TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
CCNP Lab Guide CCIE University
1. www.ccieuniversity.com
Configuring Basic EIGRP Lab ............................................................................................................ 3
Configuring Default-network for EIGRP Lab .................................................................................... 6
Manually Summarizing EIGRP Routes Lab ..................................................................................... 11
Configuring EIGRP Unequal Cost Paths Lab ................................................................................... 15
Configuring EIGRP Authentication Lab .......................................................................................... 18
Understand EIGRP Query Lab ........................................................................................................ 20
Configuring Basic Multi Area OSPF and Area Summary Lab ......................................................... 28
Configuring OSPF in NBMA Lab ..................................................................................................... 32
Configuring OSPF Authentication Lab ........................................................................................... 37
Configuring OSPF External Summary Lab ...................................................................................... 43
Configuring OSPF Default Route With Metric Lab ......................................................................... 46
Configuring OSPF Stub Area Lab .................................................................................................... 49
Configuring OSPF Totally Stub Area Lab ........................................................................................ 53
Configuring OSPF NSSA Area and NSSA Totally Stub Lab .............................................................. 56
Configuring OSPF Virtual-Link between normal area and backbone area Lab ............................. 62
Configuring OSPF Virtual-Link between 2 backbone areas Lab .................................................... 65
Understand OSPF Routing Between Inter Area Lab ...................................................................... 68
Configuring Basic IS-IS Lab ............................................................................................................. 70
Configuring IS-IS Multi Area and Summary Route Lab .................................................................. 74
Migrate IS-IS Area Lab ................................................................................................................... 78
Redistributing into RIP and OSPF Lab ............................................................................................ 81
Redistributing Between EIGRP and IS-IS Lab ................................................................................. 83
Redistribution Using Administrative Distance Lab ........................................................................ 87
Filtering Routing Updates with a Distribute List Lab ..................................................................... 89
Filtering Routing Updates with a Route Map Lab ......................................................................... 91
Using Route Tag Filtering Routing Updates Lab ............................................................................ 93
Policy-based route Lab .................................................................................................................. 96
Configuring Basic BGP Lab ............................................................................................................. 99
Configuring BGP Using Loopback Addresses Lab ........................................................................ 101
Understand BGP Auto-Summary Lab .......................................................................................... 103
Configuring BGP Summarization Lab ........................................................................................... 106
Understand BGP Split Horizon Rule Lab ...................................................................................... 108
2. www.ccieuniversity.com
Understand BGP Synchronization Rule Lab ................................................................................. 111
BGP Neighbor Authentication Lab............................................................................................... 114
Configuring BGP Local Preference Lab ........................................................................................ 117
Using Route Maps to Configuring BGP Local Preference Lab ..................................................... 121
Configuring BGP Multi-Exit Discriminator Lab............................................................................. 124
Configuring BGP Weight Lab ....................................................................................................... 128
Affects the BGP Routing By Path Prepend Lab ............................................................................ 131
Configuring BGP Routes Reflector Lab ........................................................................................ 134
Configuring BGP Confederation Lab ............................................................................................ 135
Using Route Tag to Store BGP AS-Path Lab ................................................................................. 139
Using Distribute-list to Filtering BGP Routing Lab ....................................................................... 143
Using Route-Map to Filtering BGP Routing Lab .......................................................................... 145
Using Prefix-List to Filtering BGP Routing Lab ............................................................................. 146
Configuring 802.1x Port-Based Authentication Lab .................................................................... 150
Routing Between VLANs and VTP Protocol Lab .......................................................................... 154
Configuring L2 & L3 EtherChannel with PAGP Lab ...................................................................... 163
Configuring L2 & L3 EtherChannel with LACP Lab ....................................................................... 169
Configuring Layer 3 Redundancy with HSRP Lab ......................................................................... 172
Configuring Layer 3 Redundancy with VRRP Lab......................................................................... 179
3. www.ccieuniversity.com
Configuring Basic EIGRP Lab
Topology
Lab Purpose:
1、Master EIGRP basic configuration.
2、Master EIGRP wild card bits configuration.
3、Master EIGRP auto summary feature, and learn how to disable auto summary.
4、Master EIGRP manually summary.
Lab Steps:
1、Config IP address for each router.
2、EIGRP AS number should be 50.
3、Enable EIGRP for the 3 routers.
R1#configure terminal
R1(config-if)#router eigrp 50
R1(config-router)#network 172.16.0.0
R1(config-router)#network 10.1.1.0
R1(config-router)#network 10.1.2.0
R1(config-router)#network 10.1.3.0
R1(config-router)#network 10.1.4.0
R2#configure terminal
R2(config-if)#router eigrp 50
R2(config-router)#network 172.16.0.0
R2(config-router)#network 131.131.0.0
R3#configure terminal
R3(config-if)#router eigrp 50
R3(config-router)#network 172.16.0.0
4. www.ccieuniversity.com
R3(config-router)#network 192.168.0.0
R3(config-router)#network 192.168.1.0
R3(config-router)#network 192.168.2.0
R3(config-router)#network 192.168.3.0
4、Check the EIGRP neighbour relationship on R2.
R2#show ip eigrp 50 neighbors
IP-EIGRP neighbors for process 50
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
1 172.16.1.6 Se1/1 13 00:00:37 436 2616 0 2
0 172.16.1.1 Se1/0 13 00:02:34 736 4416 0 4
TIPS: H stands for neighbor sequence number, address is the neighbor address, Interface is the local
interface which connect with neighbor.
5、Check the routing table on R2.
R2#show ip route
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
C 172.16.1.4/30 is directly connected, Serial1/1
D 172.16.0.0/16 is a summary, 00:06:33, Null0
C 172.16.1.0/30 is directly connected, Serial1/0
D 192.168.4.0/24 [90/2297856] via 172.16.1.6, 00:04:39, Serial1/1
D 10.0.0.0/8 [90/2297856] via 172.16.1.1, 00:06:34, Serial1/0
C 131.131.0.0/16 is directly connected, Loopback0
D 192.168.0.0/24 [90/2297856] via 172.16.1.6, 00:04:39, Serial1/1
D 192.168.1.0/24 [90/2297856] via 172.16.1.6, 00:04:39, Serial1/1
D 192.168.2.0/24 [90/2297856] via 172.16.1.6, 00:04:39, Serial1/1
D 192.168.3.0/24 [90/2297856] via 172.16.1.6, 00:04:39, Serial1/1
6、 Check EIGRP routing table on R2.
R2#show ip route eigrp
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
D 172.16.0.0/16 is a summary, 00:10:09, Null0
D 192.168.4.0/24 [90/2297856] via 172.16.1.6, 00:08:14, Serial1/1
D 10.0.0.0/8 [90/2297856] via 172.16.1.1, 00:10:10, Serial1/0
D 192.168.0.0/24 [90/2297856] via 172.16.1.6, 00:08:14, Serial1/1
D 192.168.1.0/24 [90/2297856] via 172.16.1.6, 00:08:14, Serial1/1
D 192.168.2.0/24 [90/2297856] via 172.16.1.6, 00:08:14, Serial1/1
D 192.168.3.0/24 [90/2297856] via 172.16.1.6, 00:08:14, Serial1/1
7、There is a summary route 10.0.0.0/8 via 172.16.1.1 on R2 by auto summary feature,
we could use "no auto-summary" command to disable it.
R1(config)
R1(config)#router eigrp 50
R1(config-router)#no auto-summary
R1(config-router)#exit
Then check the eigrp route on R2 again.
5. www.ccieuniversity.com
R2#show ip route eigrp
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
D 172.16.0.0/16 is a summary, 00:07:26, Null0
D 192.168.4.0/24 [90/2297856] via 172.16.1.6, 00:05:09, Serial1/1
10.0.0.0/24 is subnetted, 4 subnets
D 10.1.3.0 [90/2297856] via 172.16.1.1, 00:02:31, Serial1/0
D 10.1.2.0 [90/2297856] via 172.16.1.1, 00:02:31, Serial1/0
D 10.1.1.0 [90/2297856] via 172.16.1.1, 00:02:31, Serial1/0
D 10.1.4.0 [90/2297856] via 172.16.1.1, 00:02:31, Serial1/0
D 192.168.0.0/24 [90/2297856] via 172.16.1.6, 00:05:09, Serial1/1
D 192.168.1.0/24 [90/2297856] via 172.16.1.6, 00:05:09, Serial1/1
D 192.168.2.0/24 [90/2297856] via 172.16.1.6, 00:05:09, Serial1/1
D 192.168.3.0/24 [90/2297856] via 172.16.1.6, 00:05:09, Serial1/1
8、Manually summarize network 192.168.0.0/24 192.168.1.0/24 192.168.2.0/24
192.168.3.0/24 to 1 item on R3.
R3(config)#interface serail 1/0
R3(config-if)#ip summary eigrp 50 192.168.0.0 255.255.252.0
R3(config-if)#exit
9、Check routing table on R2 again.
R2#show ip route eigrp
………
D 10.1.1.0 [90/2297856] via 172.16.1.1, 00:02:31, Serial1/0
D 10.1.4.0 [90/2297856] via 172.16.1.1, 00:02:31, Serial1/0
D 192.168.0.0/22 [90/2297856] via 172.16.1.6, 00:05:09, Serial1/1
………
10、Use wild card bits on R2's EIGRP configuration.
R2(config)#no router eigrp 50
R2(config)#router eigrp 50
R2(config-router)#network 172.16.1.0 0.0.0.3
R2(config-router)#network 131.131.0.0
R2(config-router)#exit
11、This time there is only R1 in R2's neighbor table.
R2#show ip eigrp neighbors
IP-EIGRP neighbors for process 50
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.16.1.1 Se1/0 12 00:04:57 1510 5000 0 5
12、Check EIGRP routing table on R1.
R1#show ip route eigrp
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
D 172.16.0.0/16 is a summary, 00:02:55, Null0
6. www.ccieuniversity.com
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
D 10.0.0.0/8 is a summary, 00:02:55, Null0
D 131.131.0.0/16 [90/2297856] via 172.16.1.2, 00:00:06, Serial1/1
By www.ccieuniversity.com
Configuring Default-network for EIGRP Lab
Topology
Lab Purpose:
1、Learn to use "ip default-network" command instead of " ip route 0.0.0.0 0.0.0.0 " in
EIGRP network.
Lab Steps:
1、Finish the basic ip address configuration on all the routers.
2、Let's suppose R3 is the external router, so there is no EIGRP relationship between R2
and R3. What we need is a default route to the internal network on R3.
R3(config)#
R3(config)#ip route 0.0.0.0 0.0.0.0 192.168.10.1
R3(config)#
3、Enable EIGRP 50 on the internal routers.
R1(config)#router eigrp 50
R1(config-router)#network 172.16.0.0
R1(config-router)#exit
R5(config)#router eigrp 50
7. www.ccieuniversity.com
R5(config-router)#network 172.16.0.0
R5(config-router)#exit
R2(config)#router eigrp 50
R2(config-router)#network 172.16.0.0
R2(config-router)#exit
4、Check EIGRP neighbor relationship on R2.
R2#show ip eigrp neighbors
IP-EIGRP neighbors for process 50
H Address Interface Hold Uptime SRTT RTO Q Seq Type
(sec) (ms) Cnt Num
1 172.16.1.6 Et1/2 11 00:00:54 1 3000 0 2
0 172.16.1.1 Et1/0 12 00:00:54 1 3000 0 2
5、Add a default route on R2 to reach the external network.
R2(config)#ip route 0.0.0.0 0.0.0.0 192.168.10.2
R2(config)#
R2#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 4/43/92 ms
R2#
6、R1 and R5 do not have route to external network, so they can not access external
network.
R1#show ip route
Gateway of last resort is not set
172.16.0.0/30 is subnetted, 2 subnets
D 172.16.1.4 [90/284160] via 172.16.1.2, 00:06:40, FastEthernet0/1
C 172.16.1.0 is directly connected, FastEthernet0/1
R1#
R1#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R1#
8. www.ccieuniversity.com
R5#show ip route
Gateway of last resort is not set
172.16.0.0/30 is subnetted, 2 subnets
C 172.16.1.4 is directly connected, Ethernet1/1
D 172.16.1.0 [90/307200] via 172.16.1.5, 00:12:15, Ethernet1/1
R5#
R5#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R5#
7、One solution is to add a default route with the next hop R2 on both R1 and R5 .
R1(config)#ip route 0.0.0.0 0.0.0.0 172.16.1.2
R1(config)#exit
R1#show ip route
Gateway of last resort is 172.16.1.2 to network 0.0.0.0
172.16.0.0/30 is subnetted, 2 subnets
D 172.16.1.4 [90/284160] via 172.16.1.2, 00:09:19, FastEthernet0/1
C 172.16.1.0 is directly connected, FastEthernet0/1
S* 0.0.0.0/0 [1/0] via 172.16.1.2
R1#
R1#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 48/71/92 ms
R1#
R5(config)#ip route 0.0.0.0 0.0.0.0 172.16.1.5
R5(config)#exit
R5#
R5#show ip route
Gateway of last resort is 172.16.1.5 to network 0.0.0.0
172.16.0.0/30 is subnetted, 2 subnets
C 172.16.1.4 is directly connected, Ethernet1/1
9. www.ccieuniversity.com
D 172.16.1.0 [90/307200] via 172.16.1.5, 00:13:57, Ethernet1/1
S* 0.0.0.0/0 [1/0] via 172.16.1.5
R5#
R5#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/53/64 ms
R5#
8、Another solution is to let R2 announce the external route to R1 and R5, this solution
is better for large internal network, as it gets less configuration work.
9、So let's delete the default route on R1 and R5 first.
R1(config)#no ip route 0.0.0.0 0.0.0.0 172.16.1.2
R1(config)#exit
R1#
R1#show ip route
Gateway of last resort is not set
172.16.0.0/30 is subnetted, 2 subnets
D 172.16.1.4 [90/284160] via 172.16.1.2, 00:19:02, FastEthernet0/1
C 172.16.1.0 is directly connected, FastEthernet0/1
R1#
R1#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R1#
R5(config)#no ip route 0.0.0.0 0.0.0.0 172.16.1.5
R5(config)#exit
R5#
R5#show ip route
Gateway of last resort is not set
172.16.0.0/30 is subnetted, 2 subnets
C 172.16.1.4 is directly connected, Ethernet1/1
D 172.16.1.0 [90/307200] via 172.16.1.5, 00:19:42, Ethernet1/1
R5#
10. www.ccieuniversity.com
R5#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R5#
10、Then let's R2 announce the external network 192.168.10.0 to R1 and R5.
R2(config)#router eigrp 50
R2(config-router)#network 192.168.10.0
R2(config-router)#exit
R2(config)#ip default-network 192.168.10.0
R2(config)#exit
R2#show ip route
Gateway of last resort is 192.168.10.2 to network 0.0.0.0
* 192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
D* 192.168.10.0/24 is a summary, 00:00:53, Null0
C 192.168.10.0/30 is directly connected, Ethernet1/1
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
C 172.16.1.4/30 is directly connected, Ethernet1/2
D 172.16.0.0/16 is a summary, 00:22:22, Null0
C 172.16.1.0/30 is directly connected, Ethernet1/0
S* 0.0.0.0/0 [1/0] via 192.168.10.2
R2#
11、Check the routing table of R1 and R5 again, to make sure they have the external
route.
R1#show ip route
Gateway of last resort is 172.16.1.2 to network 192.168.10.0
D* 192.168.10.0/24 [90/284160] via 172.16.1.2, 00:02:03, FastEthernet0/1
172.16.0.0/30 is subnetted, 2 subnets
D 172.16.1.4 [90/284160] via 172.16.1.2, 00:02:04, FastEthernet0/1
C 172.16.1.0 is directly connected, FastEthernet0/1
R1#
R1#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 48/105/188 ms
11. www.ccieuniversity.com
R1#
R5#show ip route
Gateway of last resort is 172.16.1.5 to network 192.168.10.0
D* 192.168.10.0/24 [90/307200] via 172.16.1.5, 00:04:15, Ethernet1/1
172.16.0.0/30 is subnetted, 2 subnets
C 172.16.1.4 is directly connected, Ethernet1/1
D 172.16.1.0 [90/307200] via 172.16.1.5, 00:04:19, Ethernet1/1
R5#
R5#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 76/87/96 ms
By www.ccieuniversity.com
Manually Summarizing EIGRP Routes Lab
Topology
Lab Purpose:
1、Understand the weakness of EIGRP auto summarization.
2、Master EIGRP manually summary configuration.
12. www.ccieuniversity.com
Lab Steps:
1、Finish basic ip configuration.
2、Enable EIGRP on all the routers, do not disable auto summary.
3、Ping on R2 to R1's 10.1.X.0/24 network and R4's 10.1.X.0/24 network, you will find
to R1 is good, but to R4 fails.
R2#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/46/92 ms
R2#ping 10.1.16.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.16.1, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
R2#
R2#ping 10.1.17.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.17.1, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
4、Check the routing table of R2.
R2#show ip route
Gateway of last resort is not set
172.16.0.0/30 is subnetted, 3 subnets
D 172.16.1.8 [90/307200] via 172.16.1.6, 00:06:25, Ethernet1/1
C 172.16.1.4 is directly connected, Ethernet1/1
C 172.16.1.0 is directly connected, Ethernet1/0
D 10.0.0.0/8 [90/409600] via 172.16.1.1, 00:06:09, Ethernet1/0
D 192.168.0.0/24 [90/409600] via 172.16.1.6, 00:06:25, Ethernet1/1
D 192.168.1.0/24 [90/409600] via 172.16.1.6, 00:06:25, Ethernet1/1
D 192.168.2.0/24 [90/409600] via 172.16.1.6, 00:06:25, Ethernet1/1
D 192.168.3.0/24 [90/409600] via 172.16.1.6, 00:06:25, Ethernet1/1
5、Check the EIGRP topology database of R2.
R2#show ip eigrp topology all-links
IP-EIGRP Topology Table for AS(50)/ID(172.16.1.5)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - Reply status
P 10.0.0.0/8, 1 successors, FD is 409600, serno 3
via 172.16.1.1 (409600/128256), Ethernet1/0
via 172.16.1.6 (435200/409600), Ethernet1/1
P 192.168.0.0/24, 1 successors, FD is 409600, serno 4
via 172.16.1.6 (409600/128256), Ethernet1/1
13. www.ccieuniversity.com
P 192.168.1.0/24, 1 successors, FD is 409600, serno 5
via 172.16.1.6 (409600/128256), Ethernet1/1
P 192.168.2.0/24, 1 successors, FD is 409600, serno 6
via 172.16.1.6 (409600/128256), Ethernet1/1
P 192.168.3.0/24, 1 successors, FD is 409600, serno 7
via 172.16.1.6 (409600/128256), Ethernet1/1
P 172.16.1.8/30, 1 successors, FD is 307200, serno 8
via 172.16.1.6 (307200/281600), Ethernet1/1
P 172.16.1.4/30, 1 successors, FD is 281600, serno 2
via Connected, Ethernet1/1
P 172.16.1.0/30, 1 successors, FD is 281600, serno 1
via Connected, Ethernet1/0
6、The specific 10.1.X.0/24 networks on both R1 and R4 were automatically summarize
to 10.0.0.0/8 before R2 receives. So R2 has two next hop to network 10.0.0.0/8,
according to the topology database R1's (172.16.1.1) FD 409600 is better than R3's
(172.16.1.6) FD 435200, then R2 will choose R1 172.16.1.1 as the next hop in the routing
table, so ping traffic to the networks behind R4 will not going to R4.
7、To solve this issue, we need to use manual summary instead of auto summary.
R1(config)#router eigrp 50
R1(config-router)#no auto-summary
R1(config-router)#exit
R1(config)#
R1(config)#interface fastEthernet 0/1
R1(config-if)#ip summary-address eigrp 50 10.1.0.0 255.255.252.0
R1(config-if)#exit
R1(config)#exit
R4(config)#router eigrp 50
R4(config-router)#no auto-summary
R4(config-router)#exit
R4(config)#
R4(config)#interface fastEthernet 0/0
R4(config-if)#ip summary-address eigrp 50 10.1.16.0 255.255.252.0
R4(config-if)#exit
R4(config)#exit
8、Check the routing table of R2.
R2#show ip route
Gateway of last resort is not set
172.16.0.0/30 is subnetted, 3 subnets
D 172.16.1.8 [90/307200] via 172.16.1.6, 00:21:08, Ethernet1/1
C 172.16.1.4 is directly connected, Ethernet1/1
C 172.16.1.0 is directly connected, Ethernet1/0
10.0.0.0/22 is subnetted, 2 subnets
D 10.1.0.0 [90/409600] via 172.16.1.1, 00:03:13, Ethernet1/0
D 10.1.16.0 [90/435200] via 172.16.1.6, 00:01:02, Ethernet1/1
D 192.168.0.0/24 [90/409600] via 172.16.1.6, 00:21:08, Ethernet1/1
D 192.168.1.0/24 [90/409600] via 172.16.1.6, 00:21:08, Ethernet1/1
14. www.ccieuniversity.com
D 192.168.2.0/24 [90/409600] via 172.16.1.6, 00:21:08, Ethernet1/1
D 192.168.3.0/24 [90/409600] via 172.16.1.6, 00:21:08, Ethernet1/1
9、Ping the networks behind R1 and R4 again.
R2#ping 10.1.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/69/145 ms
R2#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/44/64 ms
R2#ping 10.1.16.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.16.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/97/140 ms
R2#ping 10.1.17.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.17.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 48/93/149 ms
10、To decrease the size of routing table, we could manually summarize the networks
from 192.168.0.0/24 to 192.168.3.0/24 behind R3.
R3(config)#router eigrp 50
R3(config-router)#no auto-summary
R3(config-router)#exit
R3(config)#
R3(config)#interface ethernet 1/1
R3(config-if)#ip summary-address eigrp 50 192.168.0.0 255.255.252.0
R3(config-if)#exit
R3(config)#
R3(config)#inter ethernet 1/0
R3(config-if)#ip summary-address eigrp 50 192.168.0.0 255.255.252.0
R3(config-if)#exit
R3(config)#
11、Check the routing table of R2 and R4.
R4#show ip route
Gateway of last resort is not set
172.16.0.0/30 is subnetted, 3 subnets
C 172.16.1.8 is directly connected, FastEthernet0/0
D 172.16.1.4 [90/284160] via 172.16.1.9, 00:02:41, FastEthernet0/0
15. www.ccieuniversity.com
D 172.16.1.0 [90/309760] via 172.16.1.9, 00:02:23, FastEthernet0/0
10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
D 10.1.0.0/22 [90/437760] via 172.16.1.9, 00:02:23, FastEthernet0/0
C 10.1.19.0/24 is directly connected, Loopback0
C 10.1.18.0/24 is directly connected, Loopback0
C 10.1.17.0/24 is directly connected, Loopback0
D 10.1.16.0/22 is a summary, 00:03:33, Null0
C 10.1.16.0/24 is directly connected, Loopback0
D 192.168.0.0/22 [90/156160] via 172.16.1.9, 00:02:41, FastEthernet0/0
R2#show ip route
Gateway of last resort is not set
172.16.0.0/30 is subnetted, 3 subnets
D 172.16.1.8 [90/307200] via 172.16.1.6, 00:02:54, Ethernet1/1
C 172.16.1.4 is directly connected, Ethernet1/1
C 172.16.1.0 is directly connected, Ethernet1/0
10.0.0.0/22 is subnetted, 2 subnets
D 10.1.0.0 [90/409600] via 172.16.1.1, 00:16:13, Ethernet1/0
D 10.1.16.0 [90/435200] via 172.16.1.6, 00:02:54, Ethernet1/1
D 192.168.0.0/22 [90/409600] via 172.16.1.6, 00:02:54, Ethernet1/1
12、Ping the networks behind R3 from R2 and R4.
R2#ping 192.168.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/28/60 ms
R4#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/37/48 ms
By www.ccieuniversity.com
Configuring EIGRP Unequal Cost Paths Lab
Topology
16. www.ccieuniversity.com
Lab Purpose:
1、Master EIGRP unequal cost load balance.
2、Master EIGRP metric modifying.
3、Master EIGRP AD、FD、FC、Successor、FS principal.
Lab Steps:
1、Finish basic ip configuration.
2、Enable EIGRP 50 on the 3 routers.
3、Check the routing table of R1.
R1#show ip route
172.16.0.0/30 is subnetted, 3 subnets
C 172.16.1.8 is directly connected, FastEthernet0/0
D 172.16.1.4 [90/2172416] via 172.16.1.10, 00:00:11, FastEthernet0/0
C 172.16.1.0 is directly connected, Serial1/1
D 192.168.1.0/24 [90/156160] via 172.16.1.10, 00:00:11, FastEthernet0/0
4、We can see there is only one way to network 192.168.1.0/24, to increase the
capability of transmission, we need to use all the usable links.
5、If we want to use 172.16.1.2 as a unequal cost path, then we should make sure it is
the FS of network 192.168.1.0/24.
6、Check the EIGRP 50 topology database we found that 172.16.1.2 is not in the
192.168.1.0/24 list, not a FS.
R1#show ip eigrp 50 topology
………
P 192.168.1.0/24, 1 successors, FD is 156160
via 172.16.1.10 (156160/128256), FastEthernet0/0
P 172.16.1.8/30, 1 successors, FD is 28160
via Connected, FastEthernet0/0
………
7、Check the full EIGRP topology table we found that 172.16.1.2 could be the next hop
of network 192.168.1.0/24, just not in use by the restriction of algorithm.
R1#show ip eigrp 50 topology all-links
17. www.ccieuniversity.com
………
P 192.168.1.0/24, 1 successors, FD is 156160, serno 6
via 172.16.1.10 (156160/128256), FastEthernet0/0
via 172.16.1.2 (2809856/2297856), Serial1/1
………
8、According to the FS formula.
AD of secondary-best route < FD of best route(Successor) = Feasible Successor
We could do the math.
Distance from R2 to network 192.168.1.0/24 should less than 156160, then 172.16.1.2
would be the FS.
9、Let's change the EIGRP metrics of R2 to make it work as a FS of R1.
R2#configure terminal
R2(config)#interface serial 1/1
R2(config-if)#bandwidth 10000000
R2(config-if)#delay 10
R2(config)#exit
10、Check the topology table of R1, we see 130816 is less than 15160.
R1#show ip eigrp topology all-links
………
P 192.168.1.0/24, 1 successors, FD is 156160, serno 6
via 172.16.1.10 (156160/128256), FastEthernet0/0
via 172.16.1.2 (2300416/130816), Serial1/1
………
11、This time we could enable unequal cost load balance, and give the right variance
value.
According to the variance formula.
FD of FS route < FD of best route(Successor) * Varince
So the math is
2300416 < 156160 * x
x≈14.73
12、Let test 14 as the variance number.
R1(config)#router eigrp 50
R1(config-router)#variance 14
R1(config-router)#exit
R1(config)#exit
R1#clear ip router *
R1#show ip route
………
C 172.16.1.0 is directly connected, Serial1/1
D 192.168.1.0/24 [90/156160] via 172.16.1.10, 00:00:00, FastEthernet0/0
………
Seems 14 is not enough.
13、Let's change it to 15.
18. www.ccieuniversity.com
R1(config)#router eigrp 50
R1(config-router)#variance 15
R1(config-router)#exit
R1(config)#exit
R1#clear ip router *
R1#show ip route
………
C 172.16.1.0 is directly connected, Serial1/1
D 192.168.1.0/24 [90/156160] via 172.16.1.10, 00:00:01, FastEthernet0/0
[90/2300416] via 172.16.1.2, 00:00:01, Serial1/1
This time both 172.16.1.10 and 172.16.1.2 are the next hop for network 192.168.1.0/24.
By www.ccieuniversity.com
Configuring EIGRP Authentication Lab
Topology
Lab Purpose:
1、Master EIGRP authentication principal.
2、Master EIGRP authentication configuration.
Lab Steps:
1、Finish basic ip configuration.
2、Enable EIGRP 50 on the 2 routers.
3、Check the routing tables of R1 and R2.
R1#show ip route
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.1.8/30 is directly connected, Serial1/1
D 172.16.0.0/16 is a summary, 00:00:37, Null0
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.1.1.0/24 is directly connected, Loopback0
D 10.0.0.0/8 is a summary, 00:00:37, Null0
D 192.168.1.0/24 [90/2297856] via 172.16.1.10, 00:00:09, Serial1/1
R1#
19. www.ccieuniversity.com
R2#show ip route
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.1.8/30 is directly connected, Serial1/0
D 172.16.0.0/16 is a summary, 00:00:53, Null0
D 10.0.0.0/8 [90/2297856] via 172.16.1.9, 00:00:51, Serial1/0
C 192.168.1.0/24 is directly connected, Loopback0
R2#
4、Config EIGRP authentication on R1.
R1#configure terminal
R1(config)#key chain edurainbow
R1(config-keychain)#key 1
R1(config-keychain-key)#key-string cisco
R1(config-keychain-key)#exit
R1(config-keychain)#exit
R1(config)#
R1(config)#interface serial 1/1
R1(config-if)#ip authentication key-chain eigrp 50 edurainbow
R1(config-if)#ip authentication mode eigrp 50 md5
R1(config-if)#end
R1(config)#
5、"Use clear ip route *" command to speed up converge.
6、Then check the routing table of R1 and R2 again.
R1#show ip route
C 172.16.1.8/30 is directly connected, Serial1/1
D 172.16.0.0/16 is a summary, 00:00:16, Null0
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.1.1.0/24 is directly connected, Loopback0
D 10.0.0.0/8 is a summary, 00:00:16, Null0
R1#
R2#show ip route
………
C 172.16.1.8/30 is directly connected, Serial1/0
D 172.16.0.0/16 is a summary, 00:02:53, Null0
C 192.168.1.0/24 is directly connected, Loopback0
R2#
This time the neighbor is down and EIGRP routes are missing.
*Mar 14 15:35:27.343: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 50: Neighbor 172.16.1.9 (Serial1/0) is up:
new adjacency
*Mar 14 15:35:29.767: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 50: Neighbor 172.16.1.9 (Serial1/0) is down:
Auth failure
7 Check the neighbor table of R2 we found no item there.
R2#show ip eigrp 50 neighbors
IP-EIGRP neighbors for process 50
8、Config EIGRP authentication on R2.
R2#
20. www.ccieuniversity.com
R2#configure terminal
R2(config)#key chain edurainbow
R2(config-keychain)#key 1
R2(config-keychain-key)#key-string cisco
R2(config-keychain-key)#exit
R2(config-keychain)#exit
R2(config)#
R2(config)#interface serial 1/0
R2(config-if)#ip authentication key-chain eigrp 50 edurainbow
R2(config-if)#ip authentication mode eigrp 50 md5
R2(config-if)#exit
R2(config)#exit
R2(config)#
9、Then we found neighbor is up again.
*Mar 14 15:46:04.071: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 50: Neighbor 172.16.1.9 (Serial1/0) is up:
new adjacency
R2#show ip eigrp 50 neighbors
IP-EIGRP neighbors for process 50
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 172.16.1.9 Se1/0 11 00:01:17 28 200 0 8
10、Check the routing table of R1 and R2 we found the RIGRP routes are back.
R1#show ip route
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.1.8/30 is directly connected, Serial1/1
D 172.16.0.0/16 is a summary, 00:08:41, Null0
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.1.1.0/24 is directly connected, Loopback0
D 10.0.0.0/8 is a summary, 00:08:42, Null0
D 192.168.1.0/24 [90/2297856] via 172.16.1.10, 00:02:54, Serial1/1
R1#
R2#show ip route
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.1.8/30 is directly connected, Serial1/0
D 172.16.0.0/16 is a summary, 00:08:28, Null0
D 10.0.0.0/8 [90/2297856] via 172.16.1.9, 00:03:44, Serial1/0
C 192.168.1.0/24 is directly connected, Loopback0
By www.ccieuniversity.com
Understand EIGRP Query Lab
Topology
21. www.ccieuniversity.com
Lab Purpose:
1、Understand EIGRP route update mechanism.
2、Master EIGRP debug command.
3、Master stub configuration.
Lab Steps:
1、Finish basic ip configuration.
2、Enable EIGRP 50 on the 3 routers.
3、Check EIGRP routing table of R1 R2 R3.
R1#show ip route eigrp
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
D 172.16.1.4/30 [90/2681856] via 172.16.1.2, 00:01:20, Serial1/1
D 172.16.0.0/16 is a summary, 00:01:00, Null0
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
D 10.0.0.0/8 is a summary, 00:00:59, Null0
R1#
R2#show ip route eigrp
D 10.0.0.0/8 [90/2297856] via 172.16.1.1, 00:01:16, Serial1/0
D 192.168.1.0/24 [90/2172416] via 172.16.1.1, 00:01:21, Serial1/0
[90/2172416] via 172.16.1.6, 00:01:21, Serial1/1
R2#
R3#sh ip route eigrp
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
D 172.16.0.0/16 is a summary, 00:01:30, Null0
D 172.16.1.0/30 [90/2681856] via 172.16.1.5, 00:01:36, Serial1/0
D 10.0.0.0/8 [90/156160] via 192.168.1.1, 00:01:30, FastEthernet0/0
R3#
4、Debug EIGRP on R2 to track update.
R2#debug eigrp fsm
EIGRP FSM Events/Actions debugging is on
22. www.ccieuniversity.com
R2#debug eigrp packets query
EIGRP Packets debugging is on
(QUERY)
5、Shutdown loopback0 on R1 to simulate a network issue.
R1(config)#interface loopback 0
R1(config-if)#shutdown
6、Check debug information on R2.
*Mar 15 22:03:26.087: EIGRP: Received QUERY on Serial1/0 nbr 172.16.1.1
*Mar 15 22:03:26.091: AS 50, Flags 0x0, Seq 127/192 idbQ 0/0 iidbQ
un/rely 0/0 peerQ un/rely 0/0
*Mar 15 22:03:26.095: DUAL: rcvquery: 10.1.1.0/24 via 172.16.1.1 metric
4294967295/4294967295, RD is 2297856
*Mar 15 22:03:26.095: DUAL: Find FS for dest 10.1.1.0/24. FD is 2297856,
RD is 2297856
*Mar 15 22:03:26.099: DUAL: 172.16.1.1 metric 4294967295/4294967295
*Mar 15 22:03:26.099: DUAL: 172.16.1.6 metric 2300416/156160 found
Dmin is 2300416
*Mar 15 22:03:26.099: DUAL: send REPLY(R1/n1) about 10.1.1.0/24 to
172.16.1.1
*Mar 15 22:03:26.099: DUAL: RT installed 10.1.1.0/24 via 172.16.1.6
*Mar 15 22:03:26.099: DUAL: Send update about 10.1.1.0/24. Reason:
metric chg
*Mar 15 22:03:26.099: DUAL: Send update about 10.1.1.0/24. Reason: new
if
*Mar 15 22:03:26.147: EIGRP: Received QUERY on Serial1/1 nbr 172.16.1.6
*Mar 15 22:03:26.151: AS 50, Flags 0x0, Seq 144/194 idbQ 0/0 iidbQ
un/rely 0/0 peerQ un/rely 0/0
*Mar 15 22:03:26.155: DUAL: rcvquery: 10.1.1.0/24 via 172.16.1.6 metric
4294967295/4294967295, RD is 2300416
*Mar 15 22:03:26.155: DUAL: Find FS for dest 10.1.1.0/24. FD is 2297856,
RD is 2300416
*Mar 15 22:03:26.159: DUAL: 172.16.1.6 metric 4294967295/4294967295
*Mar 15 22:03:26.159: DUAL: 172.16.1.1 metric 4294967295/4294967295
not found Dmin is 4294967295
*Mar 15 22:03:26.159: DUAL: Peer total/stub 2/0 template/full-stub 2/0
*Mar 15 22:03:26.159: DUAL: Dest 10.1.1.0/24 entering active state.
*Mar 15 22:03:26.159: DUAL: Set reply-status table. Count is 2.
*Mar 15 22:03:26.159: DUAL: Not doing split horizon
*Mar 15 22:03:26.159: DUAL: Going from state 1 to state 3
*Mar 15 22:03:26.171: EIGRP: Enqueueing QUERY on Serial1/1 iidbQ un/rely
0/1 serno 148-148
23. www.ccieuniversity.com
*Mar 15 22:03:26.175: EIGRP: Enqueueing QUERY on Serial1/1 nbr
172.16.1.6 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 148-148
*Mar 15 22:03:26.179: EIGRP: Sending QUERY on Serial1/1 nbr 172.16.1.6
*Mar 15 22:03:26.179: AS 50, Flags 0x0, Seq 195/144 idbQ 0/0 iidbQ
un/rely 0/0 peerQ un/rely 0/1 serno 148-148
*Mar 15 22:03:26.199: EIGRP: Enqueueing QUERY on Serial1/0 iidbQ un/rely
0/1 serno 148-148
*Mar 15 22:03:26.203: EIGRP: Enqueueing QUERY on Serial1/0 nbr
172.16.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 148-148
*Mar 15 22:03:26.207: EIGRP: Sending QUERY on Serial1/0 nbr 172.16.1.1
*Mar 15 22:03:26.207: AS 50, Flags 0x0, Seq 196/127 idbQ 0/0 iidbQ
un/rely 0/0 peerQ un/rely 0/1 serno 148-148
*Mar 15 22:03:26.215: DUAL: rcvreply: 10.1.1.0/24 via 172.16.1.6 metric
4294967295/4294967295
*Mar 15 22:03:26.219: DUAL: reply count is 2
*Mar 15 22:03:26.219: DUAL: Clearing handle 1, count now 1
*Mar 15 22:03:26.267: DUAL: rcvreply: 10.1.1.0/24 via 172.16.1.1 metric
4294967295/4294967295
*Mar 15 22:03:26.267: DUAL: reply count is 1
*Mar 15 22:03:26.267: DUAL: Clearing handle 0, count now 0
*Mar 15 22:03:26.271: DUAL: Freeing reply status table
*Mar 15 22:03:26.271: DUAL: Find FS for dest 10.1.1.0/24. FD is
4294967295, RD is 4294967295 found
………
According to the debug output there are 4 query packets and 4 respond packets, thing if
there are hundreds of routers the query will be huge. We could use manually summarize
and stub feature to restrict the query scope.
7、Manually summary on R1 and R3.
R1(config)#interface loopback 0
R1(config-if)#no shutdown
R1(config)#interface serial 1/1
R1(config-if)#ip summary-address eigrp 50 10.0.0.0 255.0.0.0
R3(config)#interface serial 1/0
R3(config-if)#ip summary-address eigrp 50 10.0.0.0 255.0.0.0
8、Check routing table of R2 and R3 again to make sure they have learned the summary
route.
R2#show ip route eigrp
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
24. www.ccieuniversity.com
D 172.16.0.0/16 [90/2684416] via 172.16.1.1, 00:15:27, Serial1/0
10.0.0.0/24 is subnetted, 1 subnets
D 10.1.1.0 [90/2297856] via 172.16.1.1, 00:00:27, Serial1/0
D 192.168.1.0/24 [90/2172416] via 172.16.1.1, 00:15:09, Serial1/0
[90/2172416] via 172.16.1.6, 00:15:09, Serial1/1
R2#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 48/78/104 ms
R2#
R3>show ip route eigrp
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
D 172.16.0.0/16 is a summary, 00:15:43, Null0
D 172.16.1.0/30 [90/2172416] via 192.168.1.1, 00:15:43,
FastEthernet0/0
10.0.0.0/24 is subnetted, 1 subnets
D 10.1.1.0 [90/156160] via 192.168.1.1, 00:00:57, FastEthernet0/0
R3>
R3>ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/62/96 ms
R3>
9、Shutdown loopback0 on R1 again to check the debug message on R2.
*Mar 15 22:11:17.867: EIGRP: Received QUERY on Serial1/0 nbr 172.16.1.1
*Mar 15 22:11:17.871: AS 50, Flags 0x0, Seq 135/207 idbQ 0/0 iidbQ
un/rely 0/0 peerQ un/rely 0/0
*Mar 15 22:11:17.875: DUAL: dest(10.1.1.0/24) not active
*Mar 15 22:11:17.875: DUAL: rcvquery: 10.1.1.0/24 via 172.16.1.1 metric
4294967295/4294967295, RD is 4294967295
*Mar 15 22:11:17.879: DUAL: send REPLY(R1/n1) about 10.1.1.0/24 to
172.16.1.1
*Mar 15 22:11:17.879: DUAL: rcvquery: 10.0.0.0/8 via 172.16.1.1 metric
4294967295/4294967295, RD is 2297856
25. www.ccieuniversity.com
*Mar 15 22:11:17.883: DUAL: Find FS for dest 10.0.0.0/8. FD is 2297856,
RD is 2297856
*Mar 15 22:11:17.883: DUAL: 172.16.1.1 metric 4294967295/4294967295
*Mar 15 22:11:17.887: DUAL: 172.16.1.6 metric 2300416/156160 found
Dmin is 2300416
*Mar 15 22:11:17.887: DUAL: send REPLY(R1/n1) about 10.0.0.0/8 to
172.16.1.1
*Mar 15 22:11:17.891: DUAL: RT installed 10.0.0.0/8 via 172.16.1.6
*Mar 15 22:11:17.895: DUAL: Send update about 10.0.0.0/8. Reason:
metric chg
*Mar 15 22:11:17.895: DUAL: Send update about 10.0.0.0/8. Reason: new
if
*Mar 15 22:11:17.899: EIGRP: Received QUERY on Serial1/1 nbr 172.16.1.6
*Mar 15 22:11:17.903: AS 50, Flags 0x0, Seq 154/208 idbQ 0/0 iidbQ
un/rely 0/0 peerQ un/rely 0/0
*Mar 15 22:11:17.907: DUAL: dest(10.1.1.0/24) not active
*Mar 15 22:11:17.907: DUAL: rcvquery: 10.1.1.0/24 via 172.16.1.6 metric
4294967295/4294967295, RD is 4294967295
*Mar 15 22:11:17.911: DUAL: send REPLY(R1/n1) about 10.1.1.0/24 to
172.16.1.6
*Mar 15 22:11:17.951: DUAL: Removing dest 10.1.1.0/24, nexthop
172.16.1.1
*Mar 15 22:11:17.955: DUAL: Removing dest 10.0.0.0/8, nexthop 172.16.1.1
*Mar 15 22:11:18.015: DUAL: Removing dest 10.1.1.0/24, nexthop
172.16.1.6
*Mar 15 22:11:18.015: DUAL: No routes. Flushing dest 10.1.1.0/24
*Mar 15 22:11:18.019: EIGRP: Received QUERY on Serial1/1 nbr 172.16.1.6
*Mar 15 22:11:18.023: AS 50, Flags 0x0, Seq 157/212 idbQ 0/0 iidbQ
un/rely 0/0 peerQ un/rely 0/0
*Mar 15 22:11:18.027: DUAL: rcvquery: 10.0.0.0/8 via 172.16.1.6 metric
4294967295/4294967295, RD is 2300416
*Mar 15 22:11:18.027: DUAL: Find FS for dest 10.0.0.0/8. FD is 2297856,
RD is 2300416
*Mar 15 22:11:18.031: DUAL: 172.16.1.6 metric 4294967295/4294967295
not found Dmin is 4294967295
*Mar 15 22:11:18.031: DUAL: Peer total/stub 2/0 template/full-stub 2/0
*Mar 15 22:11:18.035: DUAL: Dest 10.0.0.0/8 entering active state.
*Mar 15 22:11:18.035: DUAL: Set reply-status table. Count is 1.
*Mar 15 22:11:18.039: DUAL: Doing split horizon on Serial1/1
*Mar 15 22:11:18.039: DUAL: Going from state 1 to state 3
26. www.ccieuniversity.com
*Mar 15 22:11:18.047: EIGRP: Enqueueing QUERY on Serial1/1 iidbQ un/rely
0/1 serno 161-161
*Mar 15 22:11:18.051: EIGRP: Enqueueing QUERY on Serial1/0 iidbQ un/rely
0/1 serno 161-161
*Mar 15 22:11:18.051: EIGRP: Enqueueing QUERY on Serial1/1 nbr
172.16.1.6 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 161-161
*Mar 15 22:11:18.055: EIGRP: Enqueueing QUERY on Serial1/0 nbr
172.16.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 161-161
*Mar 15 22:11:18.063: EIGRP: Sending QUERY on Serial1/0 nbr 172.16.1.1
*Mar 15 22:11:18.063: AS 50, Flags 0x0, Seq 214/135 idbQ 0/0 iidbQ
un/rely 0/0 peerQ un/rely 0/1 serno 161-161
*Mar 15 22:11:18.119: DUAL: dest(10.0.0.0/8) active
*Mar 15 22:11:18.119: DUAL: rcvreply: 10.0.0.0/8 via 172.16.1.1 metric
4294967295/4294967295
*Mar 15 22:11:18.123: DUAL: reply count is 1
*Mar 15 22:11:18.123: DUAL: Clearing handle 0, count now 0
*Mar 15 22:11:18.123: DUAL: Freeing reply status table
*Mar 15 22:11:18.123: DUAL: Find FS for dest 10.0.0.0/8. FD is
4294967295, RD is 4294967295 found
*Mar 15 22:11:18.127: DUAL: send REPLY(R1/n1) about 10.0.0.0/8 to
172.16.1.6
*Mar 15 22:11:18.131: DUAL: Removing dest 10.0.0.0/8, nexthop 172.16.1.1
*Mar 15 22:11:18.131: DUAL: Going from state 3 to state 1
*Mar 15 22:11:18.171: DUAL: Removing dest 10.0.0.0/8, nexthop 172.16.1.6
*Mar 15 22:11:18.171: DUAL: No routes. Flushing dest 10.0.0.0/8
Obviously query packets for network 10.1.1.0/24 decrease to 2 this time.
10、To deeply solve the issue, we enable EIGRP stub feature on R2 to stop query
packets for network 10.1.1.0/24.
R2(config)#router eigrp 50
R2(config-router)#eigrp stub
11、Check the neighbor table on R1 to see the stub feature.
R1#show ip eigrp neighbors detail
IP-EIGRP neighbors for process 50
H Address Interface Hold Uptime SRTT RTO Q
Seq
(sec) (ms) Cnt
Num
27. www.ccieuniversity.com
0 172.16.1.2 Se1/1 12 00:01:01 216 1296 0
220
Version 12.3/1.2, Retrans: 0, Retries: 0
Stub Peer Advertising ( CONNECTED SUMMARY ) Routes
Suppressing queries
1 192.168.1.2 Fa0/0 14 01:09:11 75 450 0
159
Version 12.3/1.2, Retrans: 1, Retries: 0
12、Shutdown loopback0 of R1 again to see the debug output of R2.
*Mar 15 22:22:31.371: DUAL: rcvupdate: 10.0.0.0/8 via 172.16.1.1 metric
4294967295/4294967295
*Mar 15 22:22:31.371: DUAL: Find FS for dest 10.0.0.0/8. FD is 2297856,
RD is 2297856
*Mar 15 22:22:31.375: DUAL: 172.16.1.1 metric 4294967295/4294967295
*Mar 15 22:22:31.375: DUAL: 172.16.1.6 metric 2300416/156160 found
Dmin is 2300416
*Mar 15 22:22:31.379: DUAL: Removing dest 10.0.0.0/8, nexthop 172.16.1.1
*Mar 15 22:22:31.383: DUAL: RT installed 10.0.0.0/8 via 172.16.1.6
*Mar 15 22:22:31.383: DUAL: Send update about 10.0.0.0/8. Reason:
metric chg
*Mar 15 22:22:31.387: DUAL: Send update about 10.0.0.0/8. Reason: new
if
*Mar 15 22:22:31.587: DUAL: rcvupdate: 10.0.0.0/8 via 172.16.1.6 metric
4294967295/4294967295
*Mar 15 22:22:31.587: DUAL: Find FS for dest 10.0.0.0/8. FD is 2297856,
RD is 2300416
*Mar 15 22:22:31.591: DUAL: 172.16.1.6 metric 4294967295/4294967295
not found Dmin is 4294967295
*Mar 15 22:22:31.591: DUAL: Peer total/stub 2/0 template/full-stub 2/0
*Mar 15 22:22:31.595: DUAL: Dest 10.0.0.0/8 entering active state.
*Mar 15 22:22:31.595: DUAL: Set reply-status table. Count is 2.
*Mar 15 22:22:31.595: DUAL: Not doing split horizon
*Mar 15 22:22:31.607: EIGRP: Enqueueing QUERY on Serial1/1 iidbQ un/rely
0/1 serno 169-169
*Mar 15 22:22:31.607: EIGRP: Enqueueing QUERY on Serial1/0 iidbQ un/rely
0/1 serno 169-169
*Mar 15 22:22:31.611: EIGRP: Enqueueing QUERY on Serial1/1 nbr
172.16.1.6 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 169-169
*Mar 15 22:22:31.615: EIGRP: Enqueueing QUERY on Serial1/0 nbr
172.16.1.1 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 169-169
28. www.ccieuniversity.com
*Mar 15 22:22:31.619: EIGRP: Sending QUERY on Serial1/1 nbr 172.16.1.6
*Mar 15 22:22:31.623: AS 50, Flags 0x0, Seq 226/169 idbQ 0/0 iidbQ
un/rely 0/0 peerQ un/rely 0/1 serno 169-169
*Mar 15 22:22:31.627: EIGRP: Sending QUERY on Serial1/0 nbr 172.16.1.1
*Mar 15 22:22:31.627: AS 50, Flags 0x0, Seq 227/148 idbQ 0/0 iidbQ
un/rely 0/0 peerQ un/rely 0/1 serno 169-169
*Mar 15 22:22:31.711: DUAL: dest(10.0.0.0/8) active
*Mar 15 22:22:31.715: DUAL: rcvreply: 10.0.0.0/8 via 172.16.1.1 metric
4294967295/4294967295
*Mar 15 22:22:31.715: DUAL: reply count is 2
…………
This time R2 will not receive any query packet for network 10.1.1.0/24
By www.ccieuniversity.com
Configuring Basic Multi Area OSPF and Area Summary Lab
Topology
Lab Purpose:
1、Master OSPF multi area configuration.
2、Distinguish routes from different areas.
3、Master OSPF route summary configuration.
4、Master OSPF basic configuration.
Lab Steps:
1、Finish basic ip configuration.
2、Enable OSPF 1 on R1, assign interfaces to the relevant area according to the
topology.
R1(config)#router ospf 1
R1(config-router)#network 10.1.2.0 0.0.0.255 area 1
R1(config-router)#network 10.1.1.0 0.0.0.255 area 1
R1(config-router)#network 192.168.1.0 0.0.0.3 area 1
29. www.ccieuniversity.com
R1(config-router)#exit
3、Enable OSPF 1 on R2, assign interfaces to relevant area according to the topology.
R2(config)#router ospf 1
R2(config-router)#network 192.168.1.0 0.0.0.3 area 1
R2(config-router)#network 192.168.1.4 0.0.0.3 area 0
R2(config)#exit
4、Refer to R1 and R2, finish the OSPF configuration on R3 and R4.
5、Check OSPF neighbor relationship on R2.
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.1.9 1 FULL/ - 00:00:39 192.168.1.6 Serial1/1
10.1.2.1 1 FULL/ - 00:00:37 192.168.1.1 Serial1/0
6、Check the routing table of R1 to see OSPF route from different areas.
R1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
…………
Gateway of last resort is not set
172.16.0.0/32 is subnetted, 2 subnets
O IA 172.16.1.1 [110/193] via 192.168.1.2, 00:02:23, Serial1/1
O IA 172.16.2.1 [110/193] via 192.168.1.2, 00:02:23, Serial1/1
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.2.0 is directly connected, Loopback1
C 10.1.1.0 is directly connected, Loopback0
192.168.1.0/30 is subnetted, 3 subnets
O IA 192.168.1.8 [110/192] via 192.168.1.2, 00:02:58, Serial1/1
C 192.168.1.0 is directly connected, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:05:06, Serial1/1
7、Check OSPF link state database of R1.
R1#show ip ospf database
OSPF Router with ID (10.1.2.1) (Process ID 1)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
10.1.2.1 10.1.2.1 492 0x80000004 0x00C83F 4
192.168.1.5 192.168.1.5 486 0x80000003 0x002BB5 2
30. www.ccieuniversity.com
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
172.16.1.1 192.168.1.5 315 0x80000001 0x00CCC0
172.16.2.1 192.168.1.5 315 0x80000001 0x00C1CA
192.168.1.4 192.168.1.5 479 0x80000001 0x00E33E
192.168.1.8 192.168.1.5 350 0x80000001 0x003E9F
8、Use ping to test the connectivity on R1.
R1#ping 172.16.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 216/240/288
ms
R1#
9、Check the routing table and OSPF link state database on R4.
R4#show ip route
172.16.0.0/24 is subnetted, 2 subnets
C 172.16.1.0 is directly connected, Loopback0
C 172.16.2.0 is directly connected, Loopback1
10.0.0.0/24 is subnetted, 2 subnets
O IA 10.1.2.0 [110/193] via 192.168.1.9, 00:15:14, Serial1/0
O IA 10.1.1.0 [110/193] via 192.168.1.9, 00:15:14, Serial1/0
192.168.1.0/30 is subnetted, 3 subnets
C 192.168.1.8 is directly connected, Serial1/0
O IA 192.168.1.0 [110/192] via 192.168.1.9, 00:15:14, Serial1/0
O IA 192.168.1.4 [110/128] via 192.168.1.9, 00:15:14, Serial1/0
R4#
R4#show ip ospf database
OSPF Router with ID (172.16.2.1) (Process ID 1)
Router Link States (Area 2)
Link ID ADV Router Age Seq# Checksum Link count
172.16.2.1 172.16.2.1 1223 0x80000004 0x00B871 4
192.168.1.9 192.168.1.9 1224 0x80000002 0x00EA2E 2
Summary Net Link States (Area 2)
Link ID ADV Router Age Seq# Checksum
10.1.1.0 192.168.1.9 2 0x80000001 0x00B586
10.1.2.0 192.168.1.9 2 0x80000001 0x00AA90
192.168.1.0 192.168.1.9 1265 0x80000001 0x00766B
31. www.ccieuniversity.com
192.168.1.4 192.168.1.9 1265 0x80000001 0x00CB52
As you see all the area 1 specific routes are in the routing table of R4, we could do
something to make it smaller.
10、Config OSPF area summary on R2.
R2(config)#router ospf 1
R2(config-router)#area 1 range 10.1.0.0 255.255.0.0
R2(config-router)#exit
R2(config)#exit
11、Check the routing table and OSPF database on R4 again.
R4#show ip route
172.16.0.0/24 is subnetted, 2 subnets
C 172.16.1.0 is directly connected, Loopback0
C 172.16.2.0 is directly connected, Loopback1
10.0.0.0/16 is subnetted, 1 subnets
O IA 10.1.0.0 [110/193] via 192.168.1.9, 00:00:32, Serial1/0
192.168.1.0/30 is subnetted, 3 subnets
C 192.168.1.8 is directly connected, Serial1/0
O IA 192.168.1.0 [110/192] via 192.168.1.9, 00:18:36, Serial1/0
O IA 192.168.1.4 [110/128] via 192.168.1.9, 00:18:36, Serial1/0
R4#
R4#show ip ospf database
OSPF Router with ID (172.16.2.1) (Process ID 1)
Router Link States (Area 2)
Link ID ADV Router Age Seq# Checksum Link count
172.16.2.1 172.16.2.1 6 0x80000005 0x00B672 4
192.168.1.9 192.168.1.9 13 0x80000004 0x00E630 2
Summary Net Link States (Area 2)
Link ID ADV Router Age Seq# Checksum
10.1.0.0 192.168.1.9 29 0x80000001 0x00C07C
192.168.1.0 192.168.1.9 1325 0x80000001 0x00766B
192.168.1.4 192.168.1.9 1325 0x80000001 0x00CB52
By www.ccieuniversity.com
32. www.ccieuniversity.com
Configuring OSPF in NBMA Lab
Topology
Lab Purpose:
1、Master OSPF in NBMA network configuration.
2、Master OSPF interface network type configuration.
3、Master OSPF interface priority configuration.
Lab Steps:
1、Finish basic ip configuration.
2、Enable OSPF on all routers and use default network type.
R1(config)#interface loopback 0
R1(config-if)#ip address 172.16.1.1 255.255.255.0
R1(config-if)#ip ospf network point-to-point
R1(config-if)#exit
R1(config)#
R1(config)#interface serial 1/2
R1(config-if)#ip add 192.168.1.1 255.255.255.0
R1(config-if)#encapsulation frame-relay
R1(config-if)#no frame-relay inverse-arp
R1(config-if)#frame-relay map ip 192.168.1.2 102 broadcast
R1(config-if)#frame-relay map ip 192.168.1.3 103 broadcast
R1(config-if)#exit
R1(config)#
R1(config)#router ospf 1
R1(config-router)#network 192.168.1.0 0.0.0.255 area 0
R1(config-router)#network 172.16.1.0 0.0.0.255 area 0
R1(config-router)#exit
R1(config)#
R2(config)#interface loopback 0
R2(config-if)#ip address 172.16.3.1 255.255.255.0
R2(config-if)#ip ospf network point-to-point
R2(config-if)#exit
R2(config)#
33. www.ccieuniversity.com
R2(config)#interface serial 1/2
R2(config-if)#encapsulation frame-relay
R2(config-if)#ip address 192.168.1.2 255.255.255.0
R2(config-if)#no frame-relay inverse-arp
R2(config-if)#frame-relay map ip 192.168.1.1 201 broadcast
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#
R2(config)#router ospf 1
R2(config-router)#network 172.16.3.0 0.0.0.255 area 0
R2(config-router)#network 192.168.1.0 0.0.0.255 area 0
R2(config-router)#exit
R2(config)#
R3(config)#interface loopback 0
R3(config-if)#ip address 172.16.4.1 255.255.255.0
R3(config-if)#ip ospf network point-to-point
R3(config-if)#exit
R3(config)#
R3(config)#interface serial 1/2
R3(config-if)#ip address 192.168.1.3 255.255.255.0
R3(config-if)#encapsulation frame-relay
R3(config-if)#no frame-relay inverse-arp
R3(config-if)#frame-relay map ip 192.168.1.1 301 broadcast
R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#
R3(config)#router ospf 1
R3(config-router)#network 172.16.4.0 0.0.0.255 area 0
R3(config-router)#network 192.168.1.0 0.0.0.255 area 0
R3(config-router)#exit
R3(config)#
3、Check the OSPF neighbor table on R1 we can see no neighbor is up.
R1#show ip ospf neighbor
4、Check Serial 1/2 OSPF information on R1.
R1#show ip ospf interface serial 1/2
Serial1/2 is up, line protocol is up
Internet Address 192.168.1.1/24, Area 0
Process ID 1, Router ID 172.16.1.1, Network Type NON_BROADCAST, Cost: 64
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 172.16.1.1, Interface address 192.168.1.1
34. www.ccieuniversity.com
No backup designated router on this network
Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
oob-resync timeout 120
Hello due in 00:00:15
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 0, maximum is 0
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 0, Adjacent neighbor count is 0
Suppress hello for 0 neighbor(s)
5、According to the above information we could see the default OSPF network type for
NBMA is NON_BROADCAST, So OSPF will not send out its hello packet which based on
multi-cast.
6、One solution is to manually assign OSPF neighbor.
R1(config)#router ospf 1
R1(config-router)#neighbor 192.168.1.2
R1(config-router)#neighbor 192.168.1.3
R2(config)#router ospf 1
R2(config-router)#neighbor 192.168.1.1
R3(config)#router ospf 1
R3(config-router)#neighbor 192.168.1.1
7、Then we can see the neighbors are up.
*Jun 18 15:36:16.743: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.4.1 on Serial1/2 from
LOADING to FULL, Loading Done
*Jun 18 15:36:16.747: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.3.1 on Serial1/2 from
LOADING to FULL, Loading Don
8、Check the OSPF neighbor table on R1.
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.16.3.1 1 FULL/DROTHER 00:01:31 192.168.1.2 Serial1/2
172.16.4.1 1 FULL/DR 00:01:57 192.168.1.3 Serial1/2
9、Beside manually allocate, we could also change the OSPF network type to build the
neighbor relationship. Let's first remove the manually allocate configuration, then
change the OSPF network type to broadcast.
R1(config)#router ospf 1
35. www.ccieuniversity.com
R1(config-router)#no neighbor 192.168.1.2
R1(config-router)#no neighbor 192.168.1.3
R2(config)#router ospf 1
R2(config-router)#no neighbor 192.168.1.1
R3(config)#router ospf 1
R3(config-router)#no neighbor 192.168.1.1
R1(config)#interface serial 1/2
R1(config-if)#ip ospf network broadcast
R1(config-if)#exit
R2(config)#interface serial 1/2
R2(config-if)#ip ospf network broadcast
R2(config-if)#exit
R3(config)#interface serial 1/2
R3(config-if)#ip ospf network broadcast
R3(config-if)#exit
10、Check serial 1/2 OSPF information on R1.
R1#show ip ospf interface serial 1/2
Serial1/2 is up, line protocol is up
Internet Address 192.168.1.1/24, Area 0
Process ID 1, Router ID 172.16.1.1, Network Type BROADCAST, Cost: 64
Transmit Delay is 1 sec, State DR, Priority 1
…………
Network type is BROADCAST now.
11、Check OSPF neighbor table on R1 R2 R3.
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.16.3.1 1 FULL/DROTHER 00:00:32 192.168.1.2 Serial1/2
172.16.4.1 1 FULL/DR 00:00:33 192.168.1.3 Serial1/2
R1#
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.16.1.1 1 FULL/BDR 00:00:30 192.168.1.1 Serial1/2
R2#
36. www.ccieuniversity.com
R3#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.16.1.1 1 FULL/BDR 00:00:39 192.168.1.1 Serial1/2
R3#
12、Look at the above OSPF neighbor table we can see:
R1 considers 172.16.4.1(R3) as DR, 172.16.3.1(R2) as DROTHER, itself as BDR.
R2 considers 172.16.1.1(R1) as BDR, itself as DR.
R3 considers 172.16.1.1(R1) as BDR, itself as DR.
As the frame-relay network is not full mesh, it has only two PVC one is between R1 and
R2, the other is between R1 and R3, to make sure everyone will receive LSU (LAS
update), R1 should be the DR.
13、Change interface OSPF priority to 0 on R2 and R3, so neither R2 nor R3 will
participate in DR/BDR selection.
R2(config)#interface serial 1/2
R2(config-if)#ip ospf priority 0
R2(config-if)#exit
R2(config)#
R3(config)#interface serial 1/2
R3(config-if)#ip ospf priority 0
R3(config-if)#exit
14、Check OSPF neighbor table on R1 R2 R3, we can see R1 is always the DR.
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.16.3.1 0 FULL/DROTHER 00:00:38 192.168.1.2 Serial1/2
172.16.4.1 0 FULL/DROTHER 00:00:39 192.168.1.3 Serial1/2
R1#
37. www.ccieuniversity.com
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.16.1.1 1 FULL/DR 00:00:31 192.168.1.1 Serial1/2
R2#
R3#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.16.1.1 1 FULL/DR 00:00:38 192.168.1.1 Serial1/2
15、We could also change the OSPF network type to P2P, then there will be no DR/BDR
selection.
OSPF network type diagram.
By www.ccieuniversity.com
Configuring OSPF Authentication Lab
Topology
38. www.ccieuniversity.com
Lab Purpose:
1、Master OSPF interface and area authentication configuration.
Lab Steps:
1、Master OSPF in NBMA network configuration.
2、Finish OSPF basic configuration.
3、 Check the routing table of R1 and R2
R1#show ip route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 2 subnets
O IA 172.16.1.0 [110/193] via 192.168.1.2, 00:01:02, Serial1/1
O IA 172.16.2.0 [110/193] via 192.168.1.2, 00:01:02, Serial1/1
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.2.0 is directly connected, Loopback0
C 10.1.1.0 is directly connected, Loopback1
192.168.1.0/30 is subnetted, 3 subnets
O IA 192.168.1.8 [110/192] via 192.168.1.2, 00:01:12, Serial1/1
C 192.168.1.0 is directly connected, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:05:47, Serial1/1
R2#show ip route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 2 subnets
O IA 172.16.1.0 [110/129] via 192.168.1.6, 00:09:16, Serial1/1
O IA 172.16.2.0 [110/129] via 192.168.1.6, 00:09:16, Serial1/1
10.0.0.0/24 is subnetted, 2 subnets
O 10.1.2.0 [110/65] via 192.168.1.1, 00:14:00, Serial1/0
O 10.1.1.0 [110/65] via 192.168.1.1, 00:14:00, Serial1/0
192.168.1.0/30 is subnetted, 3 subnets
O IA 192.168.1.8 [110/128] via 192.168.1.6, 00:09:26, Serial1/1
C 192.168.1.0 is directly connected, Serial1/0
39. www.ccieuniversity.com
C 192.168.1.4 is directly connected, Serial1/1
4、Enable OSPF interface simple password authentication on R1.
R1(config)#interface serial 1/1
R1(config-if)#ip ospf authentication
R1(config-if)#ip ospf authentication-key www.ccieuniversity.com
R1(config-if)#exit
5、Enable OSPF debug on R1.
R1#Debug ip ospf adj
00:30:33: OSPF: 192.168.1.5 address 192.168.1.2 on Serial1/1 is dead
00:30:33: OSPF: 192.168.1.5 address 192.168.1.2 on Serial1/1 is dead, state DOWN
00:30:33: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.1.5 on Serial1/1 from FULL to
DOWN, Neighbor Down: Dead timer expired
00:30:35: OSPF: Rcv pkt from 192.168.1.2, Serial1/1 : Mismatch Authentication type.
Input packet specified type 0, we use type 1
00:54:45: OSPF: Rcv pkt from 192.168.1.2, Serial1/1 : Mismatch Authentication Key -
Clear Text
6、Enable OSPF interface simple password authentication on R2.
R2(config)#interface s1/1
R2(config-if)#ip ospf authentication
R2(config-if)#ip ospf authentication-key www.ccieuniversity.com
R2(config-if)#exit
R2(config)#exit
7、Check the debug output again on R1.
00:54:55: OSPF: 2 Way Communication to 192.168.1.5 on Serial1/1, state 2WAY
00:54:55: OSPF: Send DBD to 192.168.1.5 on Serial1/1 seq 0x2154 opt 0x42 flag 0x7 len
32
00:54:55: OSPF: Rcv DBD from 192.168.1.5 on Serial1/1 seq 0x182 opt 0x42 flag 0x7 len
32 mtu 1500 state EXSTART
00:54:55: OSPF: NBR Negotiation Done. We are the SLAVE
00:54:55: OSPF: Send DBD to 192.168.1.5 on Serial1/1 seq 0x182 opt 0x42 flag 0x2 len
152
00:54:55: OSPF: Rcv DBD from 192.168.1.5 on Serial1/1 seq 0x183 opt 0x42 flag 0x3 len
152 mtu 1500 state EXCHANGE
00:54:55: OSPF: Send DBD to 192.168.1.5 on Serial1/1 seq 0x183 opt 0x42 flag 0x0 len
32
00:54:55: OSPF: Database request to 192.168.1.5
00:54:55: OSPF: sent LS REQ packet to 192.168.1.2, length 60
00:54:55: OSPF: Rcv DBD from 192.168.1.5 on Serial1/1 seq 0x184 opt 0x42 flag 0x1 len
32 mtu 1500 state EXCHANGE
40. www.ccieuniversity.com
00:54:55: OSPF: Exchange Done with 192.168.1.5 on Serial1/1
00:54:55: OSPF: Send DBD to 192.168.1.5 on Serial1/1 seq 0x184 opt 0x42 flag
R1#0x0 len 32
00:54:55: OSPF: Synchronized with 192.168.1.5 on Serial1/1, state FULL
00:54:55: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.1.5 on Serial1/1 from LOADING to
FULL, Loading Done
00:54:56: OSPF: Build router LSA for area 1, router ID 10.1.2.1, seq 0x8000000C
R1#show ip route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 2 subnets
O IA 172.16.1.0 [110/193] via 192.168.1.2, 00:01:53, Serial1/1
O IA 172.16.2.0 [110/193] via 192.168.1.2, 00:01:53, Serial1/1
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.2.0 is directly connected, Loopback0
C 10.1.1.0 is directly connected, Loopback1
192.168.1.0/30 is subnetted, 3 subnets
O IA 192.168.1.8 [110/192] via 192.168.1.2, 00:01:53, Serial1/1
C 192.168.1.0 is directly connected, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:01:53, Serial1/1
8、Remove OSPF interface simple password authentication and enable interface MD5
authentication on R1 and R2.
R1(config)#interface s1/1
R1(config-if)#no ip ospf authentication
R1(config-if)#no ip ospf authentication-key www.ccieuniversity.com
R1(config-if)#exit
R1(config)#exit
R2(config)#interface s1/1
R2(config-if)#no ip ospf authentication
R2(config-if)#no ip ospf authentication-key www.ccieuniversity.com
R2(config-if)#exit
R2(config)#exit
R1(config)#interface serial 1/1
R1(config-if)#ip ospf authentication message-digest
R1(config-if)#ip ospf message-digest-key 1 md5 www.ccieuniversity.com
R1(config-if)#exit
R1(config)#
R2(config)#interface serial 1/0
41. www.ccieuniversity.com
R2(config-if)#ip ospf authentication message-digest
R2(config-if)#ip ospf message-digest-key 1 md5 www.ccieuniversity.com
R2(config-if)#exit
R2(config)#
9、Check the routing table of R1.
R1#show ip route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 2 subnets
O IA 172.16.1.0 [110/193] via 192.168.1.2, 00:00:05, Serial1/1
O IA 172.16.2.0 [110/193] via 192.168.1.2, 00:00:05, Serial1/1
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.2.0 is directly connected, Loopback0
C 10.1.1.0 is directly connected, Loopback1
192.168.1.0/30 is subnetted, 3 subnets
O IA 192.168.1.8 [110/192] via 192.168.1.2, 00:00:05, Serial1/1
C 192.168.1.0 is directly connected, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:00:05, Serial1/1
10、Remove OSPF interface MD5 authentication and enable OSPF area simple
password authentication on R1 and R2.
R1(config)#interface serial 1/1
R1(config-if)#no ip ospf authentication message-digest
R1(config-if)#no ip ospf message-digest-key 1 md5 www.ccieuniversity.com
R1(config-if)#exit
R1(config)#
R2(config)#interface serial 1/0
R2(config-if)#no ip ospf authentication message-digest
R2(config-if)#no ip ospf message-digest-key 1 md5 www.ccieuniversity.com
R2(config-if)#exit
R1(config)#router ospf 1
R1(config-router)#area 1 authentication
R1(config-router)#exit
R1(config)#interface serial 1/1
R1(config-if)#ip ospf authentication-key www.ccieuniversity.com
R1(config-if)#exit
R1(config)#exit
R2(config)#router ospf 1
42. www.ccieuniversity.com
R2(config-router)#area 1 authentication
R2(config-router)#exit
R2(config)#interface serial 1/0
R2(config-if)#ip ospf authentication-key www.ccieuniversity.com
R2(config-if)#exit
11、Check the routing table on R1.
R1#show ip route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 2 subnets
O IA 172.16.1.0 [110/193] via 192.168.1.2, 00:01:19, Serial1/1
O IA 172.16.2.0 [110/193] via 192.168.1.2, 00:01:19, Serial1/1
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.2.0 is directly connected, Loopback0
C 10.1.1.0 is directly connected, Loopback1
192.168.1.0/30 is subnetted, 3 subnets
O IA 192.168.1.8 [110/192] via 192.168.1.2, 00:01:19, Serial1/1
C 192.168.1.0 is directly connected, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:01:19, Serial1/1
12、Remove OSPF area simple password authentication and enable OSPF area MD5
authentication on R1 and R2.
R1(config)#router ospf 1
R1(config-router)#no area 1 authentication
R1(config-router)#exit
R1(config)#interface serial 1/1
R1(config-if)#no ip ospf authentication-key www.ccieuniversity.com
R1(config-if)#exit
R1(config)#exit
R2(config)#router ospf 1
R2(config-router)#no area 1 authentication
R2(config-router)#exit
R2(config)#interface serial 1/0
R2(config-if)#no ip ospf authentication-key www.ccieuniversity.com
R2(config-if)#exit
R1(config)#router ospf 1
R1(config-router)#area 1 authentication message-digest
R1(config-router)#exit
R1(config)#interface serial 1/1
43. www.ccieuniversity.com
R1(config-if)#ip ospf message-digest-key 1 md5 www.ccieuniversity.com
R1(config-if)#exit
R1(config)#
R2(config)#router ospf 1
R2(config-router)#area 1 authentication message-digest
R2(config-router)#exit
R2(config)#interface serial 1/0
R2(config-if)#ip ospf message-digest-key 1 md5 www.ccieuniversity.com
R2(config-if)#exit
R2(config)#
13、Check the routing table on R1.
R1#show ip route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 2 subnets
O IA 172.16.1.0 [110/193] via 192.168.1.2, 00:01:19, Serial1/1
O IA 172.16.2.0 [110/193] via 192.168.1.2, 00:01:19, Serial1/1
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.2.0 is directly connected, Loopback0
C 10.1.1.0 is directly connected, Loopback1
192.168.1.0/30 is subnetted, 3 subnets
O IA 192.168.1.8 [110/192] via 192.168.1.2, 00:01:19, Serial1/1
C 192.168.1.0 is directly connected, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:01:19, Serial1/1
By www.ccieuniversity.com
Configuring OSPF External Summary Lab
Topology
44. www.ccieuniversity.com
Lab Purpose:
1、Master OSPF external route summary configuration.
Lab Steps:
1、Finish basic IP configuration, and routing configuration.
2、Make R3 as the ASBR.
R3(config)#router ospf 1
R3(config-router)#network 192.168.1.4 0.0.0.3 area 0
R3(config-router)#exit
R3(config)#exit
R3(config)#router rip
R3(config-router)#network 172.16.0.0
R3(config-router)#exit
3、check the routing table on R1 and R2.
R1#show ip route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.2.0 is directly connected, Loopback1
C 10.1.1.0 is directly connected, Loopback0
192.168.1.0/30 is subnetted, 2 subnets
C 192.168.1.0 is directly connected, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:03:50, Serial1/1
4、Enable redistribution on R3.
R3(config)#router ospf 1
R3(config-router)#redistribute rip metric 200 subnets
R3(config-router)#exit
45. www.ccieuniversity.com
R3(config)#router rip
R3(config-router)#redistribute ospf 1 metric 10
R3(config-router)#exit
R3(config)#
5、Check the routing table on R1 again.
R1#show ip route
Gateway of last resort is not set
172.16.0.0/24 is subnetted, 3 subnets
O E1 172.16.1.0 [110/328] via 192.168.1.2, 00:04:22, Serial1/1
O E1 172.16.2.0 [110/328] via 192.168.1.2, 00:04:22, Serial1/1
O E1 172.16.3.0 [110/328] via 192.168.1.2, 00:04:22, Serial1/1
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.2.0 is directly connected, Loopback1
C 10.1.1.0 is directly connected, Loopback0
192.168.1.0/30 is subnetted, 2 subnets
C 1929999.168.1.0 is directly connected, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:16:54, Serial1/1
6、Check OSPF link state database on R1.
R1#show ip ospf database
OSPF Router with ID (10.1.2.1) (Process ID 1)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
10.1.2.1 10.1.2.1 1413 0x80000009 0x0003FD 4
192.168.1.5 192.168.1.5 1413 0x80000006 0x0025B8 2
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
192.168.1.4 192.168.1.5 1437 0x80000001 0x00E33E
Summary ASB Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
192.168.1.6 192.168.1.5 1061 0x80000001 0x00D348
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
172.16.1.0 192.168.1.6 3603 0x80000003 0x00CF35 0
172.16.2.0 192.168.1.6 3603 0x80000003 0x00C43F 0
46. www.ccieuniversity.com
172.16.3.0 192.168.1.6 3603 0x80000003 0x00B949 0
7、In order to decrease the routing table on R1, we could enable OSPF external
summary on R3.
R3(config)#router ospf 1
R3(config-router)#summary-address 172.16.0.0 255.255.0.0
R3(config-router)#exit
R3(config)#exit
8、Check the routing table on R1 again.
R1#show ip route
Gateway of last resort is not set
O E1 172.16.0.0/16 [110/328] via 192.168.1.2, 00:01:29, Serial1/1
10.0.0.0/24 is subnetted, 2 subnets
C 10.1.2.0 is directly connected, Loopback1
C 10.1.1.0 is directly connected, Loopback0
192.168.1.0/30 is subnetted, 2 subnets
C 192.168.1.0 is directly connected, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:24:56, Serial1/1
By www.ccieuniversity.com
Configuring OSPF Default Route With Metric Lab
Topology
47. www.ccieuniversity.com
Lab Purpose:
1、Learn how to use metrics to control OSPF default route selection.
Lab Steps:
1、Finish basic IP configuration, and routing configuration.
2、Finish frame-relay configuration on R1 and R4.
R1(config)#interface serial 1/2
R1(config-if)#encapsulation frame-relay
R1(config-if)#ip ospf network broadcast
R1(config-if)#ip address 172.16.1.1 255.255.255.252
R1(config)#exit
R4(config)#interface serial 1/2
R4(config-if)#encapsulation frame-relay
R4(config-if)#ip ospf network broadcast
R4(config-if)#ip address 172.16.1.2 255.255.255.252
R4(config)#exit
3、Check routing table on R2, and try to ping the below RIP network.
R2#show ip route
Gateway of last resort is not set
192.168.1.0/30 is subnetted, 2 subnets
C 192.168.1.0 is directly connected, Serial1/0
C 192.168.1.4 is directly connected, Serial1/1
R2#
R2#ping 10.1.1.1
48. www.ccieuniversity.com
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
4、To make sure the whole network is reachable, enable redistribution on R1 and R3.
R1(config)#router rip
R1(config-router)#redistribute ospf 1 metric 10
R1(config-router)#exit
R1(config)#
R1(config)#router ospf 1
R1(config-router)# default-information originate always
R1(config-router)#exit
R1(config)#exit
R3(config)#router rip
R3(config-router)#redistribute ospf 1 metric 10
R3(config-router)#exit
R3(config)#
R3(config)#router ospf 1
R3(config-router)# default-information originate always
R3(config-router)#exit
R3(config)#exit
5、Check the routing table on R2 again and try to ping the below RIP network.
R2#show ip route
Gateway of last resort is not set
O E2 10.0.0.0/8 [110/20] via 192.168.1.1, 00:01:19, Serial1/0
192.168.1.0/30 is subnetted, 2 subnets
C 192.168.1.0 is directly connected, Serial1/0
C 192.168.1.4 is directly connected, Serial1/1
O*E2 0.0.0.0/0 [110/1] via 192.168.1.6, 00:01:19, Serial1/1
[110/1] via 192.168.1.1, 00:01:19, Serial1/0
R2#
R2#ping 172.16.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/82/120 ms
49. www.ccieuniversity.com
6、If we would like to make R3 as the major next-hop, R1 as the backup next-hop, then
we could change the OSPF default route metric.
R1(config)#router ospf 1
R1(config-router)#default-information originate always metric 100
R1(config-router)#exit
R3(config)#router ospf 1
R3(config-router)#default-information originate always metric 50
R3(config-router)#exit
7、Check the routing table of R2, we can see R3 is the next-hop now.
R2#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 192.168.1.6 to network 0.0.0.0
O E2 10.0.0.0/8 [110/20] via 192.168.1.1, 00:08:05, Serial1/0
192.168.1.0/30 is subnetted, 2 subnets
C 192.168.1.0 is directly connected, Serial1/0
C 192.168.1.4 is directly connected, Serial1/1
O*E2 0.0.0.0/0 [110/50] via 192.168.1.6, 00:00:32, Serial1/1
By www.ccieuniversity.com
Configuring OSPF Stub Area Lab
Topology
50. www.ccieuniversity.com
Lab Purpose:
1、Master OSPF stub area configuration.
Lab Steps:
1、Finish basic IP configuration.
2、Finish basic OSPF and RIP configuration.
3、Enable redistribution between OSPF and RIP on R3.
R3(config)#router ospf 1
R3(config-router)#redistribute rip subnets metric 200
R3(config-router)#exit
R3(config)#
R3(config)#router rip
R3(config-router)#redistribute ospf 1 metric 10
R3(config-router)#exit
R3(config)#exit
4、Check routing table on R1.
R1#show ip route
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
C 172.16.255.0/30 is directly connected, Serial1/1
O IA 172.16.255.4/30 [110/128] via 172.16.255.2, 00:07:32, Serial1/1
O IA 172.16.255.8/30 [110/192] via 172.16.255.2, 00:06:57, Serial1/1
C 172.16.1.0/24 is directly connected, Loopback0
51. www.ccieuniversity.com
O IA 172.16.2.0/24 [110/193] via 172.16.255.2, 00:06:05, Serial1/1
O E2 10.0.0.0/8 [110/200] via 172.16.255.2, 00:02:01, Serial1/1
O E2 192.168.1.0/24 [110/200] via 172.16.255.2, 00:02:01, Serial1/1
R1#
R1#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 672/788/984 ms
R1#
5、Check OSPF link state database on R1.
R1#show ip ospf database
OSPF Router with ID (172.16.1.1) (Process ID 1)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
172.16.1.1 172.16.1.1 682 0x80000003 0x003BE1 3
172.16.255.5 172.16.255.5 677 0x80000003 0x0035B1 2
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
172.16.2.0 172.16.255.5 581 0x80000001 0x004CEE
172.16.255.4 172.16.255.5 668 0x80000001 0x009BE1
172.16.255.8 172.16.255.5 633 0x80000001 0x00F543
Summary ASB Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
192.168.1.1 172.16.255.5 342 0x80000001 0x008648
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
10.0.0.0 192.168.1.1 348 0x80000001 0x005B1B 0
192.168.1.0 192.168.1.1 348 0x80000001 0x0021F4 0
6、According to the above output we can see external routes are in the routing table of
R1, if we would like to use a default route instead of the specific external routes, we
could set stub area.
R1(config)#router ospf 1
R1(config-router)#area 1 stub
R1(config-router)#exit
R1(config)#exit
52. www.ccieuniversity.com
R2(config)#router ospf 1
R2(config-router)#area 1 stub
R2(config-router)#exit
R2(config)#
7、Check OSPF link state database again.
R1#show ip ospf database
OSPF Router with ID (172.16.1.1) (Process ID 1)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
172.16.1.1 172.16.1.1 155 0x80000005 0x0055C7 3
172.16.255.5 172.16.255.5 155 0x80000005 0x004F97 2
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
0.0.0.0 172.16.255.5 168 0x80000001 0x00017B
172.16.2.0 172.16.255.5 168 0x80000002 0x0068D3
172.16.255.4 172.16.255.5 168 0x80000002 0x00B7C6
172.16.255.8 172.16.255.5 168 0x80000002 0x001228
Type 4 and type 5 LSA is not in the database of R1.
8、Check the routing table of R1 we can see there is a default route instead the
previous external routes.
R1#show ip route
Gateway of last resort is 172.16.255.2 to network 0.0.0.0
172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
C 172.16.255.0/30 is directly connected, Serial1/1
O IA 172.16.255.4/30 [110/128] via 172.16.255.2, 00:04:19, Serial1/1
O IA 172.16.255.8/30 [110/192] via 172.16.255.2, 00:04:19, Serial1/1
C 172.16.1.0/24 is directly connected, Loopback0
O IA 172.16.2.0/24 [110/193] via 172.16.255.2, 00:04:19, Serial1/1
O*IA 0.0.0.0/0 [110/65] via 172.16.255.2, 00:04:19, Serial1/1
9、Ping to test the connectivity.
R1#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
53. www.ccieuniversity.com
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 240/393/684 ms
By www.ccieuniversity.com
Configuring OSPF Totally Stub Area Lab
Topology
Lab Purpose:
1、Master OSPF totally stub area configuration.
Lab Steps:
1、Finish basic IP configuration.
2、Finish basic OSPF and RIP configuration.
3、Enable redistribution between OSPF and RIP on R3.
R3(config)#router ospf 1
R3(config-router)#redistribute rip subnets metric 200
R3(config-router)#exit
R3(config)#
R3(config)#router rip
R3(config-router)#redistribute ospf 1 metric 10
R3(config-router)#exit
R3(config)#exit
54. www.ccieuniversity.com
4、First Set area 1 as ospf stub area.
5、Check OSPF routing table and OSPF links state database.
R1#show ip ospf database
OSPF Router with ID (172.16.1.1) (Process ID 1)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
172.16.1.1 172.16.1.1 155 0x80000005 0x0055C7 3
172.16.255.5 172.16.255.5 155 0x80000005 0x004F97 2
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
0.0.0.0 172.16.255.5 168 0x80000001 0x00017B
172.16.2.0 172.16.255.5 168 0x80000002 0x0068D3
172.16.255.4 172.16.255.5 168 0x80000002 0x00B7C6
172.16.255.8 172.16.255.5 168 0x80000002 0x001228
Type 4 and 5 LSA have gone.
R1#show ip route
Gateway of last resort is 172.16.255.2 to network 0.0.0.0
172.16.0.0/16 is variably subnetted, 5 subnets, 2 masks
C 172.16.255.0/30 is directly connected, Serial1/1
O IA 172.16.255.4/30 [110/128] via 172.16.255.2, 00:04:19, Serial1/1
O IA 172.16.255.8/30 [110/192] via 172.16.255.2, 00:04:19, Serial1/1
C 172.16.1.0/24 is directly connected, Loopback0
O IA 172.16.2.0/24 [110/193] via 172.16.255.2, 00:04:19, Serial1/1
O*IA 0.0.0.0/0 [110/65] via 172.16.255.2, 00:04:19, Serial1/1
6、We can see there is a default route instead of external routes, we can still decrease
the size of routing table.
R2(config)#router ospf 1
R2(config-router)#area 1 stub no-summary
R2(config-router)#exit
R2(config)#exit
R1(config)#router ospf 1
R1(config-router)#area 1 stub
R1(config-router)#exit
R1(config)#exit
55. www.ccieuniversity.com
7、Check the routing table of R1.
R1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 172.16.255.2 to network 0.0.0.0
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.255.0/30 is directly connected, Serial1/1
C 172.16.1.0/24 is directly connected, Loopback0
O*IA 0.0.0.0/0 [110/65] via 172.16.255.2, 00:34:32, Serial1/1
We can see the default route instead of all the external and inter-area routes.
8、Check the OSPF link state database of R1, we can see there are only type 1 LSA and
type 3 for default route link LSA.
R1#show ip ospf database
OSPF Router with ID (172.16.1.1) (Process ID 1)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
172.16.1.1 172.16.1.1 387 0x80000006 0x0053C8 3
172.16.255.5 172.16.255.5 412 0x80000006 0x004D98 2
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
0.0.0.0 172.16.255.5 295 0x80000003 0x00FC7D
9、Ping to test.
R1#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 216/570/1488 ms
By www.ccieuniversity.com
56. www.ccieuniversity.com
Configuring OSPF NSSA Area and NSSA Totally Stub Lab
Topology
Lab Purpose:
1、Master NSSA area and NSSA totally stub area configuration.
Lab Steps:
1、Finish basic IP configuration.
2、Finish basic OSPF and RIP configuration.
3、Enable redistribution on R2 and R5.
R2(config)#router ospf 1
R2(config-router)#redistribute rip metric 200 subnets
R2(config-router)#exit
R2(config)#
R2(config)#router rip
R2(config-router)#redistribute ospf 1 metric 10
R2(config-router)#exit
R2(config)#exit
R5(config)#router ospf 1
R5(config-router)#redistribute rip metric 200 subnets
R5(config-router)#exit
R5(config)#
R5(config)#router rip
R5(config-router)#redistribute ospf 1 metric 10
R5(config-router)#exit
R5(config)#exit
4、Check OSPF routing table and link state database on R3.
57. www.ccieuniversity.com
R3#show ip ospf database
OSPF Router with ID (172.16.255.5) (Process ID 1)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
172.16.255.1 172.16.255.1 534 0x80000005 0x008564 2
172.16.255.5 172.16.255.5 679 0x80000004 0x007390 4
172.16.255.9 172.16.255.9 672 0x80000003 0x00A42F 2
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
172.16.255.8 172.16.255.9 662 0x80000001 0x005B1A
Summary ASB Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
192.168.1.1 172.16.255.9 98 0x80000001 0x006E5C
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
131.131.1.0 172.16.255.1 513 0x80000001 0x007BAA 0
131.131.2.0 172.16.255.1 513 0x80000001 0x0070B4 0
192.168.1.0 192.168.1.1 94 0x80000002 0x001FF5 0
192.168.2.0 192.168.1.1 94 0x80000002 0x0014FF 0
R3#
R3#show ip route
Gateway of last resort is not set
172.16.0.0/30 is subnetted, 3 subnets
C 172.16.255.0 is directly connected, Serial1/0
C 172.16.255.4 is directly connected, Serial1/1
O IA 172.16.255.8 [110/128] via 172.16.255.6, 00:07:46, Serial1/1
131.131.0.0/24 is subnetted, 2 subnets
O E2 131.131.1.0 [110/200] via 172.16.255.1, 00:00:30, Serial1/0
O E2 131.131.2.0 [110/200] via 172.16.255.1, 00:00:30, Serial1/0
O E2 192.168.1.0/24 [110/200] via 172.16.255.6, 00:00:30, Serial1/1
O E2 192.168.2.0/24 [110/200] via 172.16.255.6, 00:00:30, Serial1/1
4、As area1 connects to an external network, so we could not set area1 to a pure stub
area.
58. www.ccieuniversity.com
5、Set area1 to NSSA stub area on R4.
R4(config)#router ospf 1
R4(config-router)#area 1 nssa default-information-originate
R4(config-router)#exit
R4(config)#
6、Set area1 to NSSA stub area on R3.
R3(config)#router ospf 1
R3(config-router)#area 1 nssa
R3(config-router)#exit
R3(config)#exit
7、Set area1 to NSSA stub area on R2.
R2(config)#router ospf 1
R2(config-router)#area 1 nssa
R2(config-router)#exit
R2(config)#exit
8、Check OSPF routing table and link state database on R3 again.
R3#show ip route
Gateway of last resort is 172.16.255.6 to network 0.0.0.0
172.16.0.0/30 is subnetted, 3 subnets
C 172.16.255.0 is directly connected, Serial1/0
C 172.16.255.4 is directly connected, Serial1/1
O IA 172.16.255.8 [110/128] via 172.16.255.6, 00:01:10, Serial1/1
131.131.0.0/24 is subnetted, 2 subnets
O N2 131.131.1.0 [110/200] via 172.16.255.1, 00:01:10, Serial1/0
O N2 131.131.2.0 [110/200] via 172.16.255.1, 00:01:10, Serial1/0
O*N2 0.0.0.0/0 [110/1] via 172.16.255.6, 00:01:10, Serial1/1
R3#show ip ospf database
OSPF Router with ID (172.16.255.5) (Process ID 1)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
172.16.255.1 172.16.255.1 314 0x80000007 0x0027BA 2
172.16.255.5 172.16.255.5 314 0x80000008 0x0011E8 4
172.16.255.9 172.16.255.9 450 0x80000005 0x004C7D 2
59. www.ccieuniversity.com
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
172.16.255.8 172.16.255.9 850 0x80000002 0x00FE6F
Type-7 AS External Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Tag
0.0.0.0 172.16.255.9 850 0x80000001 0x00C464 0
131.131.1.0 172.16.255.1 318 0x80000001 0x00213D 0
131.131.2.0 172.16.255.1 318 0x80000001 0x001647 0
9、Check routing table on R1 and R2.
R2#show ip route
Gateway of last resort is 172.16.255.2 to network 0.0.0.0
172.16.0.0/30 is subnetted, 3 subnets
C 172.16.255.0 is directly connected, Serial1/1
O 172.16.255.4 [110/128] via 172.16.255.2, 00:07:26, Serial1/1
O IA 172.16.255.8 [110/192] via 172.16.255.2, 00:07:26, Serial1/1
131.131.0.0/24 is subnetted, 2 subnets
R 131.131.1.0 [120/1] via 131.131.2.2, 00:00:06, Serial1/0
C 131.131.2.0 is directly connected, Serial1/0
O*N2 0.0.0.0/0 [110/1] via 172.16.255.2, 00:07:26, Serial1/1
R1#show ip route
Gateway of last resort is 131.131.2.1 to network 0.0.0.0
R 172.16.0.0/16 [120/10] via 131.131.2.1, 00:00:28, Serial1/1
131.131.0.0/24 is subnetted, 2 subnets
C 131.131.1.0 is directly connected, Loopback0
C 131.131.2.0 is directly connected, Serial1/1
R* 0.0.0.0/0 [120/10] via 131.131.2.1, 00:00:28, Serial1/1
10、Ping test on R1.
R1#ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 288/384/432 ms
11、To deeply decrease the routing table in area1, we need to set area1 to Totally NSSA
area.
60. www.ccieuniversity.com
12、Only one command need to add on ABR router (R4) to change NSSA to totally NSSA.
R4(config)#router ospf 1
R4(config-router)#area 1 nssa no-summary
R4(config-router)#exit
13、Check OSPF routing table and link state database on R3 again.
R3#show ip route
Gateway of last resort is 172.16.255.6 to network 0.0.0.0
172.16.0.0/30 is subnetted, 2 subnets
C 172.16.255.0 is directly connected, Serial1/0
C 172.16.255.4 is directly connected, Serial1/1
131.131.0.0/24 is subnetted, 2 subnets
O N2 131.131.1.0 [110/200] via 172.16.255.1, 00:20:24, Serial1/0
O N2 131.131.2.0 [110/200] via 172.16.255.1, 00:20:24, Serial1/0
O*IA 0.0.0.0/0 [110/65] via 172.16.255.6, 00:02:10, Serial1/1
R3#show ip ospf database
OSPF Router with ID (172.16.255.5) (Process ID 1)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count
172.16.255.1 172.16.255.1 1504 0x80000007 0x0027BA 2
172.16.255.5 172.16.255.5 1504 0x80000008 0x0011E8 4
172.16.255.9 172.16.255.9 1640 0x80000005 0x004C7D 2
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum
0.0.0.0 172.16.255.9 396 0x80000001 0x0070FF
Type-7 AS External Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Tag
0.0.0.0 172.16.255.9 66 0x80000002 0x00C265 0
131.131.1.0 172.16.255.1 1508 0x80000001 0x00213D 0
131.131.2.0 172.16.255.1 1508 0x80000001 0x001647 0
14、Check routing table on R1 and R2 and do the ping test.
R2#show ip route
Gateway of last resort is 172.16.255.2 to network 0.0.0.0
61. www.ccieuniversity.com
172.16.0.0/30 is subnetted, 2 subnets
C 172.16.255.0 is directly connected, Serial1/1
O 172.16.255.4 [110/128] via 172.16.255.2, 00:23:09, Serial1/1
131.131.0.0/24 is subnetted, 2 subnets
R 131.131.1.0 [120/1] via 131.131.2.2, 00:00:17, Serial1/0
C 131.131.2.0 is directly connected, Serial1/0
O*IA 0.0.0.0/0 [110/129] via 172.16.255.2, 00:04:46, Serial1/1
R2#
R1#show ip route
Gateway of last resort is 131.131.2.1 to network 0.0.0.0
R 172.16.0.0/16 [120/10] via 131.131.2.1, 00:00:13, Serial1/1
131.131.0.0/24 is subnetted, 2 subnets
C 131.131.1.0 is directly connected, Loopback0
C 131.131.2.0 is directly connected, Serial1/1
R* 0.0.0.0/0 [120/10] via 131.131.2.1, 00:00:13, Serial1/1
R1#ping 192.168.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 336/454/528 ms
15、Finally we can see the type 7 LSA has been changed to type 5 LAS.
R5#show ip ospf database
OSPF Router with ID (192.168.1.1) (Process ID 1)
Router Link States (Area 0)
Link ID ADV Router Age Seq# Checksum Link count
172.16.255.9 172.16.255.9 338 0x80000004 0x005DC2 2
192.168.1.1 192.168.1.1 767 0x80000004 0x002753 2
Summary Net Link States (Area 0)
Link ID ADV Router Age Seq# Checksum
172.16.255.0 172.16.255.9 81 0x80000002 0x002C10
172.16.255.4 172.16.255.9 1337 0x80000002 0x0081F6
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
62. www.ccieuniversity.com
131.131.1.0 172.16.255.9 1761 0x80000001 0x0085DA 0
131.131.2.0 172.16.255.9 1761 0x80000001 0x007AE4 0
192.168.1.0 192.168.1.1 767 0x80000003 0x001DF6 0
192.168.2.0 192.168.1.1 767 0x80000003 0x001201 0
By www.ccieuniversity.com
Configuring OSPF Virtual-Link between normal area and backbone
area Lab
Topology
Lab Purpose:
1、Master OSPF Virtual-Link between normal area and backbone area configuration.
Lab Steps:
1、Finish basic IP configuration.
2、Finish basic OSPF configuration on R1 R2 R3 R4.
R1(config)#router ospf 1
R1(config-router)#network 172.16.255.0 0.0.0.3 area 3
R1(config-router)#network 172.16.1.0 0.0.0.255 area 3
R1(config-router)#exit
R1(config)#exit
R2(config)#router ospf 1
R2(config-router)#network 172.16.255.4 0.0.0.3 area 2
R2(config-router)#network 172.16.255.0 0.0.0.3 area 3
63. www.ccieuniversity.com
R2(config-router)#exit
R2(config)#exit
R3(config)#router ospf 1
R3(config-router)#network 172.16.255.4 0.0.0.3 area 2
R3(config-router)#network 172.16.255.8 0.0.0.3 area 0
R3(config-router)#exit
R3(config)#exit
R4(config)#router ospf 1
R4(config-router)#network 172.16.255.8 0.0.0.3 area 0
R4(config-router)#network 172.16.16.0 0.0.0.255 area 1
R4(config-router)#exit
R4(config)#exit
3、Check the neighbor table on R1 and R2.
R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.16.255.5 1 FULL/ - 00:00:38 172.16.255.2 Serial1/1
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.16.255.9 1 FULL/ - 00:00:37 172.16.255.6 Serial1/1
172.16.1.1 1 FULL/ - 00:00:30 172.16.255.1 Serial1/0
4、Check the routing table on R1.
R1#show ip route
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.255.0/30 is directly connected, Serial1/1
C 172.16.1.0/24 is directly connected, Loopback0
Above information tells us R1 could not learn route from area 0, area1, area2, as area3
is not directly connected with area0.
5、To solve this issue, we could establish a virtual-link between R2 and R3.
R2(config)#router ospf 1
R2(config-router)#area 2 virtual-link 172.16.255.9 (RID of R3)
R2(config-router)#exit
R2(config)#exit
64. www.ccieuniversity.com
R3(config)#router ospf 1
R3(config-router)#area 2 virtual-link 172.16.255.5 (RID of R2)
R3(config-router)#exit
R3(config)#exit
8、Check OSPF neighbor table on R2.
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.16.255.9 0 FULL/ - - 172.16.255.6 OSPF_VL0
172.16.255.9 1 FULL/ - 00:00:30 172.16.255.6 Serial1/1
172.16.1.1 1 FULL/ - 00:00:33 172.16.255.1 Serial1/0
9、Check routing table on R1.
R1#show ip route
Gateway of last resort is not set
172.16.0.0/16 is variably subnetted, 5 subnets, 3 masks
C 172.16.255.0/30 is directly connected, Serial1/1
O IA 172.16.255.4/30 [110/128] via 172.16.255.2, 00:08:40, Serial1/1
O IA 172.16.255.8/30 [110/192] via 172.16.255.2, 00:06:20, Serial1/1
O IA 172.16.16.1/32 [110/193] via 172.16.255.2, 00:06:20, Serial1/1
C 172.16.1.0/24 is directly connected, Loopback0
10、Ping test on R1.
R1#ping 172.16.16.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.16.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 152/251/312 ms
By www.ccieuniversity.com
65. www.ccieuniversity.com
Configuring OSPF Virtual-Link between 2 backbone areas Lab
Topology
Lab Purpose:
1、Master OSPF Virtual-Link between 2 backbone areas configuration.
Lab Steps:
1、Finish basic IP configuration.
2、Finish basic OSPF configuration on R1 R2 R3 R4.
R1(config)#router ospf 1
R1(config-router)#network 172.16.255.0 0.0.0.3 area 0
R1(config-router)#network 172.16.1.0 0.0.0.255 area 0
R1(config-router)#exit
R1(config)#exit
R2(config)#router ospf 1
R2(config-router)#network 172.16.255.4 0.0.0.3 area 2
R2(config-router)#network 172.16.255.0 0.0.0.3 area 0
R2(config-router)#exit
R2(config)#exit
R3(config)#router ospf 1
R3(config-router)#network 172.16.255.4 0.0.0.3 area 2
R3(config-router)#network 172.16.255.8 0.0.0.3 area 0
R3(config-router)#exit
R3(config)#exit
R4(config)#router ospf 1
R4(config-router)#network 172.16.255.8 0.0.0.3 area 0