CCNP Lab Guide CCIE University

www.ccieuniversity.com

Configuring Basic EIGRP Lab ............................................................................................................ 3
Configuring Default-network for EIGRP Lab .................................................................................... 6
Manually Summarizing EIGRP Routes Lab ..................................................................................... 11
Configuring EIGRP Unequal Cost Paths Lab ................................................................................... 15
Configuring EIGRP Authentication Lab .......................................................................................... 18
Understand EIGRP Query Lab ........................................................................................................ 20
Configuring Basic Multi Area OSPF and Area Summary Lab ......................................................... 28
Configuring OSPF in NBMA Lab ..................................................................................................... 32
Configuring OSPF Authentication Lab ........................................................................................... 37
Configuring OSPF External Summary Lab ...................................................................................... 43
Configuring OSPF Default Route With Metric Lab ......................................................................... 46
Configuring OSPF Stub Area Lab .................................................................................................... 49
Configuring OSPF Totally Stub Area Lab ........................................................................................ 53
Configuring OSPF NSSA Area and NSSA Totally Stub Lab .............................................................. 56
Configuring OSPF Virtual-Link between normal area and backbone area Lab ............................. 62
Configuring OSPF Virtual-Link between 2 backbone areas Lab .................................................... 65
Understand OSPF Routing Between Inter Area Lab ...................................................................... 68
Configuring Basic IS-IS Lab ............................................................................................................. 70
Configuring IS-IS Multi Area and Summary Route Lab .................................................................. 74
Migrate IS-IS Area Lab ................................................................................................................... 78
Redistributing into RIP and OSPF Lab ............................................................................................ 81
Redistributing Between EIGRP and IS-IS Lab ................................................................................. 83
Redistribution Using Administrative Distance Lab ........................................................................ 87
Filtering Routing Updates with a Distribute List Lab ..................................................................... 89
Filtering Routing Updates with a Route Map Lab ......................................................................... 91
Using Route Tag Filtering Routing Updates Lab ............................................................................ 93
Policy-based route Lab .................................................................................................................. 96
Configuring Basic BGP Lab ............................................................................................................. 99
Configuring BGP Using Loopback Addresses Lab ........................................................................ 101
Understand BGP Auto-Summary Lab .......................................................................................... 103
Configuring BGP Summarization Lab ........................................................................................... 106
Understand BGP Split Horizon Rule Lab ...................................................................................... 108


Understand BGP Synchronization Rule Lab ................................................................................. 111
BGP Neighbor Authentication Lab............................................................................................... 114
Configuring BGP Local Preference Lab ........................................................................................ 117
Using Route Maps to Configuring BGP Local Preference Lab ..................................................... 121
Configuring BGP Multi-Exit Discriminator Lab............................................................................. 124
Configuring BGP Weight Lab ....................................................................................................... 128
Affects the BGP Routing By Path Prepend Lab ............................................................................ 131
Configuring BGP Routes Reflector Lab ........................................................................................ 134
Configuring BGP Confederation Lab ............................................................................................ 135
Using Route Tag to Store BGP AS-Path Lab ................................................................................. 139
Using Distribute-list to Filtering BGP Routing Lab ....................................................................... 143
Using Route-Map to Filtering BGP Routing Lab .......................................................................... 145
Using Prefix-List to Filtering BGP Routing Lab ............................................................................. 146
Configuring 802.1x Port-Based Authentication Lab .................................................................... 150
Routing Between VLANs and VTP Protocol Lab .......................................................................... 154
Configuring L2 & L3 EtherChannel with PAGP Lab ...................................................................... 163
Configuring L2 & L3 EtherChannel with LACP Lab ....................................................................... 169
Configuring Layer 3 Redundancy with HSRP Lab ......................................................................... 172
Configuring Layer 3 Redundancy with VRRP Lab......................................................................... 179


Configuring Basic EIGRP Lab

Topology

Lab Purpose:
1、Master EIGRP basic configuration.
2、Master EIGRP wild card bits configuration.
3、Master EIGRP auto summary feature, and learn how to disable auto summary.
4、Master EIGRP manually summary.

Lab Steps:
1、Config IP address for each router.
2、EIGRP AS number should be 50.
3、Enable EIGRP for the 3 routers.
R1#configure terminal
R1(config-if)#router eigrp 50
R1(config-router)#network 172.16.0.0





4、Check the EIGRP neighbour relationship on R2.
R2#show ip eigrp 50 neighbors
IP-EIGRP neighbors for process 50
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
1 172.16.1.6 Se1/1 13 00:00:37 436 2616 0 2
0 172.16.1.1 Se1/0 13 00:02:34 736 4416 0 4
TIPS: H stands for neighbor sequence number, address is the neighbor address, Interface is the local
interface which connect with neighbor.

5、Check the routing table on R2.
R2#show ip route
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
C 172.16.1.4/30 is directly connected, Serial1/1
D 172.16.0.0/16 is a summary, 00:06:33, Null0
D 192.168.4.0/24 [90/2297856] via 172.16.1.6, 00:04:39, Serial1/1
D 10.0.0.0/8 [90/2297856] via 172.16.1.1, 00:06:34, Serial1/0
C 131.131.0.0/16 is directly connected, Loopback0
D 192.168.0.0/24 [90/2297856] via 172.16.1.6, 00:04:39, Serial1/1
D 192.168.1.0/24 [90/2297856] via 172.16.1.6, 00:04:39, Serial1/1
D 192.168.2.0/24 [90/2297856] via 172.16.1.6, 00:04:39, Serial1/1
D 192.168.3.0/24 [90/2297856] via 172.16.1.6, 00:04:39, Serial1/1

6、 Check EIGRP routing table on R2.
R2#show ip route eigrp
D 192.168.4.0/24 [90/2297856] via 172.16.1.6, 00:08:14, Serial1/1
D 10.0.0.0/8 [90/2297856] via 172.16.1.1, 00:10:10, Serial1/0
D 192.168.0.0/24 [90/2297856] via 172.16.1.6, 00:08:14, Serial1/1
D 192.168.1.0/24 [90/2297856] via 172.16.1.6, 00:08:14, Serial1/1
D 192.168.2.0/24 [90/2297856] via 172.16.1.6, 00:08:14, Serial1/1
D 192.168.3.0/24 [90/2297856] via 172.16.1.6, 00:08:14, Serial1/1

7、There is a summary route 10.0.0.0/8 via 172.16.1.1 on R2 by auto summary feature,
we could use "no auto-summary" command to disable it.
R1(config)
R1(config)#router eigrp 50
R1(config-router)#no auto-summary
R1(config-router)#exit
Then check the eigrp route on R2 again.


D 192.168.4.0/24 [90/2297856] via 172.16.1.6, 00:05:09, Serial1/1
10.0.0.0/24 is subnetted, 4 subnets
D 10.1.3.0 [90/2297856] via 172.16.1.1, 00:02:31, Serial1/0
D 10.1.2.0 [90/2297856] via 172.16.1.1, 00:02:31, Serial1/0
D 10.1.1.0 [90/2297856] via 172.16.1.1, 00:02:31, Serial1/0
D 10.1.4.0 [90/2297856] via 172.16.1.1, 00:02:31, Serial1/0
D 192.168.0.0/24 [90/2297856] via 172.16.1.6, 00:05:09, Serial1/1
D 192.168.1.0/24 [90/2297856] via 172.16.1.6, 00:05:09, Serial1/1
D 192.168.2.0/24 [90/2297856] via 172.16.1.6, 00:05:09, Serial1/1
D 192.168.3.0/24 [90/2297856] via 172.16.1.6, 00:05:09, Serial1/1

8、Manually summarize network 192.168.0.0/24 192.168.1.0/24 192.168.2.0/24
192.168.3.0/24 to 1 item on R3.
R3(config)#interface serail 1/0
R3(config-if)#ip summary eigrp 50 192.168.0.0 255.255.252.0
R3(config-if)#exit

9、Check routing table on R2 again.
………
D 10.1.1.0 [90/2297856] via 172.16.1.1, 00:02:31, Serial1/0
D 10.1.4.0 [90/2297856] via 172.16.1.1, 00:02:31, Serial1/0
D 192.168.0.0/22 [90/2297856] via 172.16.1.6, 00:05:09, Serial1/1
………
10、Use wild card bits on R2's EIGRP configuration.
R2(config)#no router eigrp 50
R2(config-router)#network 172.16.1.0 0.0.0.3

11、This time there is only R1 in R2's neighbor table.
R2#show ip eigrp neighbors
(sec) (ms) Cnt Num
0 172.16.1.1 Se1/0 12 00:04:57 1510 5000 0 5
12、Check EIGRP routing table on R1.


D 131.131.0.0/16 [90/2297856] via 172.16.1.2, 00:00:06, Serial1/1
By www.ccieuniversity.com

Configuring Default-network for EIGRP Lab
Topology

Lab Purpose:
1、Learn to use "ip default-network" command instead of " ip route 0.0.0.0 0.0.0.0 " in
EIGRP network.

Lab Steps:
1、Finish the basic ip address configuration on all the routers.

2、Let's suppose R3 is the external router, so there is no EIGRP relationship between R2
and R3. What we need is a default route to the internal network on R3.
R3(config)#
R3(config)#ip route 0.0.0.0 0.0.0.0 192.168.10.1
R3(config)#

3、Enable EIGRP 50 on the internal routers.





4、Check EIGRP neighbor relationship on R2.
R2#show ip eigrp neighbors
H Address Interface Hold Uptime SRTT RTO Q Seq Type
(sec) (ms) Cnt Num
1 172.16.1.6 Et1/2 11 00:00:54 1 3000 0 2
0 172.16.1.1 Et1/0 12 00:00:54 1 3000 0 2

5、Add a default route on R2 to reach the external network.
R2(config)#ip route 0.0.0.0 0.0.0.0 192.168.10.2
R2(config)#
R2#ping 192.168.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 4/43/92 ms
R2#

6、R1 and R5 do not have route to external network, so they can not access external
network.
R1#show ip route

Gateway of last resort is not set

D 172.16.1.4 [90/284160] via 172.16.1.2, 00:06:40, FastEthernet0/1
C 172.16.1.0 is directly connected, FastEthernet0/1
R1#
R1#ping 192.168.1.1

.....
Success rate is 0 percent (0/5)
R1#


R5#show ip route


C 172.16.1.4 is directly connected, Ethernet1/1
D 172.16.1.0 [90/307200] via 172.16.1.5, 00:12:15, Ethernet1/1
R5#
R5#ping 192.168.1.1

.....
R5#

7、One solution is to add a default route with the next hop R2 on both R1 and R5 .
R1(config)#ip route 0.0.0.0 0.0.0.0 172.16.1.2
R1(config)#exit
R1#show ip route

Gateway of last resort is 172.16.1.2 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 172.16.1.2
R1#
R1#ping 192.168.1.1

!!!!!
R1#

R5(config)#ip route 0.0.0.0 0.0.0.0 172.16.1.5
R5(config)#exit
R5#
R5#show ip route




D 172.16.1.0 [90/307200] via 172.16.1.5, 00:13:57, Ethernet1/1
S* 0.0.0.0/0 [1/0] via 172.16.1.5
R5#
R5#ping 192.168.1.1

!!!!!
R5#

8、Another solution is to let R2 announce the external route to R1 and R5, this solution
is better for large internal network, as it gets less configuration work.

9、So let's delete the default route on R1 and R5 first.
R1(config)#no ip route 0.0.0.0 0.0.0.0 172.16.1.2
R1(config)#exit
R1#
R1#show ip route


R1#
R1#ping 192.168.1.1

.....
R1#

R5(config)#no ip route 0.0.0.0 0.0.0.0 172.16.1.5
R5(config)#exit
R5#
R5#show ip route


D 172.16.1.0 [90/307200] via 172.16.1.5, 00:19:42, Ethernet1/1
R5#


R5#ping 192.168.1.1

.....
R5#

10、Then let's R2 announce the external network 192.168.10.0 to R1 and R5.
R2(config)#ip default-network 192.168.10.0
R2(config)#exit
R2#show ip route


* 192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
D* 192.168.10.0/24 is a summary, 00:00:53, Null0
C 192.168.10.0/30 is directly connected, Ethernet1/1
S* 0.0.0.0/0 [1/0] via 192.168.10.2
R2#

11、Check the routing table of R1 and R5 again, to make sure they have the external
route.
R1#show ip route


D* 192.168.10.0/24 [90/284160] via 172.16.1.2, 00:02:03, FastEthernet0/1
R1#
R1#ping 192.168.1.1

!!!!!


R1#

R5#show ip route


D* 192.168.10.0/24 [90/307200] via 172.16.1.5, 00:04:15, Ethernet1/1
D 172.16.1.0 [90/307200] via 172.16.1.5, 00:04:19, Ethernet1/1
R5#
R5#ping 192.168.1.1

!!!!!


Manually Summarizing EIGRP Routes Lab
Topology

Lab Purpose:
1、Understand the weakness of EIGRP auto summarization.
2、Master EIGRP manually summary configuration.


Lab Steps:
1、Finish basic ip configuration.
2、Enable EIGRP on all the routers, do not disable auto summary.
3、Ping on R2 to R1's 10.1.X.0/24 network and R4's 10.1.X.0/24 network, you will find
to R1 is good, but to R4 fails.
R2#ping 10.1.1.1

!!!!!

R2#ping 10.1.16.1

U.U.U
R2#
R2#ping 10.1.17.1

U.U.U

4、Check the routing table of R2.
R2#show ip route


D 172.16.1.8 [90/307200] via 172.16.1.6, 00:06:25, Ethernet1/1
D 10.0.0.0/8 [90/409600] via 172.16.1.1, 00:06:09, Ethernet1/0
D 192.168.0.0/24 [90/409600] via 172.16.1.6, 00:06:25, Ethernet1/1
D 192.168.1.0/24 [90/409600] via 172.16.1.6, 00:06:25, Ethernet1/1
D 192.168.2.0/24 [90/409600] via 172.16.1.6, 00:06:25, Ethernet1/1
D 192.168.3.0/24 [90/409600] via 172.16.1.6, 00:06:25, Ethernet1/1

5、Check the EIGRP topology database of R2.
R2#show ip eigrp topology all-links
IP-EIGRP Topology Table for AS(50)/ID(172.16.1.5)

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - Reply status

P 10.0.0.0/8, 1 successors, FD is 409600, serno 3
via 172.16.1.1 (409600/128256), Ethernet1/0
via 172.16.1.6 (435200/409600), Ethernet1/1
via 172.16.1.6 (409600/128256), Ethernet1/1


via 172.16.1.6 (409600/128256), Ethernet1/1
via 172.16.1.6 (409600/128256), Ethernet1/1
via 172.16.1.6 (409600/128256), Ethernet1/1
via 172.16.1.6 (307200/281600), Ethernet1/1
via Connected, Ethernet1/1
via Connected, Ethernet1/0

6、The specific 10.1.X.0/24 networks on both R1 and R4 were automatically summarize
to 10.0.0.0/8 before R2 receives. So R2 has two next hop to network 10.0.0.0/8,
according to the topology database R1's (172.16.1.1) FD 409600 is better than R3's
(172.16.1.6) FD 435200, then R2 will choose R1 172.16.1.1 as the next hop in the routing
table, so ping traffic to the networks behind R4 will not going to R4.

7、To solve this issue, we need to use manual summary instead of auto summary.
R1(config)#
R1(config)#interface fastEthernet 0/1
R1(config-if)#ip summary-address eigrp 50 10.1.0.0 255.255.252.0
R1(config-if)#exit
R1(config)#exit

R4(config)#
R4(config)#interface fastEthernet 0/0
R4(config-if)#exit
R4(config)#exit

R2#show ip route


D 172.16.1.8 [90/307200] via 172.16.1.6, 00:21:08, Ethernet1/1
D 10.1.0.0 [90/409600] via 172.16.1.1, 00:03:13, Ethernet1/0
D 10.1.16.0 [90/435200] via 172.16.1.6, 00:01:02, Ethernet1/1
D 192.168.0.0/24 [90/409600] via 172.16.1.6, 00:21:08, Ethernet1/1
D 192.168.1.0/24 [90/409600] via 172.16.1.6, 00:21:08, Ethernet1/1


D 192.168.2.0/24 [90/409600] via 172.16.1.6, 00:21:08, Ethernet1/1
D 192.168.3.0/24 [90/409600] via 172.16.1.6, 00:21:08, Ethernet1/1

9、Ping the networks behind R1 and R4 again.
R2#ping 10.1.0.1

!!!!!
R2#ping 10.1.1.1

!!!!!
R2#ping 10.1.16.1

!!!!!
R2#ping 10.1.17.1

!!!!!

10、To decrease the size of routing table, we could manually summarize the networks
from 192.168.0.0/24 to 192.168.3.0/24 behind R3.
R3(config)#
R3(config)#interface ethernet 1/1
R3(config-if)#exit
R3(config)#
R3(config)#inter ethernet 1/0
R3(config-if)#exit
R3(config)#

11、Check the routing table of R2 and R4.
R4#show ip route




D 10.1.0.0/22 [90/437760] via 172.16.1.9, 00:02:23, FastEthernet0/0

R2#show ip route


D 172.16.1.8 [90/307200] via 172.16.1.6, 00:02:54, Ethernet1/1
D 10.1.0.0 [90/409600] via 172.16.1.1, 00:16:13, Ethernet1/0
D 10.1.16.0 [90/435200] via 172.16.1.6, 00:02:54, Ethernet1/1
D 192.168.0.0/22 [90/409600] via 172.16.1.6, 00:02:54, Ethernet1/1

12、Ping the networks behind R3 from R2 and R4.
R2#ping 192.168.0.1

!!!!!

R4#ping 192.168.1.1

!!!!!


Configuring EIGRP Unequal Cost Paths Lab
Topology


Lab Purpose:
1、Master EIGRP unequal cost load balance.
2、Master EIGRP metric modifying.
3、Master EIGRP AD、FD、FC、Successor、FS principal.

Lab Steps:
2、Enable EIGRP 50 on the 3 routers.
R1#show ip route

C 172.16.1.0 is directly connected, Serial1/1

4、We can see there is only one way to network 192.168.1.0/24, to increase the
capability of transmission, we need to use all the usable links.

5、If we want to use 172.16.1.2 as a unequal cost path, then we should make sure it is
the FS of network 192.168.1.0/24.

6、Check the EIGRP 50 topology database we found that 172.16.1.2 is not in the
192.168.1.0/24 list, not a FS.
R1#show ip eigrp 50 topology
………
P 192.168.1.0/24, 1 successors, FD is 156160
via 172.16.1.10 (156160/128256), FastEthernet0/0
P 172.16.1.8/30, 1 successors, FD is 28160
via Connected, FastEthernet0/0
………
7、Check the full EIGRP topology table we found that 172.16.1.2 could be the next hop
of network 192.168.1.0/24, just not in use by the restriction of algorithm.
R1#show ip eigrp 50 topology all-links


………
via 172.16.1.2 (2809856/2297856), Serial1/1
………
8、According to the FS formula.
AD of secondary-best route < FD of best route(Successor) = Feasible Successor
We could do the math.
Distance from R2 to network 192.168.1.0/24 should less than 156160, then 172.16.1.2
would be the FS.
9、Let's change the EIGRP metrics of R2 to make it work as a FS of R1.
R2(config)#interface serial 1/1
R2(config-if)#bandwidth 10000000
R2(config-if)#delay 10
R2(config)#exit
10、Check the topology table of R1, we see 130816 is less than 15160.
R1#show ip eigrp topology all-links
………
via 172.16.1.2 (2300416/130816), Serial1/1
………
11、This time we could enable unequal cost load balance, and give the right variance
value.
According to the variance formula.
FD of FS route < FD of best route(Successor) * Varince
So the math is
2300416 < 156160 * x
x≈14.73
12、Let test 14 as the variance number.
R1(config-router)#variance 14
R1(config)#exit
R1#clear ip router *
R1#show ip route
………
………
Seems 14 is not enough.
13、Let's change it to 15.


R1(config-router)#variance 15
R1(config)#exit
R1#clear ip router *
R1#show ip route
………
[90/2300416] via 172.16.1.2, 00:00:01, Serial1/1
This time both 172.16.1.10 and 172.16.1.2 are the next hop for network 192.168.1.0/24.


Configuring EIGRP Authentication Lab
Topology

Lab Purpose:
1、Master EIGRP authentication principal.
2、Master EIGRP authentication configuration.

Lab Steps:
3、Check the routing tables of R1 and R2.
R1#show ip route
D 192.168.1.0/24 [90/2297856] via 172.16.1.10, 00:00:09, Serial1/1
R1#


R2#show ip route
D 10.0.0.0/8 [90/2297856] via 172.16.1.9, 00:00:51, Serial1/0
R2#
4、Config EIGRP authentication on R1.
R1(config)#key chain edurainbow
R1(config-keychain)#key 1
R1(config-keychain-key)#key-string cisco
R1(config-keychain-key)#exit
R1(config-keychain)#exit
R1(config)#
R1(config-if)#ip authentication key-chain eigrp 50 edurainbow
R1(config-if)#ip authentication mode eigrp 50 md5
R1(config-if)#end
R1(config)#

5、"Use clear ip route *" command to speed up converge.
6、Then check the routing table of R1 and R2 again.
R1#show ip route
R1#

R2#show ip route
………
R2#
This time the neighbor is down and EIGRP routes are missing.
*Mar 14 15:35:27.343: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 50: Neighbor 172.16.1.9 (Serial1/0) is up:
new adjacency
*Mar 14 15:35:29.767: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 50: Neighbor 172.16.1.9 (Serial1/0) is down:
Auth failure

7 Check the neighbor table of R2 we found no item there.

8、Config EIGRP authentication on R2.
R2#


R2(config)#key chain edurainbow
R2(config-keychain)#key 1
R2(config-keychain-key)#key-string cisco
R2(config-keychain-key)#exit
R2(config-keychain)#exit
R2(config)#
R2(config-if)#ip authentication key-chain eigrp 50 edurainbow
R2(config-if)#ip authentication mode eigrp 50 md5
R2(config-if)#exit
R2(config)#exit
R2(config)#
9、Then we found neighbor is up again.
*Mar 14 15:46:04.071: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 50: Neighbor 172.16.1.9 (Serial1/0) is up:
new adjacency
(sec) (ms) Cnt Num
0 172.16.1.9 Se1/0 11 00:01:17 28 200 0 8

10、Check the routing table of R1 and R2 we found the RIGRP routes are back.
R1#show ip route
D 192.168.1.0/24 [90/2297856] via 172.16.1.10, 00:02:54, Serial1/1
R1#

R2#show ip route
D 10.0.0.0/8 [90/2297856] via 172.16.1.9, 00:03:44, Serial1/0


Understand EIGRP Query Lab
Topology


Lab Purpose:
1、Understand EIGRP route update mechanism.
2、Master EIGRP debug command.
3、Master stub configuration.

Lab Steps:
3、Check EIGRP routing table of R1 R2 R3.
D 172.16.1.4/30 [90/2681856] via 172.16.1.2, 00:01:20, Serial1/1
R1#

D 10.0.0.0/8 [90/2297856] via 172.16.1.1, 00:01:16, Serial1/0
D 192.168.1.0/24 [90/2172416] via 172.16.1.1, 00:01:21, Serial1/0
[90/2172416] via 172.16.1.6, 00:01:21, Serial1/1
R2#

R3#sh ip route eigrp
D 172.16.1.0/30 [90/2681856] via 172.16.1.5, 00:01:36, Serial1/0
R3#
4、Debug EIGRP on R2 to track update.
R2#debug eigrp fsm
EIGRP FSM Events/Actions debugging is on


R2#debug eigrp packets query
EIGRP Packets debugging is on
(QUERY)
5、Shutdown loopback0 on R1 to simulate a network issue.
R1(config)#interface loopback 0
R1(config-if)#shutdown
6、Check debug information on R2.
*Mar 15 22:03:26.087: EIGRP: Received QUERY on Serial1/0 nbr 172.16.1.1
*Mar 15 22:03:26.091: AS 50, Flags 0x0, Seq 127/192 idbQ 0/0 iidbQ
un/rely 0/0 peerQ un/rely 0/0
*Mar 15 22:03:26.095: DUAL: rcvquery: 10.1.1.0/24 via 172.16.1.1 metric
4294967295/4294967295, RD is 2297856
*Mar 15 22:03:26.095: DUAL: Find FS for dest 10.1.1.0/24. FD is 2297856,
RD is 2297856
*Mar 15 22:03:26.099: DUAL: 172.16.1.1 metric 4294967295/4294967295
*Mar 15 22:03:26.099: DUAL: 172.16.1.6 metric 2300416/156160 found
Dmin is 2300416
*Mar 15 22:03:26.099: DUAL: send REPLY(R1/n1) about 10.1.1.0/24 to
172.16.1.1
*Mar 15 22:03:26.099: DUAL: RT installed 10.1.1.0/24 via 172.16.1.6
*Mar 15 22:03:26.099: DUAL: Send update about 10.1.1.0/24. Reason:
metric chg
*Mar 15 22:03:26.099: DUAL: Send update about 10.1.1.0/24. Reason: new
if
4294967295/4294967295, RD is 2300416
RD is 2300416
*Mar 15 22:03:26.159: DUAL: 172.16.1.6 metric 4294967295/4294967295
*Mar 15 22:03:26.159: DUAL: 172.16.1.1 metric 4294967295/4294967295
not found Dmin is 4294967295
*Mar 15 22:03:26.159: DUAL: Peer total/stub 2/0 template/full-stub 2/0
*Mar 15 22:03:26.159: DUAL: Dest 10.1.1.0/24 entering active state.
*Mar 15 22:03:26.159: DUAL: Set reply-status table. Count is 2.
*Mar 15 22:03:26.159: DUAL: Not doing split horizon
*Mar 15 22:03:26.159: DUAL: Going from state 1 to state 3
*Mar 15 22:03:26.171: EIGRP: Enqueueing QUERY on Serial1/1 iidbQ un/rely
0/1 serno 148-148


*Mar 15 22:03:26.175: EIGRP: Enqueueing QUERY on Serial1/1 nbr
172.16.1.6 iidbQ un/rely 0/0 peerQ un/rely 0/0 serno 148-148
*Mar 15 22:03:26.179: EIGRP: Sending QUERY on Serial1/1 nbr 172.16.1.6
un/rely 0/0 peerQ un/rely 0/1 serno 148-148
0/1 serno 148-148
*Mar 15 22:03:26.215: DUAL: rcvreply: 10.1.1.0/24 via 172.16.1.6 metric
4294967295/4294967295
*Mar 15 22:03:26.219: DUAL: reply count is 2
*Mar 15 22:03:26.219: DUAL: Clearing handle 1, count now 1
4294967295/4294967295
*Mar 15 22:03:26.271: DUAL: Freeing reply status table
*Mar 15 22:03:26.271: DUAL: Find FS for dest 10.1.1.0/24. FD is
4294967295, RD is 4294967295 found
………
According to the debug output there are 4 query packets and 4 respond packets, thing if
there are hundreds of routers the query will be huge. We could use manually summarize
and stub feature to restrict the query scope.

7、Manually summary on R1 and R3.
R1(config-if)#no shutdown


8、Check routing table of R2 and R3 again to make sure they have learned the summary
route.


D 172.16.0.0/16 [90/2684416] via 172.16.1.1, 00:15:27, Serial1/0
D 10.1.1.0 [90/2297856] via 172.16.1.1, 00:00:27, Serial1/0
D 192.168.1.0/24 [90/2172416] via 172.16.1.1, 00:15:09, Serial1/0
[90/2172416] via 172.16.1.6, 00:15:09, Serial1/1
R2#ping 10.1.1.1
!!!!!
R2#

R3>show ip route eigrp

D 172.16.1.0/30 [90/2172416] via 192.168.1.1, 00:15:43,
FastEthernet0/0
R3>
R3>ping 10.1.1.1

!!!!!
R3>

9、Shutdown loopback0 on R1 again to check the debug message on R2.
*Mar 15 22:11:17.875: DUAL: dest(10.1.1.0/24) not active
4294967295/4294967295, RD is 4294967295
172.16.1.1
4294967295/4294967295, RD is 2297856


RD is 2297856
*Mar 15 22:11:17.883: DUAL: 172.16.1.1 metric 4294967295/4294967295
Dmin is 2300416
172.16.1.1
metric chg
if
*Mar 15 22:11:17.907: DUAL: dest(10.1.1.0/24) not active
4294967295/4294967295, RD is 4294967295
172.16.1.6
*Mar 15 22:11:17.951: DUAL: Removing dest 10.1.1.0/24, nexthop
172.16.1.1
*Mar 15 22:11:17.955: DUAL: Removing dest 10.0.0.0/8, nexthop 172.16.1.1
*Mar 15 22:11:18.015: DUAL: Removing dest 10.1.1.0/24, nexthop
172.16.1.6
*Mar 15 22:11:18.015: DUAL: No routes. Flushing dest 10.1.1.0/24
4294967295/4294967295, RD is 2300416
RD is 2300416
*Mar 15 22:11:18.031: DUAL: 172.16.1.6 metric 4294967295/4294967295
*Mar 15 22:11:18.039: DUAL: Doing split horizon on Serial1/1


0/1 serno 161-161
0/1 serno 161-161
*Mar 15 22:11:18.119: DUAL: dest(10.0.0.0/8) active
4294967295/4294967295
*Mar 15 22:11:18.123: DUAL: Freeing reply status table
*Mar 15 22:11:18.123: DUAL: Find FS for dest 10.0.0.0/8. FD is
4294967295, RD is 4294967295 found
172.16.1.6
*Mar 15 22:11:18.171: DUAL: No routes. Flushing dest 10.0.0.0/8

Obviously query packets for network 10.1.1.0/24 decrease to 2 this time.

10、To deeply solve the issue, we enable EIGRP stub feature on R2 to stop query
packets for network 10.1.1.0/24.
R2(config-router)#eigrp stub

11、Check the neighbor table on R1 to see the stub feature.
R1#show ip eigrp neighbors detail
H Address Interface Hold Uptime SRTT RTO Q
Seq
(sec) (ms) Cnt
Num


0 172.16.1.2 Se1/1 12 00:01:01 216 1296 0
220
Version 12.3/1.2, Retrans: 0, Retries: 0
Stub Peer Advertising ( CONNECTED SUMMARY ) Routes
Suppressing queries
1 192.168.1.2 Fa0/0 14 01:09:11 75 450 0
159
Version 12.3/1.2, Retrans: 1, Retries: 0

12、Shutdown loopback0 of R1 again to see the debug output of R2.
*Mar 15 22:22:31.371: DUAL: rcvupdate: 10.0.0.0/8 via 172.16.1.1 metric
4294967295/4294967295
RD is 2297856
*Mar 15 22:22:31.375: DUAL: 172.16.1.1 metric 4294967295/4294967295
Dmin is 2300416
metric chg
if
*Mar 15 22:22:31.587: DUAL: rcvupdate: 10.0.0.0/8 via 172.16.1.6 metric
4294967295/4294967295
RD is 2300416
*Mar 15 22:22:31.591: DUAL: 172.16.1.6 metric 4294967295/4294967295
*Mar 15 22:22:31.595: DUAL: Not doing split horizon
0/1 serno 169-169
0/1 serno 169-169


*Mar 15 22:22:31.711: DUAL: dest(10.0.0.0/8) active
4294967295/4294967295
…………
This time R2 will not receive any query packet for network 10.1.1.0/24

Configuring Basic Multi Area OSPF and Area Summary Lab
Topology

Lab Purpose:
1、Master OSPF multi area configuration.
2、Distinguish routes from different areas.
3、Master OSPF route summary configuration.
4、Master OSPF basic configuration.

Lab Steps:
2、Enable OSPF 1 on R1, assign interfaces to the relevant area according to the
topology.
R1(config)#router ospf 1
R1(config-router)#network 10.1.2.0 0.0.0.255 area 1


3、Enable OSPF 1 on R2, assign interfaces to relevant area according to the topology.
R2(config)#exit
4、Refer to R1 and R2, finish the OSPF configuration on R3 and R4.

5、Check OSPF neighbor relationship on R2.
R2#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
192.168.1.9 1 FULL/ - 00:00:39 192.168.1.6 Serial1/1
10.1.2.1 1 FULL/ - 00:00:37 192.168.1.1 Serial1/0

6、Check the routing table of R1 to see OSPF route from different areas.
R1#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

…………
O IA 172.16.1.1 [110/193] via 192.168.1.2, 00:02:23, Serial1/1
O IA 172.16.2.1 [110/193] via 192.168.1.2, 00:02:23, Serial1/1
C 10.1.2.0 is directly connected, Loopback1
O IA 192.168.1.8 [110/192] via 192.168.1.2, 00:02:58, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:05:06, Serial1/1

7、Check OSPF link state database of R1.
R1#show ip ospf database

OSPF Router with ID (10.1.2.1) (Process ID 1)

Router Link States (Area 1)

Link ID ADV Router Age Seq# Checksum Link count
10.1.2.1 10.1.2.1 492 0x80000004 0x00C83F 4
192.168.1.5 192.168.1.5 486 0x80000003 0x002BB5 2


Summary Net Link States (Area 1)

Link ID ADV Router Age Seq# Checksum
172.16.1.1 192.168.1.5 315 0x80000001 0x00CCC0
172.16.2.1 192.168.1.5 315 0x80000001 0x00C1CA
192.168.1.4 192.168.1.5 479 0x80000001 0x00E33E
192.168.1.8 192.168.1.5 350 0x80000001 0x003E9F

8、Use ping to test the connectivity on R1.
R1#ping 172.16.1.1

!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 216/240/288
ms
R1#
9、Check the routing table and OSPF link state database on R4.
R4#show ip route
O IA 10.1.2.0 [110/193] via 192.168.1.9, 00:15:14, Serial1/0
O IA 10.1.1.0 [110/193] via 192.168.1.9, 00:15:14, Serial1/0
O IA 192.168.1.0 [110/192] via 192.168.1.9, 00:15:14, Serial1/0
O IA 192.168.1.4 [110/128] via 192.168.1.9, 00:15:14, Serial1/0
R4#



172.16.2.1 172.16.2.1 1223 0x80000004 0x00B871 4
192.168.1.9 192.168.1.9 1224 0x80000002 0x00EA2E 2


10.1.1.0 192.168.1.9 2 0x80000001 0x00B586
10.1.2.0 192.168.1.9 2 0x80000001 0x00AA90
192.168.1.0 192.168.1.9 1265 0x80000001 0x00766B


192.168.1.4 192.168.1.9 1265 0x80000001 0x00CB52

As you see all the area 1 specific routes are in the routing table of R4, we could do
something to make it smaller.

10、Config OSPF area summary on R2.
R2(config-router)#area 1 range 10.1.0.0 255.255.0.0
R2(config)#exit
11、Check the routing table and OSPF database on R4 again.
R4#show ip route
O IA 10.1.0.0 [110/193] via 192.168.1.9, 00:00:32, Serial1/0
O IA 192.168.1.0 [110/192] via 192.168.1.9, 00:18:36, Serial1/0
O IA 192.168.1.4 [110/128] via 192.168.1.9, 00:18:36, Serial1/0
R4#



172.16.2.1 172.16.2.1 6 0x80000005 0x00B672 4
192.168.1.9 192.168.1.9 13 0x80000004 0x00E630 2


10.1.0.0 192.168.1.9 29 0x80000001 0x00C07C
192.168.1.0 192.168.1.9 1325 0x80000001 0x00766B
192.168.1.4 192.168.1.9 1325 0x80000001 0x00CB52



Configuring OSPF in NBMA Lab
Topology

Lab Purpose:
1、Master OSPF in NBMA network configuration.
2、Master OSPF interface network type configuration.
3、Master OSPF interface priority configuration.

Lab Steps:
2、Enable OSPF on all routers and use default network type.
R1(config-if)#ip address 172.16.1.1 255.255.255.0
R1(config-if)#ip ospf network point-to-point
R1(config-if)#exit
R1(config)#
R1(config-if)#ip add 192.168.1.1 255.255.255.0
R1(config-if)#encapsulation frame-relay
R1(config-if)#no frame-relay inverse-arp
R1(config-if)#frame-relay map ip 192.168.1.2 102 broadcast
R1(config-if)#exit
R1(config)#
R1(config)#

R2(config-if)#exit
R2(config)#


R2(config-if)#exit
R2(config)#
R2(config)#

R3(config-if)#exit
R3(config)#
R3(config-if)#exit
R3(config)#
R3(config)#

3、Check the OSPF neighbor table on R1 we can see no neighbor is up.

4、Check Serial 1/2 OSPF information on R1.
R1#show ip ospf interface serial 1/2
Serial1/2 is up, line protocol is up
Internet Address 192.168.1.1/24, Area 0
Process ID 1, Router ID 172.16.1.1, Network Type NON_BROADCAST, Cost: 64
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 172.16.1.1, Interface address 192.168.1.1


No backup designated router on this network
Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
oob-resync timeout 120
Hello due in 00:00:15
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 0, maximum is 0
Last flood scan time is 0 msec, maximum is 0 msec
Neighbor Count is 0, Adjacent neighbor count is 0
Suppress hello for 0 neighbor(s)

5、According to the above information we could see the default OSPF network type for
NBMA is NON_BROADCAST, So OSPF will not send out its hello packet which based on
multi-cast.

6、One solution is to manually assign OSPF neighbor.
R1(config-router)#neighbor 192.168.1.2



7、Then we can see the neighbors are up.
*Jun 18 15:36:16.743: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.4.1 on Serial1/2 from
LOADING to FULL, Loading Done
*Jun 18 15:36:16.747: %OSPF-5-ADJCHG: Process 1, Nbr 172.16.3.1 on Serial1/2 from
LOADING to FULL, Loading Don

8、Check the OSPF neighbor table on R1.

172.16.3.1 1 FULL/DROTHER 00:01:31 192.168.1.2 Serial1/2
172.16.4.1 1 FULL/DR 00:01:57 192.168.1.3 Serial1/2

9、Beside manually allocate, we could also change the OSPF network type to build the
neighbor relationship. Let's first remove the manually allocate configuration, then
change the OSPF network type to broadcast.


R1(config-router)#no neighbor 192.168.1.2



R1(config-if)#ip ospf network broadcast
R1(config-if)#exit

R2(config-if)#exit

R3(config-if)#exit

10、Check serial 1/2 OSPF information on R1.
R1#show ip ospf interface serial 1/2
Serial1/2 is up, line protocol is up
Internet Address 192.168.1.1/24, Area 0
Process ID 1, Router ID 172.16.1.1, Network Type BROADCAST, Cost: 64
Transmit Delay is 1 sec, State DR, Priority 1
…………
Network type is BROADCAST now.

11、Check OSPF neighbor table on R1 R2 R3.

172.16.4.1 1 FULL/DR 00:00:33 192.168.1.3 Serial1/2
R1#


172.16.1.1 1 FULL/BDR 00:00:30 192.168.1.1 Serial1/2
R2#



172.16.1.1 1 FULL/BDR 00:00:39 192.168.1.1 Serial1/2
R3#

12、Look at the above OSPF neighbor table we can see:
R1 considers 172.16.4.1(R3) as DR, 172.16.3.1(R2) as DROTHER, itself as BDR.
R2 considers 172.16.1.1(R1) as BDR, itself as DR.
R3 considers 172.16.1.1(R1) as BDR, itself as DR.

As the frame-relay network is not full mesh, it has only two PVC one is between R1 and
R2, the other is between R1 and R3, to make sure everyone will receive LSU (LAS
update), R1 should be the DR.

13、Change interface OSPF priority to 0 on R2 and R3, so neither R2 nor R3 will
participate in DR/BDR selection.
R2(config-if)#ip ospf priority 0
R2(config-if)#exit
R2(config)#

R3(config-if)#ip ospf priority 0
R3(config-if)#exit

14、Check OSPF neighbor table on R1 R2 R3, we can see R1 is always the DR.

R1#



172.16.1.1 1 FULL/DR 00:00:31 192.168.1.1 Serial1/2
R2#


172.16.1.1 1 FULL/DR 00:00:38 192.168.1.1 Serial1/2

15、We could also change the OSPF network type to P2P, then there will be no DR/BDR
selection.

OSPF network type diagram.


Configuring OSPF Authentication Lab
Topology


Lab Purpose:
1、Master OSPF interface and area authentication configuration.

Lab Steps:
1、Master OSPF in NBMA network configuration.
2、Finish OSPF basic configuration.
3、 Check the routing table of R1 and R2
R1#show ip route


O IA 172.16.1.0 [110/193] via 192.168.1.2, 00:01:02, Serial1/1
O IA 172.16.2.0 [110/193] via 192.168.1.2, 00:01:02, Serial1/1
O IA 192.168.1.8 [110/192] via 192.168.1.2, 00:01:12, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:05:47, Serial1/1
R2#show ip route


O IA 172.16.1.0 [110/129] via 192.168.1.6, 00:09:16, Serial1/1
O IA 172.16.2.0 [110/129] via 192.168.1.6, 00:09:16, Serial1/1
O 10.1.2.0 [110/65] via 192.168.1.1, 00:14:00, Serial1/0
O 10.1.1.0 [110/65] via 192.168.1.1, 00:14:00, Serial1/0
O IA 192.168.1.8 [110/128] via 192.168.1.6, 00:09:26, Serial1/1



4、Enable OSPF interface simple password authentication on R1.
R1(config-if)#ip ospf authentication
R1(config-if)#ip ospf authentication-key www.ccieuniversity.com
R1(config-if)#exit

5、Enable OSPF debug on R1.
R1#Debug ip ospf adj
00:30:33: OSPF: 192.168.1.5 address 192.168.1.2 on Serial1/1 is dead
00:30:33: OSPF: 192.168.1.5 address 192.168.1.2 on Serial1/1 is dead, state DOWN
00:30:33: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.1.5 on Serial1/1 from FULL to
DOWN, Neighbor Down: Dead timer expired
00:30:35: OSPF: Rcv pkt from 192.168.1.2, Serial1/1 : Mismatch Authentication type.
Input packet specified type 0, we use type 1
00:54:45: OSPF: Rcv pkt from 192.168.1.2, Serial1/1 : Mismatch Authentication Key -
Clear Text

6、Enable OSPF interface simple password authentication on R2.
R2(config)#interface s1/1
R2(config-if)#ip ospf authentication
R2(config-if)#exit
R2(config)#exit

7、Check the debug output again on R1.
00:54:55: OSPF: 2 Way Communication to 192.168.1.5 on Serial1/1, state 2WAY
00:54:55: OSPF: Send DBD to 192.168.1.5 on Serial1/1 seq 0x2154 opt 0x42 flag 0x7 len
32
00:54:55: OSPF: Rcv DBD from 192.168.1.5 on Serial1/1 seq 0x182 opt 0x42 flag 0x7 len
32 mtu 1500 state EXSTART
00:54:55: OSPF: NBR Negotiation Done. We are the SLAVE
152
152 mtu 1500 state EXCHANGE
32
00:54:55: OSPF: Database request to 192.168.1.5
00:54:55: OSPF: sent LS REQ packet to 192.168.1.2, length 60
32 mtu 1500 state EXCHANGE


00:54:55: OSPF: Exchange Done with 192.168.1.5 on Serial1/1
00:54:55: OSPF: Send DBD to 192.168.1.5 on Serial1/1 seq 0x184 opt 0x42 flag
R1#0x0 len 32
00:54:55: OSPF: Synchronized with 192.168.1.5 on Serial1/1, state FULL
00:54:55: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.1.5 on Serial1/1 from LOADING to
FULL, Loading Done
00:54:56: OSPF: Build router LSA for area 1, router ID 10.1.2.1, seq 0x8000000C
R1#show ip route


O IA 172.16.1.0 [110/193] via 192.168.1.2, 00:01:53, Serial1/1
O IA 172.16.2.0 [110/193] via 192.168.1.2, 00:01:53, Serial1/1
O IA 192.168.1.8 [110/192] via 192.168.1.2, 00:01:53, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:01:53, Serial1/1

8、Remove OSPF interface simple password authentication and enable interface MD5
authentication on R1 and R2.
R1(config-if)#no ip ospf authentication
R1(config-if)#no ip ospf authentication-key www.ccieuniversity.com
R1(config-if)#exit
R1(config)#exit

R2(config-if)#no ip ospf authentication
R2(config-if)#exit
R2(config)#exit

R1(config-if)#ip ospf authentication message-digest
R1(config-if)#ip ospf message-digest-key 1 md5 www.ccieuniversity.com
R1(config-if)#exit
R1(config)#



R2(config-if)#ip ospf authentication message-digest
R2(config-if)#exit
R2(config)#

R1#show ip route


O IA 172.16.1.0 [110/193] via 192.168.1.2, 00:00:05, Serial1/1
O IA 172.16.2.0 [110/193] via 192.168.1.2, 00:00:05, Serial1/1
O IA 192.168.1.8 [110/192] via 192.168.1.2, 00:00:05, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:00:05, Serial1/1

10、Remove OSPF interface MD5 authentication and enable OSPF area simple
password authentication on R1 and R2.
R1(config-if)#no ip ospf authentication message-digest
R1(config-if)#no ip ospf message-digest-key 1 md5 www.ccieuniversity.com
R1(config-if)#exit
R1(config)#

R2(config-if)#no ip ospf authentication message-digest
R2(config-if)#no ip ospf message-digest-key 1 md5 www.ccieuniversity.com
R2(config-if)#exit

R1(config-router)#area 1 authentication
R1(config-if)#exit
R1(config)#exit



R2(config-router)#area 1 authentication
R2(config-if)#exit

R1#show ip route


O IA 172.16.1.0 [110/193] via 192.168.1.2, 00:01:19, Serial1/1
O IA 172.16.2.0 [110/193] via 192.168.1.2, 00:01:19, Serial1/1
O IA 192.168.1.8 [110/192] via 192.168.1.2, 00:01:19, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:01:19, Serial1/1

12、Remove OSPF area simple password authentication and enable OSPF area MD5
authentication on R1 and R2.
R1(config-router)#no area 1 authentication
R1(config-if)#exit
R1(config)#exit

R2(config-router)#no area 1 authentication
R2(config-if)#exit

R1(config-router)#area 1 authentication message-digest


R1(config-if)#exit
R1(config)#

R2(config-router)#area 1 authentication message-digest
R2(config-if)#exit
R2(config)#

R1#show ip route


O IA 172.16.1.0 [110/193] via 192.168.1.2, 00:01:19, Serial1/1
O IA 172.16.2.0 [110/193] via 192.168.1.2, 00:01:19, Serial1/1
O IA 192.168.1.8 [110/192] via 192.168.1.2, 00:01:19, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:01:19, Serial1/1


Configuring OSPF External Summary Lab
Topology


Lab Purpose:
1、Master OSPF external route summary configuration.

Lab Steps:
1、Finish basic IP configuration, and routing configuration.
2、Make R3 as the ASBR.
R3(config)#exit

R3(config)#router rip

3、check the routing table on R1 and R2.
R1#show ip route


O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:03:50, Serial1/1

4、Enable redistribution on R3.
R3(config-router)#redistribute rip metric 200 subnets


R3(config-router)#redistribute ospf 1 metric 10
R3(config)#

5、Check the routing table on R1 again.
R1#show ip route


O E1 172.16.1.0 [110/328] via 192.168.1.2, 00:04:22, Serial1/1
O E1 172.16.2.0 [110/328] via 192.168.1.2, 00:04:22, Serial1/1
O E1 172.16.3.0 [110/328] via 192.168.1.2, 00:04:22, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:16:54, Serial1/1

6、Check OSPF link state database on R1.


10.1.2.1 10.1.2.1 1413 0x80000009 0x0003FD 4
192.168.1.5 192.168.1.5 1413 0x80000006 0x0025B8 2

192.168.1.4 192.168.1.5 1437 0x80000001 0x00E33E

Summary ASB Link States (Area 1)
192.168.1.6 192.168.1.5 1061 0x80000001 0x00D348

Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag
172.16.1.0 192.168.1.6 3603 0x80000003 0x00CF35 0
172.16.2.0 192.168.1.6 3603 0x80000003 0x00C43F 0


172.16.3.0 192.168.1.6 3603 0x80000003 0x00B949 0

7、In order to decrease the routing table on R1, we could enable OSPF external
summary on R3.
R3(config-router)#summary-address 172.16.0.0 255.255.0.0
R3(config)#exit

8、Check the routing table on R1 again.
R1#show ip route


O E1 172.16.0.0/16 [110/328] via 192.168.1.2, 00:01:29, Serial1/1
O IA 192.168.1.4 [110/128] via 192.168.1.2, 00:24:56, Serial1/1


Configuring OSPF Default Route With Metric Lab
Topology


Lab Purpose:
1、Learn how to use metrics to control OSPF default route selection.

Lab Steps:
1、Finish basic IP configuration, and routing configuration.
2、Finish frame-relay configuration on R1 and R4.
R1(config)#exit

R4(config)#exit

3、Check routing table on R2, and try to ping the below RIP network.
R2#show ip route


R2#
R2#ping 10.1.1.1


.....

4、To make sure the whole network is reachable, enable redistribution on R1 and R3.
R1(config)#
R1(config-router)# default-information originate always
R1(config)#exit

R3(config)#
R3(config-router)# default-information originate always
R3(config)#exit

5、Check the routing table on R2 again and try to ping the below RIP network.
R2#show ip route


O E2 10.0.0.0/8 [110/20] via 192.168.1.1, 00:01:19, Serial1/0
O*E2 0.0.0.0/0 [110/1] via 192.168.1.6, 00:01:19, Serial1/1
[110/1] via 192.168.1.1, 00:01:19, Serial1/0
R2#
R2#ping 172.16.1.1

!!!!!


6、If we would like to make R3 as the major next-hop, R1 as the backup next-hop, then
we could change the OSPF default route metric.
R1(config-router)#default-information originate always metric 100

R3(config-router)#default-information originate always metric 50

7、Check the routing table of R2, we can see R3 is the next-hop now.
R2#show ip route
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route


O E2 10.0.0.0/8 [110/20] via 192.168.1.1, 00:08:05, Serial1/0
O*E2 0.0.0.0/0 [110/50] via 192.168.1.6, 00:00:32, Serial1/1


Configuring OSPF Stub Area Lab
Topology


Lab Purpose:
1、Master OSPF stub area configuration.

Lab Steps:
1、Finish basic IP configuration.
2、Finish basic OSPF and RIP configuration.
3、Enable redistribution between OSPF and RIP on R3.
R3(config-router)#redistribute rip subnets metric 200
R3(config)#
R3(config)#exit

4、Check routing table on R1.
R1#show ip route


O IA 172.16.255.4/30 [110/128] via 172.16.255.2, 00:07:32, Serial1/1
O IA 172.16.255.8/30 [110/192] via 172.16.255.2, 00:06:57, Serial1/1


O IA 172.16.2.0/24 [110/193] via 172.16.255.2, 00:06:05, Serial1/1
O E2 10.0.0.0/8 [110/200] via 172.16.255.2, 00:02:01, Serial1/1
O E2 192.168.1.0/24 [110/200] via 172.16.255.2, 00:02:01, Serial1/1
R1#
R1#ping 10.1.1.1
!!!!!
R1#

5、Check OSPF link state database on R1.


172.16.1.1 172.16.1.1 682 0x80000003 0x003BE1 3
172.16.255.5 172.16.255.5 677 0x80000003 0x0035B1 2

172.16.2.0 172.16.255.5 581 0x80000001 0x004CEE
172.16.255.4 172.16.255.5 668 0x80000001 0x009BE1
172.16.255.8 172.16.255.5 633 0x80000001 0x00F543

192.168.1.1 172.16.255.5 342 0x80000001 0x008648

10.0.0.0 192.168.1.1 348 0x80000001 0x005B1B 0
192.168.1.0 192.168.1.1 348 0x80000001 0x0021F4 0

6、According to the above output we can see external routes are in the routing table of
R1, if we would like to use a default route instead of the specific external routes, we
could set stub area.
R1(config-router)#area 1 stub
R1(config)#exit


R2(config)#

7、Check OSPF link state database again.


172.16.1.1 172.16.1.1 155 0x80000005 0x0055C7 3
172.16.255.5 172.16.255.5 155 0x80000005 0x004F97 2

0.0.0.0 172.16.255.5 168 0x80000001 0x00017B
172.16.2.0 172.16.255.5 168 0x80000002 0x0068D3
172.16.255.4 172.16.255.5 168 0x80000002 0x00B7C6
172.16.255.8 172.16.255.5 168 0x80000002 0x001228

Type 4 and type 5 LSA is not in the database of R1.

8、Check the routing table of R1 we can see there is a default route instead the
previous external routes.
R1#show ip route
O IA 172.16.255.4/30 [110/128] via 172.16.255.2, 00:04:19, Serial1/1
O IA 172.16.255.8/30 [110/192] via 172.16.255.2, 00:04:19, Serial1/1
O IA 172.16.2.0/24 [110/193] via 172.16.255.2, 00:04:19, Serial1/1
O*IA 0.0.0.0/0 [110/65] via 172.16.255.2, 00:04:19, Serial1/1

9、Ping to test the connectivity.
R1#ping 10.1.1.1




!!!!!


Configuring OSPF Totally Stub Area Lab
Topology

Lab Purpose:
1、Master OSPF totally stub area configuration.

Lab Steps:
3、Enable redistribution between OSPF and RIP on R3.
R3(config-router)#redistribute rip subnets metric 200
R3(config)#
R3(config)#exit


4、First Set area 1 as ospf stub area.
5、Check OSPF routing table and OSPF links state database.


172.16.1.1 172.16.1.1 155 0x80000005 0x0055C7 3
172.16.255.5 172.16.255.5 155 0x80000005 0x004F97 2

0.0.0.0 172.16.255.5 168 0x80000001 0x00017B
172.16.2.0 172.16.255.5 168 0x80000002 0x0068D3
172.16.255.4 172.16.255.5 168 0x80000002 0x00B7C6
172.16.255.8 172.16.255.5 168 0x80000002 0x001228
Type 4 and 5 LSA have gone.

R1#show ip route


O IA 172.16.255.4/30 [110/128] via 172.16.255.2, 00:04:19, Serial1/1
O IA 172.16.255.8/30 [110/192] via 172.16.255.2, 00:04:19, Serial1/1
O IA 172.16.2.0/24 [110/193] via 172.16.255.2, 00:04:19, Serial1/1
O*IA 0.0.0.0/0 [110/65] via 172.16.255.2, 00:04:19, Serial1/1

6、We can see there is a default route instead of external routes, we can still decrease
the size of routing table.
R2(config-router)#area 1 stub no-summary
R2(config)#exit

R1(config)#exit


R1#show ip route
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route


O*IA 0.0.0.0/0 [110/65] via 172.16.255.2, 00:34:32, Serial1/1
We can see the default route instead of all the external and inter-area routes.

8、Check the OSPF link state database of R1, we can see there are only type 1 LSA and
type 3 for default route link LSA.


172.16.1.1 172.16.1.1 387 0x80000006 0x0053C8 3
172.16.255.5 172.16.255.5 412 0x80000006 0x004D98 2

0.0.0.0 172.16.255.5 295 0x80000003 0x00FC7D

9、Ping to test.
R1#ping 10.1.1.1

.!!!!



Configuring OSPF NSSA Area and NSSA Totally Stub Lab
Topology

Lab Purpose:
1、Master NSSA area and NSSA totally stub area configuration.

Lab Steps:
3、Enable redistribution on R2 and R5.
R2(config)#
R2(config)#exit

R5(config)#
R5(config)#exit

4、Check OSPF routing table and link state database on R3.




172.16.255.1 172.16.255.1 534 0x80000005 0x008564 2
172.16.255.5 172.16.255.5 679 0x80000004 0x007390 4
172.16.255.9 172.16.255.9 672 0x80000003 0x00A42F 2

172.16.255.8 172.16.255.9 662 0x80000001 0x005B1A

192.168.1.1 172.16.255.9 98 0x80000001 0x006E5C

131.131.1.0 172.16.255.1 513 0x80000001 0x007BAA 0
131.131.2.0 172.16.255.1 513 0x80000001 0x0070B4 0
192.168.1.0 192.168.1.1 94 0x80000002 0x001FF5 0
192.168.2.0 192.168.1.1 94 0x80000002 0x0014FF 0
R3#

R3#show ip route


O IA 172.16.255.8 [110/128] via 172.16.255.6, 00:07:46, Serial1/1
O E2 131.131.1.0 [110/200] via 172.16.255.1, 00:00:30, Serial1/0
O E2 131.131.2.0 [110/200] via 172.16.255.1, 00:00:30, Serial1/0
O E2 192.168.1.0/24 [110/200] via 172.16.255.6, 00:00:30, Serial1/1
O E2 192.168.2.0/24 [110/200] via 172.16.255.6, 00:00:30, Serial1/1

4、As area1 connects to an external network, so we could not set area1 to a pure stub
area.


5、Set area1 to NSSA stub area on R4.
R4(config-router)#area 1 nssa default-information-originate
R4(config)#

R3(config-router)#area 1 nssa
R3(config)#exit

R2(config-router)#area 1 nssa
R2(config)#exit

8、Check OSPF routing table and link state database on R3 again.
R3#show ip route

O IA 172.16.255.8 [110/128] via 172.16.255.6, 00:01:10, Serial1/1
O N2 131.131.1.0 [110/200] via 172.16.255.1, 00:01:10, Serial1/0
O N2 131.131.2.0 [110/200] via 172.16.255.1, 00:01:10, Serial1/0

O*N2 0.0.0.0/0 [110/1] via 172.16.255.6, 00:01:10, Serial1/1




172.16.255.1 172.16.255.1 314 0x80000007 0x0027BA 2
172.16.255.5 172.16.255.5 314 0x80000008 0x0011E8 4
172.16.255.9 172.16.255.9 450 0x80000005 0x004C7D 2



172.16.255.8 172.16.255.9 850 0x80000002 0x00FE6F

Type-7 AS External Link States (Area 1)

0.0.0.0 172.16.255.9 850 0x80000001 0x00C464 0
131.131.1.0 172.16.255.1 318 0x80000001 0x00213D 0
131.131.2.0 172.16.255.1 318 0x80000001 0x001647 0

9、Check routing table on R1 and R2.
R2#show ip route


O 172.16.255.4 [110/128] via 172.16.255.2, 00:07:26, Serial1/1
O IA 172.16.255.8 [110/192] via 172.16.255.2, 00:07:26, Serial1/1
R 131.131.1.0 [120/1] via 131.131.2.2, 00:00:06, Serial1/0
O*N2 0.0.0.0/0 [110/1] via 172.16.255.2, 00:07:26, Serial1/1

R1#show ip route
R 172.16.0.0/16 [120/10] via 131.131.2.1, 00:00:28, Serial1/1
R* 0.0.0.0/0 [120/10] via 131.131.2.1, 00:00:28, Serial1/1

10、Ping test on R1.
R1#ping 192.168.2.1
!!!!!

11、To deeply decrease the routing table in area1, we need to set area1 to Totally NSSA
area.


12、Only one command need to add on ABR router (R4) to change NSSA to totally NSSA.
R4(config-router)#area 1 nssa no-summary

13、Check OSPF routing table and link state database on R3 again.
R3#show ip route


O N2 131.131.1.0 [110/200] via 172.16.255.1, 00:20:24, Serial1/0
O N2 131.131.2.0 [110/200] via 172.16.255.1, 00:20:24, Serial1/0
O*IA 0.0.0.0/0 [110/65] via 172.16.255.6, 00:02:10, Serial1/1


172.16.255.1 172.16.255.1 1504 0x80000007 0x0027BA 2
172.16.255.5 172.16.255.5 1504 0x80000008 0x0011E8 4
172.16.255.9 172.16.255.9 1640 0x80000005 0x004C7D 2

0.0.0.0 172.16.255.9 396 0x80000001 0x0070FF

Type-7 AS External Link States (Area 1)
0.0.0.0 172.16.255.9 66 0x80000002 0x00C265 0
131.131.1.0 172.16.255.1 1508 0x80000001 0x00213D 0
131.131.2.0 172.16.255.1 1508 0x80000001 0x001647 0

14、Check routing table on R1 and R2 and do the ping test.
R2#show ip route



O 172.16.255.4 [110/128] via 172.16.255.2, 00:23:09, Serial1/1
R 131.131.1.0 [120/1] via 131.131.2.2, 00:00:17, Serial1/0
O*IA 0.0.0.0/0 [110/129] via 172.16.255.2, 00:04:46, Serial1/1
R2#

R1#show ip route


R 172.16.0.0/16 [120/10] via 131.131.2.1, 00:00:13, Serial1/1
R* 0.0.0.0/0 [120/10] via 131.131.2.1, 00:00:13, Serial1/1

R1#ping 192.168.2.1

!!!!!

15、Finally we can see the type 7 LSA has been changed to type 5 LAS.


172.16.255.9 172.16.255.9 338 0x80000004 0x005DC2 2
192.168.1.1 192.168.1.1 767 0x80000004 0x002753 2

172.16.255.0 172.16.255.9 81 0x80000002 0x002C10
172.16.255.4 172.16.255.9 1337 0x80000002 0x0081F6



131.131.1.0 172.16.255.9 1761 0x80000001 0x0085DA 0
131.131.2.0 172.16.255.9 1761 0x80000001 0x007AE4 0
192.168.1.0 192.168.1.1 767 0x80000003 0x001DF6 0
192.168.2.0 192.168.1.1 767 0x80000003 0x001201 0

Configuring OSPF Virtual-Link between normal area and backbone
area Lab
Topology

Lab Purpose:
1、Master OSPF Virtual-Link between normal area and backbone area configuration.

Lab Steps:
2、Finish basic OSPF configuration on R1 R2 R3 R4.
R1(config)#exit



R2(config)#exit

R3(config)#exit

R4(config)#exit

3、Check the neighbor table on R1 and R2.
172.16.255.5 1 FULL/ - 00:00:38 172.16.255.2 Serial1/1


172.16.255.9 1 FULL/ - 00:00:37 172.16.255.6 Serial1/1
172.16.1.1 1 FULL/ - 00:00:30 172.16.255.1 Serial1/0

R1#show ip route



Above information tells us R1 could not learn route from area 0, area1, area2, as area3
is not directly connected with area0.

5、To solve this issue, we could establish a virtual-link between R2 and R3.
R2(config-router)#area 2 virtual-link 172.16.255.9 (RID of R3)
R2(config)#exit


R3(config-router)#area 2 virtual-link 172.16.255.5 (RID of R2)
R3(config)#exit

8、Check OSPF neighbor table on R2.

172.16.255.9 0 FULL/ - - 172.16.255.6 OSPF_VL0
172.16.255.9 1 FULL/ - 00:00:30 172.16.255.6 Serial1/1
172.16.1.1 1 FULL/ - 00:00:33 172.16.255.1 Serial1/0

9、Check routing table on R1.
R1#show ip route


O IA 172.16.255.4/30 [110/128] via 172.16.255.2, 00:08:40, Serial1/1
O IA 172.16.255.8/30 [110/192] via 172.16.255.2, 00:06:20, Serial1/1
O IA 172.16.16.1/32 [110/193] via 172.16.255.2, 00:06:20, Serial1/1

10、Ping test on R1.
R1#ping 172.16.16.1

!!!!!



Configuring OSPF Virtual-Link between 2 backbone areas Lab
Topology

Lab Purpose:
1、Master OSPF Virtual-Link between 2 backbone areas configuration.

Lab Steps:
2、Finish basic OSPF configuration on R1 R2 R3 R4.
R1(config)#exit

R2(config)#exit

R3(config)#exit


CCNP Lab Guide CCIE University

CCNP Lab Guide CCIE University

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to CCNP Lab Guide CCIE University

Similar to CCNP Lab Guide CCIE University (20)

Recently uploaded

Recently uploaded (20)

CCNP Lab Guide CCIE University