Wednesday, November 27, 2013
Tuesday, November 26, 2013
BGP Case Study
Objectives
• Plan, design, and implement the International Travel Agency core network.• Plan, design, and implement the Travel Data Providers network.
• Allow the networks to communicate via BGP.
• Verify that all implementations are operational and functional according to the guidelines.
Requirements
1. Use the addressing scheme shown in the diagram.
2. Configure the ITA network to be in EIGRP AS 65001.
3. Configure the TDP network to be in EIGRP AS 65002.
4. Disable automatic summarization in both EIGRP domains.
5. Configure the ITA network to be in BGP AS 65001, and the TDP network to be in BGP AS 65002.
6. Advertise the 192.168.14.0/30 and 192.168.34.0/30 networks in both EIGRP autonomous systems.
7. Configure the interfaces on the border routers between the two EIGRP autonomous systems, so they do not send EIGRP packets.
8. All routers will be participating in BGP. Configure all routers for a full mesh of IBGP peers in each system.
9. Peer R1 and R2 using loopback addresses, not their directly connected interfaces.
10. Advertise all loopback interfaces into the BGP process, except on R2, where the only loopback advertised should be loopback 2.
11. On R2, create a static summary route for the rest of its loopback interfaces and advertise this static route in BGP.
12. R4 should send a summary route to ITA representing all the R4 loopback interfaces.
13. R4 should prefer the path to ITA networks via the Ethernet link between R1 and R4. Accomplish this by modifying the MED advertised to TDP.
14. Routers in the ITA AS should prefer the path to TDP networks via the Ethernet link between R1 and R4. Accomplish this by modifying the local preference of routes being advertised in from TDP.
Wednesday, November 13, 2013
Using the AS_PATH Attribute
• Use BGP commands to prevent private AS numbers from being advertised to the outside world.
• Use the AS_PATH attribute to filter BGP routes based on their source AS numbers.
Background
The International Travel Agency’s ISP has been assigned an AS number of 300. This provider uses BGP to exchange routing information with several customer networks. Each customer network is assigned an AS number from the private range, such as AS 65000. Configure the ISP router to remove the private AS numbers from the AS Path information of CustRtr. In addition, the ISP would like to prevent its customer networks from receiving route information from International Travel Agency’s AS 100. Use the AS_PATH attribute to implement this policy.
Step 1: Prepare the routers for the lab.
Step 2: Configure the hostname and interface addresses.
Step 3: Configure BGP.
Step 4: Remove the private AS.
a. Display the SanJose routing table using the show ip route command. SanJose should have a route to both 10.2.2.0 and 10.3.3.0. Troubleshoot if necessary.
Ping the 10.3.3.1 address from SanJose.
Q : Why does this fail?
Ans : This fails because SanJose sources the ping with its closest connected interface s0/0/0 with IP address 192.168.1.5. CustRtr does not have a route back to that interface, so the ping replies cannot return to SanJose.
Configure ISP to strip the private AS numbers from BGP routes exchanged with SanJose using the following commands.
Step 5: Use the AS_PATH attribute to filter routes.
As a final configuration, use the AS_PATH attribute to filter routes based on their origin. In a complex environment, you can use this attribute to enforce routing policy. In this case, the provider router, ISP, must be configured so that it does not propagate routes that originate from AS 100 to the customer router CustRtr.
AS-path access lists are read like regular access lists. The statements are read sequentially, and there is an implicit deny at the end. Rather than matching an address in each statement like a conventional access list, AS path access lists match on something called a regular expression. Regular expressions are a way of matching text patterns and have many uses. In this case, you will be using them in the AS path access list to match text patterns in AS paths.
For more details on configuring regular expressions on Cisco routers, see:
http://www.cisco.com/en/US/docs/ios/12_2/termserv/configuration/guide/tcfaapre_ps1835_TSD_Products_Configuration_Guide_Chapter.html
Final Device Config :
=========================================================================
SanJose#sh running-config
Building configuration...
Current configuration : 1167 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SanJose
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
no ip icmp rate-limit unreachable
ip cef
ip tcp synwait-time 5
!
no ip domain lookup
!
interface Loopback0
ip address 10.1.1.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 192.168.1.5 255.255.255.252
clock rate 128000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router bgp 100
no synchronization
bgp log-neighbor-changes
network 10.1.1.0 mask 255.255.255.0
neighbor 192.168.1.6 remote-as 300
no auto-summary
!
ip classless
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
=========================================================================
CustRtr#sh running-config
Building configuration...
Current configuration : 1170 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CustRtr
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
no ip icmp rate-limit unreachable
ip cef
ip tcp synwait-time 5
!
no ip domain lookup
!!
interface Loopback0
ip address 10.3.3.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 172.24.1.18 255.255.255.252
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router bgp 65000
no synchronization
bgp log-neighbor-changes
network 10.3.3.0 mask 255.255.255.0
neighbor 172.24.1.17 remote-as 300
no auto-summary
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
=========================================================================
ISP#sh running-config
Building configuration...
Current configuration : 1461 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
no ip icmp rate-limit unreachable
ip cef
ip tcp synwait-time 5
!
no ip domain lookup
!
interface Loopback0
ip address 10.2.2.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 192.168.1.6 255.255.255.252
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
ip address 172.24.1.17 255.255.255.252
clock rate 128000
!
interface Serial0/2
no ip address
shutdown
clock rate 2000000
!
interface Serial0/3
no ip address
shutdown
clock rate 2000000
!
router bgp 300
no synchronization
bgp log-neighbor-changes
network 10.2.2.0 mask 255.255.255.0
neighbor 172.24.1.18 remote-as 65000
neighbor 192.168.1.5 remote-as 100
neighbor 192.168.1.5 remove-private-as
no auto-summary
!
ip classless
!
ip as-path access-list 1 deny ^100$
ip as-path access-list 1 permit .*
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
=========================================================================
Tuesday, November 12, 2013
Configuring BGP with Default Routing
Objectives
• Configure BGP to exchange routing information with two ISPs.
Step 1: Prepare the routers for the lab.
Step 2: Configure the hostname and interface addresses.
Step 3: Configure BGP on the ISP routers
Step 4: Configure BGP on the ITA boundary router.
Step 5: Verify BGP on the routers.
Q : What is the local router ID?
Ans : The local router ID is 192.168.1.1.
Q : Which table version is displayed?
Ans : The table version displayed is 5.
An asterisk (*) next to a route indicates that it is valid. An angle bracket (>) indicates that the route has been selected as the best route.
Q : From ISP1, what is the path to network 172.16.1.0/24?
Ans : The path is through AS 100 (ITA) and AS 300 (ISP2).
Q: Which table version is displayed? Why?
Ans : The table version displayed is an increment of the last one, which is 6 in the example. The shutdown command causes a routing table update, so the version should be one higher than the last.
Q : What happened to the route for network 10.1.1.0/24?
Ans : It is no longer in the BGP table because interface Lo0 on ISP1 is down.
Q : Based on the output of this command, what is the BGP state between this router and ISP2?
Ans : The BGP state is established.
Q : How long has this connection been up?
Ans : The connection has been up for 00:16:00.
Step 6: Configure route filters.
If ITA advertises a route belonging to ISP1, ISP2 installs that route in its table. ISP2 might then attempt to route transit traffic through the ITA. Configure the ITA router so that it advertises only ITA networks 192.168.0.0 and 192.168.1.0 to both providers.
Note: The clear ip bgp * command is disruptive because it completely resets all BGP adjacencies. This is acceptable in a lab environment but could be problematic in a production network. Instead, if only a change of inbound/outbound routing policies is to be performed, it is sufficient to issue the clear ip bgp * in or clear ip bgp * out commands. These commands perform only a new BGP database synchronization without the disruptive effects of a complete BGP adjacency reset. All current Cisco IOS versions support the route refresh capability that replaces the inbound soft reconfiguration feature that previously had to be configured on a per-neighbor basis.
Step 7: Configure primary and backup routes using floating static routes.
With bidirectional communication established with each ISP via BGP, configure the primary and backup routes. This can be done with floating static routes or BGP.
Step 8: Configure primary and backup routes using a default network and a static route.
Another method for configuring primary and backup routes is to use the ip default-network command instead of a 0.0.0.0/0 route.
Q : Should ISP1 and ISP2 be able to ping all networks in the topology?'
Ans : No. Router ITA has been configured with route filters and does not advertise the ISP1 networks to ISP2 and vice versa. The ITA router advertises only ITA networks 192.168.0.0 and 192.168.1.0 to both providers. Pings from ISP1 to any of the ISP2 172.16.x.x networks will fail. Pings from ISP2 to any of the ISP1 10.x.x.x networks will fail.
Note: Another option for setting up default routing is to inject a default route via BGP. The following example configures the ISP1 router to inject a default route to itself that can be used by the ITA router:
Run the following Tcl script on router ITA to verify connectivity.
ITA# tclsh
foreach address {
10.0.0.1
10.0.0.2
10.1.1.1
172.16.0.1
172.16.0.2
172.16.1.1
192.168.0.1
192.168.1.1
192.168.100.1
} {
ping $address }
Final Device Config :
ISP1#sh running-config
Building configuration...
Current configuration : 1272 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP1
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
!
interface Loopback0
description ISP1 Internet Network
ip address 10.1.1.1 255.255.255.0
!
interface Loopback1
ip address 192.168.100.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
description ISP1 -> ITA
ip address 10.0.0.1 255.255.255.252
clock rate 128000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router bgp 200
no synchronization
bgp log-neighbor-changes
network 10.1.1.0 mask 255.255.255.0
network 192.168.100.0
neighbor 10.0.0.2 remote-as 100
no auto-summary
!
ip classless
!
no ip http server
no ip http secure-server
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
=======================================================
ISP2#sh running-config
Building configuration...
Current configuration : 1196 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface Loopback0
description ISP2 Internet Network
ip address 172.16.1.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
description ISP2 -> ITA
ip address 172.16.0.1 255.255.255.252
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router bgp 300
no synchronization
bgp log-neighbor-changes
network 172.16.1.0 mask 255.255.255.0
neighbor 172.16.0.2 remote-as 100
no auto-summary
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
========================================================
ITA#sh running-config
Building configuration...
Current configuration : 1573 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ITA
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface Loopback0
description Core router network link 1
ip address 192.168.0.1 255.255.255.0
!
interface Loopback1
description Core router network link 2
ip address 192.168.1.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
description ITA -> ISP1
ip address 10.0.0.2 255.255.255.252
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
description ITA -> ISP2
ip address 172.16.0.2 255.255.255.252
clock rate 128000
!
router bgp 100
no synchronization
bgp log-neighbor-changes
network 192.168.0.0
network 192.168.1.0
neighbor 10.0.0.1 remote-as 200
neighbor 10.0.0.1 distribute-list 1 out
neighbor 172.16.0.1 remote-as 300
neighbor 172.16.0.1 distribute-list 1 out
no auto-summary
!
ip classless
ip default-network 192.168.100.0
ip route 0.0.0.0 0.0.0.0 172.16.0.1 220
!
no ip http server
no ip http secure-server
!
access-list 1 permit 192.168.0.0 0.0.1.255
control-plane
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
end
=========================================================
Monday, October 28, 2013
Redistribution Between RIP and OSPF
Objectives
• Review configuration and verification of RIP and OSPF.
• Configure passive interfaces in both RIP and OSPF.
• Filter routing updates using distribute lists.
• Redistribute static routes into RIP.
• Redistribute RIP routes into OSPF.
• Redistribute OSPF routes into RIP.
• Originate a default route into OSPF.
• Set a default seed metric.
• Modify OSPF external network types.
• Configure summary addresses.
Step 1: Configure loopbacks and assign addresses.
Step 2: Configure RIPv2.
Configuring RIPv2 on a router is fairly simple:
• Type the global configuration command router rip to enter RIP configuration mode.
• Enable RIPv2 with the version 2 command.
• Enter the no auto-summary command to disable automatic summarization at classful network boundaries.
• Add the networks you want using the network network command.
Q : Based on the topology diagram, which major networks need to be advertised into RIP for R1?
Ans :
172.16.0.0/16
192.168.48.0/24
192.168.49.0/24
192.168.50.0/24
192.168.51.0/24
192.168.70.0/24
192.168.48.0/24
192.168.49.0/24
192.168.50.0/24
192.168.51.0/24
192.168.70.0/24
Q : Which major networks need to be advertised into RIP for R2?
Ans : Only 172.16.0.0/16
Step 3: Configure passive interfaces in RIP.
Q : What are some reasons to prevent RIP from sending updates out a particular interface?
Ans : RIPv2 does not use an adjacency system. Therefore, RIPv2 floods all of its routing updates out of its interfaces rather than developing adjacencies with short hello packets like EIGRP and OSPF. Because RIPv2 could flood packets out interfaces where there are no RIPv2 receivers, it is a best practice to prevent RIP packets from being sent out these interfaces.
Q : Does RIPv2 send advertisements out loopback interfaces?
Ans : By default, loopback interfaces act like normal interfaces in RIPv2 when sending and receiving packets. However, a router will never have RIPv2 neighbors out its loopback interface, so loopback interfaces can always be configured as passive interfaces, thereby saving CPU resources.
Step 4: Summarize a supernet with RIP.
Q : Which RIP routes should you summarize because they are contiguous and which mask should you use?
Ans : Summarize 192.168.48.0/24 through 192.168.51.0/24. Use a 22-bit mask to create the supernet.
Q : Will this route to Null0 affect routing to prefixes with longer addresses on R1? Explain.
Ans : The routing table first matches based on longest IP prefix. If any of the summarized networks are routable on R1, as in this situation, R1 uses the connected route with the longer mask to reach those networks. If one of those interfaces were to be shut down, R1 would send traffic for that network to its Null0 virtual interface.
Step 5: Suppress routes using prefix lists.
Q : Why would you want to filter updates being sent out or coming in?
Ans : The intention is to summarize addresses at R1, achieving benefits such as smaller routing tables and the prevention of route flapping disturbing network stability. By redistributing the static route into RIPv2, only the summary route was added, but the more specific routes were not filtered. To achieve these benefits, filter the outgoing routes to R2 by allowing all routes except the 24-bit routes.
Step 6: Configure OSPF.
Q : You can verify this by viewing the output of the show ip route command on R2. Do you see a 192.168.0.0/16 supernet?
Ans : No, because the network command selects interfaces by IP address. It does not set the exact prefix to be advertised.
Step 7: Configure passive interfaces in OSPF.
Q : How is this different from the RIP version of this command?
Ans : Passive interfaces in RIPv2 prevent outgoing routing information via multicast.
Because OSPF must create an adjacency before sending routing updates, the OSPF version of the passive-interface command prevents sending or processing OSPF packets and, therefore, prevents adjacencies.
Step 8: Allow one-way redistribution.
Step 9: Redistribute between two routing protocols.
Step 10: Set a default seed metric.
Step 11: Change the OSPF external network type.
Q : Where would an external type 1 metric be useful?
Ans : If there are multiple paths through an OSPF domain to an external destination network, use E1 routes so that OSPF will evaluate the shortest cost path. Especially use this option if multiple ASBRs are advertising the same destination network to prevent suboptimal routing.
Q : Where would an external type 2 metric be useful?
Ans : If there is only one ASBR advertising an external route, use E2 routes. In this scenario, use the E1 type even though only one ASBR is advertising the external routes.
Q : Which attributes of the routes changed?
Ans : The external route type has been changed from E2 to E1. The metric, previously 10000, has been incremented to represent the path through the OSPF network to the ASBR.
__________________________________________________________________________________
Final Device Configuration :
R1#sh running-config
Building configuration...
Current configuration : 1821 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
no ip icmp rate-limit unreachable
ip cef
ip tcp synwait-time 5
!
no ip domain lookup
!
interface Loopback0
ip address 172.16.1.1 255.255.255.0
!
interface Loopback48
ip address 192.168.48.1 255.255.255.0
!
interface Loopback49
ip address 192.168.49.1 255.255.255.0
!
interface Loopback50
ip address 192.168.50.1 255.255.255.0
!
interface Loopback51
ip address 192.168.51.1 255.255.255.0
!
interface Loopback70
ip address 192.168.70.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 172.16.12.1 255.255.255.0
clock rate 64000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router rip
version 2
redistribute static
passive-interface default
no passive-interface Serial0/0
network 172.16.0.0
network 192.168.48.0
network 192.168.49.0
network 192.168.50.0
network 192.168.51.0
network 192.168.70.0
distribute-list prefix RIP-OUT out Serial0/0
no auto-summary
!
ip classless
ip route 192.168.48.0 255.255.252.0 Null0
!
no ip http server
no ip http secure-server
!
ip prefix-list RIP-OUT seq 5 permit 192.168.48.0/22
ip prefix-list RIP-OUT seq 10 deny 192.168.48.0/22 le 24
ip prefix-list RIP-OUT seq 15 permit 0.0.0.0/0 le 32
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
____________________________________________________________________________
R2#show rUNning-config
Building configuration...
Current configuration : 1325 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
no ip icmp rate-limit unreachable
ip cef
ip tcp synwait-time 5
!
no ip domain lookup
!
interface Loopback0
ip address 172.16.2.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
bandwidth 64
ip address 172.16.12.2 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
ip address 172.16.23.2 255.255.255.0
clock rate 64000
!
router ospf 1
log-adjacency-changes
redistribute rip metric-type 1 subnets
network 172.16.23.0 0.0.0.255 area 0
default-information originate
default-metric 10000
!
router rip
version 2
redistribute ospf 1 metric 4
passive-interface Loopback0
network 172.16.0.0
no auto-summary
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
______________________________________________________________________
R3#sh running-config
Building configuration...
Current configuration : 1725 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
no ip icmp rate-limit unreachable
ip cef
ip tcp synwait-time 5
!
no ip domain lookup
!
interface Loopback0
ip address 172.16.3.1 255.255.255.0
ip ospf network point-to-point
!
interface Loopback20
ip address 192.168.20.1 255.255.255.0
ip ospf network point-to-point
!
interface Loopback25
ip address 192.168.25.1 255.255.255.0
ip ospf network point-to-point
!
interface Loopback30
ip address 192.168.30.1 255.255.255.0
ip ospf network point-to-point
!
interface Loopback35
ip address 192.168.35.1 255.255.255.0
ip ospf network point-to-point
!
interface Loopback40
ip address 192.168.40.1 255.255.255.0
ip ospf network point-to-point
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
bandwidth 64
ip address 172.16.23.3 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
log-adjacency-changes
passive-interface default
no passive-interface Serial0/0
network 172.16.0.0 0.0.255.255 area 0
network 192.168.0.0 0.0.255.255 area 0
default-metric 10000
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
====================================
Monday, October 21, 2013
Advanced Redistribution Lab
Objectives:
1. Configure EIGRP and OSPF for the network shown (use OSPF Area 0). Advertise all networks on all routers. Do not implement any summarization features for EIGRP or OSPF. Routes should never be advertised in both OSPF and EIGRP routing domains.
2. Enable full, mutual redistribution on R2 and R3 between OSPF and EIGRP. The 10.4.0.0/24 and 10.4.1.0/24 subnets should have a seed metric of 100 and an OSPF tag of 10 while the 10.4.2.0/24 and 10.4.3.0/24 subnets should have a seed metric of 200 and an OSPF tag of 20. All other subnets redistributed into OSPF should have a seed metric of 300 and an OSPF tag of 30. OSPF routes redistributed into EIGRP should have a seed metric of BW: 400 DLY: 20 REL: 255 LD: 1 MTU: 1500 and a tag of 40. Finally, external OSPF routes should not increment their metric as they pass through the OSPF domain.
3. Ensure the 10.4.4.0/24 network does not reach the OSPF routing domain.
4. Enable filtering using the assigned route tags to ensure redistributed routes do not cause any looping issues.
5. R3 has the preferred route to reach the 10.1.0.0/24 network. Ensure routers prefer this path over the path from R2.
Final Device Configuration :
R1#sh running-config
Building configuration...
Current configuration : 1164 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface Loopback0
ip address 10.1.0.1 255.255.255.0
ip ospf network point-to-point
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.12.1 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
ip address 10.1.13.1 255.255.255.0
clock rate 2000000
!
router ospf 1
log-adjacency-changes
network 10.1.0.0 0.0.0.255 area 0
network 10.1.12.0 0.0.0.255 area 0
network 10.1.13.0 0.0.0.255 area 0
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
======================================================
R2#sh running-config
Building configuration...
Current configuration : 2031 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.12.2 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
ip address 10.1.23.2 255.255.255.0
clock rate 2000000
!
interface Serial0/2
ip address 10.1.24.2 255.255.255.0
clock rate 2000000
!
interface Serial0/3
no ip address
shutdown
clock rate 2000000
!
router eigrp 100
redistribute ospf 1 route-map OSPF-TO-EIGRP
network 10.1.23.0 0.0.0.255
network 10.1.24.0 0.0.0.255
distance eigrp 90 105
no auto-summary
!
router ospf 1
log-adjacency-changes
redistribute eigrp 100 subnets route-map EIGRP-TO-OSPF
network 10.1.12.0 0.0.0.255 area 0
!
ip classless
!
!
no ip http server
no ip http secure-server
!
access-list 1 permit 10.4.0.0 0.0.0.255
access-list 1 permit 10.4.1.0 0.0.0.255
access-list 2 permit 10.4.2.0 0.0.0.255
access-list 2 permit 10.4.3.0 0.0.0.255
access-list 3 permit 10.4.4.0 0.0.0.255
route-map EIGRP-TO-OSPF deny 5
match tag 40
!
route-map EIGRP-TO-OSPF permit 10
match ip address 1
set metric 100
set tag 10
!
route-map EIGRP-TO-OSPF permit 20
match ip address 2
set metric 200
set tag 20
!
route-map EIGRP-TO-OSPF deny 30
match ip address 3
!
route-map EIGRP-TO-OSPF permit 40
set metric 300
set tag 30
!
route-map OSPF-TO-EIGRP deny 5
match tag 10 20 30
!
route-map OSPF-TO-EIGRP permit 10
set metric 400 20 255 1 1500
set tag 40
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
========================================================
R3#sh running-config
Building configuration...
Current configuration : 1834 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.13.3 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
ip address 10.1.23.3 255.255.255.0
clock rate 2000000
!
router eigrp 100
redistribute ospf 1 route-map OSPF-TO-EIGRP
network 10.1.23.0 0.0.0.255
no auto-summary
!
router ospf 1
log-adjacency-changes
redistribute eigrp 100 subnets route-map EIGRP-TO-OSPF
network 10.1.13.0 0.0.0.255 area 0
!
ip classless
!
no ip http server
no ip http secure-server
!
access-list 1 permit 10.4.0.0 0.0.0.255
access-list 1 permit 10.4.1.0 0.0.0.255
access-list 2 permit 10.4.2.0 0.0.0.255
access-list 2 permit 10.4.3.0 0.0.0.255
access-list 3 permit 10.4.4.0 0.0.0.255
route-map EIGRP-TO-OSPF deny 5
match tag 40
!
route-map EIGRP-TO-OSPF permit 10
match ip address 1
set metric 100
set tag 10
!
route-map EIGRP-TO-OSPF permit 20
match ip address 2
set metric 200
set tag 20
!
route-map EIGRP-TO-OSPF deny 30
match ip address 3
!
route-map EIGRP-TO-OSPF permit 40
set metric 300
set tag 30
!
route-map OSPF-TO-EIGRP deny 5
match tag 10 20 30
!
route-map OSPF-TO-EIGRP permit 10
set metric 400 20 255 1 1500
set tag 40
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
=======================================================
R4#sh running-config
Building configuration...
Current configuration : 1257 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R4
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface Loopback0
ip address 10.4.0.1 255.255.255.0
!
interface Loopback1
ip address 10.4.1.1 255.255.255.0
!
interface Loopback2
ip address 10.4.2.1 255.255.255.0
!
interface Loopback3
ip address 10.4.3.1 255.255.255.0
!
interface Loopback4
ip address 10.4.4.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.24.4 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router eigrp 100
network 10.0.0.0
no auto-summary
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
=======================================================
with regards,
Zaw Min Htann
Thursday, October 17, 2013
Simple Redistribution
Objectives:
1. Configure EIGRP and OSPF for the network shown. Advertise all networks on all routers. Do not implement any summarization features for EIGRP or OSPF. Use Area 0 for the OSPF portion of the network and configure all Loopback interfaces on R3 as a point-to-point OSPF network.
2. Enable full redistribution between OSPF and EIGRP, implementing any necessary seed metrics to ensure all routers are able to see all routes. OSPF external routes should not increment their metric as they propagate the network.
3. Implement distribute-list filtering in such a way that the OSPF domain only sees odd numbered loopback networks coming from R1. Any even numbered subnet (including physical networks) should be hidden from OSPF.
4. Implement route-map filtering in such a way that the EIGRP domain does not see routes with a more specific subnet mask than /24.
Devices Configuration :
R1#sh running-config
Building configuration...
Current configuration : 1371 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface Loopback0
ip address 10.1.0.1 255.255.255.0
!
interface Loopback1
ip address 10.1.1.1 255.255.255.0
!
interface Loopback2
ip address 10.1.2.1 255.255.255.0
!
interface Loopback3
ip address 10.1.3.1 255.255.255.0
!
interface Loopback4
ip address 10.1.4.1 255.255.255.0
!
interface Loopback5
ip address 10.1.5.1 255.255.255.0
!
interface Loopback6
ip address 10.1.6.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.12.1 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router eigrp 100
network 10.0.0.0
no auto-summary
!
ip classless
!
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
R1#sh running-config
Building configuration...
Current configuration : 1371 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface Loopback0
ip address 10.1.0.1 255.255.255.0
!
interface Loopback1
ip address 10.1.1.1 255.255.255.0
!
interface Loopback2
ip address 10.1.2.1 255.255.255.0
!
interface Loopback3
ip address 10.1.3.1 255.255.255.0
!
interface Loopback4
ip address 10.1.4.1 255.255.255.0
!
interface Loopback5
ip address 10.1.5.1 255.255.255.0
!
interface Loopback6
ip address 10.1.6.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.12.1 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router eigrp 100
network 10.0.0.0
no auto-summary
!
ip classless
!
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
=========================================================================
R2#sh running-config
Building configuration...Current configuration : 1466 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
!
!
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.12.2 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
ip address 10.1.23.2 255.255.255.0
clock rate 2000000
!
router eigrp 100
redistribute ospf 1 metric 100 100 100 100 100 route-map FILTER_OSPF_TO_EIGRP
network 10.1.12.0 0.0.0.255
no auto-summary
!
router ospf 1
log-adjacency-changes
redistribute eigrp 100 metric 100 subnets
network 10.1.23.0 0.0.0.255 area 0
distribute-list 1 out
!
ip classless
!
!
no ip http server
no ip http secure-server
!
ip prefix-list CISCO seq 5 permit 10.0.0.0/8 le 24
access-list 1 permit 10.1.1.0 0.0.0.255
access-list 1 permit 10.1.3.0 0.0.0.255
access-list 1 permit 10.1.5.0 0.0.0.255
route-map FILTER_OSPF_TO_EIGRP permit 10
match ip address prefix-list CISCO
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
=========================================================================
R3#sh running-config
Building configuration...Current configuration : 1629 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface Loopback0
ip address 10.1.7.1 255.255.255.0
ip ospf network point-to-point
!
interface Loopback1
ip address 10.1.8.1 255.255.255.0
ip ospf network point-to-point
!
interface Loopback2
ip address 10.1.9.1 255.255.255.0
ip ospf network point-to-point
!
interface Loopback3
ip address 10.1.10.1 255.255.255.0
ip ospf network point-to-point
!
interface Loopback4
ip address 10.1.11.1 255.255.255.252
ip ospf network point-to-point
!
interface Loopback5
ip address 10.1.11.5 255.255.255.252
ip ospf network point-to-point
!
interface Loopback6
ip address 10.1.11.9 255.255.255.252
ip ospf network point-to-point
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.1.23.3 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 0
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
Wednesday, October 16, 2013
OSPF Special Area
Objectives:
1. Configure basic OSPF for the network shown. Advertise all networks attached to each router into OSPF using the simplest method available. To inject external networks into the OSPF domain, redistribute the static routes on R1. These routes should be marked as type E1.
2. OSPF should never form neighbor relationships on any interface where other OSPF routers do not exist (as shown in the diagram).
3. All routers in Area 0 should use MD5 authentication for OSPF neighbors. Routers in Area 23 should be configured to support clear-text authentication for OSPF neighbors. All keys should be set to the passphrase ‘cisco’ (without quotes).
4. Routers in Area 45 are limited in their capacity and should not receive routes for networks outside the OSPF system. These routers should reach the external network using a default route which cannot be configured statically.
5. Routers in Area 23 must not receive any Type 3, 4, or 5 LSAs from the rest of the OSPF network. These routers should reach the external network using a default route with an initial OSPF cost of 100.
6. When this exercise is complete, all routers should be able to reach (ping) every route in the OSPF routing table
Device Configuration :
R1#sh running-config
Building configuration...
Current configuration : 1371 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
ip address 10.100.1.1 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
duplex auto
speed auto
!
interface Serial0/0
no ip address
shutdown
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
redistribute static metric 50 metric-type 1 subnets
passive-interface default
no passive-interface FastEthernet0/0
network 10.100.1.0 0.0.0.255 area 0
!
ip classless
ip route 172.31.0.0 255.255.255.0 Null0
ip route 172.31.1.0 255.255.255.0 Null0
ip route 172.31.2.0 255.255.255.0 Null0
ip route 172.31.3.0 255.255.255.0 Null0
!
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
R1#sh running-config
Building configuration...
Current configuration : 1371 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
ip address 10.100.1.1 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
duplex auto
speed auto
!
interface Serial0/0
no ip address
shutdown
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
router-id 1.1.1.1
log-adjacency-changes
redistribute static metric 50 metric-type 1 subnets
passive-interface default
no passive-interface FastEthernet0/0
network 10.100.1.0 0.0.0.255 area 0
!
ip classless
ip route 172.31.0.0 255.255.255.0 Null0
ip route 172.31.1.0 255.255.255.0 Null0
ip route 172.31.2.0 255.255.255.0 Null0
ip route 172.31.3.0 255.255.255.0 Null0
!
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
==================================================================================
R2#sh running-config
Building configuration...
Current configuration : 1589 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface Loopback0
ip address 172.30.0.1 255.255.255.0
!
interface Loopback1
ip address 172.30.1.1 255.255.255.0
!
interface Loopback2
ip address 172.30.2.1 255.255.255.0
!
interface Loopback3
ip address 172.30.3.1 255.255.255.0
!
interface FastEthernet0/0
ip address 10.100.1.2 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
duplex auto
speed auto
!
interface Serial0/0
ip address 10.23.1.2 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
router-id 2.2.2.2
log-adjacency-changes
area 23 stub no-summary
area 23 default-cost 100
passive-interface FastEthernet0/1
passive-interface Serial0/1
network 10.23.1.0 0.0.0.255 area 23
network 10.100.1.0 0.0.0.255 area 0
network 172.30.0.0 0.0.3.255 area 23
!
ip classless
!
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
Building configuration...
Current configuration : 1589 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface Loopback0
ip address 172.30.0.1 255.255.255.0
!
interface Loopback1
ip address 172.30.1.1 255.255.255.0
!
interface Loopback2
ip address 172.30.2.1 255.255.255.0
!
interface Loopback3
ip address 172.30.3.1 255.255.255.0
!
interface FastEthernet0/0
ip address 10.100.1.2 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
duplex auto
speed auto
!
interface Serial0/0
ip address 10.23.1.2 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
router-id 2.2.2.2
log-adjacency-changes
area 23 stub no-summary
area 23 default-cost 100
passive-interface FastEthernet0/1
passive-interface Serial0/1
network 10.23.1.0 0.0.0.255 area 23
network 10.100.1.0 0.0.0.255 area 0
network 172.30.0.0 0.0.3.255 area 23
!
ip classless
!
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
==================================================================================
R3#sh running-config
Building configuration...
Current configuration : 1144 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.23.1.3 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
router-id 3.3.3.3
log-adjacency-changes
area 23 stub
passive-interface default
no passive-interface Serial0/0
network 10.23.1.0 0.0.0.255 area 23
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
Building configuration...
Current configuration : 1144 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.23.1.3 255.255.255.0
ip ospf authentication
ip ospf authentication-key cisco
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
router-id 3.3.3.3
log-adjacency-changes
area 23 stub
passive-interface default
no passive-interface Serial0/0
network 10.23.1.0 0.0.0.255 area 23
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
==================================================================================
R4#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
R4#sh run
R4#sh running-config
Building configuration...
Current configuration : 1252 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R4
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
ip address 10.100.1.4 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
duplex auto
speed auto
!
interface Serial0/0
ip address 10.45.1.4 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
router-id 4.4.4.4
log-adjacency-changes
area 45 stub
passive-interface default
no passive-interface FastEthernet0/0
no passive-interface Serial0/0
network 10.45.1.0 0.0.0.255 area 45
network 10.100.1.0 0.0.0.255 area 0
!
ip classless
!
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
Destination filename [startup-config]?
Building configuration...
[OK]
R4#sh run
R4#sh running-config
Building configuration...
Current configuration : 1252 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R4
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
ip address 10.100.1.4 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
duplex auto
speed auto
!
interface Serial0/0
ip address 10.45.1.4 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
router-id 4.4.4.4
log-adjacency-changes
area 45 stub
passive-interface default
no passive-interface FastEthernet0/0
no passive-interface Serial0/0
network 10.45.1.0 0.0.0.255 area 45
network 10.100.1.0 0.0.0.255 area 0
!
ip classless
!
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
===================================================================================
R5#sh running-config
Building configuration...
Current configuration : 1086 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R5
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
!
!
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.45.1.5 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
router-id 5.5.5.5
log-adjacency-changes
area 45 stub
passive-interface default
no passive-interface Serial0/0
network 10.45.1.0 0.0.0.255 area 45
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
Building configuration...
Current configuration : 1086 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R5
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
!
!
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.45.1.5 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
router-id 5.5.5.5
log-adjacency-changes
area 45 stub
passive-interface default
no passive-interface Serial0/0
network 10.45.1.0 0.0.0.255 area 45
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
==================================================================================
R6#sh running-config
Building configuration...
Current configuration : 1268 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R6
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
ip address 10.100.1.6 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
duplex auto
speed auto
!
interface Serial0/0
ip address 10.67.1.6 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
router-id 6.6.6.6
log-adjacency-changes
area 67 virtual-link 7.7.7.7
passive-interface default
no passive-interface FastEthernet0/0
no passive-interface Serial0/0
network 10.67.1.0 0.0.0.255 area 67
network 10.100.1.0 0.0.0.255 area 0
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
Building configuration...
Current configuration : 1268 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R6
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
ip address 10.100.1.6 255.255.255.0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco
duplex auto
speed auto
!
interface Serial0/0
ip address 10.67.1.6 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
router-id 6.6.6.6
log-adjacency-changes
area 67 virtual-link 7.7.7.7
passive-interface default
no passive-interface FastEthernet0/0
no passive-interface Serial0/0
network 10.67.1.0 0.0.0.255 area 67
network 10.100.1.0 0.0.0.255 area 0
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
==================================================================================
R7#sh running-config
Building configuration...
Current configuration : 1182 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R7
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.67.1.7 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
ip address 10.78.1.7 255.255.255.0
clock rate 2000000
!
router ospf 1
router-id 7.7.7.7
log-adjacency-changes
area 67 virtual-link 6.6.6.6
passive-interface default
no passive-interface Serial0/0
no passive-interface Serial0/1
network 10.67.1.0 0.0.0.255 area 67
network 10.78.1.0 0.0.0.255 area 78
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
Building configuration...
Current configuration : 1182 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R7
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.67.1.7 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
ip address 10.78.1.7 255.255.255.0
clock rate 2000000
!
router ospf 1
router-id 7.7.7.7
log-adjacency-changes
area 67 virtual-link 6.6.6.6
passive-interface default
no passive-interface Serial0/0
no passive-interface Serial0/1
network 10.67.1.0 0.0.0.255 area 67
network 10.78.1.0 0.0.0.255 area 78
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
==================================================================================
R8#sh running-config
Building configuration...
Current configuration : 1072 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R8
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.78.1.8 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
router-id 8.8.8.8
log-adjacency-changes
passive-interface default
no passive-interface Serial0/0
network 10.78.1.0 0.0.0.255 area 78
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
Building configuration...
Current configuration : 1072 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R8
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name lab.local
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/0
ip address 10.78.1.8 255.255.255.0
clock rate 2000000
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Serial0/1
no ip address
shutdown
clock rate 2000000
!
router ospf 1
router-id 8.8.8.8
log-adjacency-changes
passive-interface default
no passive-interface Serial0/0
network 10.78.1.0 0.0.0.255 area 78
!
ip classless
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
line vty 0 4
login
!
!
end
==================================================================================
Subscribe to:
Posts (Atom)