10.2.6 Packet Tracer – Use LLDP to Map a Network Answers

Packet Tracer – Use LLDP to Map a Network (Answers Version)

Answers Note: Red font color or gray highlights indicate text that appears in the instructor copy only.

Device

Interface

IP Address

Subnet Mask

Local Interface and Connected Neighbor

Edge

G0/0

192.168.1.1

255.255.255.0

G0/1 – S1

Edge

S0/0/0

209.165.200.5

255.255.255.252

S0/0/0 – ISP

S1

SVI

192.168.1.2

255.255.255.0

blank

RBO-Edge

G0/0

209.165.200.10

255.255.255.252

G0/0 – ISP

RBO-Edge

G0/1

192.168.3.249

255.255.255.252

G0/0 – RBO-Firewall

RBO-Firewall

G0/0

192.168.3.250

255.255.255.252

G0/0 – RBO-Edge

RBO-Firewall

G0/1

192.168.4.129

255.255.255.128

G0/1 – sw-rbo1

sw-rbo1

SVI

192.168.4.131

255.255.255.128

blank

sw-rbo1

G0/1

N/A

N/A

G0/1 – RBO-Firewall

sw-rbo1

G0/2

N/A

N/A

G0/2 – sw-rbo2

sw-rbo1

F0/24

N/A

N/A

F0/24 – sw-rbo3

sw-rbo2

SVI

192.168.4.132

255.255.255.128

blank

sw-rbo2

G0/1

N/A

N/A

G0/1 – sw-rbo3

sw-rbo2

G0/2

N/A

N/A

G0/2 – sw-rbo1

sw-rbo3

SVI

192.168.4.133

255.255.255.128

LLDP not active

sw-rbo3

F0/24

N/A

N/A

F0/24 – sw-rbo1

sw-rbo3

G0/1

N/A

N/A

G0/1 – sw-rbo2

Map a network using LLDP and SSH remote access.

A senior network administrator requires you to map the Remote Branch Office network and discover information about all of the devices in the network. You must record all of the network device names, IP addresses and subnet masks, and physical interfaces interconnecting the network devices.

To map the network, you will use SSH for remote access and the Link Layer Discovery Protocol (LLDP) to discover information about neighboring network devices. Because LLDP is a Layer 2 protocol, it can be used to discover information about devices that do not have Layer 3 connectivity. You will record the information that you gather to complete the Addressing Table and provide a topology diagram of the Remote Branch Office network.

You will need the IP address for the remote branch office, which is 209.165.200.10. The local and remote administrative usernames and passwords are:

Local Network

Username: admin01

Password: [email protected]

Remote Branch Office Network

Username: RBOadmin

Password: [email protected]

Part 1:  Use SSH to Remotely Access Network Devices

In Part 1, you will use the Admin-PC to remotely access the Edge gateway router. Next, from the Edge router you will SSH into the Remote RBO Office.

  1. On the Admin-PC, open a command prompt.
  2. SSH into the gateway router at 192.168.1.1 using the username admin01 and the password [email protected].

PC> ssh –l admin01 192.168.1.1

Open

Password:

 

Edge#

Note: Notice that you are placed directly into privileged EXEC mode. This is because the admin01 user account is set to privilege level 15.

  1. The Edge router was previously configured to use CDP. Switch S1 has already been configured to use LLDP. Issue the show cdp command to verify CDP is currently active. Disable CDP by issuing the following command:

Edge(config)# no cdp run

  1. LLDP can be configured to both transmit and receive on a specific interface. Configure Edge so that it receives LLDP messages from S1 but does not send messages to S1 for security purposes Enable LLDP.

Edge(config)# lldp run

Edge(config)# int g0/0

Edge(config-if)# no lldp transmit

Edge(config-if)# exit

  1. Use the show lldp neighbors command to verify that Edge is receiving messages from S1.
  2. Connect to S1 with SSH from Edge router using the admin01 credentials. Issue the show lldp neighbors command. Notice that S1 did not receive information from Edge.

Edge# ssh –l admin01 192.168.1.2

Password:

 

S1> show lldp neighbors

S1> exit

  1. Exit from the connection with S1 to return to the Edge router CLI. Use the show ip interface brief and show interfaces commands to document the Edge router’s physical interfaces, IP addresses, and subnet masks in the Addressing Table.

Edge# show ip interface brief

Edge# show interfaces

  1. From your session with Edge router, connect with SSH to the Remote RBO Office at 209.165.200.10 with the username RBOadmin and the same password used for admin01.

Edge# ssh –l RBOadmin 209.165.200.10

Password:

 

RBO-Edge#

Question:

After connecting to the Remote RBO Office at 209.165.200.10 what piece of previously missing information can now be added to the Addressing Table above?

Type your answers here.

The RBO-Edge router hostname

Part 2:  Use LLDP to Discover Neighboring Devices

You are now remotely connected to the RBO-Edge router. Using LLDP, begin looking for connected network devices.

  1. Issue the show ip interface brief and show interfaces commands to document the RBO-Edge router’s network interfaces, IP addresses, and subnet masks. Add the missing information to the Addressing Table.
  2. Security best practice recommends only running LLDP when needed, so LLDP may need to be turned on. Use a show lldp command to test its status.

RBO-Edge# show lldp

% LLDP is not enabled

  1. You need to turn on LLDP, but it is a good idea to only send LLDP information to internal network devices and not to external networks. Discover which interface is connected to the internet by issuing the command show ip interface brief. Enable the LLDP protocol and completely disable LLDP on the interface that is connected to the internet.

RBO-Edge# configure terminal

RBO-Edge(config)# lldp run

RBO-Edge(config)# interface g0/0

RBO-Edge(configif)# no lldp transmit

RBO-Edge(configif)# no lldp receive

RBO-Edge(configif)# exit

  1. Issue a show lldp neighbors command to find any neighboring network devices.

Note: LLDP will only show connected devices that are also running LLDP.

RBO-Edge# show lldp neighbors

Question:

Is there a neighboring network device? What type of device is it? What is its name? On what interface is it connected? Is the device’s IP address listed? Record the information in the Addressing Table.

Type your answers here.

It is a router. Its name is RBO-Firewall and it is connected on interface G0/0. The IP address of the device is not listed.

  1. Use the show ip route command to determine the address of the device that you found with the show lldp neighbors command. Based on the information provided about the local address in the routing table and the prefix length of the network use that information to determine the neighbor address.
  2. To find additional information from the neighboring device, use the show lldp neighbors detail command:

RBO-Edge# show lldp neighbors detail

Question:

What other piece of potentially sensitive information is listed?

Type your answers here.

The neighboring device’s IOS software version.

Note: The current version of Packet Tracer does not provide the Management Address of the neighbor device. In this activity several neighbor device addresses have been provided in the Addressing Table.

  1. Connect to the neighbor device with SSH to discover other devices that may be its neighbors.

Note: To connect with SSH use the same Remote RBO Office username and password.

RBO-Edge# ssh –l RBOadmin <the ip address of the neighbor device>

RBO-Edge# ssh –l RBOadmin 192.168.3.250

Question:

After successfully connecting with SSH, what does the command prompt show?

Type your answers here.

RBO-Firewall#

  1. You are remotely connected to the next neighbor. Use the show lldp neighbors command, and the show lldp neighbors detail command, to discover other connected neighbor devices.

Question:

What types of network devices neighbor this device? Record any newly discovered devices in the Addressing Table. Include their hostname, interfaces, and IP addresses.

Type your answers here.

A router (RBO-Edge) and a switch (sw-rbo1). The sw-rbo1 switch is a newly discovered device on the G0/1 interface.

Add the newly discovered device name next to the SVI entry for address 192.168.4.131.

  1. Connect to the SVI for address 192.168.4.131 using SSH and credentials used previously. If prompted for an enable secret password, use the same password as used for RBOAdmin. Use the show lldp neighbors command, and the show lldp neighbors detail command, to discover other connected neighbor devices.

Question:

What types of network devices neighbor this device? Record any newly discovered devices in the Addressing Table. Include their hostname, interfaces, and IP addresses.

Type your answers here.

A router (RBO-Firewall), a switch (sw-rbo2). The sw-rbo2 switch is a newly discovered device on the G0/2 interface.

Place the newly discovered device name next to the SVI entry for address 192.168.4.132.

  1. Connect to the SVI for address 192.168.4.133 using SSH and credentials used previously. Issue the command show lldp, you should receive a message:

% LLDP is not enabled

Enable lldp globally as in Step C. There is no need to configure transmit or receive options because they are on by default. Use the show lldp neighbors command, and the show lldp neighbors detail command, to discover other connected neighbor devices.

Question:

What types of network devices neighbor this device? Record any newly discovered devices in the Addressing Table. Include their hostname, interfaces, and IP addresses. It may be beneficial to reconnect to the previously discovered devices to display neighbors one more time to complete the entire addressing table now that all devices are configured for LLDP.

Type your answers here.

A switch (sw-rbo1) that is connected to Fa0/24, a switch (sw-rbo2) that is connected to G0/1.

  1. Draw a topology of the Remote RBO Office network using the information that you have gathered with LLDP.

This image shows the network topology within the Remote branch office.

Leave a Reply