Ccie R&S lab_k3
Upcoming SlideShare
Loading in...5
×
 

Ccie R&S lab_k3

on

  • 485 views

 

Statistics

Views

Total Views
485
Views on SlideShare
485
Embed Views
0

Actions

Likes
1
Downloads
40
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Ccie R&S lab_k3 Ccie R&S lab_k3 Document Transcript

  • CCIE LAB Routing & Switching (V4.0) CCIE LAB Routing & Switching (V4.0) Ver:K3 Update 2010-02-12 © www.passccielab.com All Rights Reserved. 1www.passccielab.com All rights reserved Created by lofrent -1-
  • CCIE LAB Routing & Switching (V4.0) 2www.passccielab.com All rights reserved Created by lofrent -2-
  • CCIE LAB Routing & Switching (V4.0) 3www.passccielab.com All rights reserved Created by lofrent -3-
  • CCIE LAB Routing & Switching (V4.0) 4www.passccielab.com All rights reserved Created by lofrent -4-
  • CCIE LAB Routing & Switching (V4.0) 5www.passccielab.com All rights reserved Created by lofrent -5-
  • CCIE LAB Routing & Switching (V4.0) 6www.passccielab.com All rights reserved Created by lofrent -6-
  • CCIE LAB Routing & Switching (V4.0) 7www.passccielab.com All rights reserved Created by lofrent -7-
  • CCIE LAB Routing & Switching (V4.0)Note1 : k3 is k1 update versions and k1 and k3diagram/Pre-configuration and most of questions/ solutionssame with k1 , except few changed questions.Note2.all solutions has been verified,you can pass ccie rsexam the fristLoop back IP Address & VLANS• The equipment on the rack assigned to you is physically Cabled and should not be temperedwith.• Router and Switch hostnames, basic ip addressing, no exec-timeout and passwords on theCon, AUX and VTYs have been preconfigured. Do not change these configurations.• All preconfigured passwords are Cisco. Do not change these passwords.• If you need clarification on the meaning of a question, or, if you suspect hardware problems withyou equipment, contact the lab proctor as soon as possible.• The following symbols are used throughout the exam: YY is your 2-digit rack number, forexample YY value for• Rack3 is 03 and for Rackl 1 is 11. X is your router number, for example X Value for router 1 is 1. Zis any number SW1 and SW2 refer to the CatalystHostname Loopback0 IP AddressYYR1 YY.YY.1.1/32YYR2 YY.YY.2.2/32YYR3 YY.YY.3.3/32YYR4 YY.YY.4.4/32YYR5 YY.YY.11.11/32YYSW1 YY.YY.7.7/24YYSW2 YY.YY.8.8/24YYSW3 YY.YY.9.9/24YYSW4 YY.YY.10.10/24VLAN VLAN NameVLAN 4 VLAN_BB2VLAN 5 VLAN_BB3VLAN 13 VLAN_A 8 www.passccielab.com All rights reserved Created by lofrent -8-
  • CCIE LAB Routing & Switching (V4.0)VLAN 15 VLAN_B VLAN 24 VLAN_CVLAN 26 VLAN_HVLAN 46 VLAN_FVLAN 47 VLAN_GFrame Relay (R1-R2) R1: YY.YY.13.237, R2: YY.YY.13.236BB1 150.1.YY.254/24BB2 150.2.YY.254/24BB3 150.3.YY.254/24Pre-configured for CCIE LABR1interface loopback 0ip address YY.YY.1.1 255.255.255.255!interface fa0/1ip address YY.YY.13.156255.255.255.224no shutdown!interface fa0/0no ip addressshutdown!interface serial 0/0/0no ip addressshutdown!interface serial 0/0/1no ip addressencapsulation pppshutdownR2interface loopback 0ip address YY.YY.2.2 255.255.255.255! 9 www.passccielab.com All rights reserved Created by lofrent -9-
  • CCIE LAB Routing & Switching (V4.0)interface fa0/1no ip addressshutdown!interface fa0/0no ip addressshutdown!interface serial 0/0/0no ip addressshutdown!interface serial 0/0/0no ip addressshutdownR3interface loopback 0ip address YY.YY.3.3 255.255.255.255!interface fa0/1ip address YY.YY.13.188255.255.255.224no shutdown!interface serial 0/0/0ip address YY.YY.13.240 255.255.255.252encapusulation pppno shutdown!R4interface loopback 0ip address YY.YY.4.4 255.255.255.255!interface fa0/0ip address YY.YY.13.60 255.255.255.224no shutdown!interface fa0/1ip address YY.YY.13.28 255.255.255.224no shutdown! 10 www.passccielab.com All rights reserved Created by lofrent - 10 -
  • CCIE LAB Routing & Switching (V4.0)R5interface loopback 0ip address YY.YY.11.11 255.255.255.255!interface fa0/1ip address YY.YY.13.92 255.255.255.224no shutdown!interface serial 0/0/0ip address YY.YY.13.245 255.255.255.252encapsulation pppno shutdown!interface serial 0/0/1ip address YY.YY.13.241 255.255.255.252encapsulation pppno shutdownSW1vtp domain CCIEvtp mode servervtp password cisco!vlan 4name VLAN_BB2!vlan 5name VLAN_BB3!vlan 13name VLAN_A!vlan 15name VLAN_B!vlan 17name VLAN_BB1!vlan 24name VLAN_C!vlan 26name VLAN_H 11 www.passccielab.com All rights reserved Created by lofrent - 11 -
  • CCIE LAB Routing & Switching (V4.0)!vlan 46name VLAN_F!vlan 47name VLAN_G!interface loopback 0 ip address YY.YY.7.7255.255.255.255!interface fa0/3switchport access vlan 5switchport mode access!interface fa0/4switchport access vlan 46switchport mode access!interface fa0/10switchport access vlan17!interface fa0/19 -24switchport trunkencapsulation dot1qswitchport mode trunkSW2vtp mode clientvtp password cisco!interface loopback 0ip address YY.YY.8.8 255.255.255.255!interface fa0/1switchport access vlan 13switchport mode access!interface fa0/3switchport access vlan 15switchport mode access 12 www.passccielab.com All rights reserved Created by lofrent - 12 -
  • CCIE LAB Routing & Switching (V4.0)!interface fa0/4switchport access vlan 26switchport mode access!interface fa0/5switchport access vlan 47switchport mode access!interface fa0/10 switchport access vlan 4switchport mode access!interface fa0/19 -24switchport trunk encapsulation dot1q switchport mode trunkSW2vtp mode clientvtp password cisco!interface loopback 0ip address YY.YY.8.8 255.255.255.255!interface fa0/1switchport access vlan 13switchport mode access!interface fa0/3switchport access vlan 15switchport mode access!interface fa0/4switchport access vlan 26switchport mode access!interface fa0/5switchport access vlan 47switchport mode access!interface fa0/10 13 www.passccielab.com All rights reserved Created by lofrent - 13 -
  • CCIE LAB Routing & Switching (V4.0)switchport access vlan 4switchport mode access!interface fa0/19 -24switchport trunk encapsulation dot1qswitchport mode trunkSW3:vtp mode clientvtp password cisco!interface loopback 0vtp mode clientvtp password cisco!interface loopback 0ip address YY.YY.9.9 255.255.255.255!interface fa0/10switchport access vlan 5switchport mode access!interface fa0/19 -24switchport trunk encapsulation dot1qswitchport mode trunkSW4:vtp mode clientvtp password cisco!interface loopback 0ip address YY.YY.10.10 255.255.255.255!interface fa0/19 -24switchport trunk encapsulation dot1qswitchport mode trunkBB1-BB2 BB1-BB2#s run Building configuration... Current configuration : 7507 bytes ! 14 www.passccielab.com All rights reserved Created by lofrent - 14 -
  • CCIE LAB Routing & Switching (V4.0)version 12.2service timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname BB1-BB2!!ip subnet-zerono ip domain-lookup!interface Loopback10ip address 197.68.4.1 255.255.255.0 secondaryip address 197.68.5.1 255.255.255.0 secondaryip address 197.68.21.1 255.255.255.0 secondaryip address 197.68.22.1 255.255.255.0 secondaryip address 197.68.1.1 255.255.255.0!interface Ethernet0ip address 150.1.2.254 255.255.255.0 secondaryip address 150.1.3.254 255.255.255.0 secondaryip address 150.1.4.254 255.255.255.0 secondaryip address 150.1.13.254 255.255.255.0 secondaryip address 150.1.1.254 255.255.255.0 secondaryip address 150.1.11.254 255.255.255.0 secondaryip address 150.1.10.254 255.255.255.0 secondaryip address 150.1.9.254 255.255.255.0 secondaryip address 150.1.7.254 255.255.255.0 secondaryip address 150.1.8.254 255.255.255.0 secondaryip address 150.1.29.254 255.255.255.0 secondaryip address 150.1.30.254 255.255.255.0 secondaryip address 150.1.31.254 255.255.255.0 secondaryip address 150.1.12.254 255.255.255.0!interface Ethernet1ip address 150.2.2.254 255.255.255.0 secondaryip address 150.2.3.254 255.255.255.0 secondaryip address 150.2.4.254 255.255.255.0 secondaryip address 150.2.12.254 255.255.255.0 secondaryip address 150.2.13.254 255.255.255.0 secondaryip address 150.2.9.254 255.255.255.0 secondaryip address 150.2.10.254 255.255.255.0 secondaryip address 150.2.11.254 255.255.255.0 secondaryip address 150.2.7.254 255.255.255.0 secondary 15 www.passccielab.com All rights reserved Created by lofrent - 15 -
  • CCIE LAB Routing & Switching (V4.0) ip address 150.2.8.254 255.255.255.0 secondary ip address 150.2.29.254 255.255.255.0 secondary ip address 150.2.30.254 255.255.255.0 secondary ip address 150.2.31.254 255.255.255.0 secondary ip address 150.2.1.254 255.255.255.0!interface Serial0no ip addressshutdown!interface Serial1no ip addressshutdown!!router bgp 254 no synchronization bgp log-neighbor-changes network 197.68.1.0 network 197.68.4.0 network 197.68.5.0 network 197.68.21.0 network 197.68.22.0 neighbor 150.1.1.1 remote-as 1 neighbor 150.1.1.1 prefix-list filter-bb out neighbor 150.1.1.1 route-map addas out neighbor 150.1.2.1 remote-as 2 neighbor 150.1.2.1 prefix-list filter-bb out neighbor 150.1.2.1 route-map addas out neighbor 150.1.3.1 remote-as 3 neighbor 150.1.3.1 prefix-list filter-bb out neighbor 150.1.3.1 route-map addas out neighbor 150.1.4.1 remote-as 4 neighbor 150.1.4.1 prefix-list filter-bb out neighbor 150.1.4.1 route-map addas out neighbor 150.1.7.1 remote-as 7 neighbor 150.1.7.1 prefix-list filter-bb out neighbor 150.1.7.1 route-map addas out neighbor 150.1.8.1 remote-as 8 neighbor 150.1.8.1 prefix-list filter-bb out neighbor 150.1.8.1 route-map addas out neighbor 150.1.9.1 remote-as 9 neighbor 150.1.9.1 prefix-list filter-bb out neighbor 150.1.9.1 route-map addas out 16 www.passccielab.com All rights reserved Created by lofrent - 16 -
  • CCIE LAB Routing & Switching (V4.0)neighbor 150.1.10.1 remote-as 10neighbor 150.1.10.1 prefix-list filter-bb outneighbor 150.1.10.1 route-map addas outneighbor 150.1.11.1 remote-as 11neighbor 150.1.11.1 prefix-list filter-bb outneighbor 150.1.11.1 route-map addas outneighbor 150.1.12.1 remote-as 12neighbor 150.1.12.1 prefix-list filter-bb outneighbor 150.1.12.1 route-map addas outneighbor 150.1.13.1 remote-as 13neighbor 150.1.13.1 prefix-list filter-bb outneighbor 150.1.13.1 route-map addas outneighbor 150.1.29.1 remote-as 29neighbor 150.1.29.1 prefix-list filter-bb outneighbor 150.1.29.1 route-map addas outneighbor 150.1.30.1 remote-as 30neighbor 150.1.30.1 prefix-list filter-bb outneighbor 150.1.30.1 route-map addas outneighbor 150.1.31.1 remote-as 31neighbor 150.1.31.1 prefix-list filter-bb outneighbor 150.1.31.1 route-map addas outneighbor 150.2.1.1 remote-as 1neighbor 150.2.1.1 prefix-list filter-bb outneighbor 150.2.2.1 remote-as 2neighbor 150.2.2.1 prefix-list filter-bb outneighbor 150.2.3.1 remote-as 3neighbor 150.2.3.1 prefix-list filter-bb outneighbor 150.2.4.1 remote-as 4neighbor 150.2.4.1 prefix-list filter-bb outneighbor 150.2.7.1 remote-as 7neighbor 150.2.7.1 prefix-list filter-bb outneighbor 150.2.8.1 remote-as 8neighbor 150.2.8.1 prefix-list filter-bb outneighbor 150.2.9.1 remote-as 9neighbor 150.2.9.1 prefix-list filter-bb outneighbor 150.2.10.1 remote-as 10neighbor 150.2.10.1 prefix-list filter-bb outneighbor 150.2.11.1 remote-as 11neighbor 150.2.11.1 prefix-list filter-bb outneighbor 150.2.12.1 remote-as 12neighbor 150.2.12.1 prefix-list filter-bb outneighbor 150.2.13.1 remote-as 13neighbor 150.2.13.1 prefix-list filter-bb outneighbor 150.2.29.1 remote-as 29 17 www.passccielab.com All rights reserved Created by lofrent - 17 -
  • CCIE LAB Routing & Switching (V4.0) neighbor 150.2.29.1 prefix-list filter-bb out neighbor 150.2.30.1 remote-as 30 neighbor 150.2.30.1 prefix-list filter-bb out neighbor 150.2.31.1 remote-as 31 neighbor 150.2.31.1 prefix-list filter-bb out no auto-summary!ip classlessip route 172.16.0.0 255.255.0.0 150.1.12.253ip route 172.17.0.0 255.255.0.0 150.1.12.253no ip http server!!ip prefix-list filter-bb seq 5 permit 197.68.1.0/24ip prefix-list filter-bb seq 10 permit 197.68.4.0/24ip prefix-list filter-bb seq 15 permit 197.68.5.0/24ip prefix-list filter-bb seq 20 permit 197.68.21.0/24ip prefix-list filter-bb seq 25 permit 197.68.22.0/24access-list 10 permit 150.100.1.0 0.0.0.255access-list 10 deny 150.0.0.0 0.255.255.255access-list 10 permit anyroute-map addas permit 10match ip address prefix-list filter-bbset as-path prepend 253!!!line con 0logging synchronousloginline aux 0line vty 0 4login!endBB3BB3#s runBuilding configuration...Current configuration : 2871 bytes!version 12.1 18 www.passccielab.com All rights reserved Created by lofrent - 18 -
  • CCIE LAB Routing & Switching (V4.0)no service single-slot-reload-enableservice timestamps debug uptimeservice timestamps log uptimeno service password-encryptionservice udp-small-serversservice tcp-small-servers!hostname BB3!!!!!!ip subnet-zerono ip domain-lookup!!!!interface Loopback0ip address 4.1.1.1 255.255.255.0 secondaryip address 198.2.3.1 255.255.255.0 secondaryip address 198.2.5.1 255.255.255.0 secondaryip address 128.28.2.1 255.255.255.0 secondaryip address 182.2.2.1 255.255.255.0 secondaryip address 182.2.4.1 255.255.255.0 secondaryip address 198.1.1.5 255.255.255.252 secondaryip address 198.2.1.1 255.255.255.0!interface Loopback10ip address 197.68.4.1 255.255.255.0 secondaryip address 197.68.5.1 255.255.255.0 secondaryip address 197.68.21.1 255.255.255.0 secondaryip address 197.68.22.1 255.255.255.0 secondaryip address 197.68.1.1 255.255.255.0!interface Ethernet0description Connect to BBSW F0/5ip address 150.3.8.254 255.255.255.0 secondaryip address 150.3.12.254 255.255.255.0 secondaryip address 150.3.7.254 255.255.255.0 secondaryip address 150.3.11.254 255.255.255.0 secondaryip address 150.3.9.254 255.255.255.0 secondary 19 www.passccielab.com All rights reserved Created by lofrent - 19 -
  • CCIE LAB Routing & Switching (V4.0)ip address 150.3.10.254 255.255.255.0 secondaryip address 150.3.0.254 255.255.255.0no ip mroute-cache!interface Serial0no ip addressshutdown!interface Serial1no ip addressshutdown!interface BRI0no ip addressshutdown!router eigrp 100network 4.1.1.0 0.0.0.255network 128.28.2.0 0.0.0.255network 150.3.0.0network 182.2.2.0 0.0.0.255network 182.2.4.0 0.0.0.255network 198.1.1.0network 198.2.1.0network 198.2.3.0network 198.2.5.0no default-information inno default-information outno auto-summaryno eigrp log-neighbor-changesno eigrp log-neighbor-warnings!!ip classlessip http server!privilege exec level 0 show ip route!line con 0logging synchronousline aux 0line vty 0 4logging synchronouslogin 20 www.passccielab.com All rights reserved Created by lofrent - 20 -
  • CCIE LAB Routing & Switching (V4.0)!end 21 www.passccielab.com All rights reserved Created by lofrent - 21 -
  • CCIE LAB Routing & Switching (V4.0)VLAN and IP Address-vlan 2 name VLAN_BB2-vlan 3 name VLAN_BB3-vlan 11 name VLAN_A-vlan 13 name VLAN_B-vlan 15 name VLAN_BB1-vlan 22 name VLAN_C-vlan 24 name VLAN_H-vlan 44 name VLAN_F-vlan 45 name VLAN_G-frame-realy: (R1-R2)R1: YY.YY.15.242, R2: YY.YY.15.241-BB1 is 150.1.YY.254/24-BB2 is 150.2.YY.254/24-BB3 is 150.3.YY.254/24Loopback ip addressHost name Loopback 0 interface IP addressRack YY R1 YY.YY.1.1/32Rack YYR2 YY.YY.2.2/32Rack YYR3 YY.YY.3.3/32Rack YYR4 YY.YY.4.4/32Rack YYR5 YY.YY.11.11/32Rack YYSW1 YY.YY.7.7/32Rack YYSW2 YY.YY.8.8/32Rack YYSW3 YY.YY.9.9/32Rack YYSW4 YY.YY.1010/32Unless specified above, all interface else must be 24 bit mask addressing.Please use these script Verify the entire networkYyrack# tclshforeach i {11.11.15.16111.11.15.24211.11.15.24911.11.1.111.11.15.12911.11.15.3411.11.15.24111.11.2.2150.3.12.111.11.15.193 22 www.passccielab.com All rights reserved Created by lofrent - 22 -
  • CCIE LAB Routing & Switching (V4.0)11.11.15.24511.11.3.311.11.15.6511.11.15.3311.11.4.411.11.15.9711.11.15.25011.11.15.24611.11.5.511.11.15.16211.11.15.19411.11.7.711.11.15.13011.11.8.811.11.15.6611.11.15.9811.11.10.10} { puts [exec "ping $i" ]}Loop back IP Address & VLANS• The equipment on the rack assigned to you is physically Cabled and should not be temperedwith.• Router and Switch hostnames, basic ip addressing, no exec-timeout and passwords on theCon, AUX and VTYs have been preconfigured. Do not change these configurations.• All preconfigured passwords are Cisco. Do not change these passwords.• If you need clarification on the meaning of a question, or, if you suspect hardware problems withyou equipment, contact the lab proctor as soon as possible.• The following symbols are used throughout the exam: YY is your 2-digit rack number, forexample YY value for• Rack3 is 03 and for Rackl 1 is 11. X is your router number, for example X Value for router 1 is 1. Zis any number SW1 and SW2 refer to the CatalystHostname Loopback0 IP AddressYYR1 YY.YY.1.1/32YYR2 YY.YY.2.2/32YYR3 YY.YY.3.3/32YYR4 YY.YY.4.4/32YYR5 YY.YY.5.5/32YYSW1 YY.YY.7.7/24YYSW2 YY.YY.8.8/24 23 www.passccielab.com All rights reserved Created by lofrent - 23 -
  • CCIE LAB Routing & Switching (V4.0)YYSW3 YY.YY.9.9/24YYSW4 YY.YY.10.10/24VLAN VLAN NameVLAN 4 VLAN_BB2VLAN 5 VLAN_BB3VLAN 13 VLAN_AVLAN 15 VLAN_B VLAN 24 VLAN_CVLAN 26 VLAN_HVLAN 46 VLAN_FVLAN 47 VLAN_GFrame Relay (R1-R2) R1: YY.YY.13.237, R2: YY.YY.13.236BB1 150.1.YY.254/24BB2 150.2.YY.254/24BB3 150.3.YY.254/24R1interface loopback 0ip address YY.YY.1.1 255.255.255.255!interface fa0/1ip address YY.YY.13.156255.255.255.224no shutdown!interface fa0/0no ip addressshutdown!interface serial 0/0/0no ip addressshutdown!interface serial 0/0/1no ip addressencapsulation pppshutdown 24 www.passccielab.com All rights reserved Created by lofrent - 24 -
  • CCIE LAB Routing & Switching (V4.0)R2interface loopback 0ip address YY.YY.2.2 255.255.255.255!interface fa0/1no ip addressshutdown!interface fa0/0no ip addressshutdown!interface serial 0/0/0no ip addressshutdown!interface serial 0/0/0no ip addressshutdownR3interface loopback 0ip address YY.YY.3.3 255.255.255.255!interface fa0/1ip address YY.YY.13.188255.255.255.224no shutdown!interface serial 0/0/0ip address YY.YY.13.240 255.255.255.252encapusulation pppno shutdown!R4interface loopback 0ip address YY.YY.4.4 255.255.255.255!interface fa0/0ip address YY.YY.13.60 255.255.255.224no shutdown!interface fa0/1 25 www.passccielab.com All rights reserved Created by lofrent - 25 -
  • CCIE LAB Routing & Switching (V4.0)ip address YY.YY.13.28 255.255.255.224no shutdown!R5interface loopback 0ip address YY.YY.5.5 255.255.255.255!interface fa0/1ip address YY.YY.13.92 255.255.255.224no shutdown!interface serial 0/0/0ip address YY.YY.13.245 255.255.255.252encapsulation pppno shutdown!interface serial 0/0/1ip address YY.YY.13.241 255.255.255.252encapsulation pppno shutdownSW1vtp domain CCIEvtp mode servervtp password cisco!vlan 4name VLAN_BB2!vlan 5name VLAN_BB3!vlan 13name VLAN_A!vlan 15name VLAN_B!vlan 17name VLAN_BB1! 26 www.passccielab.com All rights reserved Created by lofrent - 26 -
  • CCIE LAB Routing & Switching (V4.0)vlan 24name VLAN_C!vlan 26name VLAN_H!vlan 46name VLAN_F!vlan 47name VLAN_G!interface loopback 0 ip address YY.YY.7.7255.255.255.255!interface fa0/3switchport access vlan 5switchport mode access!interface fa0/4switchport access vlan 46switchport mode access!interface fa0/10switchport access vlan17!interface fa0/19 -24switchport trunkencapsulation dot1qswitchport mode trunkSW2vtp mode clientvtp password cisco!interface loopback 0ip address YY.YY.8.8 255.255.255.255!interface fa0/1switchport access vlan 13 27 www.passccielab.com All rights reserved Created by lofrent - 27 -
  • CCIE LAB Routing & Switching (V4.0)switchport mode access!interface fa0/3switchport access vlan 15switchport mode access!interface fa0/4switchport access vlan 26switchport mode access!interface fa0/5switchport access vlan 47switchport mode access!interface fa0/10 switchport access vlan 4switchport mode access!interface fa0/19 -24switchport trunk encapsulation dot1q switchport mode trunkSW2vtp mode clientvtp password cisco!interface loopback 0ip address YY.YY.8.8 255.255.255.255!interface fa0/1switchport access vlan 13switchport mode access!interface fa0/3switchport access vlan 15switchport mode access!interface fa0/4switchport access vlan 26switchport mode access!interface fa0/5 28 www.passccielab.com All rights reserved Created by lofrent - 28 -
  • CCIE LAB Routing & Switching (V4.0)switchport access vlan 47switchport mode access!interface fa0/10switchport access vlan 4switchport mode access!interface fa0/19 -24switchport trunk encapsulation dot1qswitchport mode trunkSW3:vtp mode clientvtp password cisco!interface loopback 0vtp mode clientvtp password cisco!interface loopback 0ip address YY.YY.9.9 255.255.255.255!interface fa0/10switchport access vlan 5switchport mode access!interface fa0/19 -24switchport trunk encapsulation dot1qswitchport mode trunkSW4:vtp mode clientvtp password cisco!interface loopback 0ip address YY.YY.10.10 255.255.255.255!interface fa0/19 -24switchport trunk encapsulation dot1qswitchport mode trunk 29 www.passccielab.com All rights reserved Created by lofrent - 29 -
  • CCIE LAB Routing & Switching (V4.0)BB1-BB2BB1-BB2#s runBuilding configuration...Current configuration : 7507 bytes!version 12.2service timestamps debug uptimeservice timestamps log uptimeno service password-encryption!hostname BB1-BB2!!ip subnet-zerono ip domain-lookup!interface Loopback10ip address 197.68.4.1 255.255.255.0 secondaryip address 197.68.5.1 255.255.255.0 secondaryip address 197.68.21.1 255.255.255.0 secondaryip address 197.68.22.1 255.255.255.0 secondaryip address 197.68.1.1 255.255.255.0!interface Ethernet0ip address 150.1.2.254 255.255.255.0 secondaryip address 150.1.3.254 255.255.255.0 secondaryip address 150.1.4.254 255.255.255.0 secondaryip address 150.1.13.254 255.255.255.0 secondaryip address 150.1.1.254 255.255.255.0 secondaryip address 150.1.11.254 255.255.255.0 secondaryip address 150.1.10.254 255.255.255.0 secondaryip address 150.1.9.254 255.255.255.0 secondaryip address 150.1.7.254 255.255.255.0 secondaryip address 150.1.8.254 255.255.255.0 secondaryip address 150.1.29.254 255.255.255.0 secondaryip address 150.1.30.254 255.255.255.0 secondaryip address 150.1.31.254 255.255.255.0 secondaryip address 150.1.12.254 255.255.255.0!interface Ethernet1ip address 150.2.2.254 255.255.255.0 secondaryip address 150.2.3.254 255.255.255.0 secondaryip address 150.2.4.254 255.255.255.0 secondaryip address 150.2.12.254 255.255.255.0 secondary 30 www.passccielab.com All rights reserved Created by lofrent - 30 -
  • CCIE LAB Routing & Switching (V4.0) ip address 150.2.13.254 255.255.255.0 secondary ip address 150.2.9.254 255.255.255.0 secondary ip address 150.2.10.254 255.255.255.0 secondary ip address 150.2.11.254 255.255.255.0 secondary ip address 150.2.7.254 255.255.255.0 secondary ip address 150.2.8.254 255.255.255.0 secondary ip address 150.2.29.254 255.255.255.0 secondary ip address 150.2.30.254 255.255.255.0 secondary ip address 150.2.31.254 255.255.255.0 secondary ip address 150.2.1.254 255.255.255.0!interface Serial0no ip addressshutdown!interface Serial1no ip addressshutdown!!router bgp 254 no synchronization bgp log-neighbor-changes network 197.68.1.0 network 197.68.4.0 network 197.68.5.0 network 197.68.21.0 network 197.68.22.0 neighbor 150.1.1.1 remote-as 1 neighbor 150.1.1.1 prefix-list filter-bb out neighbor 150.1.1.1 route-map addas out neighbor 150.1.2.1 remote-as 2 neighbor 150.1.2.1 prefix-list filter-bb out neighbor 150.1.2.1 route-map addas out neighbor 150.1.3.1 remote-as 3 neighbor 150.1.3.1 prefix-list filter-bb out neighbor 150.1.3.1 route-map addas out neighbor 150.1.4.1 remote-as 4 neighbor 150.1.4.1 prefix-list filter-bb out neighbor 150.1.4.1 route-map addas out neighbor 150.1.7.1 remote-as 7 neighbor 150.1.7.1 prefix-list filter-bb out neighbor 150.1.7.1 route-map addas out neighbor 150.1.8.1 remote-as 8 31 www.passccielab.com All rights reserved Created by lofrent - 31 -
  • CCIE LAB Routing & Switching (V4.0)neighbor 150.1.8.1 prefix-list filter-bb outneighbor 150.1.8.1 route-map addas outneighbor 150.1.9.1 remote-as 9neighbor 150.1.9.1 prefix-list filter-bb outneighbor 150.1.9.1 route-map addas outneighbor 150.1.10.1 remote-as 10neighbor 150.1.10.1 prefix-list filter-bb outneighbor 150.1.10.1 route-map addas outneighbor 150.1.11.1 remote-as 11neighbor 150.1.11.1 prefix-list filter-bb outneighbor 150.1.11.1 route-map addas outneighbor 150.1.12.1 remote-as 12neighbor 150.1.12.1 prefix-list filter-bb outneighbor 150.1.12.1 route-map addas outneighbor 150.1.13.1 remote-as 13neighbor 150.1.13.1 prefix-list filter-bb outneighbor 150.1.13.1 route-map addas outneighbor 150.1.29.1 remote-as 29neighbor 150.1.29.1 prefix-list filter-bb outneighbor 150.1.29.1 route-map addas outneighbor 150.1.30.1 remote-as 30neighbor 150.1.30.1 prefix-list filter-bb outneighbor 150.1.30.1 route-map addas outneighbor 150.1.31.1 remote-as 31neighbor 150.1.31.1 prefix-list filter-bb outneighbor 150.1.31.1 route-map addas outneighbor 150.2.1.1 remote-as 1neighbor 150.2.1.1 prefix-list filter-bb outneighbor 150.2.2.1 remote-as 2neighbor 150.2.2.1 prefix-list filter-bb outneighbor 150.2.3.1 remote-as 3neighbor 150.2.3.1 prefix-list filter-bb outneighbor 150.2.4.1 remote-as 4neighbor 150.2.4.1 prefix-list filter-bb outneighbor 150.2.7.1 remote-as 7neighbor 150.2.7.1 prefix-list filter-bb outneighbor 150.2.8.1 remote-as 8neighbor 150.2.8.1 prefix-list filter-bb outneighbor 150.2.9.1 remote-as 9neighbor 150.2.9.1 prefix-list filter-bb outneighbor 150.2.10.1 remote-as 10neighbor 150.2.10.1 prefix-list filter-bb outneighbor 150.2.11.1 remote-as 11neighbor 150.2.11.1 prefix-list filter-bb out 32 www.passccielab.com All rights reserved Created by lofrent - 32 -
  • CCIE LAB Routing & Switching (V4.0) neighbor 150.2.12.1 remote-as 12 neighbor 150.2.12.1 prefix-list filter-bb out neighbor 150.2.13.1 remote-as 13 neighbor 150.2.13.1 prefix-list filter-bb out neighbor 150.2.29.1 remote-as 29 neighbor 150.2.29.1 prefix-list filter-bb out neighbor 150.2.30.1 remote-as 30 neighbor 150.2.30.1 prefix-list filter-bb out neighbor 150.2.31.1 remote-as 31 neighbor 150.2.31.1 prefix-list filter-bb out no auto-summary!ip classlessip route 172.16.0.0 255.255.0.0 150.1.12.253ip route 172.17.0.0 255.255.0.0 150.1.12.253no ip http server!!ip prefix-list filter-bb seq 5 permit 197.68.1.0/24ip prefix-list filter-bb seq 10 permit 197.68.4.0/24ip prefix-list filter-bb seq 15 permit 197.68.5.0/24ip prefix-list filter-bb seq 20 permit 197.68.21.0/24ip prefix-list filter-bb seq 25 permit 197.68.22.0/24access-list 10 permit 150.100.1.0 0.0.0.255access-list 10 deny 150.0.0.0 0.255.255.255access-list 10 permit anyroute-map addas permit 10match ip address prefix-list filter-bbset as-path prepend 253!!!line con 0logging synchronousloginline aux 0line vty 0 4login!endBB3BB3#s run 33 www.passccielab.com All rights reserved Created by lofrent - 33 -
  • CCIE LAB Routing & Switching (V4.0)Building configuration...Current configuration : 2871 bytes!version 12.1no service single-slot-reload-enableservice timestamps debug uptimeservice timestamps log uptimeno service password-encryptionservice udp-small-serversservice tcp-small-servers!hostname BB3!!!!!!ip subnet-zerono ip domain-lookup!!!!interface Loopback0ip address 4.1.1.1 255.255.255.0 secondaryip address 198.2.3.1 255.255.255.0 secondaryip address 198.2.5.1 255.255.255.0 secondaryip address 128.28.2.1 255.255.255.0 secondaryip address 182.2.2.1 255.255.255.0 secondaryip address 182.2.4.1 255.255.255.0 secondaryip address 198.1.1.5 255.255.255.252 secondaryip address 198.2.1.1 255.255.255.0!interface Loopback10ip address 197.68.4.1 255.255.255.0 secondaryip address 197.68.5.1 255.255.255.0 secondaryip address 197.68.21.1 255.255.255.0 secondaryip address 197.68.22.1 255.255.255.0 secondaryip address 197.68.1.1 255.255.255.0!interface Ethernet0description Connect to BBSW F0/5 34 www.passccielab.com All rights reserved Created by lofrent - 34 -
  • CCIE LAB Routing & Switching (V4.0)ip address 150.3.8.254 255.255.255.0 secondaryip address 150.3.12.254 255.255.255.0 secondaryip address 150.3.7.254 255.255.255.0 secondaryip address 150.3.11.254 255.255.255.0 secondaryip address 150.3.9.254 255.255.255.0 secondaryip address 150.3.10.254 255.255.255.0 secondaryip address 150.3.0.254 255.255.255.0no ip mroute-cache!interface Serial0no ip addressshutdown!interface Serial1no ip addressshutdown!interface BRI0no ip addressshutdown!router eigrp 100network 4.1.1.0 0.0.0.255network 128.28.2.0 0.0.0.255network 150.3.0.0network 182.2.2.0 0.0.0.255network 182.2.4.0 0.0.0.255network 198.1.1.0network 198.2.1.0network 198.2.3.0network 198.2.5.0no default-information inno default-information outno auto-summaryno eigrp log-neighbor-changesno eigrp log-neighbor-warnings!!ip classlessip http server!privilege exec level 0 show ip route!line con 0 35 www.passccielab.com All rights reserved Created by lofrent - 35 -
  • CCIE LAB Routing & Switching (V4.0)logging synchronousline aux 0line vty 0 4logging synchronouslogin!endSECTION1:DataLinkLayer(L2 Technologies)Pre-Configuration on your examVLAN Trunking Protocol VTP Domain CCIE + YYPPP serial link R1 through R5 and R3 through R5For example,the rack number of 3 would have a VTP domain of 802.1q trunk between all foutswitches2.1 Layer 2 TroubleshootErrors in the initial config SW1 vtp domain name is ccieroutingandswitchingyy and the others are ccieroutingandswitching. Solution :change SW1 vtp domain name to ccieroutingandswitching SW1 VTP password is cisc0 and the others are cisco. Solution :change SW1 vtp password to cisco On SW2 fastethernet0/10 config “switchport backup f0/4”, this command will cause interface fasterthernet 0/4 down. Solution :remove it2.1 Troubleshoot layer 2 switchingOne-two(or four) faults have been injected into the pre-configurations. these issues may impede aworking solution for certain portions of this labs exam and affect any labs exam section. Youmust verify that all of your configurations work as expected. If something is not working asexpected then you must fix the underlying problemPoint will be awarded for solving each problem. However, if you fail to solve a particular problem ,and the injected fault prevents you from having a working solutions of this lab, then you will losepoints for the fault and the lab that is not working 36 www.passccielab.com All rights reserved Created by lofrent - 36 -
  • CCIE LAB Routing & Switching (V4.0)SW1:vtp domain CCIERoutingandSwitchingvtp password ciscoSW2:interface f0/10no switchport backup f0/4R1:Interface s0/0ip add 5.5.15.249 255.255.255.252no peer neighbor-routeR3:Interface s0/1ip add 5.5.15.245 255.255.255.252no peer neighbor-routeR5:Interface s0/0ip add 5.5.15.250 255.255.255.252no peer neighbor-routeInterface s0/1ip add 5.5.15.246 255.255.255.252no peer neighbor-route2.2 Access-Switch Ports of Switched Network ConfigurationVLAN ID VLAN Name Interface4 VLAN_BB2 SW2 F0/105 VLAN_BB3 R3 Fa0/013 VLAN_A R1 Fa0/115 VLAN_B R3 Fa0/117 VLAN_BB1 R5 Fa0/124 VLAN_C R2 Fa0/126 VLAN_H R2 Fa0/1, R4 Fa0/146 VLAN_F R4 Fa0/047 VLAN_G R5 Fa0/1 37 www.passccielab.com All rights reserved Created by lofrent - 37 -
  • CCIE LAB Routing & Switching (V4.0)As per on SW1,SW2,SW3 should configure all of the appropriate nontrunking access switch portsaccording to the below requirements. As per the VLAN tables configure the VLANs for the access switch ports Also Include the ports to BB1,BB2,and BB3 Trunk between SW2-Fa0/2 and R2-Fa0/1 should be configured In the access switch port avoid transmitting BPDUs. When BPDU is received in any of these ports, the port should transmit back to the listening, learning and forward process. In the routers including trunk configuration should add any special Layer2 commands which are required For These access switch ports, by passing the listening and learning states ,the spanning tree enters the forward state immediately and ensure this.SW1interface fa0/3switchport access vlan 5switchport mode access!interface fa0/4switchport access vlan 46switchport mode access!interface fa0/5switchport access vlan 17switchport mode access!interface fa0/10switchport access vlan17!interface vlan 13ip address YY.YY.13.157 255.255.255.224no shutdown!interface vlan 15ip address YY.YY.13.189 255.255.255.224no shutdownSW3 ~ SW3spanning-tree portfast defaultspanning-tree portfast bpduguard defaulterrdisable recovery cause bpduguarderrdisable recovery interval 300Note: The default timeout interval is 300 seconds and, by default, the timeout feature is disabled. 38 www.passccielab.com All rights reserved Created by lofrent - 38 -
  • CCIE LAB Routing & Switching (V4.0)SW2interface fa0/1switchport access vlan 13switchport mode access!interface fa0/2switchport trunk encapsulation dot1qswitchport trunk allowed vlan 22,24switchport mode trunk!interface fa0/3switchport access vlan 15switchport mode access!interface fa0/4switchport access vlan 26switchport mode access!interface fa0/5switchport access vlan 47switchport mode access!interface fa0/10switchport access vlan 4switchport mode access!interface vlan 4ip address 150.2.YY.1 255.255.255.0!interface vlan 24ip address YY.YY.13.125 255.255.255.224no shutdownSW3interface fa0/10switchport access vlan 5switchport mode accessSW4interface vlan 46ip address YY.YY.13.61 255.255.255.224no shutdown! 39 www.passccielab.com All rights reserved Created by lofrent - 39 -
  • CCIE LAB Routing & Switching (V4.0)interface vlan 47ip address YY.YY.13.93 255.255.255.224no shutdownR2interface fa0/1no shutdown!interface fa0/1.24encapsulation dot1q 24ip address YY.YY.13.124 255.255.255.224!interface fa0/1.26encapsulation dot1q 26ip address YY.YY.13.29 255.255.255.224R3interface fa0/0ip address 150.3.YY.1 255.255.255.0no shutdownR5interface fa0/0ip address 150.1.YY.1 255.255.255.0no shutdown!2.3 Frame Relay ConfigurationConsider the points to configure R1 and R2 for frame relay and R4 as the frame relay switch Useauto-sensing on R1 & R2 and ANSI LMI on Frame Relay switch Avoid any static Inverse AddressResolutions Protocol or Frame Relay maps. For encapsulation use RFC1490/RFC2427The below table should used for data-link connection identifier(DLCI)assignments.Frame Relay DLCI details R1 Frame Relay interface 101 R2 Frame Relay interface 201R1interface serial 0/0/0encapsulation frame-relay IETFno fram-relay inverse-arpno shutdown 40 www.passccielab.com All rights reserved Created by lofrent - 40 -
  • CCIE LAB Routing & Switching (V4.0)ip address YY.YY.13.237 255.255.255.252frame-relay map ip YY.YY.13.236 100 broadcastframe-relay map ip YY.YY.15.242 100clock rate 256000no shutdown!interface serial 0/0/0/101point-to-pointip address YY.YY.13.237 255.255.255.252!R2interface serial 0/0/0encapsularion frame-relay IETFno fram-relay inverse-arpno shutdown!interface serial 0/0/0/201point-to-pointip address YY.YY.13.236 255.255.255.252R4frame-relay switching!interface serial 0/0/0encapsularion frame-relayclock rate 256000frame-relay lmi-type ansiframe-relay intf-type dceframe-relay route 101interface serial 0/1/0 201no shutdown!interface serial 0/0/1encapsulation frame-relayclock rate 256000frame-relay lmi-type ansiframe-relay intf-type dceframe-relay route 201interface serial 0/0/0 101no shutdown 41 www.passccielab.com All rights reserved Created by lofrent - 41 -
  • CCIE LAB Routing & Switching (V4.0)2.4 Backbones TrafficYour network should be protected from broadband storm by configuring traffic control on threebackbone links. This should be effective where broadcast traffic is 50% available bandwidth.During this time the port should remain functioning . Answer:SW1 ~ SW3interface Fa0/10strom-control broadcast level 502.5 Manipulation TrunkingDual trunk port should be configured between Sw1, Sw2, Sw3 and Sw4 according to below needs.For each switch on the six distribution ports DTP should be disabled. Allow the particular VLANs5, 13, 15, 46, 47 only can receive and send traffic on these interfaces in tagged format to be setSW1/SW2/SW3/SW4: interface FastEthernet0/19 switchport trunk encapsulation dot1q switchport trunk allowed vlan 3,11,13,44,45 switchport mode trunk switchport nonegotiate interface FastEthernet0/20 switchport trunk encapsulation dot1q switchport trunk allowed vlan 3,11,13,44,45 switchport mode trunk switchport nonegotiate interface FastEthernet0/21 switchport trunk encapsulation dot1q switchport trunk allowed vlan 3,11,13,44,45 switchport mode trunk switchport nonegotiate interface FastEthernet0/22 switchport trunk encapsulation dot1q switchport trunk allowed vlan 3,11,13,44,45 switchport mode trunk switchport nonegotiate interface FastEthernet0/23 switchport trunk encapsulation dot1q switchport trunk allowed vlan 3,11,13,44,45 switchport mode trunk switchport nonegotiate 42 www.passccielab.com All rights reserved Created by lofrent - 42 -
  • CCIE LAB Routing & Switching (V4.0) interface FastEthernet0/24 switchport trunk encapsulation dot1q switchport trunk allowed vlan 3,11,13,44,45 switchport mode trunk switchport nonegotiateNotes: After completion of configuration,please checking client is synchronized with the server,and you can find vlan has been configed Use command: do show inter trunk, checking vlan relay is correct and checking f0/19 -24 State is UPSECTION 2 : Network Layer ( L3 Technologies)2.1 Implement IPV4 OSPF Configure open shortest path first ( OSPF) Updates should be advertised only out of the interfaces that are indicated in the IGP topology diagram Don’t manually change the router ID Don’t create additional ospf areas Configure ospf area 2 such that there are no TYPE5 Advertisements (LSA) in the area, R1 should generate a default route. Configure OSPF over frame relay between R1 and R2 choosing a network type that requires designate router(DR) and backup designate router(BDR) negotiations and has the fatest recover timesR1: interface Serial0/0.12 point-to-point ip ospf network broadcast ip ospf dead-interval minimal hello-multiplier 5 router ospf 5 area 2 nssa default-information-originate network 11.11.15.161 0.0.0.0 area 0 network 11.11.15.242 0.0.0.0 area 2OSPF:R3:Interface 10Ip address 11.11.3.3 255.255.255.255router ospf 11 43 www.passccielab.com All rights reserved Created by lofrent - 43 -
  • CCIE LAB Routing & Switching (V4.0)network 11.11.15.193 0.0.0.0 area 0SW1:Ip routingInterface 10Ip address 11.11.7.7 255.255.255.255router ospf 11network 11.11.7.7 0.0.0.0 area 0network 11.11.15.162 0.0.0.0 area 0network 11.11.15.194 0.0.0.0 area 0R1interface 10Ip address 11.11.11.11 255.255.255.255router ospf11network 11.11.15.161 0.0.0.0 area 0network 11.11.15.242 0.0.0.0 area 2area 2 nssaint s0/0.1ip ospf network broadcastip ospf dead-interval minimal hello-multiplier 5R2int l0ip add 11.11.2.2 255.255.255.255router ospf 11network 11.11.15.241 0.0.0.0 area 2network 11.11.15.129 0.0.0.0 area 2network 11.11.2.2 0.0.0.0 area 2area 2 nssaint s0/0.2ip ospf network broadcastip ospf dead-interval minimal hello-multiplier 5SW2:Ip routingInterface loopback0ip add 11.11.8.8 255.255.255.255router ospf 11 area 2 nssa network 11.11.8.8 0.0.0.0 area 2 network 11.11.15.111 0.0.0.0 area 2 area 2 nssa 44 www.passccielab.com All rights reserved Created by lofrent - 44 -
  • CCIE LAB Routing & Switching (V4.0)Notes: All loopback address has been configured in real lab exam2.2 Implement IPV4 EIGRPConfigure EIGRP 100 and EIGRP YY per the IGP topology diagramEigrp updates should be advertise only out to the interface per the IGP topology diagramOn R1 , redistribute between ospf and eigrp YY. However all of the routes that are indicated belowfrom backone3 (EIGRP100) should not be redistributed between both protocolsUse route maps to accomplish this requirement. All route-maps should utilize the same accesslistsOn R3, redistrubte from EIGRP 100 into OSPFOn R3, redistribute from EIGRP 100 into eigrp YY. However three networks 198.2.1.0/24,198.2.3.0/24, 198.2.5.0/24 should be aggregated into a single address with the most specific maskpossibleeigrp 11:R1: interface s0/1 router eigrp 11 network 11.11.1.1 0.0.0.0 network 11.11.15.249 0.0.0.0 no auto-summaryR3: interface s0/1 router eigrp 11 network 11.11.15.245 0.0.0.0 network 11.11.3.3 0.0.0.0 no auto-summaryR5:Interface loopback0ip add 11.11.11.11 255.255.255.255router eigrp 11no auto-summarynetwork 11.11.11.11 0.0.0.0network 11.11.15.97 0.0.0.0network 11.11.15.246 0.0.0.0network 11.11.15.250 0.0.0.0SW4:Ip routing 45 www.passccielab.com All rights reserved Created by lofrent - 45 -
  • CCIE LAB Routing & Switching (V4.0)Interface loopback0ip add 11.11.10.10 255.255.255.255router eigrp 11no auto-summarynetwork 11.11.10.10 0.0.0.0network 11.11.15.98 0.0.0.0EIGRP 100R3:router eigrp 100network 150.3.11.1 0.0.0.0no auto-summaryRedistribution :router eigrp 11Redistribution eigrp 100 metric 10000 100 255 1 1500int s0/0ip summay eigrp 11 198.2.0.0 255.255.248.0router ospf 11redistribute eigrp 100 metric-type 1 subnetsR1:ip access-list extra 127permit ip host 198.1.1.4 host 255.255.255.252permit ip host 198.2.1.0 host 255.255.255.0permit ip host 198.2.3.0 host 255.255.255.0permit ip host 198.2.5.0 host 255.255.255.0permit ip host 198.2.4.0 host 255.255.255.0permit ip host 198.2.2.0 host 255.255.255.0permit ip host 128.28.2.0 host 255.255.255.0permit ip host 4.1.1.0 host 255.255.255.0permit ip host 198.2.0.0 host 255.255.248.0permit ip host 150.3.5.0 host 255.255.255.0route-map filter deny 10match ip add 127route-map filter per 20router ospf 11redistribute eigrp 11 metric 50 metric-t 1 s route-map filterarea 2 nssa default-information-originaterouter eigrp 11redistribute ospf 11 metric 10000 100 255 1 1500 route-map filter2.3 Implement RIP Version 2 46 www.passccielab.com All rights reserved Created by lofrent - 46 -
  • CCIE LAB Routing & Switching (V4.0)Configure RIP version 2 (RIP V2) per the IGP topology diagramRIP updates should be advertise only out the interface per the IGP topology diagramAll rip updates should be unicastAll rip updates must be able to receive and process RIPV1 packetsMutually resditribute between RIP and ospf on R2 and sw4, R4 learned routes should be preferredEIGRPR2:interface Ethernet0/1.24ip rip receive version 1 2router ripversion 2no auto-summarynetwork 11.0.0.0passive-interface defaultneighbor 11.11.15.33R4:interface loopback0ip add 11.11.4.4 255.255.255.255router ripversion 2no auto-summarynetwork 11.0.0.0passive-interface defaultneighbor 11.11.15.34neighbor 11.11.15.66int e0/1ip rip receive version 1 2int e0/0ip rip receive version 1 2Mutually redistribute between Rip and ospf YY on R2 Mutually redistribute between Rip andEIGRP YY on SW4 ,EIGRP learned routes preferred over ospf within RIP areaR2:router ospf 11redistribute eigrp 11 metric 50 metric-t 1 s route-map filterip prefix-list nssa per 0.0.0.0/0route-map filter deny 10match ip add filter nssaroute-map filter per 20access-list 10 deny 11.11.2.2 47 www.passccielab.com All rights reserved Created by lofrent - 47 -
  • CCIE LAB Routing & Switching (V4.0)access-list 10 per anyrouter ripredi ospf 11 metric 3 route-map filteroffset-list 10 out 3 e0/1.24access-list 20 per 11.11.4.4access-list 20 per 11.11.10.10access-list 20 per 11.11.15.64router ospf 11distance 125 11.11.1.1 0.0.0.0 20SW4:access-list 10 deny 11.11.4.4access-list 10 deny 11.11.2.2access-list 10 deny 11.11.15.32access-list 10 per anyrouter ripredi ospf 11 metric 2distance 175 11.11.15.65 0.0.0.0 10ip prefix-list rip per 11.11.2.2/32ip prefix-list rip per 11.11.4.4/32ip prefix-list rip per 11.11.15.32/27ip prefix-list rip per 11.11.15.64/27route-map perrip permit 10match ip add prefix riprouter eigrp 11redi rip metric 10000 100 255 1 1500 route-map perrip3.4 Implement IPV6Internte protocol version 6 ( IPV6) to configure IPV6 unique local unicast address using the eui-64interface identifier R4-G0/1 and R2-G0/1.Z(vlan 24) FC01:DB8:74:9::/64 eui-64 R2-s0/0.Z and R1-s0/0.Z FC01:DB8:74:A::/64 eui-64 R1-G0/1 and SW1 –SVI 11 FC01:DB8:74:B::/64 eui-64Configure ospfv3 per the IPV6 topology Ensure that R4 can ping sw1 using IPV6R4:Ipv6 unicast-routingipv6 router ospf 11router-id 11.11.4.4interface Ethernet0/1ipv6 address FC01:DB8:74:9::/64 eui-64 48 www.passccielab.com All rights reserved Created by lofrent - 48 -
  • CCIE LAB Routing & Switching (V4.0)ipv6 ospf 11 area 0R2:Ipv6 unicast-routingipv6 router ospf 11router-id 11.11.2.2interface Ethernet 0/1.24ipv6 address FC01:DB8:74:9::/64 eui-64ipv6 ospf 11 area 0interface serial0/0.2ipv6 address FC01:DB8:74:b::/64 eui-64ipv6 ospf 11 area 1R1:Ipv6 unicast-routingipv6 router ospf 11router-id 11.11.1.1interface Ethernet0/1ipv6 address FC01:DB8:74:a::/64 eui-64ipv6 ospf 11 area 0SW1:Sdm prefer dual-ipv4-and-ipv6 defaultIpv6 unicast-routingipv6 router ospf 11router-id 11.11.7.7interface vlan 11ipv6 address FC01:DB8:74:a::/64 eui-64ipv6 ospf 11 area 13.5 Implement IPV4 BGPRefer to the BGP routing diagram ,configure BGP with these parameters:Configure two bgp confederations R1 R3 R5 and SW4(ASYY1)and R2 and SW2(ASYY2)The confederation peers should neighbor between R1 and R2 and between SW4 and R2EBGP :SW2 EBGP peer with the router 150.2.YY.254 on backone 2 in AS 254 .This routeradvertise five routes with format 197.68.X.0/24 and AS path 254EBGP:R5 EBGP peer with the router 150.2.YY.254 on backone 1 in AS 254 , This router advertisefive routes with format 197.68.X.0/24 and AS path 254 253The BGP devices should all prefer the path through R5 (150.1.YY.254) for network197.68.21.0/24 and 197.68.22.0/24 .The internal board gateway protocol (IBGP) devices should 49 www.passccielab.com All rights reserved Created by lofrent - 49 -
  • CCIE LAB Routing & Switching (V4.0)all prefer the path through SW2(150.2.YY.254)for network 197.68.1.0/24 197.68.4.0/24 and197.68.5.0/24 .This manipulationshould be accomplished only on one router suingroute-map that refer to a single access-listConfigure only the loopback0 ip address to propagate BGP route informationR1: router bgp 111 bgp router-id 11.11.1.1 bgp log-neighbor-changes bgp confederation identifier 11 bgp confederation peers 112 neighbor 11.11.2.2 remote-as 112 neighbor 11.11.2.2 update-source Loopback0 neighbor 11.11.11.11 remote-as 52 neighbor 11.11.1.1 ebgp-multihop 255 neighbor 11.11.11.11 remote-as 111 neighbor 11.11.11.11 update-source Loopback0 no auto-summaryR3: router bgp 11 no synchronization bgp router-id 11.11.3.3 neighbor 11.11.1.1 remote-as 111 neighbor 11.11.1.1 update-source Loopback0 no auto-summarysw4: router bgp 11 bgp confederation peers 112 bgp confederation identifier11 bgp router-id 11.11.10.10 neighbor 11.11.2.2 remote-as 112 eighbor 11.11.2.2 ebgp-multihop 10 neighbor 11.11.11.11 update-source Loopback0 no auto-summaryR5: router bgp 11 no synchronization bgp router-id 11.11.11.11 bgp log-neighbor-changes bgp confederation identifier 11 neighbor ibgp peer-group neighbor ibgp remote-as 111 50 www.passccielab.com All rights reserved Created by lofrent - 50 -
  • CCIE LAB Routing & Switching (V4.0)neighbor ibgp Loopback0neighbor as52 route-reflector-clientneighbor as52 next-hop-selfneighbor 11.11.1.1 peer-group ibgpneighbor 11.11.3.3 peer-group ibgpneighbor 11.11.10.10 peer-group ibgpneighbor 150.111.254 remote-as ibgpneighbor 150.1.11.254 route-map loc inno auto-summaryip access-list extra 127access-list 5 permit 197.68.21.0 0.0.0.255access-list 5 permit 197.68.22.0 0.0.0.255route-map loc permit 10match ip address 127set local-preference 200SW2:router bgp 112no synchronizationbgp router-id 11.11.8.8bgp confederation identifier 11neighbor 11.11.2.2 remote-as 112neighbor 11.11.2.2 update-source Loopback0neighbor 11.11.2.2 next-hop-selfneighbor 150.2.5.254 remote-as 254no auto-summaryR2:router bgp112no synchronizationbgp router-id 11.11.2.2bgp log-neighbor-changesbgp confederation identifier 11bgp confederation peers 111neighbor ebgp peer-grupneighbor ebgp remote-as 111neighbor ebgp update-source Loopback0eighbor 11.11.2.2 ebgp-multihop 10no auto-summaryneighbor 11.11.1.1 peer-group ebgpneighbor 11.11.10.10 peer-group ebgp 51 www.passccielab.com All rights reserved Created by lofrent - 51 -
  • CCIE LAB Routing & Switching (V4.0) neighbor 11.11.8.8 r remote-as 112 neighbor ebgp update-source Loopback0SECTION 3 : Services4.1 secure HTTP accessEnable secure HTTP access for R5 , Enalbe authentication using the list “HTTP”which utilizes local user authentication . Configure two different users for access toR5 ,the user cisco (password cisco) ,who only has privilege 1 access to R5 ; and theuser ADMIN(password CISCO) who has privilege 15 access to R5 .Dno’t change console and vty passwordNO ip http serverip http secure-serveraaa authentication login default lineaaa authentication login HTTP local noneaaa authorization exec HTTP localip http authentication aaa login-authentication HTTPip http authentication aaa exec-authorization HTTPusername ADMIN privilege 15 pass ADMINusername cisco privilege 1 pass cisco4.2 secure the WAN PPP LINKSConfigure challenge handshake atuthentication protocol(CHAP)on R5 for the link to R1 and R3,according to the following requirementsAn authentication, authorization, and according (AAA) list named R1 and R3 for R1 and R3respectivelyAuthentication for R1 should first try the radius server 198.2.3.128 using a key of cisco and fallback to local login in the event of a failure to connect to the radius serverR1 should present itself to R5 as RACKYYR1 with a shared password cisco,Authentication for R3 should first try the TACAS server 198.2.3.129 using a key of cisco and fallback to local login in the event of a failure to connect to the TACAS serverR3 should present itself to R5 as BACKUP with a shared password of CISCOR5:aaa new-modelaaa authentication ppp R1 group radius local-caseaaa authentication ppp R3 group tacacs+ local-caseusername RackYYR1 password ciscousername BACKUP password CISCO 52 www.passccielab.com All rights reserved Created by lofrent - 52 -
  • CCIE LAB Routing & Switching (V4.0)radius-server host 198.2.5.128 key ciscotacacs-server host 198.2.5.129 key ciscointerface s0/0ppp authentication chap R1interface s0/1ppp authentication chap R3R1:interface s0/0ppp chap hostname RackYYR1ppp chap password ciscoR3:interface s0/1ppp chap hostname BACKUPppp chap password CISCO4.3 MQC-Based FRTSConfigure parent class-default committed information (CIR ) as 64KB (when no backward explicitcongestion notification are present and 32KB.• Differentiate between voice & data packet• Guaranteed bandwidth 40% voice• Guaranteed bandwidth 35% data• Voice packets are marked EF• Class 1 and 2 ( E11or E12) enable CBWFQ for SUB class-defaultR2:class-map match-all D1match ip dscp af11class-map match-all D2match ip dscp af21class-map match-all Dmatch class-map D1match class-map D2class-map match-all VOICEmatch ip precedence 5match ip dscp efpolicy-map CBWFQclass Dbandwidth percent 35class VOICEbandwidth percent 40 53 www.passccielab.com All rights reserved Created by lofrent - 53 -
  • CCIE LAB Routing & Switching (V4.0)class class-defaultfair-queue!map-class frame-relay FRTSframe-relay cir 64000frame-relay mincir 32000frame-relay adaptive-shaping becnservice-policy output CBWFQInterface s0/0Frame-relay traffic-shapingInterface s0/0.2fram int 200class FRTS4.4 AutoQOS over PPPTo 4.3 continue to address voip quality of service (QOS) by configuring cisco autoQOS over PPPlink between R1 and R5R1: Interface s0/0/1 auto discovery qos auto qos voipR5: Interface s0/0 auto discovery qos auto qos voip4.5 First Hop RedundancyTo facilitate load balancing and backup for hosts off of VLAN_H, configure GLBP on VLAN_H, Useany group number. R4 should have the higher priority with the ability for R2 to assume control ifthe priority of R4 decreases. Use MD5 authentication to protect the GLBP group. Use thekey-string cisco. Configure the IP yy.yy.35.35 as your GLBP virtual address.R2: interface Ethernet0/0.24 glbp 1 ip 11.11.15.35 glbp 1 preempt 54 www.passccielab.com All rights reserved Created by lofrent - 54 -
  • CCIE LAB Routing & Switching (V4.0) glbp 1 authentication md5 key-string ciscoR4: interface Ethernet0/1 glbp 1 ip 11.11.35.35 glbp 1 priority 105 glbp 1 preempt glbp 1 authentication md5 key-string cisco4.6 polled and broadcast NTPEnable network time protocol (NTP) on R2,R3 and R4 according to the following requirementR2 should act as an NTP server to R3R4 should provide broadcast NTP updates only to VLAN_HThe hardware clocks on R2,R3 and R4 should be updated by the sofeware clockR4 should use loopback 0 as the source addressAbsent an external time server, R4 should use its own system clock to synchronize R2 and R3Set the clock on R4 as 8:00 am (08:00),January 1 2000Ultimately, the clocks on R2,R3 and R4 should be in synchronizedR4:Clock set 8:00:00 1 jan 2000Conf tntp master 3ntp source loopback 0ntp update-calendarinterface e0/1ntp broadcastR2:ntp server 11.11.4.4ntp update-calendarinterface e0/1.24 ntp broadcast clientR3:ntp server 11.11.2.2ntp update-calendar4.7 SYSLOGConfigure SYSLOG on R3 to according to the following requirementEnable SYSLOG on R3 to log emergencies , alarms and critical to host 150.3.YY.10 with facility 6 55 www.passccielab.com All rights reserved Created by lofrent - 55 -
  • CCIE LAB Routing & Switching (V4.0)R3 should use Loopback0 addressAnswer:R3logging onlogging host 150.3.YY.10logging trap critical logging facility local6logging source-interface loopback 0SECTION 4 : IP Multicast4.1 PIM Spares Mode for IPv6 Multicastimplement PIM spares mode for IPV6 multicastEnable pim sparse mode ( pim-sm) on the lan between R4-fa0/1 and R2-Gi0/1, R1 G0/1 and SW1Svi, and on the WAN link between R2 and R1, Using these criteriaConfigure R4-fa0/1 to be the redezvous point (RP) for the FF08::4000:4000 multicast group noother groups should be permitedNotes:Need to explain here, the normal 128-mask can not be configured, because we have been to find,we use minimum with 127- mask, and we got a perfect scoreR1:ipv6 cefipv6 multicast-routingipv6 pim rp-address name multicastipv6 access-list multicastpermit ipv6 host FF08::4000:4000/127R2:ipv6 cefipv6 multicast-routing 56 www.passccielab.com All rights reserved Created by lofrent - 56 -
  • CCIE LAB Routing & Switching (V4.0)ipv6 pim rp-address name multicastipv6 access-list multicastpermit ipv6 host FF08::4000:4000/127R4:ipv6 cefipv6 multicast-routingipv6 pim rp-address name multicastipv6 access-list multicastpermit ipv6 host FF08::4000:4000/127SW1:ipv6 mld snooping5.2 multicast joinsConfigure R2 s0/0/0.Z as an ipv6 receiver for the multicast group FF08::4000:4000R2 should be able to ping the multicast group FF08::4000:4000R2:Interface s0/0/0.Zipv6 mld join-group FF08::4000:4000Section V. optimize the network5.1 Netflow data exportConfigure netflow on R4 to according to the following requirementsource should be VLAN_HExport all data to 198.2.5.10Use UDP port 9991 for exportingUse netflow version 9 onlyR4:ip flow-export source loopback 0 57 www.passccielab.com All rights reserved Created by lofrent - 57 -
  • CCIE LAB Routing & Switching (V4.0)ip flow-export destination 198.2.5.10 9991ip flow-export version 9ip multicast netflow rpfip multicast netflow outinterface e0/0ip flow ingressip flow egress5.2 Embedded event manager monitor of cpuConfigure three different event manager applets on R3 acconding to the following requirements:If the 5 min CPU value(cpmCPUTotal5minRev) goes above 60 percent, the first 10 lines of theshow processes cpu command output should be emailed to engineer@cisco.com fromEEM@cisco.com with a subject of "CPUAlert5min" using the mail server 198.2.5.10 Pollingshould be every 60 secondsR3snmp-server community XXX ro//[no] snmp-server community string [view view-name] [ro | rw][access-list number]event manger applet CPUevent snmp oid 1.3.6.1.4.1.9.9.109.1.1.1.1.8 get-type exact entry-op ge entry-val 60poll-interval 60Exit criteria are optional. If exit criteria are not specified, event monitoring will be reenabledimmediately. If exit criteria are specified—on the basis of values or time periods—eventmonitoring is not reenabled until the criteria are met.act 1.0 cli command enableact 2.0 cli command "show process cpu | include CPU|PID|^_ [1-9]|^_10"act 3.0 mail server 198.2.5.10 to engineer@cisco.com from EEM@cisco.com subjectCPUAlert5min body $_cli_result5.3 TFTP SERVERConfigure R3 as a TFTP server with the following requirementsR4 should be able to copy the file TEST from the flash memory of R3No other files should be aviable from R3No other devices should be able to copy the files TEST from R3Note: You do not need to create the TEST file on R3 or attempt to make a actual copyR3:Access-list 4 permit 11.11.4.4Access-list 4 permit 11.11.15.65Access-list 4 permit 11.11.15.33 58 www.passccielab.com All rights reserved Created by lofrent - 58 -
  • CCIE LAB Routing & Switching (V4.0)tftp-server flash:TEST 4 59 www.passccielab.com All rights reserved Created by lofrent - 59 -