Question
I need help on Questions 3, 5, 7 9, 10, and 12. I also need a screenshot of 13. Will upvote immediately after, thank you!
I need help on Questions 3, 5, 7 9, 10, and 12. I also need a screenshot of 13.
Will upvote immediately after, thank you!
1.) In Packet Tracer, add a 2960 switch, a 2901 router, and two PCs. Connect the devices to the switch using Copper Straight-Through cables.
2.) Enter the commands in Table to configure the routers interface and a DHCP pool on the router.
Configure the Router With a DHCP Pool
| Command | Purpose |
| enable | Enters privileged EXEC mode |
| configure terminal | Enters global configuration mode |
| interface gigabit0/0 | Enters interface configuration mode for GigabitEthernet0/0 |
| ip address 192.168.2.1 255.255.255.0 | Assigns network information to the interface |
| no shut and press Enter to return to the prompt | Enables the port |
| exit | Returns to global configuration mode |
| ip dhcp pool MyPool | Creates a DHCP pool named MyPool and enters DHCP configuration mode |
| network 192.168.2.0 255.255.255.0 | Assigns network information to the DHCP pool |
| default-router 192.168.2.1 | Assigns a default gateway to the DHCP pool |
| do show ip dhcp pool | Displays DHCP pool configuration information |
| exit | Returns to global configuration mode |
3.) On each PC, request a DHCP assignment. In some cases, it might take a couple of tries for the DHCP assignment to succeed. If it still doesnt work, do some troubleshooting to figure out the problem and fix it. What IP address was assigned to each PC? What is the default gateway address for both PCs?
3B.) Suppose an attacker brings their own DHCP server to your network. The attacker configures their device as the default gateway so your PCs start sending their traffic to the wrong device. Complete the following steps:
4.) Add a server to your workspace. Do NOT yet connect the attackers server to your network. Make the following configurations to the server first:
Set the servers static IP address to 192.168.2.20/24.
Turn on the servers DHCP service. Set the pools default gateway address to 192.168.2.20 and its start IP address to 192.168.2.21/24. Be sure to save these settings.
Use a Copper Straight-Through cable to connect the hackers server to your switch.
5.) After the servers connection with the switch activates, at PC0s Command Prompt, enter the command ipconfig /release and then enter the command ipconfig /renew. What information does PC0 receive? Which DHCP server did it get its assignment from?
To protect your network, you need to enable DHCP snooping on the switch. This will ensure that DHCP responses can only come from an approved DHCP server. Complete the following steps:
6.) Enter the commands in Table to configure DHCP snooping on the switch.
Configure the Switch for DHCP Snooping
| Command | Purpose |
| enable | Enters privileged EXEC mode |
| configure terminal | Enters global configuration mode |
| ip dhcp snooping | Enables DHCP snooping globally on the switch |
| ip dhcp snooping vlan 1 | Enables DHCP snooping for VLAN 1 |
| do show ip dhcp snooping | Displays current DHCP snooping configuration; confirm DHCP snooping is configured for VLAN 1 |
7.) Now that DHCP snooping is enabled on your switch, no DHCP responses are currently allowed because, by default, all ports on untrusted. To test this, at PC0s Command Prompt, enter the command ipconfig /release and then enter the command ipconfig /renew. What information does PC0 receive?
8.) For the legitimate DHCP server to work on your network, you need to tell the switch which port it should trust for DHCP responses. Enter the commands in Table to configure a trusted DHCP port on the switch.
Configure a trusted port on the switch for DHCP responses
| Command | Purpose |
| no ip dhcp snooping information option | Disables the unneeded Option 82 in DHCP snooping |
| interface gigabitethernet0/1 | Enters interface configuration mode for GigabitEthernet0/1, which is connected to the router |
| ip dhcp snooping trust | Designates this port as a DHCP trusted port because it is attached to the DHCP server |
| exit | Returns to global configuration mode |
| do show ip dhcp snooping | Displays current DHCP snooping configuration; confirm configuration matches that shown in Figure 11-39 |
| copy run start and press Enter to accept the default filename | Saves the current settings |
9.) Now that DHCP snooping is trusted on the correct port on your switch, DHCP responses should be allowed from the legitimate DHCP server. To test this, at PC0s Command Prompt, enter the command ipconfig /release and then enter the command ipconfig /renew. What information does PC0 receive? Which DHCP server did it get its assignment from? How do you know?
10.) Confirm that PC1 can also still receive DHCP information from the legitimate DHCP server. Does it work? How do you know?
11.) To see the switchs new records for DHCP assignments on the network, on the switchs CLI in privileged EXEC mode, enter the command show ip dhcp snooping binding. How many addresses are listed in the switchs DHCP snooping binding table? Notice the Type for each record is labeled dhcp-snooping to indicate the switch learned this information through DHCP snooping.
12.) To see which ports the switch trusts for DHCP responses, on the switchs CLI in privileged EXEC mode, enter the command show ip dhcp snooping. How many interfaces are listed? How many of these interfaces are trusted?
13.) Position your network devices and the switchs CLI console to show your network topology and the output on the switch for Steps 11 and 12. Take a screenshot; submit this visual with your answers to this labs questions.
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Expert Oracle9i Database Administration
Authors: Sam R. Alapati
1st Edition
1590590228, 978-1590590225
