Connecting to the lab server

• Open your favourite Terminal Emulator
• SSH to the netlab server:

• $ ssh-keygen -R netlab.nanocat.net   <- delete the cached fingerprint
                                          (lab server rebuilt frequently)
  $ ssh lab@netlab.nanocat.net
  Password: (generated fresh each week)
  

• List the running containerlab devices:

• $ sudo containerlab inspect --all
  

• Connect to an Arista device:

• $ sudo docker exec -it clab-device–name Cli
  

• .. or connect to a Linux device:

• $ sudo docker exec -it clab-pcXX-name bash
  

Diagram

Goal

• all devices in the same VLANs can ping each other.

What you are responsible for configuring

• the two PCs connected to your switch
• your switch (switch-XX)
• your uplink port on core-01

Creating VLANs

!
vlan 10
   name web
vlan 20
   name mail
!
! etc etc

Configuring access (untagged) ports

!
interface ethernet 2
   description -- link to web-b --
   switchport
   switchport mode access
   switchport access vlan 10
!

Configuring trunk (tagged) ports

!
interface ethernet 1
   description -- link to switch-01 --
   switchport
   switchport mode trunk
   switchport trunk allowed vlan 10,20
!

Looking at the dot1q tags

Look at packets without VLAN tags:

switch-01#bash
bash# tcpdump -i eth2 icmp

web-a# ping 192.168.10.20

Look at packets with VLAN tags:

switch-01#bash
bash# tcpdump -i eth1 icmp
web-a# ping 192.168.10.20

Inspecting the core switch

show mac address-table
show ip arp
show ip route
ping 192.168.x.x

Questions

• Can the switch ping the PCs?
• Can the PCs ping the switch?
• Is “core-01” routing packets?