Jump to content

Search the Community

Showing results for tags 'r&s'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • ANNOUNCEMENTS
    • ANNOUNCEMENTS
  • CERTIFICATION - - - - - NO REQUESTS IN THESE FORUMS - - - - -
    • CISCO SYSTEMS
    • COMPTIA
    • LINUX
    • MICROSOFT
    • ORACLE
    • PROJECT MANAGEMENT
    • SECURITY CERTIFICATIONS
    • SUN MICROSYSTEMS
    • WIRELESS
    • OTHER CERTIFICATIONS
  • CISCO TECHNICAL SECTION
    • CISCO LABS
    • GNS3
    • NETWORK INFRASTRUCTURE
    • SECURITY
    • WIRELESS
    • SERVICE PROVIDERS
    • COLLABORATION, VOICE AND VIDEO
    • DATA CENTER
    • SMALL BUSINESS
  • MICROSOFT TECHNICAL SECTION
  • OTHER TECHNICAL SECTION
  • TRAINING OFFERS & REQUESTS
  • CERTCOLLECTION MALL
  • GENERAL FORUMS
  • COMMUNITY CENTER

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 37 results

  1. Hello people! I wonder if anyone is able to upload (preferably torrent) all the INE ATC v5 videos in HD quality. There are posts here with only some of the files. It would be great for everyone if we had them all in one place! Thank you
  2. Time to return the favor to this awesome community. By grace of God, cleared my lab exam. TSHOOT 1. wrong vlan for user pc 2. ipcp route default missing on r17 3. max-metric router-lsa on r5 4. metric 0 1 1 1 1 1 missing and bandwidth 1000 configured on r12 5. route-map issue on R22 for local preference and wrong ACL/MED combo on r4 6. wrong next-hop on r25. limitation as per earlier exam to not remove acl 7. NBMA address on r15 advertised in eigrp and no ip next-hop-self eigrp 200 needed on r15 8. ip nat outside missing on both r8 and r7, R4-R6 link cost needs to be raised, default route on r7 and r8 towards r3&4 respectively needed. 9. nat traversal needed to be configured 10. ip nat outside statement modified to ip nat inside for the telnet part DIAG 1. SW3 at fault with port-security config, need to find e0/0 mac of client 2. R15 at fault with NBMA address advertised in eigrp 3. Asymmetric routing with urpf, R3 drops the packets CONFIG vrf, mstp, ntp authentication, shell processing
  3. Hi, Can someone please share the below CCIE lab guide published by Cisco Press: Cisco CCIE Routing and Switching v5.0 Troubleshooting Practice Labs, 2nd Edition Thanks.
  4. Good Morning friends Have doubt in K6 EEM. 5.2 Embedded Event Manager On R3 configure an EEM applet named "CONF_CHANGE" (without the quotes). >>The EEM applet should append the output of "show clock" to flash:ConfSave.txt. >> The EEM applet needs to activate every time someone make changes to the configuration. >> Also, a syslog message has to be generated with the string "Configuration changed" (without the quotes). Doubtful sentence :- The EEM applet needs to activate every time someone make changes to the configuration As far as I understand, for any configuration change, we need to save " sh clock" in flash file named ConfSave.txt Meaning 1 >> After getting into Configuration mode , for each line changes we need to save "sh clock'" in flash file. Meaning 2 >> After getting into Configuration mode, for all the changes , we need to save "sh clock'" in flash file, after coming out from configuration mode , Example : we have added/Modified 10 lines , so we need to log the same in flash file 10 times or only once. Meaning -1 , it will log 10 times Meaning - 2 , it will log only once after coming out from configuration mode. Solution for Meaning - 1 archive log config logging enable notify syslog event manager applet CONF_CHANGE event syslog pattern "%PARSER-5-CFGLOG_LOGGEDCMD" action 1.0 cli command "enable" action 2.0 cli command "show clock | append flash:ConfSave.txt" action 3.0 syslog msg "Configuration changed" Solution for Meaning - 2 No need of archive command event manager applet CONF_CHANGE event syslog pattern "SYS-5-CONFIG_I" action 1.0 cli command "enable" action 2.0 cli command "show clock | append flash:ConfSave.txt" action 3.0 syslog msg "Configuration changed"
  5. Hi I am looking for a study partner in Turkey Please PM me!!!!
  6. PLAN-1 ======= Keep the output of "show run linenum " >> this is show run with line number. If any changes, we can also identify with line number. ==================================================================================== PLAN-2 ======= no logg con >> will not log changes to console, no logg buffe >> will not log changes to log buffer archive log config logging enable logging size 100 sh archive log config all >> This will show you last 100 commands executed in the Device. Hope proctor will not change more than 100 command. =========================================================================== PLAN-3 ======= Need to do for all 9 devices wr copy running-config flash:ios.bin >> keeping copy of running config as ios.bin , Even they run script for any changes, hope script will not touch (dot) .bin files. verify /md5 system:running-config >> Copy the result and keep the value in notepad verify /md5 nvram:startup-config >> Copy the result and keep the value in notepad verify /md5 flash:ios.bin >> Copy the result and keep the value in notepad All three value will be same for each device. After luch break , check the value of below command verify /md5 system:running-config >> if it is matching the same value which we kept before lunch break, which means no changes in that device. If not matching , than check below command show archive config differences flash:ios.bin system:running-config >> will show you all the changes +/- ( addition/Removal ) Assumtion : Proctor will not copy the running config to flash:ios.bin ================== Explanation of command : show archive config differences show archive config differences <File-X> <File-Y> RESULT: - ( Minus ) means >> this line is not present in File-Y + ( Plus ) means >> this line is extra in File-Y Note : Always correlate the result with File-Y Example# Interface loopback 6 with ip address is added in running config, this loopback is not present in Startup-config R1#show archive config differences system:running-config nvram:startup-config Contextual Config Diffs: -interface Loopback6 -ip address 6.6.6.6 255.0.0.0 R1#show archive config differences nvram:startup-config system:running-config Contextual Config Diffs: +interface Loopback6 +ip address 6.6.6.6 255.0.0.0 Hope this is informative and will save our life.....
  7. I am preparing for CCIE R&S using cert,My doubt is In pre configuration we gave at lab exam do all ip 's assigned ?Or we had to assign all ip s from the topology diagram given at Lab exam?At cert workbook pre configuraion is a little stuff. alter ips from topology diagrm , like SVI ips.. Next question regarding the trunk configured at sw2 f0/2 because 2 valns there 22 and 24. so we make that port trunk that is the questipon itself, my dobut is at r2 configuration ,How to choose vlan 22 and 24 for each sub interface , also the ip assignemnet for sub interface .22 and .24 interface How it is done? How we know that .15.34 ip is for vlan 24 and .15.129 ip is for vlan 22?
  8. Internetwork Expert CCIE Routing and Switching Written v4.0 Bootcamp – Brian McGahan English | MOV + Slides PDF | Video: h264, 1280×720, 29,97 fps | Audio: aac, 44100 Hz, stereo | 3.75 GB Genre: Video Training CCIE Routing & Switching Written Exam This CCIE Routing & Switching Written Exam Bootcamp is specifically designed for students looking to focus on the topics and technologies covered in the CCIE Routing and Switching Written Exam version 4 blueprint. Students looking for a thorough and well structured learning tool will benefit from this bootcamp. These videos will help create a solid foundation of the concepts covered in the CCIE Routing & Switching written exam, as well as give students the knowledge they will need to not only pass the written exam, but also to continue straight into their CCIE Lab Exam preparation. This bootcamp will also benefit current CCIEs who may just desire or need to re-affirm their knowledge from a theoretical standpoint to recertify on the various technologies covered on the CCIE Routing & Switching written exam blueprint. CCIE Routing & Switching Written Exam Outline :: Runtime 8 hours 54 minutes Introduction VLANs,Trunking and VTP Spanning Tree Protocol EtherChannel Frame Relay IPv4 Routing Overview RIP EIGRP OSPF BGP IPv6 MPLS Multicast Security Network Services QoS Download: [Hidden Content]
  9. Internetwork Expert CCIE Routing&Switching OpenLecture Series V4 DISC 1&2 WMV | 6.56 GB Internetwork Expert's CCIE Routing & Switching Open Lecture Series is an ongoing online course - keeping in line with our revolutionary CCIE RS 4.0 Program model - which provides candidates continuing live interaction with the industry's most experienced CCIE authors and instructors. The dynamic format of this series ensures that candidates always have an outlet for getting their questions answered in real-time throughout the lifetime of their preparation. Screenshot Download Links: [Hidden Content]
  10. Hi Friends, I glanced through the K8, and I discovered is not as tough as K7. Remember *All Things Are Difficult Before They Are Easy. -- Thomas Fulle* Having believe this, I wanna start the K8 solution journey....and I knew God will see us through. I will be dedicated to amending the questions and solution till guys started passing. I've not been having enough time for this great forum for a while...work with some "confidential" matters has took all of my times. But I'm back again now. Please if you have questions or solution/s wrt K8, please post it here...I will vet it and if not comfortable with it...will say my concern. K8 topo V1 and 2 has been delete; its not accurate. K8 topology v3... [Hidden Content] K8 Initial: [Hidden Content] K8 topology v4... [Hidden Content] K8 BGP/IPv6 topo.. [Hidden Content] K8 Q & A: General Lab Guidelines 1. The equipment on the rack assigned to you is physically cabled and should not be tempered with. 2. Router and Switch host-names, basic IP addressing, ‘no exec-timeout’ and passwords on the Con, AUX and VTYs have been preconfigured. Do not change these configurations. 3. All preconfigured passwords are ‘cisco’. Do not change these passwords. 4. Static and default routes are not permitted unless directly stated in a question. This includes floating static routes. 5. Routers to Null generated as a result of a dynamic routing protocol solution are permitted. 6. If you need clarification on the meaning of a question, or, if you suspect hardware problems with you equipment, contact the lab proctor as soon as possible. 7. The following symbols are used throughout the exam: YY is your 2-digit rack number X is your device ID ZZ is Dev1+Dev2 Example: If your Rack number is 10 10.1YY.ZZ.X on R2 interface facing R4 is 10.110.24.2 or 10.2.YY.ZZ.X on SW1 facing SW3 is 10.212.68.6 Note: IP addresses were pre-configured VLANs were pre-configured on SW1 IPv6 addressing was also pre-configured (excluding the tunnel you have to create), there are also IPv6 addresses that are configured on interfaces that aren’t participating in IPv6 routing protocols: R3 – S0/0/0 R3 – G0/0 R1 – G0/1 R1 – S0/0/0.100 [*]Switches were already configured with ip routing and correct SDM templates No routing protocols have been preconfigured. The substantial initial configuration that is important is; the QOS configuration on MPLS enabled routers. Loopback IP address and VLANS Hostname Loopback 0 IP address RackYR1 1Y.X.X.X/32 RackYR2 1Y.X.X.X/32 RackYR3 1Y.X.X.X/32 RackYR4 1Y.X.X.X/32 RackYR5 1Y.X.X.X/32 RackYSW1 1Y.X.X.X/32 RackYSW2 1Y.X.X.X/32 RackYSW3 1Y.X.X.X/32 RackYSW4 1Y.X.X.X/32 BB1 150.1.Y.254/24 BB2 150.2.Y.254/24 BB3 150.3.Y.254/24 VLAN VLAN Name VLAN 16 R1-SW1 VLAN 18 R1-SW3 VLAN 28 R2-SW3 VLAN 36 R3-SW1 VLAN 45 R4-R5 VLAN 68 SW1-SW3 VLAN 69 SW1-SW4 VLAN 89 SW3-SW4 VLAN 100 R4-BB1 VLAN 200 R5-BB2 VLAN 300 SW4-BB3 VLAN 500 USERS VLAN 999 UNUSED_PORTS PPP R3: 10.1YY.35.3/24 R5: 10.1Y.35.55/24 Serial Connections R1: S0/0/1.Y 10.Y.15.1/24 R5: S0/0/0.Y 10.Y.15.5/24 R1: S0/0/1.100 10.1YY.15.1/24 R5: S0/0/0.100 10.1YY.15.5/24 R1: S0/0/0 10.Y.14.1/24 R4: S0/0/0 10.Y.14.4/24 R4: S0/0/1 10.Y.24.4/24 R2: S0/0/0 10.Y.24.2 Section 1 Layer 2 1.1 Initial Faults Guard root on SW1 trunk ports (int f0/19 – 24, no spanning-tree portfa guard root). DHCP snooping/ARP inspection on VLAN on any of SW1-SW4(no ip dhcp snooping vlan XX | no ip arp inspection vlan XX) Portfast trunk on SW4 trunk interfaces (int f0/19 – 24, no spanning-tree portfast). Root Guard on interfaces connected to backbone (sw1 – sw3, int f0/10, no spanning-tree guard). ip cef disabled on few routers ( enable ip cef ). vtp version, domain name, password difference ( vtp version should be 2, adjust domain name and password accord to test info). Backbone interfaces were shutdown and SW1 F0/10 had switchport protected ( Unshut the interfaces and put the port in unprotected state - no switchport protected ) BDPU Filter configured on all uplinks in one of the switches ( Remove the bpdufilter on those uplink ports - no spanning-tree bpdufilter enable ) 1.2 Implement Access Switch Ports of Switched Network Configure all of the appropriate non-trunking switch ports on SW1-SW4 according to the following requirements: VTP domain should be “CCIE” and password “cisco” VTPv2 should be configure with SW1 as server, SW2,SW3,SW4 vlan database should be updated by SW1 Configure the VLAN ID and Name according to the table below (case sensitive). Configure the access ports for each VLAN as per the diagram. All 4 switches must run in transparent mode after synchronization All unused ports including Giga ports have to be on access vlan 999 and shutdown. Complete Soln: SW1: Vtp mode server Vtp version 2 Vtp password Cisco Vtp domain CCIE Vlan 16 Name VLAN_16_R1_SW1 Vlan 18 Name VLAN_18_R1_SW3 Vlan 28 Name VLAN_28_R2_SW3 Vlan 36 Name Vlan_36_R3_SW1 Vlan 45 Name VLAN_45_R4_R5 Vlan 68 Name VLAN_68_Sw1_Sw3 Vlan 69 Name VLAN_69_SW1_SW4 Vlan 89 Name VLAN_89_SW3_SW4 Vlan 100 Name VLAN_100_BB1 Vlan 200 Name VLAN_200_BB2 Vlan 300 Name VLan_300_BB3 Vlan 500 Name VLAN_500_Clients Vlan 999 name UNUSED_PORTS Sw2/SW3/SW4 Vtp mode cleint Vtp version 2 Vtp password Cisco Vtp domain CCIE After syncronization, SW1/SW2/SW3/SW4 vtp mode transparent SW1/SW2 interface range fa0/6-9 , fa0/11-18 , Gi0/1-2 switchport access vlan 999 switchport mode access shutdown SW3 interface range fa0/1-9 , fa0/11-18 , Gi0/1-2 switchport access vlan 999 switchport mode access shutdown SW4 interface range fa0/1-18 , Gi0/1-2 switchport access vlan 999 switchport mode access shutdown Assigning ports to VLANs; careful here as this is what makes your topo. SW1 Int fa0/1 Switchport mode access Switchport access vlan 16 No shut Int fa0/2 Switchport mode access Switchport access vlan 28 No shut Int fa0/3 Switchport mode access Switchport access vlan 36 No shut Int fa0/4 Switchport mode access Switchport access vlan 100 No shut Int fa0/5 Switchport mode access Switchport access vlan 200 No shut Int fa0/10 Switchport mode access Switchport access vlan 100 No shut If the SVI is not pre-configured, then do this: SW1 Int vlan 16 Ip address 10.110.16.6 255.255.255.0 Int vlan 36 Ip address 10.110.36.6 255.255.255.0 int vlan 68 Ip address 10.110.68.6 255.255.255.0 int vlan 69 Ip address 10.110.69.6 255.255.255.0 Int lo0 Ip address 110.6.6.6 255.255.255.255 SW2 Int fa0/1 Switchport mode access Switchport access vlan 18 No shut Int fa0/2 No switchport Ip address 172.16.27.7 255.255.255.0 No shut Int fa0/3 No switchport Ip address 172.16.37.7 255.255.255.0 No shut Int fa0/4 Switchport mode access Switchport access vlan 45 No shut Int fa0/5 Switchport mode access Switchport access vlan 45 No shut Int fa0/10 Switchport mode access Switchport access vlan 200 No shut If the SVI is not pre-configured, then do this: SW2 Int lo0 Ip address 110.7.7.7 255.255.255.255 Int lo1 Ip address 71.71.71.71 255.255.255.255 Int lo2 Ip address 72.72.72.72 255.255.255.255 SW3 Int fa0/10 Switchport mode access Switchport access vlan 300 int vlan 18 ip address 10.10.18.8 255.255.255.0 int vlan 68 ip address 10.110.68.8 255.255.255.0 int vlan 28 ip address 10.10.28.8 255.255.255.0 int vlan 89 ip address 10.110.89.8 255.255.255.0 int vlan 500 ip address 10.110.188.8 255.255.255.0 int lo0 ip address 110.8.8.8 255.255.255.255 SW4 int vlan 89 ip address 10.110.89.9 255.255.255.0 int vlan 69 ip address 10.110.69.9 255.255.255.0 int lo0 ip address 110.9.9.9 255.255.255.255 int vlan 300 ip address 150.3.10.1 255.255.255.0 R1 int fa0/0 ip address 10.110.16.1 255.255.255.0 int fa0/1 ip address 10.10.18.1 255.255.255.0 int lo0 ip address 110.1.1.1 255.255.255.255 R2 int fa0/0 ip address 10.10.28.2 255.255.255.0 int fa0/1 ip address 172.16.27.2 255.255.255.0 int lo0 ip address 110.2.2.2 255.255.255.255 R3 int fa0/0 ip address 10.110.36.3 255.255.255.0 int fa0/1 ip address 172.16.37.3 255.255.255.0 int lo0 ip address 110.3.3.3 255.255.255.255 R4 int fa0/0 ip address 150.1.10.1 255.255.255.0 int fa0/1 ip address 10.10.45.4 255.255.255.0 int lo0 ip address 110.4.4.4 255.255.255.255 R5 int fa0/0 ip address 150.2.10.1 255.255.255.0 int fa0/1 ip address 10.10.45.5 255.255.255.0 int lo0 ip address 110.5.5.5 255.255.255.255 1.3 Spanning-Tree Domains for Switched Network Configure the switches according to the following requirements: · SW1 should be the root for all VLANs · SW2 should be the backup for all VLANs · STP timers should be the default timers on all switches · Spanning-tree should have an instance per VLAN and a rapid convergence · SW1 and SW2 should have the best chance to be root and backup root in case there is a new switch added to the topology · BPDUs should not be sent or received (Ignored) from BB1 – BB3 Complete Soln: SW1/SW2/SW3/SW4 Spanning-tree mode rapid-pvst SW1 Spanning-tree vlan 1-4094 priority 0 interface fa0/10 spanning-tree bpdufilter enable SW2 Spanning-tree vlan 1-4094 priority 4096 interface fa0/10 spanning-tree bpdufilter enable SW3 interface fa0/10 spanning-tree bpdufilter enable NOTE: Remember spanning-tree priority is increamenting by 4096 1.4 Configuring Switch Trunking and Ether-Channel Use the following requirements to configure the Ether-channel on SW1, SW2, SW3 and SW4: Use encapsulation 802.1q for all cross interface vlan 1 should be tagged accross trunks Disable DTP on all trunk interfaces Configure 200Mbps port-channel according to industry standard Load balancing should be done according to the source destination MAC address Complete Soln: SW1/SW2/SW3/SW4 conf t vlan dot1q tag native port-channel load-balance src-dst-mac Int range fa0/19 – 24 No Shut int range F0/19 - 24 sw trunk encap dot1q sw mode trunk sw none sw trun native vlan 1 Shut SW1 int range fa0/19 - 20 channel-group 13 mode active int range fa0/21 - 22 channel-group 14 mode active int range fa0/23 - 24 channel-group 12 mode active Int po12 Switchport trunk encapsulation dot1q Switchport mode trunk sw trun native vlan 1 Int po13 Switchport trunk encapsulation dot1q Switchport mode sw trun native vlan 1 Int po14 Switchport trunk encapsulation dot1q Switchport mode trunk sw trun native vlan 1 SW2 Int range fa0/19 – 20 Chennel-group 24 mode active Int range fa0/21 – 22 Chennel-group 23 mode active Int range fa0/23 – 24 Chennel-group 21 mode active Int po21 Switchport trunk encapsulation dot1q Switchport mode trunk sw trun native vlan 1 Int po23 Switchport trunk encapsulation dot1q Switchport mode trunk sw trun native vlan 1 Int po24 Switchport trunk encapsulation dot1q Switchport mode trunk sw trun native vlan 1 SW3 Int range fa0/19 – 20 Chennel-group 13 mode active Int range fa0/21 – 22 Chennel-group 23 mode active Int range fa0/23 – 24 Chennel-group 34 mode active Int po13 Switchport trunk encapsulation dot1q Switchport mode trunk sw trun native vlan 1 Int po23 Switchport trunk encapsulation dot1q Switchport mode trunk sw trun native vlan 1 Int po34 Switchport trunk encapsulation dot1q Switchport mode trunk sw trun native vlan 1 SW4 Int range fa0/19 – 20 Chennel-group 24 mode active Int range fa0/21 – 22 Chennel-group 14 mode active Int range fa0/23 – 24 Chennel-group 34 mode active Int po14 Switchport trunk encapsulation dot1q Switchport mode trunk sw trun native vlan 1 Int po24 Switchport trunk encapsulation dot1q Switchport mode trunk sw trun native vlan 1 Int po34 Switchport trunk encapsulation dot1q Switchport mode trunk sw trun native vlan 1 1.5 Advance L2 Features – I There will be 5 hosts connected to SW4 fa0/1 – fa0/5 in VLAN 500 The hosts shouldn’t receive any unknown unicasts or multicasts The hosts are not allowed to communicate with each other but need to communicate with the interface VLAN of VLAN 500 Do NOT use private VLANs Complete Soln: SW4 interface range fa0/1-5 switchport access vlan 500 switchport mode access switchport protected switchport block multicast switchport block unicast no shut Note: If the question says: hosts should reduce any received unknown unicast or multicast traffic by half Use: storm-control multicast level 50.00 storm-control unicast level 50.00 1.5 Advance L2 Features – I ( other version ) Switchport protected, to use private VLANs. Should use port security to dynamically add MAC address to the configuration Five users connected to VLAN 500 (SW3) These users will connect to SW4 ports Fa0/1-5 These ports should move quickly to the forwarding state These ports should be protected and learn the MAC address dynamically Shut the ports down if a violation occurs Complete Soln: SW3 int range fa01-5 swi access vlan 500 swi mode access spanning-tree portfast swi port-security swi port-security maximum 1 vlan 500 swi port-security violation shutdown swi protected no shut NOTE: You might not likely meet this version in your test. 1.6 Advance L2 Features – II SW1 shouldn’t allow any other devices to connect to fa0/1 – fa0/2 The switch should dynamically lean the MAC address of these interfaces The configuration should be saved eve if the switch reboots The violation for an incorrect MAC is to shutdown the interface BPDUs should not be sent or received from BB1-BB3 Complete Soln: SW1 interface range fa0/1-2 switchport port-security switchport port-security mac-address sticky switchport port-security maximum 1 Note: After configuration you will see: switchport port-security switchport port-security mac-address sticky switchport port-security mac-address sticky 001e:e74a:2583 (MAC address will differ) 1.6 Advance L2 Features – II ( other version ) Port fa0/1 and fa0/2 on SW1 should have port security enabled They have to learn only 1 MAC address dynamically on these ports The switch doesn’t have to re-learn the MAC address if it is rebooted Complete Soln: SW1 int range fa0/1-2 swi port-security swi port-secuirty mac-address sticky swi port-security maximum 1 no shut 1.7 Frame-relay configuration Use the following requirements to configure R1 and R5,R1 and R4,R2 and R4 for Frame-Relay Configure Back to back frame-relay between R1 and R5 Use sub-interface between R1 and R5 show in diagram Configure Back to Back frame-relay between R1 and R4 using DLCI 200 Configure Back to Back frame-relay between R2 and R4 using DLCI 1YY Configure that R4,R5 is the DCE for frame-relay connectivity Make Sure that keep-alives should BE ACTIVE on each interfaces Complete Soln: R1 int s0/0/0 encap frame-relay no shut int s0/0/0.10 point-to-point ip add 10.10.15.1 255.255.255.0 frame interface-dlci 110 int s0/0/0.100 point-to-poin ip add 10.110.15.1 255.255.255.0 frame interface-dlci 100 int s0/0/1 ip add 10.10.14.1 255.255.255.0 encap frame-relay frame map ip 10.10.14.4 200 broad frame map ip 10.10.14.1 200 no shu R5 frame-relay switching int s0/0/0 frame-relay intf-type dce encap frame-relay clockrate 64000 no shut int s0/0/0.10 point-to-point ip add 10.10.15.5 255.255.255.0 frame interface-dlci 110 int s0/0/0.100 point-to-point ip add 10.110.15.5 255.255.255.0 frame interface-dlci 100 R4 frame-relay switching int s0/0/0 encap frame-relay frame-relay intf-type dce clockrate 64000 ip add 10.10.14.4 255.255.255.0 frame map ip 10.10.14.1 200 broad frame map ip 10.10.14.4 200 no shut int s0/0/1 encap frame-relay frame-relay intf-type dce clockrate 64000 ip add 10.10.24.4 255.255.255.0 frame map ip 10.10.24.2 210 broad frame map ip 10.10.24.4 210 no shut R2 int s0/0/1 ip add 10.10.24.2 255.255.255.0 encap frame-relay frame map ip 10.10.24.4 210 broad frame map ip 10.10.24.2 210 no shut Section 2 - Layer 3 Guidelines After completing the IGP section all Loopback IPs (1YY.X.X.X) should be seen as /32 host routers Loopback IPs don’t have to appear in all IGPs, they can be redistributed from IGP to IGP but this is not a requirement (Note: This refers to SW4’ loopback) After completing the IGP section all prefixes should have reachability to all internal IP’s (Except SW2) This includes 150.3 Y.254 but doesn’t include the other BB VLANs (100 and 200) Do not redistribute between routing protocols unless specified in the question There is no requirement to reach BGP prefixes from internal networks unless specified in the question After completing the IGP section all routes should have routers to all subnets EIGRP Domain – IPs: 10.YY.X.0/24 RIP Domain – IPs: 10.1YY.Z.0/24 OSPF Domain – IPs: 10.1YY.Z.0/24 2.1 Implement IPv4 OSPF part I Configure OSPF on R1, R3, R5, SW1, SW3 according to the IGP diagram OSPF Router-id should be stable and configured using the Loopback 0 IP address OSPF process should be 100 SW3 should suppress OSPF hellos on VLAN 500 Area 1 should be configured as a stub allowing external routes to be injected Enable MPLS using LDP on links between: R3-R5 R1-R5 Ensure LDP connections are always sourced from the Loopback 0 IP address Complete Soln: SW1 router ospf 100 router-id 110.6.6.6 network 10.110.16.6 0.0.0.0 area 1 network 10.110.68.6 0.0.0.0 area 0 network 10.110.36.6 0.0.0.0 area 1 network 110.6.6.6 0.0.0.0 area 0 area 1 nssa SW3 router ospf 100 router-id 110.8.8.8 network 10.110.68.8 0.0.0.0 area 0 network 10.110.188.8 0.0.0.0 area 500 network 110.8.8.8 0.0.0.0 area 0 passive-interface Vlan500 area 500 filter-list prefix Vlan500 out ip prefix-list Vlan500 seq 5 deny 10.28.188.0/24 ip prefix-list Vlan500 seq 10 permit 0.0.0.0/0 le 32 R3 router ospf 100 router-id 110.3.3.3 log-adjacency-changes area 1 nssa network 10.110.35.3 0.0.0.0 area 1 network 10.110.36.3 0.0.0.0 area 1 network 110.3.3.3 0.0.0.0 area 1 mpls ldp router-id Loopback0 force mpls label protocol ldp interface Serial0/0/0 mpls ip R1 router ospf 100 router-id 110.1.1.1 area 1 nssa network 10.110.15.1 0.0.0.0 area 1 network 10.110.16.1 0.0.0.0 area 1 network 110.1.1.1 0.0.0.0 area 1 mpls ldp router-id Loopback0 force mpls label protocol ldp interface Serial0/0/1.100 point-to-point mpls ip R5 router ospf 100 router-id 110.5.5.5 area 1 nssa network 10.110.15.5 0.0.0.0 area 1 network 10.110.35.5 0.0.0.0 area 1 network 110.5.5.5 0.0.0.0 area 1 mpls ldp router-id Loopback0 force mpls label protocol ldp interface Serial0/0/0.100 point-to-point mpls ip interface Serial0/0/1 mpls ip 2.2 – Implement OSPF part II SW1 – should have the best chance to be the OSPF DR on VLAN 16,36,68 R3 – F0/0 and R1 – F0/1 should always be in the DROTHER state Complete Soln: SW1 interface vlan16 ip ospf priority 255 interface vlan36 ip ospf priority 255 interface vlan68 ip ospf priority 255 R1 interface FastEthernet0/1 ip ospf priority 0 R3 InterfaceFastEthernet0/0 ip ospf priority 0 2.3 – Implement IPv4 EIGRP Configure Enhanced Interior Gateway Routing Protocol (EIGRP) 100 on SW4 in order to establish EIGRP neighbor with Backbone 3 in the IGP topology diagram. BB3 has IP address 150.3.YY.254 and is using AS number 100 On R1,R2,R4,R5,SW3 configure the EIGRP AS YY to build the IGP part Disable auto-summary Adjust the Delay of interfaces f0/1 in R4 and R5 to 10,000 tens of microseconds Enable MPLS using LDP on the links between: R1-R4 R1-R5 R4-R5 R2-R4 [*]Ensure LDP connections are always sourced from the Loopback 0 IP address Complete Soln: SW4 router eigrp 100 no auto net 150.3.10.0 0.0.0.255 SW3 router eigrp 10 no auto net 10.10.18.0 0.0.0.255 net 10.10.28.0 0.0.0.255 R5 Router eigrp 10 no auto net 10.10.45.0 0.0.0.255 net 10.10.15.0 0.0.0.255 mpls ldp router-id Loopback0 force mpls label protocol ldp int fa0/1 delay 10000 mpls ip interface Serial 0/0/0.10 point-to-point mpls ip R4 Router eigrp 10 no auto net 10.10.14.4 0.0.0.255 net 110.4.4.4 0.0.0.0 net 10.10.45.0 0.0.0.255 net 10.10.24.0 0.0.0.255 mpls ldp router-id Loopback0 force mpls label protocol ldp interface Fa0/1 delay 10000 mpls ip interface Serial0/0/0 mpls ip interface Serial0/0/1 mpls ip R1 router eigrp 10 no auto net 10.10.15.0 0.0.0.255 net 10.10.14.0 0.0.0.255 net 10.10.18.0 0.0.0.255 offset-list 1 in 2147483647 Fa0/0 <- Fixes path selection for MPLS task access-list 1 permit host 110.2.2.2 mpls ldp router-id Loopback0 force mpls label protocol ldp interface Serial0/0/1.10 point-to-point mpls ip interface Serial0/0/0 mpls ip R2 Router eigrp 10 no auto net 110.2.2.2 0.0.0.0 net 10.10.24.0 0.0.0.255 net 10.10.28.0 0.0.0.255 mpls ldp router-id Loopback0 force mpls label protocol ldp interface Serial0/0/0 mpls ip 2.4 – Implement IPv4 RIP Configure RIP on SW1,SW3 and SW4 OR Configure RIP on interfaces according to IGP diagram Passive interface default – and remove needed interfaces Disable auto-summary Complete Soln: SW1 router rip ver 2 no auto passive-interface default no passive-interface vlan 69 net 10.0.0.0 SW3 router rip ver 2 no auto passive-interface default no passive-interface vlan 89 net 10.0.0.0 SW4 router rip ver 2 no auto passive-interface default no passive-interface vlan 69 no passive-interface vlan 89 net 10.0.0.0 net 110.0.0.0 2.5 Redistribute EIGRP into OSPF On R5 mutually redistribute between EIGRP and OSPF Do not redistribute between those protocols on any other router When redistributing OSPF to EIGRP there should be reachability to the OSPF domain even if the link between R4 and R5 is down Don’t change the OSPF administrative distance to do this Complete Soln: R5 router eigrp 10 redistribute ospf 100 metric 10000 100 255 1 1500 router ospf 100 redistribute eigrp 10 subnets interface Serial0/0/0.100 ip ospf cost 1000 -> Fixes a loop caused by EIGRP AD manipulation R1 router eigrp 10 distance eigrp 90 100 -> Allows R1 to advertise routes redistributed into EIGRP from OSPF 2.6 Redistribute OSPF into RIP/ EIGRP 100 into RP Redistribute OSPF into RIP Do not redistribute RIP into OSPF SW1 – originate a default router to all ospf areas SW1 – redistribute one way from OSPF to RIP Do not redistribute between those protocols on any other router (OSPF to RIP) SW4 – mutually redistribute between EIGRP 100 and RIP Do not correct any routing issues using static routes Complete Soln: SW1 router rip redistribute ospf 100 metric 5 router ospf 100 default-information originate always area 1 nssa default-information-originate SW4 router eigrp 100 redistribute rip metric 10000 100 255 1 1500 router rip redistribute eigrp 100 metric 5 2.7 Implement IPv4 iBGP Configure iBGP peering for R1, R2, R3, R4, R5, SW1,SW3 as per the following requirement. Minimize number of BGP peering sessions and all BGP speakers in AS YY except R1 must have only one iBGP peer R1 should always initiate the TCP session for the BGP connection for the BGP neighbor Configure 'no bgp default ipv4-unicast' on all BGP speakers All BGP connections should survive a physical link failure All BGP speaker must use md5 hash to secure the neighbor sessions Note: Unless prohibited you may use peer groups, Just do what the task asks. Some reports say that you are forbidden from doing this, in that case then don't. Despite confusion this does not change the number of peering SESSIONS, just the number of commands needed. Internally it does change the number of UPDATE GROUPS though, but that's not the same thing [CrackerJoe69] Complete Soln: R1 router bgp 10 no synchronization bgp router-id 110.1.1.1 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 110.2.2.2 remote-as 10 neighbor 110.2.2.2 transport connection-mode active neighbor 110.2.2.2 update-source Loopback0 neighbor 110.2.2.2 password cisco neighbor 110.3.3.3 remote-as 10 neighbor 110.3.3.3 transport connection-mode active neighbor 110.3.3.3 update-source Loopback0 neighbor 110.3.3.3 password cisco neighbor 110.4.4.4 remote-as 10 neighbor 110.4.4.4 transport connection-mode active neighbor 110.4.4.4 update-source Loopback0 neighbor 110.4.4.4 password cisco neighbor 110.5.5.5 remote-as 10 neighbor 110.5.5.5 transport connection-mode active neighbor 110.5.5.5 update-source Loopback0 neighbor 110.5.5.5 password cisco neighbor 110.6.6.6 remote-as 10 neighbor 110.6.6.6 transport connection-mode active neighbor 110.6.6.6 update-source Loopback0 neighbor 110.6.6.6 password cisco neighbor 110.8.8.8 remote-as 10 neighbor 110.8.8.8 transport connection-mode active neighbor 110.8.8.8 update-source Loopback0 neighbor 110.8.8.8 password cisco no auto-summary address-family ipv4 neighbor 110.2.2.2 activate neighbor 110.2.2.2 route-reflector-client neighbor 110.3.3.3 activate neighbor 110.3.3.3 route-reflector-client neighbor 110.4.4.4 activate neighbor 110.4.4.4 route-reflector-client neighbor 110.5.5.5 activate neighbor 110.5.5.5 route-reflector-client neighbor 110.6.6.6 activate neighbor 110.6.6.6 route-reflector-client neighbor 110.8.8.8 activate neighbor 110.8.8.8 route-reflector-client no sync no auto exit-address-family R2 router bgp 10 bgp router-id 110.2.2.2 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 110.1.1.1 remote-as 10 neighbor 110.1.1.1 transport connection-mode passive neighbor 110.1.1.1 update-source Loopback0 neighbor 110.1.1.1 password cisco address-family ipv4 neighbor 110.1.1.1 activate no sync no auto exit-address-family R3 router bgp 10 bgp router-id 110.3.3.3 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 110.1.1.1 remote-as 10 neighbor 110.1.1.1 transport connection-mode passive neighbor 110.1.1.1 update-source Loopback0 neighbor 110.1.1.1 password cisco no auto-summary address-family ipv4 neighbor 110.1.1.1 activate no sync no auto exit-address-family R4 router bgp 10 bgp router-id 110.4.4.4 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 110.1.1.1 remote-as 10 neighbor 110.1.1.1 transport connection-mode passive neighbor 110.1.1.1 update-source Loopback0 neighbor 110.1.1.1 password cisco address-family ipv4 neighbor 110.1.1.1 activate no sync no auto exit-address-family R5 router bgp 10 bgp router-id 110.5.5.5 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 110.1.1.1 remote-as 10 neighbor 110.1.1.1 transport connection-mode passive neighbor 110.1.1.1 update-source Loopback0 neighbor 110.1.1.1 password cisco address-family ipv4 neighbor 110.1.1.1 activate no sync no auto exit-address-family SW1 router bgp 10 bgp router-id 110.6.6.6 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 110.1.1.1 remote-as 10 neighbor 110.1.1.1 transport connection-mode passive neighbor 110.1.1.1 update-source Loopback0 neighbor 110.1.1.1 password cisco address-family ipv4 neighbor 110.1.1.1 activate no sync no auto exit-address-family SW3 router bgp 10 bgp router-id 110.8.8.8 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 110.1.1.1 remote-as 10 neighbor 110.1.1.1 transport connection-mode passive neighbor 110.1.1.1 update-source Loopback0 neighbor 110.1.1.1 password cisco address-family ipv4 neighbor 110.1.1.1 activate no sync no auto exit-address-family Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 110.2.2.2 4 10 73 75 6 0 0 01:04:23 0 110.3.3.3 4 10 74 75 6 0 0 01:04:57 0 110.4.4.4 4 10 73 75 6 0 0 01:04:28 5 110.5.5.5 4 10 73 74 6 0 0 01:04:58 0 110.6.6.6 4 10 73 74 6 0 0 01:04:23 0 110.8.8.8 4 10 13 15 6 0 0 00:08:27 0 Rack10R1# Rack10R1# 2.7 Implement IPv4 eBGP Configure eBGP as per diagram: BB1 and BB2 are in AS 254,peering with R4 and R5 BB1 and BB2 are advertising the same routes with different AS Path. Only R4 and R5 should see BGP routes from as 254 with the next-hops of VLAN 100 and VLAN 200 SW4 is in AS 144, peering with SW1 and SW3 SW4 should have multiple paths to reach AS254 (Peer with SW1 and SW3 and apply maximum-path 2); SW3 should load-balance traffic to AS254 to R1 and R2 You can verify this on SW3 by: 'show ip cef 197.68.1.0/24' Complete Soln: R4 router bgp 10 neighbor 150.1.10.254 remote-as 254 address-family ipv4 neighbor 110.1.1.1 next-hop-self neighbor 150.1.10.254 activate neighbor 150.1.10.254 route-map PREFER in exit-address-family route-map PREFER permit 10 set local-preference 200 R5 router bgp 10 neighbor 150.2.10.254 remote-as 254 address-family ipv4 neighbor 110.1.1.1 next-hop-self neighbor 150.2.10.254 activate neighbor 150.2.10.254 route-map AS in exit-address-family route-map AS permit 10 set as-path prepend 253 SW4 router bgp 144 bgp router-id 110.9.9.9 bgp log-neighbor-changes neighbor 10.110.69.6 remote-as 10 neighbor 10.110.69.6 ebgp-multihop 2 neighbor 10.110.89.8 remote-as 10 neighbor 10.110.89.8 ebgp-multihop 2 maximum-paths 2 no synchronization no auto-summary SW3 router bgp 10 neighbor 10.110.89.9 remote-as 144 neighbor 10.110.89.9 ebgp-multihop 2 address-family ipv4 neighbor 10.110.89.9 activate exit-address-family SW1 router bgp 10 neighbor 10.110.69.9 remote-as 144 neighbor 10.110.69.9 ebgp-multihop 2 address-family ipv4 neighbor 10.110.69.9 activate exit-address-family Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 10.110.89.9 4 144 10 10 6 0 0 00:05:30 0 110.1.1.1 4 10 11 9 6 0 0 00:05:13 5 Rack10SW3# Rack10SW3#sh ip cef 197.68.1.0/24 197.68.1.0/24 nexthop 10.10.18.1 Vlan18 nexthop 10.10.28.2 Vlan28 Rack10SW3# Rack10SW3# Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 110.1.1.1 4 10 148 146 6 0 0 02:10:57 0 150.1.10.254 4 254 146 147 6 0 0 02:11:03 5 Rack10R4# Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 110.1.1.1 4 10 148 149 6 0 0 02:12:55 5 150.2.10.254 4 254 90 89 6 0 0 01:16:51 5 Rack10R5# 2.8 Implement IPv6 Configure IPv6 OSPF and EIGRP as per "IPv6 Topology Diagram" Configure all Global unicast IP address to match 2001:YY:YY:SS::HH/MM Where YY stands for your two-digits rack number, SS is the third octet of the IPv4 address of the same interface, HH is the fourth octet of the IPv4 address of the same interface, MM is the subnet mask and must be /128 for loopback interface and /64 for other interfaces. Prefixes: All loopbacks /128 Other interfaces /64 LOOPBACK addressing is 2001:YY.YY:3rd_IPv4::4th_IPv4/128 OSPF IPv6 addressing is preconfigured: 2001:1YY:YY:3rd_IPv4::4th_IPV4 EIBRP IPv6 addressing is preconfigured: 2001:YY:YY:3rd_IPv4::4th_IPV4 Part I Enable OSPFv3 process 100 area 0 on vlan 68 of SW1 and SW3. Advertise lookbacks of SW1 and SW3 into this area. Enable EIGRP YY on R1,R2, R4, SW3, and R5 matching the IPv4 EIGRP YY domain. Complete Soln: SW1 sdm prefer dual-ipv4-and-ipv6 routing "reload" ipv6 unicast-routing ipv6 cef ipv6 router ospf 100 router-id 110.6.6.6 interface Loopback0 ipv6 ospf 100 area 0 interface Vlan 68 ipv6 ospf 100 area 0 SW3 sdm prefer dual-ipv4-and-ipv6 routing "reload" ipv6 unicast-routing ipv6 cef ipv6 router ospf 100 router-id 110.8.8.8 interface Loopback0 ipv6 ospf 100 area 0 interface Vlan 68 ipv6 ospf 100 area 0 ipv6 router eigrp 10 router-id 110.8.8.8 interface vlan 18 ipv6 enable ipv6 eigrp 10 interface vlan 28 ipv6 enable ipv6 eigrp 10 R2 ipv6 unicast-routing ipv6 cef ipv6 router eigrp 10 router-id 110.2.2.2 interface Loopback0 ipv6 enable ipv6 eigrp 10 interface FastEthenet0/0 ipv6 enable ipv6 eigrp 10 interface Serial0/0/0 ipv6 address FE80::2 link-local ipv6 eigrp 10 frame-relay map ipv6 FE80::2 210 broadcast frame-relay map ipv6 FE80::41 210 broadcast R1 ipv6 unicast-routing ipv6 cef ipv6 router eigrp 10 router-id 110.1.1.1 interface FastEthenet0/0 ipv6 enable ipv6 eigrp 10 interface Serial0/0/0 ipv6 address FE80::1 link-local ipv6 eigrp 10 frame-relay map ipv6 FE80::1 200 broadcast frame-relay map ipv6 FE80::40 200 broadcast interface Serial0/0/1.10 point-to-point ipv6 enable ipv6 eigrp 10 R4 ipv6 unicast-routing ipv6 cef ipv6 router eigrp 10 router-id 110.4.4.4 interface FastEthernet0/1 ipv6 enable ipv6 eigrp 10 interface Serial0/0/0 ipv6 address FE80::40 link-local ipv6 eigrp 10 frame-relay map ipv6 FE80::40 200 broadcast frame-relay map ipv6 FE80::1 200 broadcast interface Serial0/0/1 ipv6 address FE80::41 link-local ipv6 enable ipv6 eigrp 10 frame-relay map ipv6 FE80::41 210 broadcast frame-relay map ipv6 FE80::2 210 broadcast R5 ipv6 unicast-routing ipv6 cef ipv6 router eigrp 10 router-id 110.5.5.5 interface FastEthenet0/1 ipv6 enable ipv6 eigrp 10 interface Serial0/0/0.10 point-to-point ipv6 enable ipv6 eigrp 10 Rack10SW3#sh ipv os nei OSPFv3 Router with ID (110.8.8.8) (Process ID 100) Neighbor ID Pri State Dead Time Interface ID Interface 110.6.6.6 1 FULL/DR 00:00:37 23 Vlan68 Rack10SW3# Rack10R2#sh ipv eigr nei EIGRP-IPv6 Neighbors for AS(10) H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num 1 Link-local address: Et0/0 11 00:04:02 6 100 0 8 FE80::A8BB:CCFF:FE80:800 0 Link-local address: Se1/0 128 01:00:27 12 100 0 21 FE80::41 Rack10R2# Part II Create a tunnel between R1 and R3 and address it 2001:YY:YY:13:13::X/64 Put R3 also in the IPv6 EIGRP YY domain Redistribute between OSPFv3 and EIGRPv6 on SW3 Advertise Loopbacks on R3, R2, R4, and R1 into EIGRPv6 All router ID's should be stable and match the IPv4 router-IDs Make sure you have FULL reachability on every IPv6 device including all loopbacks and your tunnel between R1 and R3. Complete Soln: R1 interface Loopback0 ipv6 enable ipv6 eigrp 10 interface Tunnel13 no ip address ip MTU 1400 ipv6 address 2001:10:10:13:13::1/64 ipv6 enable ipv6 eigrp 10 tunnel source Loopback0 tunnel destination 110.3.3.3 tunnel mode gre ip R3 ipv6 unicast-routing ipv6 cef interface Loopback0 ipv6 enable ipv6 eigrp 10 interface Tunnel13 no ip address ip mtu 1400 ipv6 address 2001:10:10:13:13::3/64 ipv6 enable ipv6 eigrp 10 tunnel source Loopback0 tunnel destination 110.1.1.1 tunnel mode gre ip ipv router eigrp 10 router-id 110.3.3.3 SW3 ipv6 router eigrp 10 redistribute ospf 100 metric 10000 10 255 1 1500 include-connected ipv6 router ospf 100 redistribute eigrp 10 include-connected Rack10R3#sh ipv route IPv6 Routing Table - default - 21 entries Codes: C - Connected, L - Local, S - Static, U - Per-user Static route B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea IS - ISIS summary, D - EIGRP, EX - EIGRP external, NM - NEMO ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect l - LISP O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 D 2001:8:8:1::1/128 [90/27008000] via FE80::A8BB:CCFF:FE00:100, Tunnel13 D 2001:8:8:2::2/128 [90/28032000] via FE80::A8BB:CCFF:FE00:100, Tunnel13 LC 2001:8:8:3::3/128 [0/0] via Loopback0, receive D 2001:8:8:14::/64 [90/27392000] via FE80::A8BB:CCFF:FE00:100, Tunnel13 D 2001:8:8:15::/64 [90/27392000] via FE80::A8BB:CCFF:FE00:100, Tunnel13 D 2001:8:8:24::/64 [90/27904000] via FE80::A8BB:CCFF:FE00:100, Tunnel13 D 2001:8:8:28::/64 [90/27929600] via FE80::A8BB:CCFF:FE00:100, Tunnel13 D 2001:8:8:45::/64 [90/29952000] via FE80::A8BB:CCFF:FE00:100, Tunnel13 D 2001:10:10:1::1/128 [90/27008000] via FE80::A8BB:CCFF:FE00:100, Tunnel13 D 2001:10:10:2::2/128 [90/28032000] via FE80::A8BB:CCFF:FE00:100, Tunnel13 LC 2001:10:10:3::3/128 [0/0] via Loopback0, receive EX 2001:10:10:6::6/128 [170/27957760] via FE80::A8BB:CCFF:FE00:100, Tunnel13 EX 2001:10:10:8::8/128 [170/27957760] via FE80::A8BB:CCFF:FE00:100, Tunnel13 C 2001:10:10:13::/64 [0/0] via Tunnel13, directly connected L 2001:10:10:13:13::3/128 [0/0] via Tunnel13, receive D 2001:10:10:15::/64 [90/27392000] via FE80::A8BB:CCFF:FE00:100, Tunnel13 D 2001:10:10:18::/64 [90/52480000] via FE80::A8BB:CCFF:FE00:100, Tunnel13 D 2001:10:10:28::/64 [90/27929600] via FE80::A8BB:CCFF:FE00:100, Tunnel13 D 2001:10:10:45::/64 [90/29952000] via FE80::A8BB:CCFF:FE00:100, Tunnel13 EX 2001:10:10:68::/64 [170/27957760] via FE80::A8BB:CCFF:FE00:100, Tunnel13 L FF00::/8 [0/0] via Null0, receive Rack10R3# Rack10R3# 2.9 Implement MPLS VPN R3 and R5 should exchange VPNv4 labels using 3:3 R2 and R5 should exchange VPNv4 labels using 2:2 R2 and R3 shouldn't peer directly (R5 is VPNv4 RR) SW2 should only see its Loopback0 prefix (1YY.7.7.7) in the global routing table; SW2 should be divided to 2 VRFs SITE1 is connected to R3 and configured with Loopback 71: 71.71.71.71/32 and F0/3 172.16.37.7/24 in BGP AS177; SITE2 is connected to R3 and configured with Loopback 72: 72.72.72.72/32 and F0/2 172.16.27.7/24 in BGP AS177; Explicit null should be configured on both PEs; Verification should be done on SW2: Ping vrf SITE1 72.72.72.72 source lo1 (100% Success) Ping vrf SITE2 71.71.71.71 source lo2 (100% Success) Traceroute vrf SITE1 72.72.72.72 (Extended from Loopback71) (100% Success with all hops seen on the way ); Traceroute vrf SITE2 71.71.71.71 (Extended from Loopback72) (100% Success with all hops seen on the way ); Complete Soln: SW2 ip vrf SITE1 rd 3:3 ip vrf SITE2 rd 2:2 int loopback1 ip vrf forwarding SITE1 ip address 71.71.71.71 255.255.255.255 int loopback2 ip vrf forwarding SITE2 ip address 72.72.72.72 255.255.255.255 int Fa0/2 ip vrf forwarding SITE2 ip address 172.16.27.7 255.255.255.0 int Fa0/3 ip vrf forwarding SITE1 ip address 172.16.37.7 255.255.255.0 router bgp 177 bgp router-id 110.7.7.7 address-family ipv4 vrf SITE1 neighbor 172.16.37.3 remote-as 10 neighbor 172.16.37.3 activate network 71.71.71.71 mask 255.255.255.255 address-family ipv4 vrf SITE2 neighbor 172.16.27.2 remote-as 10 neighbor 172.16.27.2 activate network 72.72.72.72 mask 255.255.255.255 R2 mpls ldp router-id Loopback0 int s0/0/1 mpls ip mpls ldp exp ip vrf SITE2 rd 2:2 route-target export 2:2 route-target import 2:2 route-target import 3:3 int f0/1 ip vrf forwarding SITE2 ip address 172.16.27.2 255.255.255.0 no shutdown router bgp 10 neighbor 110.5.5.5 remote-as 10 -> This needs to be here so that you can configure and activate the VPNv4 address-family betwen R2 and R5 neighbor 110.5.5.5 update-source loopback0 -> This needs to be here so that you can configure and activate the VPNv4 address-family betwen R2 and R5 address-family vpnv4 neighbor 110.5.5.5 activate neighbor 110.5.5.5 next-hop-self address-family ipv4 vrf SITE2 neighbor 172.16.27.7 remote-as 177 neighbor 172.16.27.7 as-override -> AS-Override here is probably the best method, but you could also allow-as in on SW2. neighbor 172.16.27.7 activate R3 mpls ldp router-id Loopback0 int s0/0/0 mpls ip mpls ldp exp ip vrf SITE1 rd 3:3 route-target export 3:3 route-target import 3:3 route-target import 2:2 int f0/1 ip vrf forwarding SITE1 ip address 172.16.37.3 255.255.255.0 no shutdown router bgp 10 neighbor 110.5.5.5 remote-as 10 -> This needs to be here so that you can configure and activate the VPNv4 address-family betwen R3 and R5 neighbor 110.5.5.5 update-source loopback0 -> This needs to be here so that you can configure and activate the VPNv4 address-family betwen R3 and R5 address-family vpnv4 neighbor 110.5.5.5 activate neighbor 110.5.5.5 next-hop-self address-family ipv4 vrf SITE1 neighbor 172.16.37.7 remote-as 177 neighbor 172.16.37.7 as-override -> AS-Override here is probably the best method, but you could also alow-as in on SW2. neighbor 172.16.37.7 activate R5 mpls ldp router-id Loopback0 int s0/0/0.100 mpls ip int s0/0/0.10 mpls ip int s0/0/1 mpls ip router bgp 10 neighbor 110.2.2.2 remote-as 10 neighbor 110.2.2.2 update-source loopback0 neighbor 110.3.3.3 remote-as 10 neighbor 110.3.3.3 update-source loopback0 address-family vpnv4 neighbor 110.2.2.2 activate neighbor 110.2.2.2 route-reflector-client neighbor 110.3.3.3 activate neighbor 110.3.3.3 route-reflector-client NOTE: Make sure to activate the VPNv4 RR to both R2 and R3 otherwise your routes won't get there and be dropped at R5! [CrackerJoe69] R4 mpls ldp router-id Loopback0 int s0/0/0 mpls ip int s0/0/1 mpls ip R1 mpls ldp router-id Loopback0 int s0/0/0 mpls ip int s0/0/1.100 mpls ip int s0/0/1.10 mpls ip int f0/1 delay 100000 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 172.16.37.3 4 10 33 33 5 0 0 00:26:07 1 Rack10SW2# Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 172.16.27.2 4 10 37 38 5 0 0 00:31:21 1 Rack10SW2# Rack10W2#traceroute vrf SITE1 Protocol [ip]: Target IP address: 72.72.72.72 Source address: 71.71.71.71 Numeric display [n]: Resolve AS number in (G)lobal table, (V)RF or(N)one [G]: Timeout in seconds [3]: Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 72.72.72.72 VRF info: (vrf in name/id, vrf out name/id) 1 172.16.37.3 5 msec 5 msec 5 msec 2 10.110.35.5 67 msec 38 msec 36 msec 3 10.10.15.1 38 msec 38 msec 37 msec 4 10.10.14.4 39 msec 40 msec 38 msec 5 172.16.27.2 37 msec 73 msec 37 msec 6 172.16.27.7 34 msec * 38 msec Rack10SW2# Rack10SW2# Section 3 – Mulitcast 3.1 Implement multicast part 1 Enable IP multicast on all OSPF and EIGRP YY interfaces. Create loopback100 ( 200.100.100.100 ) on R3 and on R2, Advertise loopback 100 into OSPF on R3 Advertise loopback 100 into EIGRP on R2. R2 and R3 should announced the RP in loopback100 in a non Cisco-properietary method. SW1 should be able to ping reciever R4 F0/1 R4 F0/1 should simulate a join to group 232.1.1.1 Complete Soln: R1 ip cef ip multicast-routing int lo0 ip pim sparse-mode int fa 0/0 ip pim sparse-mode int fa0/1 ip pim sparse-mode int s0/0/0.10 point-to-point ip pim sparse-mode int s0/0/0.100 point-to-point ip pim sparse-mode int s0/0/1 ( interface facing R4 ) ip pim sparse-mode R2 ip cef ip multicast-routing Int lo0 ip pim sparse-mode interface Loopback100 ip address 200.100.100.100 255.255.255.255 ip pim sparse-mode int fa0/0 ( interface facing SW3 ) ip pim sparse-mode int s0/0/1 ( interface facing R4 ) ip pim sparse-mode ip pim rp-candidate Loopback100 group-list 10 ip pim bsr-candidate Loopback100 ip pim accept-register list 100 access-list 10 permit 232.1.1.1 access-list 100 permit ip 10.110.68.0 0.0.0.255 host 232.1.1.1 ip msdp peer 110.3.3.3 connect-source Loopback0 ip msdp originator-id Loopback0 R3 ip cef ip multicast-routing Int lo0 ip pim sparse-mode interface Loopback100 ip address 200.100.100.100 255.255.255.255 ip pim sparse-mode int fa0/0 ( interface facing SW1 ) ip pim sparse-mode int s0/0/0 ( interface facing R5 ) ip pim sparse-mode ip pim rp-candidate Loopback100 group-list 10 ip pim bsr-candidate Loopback100 ip pim accept-register list 100 access-list 10 permit 232.1.1.1 access-list 100 permit ip 10.110.68.0 0.0.0.255 host 232.1.1.1 ip msdp peer 110.2.2.2 connect-source Loopback0 ip msdp originator-id Loopback0 R4 ip cef ip multicast-routing int fa0/1 ( interface facing R5 ) ip igmp join-group 232.1.1.1 ip pim sparse-mode int s0/0/0 ip pim sparse-mode int s0/1/0 ip pim sparse-mode R5 ip cef ip multicast-routing int fa0/1 ip pim sparse-mode int s0/0/0.10 ip pim sparse-mode int s0/0/0.100 ip pim sparse-mode int s0/0/1 ( interface facing R3 ) ip pim sparse-mode SW1 ip cef dis ip multicast-routing dis int vlan 16 ip pim sparse-mode int vlan 36 ip pim sparse-mode int vlan 68 ip pim sparse-mode ip pim dr-priority 4294967294 SW3 ip cef dis ip multicast-routing dis int vlan 18 ip pim sparse-mode int vlan 28 ip pim sparse-mode int vlan 68 ip pim sparse-mode int vlan 500 ip pim sparse-mode 3.2 Implement multicast part 2 R3 must send the source active message cache to R2 R2 and R3 should only accept registers for group 232.1.1.1 R2 and R3 should only accept PIM registers for authorized sources ( VLAN 68 only ) Use only non-named ACLs to complete. Complete Soln: R2 ip pim rp-candidate Loopback100 group-list 10 ip pim accept-register list 100 access-list 10 permit 232.1.1.1 access-list 100 permit ip 10.110.68.0 0.0.0.255 host 232.1.1.1 R3 ip pim bsr-candidate loopback100 0 ip pim rp-candidate Loopback100 group-list 10 ip pim accept-register list 100 access-list 10 permit 232.1.1.1 access-list 100 permit ip 10.110.68.0 0.0.0.255 host 232.1.1.1 R4 access-list 10 permit 10.110.68.0 0.0.0.255 router eigrp 10 offset-list 10 in 150000 s0/0/0 ( interface to R1 ) Section 4 – Advance IP Features 4.1 QOS I (PBR ) Create new Loopback 148 on SW3 (148.x.0.8/32) and advertise it to EIGRP with any means available Create new Loopback 148 on R4 (148.x.0.4/32) and advertise it to EIGRP with any means available When issuing a traceroute from R4 to 148.X.0.8 traffic should be load-balanced accross R1/R2; R4, verify using traceroute 148.X.0.8 When issuing a traceorute from SW3 (source 148.x.0.8/32 destination 148.x.0x4/32) traceroute should always go to Vlan 18 If Vlan 18 is down this traffic cannot exit any other interface and should be dropped Complete Soln: R4 interface Loopback148 ip address 148.10.0.4 255.255.255.255 router eigrp 10 network 148.10.0.4 0.0.0.0 SW3 interface Loopback148 ip address 148.10.0.8 255.255.255.255 router eigrp 10 network 148.10.0.8 0.0.0.0 access-list 100 permit ip host 148.10.0.8 host 148.10.0.4 route-map PBR permit 10 match ip address 100 set interface vlan 18 null 0 route-map PBR permit 20 ip local policy route-map PBR Rack10SW3#traceroute Protocol [ip]: Target IP address: 148.10.0.4 Source address: 148.10.0.8 Numeric display [n]: Timeout in seconds [3]: Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 148.10.0.4 VRF info: (vrf in name/id, vrf out name/id) 1 10.10.18.1 10 msec 11 msec 10 msec 2 10.10.14.4 11 msec * 11 msec Rack10SW3# Rack10SW3# Rack10SW3# Rack10SW3#tra Rack10SW3#traceroute 148.10.0.4 Type escape sequence to abort. Tracing the route to 148.10.0.4 VRF info: (vrf in name/id, vrf out name/id) 1 10.10.18.1 10 msec 10.10.28.2 1 msec 10.10.18.1 11 msec 2 10.10.24.4 10 msec 10.10.14.4 12 msec * Rack10SW3# Rack10SW3# When int vlan 18 is DOWN Rack10SW3# Rack10SW3#conf t Enter configuration commands, one per line. End with CNTL/Z. Rack10SW3(config)#int vla 18 Rack10SW3(config-if)#shu Rack10SW3(config-if)#end Rack10SW3# Rack10SW3# Rack10SW3#trace Protocol [ip]: Target IP address: 148.10.0.4 Source address: 148.10.0.8 Numeric display [n]: Timeout in seconds [3]: Probe count [3]: Minimum Time to Live [1]: Maximum Time to Live [30]: Port Number [33434]: Loose, Strict, Record, Timestamp, Verbose[none]: Type escape sequence to abort. Tracing the route to 148.10.0.4 VRF info: (vrf in name/id, vrf out name/id) 1 * * * 2 * * * 3 * * Rack10SW3# Rack10SW3# 4.2 QOS II (MPLS QOS) There are preconfigured class-map and policy-maps on all MPLS routers. PEs should shape outgoing traffic to CE to CIR of 3Mbps Use only existing class-maps and do not create any new class-map. If you require you can use class-default in policy-map Your solution should survive a reload and a ping from CE with TOS 160 should reach other CE with TOS marking. Note: R2/R3 are both CE-FACING / MPLS-CORE FACING routers, and the following class-map and policy-map are predefined on them: Class-map match-all CRITICAL Match mpls experimental topmost 4 6 7 Class-map match-all BESTEFFORT Match mpls experimental topmost 1 2 3 Class-map match-all REALTIME Match mpls experimental topmost 5 Class-map match-all QOSGROUP123 match qos-group 1 match qos-group 2 match qos-group 3 Class-map match-all QOSGROUP5 Match qos-group 5 Class-map match-all QOSGROUP467 match qos-group 4 match qos-group 6 match qos-group 7 Class-map match-any class-default Match any Policy-map CE-FACING Class QOSGROUP123 bandwidth percent 30 Class QOSGROUP467 bandwidth percent 30 Class QOSGROUP5 priority percent 15 Policy-map MPLS-CORE-FACING Class CRITICAL bandwidth percent 30 Class BESTEFFORT bandwidth percent 30 Class REALTIME priority percent 15 R1/R4/R5 are MPLS-CORE FACING routers, and the following class-map and policy-map are predefined on them: Class-map match-all CRITICAL Match mpls experimental topmost 4 6 7 Class-map match-all BESTEFFORT Match mpls experimental topmost 1 2 3 Class-map match-all REALTIME Match mpls experimental topmost 5 Class-map match-any class-default Match any Policy-map MPLS-CORE-FACING Class CRITICAL bandwidth percent 30 Class BESTEFFORT bandwidth percent 30 Class REALTIME priority percent 15 Complete Soln: R2/R3 policy-map CORE-CE-FACING class CRITICAL set qos-group 467 class BESTEFFORT set qos-group 123 class REALTIME set qos-group 5 policy-map CE-FACING class QOSGROUP5 set ip precedence 5 policy-map PARENT-CE-FACING class class-default shape average 3000000 service-policy CE-FACING interface FastEthernet0/1 service-policy output PARENT-CE-FACING interface Serial0/0/1 service-policy input CORE-CE-FACING service-policy output MPLS-CORE-FACING 4.3 Implement SSH Configure R5 to allow only SSH access to itself Do not use the access-class command Allow a maximum of 16 users Console access should not prompt for a username and should go directly into exec mode Create a username named ‘guest’ with a password of ‘cisco’ that should be directed to exec mode Create a username named ‘admin’ with a password of ‘ccie’ that should be directed to enable mode on login Complete Soln: R5 enable password cisco username guest password cisco username admin privilege 15 password ccie ip domain name cisco.com ip ssh version 2 ip ssh maxstartup 16 crypto key generate rsa How many bits in the modulus [512]: 1024 line vty 0 15 login local transport input ssh line con 0 exec-timeout 0 0 logging synchronous no login local Rack10R3# Rack10R3#ssh -l admin 110.5.5.5 Password: Rack10R5# Rack10R5# Rack10R5# Rack10R5#exi [Connection to 110.5.5.5 closed by foreign host] Rack10R3# Rack10R3#ssh -l guest 110.5.5.5 Password: Rack10R5> Rack10R5> Rack10R5> 4.4 Securing Control Plane Rate limit SSH traffic to R5 interface to 16kbps (conform transmit, exceed drop) Do not configure burst SSH traffic from vlan 18 to R5 S0/0/1 should be excluded Use a single ACL named SSH for this traffic Drop ICMP_LIMIT traffic and HTTP/HTTPS traffic to R5 interfaces – class-map should be named BLOCK and match on ICMP_LIMIT and HTTP ACL HTTP ACL should contain 2 lines, ICMP_LIMIT should contain permit icmp any any Permit only ICMP_ECHO and echo-reply to R5 interface and police to 100 PPS with 10 packets burst size All ACLs and class-maps are case sensitive and should not contain “” Do not use match not in class-maps Complete Soln: R5 ip access-list extended SSH deny tcp 10.10.18.0 0.0.0.255 host 10.110.35.5 eq 22 permit tcp any any eq 22 ip access-list extended ALL_ICMP permit icmp any any ip access-list extended HTTP permit tcp any any eq 80 permit tcp any any eq 443 ip access-list extended ICMP_ECHO permit icmp any any echo permit icmp any any echo-reply class-map match-all SSH match access-group name SSH class-map match-any BLOCK match access-group name HTTP match access-group name ALL_ICMP class-map match-all ICMP_LIMIT match access-group name ICMP_ECHO policy-map CONTROL class SSH police cir 16000 conform-action transmit exceed-action drop class ICMP_LIMIT police rate 100 p ps burst 10 packets class BLOCK drop class class-default control-plane service-policy input CONTROL 4.5 Securing Layer 2 Users in VLAN 500 should only be able to access SMTP, HTTP, ICMP and DNS (UDP only) to any host Use a single named ACL and do not use any deny statements The configuration should be done on SW3 Complete Soln: SW3 ip access-list extended VLAN500_USER permit tcp any eq smtp 10.110.188.0 .0.0.0.255 permit udp any eq domain 10.110.188.0 .0.0.0.255 permit tcp any eq www 10.110.188.0 .0.0.0.255 permit tcp any eq telnet 10.110.188.0 .0.0.0.255 permit icmp any 10.110.188.0 .0.0.0.255 int vlan 500 ip access-group VLAN500_USER out Securing Layer 2 -part II Configure SW3 as follows: There are SMTP (TCP 25), DNS (UDP 53) and HTTP (TCP 80) servers on VLAN500. There has been abuse of the network. Clients on VLAN500 should be allowed to access these servers. All other networks should be allowed to access these servers. All other traffic should be denied. Do not use any IP addressess in your solution. You may only use one ACL, and you may only use the permit statement. Complete Soln: access-list 100 permit tcp any any eq smtp access-list 100 permit tcp any eq smtp any access-list 100 permit tcp any any eq www access-list 100 permit tcp any eq www any access-list 100 permit udp any any eq domain access-list 100 permit udp any eq domain any vlan access-map VLAN500_USER 10 match ip address 100 action forward vlan filter VLAN500_USER vlan-list 500 4.6 Network Time Protocol (NTP) R1 should be master 1 R3 and R5 should be clients and authenticate with the server Use NTP authentication key “cisco” Calendar should update periodically The clocks should survive a router reload Complete Soln: R1 ntp authentication-key 1 md5 cisco ntp trusted-key 1 ntp master 1 ntp update-calendar R3/R5 ntp authentication-key 1 md5 cisco ntp authenticate ntp trusted-key 1 ntp update-calendar ntp server 110.1.1.1 key 1 source Loopback0 If Q did not say authenticate using so so key...then forget about key and authetication Rack10R3#sh ntp sta Clock is synchronized, stratum 2, reference is 110.1.1.1 nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**10 reference time is D55DA344.A51EBA18 (13:34:12.645 CET Sat Jun 8 2013) clock offset is -4.0000 msec, root delay is 10.00 msec root dispersion is 949.43 msec, peer dispersion is 191.92 msec loopfilter state is 'CTRL' (Normal Controlled Loop), drift is 0.000000000 s/s system poll interval is 64, last update was 148 sec ago. Rack10R3# Rack10R3# Rack10R5#sh ntp sta Rack10R5#sh ntp status Clock is synchronized, stratum 2, reference is 110.1.1.1 nominal freq is 250.0000 Hz, actual freq is 250.0000 Hz, precision is 2**10 reference time is D55DA395.C24DD508 (13:35:33.759 CET Sat Jun 8 2013) clock offset is 1.5000 msec, root delay is 7.00 msec root dispersion is 446.80 msec, peer dispersion is 440.22 msec loopfilter state is 'CTRL' (Normal Controlled Loop), drift is 0.000000005 s/s system poll interval is 64, last update was 43 sec ago. Rack10R5# Rack10R5# 4.7 Implement Gateway load balance protocol (GLBP) Configure FHRP with IP 10.x.45.1 on R4 and R5 F0/1 R4 should be configured with a weight of 150 and should serve 3 requests per 1 request of R5 Authenticate using the most secure method using a password of ‘CCIE123’ (Do not use a key chain) Active role can be preempted Complete Soln: R4 Interface FasEthernet0/1 glbp 1 ip 10.10.45.1 glbp 1 preempt glbp 1 weighting 150 glbp 1 load-balancing weighted glbp 1 authentication md5 key-string CCIE123 R5 interface FastEthernet 0/1 glbp 1 ip 10.10.45.1 glbp 1 preempt glbp 1 weighting 50 glbp 1 load-balancing weighted glbp 1 authentication md5 key-string CCIE123 Section 5 – Network optimize 5.1 Network Management ( Configuration Archive ) Passwords should not be included in this export Export all configuration changes on R1 to syslog 10.1YY.68.100 Configuration changes should keep 10 records Configuration changes should not be stored locally Complete Soln: R1 logging on logging host 10.110.68.100 archive log config logging enable logging size 10 notify syslog notify syslog contenttype plaintext hidekeys 5.2 Implement EEM The administer ask you implement a simple script on R3 Need to match " %SYS-5-RESTART ", then do a shut / no shut to gigabit interfaces. Complete Soln: R3 logging on logging con logging buff event manager applet SHUT-NOSHUT event syslog pattern ".*%SYS-5-RESTART.*" action 1.0 cli command "enable" action 2.0 cli command "conf t" action 3.0 cli command "int g0/0" action 4.0 cli command "shut" action 5.0 cli command "no shut" action 6.0 cli command "int g0/1" action 7.0 cli command "shut" action 8.0 cli command "no shut" Thank you all. RIKITEE.
  11. CCIE Routing & Switching Deep Dive Implementing IP Multicast Course (2012) | ISO | 2.12 GB Genre: Video Training The Implementing IP Multicast Deep Dive is the best way to learn, polish and refine your multicast skills. This deep dive consists of over 14 hours of instructor-led videos designed to give you the knowledge you need to prepare you for the latest CCIE Lab Exam and help with your everyday job. CCIE Routing & Switching Deep Dive Implementing IP Multicast Course Outline :: Runtime 14 hours 48 minutes Module 1 Lesson 1 – Introduction Lesson 2 – IPv4 Multicast Overview Lesson 3 – IP Multicast Components Lesson 4 – PIM Dense Mode Lesson 5 – PIM Dense Configuration Examples Lesson 6 – PIM Sparse Mode Lesson 7 – PIM Sparse Mode Configuration Module 2 Lesson 1 – Advanced PIM – Auto-RP Lesson 2 – Advanced PIM – Auto-RP Configuration Lesson 3 – Advanced PIM – BSR Lesson 4 – Advanced PIM – PIM over NBMA Lesson 5 – Advanced PIM – Bidirectional PIM Lesson 6 – Advanced PIM – SSM Module 3 Lesson 1 – Inter-AS Multicast – MSDP Lesson 2 – Inter-AS Multicast – MBGP Lesson 3 – Anycast RP Lesson 4 – Multicast Features – Multicast over GRE & RPF Failure Lesson 5 – Multicast Features Lesson 6 – Layer 2 Multicast Lesson 7 – IPv6 Multicast Download Links: [Hidden Content]
  12. Hi guys, as i have finished INE workbook all volumes , i am preparing for my lab exam by next month. I am new in this forum and dont know where to get the dumps for the exam in this forum .As i have noticed that some of the guys have passed the exam by following this forum . So, kindly guide me where to look for the lab dumps for practice.Any reply would be appreciated. Thanks
  13. This is taken from the icebreaker101010's share [Hidden Content] Thanks icebreaker for all the effort. [Hidden Content]
  14. Hi Guys, Does anyone know about the weight of three Sections? I know that there is exam cut Score & also each section cut Score. We must pass all sections plus achieve total cut score as well. What I want to ask is that: Is the Overall Cut Score has fair Weightage? CFG (33%) + TS (33%) + DIAG (33%) If yes, then is it true: Each Correct answer (1/6) in DIAG (16% of total DIAG score) = 12points Correct in CFG Section (e.g. three sections in CFG with each 4points) My main concern is that since CFG is difficult & lengthy as compared to DIAG. So, if we make one small answer wrong in DIAG then it is same as making three whole CFG sections wrong. I know my Question is getting a bit complex if you have not think about it in detail already. But reply me if need any clarification to understand the Question. This is very important to understand because I have seen many people with PASS+PASS+PASS = FAIL due to not achieving overall Cut Score.
  15. Hi! If someone has latest INE workbook for CCIE R&S version 5 400-101 then kindly share it with me. Thanks in advance.
  16. This question is to allow everybody to be prepared for their first attempt. Please share with the community : 1- Location of Lab ? 2- Date? 3- TS5 , MSDP, MPLS ? Which version? 4- Lab? k7, K7+, K8, K8+ ?? Please let us know so we can get prepared. TY all.
  17. Internetwork Expert CCIE Routing & Switching Advanced Technologies On Demand 4.5 (2011) English | MOV | 960×540 | AVC 4195 Kbps 29.970 fps | AAC 128 Kbps 44.1 khz | >80 hours | 28.1 GB Genre: eLearning <!--more--> The CCIE Routing & Switching Advanced Technologies Class is the first step in understanding CCIE level technologies and is a companion to the Advanced Technologies Lab Workbook. Each technology you need to know for the CCIE Routing & Switching lab will be described in detail using an instructor led hands on demonstration. The class consists of nearly 80 hours of in depth explanations and examples. content: Download Links NO PASSWORD --- Recovery Record included! [Hidden Content]
  18. Do we need to advertise Loopback 0 of R1, R3 & R5 in IPV6, even if IPv6 address are configured on those interfaces. As per Ques, we need to run IPv6 on EIGRP YY & OSPF area 0 only. As Loopback of R1, R3 & R5 are in OSPF area 1. Also in tunnel , we are using R1 & R3 Loopback IPv4 to form tunnel. ============== Configure your network as per "Diagram 4 :IPv6 Routing" and according to the following requirements: • Configure EIGRPv6 YY on all routers in the EIGRPv4 AS YY • Use the Loopback 0 IPv4 address as the EIGRPv4 router ID. • Configure the area 0 of OSPFv6 (between the SW1 and SW3 as shown the "Diagram of IPv6 Routing"). ==============
  19. Hi Folks, I wanted to consolidate a thread of all the active K labs and TSHOOT scenarios, now I am not asking which lab I'll get or he'll get etc, I am just starting the thread to verify and keep a sense of direction; since work done in the right direction will lead to results. As per my opinion the active K labs are K6, K6++, K7 and K8. Tshoot I presume all are active MPLS v1 and v2, MSDP v1 and v2, Ts5 v1 and v2 and MPLSv3. Please leave a comment, any information is welcome. Thanks, @titude.
  20. Hi Folks, First of all a big shout out to UldisD for the hardwork. The web-iou tool is a gem. Here are my answers to the new MPLSv3 tshoot lab. I am not including the questions as they can be found in the pdf file available. The answers are in sequence-- 1. changes on R22- change dlci to 22 from 23. change fram lmi type to ansi change eek to bidirectional change the md5 hash on the fr interface to match r23. changes on R23-- apply map-class to fr interface change ospf network type to pont to point 2.changes on SW2 (raise the revision number here to propagate the vlan)-- change vtp pass change domain name to CCIE (Change the domain name first and then the password, I LOST VLAN 114 on SW2) change the access vlan on the port to r14 change cost on e2/3 for mst 2 to make it root port. 3. changes on R26-- change loopback to area 1 configure area 1 as nssa remove the not-advertise with the summary address command in OSPF in RIP correct the network advertised changes on R25-- shutdown OSPF on the loopback interface (ip ospf shutdown) changed the mask of the loopback to /32 (not sure if allowed or not.) changes on R23-- shutdown ospf on loopback interface changes on R21-- remove the not advertise from the area range command changes on R27-- shutdown ospf on the loopback interface correct the PBR next-hop 4. changes to R2- change bgp cluster-id to 2 change policy-map copp to conform transmit change the next-hop in route-map to 10.1.1.4 changes on R6-- change the network mask to advertise 10.6.6.6 in place of 10.1.1.6 activate R1 in address-family changes on R4-- ad 255 on route for 10.1.1.2 to null0 5. changes on R5-- enable cef put interface e0/2 in vrf Site-A tweak the import-map prefix-list to import the subnet between R20 and R4 changes on R1- permit 10.1.1.5 in MPLS LDP advertise-labels ACL allow 10.1.1.4 tcp port 646 in ACL 100 to permit tcp host 10.1.1.4 any eq 646 changes on R2-- change the ports of ACL entries in ACL 100 to allow port 646 from R3 and R4. permit 10.1.1.5 in MPLS LDP advertise-labels ACL changes on R4-- change mpls label prot to ldp from tdp redistribute ospf in bgp ipv4 vrf 6. changes on R5-- no ipv6 nd ra suppress on e0/2 advertise e0/2 in OSPFv3 Apply IPv6 ACl CCIE out on e0/0 and e0/1 instead of in. changes on R4-- change the router-id to 10.1.1.4 in OSFv3 7. changes on R9-- **(Found my mistake, this is incorrect. Matching and prec set is being done in class-map SILVER).** change class-map gold to match-any change match ip precedence 5 to precedence 4 set ip precedence to 5 in policy-map 8. changes on R27- change the syslog pattern match add action 1.0 cli command "enable" change the action 3.0 to e0/1 in place of eO/O 9.changes on R19-- change the DHCP network change the default-router in dhcp pool change the acl on e0/0 to 104 from 102 changes on R17-- change the key chain to match R16 and R19 changes on R18 change the key chain to match R16 and R19 10. changes on R22 change the ospf authentication paste from R20 swap the nat in out interfaces change nat pool www to 10.1.1.22 change acl nat_in to match destination port 23 instead of source port 23 change the ip nat statements to include inside argument 11.changes on R15-- tweak the local database for R16 change R_16 to R16 and copy password from the serial interface of R16 change ntp stratum to 5 changes on R16-- apply the eigrp authentication under serial interface changes on R18 copy the ntp authentication key from r15 12. changes on R3-- change eigrp AS to 101 in VRF do, no auto-summary under eigrp process apply eigrp authentication under s1/0 red bgp in eigrp as 101 changes on R6-- apply area 101 authentication in ospf i hope these would be helpful to everyone preparing, also please feel free to point out any mistakes or if you have a better method to complete the tickets. I am not including the commands and output here for brevity. Thanks, @titude
  21. Hello Guys I passed K8 but failed new TSv5 We were 4 guys for R&S, 2 got K8 and 1 got K6++ THERE IS NO SUCH THING AS K8+ --THESE ARE JUST RUMOURS FROM THE DUMP WEBSITE TO SELL THEIR STUFF i GUARANTEE For TS I was able to clear 7 question very quickly, Scored 68% The MPLS question was having too many faults and was not able to solve that question Frame Relay question I solved and the output match with the needed question , but I think I did not get point for this question Switching- sw5 no changes allowed sw6 i change mst 1 cost 1 on the trunk as well as the passive vlan 6 --but still I was not able to match the needed output Lab- K8 was same except some wording here and there, I was not able to solve NTP ticker, NTP SERVER < IP ADDRESS> ----THIS COMMAND DID NOT WORK ON ANY ROUTERS------!!!!!!! IT WAS WORKING ON SWITCHES BUT NOT ON ROUTER........ANYBODY KNOW WHY I GOT 0 IN MULTICAST THOUGH I WAS ABLE TO PING 232.1.1.1 FROM SW1 I dont know the reason for this.... I followed CCIE soldier solution , but i think the multicast part of that solution is not correct Thanks
  22. It was my first attempt, But i studied hard . but i failed i cant pass on TP , i passed lab. will share my experience tmrw ..good night guys....i think i cant pass in this tough situation again.
  23. While i was trying to download i happen to see above extensions with every ios images . What is difference between them , which one is recommeneded for ccie r& s workbook studies. Your evry reply is appreciated.
  24. oxzgan

    DHCP question K1

    Do you guys understand the dhcp question at k1 lab ?Me got some doubts , At dhcp server different dhcp pools are created dhcp pool0, pool1 , pool2,pool3 At dhcp server pool 0 only domain name and netbios servr ,dns server added. At dhcp pool 1 , 2 , and 3 have differnet default router ip. My question is will dhcp pool1 , 2,3 inherit from Dhcp pool?If yes dhcp pool 0 should inherit from pool1,2,3 too? is it? What if i created pool name with words like dhcp pool name , name 1, name 2 etc ...will this inherit feature avaialble? My next question is How the clients choose appropriate dhcp pool.Each dhcp pool is conifugured with different network ranges like 15.32/27, 15.160/27 , 15.192/27 ( pool1 , pool 2, pool 3) main pool 0 is having 15.0/24 How the clients under vlaan c, h, a,b will choose correct pool? At client side only helper address is configured and which same for all clients , so how they make decision . Any comments will be helpful for us..
  25. CCIE Routing & Switching Deep Dive Implementing IP Multicast Course (2012) | ISO | 2.12 GB Genre: Video Training The Implementing IP Multicast Deep Dive is the best way to learn, polish and refine your multicast skills. This deep dive consists of over 14 hours of instructor-led videos designed to give you the knowledge you need to prepare you for the latest CCIE Lab Exam and help with your everyday job. CCIE Routing & Switching Deep Dive Implementing IP Multicast Course Outline :: Runtime 14 hours 48 minutes Module 1 Lesson 1 – Introduction Lesson 2 – IPv4 Multicast Overview Lesson 3 – IP Multicast Components Lesson 4 – PIM Dense Mode Lesson 5 – PIM Dense Configuration Examples Lesson 6 – PIM Sparse Mode Lesson 7 – PIM Sparse Mode Configuration Module 2 Lesson 1 – Advanced PIM – Auto-RP Lesson 2 – Advanced PIM – Auto-RP Configuration Lesson 3 – Advanced PIM – BSR Lesson 4 – Advanced PIM – PIM over NBMA Lesson 5 – Advanced PIM – Bidirectional PIM Lesson 6 – Advanced PIM – SSM Module 3 Lesson 1 – Inter-AS Multicast – MSDP Lesson 2 – Inter-AS Multicast – MBGP Lesson 3 – Anycast RP Lesson 4 – Multicast Features – Multicast over GRE & RPF Failure Lesson 5 – Multicast Features Lesson 6 – Layer 2 Multicast Lesson 7 – IPv6 Multicast Download Links: [Hidden Content]
×
×
  • Create New...