UNIVERSIDADE CATÓLICA DE ANGOLA

FACULDADE DE ENGENHARIA
DEPARTAMENTO DE INFORMÁTICA

REDES ESCALÁVEI

LUANDA – 2021
 UNIVERSIDADE CATÓLICA DE ANGOLA
FACULDADE DE ENGENHARIA
DEPARTAMENTO DE INFORMÁTICA

REDES ESCALÁVEI

Trabalho de projecto apresentado à cadeira de

Engenharia de Redes, como requisito parcial
para avaliação na disciplina.

Orientador: Eng. Adão Garcia

Integrantes do Grupo nº: 02

• Herman Diyabanza ……………………... 1000016231

• Herménia Nunda ……………………….. 1000019764
• Mamengi Yussufo .................................. 1000019178
• Jonathan Mandombe .............................. 1000018244
Ano: 3º

Curso: Engenharia Informática

2
 ÍNDICE

OBJECTIVOS ................................................................................................................. 4
CENÁRIO ........................................................................................................................ 5
TABELA DE ENDEREÇÃMENTO ............................................................................... 6
FERRAMENTAS UTILIZADAS .................................................................................... 6
CONFIGURAÇÕES ....................................................................................................... 8
CONCLUSÃO ............................................................................................................... 15
BIBLIOGRAFIA ............................................................................................................ 17

3
 OBJECTIVOS

Objectivo Geral

• Configurar a rede da Idea Brahma Consulting Private Limited e da

FIRMA de consultoria ABCD

Objectivos Específicos
• Executar as configurações dos dispositivos (routers e switches)
• Atribuir e configurar endereço IPv4 e IPv6
• Executar as configurações iniciais nos switches protegendo as portas
dos mesmos e criar SVIs.
• Configurar roteamento e segurança (ACLs)
• Configurar o roteamento dinâmico com OSPFv2 e distribuir uma rota
padrão
• Configurar RPVST+, segurança de porta, EtherChannel, DHCP,
DHCPv6, VLANs e entroncamento e roteamento entre VLANs
• Controlar o acesso à rede de gerenciamento dos switches com listas de
controle de acesso.

4
CENÁRIO

5
 FERRAMENTAS UTILIZADAS

• Simulador: Cisco Packet Tracer 7.3.1 (Windows & Linux)

• Roteadores: CISCO 1941
• Switches: CISCO 2960

TABELA DE ENDEREÇAMENTO

• IP da WAN: 192.168.220.0/24
• IP da LAN: 10.10.0.0/12
• IPV6 para LAN e WAN: 2001:db8:acad:c።1 /32-64

Dispositivo Interface Rede Detalhes de configuração

192.168.220.0/30
S0/0/0 qualquer endereço na rede: 192.168.220.1
2001:BD8:ACAD:C::/127 2001:BD8:ACAD:C::

192.168.8.0/24
A_HSEDE G0/0 primeiro endereço de host: 192.168.8.1 (?)
2001:DB8:ACAD:C::8:/64

192.168.9.0/24
G0/1 primeiro endereço de host: 192.168.9.1 (?)
2001:DB8:ACAD:C::9:/64

192.168.220.0/30
S0/0/0 qualquer endereço na rede: 192.168.220.2
2001:BD8:ACAD:C::/127 2001:BD8:ACAD:C::1

SITE_BG 192.168.220.4/30
S0/0/1 qualquer endereço na rede: 192.168.220.5
2001:BD8:ACAD:C::10/127 2001:BD8:ACAD:C::10

S0/1/0 208.0.116.16/29 (O 1º IP já está em uso pelo router ISP) :

208.0.116.18
192.168.220.3/30
S0/0/1 qualquer endereço na rede: 192.168.220.6
B_HSEDE 2001:BD8:ACAD:C::10/127 2001:BD8:ACAD:C::11

G0/1.2 10.10.2.0/24 primeiro endereço na rede 10.10.2.1

6
 2001:DB8:ACAD:C:2::/64 2001:DB8:ACAD:C:2::1/64

10.10.4.0/24
G0/1.4 primeiro endereço na rede 10.10.4.1
2001:DB8:ACAD:C:4::/64 2001:DB8:ACAD:C:4::1/64

10.10.8.0/24
G0/1.8 primeiro endereço na rede 10.10.8.1
2001:DB8:ACAD:C:8::/64 2001:DB8:ACAD:C:8::1/64

10.10.15.0/24
G0/1.15 primeiro endereço na rede 10.10.15.1
2001:DB8:ACAD:F::/64 2001:DB8:ACAD:F::1/64

10.10.25.0/24
G0/1.25 primeiro endereço na rede 10.10.25.1
2001:DB8:ACAD:19::/64 2001:DB8:ACAD:19::1/64

10.10.25.0/24 O endereço mais alto da rede:

SW-A SVI 10.10.25.254
2001:DB8:ACAD:C:25::/64
2001:DB8:ACAD:C:19::FFFF/64
o segundo para o endereço mais alto na
10.10.25.0/24
SW-B SVI rede
2001:DB8:ACAD:C:19::/64 10.10.25.253
2001:DB8:ACAD:C:19::FFFE/64
o terceiro para o endereço mais alto na
10.10.25.0/24
SW-C SVI rede
2001:DB8:ACAD:C:19::/64 10.10.25.252
2001:DB8:ACAD:C:25::FFFD/64
Gestor - A NIC 192.168.8.0/24 qualquer endereço na rede: 192.168.8.2
(?)
Assist- qualquer endereço na rede: 192.168.9.2
NIC 192.168.9.0/24
Admin (?)
10.10.15.0/24
Admin - A NIC qualquer endereço na rede: 10.10.15.2
2001:DB8:ACAD:C:15::/64

10.10.15.0/24
Admin - B NIC qualquer endereço na rede: 10.10.15.3
2001:DB8:ACAD:C:15::/64

7
 Tabela de atribuição de porta do switch VLAN:

VLAN Nome Rede Dispositivo Switch Ports

CONSULTORIA- SW-A Fa0 / 5

2 10.10.2.0/24
AG SW-C Fa0 / 7
SW-A Fa0 / 10
4 PRODUÇÃO 10.10.4.0/24
SW-C Fa0 / 10
SW-A Fa0 / 15
8 FUNCIONÁRIOS 10.10.8.0/24
SW-C Fa0 / 15
SW-A Fa0 / 24
15 ADMINISTRADOR 10.10.15.0/24
SW-C Fa0 / 24
SW-A SVI
25 CONS_VIRTUAL 10.10.25.0/24 SW-B SVI
SW-C SVI
Todas as portas
99 NULO SW-A
não utilizadas

Grupos de canais de porta:

Canal Dispositivo Interfaces
SW-A Fa0 / 1, Fa0 / 2
1
SW-C Fa0 / 1, Fa0 / 2
SW-A Fa0 / 3, Fa0 / 4
2
SW-B Fa0 / 3, Fa0 / 4
SW-B Fa0 / 5, Fa0 / 6
3
SW-C Fa0 / 5, Fa0 / 6

8
 CONFIGURAÇÕES
A-HSEDE
interface GigabitEthernet0/0
ip address 192.168.8.1 255.255.255.0

interface GigabitEthernet0/1
ip address 192.168.9.1 255.255.255.0

interface Serial0/0/0
description CONEXAO PARA SITE-BG
bandwidth 128
ip address 192.168.220.1 255.255.255.252
ipv6 address 2001:BD8:ACAD:C::/127
clock rate 128000
router ospf 10
router-id 1.1.1.1
log-adjacency-changes
passive-interface GigabitEthernet0/0
passive-interface GigabitEthernet0/1
network 192.168.220.0 0.0.0.3 area 0
network 192.168.8.0 0.0.0.255 area 1
network 192.168.9.0 0.0.0.255 area 1

banner motd ^CACESSO RESTRITO^C

line con 0
login

line aux 0

line vty 0 4
login local
transport input ssh
line vty 5 15
login local
transport input ssh

/*personalizar ospfv2*/
int s0/0/0
bandwidth 128

…….

9
SITE-BG
interface GigabitEthernet0/0
ip address 126.110.10.1 255.255.255.248
interface GigabitEthernet0/1
duplex auto
speed auto
shutdown
interface Serial0/0/0
description CONEXAO PARA A-HSEDE
ip address 192.168.220.2 255.255.255.252
ipv6 address 2001:BD8:ACAD:C::1/127
interface Serial0/0/1
description CONEXAO PARA B-HSEDE
ip address 192.168.220.5 255.255.255.252
ipv6 address 2001:BD8:ACAD:C::10/127
clock rate 128000
interface Serial0/1/0
description CONEXAO PARA ISP
ip address 208.0.116.18 255.255.255.248
interface Serial0/1/1
no ip address
clock rate 2000000
shutdown
interface Vlan1
no ip address
shutdown
router ospf 10
router-id 2.2.2.2
log-adjacency-changes
network 192.168.220.0 0.0.0.3 area 0
network 192.168.220.4 0.0.0.3 area 0
network 208.0.116.0 0.0.0.7 area 0
network 208.0.116.16 0.0.0.7 area 0
network 126.110.10.0 0.0.0.7 area 3
default-information originate
ip classless
ip route 10.10.0.0 255.255.0.0 Serial0/1/0
ip route 0.0.0.0 0.0.0.0 Serial0/1/0
ip route 0.0.0.0 0.0.0.0 208.0.116.17
banner motd ^CACESSO RESTRITO^C
line con 0
password 7 0822455D0A1606181C1B0D1739
login
line aux 0
line vty 0 4
login local
transport input ssh
line vty 5 15
10
login local
transport input ssh
end

…….

B-HSEDE

interface GigabitEthernet0/0
ip address 192.168.220.9 255.255.255.252
interface GigabitEthernet0/1.2
encapsulation dot1Q 2
ip address 10.10.2.1 255.255.255.0
ipv6 address 2001:DB8:ACAD:C:2::/64

interface GigabitEthernet0/1.4
encapsulation dot1Q 4
ip address 10.10.4.1 255.255.255.0

interface GigabitEthernet0/1.8
encapsulation dot1Q 8
ip address 10.10.8.1 255.255.255.0

interface GigabitEthernet0/1.15
encapsulation dot1Q 15
ip address 10.10.15.1 255.255.255.0
ipv6 address 2001:DB8:ACAD:F::/64

interface GigabitEthernet0/1.25
encapsulation dot1Q 25
ip address 10.10.25.1 255.255.255.0
ipv6 address 2001:DB8:ACAD:19::/64

interface Serial0/0/1
ip address 192.168.220.6 255.255.255.252
ipv6 address 2001:BD8:ACAD:C::11/127
router ospf 10
router-id 3.3.3.3
log-adjacency-changes
passive-interface GigabitEthernet0/1.2
passive-interface GigabitEthernet0/1.4
passive-interface GigabitEthernet0/1.8
passive-interface GigabitEthernet0/1.15
network 192.168.220.4 0.0.0.3 area 0
network 192.168.220.8 0.0.0.3 area 0
network 10.10.2.0 0.0.0.255 area 2
network 10.10.4.0 0.0.0.255 area 2
network 10.10.8.0 0.0.0.255 area 2
network 10.10.15.0 0.0.0.255 area 2
11
ip classless

banner motd ^CACESSO RESTRITO^C

line con 0
password 7 0822455D0A16
logging synchronous
login
line aux 0
line vty 0 4
password 7 0822455D0A16
login
transport input ssh
line vty 5 15
login local
transport input ssh
end

SW-A
spanning-tree mode rapid-pvst
spanning-tree extend system-id
spanning-tree vlan 2,4 priority 24576
spanning-tree vlan 8,15 priority 28672
interface Port-channel1
switchport mode trunk
interface Port-channel2
switchport mode trunk
interface FastEthernet0/1
switchport mode trunk
channel-group 1 mode active
interface FastEthernet0/2
switchport mode trunk
channel-group 1 mode active
interface FastEthernet0/3
switchport mode trunk
channel-group 2 mode active
interface FastEthernet0/4
switchport mode trunk
channel-group 2 mode active
interface FastEthernet0/5
switchport access vlan 2
switchport mode access
switchport port-security maximum 2
switchport port-security mac-address sticky
switchport port-security violation restrict
interface FastEthernet0/6
switchport access vlan 99
switchport mode access
shutdown
12
interface FastEthernet0/7
switchport access vlan 99
switchport mode access
shutdown
interface FastEthernet0/8
switchport access vlan 99
switchport mode access
shutdown
interface FastEthernet0/9
switchport access vlan 99
switchport mode access
shutdown
interface FastEthernet0/10
switchport access vlan 4
switchport mode access
switchport port-security maximum 2
switchport port-security mac-address sticky
switchport port-security violation restrict
interface FastEthernet0/11
switchport access vlan 99
switchport mode access
shutdown
interface FastEthernet0/12
switchport access vlan 99
switchport mode access
shutdown
interface FastEthernet0/13
switchport access vlan 99
switchport mode trunk
interface FastEthernet0/14
switchport access vlan 99
switchport mode access
shutdown
interface FastEthernet0/15
switchport access vlan 8
switchport mode access
switchport port-security maximum 2
switchport port-security mac-address sticky
switchport port-security violation restrict
interface FastEthernet0/16
switchport access vlan 99
switchport mode access
shutdown
interface FastEthernet0/17
switchport access vlan 99
switchport mode access
shutdown
interface FastEthernet0/18
switchport access vlan 99
switchport mode access
13
shutdown
interface FastEthernet0/19
switchport access vlan 99
switchport mode access
shutdown
interface FastEthernet0/20
switchport access vlan 99
switchport mode access
shutdown
interface FastEthernet0/21
switchport access vlan 99
switchport mode access
shutdown
interface FastEthernet0/22
switchport access vlan 99
switchport mode access
shutdown
interface FastEthernet0/23
switchport access vlan 99
switchport mode access
shutdown
interface FastEthernet0/24
switchport access vlan 15
switchport mode access
switchport port-security maximum 2
switchport port-security mac-address sticky
switchport port-security violation restrict
interface GigabitEthernet0/1
switchport access vlan 99
switchport mode access
shutdown
interface GigabitEthernet0/2
switchport access vlan 99
switchport mode access
shutdown
interface Vlan1
ip address 192.168.10.60 255.255.255.0
interface Vlan25
mac-address 0090.217d.2601
ip address 10.10.25.254 255.255.255.0
ip default-gateway 10.10.25.1
banner motd ^CACESSO RESTRITO^C

SW-B
ip domain-name ibrama.com
username admin secret 5 $1$mERr$AFX/pZT1Lh7NP3Dp3P/qq/
spanning-tree mode rapid-pvst
spanning-tree extend system-id
interface Port-channel2
switchport mode trunk
14
interface Port-channel3
switchport mode trunk
interface FastEthernet0/3
switchport mode trunk
channel-group 2 mode active

interface FastEthernet0/4
switchport mode trunk
channel-group 2 mode active
interface FastEthernet0/5
switchport mode trunk
channel-group 3 mode active
interface FastEthernet0/6
switchport mode trunk
channel-group 3 mode active

interface GigabitEthernet0/1
switchport mode trunk

interface GigabitEthernet0/2
interface Vlan1
ip address 192.168.10.30 255.255.255.0
interface Vlan25
mac-address 000b.be88.cb01
ip address 10.10.25.253 255.255.255.0
ip default-gateway 10.10.25.1
banner motd ^CACESSO RESTRITO^C
line con 0
password 7 0822455D0A16
logging synchronous
login
line vty 0 4
password 7 0822455D0A16
login local
transport input ssh
line vty 5 15
login local
transport input ssh

15
 CONCLUSÃO

Durante o desenvolvimento do projecto foram apresentados conceitos

e configurações que possibilitam implementar os requisitos exigidos no projecto.

O mesmo também nos ajudou a dominar alguns conceitos, comandos e

configurações dos equipamentos de redes bem como a aprofundar os nossos
conhecimentos sobre a mesma com intensa prática de laboratório.

Tendo em conta a diversidade das configurações efectuadas, as outras

não foram mencionadas na implementação, mas com base nos objetivos do
trabalho acima mencionados, conclui-se que a maior parte das metas definidas,
foram atingidas.

16
 BIBLIOGRAFIA

• CCNA Routing and Switching Introdução a Networks 6.0

• CCNA Routing and Switching Routing and Switching Essentials v6.0
• SCOPP EMPSON, CCNA 200-301 – Portable Command Guide 3th Edition,
Cisco Press, 2020.
• Site oficial cisco (www.cisco.com) e portal CISCO Networking Academy
(www.netacad.com)

17