming Intranet Traffic Flows

FSM73xx GSM73xx GMS72xxR Shared access to the Internet across Multiple routing VLANs using a Prosafe Firewall

BGP as an IGP for Carrier/Enterprise Networks

Create Virtual AP for Network Campus with Mikrotik

WISP 101. The DO s and DON T s of becoming a Wireless ISP

1 Basic Configuration of Cisco 2600 Router. Basic Configuration Cisco 2600 Router

VLANs. Application Note

estadium Project Lab 8: Wireless Mesh Network Setup with DD WRT

Installation of the On Site Server (OSS)

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches

MikroTik Certified Network Associate (MTCNA) Training outline

JOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT. Test Code: 4514 Version: 01

High Availability on MikroTik RouterOS

WLAN Outdoor CPE For 2.4G. Quick Installation Guide

Lab - Using IOS CLI with Switch MAC Address Tables

STANDARD OPERATING PROCEDURE. For. MIKROTIK ROUTERBOARD RB1100AH (For ADSL)

Technical Note. Monitoring Ethernet Traffic with Tolomatic ACS & Managed Switch. Contents

SSVP SIP School VoIP Professional Certification

Lab Organizing CCENT Objectives by OSI Layer

Packet Tracer - Subnetting Scenario 1 (Instructor Version)

Building Effective Firewalls with MikroTik P R E S E N T E D B Y: R I C K F R E Y, N E T W O R K E N G I N E E R I P A R C H I T E C H S O P E R AT I

How To Connect Xbox 360 Game Consoles to the Router by Ethernet cable (RJ45)?

Access Point Configuration

Local Area Networking technologies Unit number: 26 Level: 5 Credit value: 15 Guided learning hours: 60 Unit reference number: L/601/1547

Lab Configuring the PIX Firewall as a DHCP Server

CCNA Discovery Networking for Homes and Small Businesses Student Packet Tracer Lab Manual

Lab Developing ACLs to Implement Firewall Rule Sets

UTM10 in multi-ssid, multi-vlan network with WMS5316. Network diagram

NETE-4635 Computer Network Analysis and Design. Designing a Network Topology. NETE Computer Network Analysis and Design Slide 1

Management Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version Rev.

How to Set Up a Wireless Network. How to configure a wireless network for a computer science programming contest using PC 2

Quick Note 53. Ethernet to W-WAN failover with logical Ethernet interface.

How To Understand and Configure Your Network for IntraVUE

Layer 2 / Layer 3 switches and multi-ssid multi-vlan network with traffic separation

Networking and High Availability

IT 3202 Internet Working (New)

Top-Down Network Design

Internetworking Microsoft TCP/IP on Microsoft Windows NT 4.0

GregSowell.com. Mikrotik Security

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

RAP Installation - Updated

Best Practices: Pass-Through w/bypass (Bridge Mode)

Packet Tracer - Connecting a Wired and Wireless LAN Topology

Bandwidth-based load-balancing with failover. The easy way. We need more bandwidth.

9 Simple steps to secure your Wi-Fi Network.

CAPsMAN Case Study. Uldis Cernevskis MikroTik, Latvia. MUM Pittsburgh September 2014

IT-AD08: ADD ON DIPLOMA IN COMPUTER NETWORK DESIGN AND INSTALLATION

Lab Configuring Access Policies and DMZ Settings

Implementation IPV6 in Mikrotik RouterOS. by Teddy Yuliswar

TE100-P21/TEW-P21G Windows 7 Installation Instruction

Layer 3 Network + Dedicated Internet Connectivity

Computer Networking. Definitions. Introduction

Implementation of Virtual Local Area Network using network simulator

Knowledgebase Solution

VLAN Workshop. Presenter: Paul Eriksson. VLAN Workshop 2009 RoamingNet Sweden ( 1

Connect the Host to attach to Fast Ethernet switch port Fa0/2. Configure the host as shown in the topology diagram above.

MFC6490CW Windows Network Connection Repair Instructions

SolarWinds Certified Professional. Exam Preparation Guide

IP Addressing and Subnetting. 2002, Cisco Systems, Inc. All rights reserved.

Design and Implementation Guide. Apple iphone Compatibility

TRILL for Data Center Networks

SSVVP SIP School VVoIP Professional Certification

Firewall VPN Router. Quick Installation Guide M73-APO09-380

How To Set Up Isonas Crystal Matrix On A Pc Or Mac Or Ipa (For A Mac) On A Network With A Network Switch (For An Ipa) On An Ip Address) On Your Ipa Or Ip Address On

Multi-Homing Dual WAN Firewall Router

Welcome to Todd Lammle s CCNA Bootcamp

Device Interface IP Address Subnet Mask Default Gateway

AP6511 First Time Configuration Procedure

Networking and High Availability

Lab - Using Wireshark to View Network Traffic

Skills Assessment Student Training Exam

Vocia MS-1 Network Considerations for VoIP. Vocia MS-1 and Network Port Configuration. VoIP Network Switch. Control Network Switch

Topic 7 DHCP and NAT. Networking BAsics.

This techno knowledge paper can help you if: You need to setup a WAN connection between a Patton Router and a NetGuardian.

Load Balancing ContentKeeper With RadWare

Lab Configure IOS Firewall IDS

Chapter 4 Customizing Your Network Settings

Advanced Higher Computing. Computer Networks. Homework Sheets

GS700TS FS700TS Access to the Internet on multiple VLANS using Multi- Homing

Network Setup Guide. 1 Glossary. 2 Operation. 1.1 Static IP. 1.2 Point-to-Point Protocol over Ethernet (PPPoE)

CS 326e F2002 Lab 1. Basic Network Setup & Ethereal Time: 2 hrs

How To Load Balance On A Libl Card On A S7503E With A Network Switch On A Server On A Network With A Pnet 2.5V2.5 (Vlan) On A Pbnet 2 (Vnet

PC/POLL SYSTEMS Version 7 Polling SPS2000 Cash Register TCP/IP Communications

How To Set up and Configure the WNA-100 Wireless Network Adapter

Quick Installation Guide

Introduction about cisco company and its products (network devices) Tell about cisco offered courses and its salary benefits (ccna ccnp ccie )

OVERLAYING VIRTUALIZED LAYER 2 NETWORKS OVER LAYER 3 NETWORKS

Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0

Networking 4 Voice and Video over IP (VVoIP)

Integrating a Hitachi IP5000 Wireless IP Phone

Burning Bridges - Routing Your Bridged WISP Network With MikroTik

FAQs: MATRIX NAVAN CNX200. Q: How to configure port triggering?

Transcription:

1-855-MIKROTIK MikroTik Training Module Understanding VLAN Translation/Rewrites using Switches and Routers P R E S E N T E D B Y : KEVIN MYERS, NETWORK ARCHITECT / MANAGING PARTNER MTCINE #1409 I P A R C H I T E C H S M A N A G E D S E R V I C E S

Instructor Background Kevin Myers, Network Architect 17 + years in IT, Network Architecture and Engineering Areas of Design Focus: MikroTik integration with large multi-vendor networks Design of BGP/MPLS/OSPF Service Provider Triple-Play networks Design of large enterprise Data Center networks Certifications MTCINE #1409 Certified CCNP, CCNA, MCP, MTCRE, MTCTCE, MTCNA

MikroTik Training VLAN Translation/Rewrites Objectives Student will learn what a VLAN Translation is and the different use cases Student will learn the different implementation types for VLAN rewrites in RouterOS Student will successfully complete an implementation lab that uses VLAN translations in a Router and CRS switch. Lab Tasks Configure a VLAN translation between two VLANs in a CRS switch / RouterBoard and successfully ping between two laptops.

MikroTik Training VLAN Translation/Rewrites What is VLAN Translation? VLAN Translation (or rewrite) involves replacing one ingress tag with another and vice-versa on egress. Example: Data Center 1 (NYC, NY, USA) needs to extend Vlan 101 for web Servers on 10.1.1.0/24 to the Denver, CO DC Data Center 2 (Denver, CO, USA) uses Vlan 101 for storage replication on 192.168.222.0/24 VLAN 101-10.1.1.0/24 from NYC must be rewritten in Denver as VLAN 201 to avoid conflict with the Storage Replication. MikroTik routers can do this via bridging / switching

MikroTik Training VLAN Translation/Rewrites Example: VLAN 101 in NYC becomes VLAN 201 once it reaches Denver, CO. The broadcast domain (light blue) is the same even though the VLAN tag changes

MikroTik Training VLAN Translation/Rewrites Example: VLAN 101 in NYC becomes VLAN 201 once it reaches Denver, CO. The broadcast domain (light blue) is the same even though the VLAN tag changes Q. What is a broadcast domain? Q. What Layer of the OSI Model does it exist at? Q. Why would this be important when rewriting VLANs?

MikroTik Training VLAN Translation/Rewrites What problem are we trying to solve? Merging companies When large companies merge, there are often duplicate VLANS with different functions in campus and headquarters environments Data Center Interconnect (DCI) When connecting large data centers at Layer 2, VLAN overlap is a major issue. A VLAN in one data center may used for web servers, while the same VLAN number in another data center could be for database servers. Service Provider Large carrier networks often deal with overlapping VLANs from customers and other providers. VLAN translation can be used to join segments with different tags or prevent overlap. What are some other use cases for VLAN Translations?

MikroTik Training VLAN Translation/Rewrites Configuration example - Bridging This configuration can be used in almost any RouterBoard to translate between VLANs using a bridge. Create VLAN 100 and 3100 interface VLANs Create Bridge and add VLAN interface ports

MikroTik Training VLAN Translation/Rewrites Configuration Task 1-855-MIKROTIK Challenge: Two students must configure a routerboard to translate between VLAN 500 and VLAN 3500 and be able to ping from Laptop A (100.64.1.1/24) and Laptop B (100.64.1.2/24) Materials: Routerboard with 2 Ethernet ports and two laptops with Ethernet ports.

MikroTik Training VLAN Translation/Rewrites Configuration example Switching (CRS) This configuration can be used in all CRS models to translate between VLANs using ingress and egress VLAN rewrites. Create ingress VLAN translations Create egress VLAN translations

MikroTik Training VLAN Translation/Rewrites How do we know that config worked? Packet Sniffer using port mirroring on the CRS Switch ports on CRS do not show up in packet sniffer unless a mirror is set up and pointed to the CPU.

MikroTik Training VLAN Translation/Rewrites How do we know that config worked? Packet capture of ICMP between R1 and R2 in Wireshark

MikroTik Training VLAN Translation/Rewrites How do we know that config worked? Packet capture of ICMP from 10.1.1.200/24 (VLAN 101) to 10.1.1.201/24 (VLAN 201) in Wireshark

MikroTik Training VLAN Translation/Rewrites How do we know that config worked? Packet capture of ICMP from 10.1.1.201/24 (VLAN 201) to 10.1.1.200/24 (VLAN 101) in Wireshark

MikroTik Training VLAN Translation/Rewrites VLAN Translation LAB Scenario Lab Guide available @ /lab-2/ Introducing IP SafeNET, a Flat-Rate yearly MikroTik support contract Visit www.ipsafenet.com for details

MikroTik Training Lab Scenario Configuration Objective - Translate VLAN from R1 to R2 in your POD and ping successfully between laptops Students will be divided into groups of 2 (a POD) and assigned a POD Number Materials Needed per POD RouterBoard 2 RouterBoards (each with at least 2 Ethernet ports) Routerboard may be of any model that meets this requirment Laptop 2 Laptops (each with an Ethernet port and wireless) 4 Ethernet cables (Instructor will provide if the student does not have enough) Students can opt to connect to the R1 and R2 Routerboards via wireless this setup only requires (2) Ethernet cables CRS 125-24G-1S Switch Provided by the instructor Students will be assigned a pair of switch ports by POD to plug their routers into

MikroTik Training Lab Scenario

MikroTik Training Lab Scenario

MikroTik Training Lab Scenario Configuration Objective - Translate VLAN from R1 to R2 in your POD and ping successfully between laptops Write down the following information for your POD VLAN Assignment R1 VLAN 10x (Where x is the POD Number) R2 VLAN 20x (Where x is the POD Number)

MikroTik Training Lab Scenario Configuration Objective - Translate VLAN from R1 to R2 in your POD and ping successfully between laptops Write down the following information for your POD IP Address assignment for the Laptop Laptop connected to R1 10.1.x.200/24 (Where x is the POD Number) Laptop connected to R2 10.1.x.201/24 (Where x is the POD Number)

MikroTik Training Lab Scenario Configuration Objective - Translate VLAN from R1 to R2 in your POD and ping successfully between laptops Step 1 Reset system config with no default on both routerboards in the pod This lab was built and tested with ROS 6.27 you may use this or try another version Step 2 Connect all devices in your POD according to the topology diagram and the specific ports assigned to your POD in the CRS Please ask for Ethernet cables from the instructor if you do not have enough

MikroTik Training Lab Scenario Configuration Objective - Translate VLAN from R1 to R2 in your POD and ping successfully between laptops Step 3 Assign the IPs for your POD in both laptops 10.1.x.200 and.201 (Where x is your POD number) Example (Windows) Using POD1 Laptop 1 (NOTE: No default gateway is needed for this lab)

MikroTik Training Lab Scenario Configuration Objective - Translate VLAN from R1 to R2 in your POD and ping successfully between laptops Step 4 Configure each lab Routerboard for the following R1 Set system identity as PODx-R1 (where x is your POD number) R2 Set system identity as PODx-R2 (where x is your POD number)

MikroTik Training Lab Scenario Configuration Objective - Translate VLAN from R1 to R2 in your POD and ping successfully between laptops Step 5 Configure each lab Routerboard for the following R1 - Interface Vlan 10x on eth1 (where x is your POD number) R2 - Interface Vlan 20x on eth1 (where x is your POD number)

MikroTik Training Lab Scenario Configuration Objective - Translate VLAN from R1 to R2 in your POD and ping successfully between laptops Step 6 NOTE: a wlan interface can be used instead of eth2 Configure each lab Routerboard for the following R1 VLAN10x-Bridge (where x is your POD number) and add ports eth2 and Vlan10x R2 VLAN20x-Bridge (where x is your POD number) and add ports eth2 and Vlan20x

MikroTik Training Lab Scenario Configuration Objective - Translate VLAN from R1 to R2 in your POD and ping successfully between laptops Step 7 CRS Config - Connect via wireless to CRS Management Network SSID: IPA-LAB PSK: mum2015miami Use Winbox to connect to CRS on 10.10.10.1 User: labuser Password: labuser

1-855-MIKROTIK MikroTik Training Lab Scenario Configuration Objective - Translate VLAN from R1 to R2 in your POD and ping successfully between laptops Step 8 Configure Ingress VLAN translation (POD1 shown as an example) Ether1 VLAN 101 to VLAN 201 (Use the correct port and VLAN for your POD) Ether2 VLAN 201 to VLAN 101 (Use the correct port and VLAN for your POD)

MikroTik Training Lab Scenario Configuration Objective - Translate VLAN from R1 to R2 in your POD and ping successfully between laptops Step 8 Configure Egress VLAN translation (POD1 shown as an example) Ether1 VLAN 201 to VLAN 101 (Use the correct port and VLAN for your POD) Ether2 VLAN 101 to VLAN 201 (Use the correct port and VLAN for your POD)

MikroTik Training Lab Scenario Configuration Objective - Translate VLAN from R1 to R2 in your POD and ping successfully between laptops Step 8 Validation Ping from laptop to laptop (be sure to turn off software firewalls)