Se ha denunciado esta presentación.

CCIE R&S Real Lab Workbbok 2018 updated

1

Compartir

Cargando en…3
×
1 de 29
1 de 29

CCIE R&S Real Lab Workbbok 2018 updated

1

Compartir

Descargar para leer sin conexión

Descripción

Helping you to become Cisco Certified Internetwork Expert, We Provide CCIE R&S Lab,CCIE R&S TS,CCIE R&S DIG Workbook and Web IOU CCIERNSTRICKS.COM

Transcripción

  1. 1. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 127 1.1 SWITCH ADMINISTRATION Configure the ACME headquarters network (AS 12345) as per the following requirements  The VTP domain must be set to CCIE  Use VTP version 2  SW1 must be the VTP server and SW2 must be the VTP client  Secure all VTP update with an MD5 digest of the ASCII string CCIErock$  In order to avoid as much as possible unknown unicast flooding in all VLANs the administrator requires that any dynamic entries learned by either SW1 to SW2 must be retained for 2 hours before being refresh, Configure the network of the new York office (AS 34567) as per the following requirements  The VTP domain must be set to CCIE  Use VTP version 2  SW3 and SW4 must no advertise their VLAN configuration but must forward VTP advertisement that they receive out their trunk ports  Secure all VTP update with an MD5 digest of the ASCII string CCIErock? DIAGRAM: Internet SP BGP 30000R20 R2 R3 R4 R5 R1 R7R6 SW1 SW2 R8 R9 R10 R11 SW3 SW4 ACME HQ SAN FRANCISCO BGP AS 12345 123.10.1.X/30 ACME NEW YORK BGP AS 34567 123.10.2.X/30 ACME SAN JOSE BGP AS 65112 101.1.123.2/30 5x VPN E0/0 102.2.123.2/30 5x VPN E0/0 E0/3 .1 E0/1 .9 E0/1 .10 E0/2 .17 E0/0 .2 E0/1 .18 VLAN 23 VLAN 24 E0/3.5E0/1 .6 5x VPN 5x VPN E0/0 .2 E0/2 .13 E0/2 .14 VLAN 35 E0/1 .1 E0/2 .5 E0/1 .6VLAN 14 VLAN 15 VLAN 67 E0/2 .21 E0/2 .22 VLAN 46 VLAN 57 E0/0 .29 E0/2 .30 E0/1 .25 E0/1 .26 E0/0 .2 3x VPN 201.1.123.2/30 E0/0 .2 3x VPN 202.2.123.2/30 101.1.34.2/30 E0/0 E0/1 .5 E0/1 .18 S38 .6 S310 .17 VLAN 38 VLAN 310 VLAN 34 S34 .13 S34 .14 VLAN 89 E0/2 .1 E0/1 .2 102.1.34.2/30 E0/0 VLAN 49 S49 .10 E0/2 .9 S411 .21 VLAN 411 E0/2 .22 VLAN 111 E0/2 .25 E0/1 .26 E0/0 .2 201.1.34.2/30 E0/0 .2 202.2.34.2/30 33.34.4.2/30 E1/0 33.34.3.2/30 E1/0 10.2.19.1/24 SOLUTION: SW1: CCIERNSTRICKS.COM_H1.1_SW1(config)# CCIERNSTRICKS.COM_H1.1_SW1(config)#VTP domain CCIE
  2. 2. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 128 CCIERNSTRICKS.COM_H1.1_SW1(config)#VTP mode server CCIERNSTRICKS.COM_H1.1_SW1(config)#VTP version 2 CCIERNSTRICKS.COM_H1.1_SW1(config)#VTP password CCIErock? TO GET THE QUESTION MARK ENTERD, TYPE CTRL + V, AND THE ENTER THE ? CHARACTER CCIERNSTRICKS.COM_H1.1_SW1(config)#Mac-address again 7200 SW2: CCIERNSTRICKS.COM_H1.1_SW2(config)#VTP domain CCIE CCIERNSTRICKS.COM_H1.1_SW2(config)#VTP mode client CCIERNSTRICKS.COM_H1.1_SW2(config)#VTP password CCIErock? TO GET THE QUESTION MARK ENTERD, TYPE CTRL + V, AND THE ENTER THE ? CHARACTER CCIERNSTRICKS.COM_H1.1_SW2(config)#Mac-address again 7200 SW3 CCIERNSTRICKS.COM_H1.1_SW3(config)#VTP domain CCIE CCIERNSTRICKS.COM_H1.1_SW3(config)#VTP version 2 CCIERNSTRICKS.COM_H1.1_SW3(config)#VTP mode transparent CCIERNSTRICKS.COM_H1.1_SW3(config)#VTP password CCIErock$ TO GET THE QUESTION MARK ENTERD, TYPE CTRL + V, AND THE ENTER THE ? CHARACTER SW4: CCIERNSTRICKS.COM_H1.1_SW4(config)#VTP domain CCIE CCIERNSTRICKS.COM_H1.1_SW4(config)#VTP version 2 CCIERNSTRICKS.COM_H1.1_SW4(config)#VTP mode transparent CCIERNSTRICKS.COM_H1.1_SW4(config)#VTP password CCIErock$ TO GET THE QUESTION MARK ENTERD, TYPE CTRL + V, AND THE ENTER THE ? CHARACTER
  3. 3. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 129 1.2 LAYER 2 PORTS Configure your network as per the following requirements Complete the configuration of all VLANs so that all routers those are located in ACME's Headquarters (AS12345) and New York office (AS 34567) can ping their directly connected neighbors  All four switches (SW1-SW4) must have dot1q trunks that do not rely on negotiation do not configure any etherchannel  Ensure that the following unused ports on all four switches are shutdown and  Configured as access ports in VLAN 999 E3/0 - E3/3 are unused on SW1 and SW2 E1/0 - E1/3 are unused on SW3 and SW4 E3/0 - E3/3 are unused on SW3 and SW4 DIAGRAM: Internet SP BGP 30000R20 R2 R3 R4 R5 R1 R7R6 SW1 SW2 R8 R9 R10 R11 SW3 SW4 ACME HQ SAN FRANCISCO BGP AS 12345 123.10.1.X/30 ACME NEW YORK BGP AS 34567 123.10.2.X/30 ACME SAN JOSE BGP AS 65112 101.1.123.2/30 5x VPN E0/0 102.2.123.2/30 5x VPN E0/0 E0/3 .1 E0/1 .9 E0/1 .10 E0/2 .17 E0/0 .2 E0/1 .18 VLAN 23 VLAN 24 E0/3.5E0/1 .6 5x VPN 5x VPN E0/0 .2 E0/2 .13 E0/2 .14 VLAN 35 E0/1 .1 E0/2 .5 E0/1 .6VLAN 14 VLAN 15 VLAN 67 E0/2 .21 E0/2 .22 VLAN 46 VLAN 57 E0/0 .29 E0/2 .30 E0/1 .25 E0/1 .26 E0/0 .2 3x VPN 201.1.123.2/30 E0/0 .2 3x VPN 202.2.123.2/30 101.1.34.2/30 E0/0 E0/1 .5 E0/1 .18 S38 .6 S310 .17 VLAN 38 VLAN 310 VLAN 34 S34 .13 S34 .14 VLAN 89 E0/2 .1 E0/1 .2 102.1.34.2/30 E0/0 VLAN 49 S49 .10 E0/2 .9 S411 .21 VLAN 411 E0/2 .22 VLAN 111 E0/2 .25 E0/1 .26 E0/0 .2 201.1.34.2/30 E0/0 .2 202.2.34.2/30 33.34.4.2/30 E1/0 33.34.3.2/30 E1/0 10.2.19.1/24 SOLUTION: SW1: CCIERNSTRICKS.COM_H1.1_SW1(config)#Vlan 14,15,23,24,35,46,57,67,999 TO KNOW THE SWITCH PORT DETAILS OF DEVICES USE show cdp neighbors COMMAND AND ASSING VLAN ACCORDINGLY. CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth0/0 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access
  4. 4. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 130 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 14 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth0/1 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 23 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth0/2 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 23 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth0/3 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 24 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth1/0 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 14 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth1/1 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 15 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth1/2 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 67 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth1/3 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 67 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth3/0 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth3/1 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth3/2 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access
  5. 5. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 131 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth3/3 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW1(config)#Interface range eth 2/0-3 CCIERNSTRICKS.COM_H1.1_SW1(config)#switchport trunk encapsulation dot1q CCIERNSTRICKS.COM_H1.1_SW1(config)#switchport mode trunk CCIERNSTRICKS.COM_H1.1_SW1(config)#switchport nonegotiate SW2: TO KNOW THE SWITCH PORT DETAILS OF DEVICES USE show cdp neighbors COMMAND AND ASSING VLAN ACCORDINGLY. CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth0/0 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 15 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth0/1 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 24 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth0/2 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 35 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth0/3 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 46 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth1/0 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 57 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth1/1 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 35
  6. 6. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 132 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth1/2 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 46 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth1/3 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 57 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth3/0 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth3/1 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth3/2 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth3/3 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW2(config)#Interface range eth 2/0-3 CCIERNSTRICKS.COM_H1.1_SW2(config)#switchport trunk encapsulation dot1q CCIERNSTRICKS.COM_H1.1_SW2(config)#switchport mode trunk CCIERNSTRICKS.COM_H1.1_SW2(config)#switchport nonegotiate SW3: CCIERNSTRICKS.COM_H1.1_SW3(config)#Vlan 34,38,49,89,111,310,411,999 TO KNOW THE SWITCH PORT DETAILS OF DEVICES USE show cdp neighbors COMMAND AND ASSING VLAN ACCORDINGLY. CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth0/0 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access
  7. 7. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 133 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 38 CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth0/1 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 89 CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth0/2 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 310 CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth0/3 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 111 CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth1/0 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth1/1 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth1/2 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth1/3 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth3/0 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth3/1 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 999
  8. 8. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 134 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth3/2 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth3/3 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#Interface range eth 2/0-3 CCIERNSTRICKS.COM_H1.1_SW3(config)#switchport trunk encapsulation dot1q CCIERNSTRICKS.COM_H1.1_SW3(config)#switchport mode trunk CCIERNSTRICKS.COM_H1.1_SW3(config)#switchport nonegotiate IN EXAM SOME TIME VLAN INTERFACES ARE SHUTDOWN PLEASE CHECK THOSE INTERFACES IF THOSE INTERFACES SHOUTDOWN THEN MAKE THEM UP CCIERNSTRICKS.COM_H1.1_SW3(config)#interface Vlan34 CCIERNSTRICKS.COM_H1.1_SW3(config-if)#no shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface Vlan38 CCIERNSTRICKS.COM_H1.1_SW3(config-if)#no shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface Vlan310 CCIERNSTRICKS.COM_H1.1_SW3(config-if)#no shutdown SW4: CCIERNSTRICKS.COM_H1.1_SW4(config)#Vlan 34,38,49,89,111,310,411,999 TO KNOW THE SWITCH PORT DETAILS OF DEVICES USE show cdp neighbors COMMAND AND ASSING VLAN ACCORDINGLY. CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth0/0 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 89 CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth0/1 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 49
  9. 9. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 135 CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth0/2 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 111 CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth0/3 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 411 CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth1/0 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth1/1 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth1/2 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth1/3 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth3/0 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth3/1 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth3/2 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 999
  10. 10. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 136 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth3/3 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW4(config)#Interface range eth 2/0-3 CCIERNSTRICKS.COM_H1.1_SW4(config)#switchport trunk encapsulation dot1q CCIERNSTRICKS.COM_H1.1_SW4(config)#switchport mode trunk CCIERNSTRICKS.COM_H1.1_SW4(config)#switchport nonegotiate IN EXAM SOME TIME VLAN INTERFACES ARE SHUTDOWN PLEASE CHECK THOSE INTERFACES IF THOSE INTERFACES SHOUTDOWN THEN MAKE THEM UP CCIERNSTRICKS.COM_H1.1_SW3(config)#interface Vlan34 CCIERNSTRICKS.COM_H1.1_SW3(config-if)#no shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface Vlan49 CCIERNSTRICKS.COM_H1.1_SW3(config-if)#no shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface Vlan411 CCIERNSTRICKS.COM_H1.1_SW3(config-if)#no shutdown AFTER CONFIGURATION OF ALL ABOVE TASK PLEASE MAKE SURE THAT ALL DEVICES IN AS 12345 AND AS 34567 ARE ABLE TO PING ITS DIRECTLY CONNECTED NEIGHBORS
  11. 11. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 137 1.3 SPANNING TREE Configure the ACME network as per the following requirements.  SW1 must be the root switch for all odd vlans and must be the backup for all even vlans  SW2 must be the root switch for all even vlans and must be the backup for all odd vlans  SW3 must be the root switch for all odd vlans and must be the backup for all even vlans  SW4 must be the root switch for all even vlans and must be the backup for all odd vlans  Explicitly configure the root and backup roles, assuming that other switches with default configuration may eventually be added in the network in the future  All switches must maintain one STP instance per vlan  Use the STP mode that has only three possible states  All access ports must immediately transitioned to the forwarding state upon link up and they must still participate in STP. Use single command per switch to enable this  Access ports must automatically shut down if they receive any BPDU and an administrator must still manually re-enable the port. Use a single command per switch to enable this feature. DIAGRAM: Internet SP BGP 30000R20 R2 R3 R4 R5 R1 R7R6 SW1 SW2 R8 R9 R10 R11 SW3 SW4 ACME HQ SAN FRANCISCO BGP AS 12345 123.10.1.X/30 ACME NEW YORK BGP AS 34567 123.10.2.X/30 ACME SAN JOSE BGP AS 65112 101.1.123.2/30 5x VPN E0/0 102.2.123.2/30 5x VPN E0/0 E0/3 .1 E0/1 .9 E0/1 .10 E0/2 .17 E0/0 .2 E0/1 .18 VLAN 23 VLAN 24 E0/3.5E0/1 .6 5x VPN 5x VPN E0/0 .2 E0/2 .13 E0/2 .14 VLAN 35 E0/1 .1 E0/2 .5 E0/1 .6VLAN 14 VLAN 15 VLAN 67 E0/2 .21 E0/2 .22 VLAN 46 VLAN 57 E0/0 .29 E0/2 .30 E0/1 .25 E0/1 .26 E0/0 .2 3x VPN 201.1.123.2/30 E0/0 .2 3x VPN 202.2.123.2/30 101.1.34.2/30 E0/0 E0/1 .5 E0/1 .18 S38 .6 S310 .17 VLAN 38 VLAN 310 VLAN 34 S34 .13 S34 .14 VLAN 89 E0/2 .1 E0/1 .2 102.1.34.2/30 E0/0 VLAN 49 S49 .10 E0/2 .9 S411 .21 VLAN 411 E0/2 .22 VLAN 111 E0/2 .25 E0/1 .26 E0/0 .2 201.1.34.2/30 E0/0 .2 202.2.34.2/30 33.34.4.2/30 E1/0 33.34.3.2/30 E1/0 10.2.19.1/24 SOLUTIONS: SW1: CCIERNSTRICKS.COM_H1.1_SW1(config)#Spanning-tree mode rapid-pvst CCIERNSTRICKS.COM_H1.1_SW1(config)#Spanning-tree portfast default CCIERNSTRICKS.COM_H1.1_SW1(config)#Spanning-tree portfast bpduguard default CCIERNSTRICKS.COM_H1.1_SW1(config)#Spanning-tree vlan 1,15,23,35,57,67,999 priority 0 CCIERNSTRICKS.COM_H1.1_SW1(config)#Spanning-tree vlan 14,24,46 priority 4096
  12. 12. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 138 SW2: CCIERNSTRICKS.COM_H1.1_SW2(config)#Spanning-tree mode rapid-pvst CCIERNSTRICKS.COM_H1.1_SW2(config)#Spanning-tree portfast default CCIERNSTRICKS.COM_H1.1_SW2(config)#Spanning-tree portfast bpduguard default CCIERNSTRICKS.COM_H1.1_SW2(config)#Spanning-tree vlan 1,15,23,35,57,67,999 priority 4096 CCIERNSTRICKS.COM_H1.1_SW2(config)#Spanning-tree vlan 14,24,46 priority 0 SW3: CCIERNSTRICKS.COM_H1.1_SW3(config)#Spanning-tree mode rapid-pvst CCIERNSTRICKS.COM_H1.1_SW3(config)#Spanning-tree portfast default CCIERNSTRICKS.COM_H1.1_SW3(config)#Spanning-tree portfast bpduguard default CCIERNSTRICKS.COM_H1.1_SW3(config)#spanning-tree vlan 1,49,89,111,411,999 priority 0 CCIERNSTRICKS.COM_H1.1_SW3(config)#spanning-tree vlan 34,38,310 priority 4096 SW4: CCIERNSTRICKS.COM_H1.1_SW4(config)#Spanning-tree mode rapid-pvst CCIERNSTRICKS.COM_H1.1_SW4(config)#Spanning-tree portfast default CCIERNSTRICKS.COM_H1.1_SW4(config)#Spanning-tree portfast bpduguard default CCIERNSTRICKS.COM_H1.1_SW4(config)#spanning-tree vlan 1,49,89,111,411,999 priority 4096 CCIERNSTRICKS.COM_H1.1_SW4(config)#spanning-tree vlan 34,38,310 priority 0
  13. 13. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 139 1.4 WAN SWITCHING The WAN links must rely on a layer 2 protocol that supports link negotiation and authentication.  The Service provider expects both R18 and R19 to complete three way hand shake by providing the expected response of a challenge that is sent by AS 20003 Router  R18 must use the username ACME-R18 and password CCIE  R19 must use the username ACME-R19 and password CCIE DIAGRAM: SOLUTIONS: R18: CCIERNSTRICKS.COM_H1.1_R18(config)#int s1/0 CCIERNSTRICKS.COM_H1.1_R18(config)# no shutdown CCIERNSTRICKS.COM_H1.1_R18(config-if)#encap ppp CCIERNSTRICKS.COM_H1.1_R18(config-if)#no peer neighbor-route CCIERNSTRICKS.COM_H1.1_R18(config-if)#ppp chap hostname ACME-R18 CCIERNSTRICKS.COM_H1.1_R18(config-if)#ppp chap password CCIE R19: CCIERNSTRICKS.COM_H1.1_R19(config)#int s1/0 CCIERNSTRICKS.COM_H1.1_R19(config)# no shutdown
  14. 14. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 140 CCIERNSTRICKS.COM_H1.1_R19(config-if)#encap ppp CCIERNSTRICKS.COM_H1.1_R19(config-if)#no peer neighbor-route CCIERNSTRICKS.COM_H1.1_R19(config-if)#ppp chap hostname ACME-R19 CCIERNSTRICKS.COM_H1.1_R19(config-if)#ppp chap password CCIE
  15. 15. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 141 SECTION II LAYER 3 TECHNOLOGIES
  16. 16. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 142 2.1 OSPF IN AS12345 Configure OSPFv2 area 0 in ACME HQ (AS12345) according to the following requirements:  Configure the OSPF process id to 12345 and set the router id to interface lo0 on all seven routers  The interface lo0 at each router must be seen as an internal OSPF prefix by all other routers  Ensure that OSPF is not running on any interface that is facing another AS. use any method to accomplish this requirement  SW1 and SW2 must not participate in routing at all  Do not change the default OSPF cost of any interface in AS12345  Ensure that R1 must see OSPF routes in routing table as STUB, it is not order you configure R1 in STUB area, just make sure R1 won't be a Transit router of Traffics R1 is not Source or Destination  R1 must see the following OSPF routes in the routing table R1#sh ip route OSPF Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP + - replicated route, % - next hop override Gateway of last resort is not set 123.0.0.0/8 is variably subnetted, 17 subnets, 2 masks O 123.2.2.2/32 [110/65546] via 123.10.1.2, 00:03:57, Ethernet0/1 O 123.3.3.3/32 [110/65546] via 123.10.1.6, 00:03:31, Ethernet0/2 O 123.4.4.4/32 [110/65536] via 123.10.1.2, 00:04:07, Ethernet0/1 O 123.5.5.5/32 [110/65536] via 123.10.1.6, 00:03:31, Ethernet0/2 O 123.6.6.6/32 [110/65546] via 123.10.1.2, 00:03:04, Ethernet0/1 O 123.7.7.7/32 [110/65546] via 123.10.1.6, 00:02:36, Ethernet0/2 O 123.10.1.8/30 [110/65555] via 123.10.1.6, 00:03:31, Ethernet0/2 [110/65555] via 123.10.1.2, 00:03:57, Ethernet0/1 O 123.10.1.12/30 [110/65545] via 123.10.1.6, 00:03:31, Ethernet0/2 O 123.10.1.16/30 [110/65545] via 123.10.1.2, 00:04:07, Ethernet0/1
  17. 17. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 143 O 123.10.1.20/30 [110/65545] via 123.10.1.2, 00:03:57, Ethernet0/1 O 123.10.1.24/30 [110/65555] via 123.10.1.6, 00:02:36, Ethernet0/2 [110/65555] via 123.10.1.2, 00:01:56, Ethernet0/1 O 123.10.1.28/30 [110/65545] via 123.10.1.6, 00:03:31, Ethernet0/2 R1# DIAGRAM: R2 R3 R4 R5 R1 R7R6 SW1 SW2 ACME HQ SAN FRANCISCO BGP AS 12345 123.10.1.X/30 101.1.123.2/30 5x VPN E0/0 102.2.123.2/30 5x VPN E0/0 E0/3 .1 E0/1 .9 E0/1 .10 E0/2 .17 E0/0 .2 E0/1 .18 VLAN 23 VLAN 24 E0/3.5 E0/2 .13 E0/2 .14 VLAN 35 E0/1 .1 E0/2 .5 E0/1 .6VLAN 14 VLAN 15 VLAN 67 E0/2 .21 E0/2 .22 VLAN 46 VLAN 57 E0/0 .29 E0/2 .30 E0/1 .25 E0/1 .26 E0/0 .2 3x VPN 201.1.123.2/30 E0/0 .2 3x VPN 202.2.123.2/30 SOLUTIONS:
  18. 18. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 144 R1: CCIERNSTRICKS.COM_H1.1_R1(config)#router ospf 12345 CCIERNSTRICKS.COM_H1.1_R1(config-router)#router-id 123.1.1.1 CCIERNSTRICKS.COM_H1.1_R1(config-router)#network 123.1.1.1 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R1(config-router)#network 123.10.1.5 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R1(config-router)#network 123.10.1.1 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R1(config-router)#max-metric router-lsa R2: CCIERNSTRICKS.COM_H1.1_R2(config)#router ospf 12345 CCIERNSTRICKS.COM_H1.1_R2(config-router)#router-id 123.2.2.2 CCIERNSTRICKS.COM_H1.1_R2(config-router)#network 123.2.2.2 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R2(config-router)#network 123.10.1.9 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R2(config-router)#network 123.10.1.17 0.0.0.0 area 0 R3: CCIERNSTRICKS.COM_H1.1_R3(config)#router ospf 12345 CCIERNSTRICKS.COM_H1.1_R3(config-router)#router-id 123.3.3.3 CCIERNSTRICKS.COM_H1.1_R3(config-router)#network 123.3.3.3 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R3(config-router)#network 123.10.1.10 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R4(config-router)#network 123.10.1.13 0.0.0.0 area 0 R4: CCIERNSTRICKS.COM_H1.1_R4(config)#router ospf 12345 CCIERNSTRICKS.COM_H1.1_R4(config-router)#router-id 123.4.4.4 CCIERNSTRICKS.COM_H1.1_R4(config-router)#network 123.4.4.4 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R4(config-router)#network 123.10.1.2 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R4(config-router)#network 123.10.1.18 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R4(config-router)#network 123.10.1.21 0.0.0.0 area 0 R5: CCIERNSTRICKS.COM_H1.1_R5(config)#router ospf 12345 CCIERNSTRICKS.COM_H1.1_R5(config-router)#router-id 123.5.5.5 CCIERNSTRICKS.COM_H1.1_R5(config-router)#network 123.5.5.5 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R5(config-router)#network 123.10.1.6 0.0.0.0 area 0
  19. 19. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 145 CCIERNSTRICKS.COM_H1.1_R5(config-router)#network 123.10.1.14 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R5(config-router)#network 123.10.1.29 0.0.0.0 area 0 R6: CCIERNSTRICKS.COM_H1.1_R6(config)#router ospf 12345 CCIERNSTRICKS.COM_H1.1_R6(config-router)#router-id 123.6.6.6 CCIERNSTRICKS.COM_H1.1_R6(config-router)#network 123.6.6.6 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R6(config-router)#network 123.10.1.22 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R6(config-router)#network 123.10.1.25 0.0.0.0 area 0 R7: CCIERNSTRICKS.COM_H1.1_R7(config)#router ospf 12345 CCIERNSTRICKS.COM_H1.1_R7(config-router)#router-id 123.7.7.7 CCIERNSTRICKS.COM_H1.1_R7(config-router)#network 123.7.7.7 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R7(config-router)#network 123.10.1.26 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R7(config-router)#network 123.10.1.30 0.0.0.0 area 0
  20. 20. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 146 2.2 EIGRP IN AS34567 Configure EIGRP for ipv4 in the New York office (AS34567) according to the following requirements  The EIGRP AS is 34567  The interface lo0 must be seen as an internal EIGRP prefix by all other routers  Ensure the EIGRP is not running on any interface that is facing another AS use any method to accomplish this  Using a single command on one switch only ensure that R8 instal ls two equal-cost route for the following three path and you are not allowed to use any virtual name vlan 411 int lo0 of SW4 int lo0 of R11  Using a single command on one switch only ensure that R9 installs two equal cost route for the following three path vlan 310 int lo0 of SW3 int lo0 of R10 R8#sh ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP + - replicated route, % - next hop override Gateway of last resort is not set 101.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 101.1.34.0/30 is directly connected, Ethernet0/0 L 101.1.34.2/32 is directly connected, Ethernet0/0 123.0.0.0/8 is variably subnetted, 15 subnets, 2 masks C 123.8.8.8/32 is directly connected, Loopback0
  21. 21. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 147 D 123.9.9.9/32 [90/409600] via 123.10.2.2, 00:04:37, Ethernet0/2 C 123.10.2.0/30 is directly connected, Ethernet0/2 L 123.10.2.1/32 is directly connected, Ethernet0/2 C 123.10.2.4/30 is directly connected, Ethernet0/1 L 123.10.2.5/32 is directly connected, Ethernet0/1 D 123.10.2.8/30 [90/307200] via 123.10.2.2, 00:04:37, Ethernet0/2 D 123.10.2.12/30 [90/307200] via 123.10.2.6, 00:04:37, Ethernet0/1 D 123.10.2.16/30 [90/281856] via 123.10.2.6, 00:04:27, Ethernet0/1 D 123.10.2.20/30 [90/307456] via 123.10.2.6, 00:04:37, Ethernet0/1 [90/307456] via 123.10.2.2, 00:04:37, Ethernet0/2 D 123.10.2.24/30 [90/307456] via 123.10.2.6, 00:00:25, Ethernet0/1 D 123.10.10.10/32 [90/409856] via 123.10.2.6, 00:04:27, Ethernet0/1 D 123.11.11.11/32 [90/435456] via 123.10.2.6, 00:00:11, Ethernet0/1 [90/435456] via 123.10.2.2, 00:00:11, Ethernet0/2 D 123.33.33.33/32 [90/409600] via 123.10.2.6, 00:04:27, Ethernet0/1 D 123.44.44.44/32 [90/435200] via 123.10.2.6, 00:04:37, Ethernet0/1 [90/435200] via 123.10.2.2, 00:04:37, Ethernet0/2 R9#sh ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP + - replicated route, % - next hop override Gateway of last resort is not set 33.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 33.34.4.0/30 is directly connected, Ethernet1/0
  22. 22. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 148 L 33.34.4.2/32 is directly connected, Ethernet1/0 102.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 102.1.34.0/30 is directly connected, Ethernet0/0 L 102.1.34.2/32 is directly connected, Ethernet0/0 123.0.0.0/8 is variably subnetted, 15 subnets, 2 masks D 123.8.8.8/32 [90/409600] via 123.10.2.1, 00:04:36, Ethernet0/1 C 123.9.9.9/32 is directly connected, Loopback0 C 123.10.2.0/30 is directly connected, Ethernet0/1 L 123.10.2.2/32 is directly connected, Ethernet0/1 D 123.10.2.4/30 [90/307200] via 123.10.2.1, 00:04:36, Ethernet0/1 C 123.10.2.8/30 is directly connected, Ethernet0/2 L 123.10.2.9/32 is directly connected, Ethernet0/2 D 123.10.2.12/30 [90/307200] via 123.10.2.10, 00:04:46, Ethernet0/2 D 123.10.2.16/30 [90/307456] via 123.10.2.10, 00:04:36, Ethernet0/2 [90/307456] via 123.10.2.1, 00:04:36, Ethernet0/1 D 123.10.2.20/30 [90/281856] via 123.10.2.10, 00:04:47, Ethernet0/2 D 123.10.2.24/30 [90/307456] via 123.10.2.10, 00:00:34, Ethernet0/2 D 123.10.10.10/32 [90/435456] via 123.10.2.10, 00:04:36, Ethernet0/2 [90/435456] via 123.10.2.1, 00:04:36, Ethernet0/1 D 123.11.11.11/32 [90/409856] via 123.10.2.10, 00:00:20, Ethernet0/2 D 123.33.33.33/32 [90/435200] via 123.10.2.10, 00:04:36, Ethernet0/2 [90/435200] via 123.10.2.1, 00:04:36, Ethernet0/1 D 123.44.44.44/32 [90/409600] via 123.10.2.10, 00:04:47, Ethernet0/2 R9#
  23. 23. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 149 DIAGRAM: R8 R9 R10 R11 SW3 SW4 ACME NEW YORK BGP AS 34567 123.10.2.X/30 101.1.34.2/30 E0/0 E0/1 .5 E0/1 .18 S38 .6 S310 .17 VLAN 38 VLAN 310 VLAN 34 S34 .13 S34 .14 VLAN 89 E0/2 .1 E0/1 .2 102.1.34.2/30 E0/0 VLAN 49 S49 .10 E0/2 .9 S411 .21 VLAN 411 E0/2 .22 VLAN 111 E0/2 .25 E0/1 .26 E0/0 .2 201.1.34.2/30 E0/0 .2 202.2.34.2/30 SOLUTIONS: R8: CCIERNSTRICKS.COM_H1.1_R8(config)#router eigrp 34567 CCIERNSTRICKS.COM_H1.1_R8(config-router)#no auto CCIERNSTRICKS.COM_H1.1_R8(config-router)#eigrp router-id 123.8.8.8 CCIERNSTRICKS.COM_H1.1_R8(config-router)#net 123.8.8.8 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R8(config-router)#net 123.10.2.1 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R8(config-router)#net 123.10.2.5 0.0.0.0 R9: CCIERNSTRICKS.COM_H1.1_R9(config)#router eigrp 34567 CCIERNSTRICKS.COM_H1.1_R9(config-router)#no auto CCIERNSTRICKS.COM_H1.1_R9(config-router)#eigrp router-id 123.9.9.9 CCIERNSTRICKS.COM_H1.1_R9(config-router)#net 123.9.9.9 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R9(config-router)#net 123.10.2.2 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R9(config-router)#net 123.10.2.9 0.0.0.0 R10: CCIERNSTRICKS.COM_H1.1_R10(config)#router eigrp 34567
  24. 24. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 150 CCIERNSTRICKS.COM_H1.1_R10(config-router)#no auto CCIERNSTRICKS.COM_H1.1_R10(config-router)#eigrp router-id 123.10.10.10 CCIERNSTRICKS.COM_H1.1_R10(config-router)#net 123.10.10.10 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R10(config-router)#net 123.10.2.18 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R10(config-router)#net 123.10.2.25 0.0.0.0 R11: CCIERNSTRICKS.COM_H1.1_R11(config)#router eigrp 34567 CCIERNSTRICKS.COM_H1.1_R11(config-router)#no auto CCIERNSTRICKS.COM_H1.1_R11(config-router)#eigrp router-id 123.11.11.11 CCIERNSTRICKS.COM_H1.1_R12(config-router)#net 123.11.11.11 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R12(config-router)#net 123.10.2.22 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R12(config-router)#net 123.10.2.26 0.0.0.0 SW3: CCIERNSTRICKS.COM_H1.1_SW3config)#ip routing CCIERNSTRICKS.COM_H1.1_SW3(config)#router eigrp 34567 CCIERNSTRICKS.COM_H1.1_SW3(config-router)#no auto CCIERNSTRICKS.COM_H1.1_SW3(config-router)#eigrp router-id 123.33.33.33 CCIERNSTRICKS.COM_H1.1_SW3(config-router)#net 123.33.33.33 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW3(config-router)#net 123.10.2.13 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW3(config-router)#net 123.10.2.17 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW3(config-router)#net 123.10.2.6 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW3(config-)#interface vlan 34 CCIERNSTRICKS.COM_H1.1_SW3(config-if)#delay 100 SW4: CCIERNSTRICKS.COM_H1.1_SW4(config-)#ip routing CCIERNSTRICKS.COM_H1.1_SW4(config)#router eigrp 34567 CCIERNSTRICKS.COM_H1.1_SW4(config-router)#no auto CCIERNSTRICKS.COM_H1.1_SW4(config-router)#eigrp router-id 123.44.44.44 CCIERNSTRICKS.COM_H1.1_SW4(config-router)#net 123.44.44.44 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW4(config-router)#net 123.10.2.14 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW4(config-router)#net 123.10.2.10 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW4(config-router)#net 123.10.2.21 0.0.0.0
  25. 25. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 151 CCIERNSTRICKS.COM_H1.1_SW4(config-)#interface vlan 34 CCIERNSTRICKS.COM_H1.1_SW4(config-if)#delay 100
  26. 26. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 152 2.3 EIGRP in AS 45678 Configure EIGRP in AS 45678 as the following requirements  The EIGRP autonomous system number is 45678  The interface Loopback 0 at each router must be seen as an Internal EIGRP prefix by all other routers  Ensure the EIGRP is not running on any interface that is facing another AS use any method to accomplish this requirement  SW4 and SW6 are layer 3 switches must configure EIGRP  On all three routers R15,16,17 must use EIGRP the 64bit metric version  Do not change the interface bandwidth on any physical interface in as 45678 DIAGRAM: R15 R16 R17 ACME SYDENY BGP AS 45678 123.20.1.X/30 E0/0 103.2.45.2/30 E0/1 .1 E0/2 .9 E0/1 .2 E0/2 .10 S55 .3 S66 .11 VLAN 55 VLAN 5 VLAN 66 E0/2 .17 E0/1 .18 E0/0 203.3.16.2/30 E0/0 203.3.17.2/30
  27. 27. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 153 SOLUTIONS: R15: CCIERNSTRICKS.COM_H1.1_R15(config)#router EIGRP CCIE CCIERNSTRICKS.COM_H1.1_R15(config-router)#address-family ipv4 unicast autonomous-system 45678 CCIERNSTRICKS.COM_H1.1_R15(config-router-af)#network 123.15.15.15 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R15(config-router-af)#network 123.20.1.1 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R15(config-router-af)#network 123.20.1.9 0.0.0.0 R16: CCIERNSTRICKS.COM_H1.1_R16(config)#router EIGRP CCIE CCIERNSTRICKS.COM_H1.1_R16(config-router)#address-family ipv4 unicast autonomous-system 45678 CCIERNSTRICKS.COM_H1.1_R16(config-router-af)#network 123.16.16.16 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R16(config-router-af)#network 123.20.1.2 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R16(config-router-af)#network 123.20.1.17 0.0.0.0 R17: CCIERNSTRICKS.COM_H1.1_R17(config)#router EIGRP CCIE CCIERNSTRICKS.COM_H1.1_R17(config-router)#address-family ipv4 unicast autonomous-system 45678 CCIERNSTRICKS.COM_H1.1_R17(config-router-af)#network 123.17.17.17 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R17(config-router-af)#network 123.20.1.10 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R17(config-router-af)#network 123.20.1.18 0.0.0.0 SW5: CCIERNSTRICKS.COM_H1.1_SW5(config)#router EIGRP 45678 CCIERNSTRICKS.COM_H1.1_SW5(config-router)#network 123.20.1.3 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW5(config-router-)#network 123.55.55.55 0.0.0.0 IN EXAM SOME TIME VLAN INTERFACES ARE SHUTDOWN PLEASE CHECK THOSE INTERFACES IF THOSE INTERFACES SHOUTDOWN THEN MAKE THEM UP CCIERNSTRICKS.COM_H1.1_SW5(config)#interface Vlan5 CCIERNSTRICKS.COM_H1.1_SW5(config-if)#no shutdown CCIERNSTRICKS.COM_H1.1_SW5(config)#interface Vlan55 CCIERNSTRICKS.COM_H1.1_SW5(config-if)#no shutdown
  28. 28. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 154 SW6: CCIERNSTRICKS.COM_H1.1_SW6(config)#router EIGRP 45678 CCIERNSTRICKS.COM_H1.1_SW6(config-router)#network 123.20.1.11 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW6(config-router)#network 123.66.66.66 0.0.0.0 IN EXAM SOME TIME VLAN INTERFACES ARE SHUTDOWN PLEASE CHECK THOSE INTERFACES IF THOSE INTERFACES SHOUTDOWN THEN MAKE THEM UP CCIERNSTRICKS.COM_H1.1_SW6(config)#interface Vlan6 CCIERNSTRICKS.COM_H1.1_SW6(config-if)#no shutdown CCIERNSTRICKS.COM_H1.1_SW6(config)#interface Vlan66 CCIERNSTRICKS.COM_H1.1_SW6(config-if)#no shutdown
  29. 29. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 155 2.4 EIGRP in AS 65222  The EIGRP autonomous system number is 45678  The interface Loopback 0 at each router must be seen as an internal EIGRP prefix by all other routers  Ensure the EIGRP is not running on any interface that is facing another AS use any method to accomplish this requirement  R17 is the DMVPN hub, R18, R19 as the spoke use the preconfigured tunnel 0 DIAGRAM: Regional SP-3 BGP 20003 R16 R17 R18 R9 ACME APAC BGP AS 65222 S1/0 203.3.18.2/30 E0/0 E0/0 S1/0 203.3.19.2/30 E0/2 .17 E0/1 .18 E0/0 203.3.16.2/30 E0/0 203.3.17.2/30 10.1.18.1/24 10.1.19.1/24 SOLUTIONS: NOTE:MOST OF THE PART OF THIS QUESTION WILL BE UP AND RUNNING AFTER BGP AND DMVPN CONFIGURATION. THIS TASK IS DEPENDANT TASK 2.7, 2.7 and 3.1, 3.2, 3.3 ONCES THOSE TASK DONE CONFIG WILL WORK R17: CCIERNSTRICKS.COM_H1.1_R17(config)#router EIGRP CCIE CCIERNSTRICKS.COM_H1.1_R17(config-router)#address-family ipv4 unicast autonomous-system 45678 CCIERNSTRICKS.COM_H1.2_R17 (config-router-af)#af-interface tun0 CCIERNSTRICKS.COM_H1.2_R17 (config-router-af-interface)# next-hop-self CCIERNSTRICKS.COM_H1.2_R17 (config-router-af-interface)# split-horizon

Descripción

Helping you to become Cisco Certified Internetwork Expert, We Provide CCIE R&S Lab,CCIE R&S TS,CCIE R&S DIG Workbook and Web IOU CCIERNSTRICKS.COM

Transcripción

  1. 1. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 127 1.1 SWITCH ADMINISTRATION Configure the ACME headquarters network (AS 12345) as per the following requirements  The VTP domain must be set to CCIE  Use VTP version 2  SW1 must be the VTP server and SW2 must be the VTP client  Secure all VTP update with an MD5 digest of the ASCII string CCIErock$  In order to avoid as much as possible unknown unicast flooding in all VLANs the administrator requires that any dynamic entries learned by either SW1 to SW2 must be retained for 2 hours before being refresh, Configure the network of the new York office (AS 34567) as per the following requirements  The VTP domain must be set to CCIE  Use VTP version 2  SW3 and SW4 must no advertise their VLAN configuration but must forward VTP advertisement that they receive out their trunk ports  Secure all VTP update with an MD5 digest of the ASCII string CCIErock? DIAGRAM: Internet SP BGP 30000R20 R2 R3 R4 R5 R1 R7R6 SW1 SW2 R8 R9 R10 R11 SW3 SW4 ACME HQ SAN FRANCISCO BGP AS 12345 123.10.1.X/30 ACME NEW YORK BGP AS 34567 123.10.2.X/30 ACME SAN JOSE BGP AS 65112 101.1.123.2/30 5x VPN E0/0 102.2.123.2/30 5x VPN E0/0 E0/3 .1 E0/1 .9 E0/1 .10 E0/2 .17 E0/0 .2 E0/1 .18 VLAN 23 VLAN 24 E0/3.5E0/1 .6 5x VPN 5x VPN E0/0 .2 E0/2 .13 E0/2 .14 VLAN 35 E0/1 .1 E0/2 .5 E0/1 .6VLAN 14 VLAN 15 VLAN 67 E0/2 .21 E0/2 .22 VLAN 46 VLAN 57 E0/0 .29 E0/2 .30 E0/1 .25 E0/1 .26 E0/0 .2 3x VPN 201.1.123.2/30 E0/0 .2 3x VPN 202.2.123.2/30 101.1.34.2/30 E0/0 E0/1 .5 E0/1 .18 S38 .6 S310 .17 VLAN 38 VLAN 310 VLAN 34 S34 .13 S34 .14 VLAN 89 E0/2 .1 E0/1 .2 102.1.34.2/30 E0/0 VLAN 49 S49 .10 E0/2 .9 S411 .21 VLAN 411 E0/2 .22 VLAN 111 E0/2 .25 E0/1 .26 E0/0 .2 201.1.34.2/30 E0/0 .2 202.2.34.2/30 33.34.4.2/30 E1/0 33.34.3.2/30 E1/0 10.2.19.1/24 SOLUTION: SW1: CCIERNSTRICKS.COM_H1.1_SW1(config)# CCIERNSTRICKS.COM_H1.1_SW1(config)#VTP domain CCIE
  2. 2. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 128 CCIERNSTRICKS.COM_H1.1_SW1(config)#VTP mode server CCIERNSTRICKS.COM_H1.1_SW1(config)#VTP version 2 CCIERNSTRICKS.COM_H1.1_SW1(config)#VTP password CCIErock? TO GET THE QUESTION MARK ENTERD, TYPE CTRL + V, AND THE ENTER THE ? CHARACTER CCIERNSTRICKS.COM_H1.1_SW1(config)#Mac-address again 7200 SW2: CCIERNSTRICKS.COM_H1.1_SW2(config)#VTP domain CCIE CCIERNSTRICKS.COM_H1.1_SW2(config)#VTP mode client CCIERNSTRICKS.COM_H1.1_SW2(config)#VTP password CCIErock? TO GET THE QUESTION MARK ENTERD, TYPE CTRL + V, AND THE ENTER THE ? CHARACTER CCIERNSTRICKS.COM_H1.1_SW2(config)#Mac-address again 7200 SW3 CCIERNSTRICKS.COM_H1.1_SW3(config)#VTP domain CCIE CCIERNSTRICKS.COM_H1.1_SW3(config)#VTP version 2 CCIERNSTRICKS.COM_H1.1_SW3(config)#VTP mode transparent CCIERNSTRICKS.COM_H1.1_SW3(config)#VTP password CCIErock$ TO GET THE QUESTION MARK ENTERD, TYPE CTRL + V, AND THE ENTER THE ? CHARACTER SW4: CCIERNSTRICKS.COM_H1.1_SW4(config)#VTP domain CCIE CCIERNSTRICKS.COM_H1.1_SW4(config)#VTP version 2 CCIERNSTRICKS.COM_H1.1_SW4(config)#VTP mode transparent CCIERNSTRICKS.COM_H1.1_SW4(config)#VTP password CCIErock$ TO GET THE QUESTION MARK ENTERD, TYPE CTRL + V, AND THE ENTER THE ? CHARACTER
  3. 3. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 129 1.2 LAYER 2 PORTS Configure your network as per the following requirements Complete the configuration of all VLANs so that all routers those are located in ACME's Headquarters (AS12345) and New York office (AS 34567) can ping their directly connected neighbors  All four switches (SW1-SW4) must have dot1q trunks that do not rely on negotiation do not configure any etherchannel  Ensure that the following unused ports on all four switches are shutdown and  Configured as access ports in VLAN 999 E3/0 - E3/3 are unused on SW1 and SW2 E1/0 - E1/3 are unused on SW3 and SW4 E3/0 - E3/3 are unused on SW3 and SW4 DIAGRAM: Internet SP BGP 30000R20 R2 R3 R4 R5 R1 R7R6 SW1 SW2 R8 R9 R10 R11 SW3 SW4 ACME HQ SAN FRANCISCO BGP AS 12345 123.10.1.X/30 ACME NEW YORK BGP AS 34567 123.10.2.X/30 ACME SAN JOSE BGP AS 65112 101.1.123.2/30 5x VPN E0/0 102.2.123.2/30 5x VPN E0/0 E0/3 .1 E0/1 .9 E0/1 .10 E0/2 .17 E0/0 .2 E0/1 .18 VLAN 23 VLAN 24 E0/3.5E0/1 .6 5x VPN 5x VPN E0/0 .2 E0/2 .13 E0/2 .14 VLAN 35 E0/1 .1 E0/2 .5 E0/1 .6VLAN 14 VLAN 15 VLAN 67 E0/2 .21 E0/2 .22 VLAN 46 VLAN 57 E0/0 .29 E0/2 .30 E0/1 .25 E0/1 .26 E0/0 .2 3x VPN 201.1.123.2/30 E0/0 .2 3x VPN 202.2.123.2/30 101.1.34.2/30 E0/0 E0/1 .5 E0/1 .18 S38 .6 S310 .17 VLAN 38 VLAN 310 VLAN 34 S34 .13 S34 .14 VLAN 89 E0/2 .1 E0/1 .2 102.1.34.2/30 E0/0 VLAN 49 S49 .10 E0/2 .9 S411 .21 VLAN 411 E0/2 .22 VLAN 111 E0/2 .25 E0/1 .26 E0/0 .2 201.1.34.2/30 E0/0 .2 202.2.34.2/30 33.34.4.2/30 E1/0 33.34.3.2/30 E1/0 10.2.19.1/24 SOLUTION: SW1: CCIERNSTRICKS.COM_H1.1_SW1(config)#Vlan 14,15,23,24,35,46,57,67,999 TO KNOW THE SWITCH PORT DETAILS OF DEVICES USE show cdp neighbors COMMAND AND ASSING VLAN ACCORDINGLY. CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth0/0 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access
  4. 4. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 130 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 14 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth0/1 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 23 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth0/2 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 23 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth0/3 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 24 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth1/0 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 14 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth1/1 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 15 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth1/2 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 67 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth1/3 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 67 CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth3/0 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth3/1 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth3/2 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access
  5. 5. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 131 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth3/3 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW1(config)#Interface range eth 2/0-3 CCIERNSTRICKS.COM_H1.1_SW1(config)#switchport trunk encapsulation dot1q CCIERNSTRICKS.COM_H1.1_SW1(config)#switchport mode trunk CCIERNSTRICKS.COM_H1.1_SW1(config)#switchport nonegotiate SW2: TO KNOW THE SWITCH PORT DETAILS OF DEVICES USE show cdp neighbors COMMAND AND ASSING VLAN ACCORDINGLY. CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth0/0 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 15 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth0/1 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 24 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth0/2 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 35 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth0/3 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 46 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth1/0 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 57 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth1/1 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 35
  6. 6. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 132 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth1/2 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 46 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth1/3 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 57 CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth3/0 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth3/1 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth3/2 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW2(config)#interface eth3/3 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW2(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW2(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW2(config)#Interface range eth 2/0-3 CCIERNSTRICKS.COM_H1.1_SW2(config)#switchport trunk encapsulation dot1q CCIERNSTRICKS.COM_H1.1_SW2(config)#switchport mode trunk CCIERNSTRICKS.COM_H1.1_SW2(config)#switchport nonegotiate SW3: CCIERNSTRICKS.COM_H1.1_SW3(config)#Vlan 34,38,49,89,111,310,411,999 TO KNOW THE SWITCH PORT DETAILS OF DEVICES USE show cdp neighbors COMMAND AND ASSING VLAN ACCORDINGLY. CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth0/0 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access
  7. 7. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 133 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 38 CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth0/1 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 89 CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth0/2 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 310 CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth0/3 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 111 CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth1/0 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth1/1 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth1/2 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth1/3 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth3/0 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth3/1 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 999
  8. 8. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 134 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth3/2 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface eth3/3 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW3(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW3(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#Interface range eth 2/0-3 CCIERNSTRICKS.COM_H1.1_SW3(config)#switchport trunk encapsulation dot1q CCIERNSTRICKS.COM_H1.1_SW3(config)#switchport mode trunk CCIERNSTRICKS.COM_H1.1_SW3(config)#switchport nonegotiate IN EXAM SOME TIME VLAN INTERFACES ARE SHUTDOWN PLEASE CHECK THOSE INTERFACES IF THOSE INTERFACES SHOUTDOWN THEN MAKE THEM UP CCIERNSTRICKS.COM_H1.1_SW3(config)#interface Vlan34 CCIERNSTRICKS.COM_H1.1_SW3(config-if)#no shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface Vlan38 CCIERNSTRICKS.COM_H1.1_SW3(config-if)#no shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface Vlan310 CCIERNSTRICKS.COM_H1.1_SW3(config-if)#no shutdown SW4: CCIERNSTRICKS.COM_H1.1_SW4(config)#Vlan 34,38,49,89,111,310,411,999 TO KNOW THE SWITCH PORT DETAILS OF DEVICES USE show cdp neighbors COMMAND AND ASSING VLAN ACCORDINGLY. CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth0/0 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 89 CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth0/1 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 49
  9. 9. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 135 CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth0/2 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 111 CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth0/3 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 411 CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth1/0 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth1/1 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth1/2 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth1/3 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth3/0 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW1(config)#interface eth3/1 CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW1(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth3/2 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 999
  10. 10. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 136 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW4(config)#interface eth3/3 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport mode access CCIERNSTRICKS.COM_H1.1_SW4(config-if)# switchport access vlan 999 CCIERNSTRICKS.COM_H1.1_SW4(config-if)# shutdown CCIERNSTRICKS.COM_H1.1_SW4(config)#Interface range eth 2/0-3 CCIERNSTRICKS.COM_H1.1_SW4(config)#switchport trunk encapsulation dot1q CCIERNSTRICKS.COM_H1.1_SW4(config)#switchport mode trunk CCIERNSTRICKS.COM_H1.1_SW4(config)#switchport nonegotiate IN EXAM SOME TIME VLAN INTERFACES ARE SHUTDOWN PLEASE CHECK THOSE INTERFACES IF THOSE INTERFACES SHOUTDOWN THEN MAKE THEM UP CCIERNSTRICKS.COM_H1.1_SW3(config)#interface Vlan34 CCIERNSTRICKS.COM_H1.1_SW3(config-if)#no shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface Vlan49 CCIERNSTRICKS.COM_H1.1_SW3(config-if)#no shutdown CCIERNSTRICKS.COM_H1.1_SW3(config)#interface Vlan411 CCIERNSTRICKS.COM_H1.1_SW3(config-if)#no shutdown AFTER CONFIGURATION OF ALL ABOVE TASK PLEASE MAKE SURE THAT ALL DEVICES IN AS 12345 AND AS 34567 ARE ABLE TO PING ITS DIRECTLY CONNECTED NEIGHBORS
  11. 11. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 137 1.3 SPANNING TREE Configure the ACME network as per the following requirements.  SW1 must be the root switch for all odd vlans and must be the backup for all even vlans  SW2 must be the root switch for all even vlans and must be the backup for all odd vlans  SW3 must be the root switch for all odd vlans and must be the backup for all even vlans  SW4 must be the root switch for all even vlans and must be the backup for all odd vlans  Explicitly configure the root and backup roles, assuming that other switches with default configuration may eventually be added in the network in the future  All switches must maintain one STP instance per vlan  Use the STP mode that has only three possible states  All access ports must immediately transitioned to the forwarding state upon link up and they must still participate in STP. Use single command per switch to enable this  Access ports must automatically shut down if they receive any BPDU and an administrator must still manually re-enable the port. Use a single command per switch to enable this feature. DIAGRAM: Internet SP BGP 30000R20 R2 R3 R4 R5 R1 R7R6 SW1 SW2 R8 R9 R10 R11 SW3 SW4 ACME HQ SAN FRANCISCO BGP AS 12345 123.10.1.X/30 ACME NEW YORK BGP AS 34567 123.10.2.X/30 ACME SAN JOSE BGP AS 65112 101.1.123.2/30 5x VPN E0/0 102.2.123.2/30 5x VPN E0/0 E0/3 .1 E0/1 .9 E0/1 .10 E0/2 .17 E0/0 .2 E0/1 .18 VLAN 23 VLAN 24 E0/3.5E0/1 .6 5x VPN 5x VPN E0/0 .2 E0/2 .13 E0/2 .14 VLAN 35 E0/1 .1 E0/2 .5 E0/1 .6VLAN 14 VLAN 15 VLAN 67 E0/2 .21 E0/2 .22 VLAN 46 VLAN 57 E0/0 .29 E0/2 .30 E0/1 .25 E0/1 .26 E0/0 .2 3x VPN 201.1.123.2/30 E0/0 .2 3x VPN 202.2.123.2/30 101.1.34.2/30 E0/0 E0/1 .5 E0/1 .18 S38 .6 S310 .17 VLAN 38 VLAN 310 VLAN 34 S34 .13 S34 .14 VLAN 89 E0/2 .1 E0/1 .2 102.1.34.2/30 E0/0 VLAN 49 S49 .10 E0/2 .9 S411 .21 VLAN 411 E0/2 .22 VLAN 111 E0/2 .25 E0/1 .26 E0/0 .2 201.1.34.2/30 E0/0 .2 202.2.34.2/30 33.34.4.2/30 E1/0 33.34.3.2/30 E1/0 10.2.19.1/24 SOLUTIONS: SW1: CCIERNSTRICKS.COM_H1.1_SW1(config)#Spanning-tree mode rapid-pvst CCIERNSTRICKS.COM_H1.1_SW1(config)#Spanning-tree portfast default CCIERNSTRICKS.COM_H1.1_SW1(config)#Spanning-tree portfast bpduguard default CCIERNSTRICKS.COM_H1.1_SW1(config)#Spanning-tree vlan 1,15,23,35,57,67,999 priority 0 CCIERNSTRICKS.COM_H1.1_SW1(config)#Spanning-tree vlan 14,24,46 priority 4096
  12. 12. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 138 SW2: CCIERNSTRICKS.COM_H1.1_SW2(config)#Spanning-tree mode rapid-pvst CCIERNSTRICKS.COM_H1.1_SW2(config)#Spanning-tree portfast default CCIERNSTRICKS.COM_H1.1_SW2(config)#Spanning-tree portfast bpduguard default CCIERNSTRICKS.COM_H1.1_SW2(config)#Spanning-tree vlan 1,15,23,35,57,67,999 priority 4096 CCIERNSTRICKS.COM_H1.1_SW2(config)#Spanning-tree vlan 14,24,46 priority 0 SW3: CCIERNSTRICKS.COM_H1.1_SW3(config)#Spanning-tree mode rapid-pvst CCIERNSTRICKS.COM_H1.1_SW3(config)#Spanning-tree portfast default CCIERNSTRICKS.COM_H1.1_SW3(config)#Spanning-tree portfast bpduguard default CCIERNSTRICKS.COM_H1.1_SW3(config)#spanning-tree vlan 1,49,89,111,411,999 priority 0 CCIERNSTRICKS.COM_H1.1_SW3(config)#spanning-tree vlan 34,38,310 priority 4096 SW4: CCIERNSTRICKS.COM_H1.1_SW4(config)#Spanning-tree mode rapid-pvst CCIERNSTRICKS.COM_H1.1_SW4(config)#Spanning-tree portfast default CCIERNSTRICKS.COM_H1.1_SW4(config)#Spanning-tree portfast bpduguard default CCIERNSTRICKS.COM_H1.1_SW4(config)#spanning-tree vlan 1,49,89,111,411,999 priority 4096 CCIERNSTRICKS.COM_H1.1_SW4(config)#spanning-tree vlan 34,38,310 priority 0
  13. 13. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 139 1.4 WAN SWITCHING The WAN links must rely on a layer 2 protocol that supports link negotiation and authentication.  The Service provider expects both R18 and R19 to complete three way hand shake by providing the expected response of a challenge that is sent by AS 20003 Router  R18 must use the username ACME-R18 and password CCIE  R19 must use the username ACME-R19 and password CCIE DIAGRAM: SOLUTIONS: R18: CCIERNSTRICKS.COM_H1.1_R18(config)#int s1/0 CCIERNSTRICKS.COM_H1.1_R18(config)# no shutdown CCIERNSTRICKS.COM_H1.1_R18(config-if)#encap ppp CCIERNSTRICKS.COM_H1.1_R18(config-if)#no peer neighbor-route CCIERNSTRICKS.COM_H1.1_R18(config-if)#ppp chap hostname ACME-R18 CCIERNSTRICKS.COM_H1.1_R18(config-if)#ppp chap password CCIE R19: CCIERNSTRICKS.COM_H1.1_R19(config)#int s1/0 CCIERNSTRICKS.COM_H1.1_R19(config)# no shutdown
  14. 14. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 140 CCIERNSTRICKS.COM_H1.1_R19(config-if)#encap ppp CCIERNSTRICKS.COM_H1.1_R19(config-if)#no peer neighbor-route CCIERNSTRICKS.COM_H1.1_R19(config-if)#ppp chap hostname ACME-R19 CCIERNSTRICKS.COM_H1.1_R19(config-if)#ppp chap password CCIE
  15. 15. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 141 SECTION II LAYER 3 TECHNOLOGIES
  16. 16. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 142 2.1 OSPF IN AS12345 Configure OSPFv2 area 0 in ACME HQ (AS12345) according to the following requirements:  Configure the OSPF process id to 12345 and set the router id to interface lo0 on all seven routers  The interface lo0 at each router must be seen as an internal OSPF prefix by all other routers  Ensure that OSPF is not running on any interface that is facing another AS. use any method to accomplish this requirement  SW1 and SW2 must not participate in routing at all  Do not change the default OSPF cost of any interface in AS12345  Ensure that R1 must see OSPF routes in routing table as STUB, it is not order you configure R1 in STUB area, just make sure R1 won't be a Transit router of Traffics R1 is not Source or Destination  R1 must see the following OSPF routes in the routing table R1#sh ip route OSPF Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP + - replicated route, % - next hop override Gateway of last resort is not set 123.0.0.0/8 is variably subnetted, 17 subnets, 2 masks O 123.2.2.2/32 [110/65546] via 123.10.1.2, 00:03:57, Ethernet0/1 O 123.3.3.3/32 [110/65546] via 123.10.1.6, 00:03:31, Ethernet0/2 O 123.4.4.4/32 [110/65536] via 123.10.1.2, 00:04:07, Ethernet0/1 O 123.5.5.5/32 [110/65536] via 123.10.1.6, 00:03:31, Ethernet0/2 O 123.6.6.6/32 [110/65546] via 123.10.1.2, 00:03:04, Ethernet0/1 O 123.7.7.7/32 [110/65546] via 123.10.1.6, 00:02:36, Ethernet0/2 O 123.10.1.8/30 [110/65555] via 123.10.1.6, 00:03:31, Ethernet0/2 [110/65555] via 123.10.1.2, 00:03:57, Ethernet0/1 O 123.10.1.12/30 [110/65545] via 123.10.1.6, 00:03:31, Ethernet0/2 O 123.10.1.16/30 [110/65545] via 123.10.1.2, 00:04:07, Ethernet0/1
  17. 17. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 143 O 123.10.1.20/30 [110/65545] via 123.10.1.2, 00:03:57, Ethernet0/1 O 123.10.1.24/30 [110/65555] via 123.10.1.6, 00:02:36, Ethernet0/2 [110/65555] via 123.10.1.2, 00:01:56, Ethernet0/1 O 123.10.1.28/30 [110/65545] via 123.10.1.6, 00:03:31, Ethernet0/2 R1# DIAGRAM: R2 R3 R4 R5 R1 R7R6 SW1 SW2 ACME HQ SAN FRANCISCO BGP AS 12345 123.10.1.X/30 101.1.123.2/30 5x VPN E0/0 102.2.123.2/30 5x VPN E0/0 E0/3 .1 E0/1 .9 E0/1 .10 E0/2 .17 E0/0 .2 E0/1 .18 VLAN 23 VLAN 24 E0/3.5 E0/2 .13 E0/2 .14 VLAN 35 E0/1 .1 E0/2 .5 E0/1 .6VLAN 14 VLAN 15 VLAN 67 E0/2 .21 E0/2 .22 VLAN 46 VLAN 57 E0/0 .29 E0/2 .30 E0/1 .25 E0/1 .26 E0/0 .2 3x VPN 201.1.123.2/30 E0/0 .2 3x VPN 202.2.123.2/30 SOLUTIONS:
  18. 18. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 144 R1: CCIERNSTRICKS.COM_H1.1_R1(config)#router ospf 12345 CCIERNSTRICKS.COM_H1.1_R1(config-router)#router-id 123.1.1.1 CCIERNSTRICKS.COM_H1.1_R1(config-router)#network 123.1.1.1 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R1(config-router)#network 123.10.1.5 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R1(config-router)#network 123.10.1.1 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R1(config-router)#max-metric router-lsa R2: CCIERNSTRICKS.COM_H1.1_R2(config)#router ospf 12345 CCIERNSTRICKS.COM_H1.1_R2(config-router)#router-id 123.2.2.2 CCIERNSTRICKS.COM_H1.1_R2(config-router)#network 123.2.2.2 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R2(config-router)#network 123.10.1.9 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R2(config-router)#network 123.10.1.17 0.0.0.0 area 0 R3: CCIERNSTRICKS.COM_H1.1_R3(config)#router ospf 12345 CCIERNSTRICKS.COM_H1.1_R3(config-router)#router-id 123.3.3.3 CCIERNSTRICKS.COM_H1.1_R3(config-router)#network 123.3.3.3 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R3(config-router)#network 123.10.1.10 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R4(config-router)#network 123.10.1.13 0.0.0.0 area 0 R4: CCIERNSTRICKS.COM_H1.1_R4(config)#router ospf 12345 CCIERNSTRICKS.COM_H1.1_R4(config-router)#router-id 123.4.4.4 CCIERNSTRICKS.COM_H1.1_R4(config-router)#network 123.4.4.4 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R4(config-router)#network 123.10.1.2 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R4(config-router)#network 123.10.1.18 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R4(config-router)#network 123.10.1.21 0.0.0.0 area 0 R5: CCIERNSTRICKS.COM_H1.1_R5(config)#router ospf 12345 CCIERNSTRICKS.COM_H1.1_R5(config-router)#router-id 123.5.5.5 CCIERNSTRICKS.COM_H1.1_R5(config-router)#network 123.5.5.5 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R5(config-router)#network 123.10.1.6 0.0.0.0 area 0
  19. 19. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 145 CCIERNSTRICKS.COM_H1.1_R5(config-router)#network 123.10.1.14 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R5(config-router)#network 123.10.1.29 0.0.0.0 area 0 R6: CCIERNSTRICKS.COM_H1.1_R6(config)#router ospf 12345 CCIERNSTRICKS.COM_H1.1_R6(config-router)#router-id 123.6.6.6 CCIERNSTRICKS.COM_H1.1_R6(config-router)#network 123.6.6.6 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R6(config-router)#network 123.10.1.22 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R6(config-router)#network 123.10.1.25 0.0.0.0 area 0 R7: CCIERNSTRICKS.COM_H1.1_R7(config)#router ospf 12345 CCIERNSTRICKS.COM_H1.1_R7(config-router)#router-id 123.7.7.7 CCIERNSTRICKS.COM_H1.1_R7(config-router)#network 123.7.7.7 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R7(config-router)#network 123.10.1.26 0.0.0.0 area 0 CCIERNSTRICKS.COM_H1.1_R7(config-router)#network 123.10.1.30 0.0.0.0 area 0
  20. 20. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 146 2.2 EIGRP IN AS34567 Configure EIGRP for ipv4 in the New York office (AS34567) according to the following requirements  The EIGRP AS is 34567  The interface lo0 must be seen as an internal EIGRP prefix by all other routers  Ensure the EIGRP is not running on any interface that is facing another AS use any method to accomplish this  Using a single command on one switch only ensure that R8 instal ls two equal-cost route for the following three path and you are not allowed to use any virtual name vlan 411 int lo0 of SW4 int lo0 of R11  Using a single command on one switch only ensure that R9 installs two equal cost route for the following three path vlan 310 int lo0 of SW3 int lo0 of R10 R8#sh ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP + - replicated route, % - next hop override Gateway of last resort is not set 101.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 101.1.34.0/30 is directly connected, Ethernet0/0 L 101.1.34.2/32 is directly connected, Ethernet0/0 123.0.0.0/8 is variably subnetted, 15 subnets, 2 masks C 123.8.8.8/32 is directly connected, Loopback0
  21. 21. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 147 D 123.9.9.9/32 [90/409600] via 123.10.2.2, 00:04:37, Ethernet0/2 C 123.10.2.0/30 is directly connected, Ethernet0/2 L 123.10.2.1/32 is directly connected, Ethernet0/2 C 123.10.2.4/30 is directly connected, Ethernet0/1 L 123.10.2.5/32 is directly connected, Ethernet0/1 D 123.10.2.8/30 [90/307200] via 123.10.2.2, 00:04:37, Ethernet0/2 D 123.10.2.12/30 [90/307200] via 123.10.2.6, 00:04:37, Ethernet0/1 D 123.10.2.16/30 [90/281856] via 123.10.2.6, 00:04:27, Ethernet0/1 D 123.10.2.20/30 [90/307456] via 123.10.2.6, 00:04:37, Ethernet0/1 [90/307456] via 123.10.2.2, 00:04:37, Ethernet0/2 D 123.10.2.24/30 [90/307456] via 123.10.2.6, 00:00:25, Ethernet0/1 D 123.10.10.10/32 [90/409856] via 123.10.2.6, 00:04:27, Ethernet0/1 D 123.11.11.11/32 [90/435456] via 123.10.2.6, 00:00:11, Ethernet0/1 [90/435456] via 123.10.2.2, 00:00:11, Ethernet0/2 D 123.33.33.33/32 [90/409600] via 123.10.2.6, 00:04:27, Ethernet0/1 D 123.44.44.44/32 [90/435200] via 123.10.2.6, 00:04:37, Ethernet0/1 [90/435200] via 123.10.2.2, 00:04:37, Ethernet0/2 R9#sh ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP + - replicated route, % - next hop override Gateway of last resort is not set 33.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 33.34.4.0/30 is directly connected, Ethernet1/0
  22. 22. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 148 L 33.34.4.2/32 is directly connected, Ethernet1/0 102.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 102.1.34.0/30 is directly connected, Ethernet0/0 L 102.1.34.2/32 is directly connected, Ethernet0/0 123.0.0.0/8 is variably subnetted, 15 subnets, 2 masks D 123.8.8.8/32 [90/409600] via 123.10.2.1, 00:04:36, Ethernet0/1 C 123.9.9.9/32 is directly connected, Loopback0 C 123.10.2.0/30 is directly connected, Ethernet0/1 L 123.10.2.2/32 is directly connected, Ethernet0/1 D 123.10.2.4/30 [90/307200] via 123.10.2.1, 00:04:36, Ethernet0/1 C 123.10.2.8/30 is directly connected, Ethernet0/2 L 123.10.2.9/32 is directly connected, Ethernet0/2 D 123.10.2.12/30 [90/307200] via 123.10.2.10, 00:04:46, Ethernet0/2 D 123.10.2.16/30 [90/307456] via 123.10.2.10, 00:04:36, Ethernet0/2 [90/307456] via 123.10.2.1, 00:04:36, Ethernet0/1 D 123.10.2.20/30 [90/281856] via 123.10.2.10, 00:04:47, Ethernet0/2 D 123.10.2.24/30 [90/307456] via 123.10.2.10, 00:00:34, Ethernet0/2 D 123.10.10.10/32 [90/435456] via 123.10.2.10, 00:04:36, Ethernet0/2 [90/435456] via 123.10.2.1, 00:04:36, Ethernet0/1 D 123.11.11.11/32 [90/409856] via 123.10.2.10, 00:00:20, Ethernet0/2 D 123.33.33.33/32 [90/435200] via 123.10.2.10, 00:04:36, Ethernet0/2 [90/435200] via 123.10.2.1, 00:04:36, Ethernet0/1 D 123.44.44.44/32 [90/409600] via 123.10.2.10, 00:04:47, Ethernet0/2 R9#
  23. 23. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 149 DIAGRAM: R8 R9 R10 R11 SW3 SW4 ACME NEW YORK BGP AS 34567 123.10.2.X/30 101.1.34.2/30 E0/0 E0/1 .5 E0/1 .18 S38 .6 S310 .17 VLAN 38 VLAN 310 VLAN 34 S34 .13 S34 .14 VLAN 89 E0/2 .1 E0/1 .2 102.1.34.2/30 E0/0 VLAN 49 S49 .10 E0/2 .9 S411 .21 VLAN 411 E0/2 .22 VLAN 111 E0/2 .25 E0/1 .26 E0/0 .2 201.1.34.2/30 E0/0 .2 202.2.34.2/30 SOLUTIONS: R8: CCIERNSTRICKS.COM_H1.1_R8(config)#router eigrp 34567 CCIERNSTRICKS.COM_H1.1_R8(config-router)#no auto CCIERNSTRICKS.COM_H1.1_R8(config-router)#eigrp router-id 123.8.8.8 CCIERNSTRICKS.COM_H1.1_R8(config-router)#net 123.8.8.8 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R8(config-router)#net 123.10.2.1 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R8(config-router)#net 123.10.2.5 0.0.0.0 R9: CCIERNSTRICKS.COM_H1.1_R9(config)#router eigrp 34567 CCIERNSTRICKS.COM_H1.1_R9(config-router)#no auto CCIERNSTRICKS.COM_H1.1_R9(config-router)#eigrp router-id 123.9.9.9 CCIERNSTRICKS.COM_H1.1_R9(config-router)#net 123.9.9.9 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R9(config-router)#net 123.10.2.2 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R9(config-router)#net 123.10.2.9 0.0.0.0 R10: CCIERNSTRICKS.COM_H1.1_R10(config)#router eigrp 34567
  24. 24. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 150 CCIERNSTRICKS.COM_H1.1_R10(config-router)#no auto CCIERNSTRICKS.COM_H1.1_R10(config-router)#eigrp router-id 123.10.10.10 CCIERNSTRICKS.COM_H1.1_R10(config-router)#net 123.10.10.10 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R10(config-router)#net 123.10.2.18 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R10(config-router)#net 123.10.2.25 0.0.0.0 R11: CCIERNSTRICKS.COM_H1.1_R11(config)#router eigrp 34567 CCIERNSTRICKS.COM_H1.1_R11(config-router)#no auto CCIERNSTRICKS.COM_H1.1_R11(config-router)#eigrp router-id 123.11.11.11 CCIERNSTRICKS.COM_H1.1_R12(config-router)#net 123.11.11.11 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R12(config-router)#net 123.10.2.22 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R12(config-router)#net 123.10.2.26 0.0.0.0 SW3: CCIERNSTRICKS.COM_H1.1_SW3config)#ip routing CCIERNSTRICKS.COM_H1.1_SW3(config)#router eigrp 34567 CCIERNSTRICKS.COM_H1.1_SW3(config-router)#no auto CCIERNSTRICKS.COM_H1.1_SW3(config-router)#eigrp router-id 123.33.33.33 CCIERNSTRICKS.COM_H1.1_SW3(config-router)#net 123.33.33.33 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW3(config-router)#net 123.10.2.13 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW3(config-router)#net 123.10.2.17 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW3(config-router)#net 123.10.2.6 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW3(config-)#interface vlan 34 CCIERNSTRICKS.COM_H1.1_SW3(config-if)#delay 100 SW4: CCIERNSTRICKS.COM_H1.1_SW4(config-)#ip routing CCIERNSTRICKS.COM_H1.1_SW4(config)#router eigrp 34567 CCIERNSTRICKS.COM_H1.1_SW4(config-router)#no auto CCIERNSTRICKS.COM_H1.1_SW4(config-router)#eigrp router-id 123.44.44.44 CCIERNSTRICKS.COM_H1.1_SW4(config-router)#net 123.44.44.44 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW4(config-router)#net 123.10.2.14 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW4(config-router)#net 123.10.2.10 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW4(config-router)#net 123.10.2.21 0.0.0.0
  25. 25. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 151 CCIERNSTRICKS.COM_H1.1_SW4(config-)#interface vlan 34 CCIERNSTRICKS.COM_H1.1_SW4(config-if)#delay 100
  26. 26. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 152 2.3 EIGRP in AS 45678 Configure EIGRP in AS 45678 as the following requirements  The EIGRP autonomous system number is 45678  The interface Loopback 0 at each router must be seen as an Internal EIGRP prefix by all other routers  Ensure the EIGRP is not running on any interface that is facing another AS use any method to accomplish this requirement  SW4 and SW6 are layer 3 switches must configure EIGRP  On all three routers R15,16,17 must use EIGRP the 64bit metric version  Do not change the interface bandwidth on any physical interface in as 45678 DIAGRAM: R15 R16 R17 ACME SYDENY BGP AS 45678 123.20.1.X/30 E0/0 103.2.45.2/30 E0/1 .1 E0/2 .9 E0/1 .2 E0/2 .10 S55 .3 S66 .11 VLAN 55 VLAN 5 VLAN 66 E0/2 .17 E0/1 .18 E0/0 203.3.16.2/30 E0/0 203.3.17.2/30
  27. 27. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 153 SOLUTIONS: R15: CCIERNSTRICKS.COM_H1.1_R15(config)#router EIGRP CCIE CCIERNSTRICKS.COM_H1.1_R15(config-router)#address-family ipv4 unicast autonomous-system 45678 CCIERNSTRICKS.COM_H1.1_R15(config-router-af)#network 123.15.15.15 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R15(config-router-af)#network 123.20.1.1 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R15(config-router-af)#network 123.20.1.9 0.0.0.0 R16: CCIERNSTRICKS.COM_H1.1_R16(config)#router EIGRP CCIE CCIERNSTRICKS.COM_H1.1_R16(config-router)#address-family ipv4 unicast autonomous-system 45678 CCIERNSTRICKS.COM_H1.1_R16(config-router-af)#network 123.16.16.16 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R16(config-router-af)#network 123.20.1.2 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R16(config-router-af)#network 123.20.1.17 0.0.0.0 R17: CCIERNSTRICKS.COM_H1.1_R17(config)#router EIGRP CCIE CCIERNSTRICKS.COM_H1.1_R17(config-router)#address-family ipv4 unicast autonomous-system 45678 CCIERNSTRICKS.COM_H1.1_R17(config-router-af)#network 123.17.17.17 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R17(config-router-af)#network 123.20.1.10 0.0.0.0 CCIERNSTRICKS.COM_H1.1_R17(config-router-af)#network 123.20.1.18 0.0.0.0 SW5: CCIERNSTRICKS.COM_H1.1_SW5(config)#router EIGRP 45678 CCIERNSTRICKS.COM_H1.1_SW5(config-router)#network 123.20.1.3 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW5(config-router-)#network 123.55.55.55 0.0.0.0 IN EXAM SOME TIME VLAN INTERFACES ARE SHUTDOWN PLEASE CHECK THOSE INTERFACES IF THOSE INTERFACES SHOUTDOWN THEN MAKE THEM UP CCIERNSTRICKS.COM_H1.1_SW5(config)#interface Vlan5 CCIERNSTRICKS.COM_H1.1_SW5(config-if)#no shutdown CCIERNSTRICKS.COM_H1.1_SW5(config)#interface Vlan55 CCIERNSTRICKS.COM_H1.1_SW5(config-if)#no shutdown
  28. 28. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 154 SW6: CCIERNSTRICKS.COM_H1.1_SW6(config)#router EIGRP 45678 CCIERNSTRICKS.COM_H1.1_SW6(config-router)#network 123.20.1.11 0.0.0.0 CCIERNSTRICKS.COM_H1.1_SW6(config-router)#network 123.66.66.66 0.0.0.0 IN EXAM SOME TIME VLAN INTERFACES ARE SHUTDOWN PLEASE CHECK THOSE INTERFACES IF THOSE INTERFACES SHOUTDOWN THEN MAKE THEM UP CCIERNSTRICKS.COM_H1.1_SW6(config)#interface Vlan6 CCIERNSTRICKS.COM_H1.1_SW6(config-if)#no shutdown CCIERNSTRICKS.COM_H1.1_SW6(config)#interface Vlan66 CCIERNSTRICKS.COM_H1.1_SW6(config-if)#no shutdown
  29. 29. © 2014-2018 CCIERNSTRICKS.COM July 29, 2018 © 2014-2018 CCIERNSTRICKS.COM 155 2.4 EIGRP in AS 65222  The EIGRP autonomous system number is 45678  The interface Loopback 0 at each router must be seen as an internal EIGRP prefix by all other routers  Ensure the EIGRP is not running on any interface that is facing another AS use any method to accomplish this requirement  R17 is the DMVPN hub, R18, R19 as the spoke use the preconfigured tunnel 0 DIAGRAM: Regional SP-3 BGP 20003 R16 R17 R18 R9 ACME APAC BGP AS 65222 S1/0 203.3.18.2/30 E0/0 E0/0 S1/0 203.3.19.2/30 E0/2 .17 E0/1 .18 E0/0 203.3.16.2/30 E0/0 203.3.17.2/30 10.1.18.1/24 10.1.19.1/24 SOLUTIONS: NOTE:MOST OF THE PART OF THIS QUESTION WILL BE UP AND RUNNING AFTER BGP AND DMVPN CONFIGURATION. THIS TASK IS DEPENDANT TASK 2.7, 2.7 and 3.1, 3.2, 3.3 ONCES THOSE TASK DONE CONFIG WILL WORK R17: CCIERNSTRICKS.COM_H1.1_R17(config)#router EIGRP CCIE CCIERNSTRICKS.COM_H1.1_R17(config-router)#address-family ipv4 unicast autonomous-system 45678 CCIERNSTRICKS.COM_H1.2_R17 (config-router-af)#af-interface tun0 CCIERNSTRICKS.COM_H1.2_R17 (config-router-af-interface)# next-hop-self CCIERNSTRICKS.COM_H1.2_R17 (config-router-af-interface)# split-horizon

Más Contenido Relacionado

Libros relacionados

Gratis con una prueba de 30 días de Scribd

Ver todo

Audiolibros relacionados

Gratis con una prueba de 30 días de Scribd

Ver todo

×