Monday, October 7, 2013

OSPF Virtual Links and Area Summarization

CCNPv6 ROUTE
Chapter 3 Lab 3-3, OSPF Virtual Links and Area Summarization

I purposed  this blog post for easy referencing who Labbing CCNP OSPF route .All Sources is according to CCNP lab manual . I'm also a learner who trying to get CCNP Certi . Cheer All bro .

Objectives


  1. Configure multi-area OSPF on a router.
  2. Verify multi-area behavior.
  3. Create an OSPF virtual link.
  4. Summarize an area.
  5. Generate a default route into OSPF.
Step 1: Configure addressing and loopbacks.

Step 2: Add interfaces into OSPF.

 Note: The default behavior of OSPF for loopback interfaces is to advertise a 32-bit host route. To ensure that the full /24 network is advertised, use the ip ospf network point-to-point command. Change the network type on the loopback interfaces so that they are advertised with the correct subnet.

 Step 3: Create a virtual link

Q : What would happen if routes could pass between areas without going through the backbone?
Ans :  Routing loops might occur because any route could get advertised to different areas. By passing through the backbone, type 3 LSAs are generated by their respective areas and not sent back in
 Q : When are virtual links useful?
Ans : Virtual links are useful when there needs to be a temporary extension of the backbone, either because the backbone became discontinuous or a new area got added onto an existing area. 
Q : Why are virtual links a poor long-term solution?
Ans : Virtual links are a poor long-term solution because they add processing overhead and basically extend the backbone area onto routers where it might not belong. They can also add a lot of complexity to troubleshooting.

 Step 4: Summarize an area

 Loopbacks 100 through 103 can be summarized into one supernet of 192.168.100.0 /22.

Step 5: Generate a default route into OSPF. 

 You can simulate loopback 30 on R1 to be a connection to the Internet. You do not need to advertise this specific network to the rest of the network. Instead, you can just have a default route for all unknown traffic to go to R1. 
Use the following Tcl script to verify connectivity to all addresses in the topology

R1# tclsh
R1(tcl)#
foreach address {
10.1.1.1
10.1.2.1
10.1.3.1
10.1.12.1
10.1.12.2
10.1.23.2
10.1.23.3
172.30.30.1
192.168.100.1
192.168.101.1
192.168.102.1
192.168.103.1
} {
ping $address }

Challenge: Configure OSPF Authentication

Configure OSPF MD5 authentication on the link between R2 and R3, using key ID 1 and the password cisco. Record the commands used below.

Enter the following configuration commands on R2 and R3:
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco

Final Configuration For Lab  and used c3725-advsecurityk9-mz.124-19b image for GNS 3 Lab

R1#sh running-config
Building configuration...
Current configuration : 1257 bytes

version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
no aaa new-model
memory-size iomem 5
ip cef
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
no ip domain lookup
ip domain name lab.local
!
interface Loopback1
 description Engineering Department
 ip address 10.1.1.1 255.255.255.0
 ip ospf network point-to-point
!
interface Loopback30
 ip address 172.30.30.1 255.255.255.252
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0
 ip address 10.1.12.1 255.255.255.0
 clock rate 64000
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1
 no ip address
 shutdown
 clock rate 2000000
!
router ospf 1
 log-adjacency-changes
 network 10.1.1.0 0.0.0.255 area 0
 network 10.1.12.0 0.0.0.255 area 0
 default-information originate always
!       
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
!
end

 ======================================================

R2#sh running-config
Building configuration...

Current configuration : 1317 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
no aaa new-model
memory-size iomem 5
ip cef
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
p domain lookup
ip domain name lab.local
!
interface Loopback2
 description Marketing Department
 ip address 10.1.2.1 255.255.255.0
 ip ospf network point-to-point
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0
 ip address 10.1.12.2 255.255.255.0
 clock rate 2000000
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1
 ip address 10.1.23.2 255.255.255.0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 cisco
 clock rate 64000
!
router ospf 1
 log-adjacency-changes
 area 23 virtual-link 192.168.103.1
 network 10.1.2.0 0.0.0.255 area 0
 network 10.1.12.0 0.0.0.255 area 0
 network 10.1.23.0 0.0.0.255 area 23
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
!
end

=====================================================
R3#sh running-config
Building configuration...

Current configuration : 1739 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
no aaa new-model
memory-size iomem 5
ip cef
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
no ip domain lookup
ip domain name lab.local
!
interface Loopback3
 description Accounting Department
 ip address 10.1.3.1 255.255.255.0
 ip ospf network point-to-point
!
interface Loopback100
 ip address 192.168.100.1 255.255.255.0
 ip ospf network point-to-point
!
interface Loopback101
 ip address 192.168.101.1 255.255.255.0
 ip ospf network point-to-point
!
interface Loopback102
 ip address 192.168.102.1 255.255.255.0
 ip ospf network point-to-point
!
interface Loopback103
 ip address 192.168.103.1 255.255.255.0
 ip ospf network point-to-point
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0
 ip address 10.1.23.3 255.255.255.0
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 cisco
 clock rate 2000000
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1
 no ip address
 shutdown
 clock rate 2000000
!
router ospf 1
 log-adjacency-changes
 area 23 virtual-link 10.1.2.1
 area 100 range 192.168.100.0 255.255.252.0
 network 10.1.3.0 0.0.0.255 area 23
 network 10.1.23.0 0.0.0.255 area 23
 network 192.168.100.0 0.0.3.255 area 100
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
control-plane
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
!

end

With Regards,
Zaw Min Htann


Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)