Vous êtes sur la page 1sur 116

www.CareerCert.

info
CCIE LAB Routing & Switching (V4.0)

CCIE LAB Routing & Switching (V4.0)

Ver:K1

Update 2009-12-13

www.passccielab.com All Rights Reserved.

www.passccielab.com All rights reserved

Created by lofrent

-1-

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Part 1: Core Knowledge Questions


There are 4 open ended questions in this section. You should answer at least 3 out of 4 correctly to get 100% in this section. If you fail to do so, your score will be 0% in this section. See the another file for the same(open ended questions for CCIE RS lab)

www.passccielab.com All rights reserved

Created by lofrent

-2-

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Part 2: Troubleshooting
Troubleshooting: 1. Troubleshooting has 29 devices,no switch 2. you must find 11 questions and solve these questions 3. Please notes, ip address will be change in your real exam

www.passccielab.com All rights reserved

Created by lofrent

-3-

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

www.passccielab.com All rights reserved

Created by lofrent

-4-

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Pre-configured for Troubleshooting


R1 Passccielab.com_Rack30R1#sh run Building configuration... Current configuration : 1408 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Passccielab.com_Rack30R1 ! boot-start-marker boot-end-marker ! ! ip subnet-zero ip cef ! ! no ip domain-lookup ! no mpls traffic-eng auto-bw timers frequency 0 call rsvp-sync ! ! ! ! ! mpls label protocol ldp mpls ldp router-id lo0 ! ! ! interface Loopback0 ip address 1.1.1.1 255.255.255.255 no clns route-cache ! interface FastEthernet0/0 ip address 171.13.13.1 255.255.255.0 duplex half www.passccielab.com All rights reserved Created by lofrent -5-

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

no clns route-cache mpls ip ! interface Serial1/0 no ip address no fair-queue serial restart-delay 0 no clns route-cache ! interface Serial1/1 no ip address serial restart-delay 0 no clns route-cache ! interface Serial1/2 no ip address serial restart-delay 0 no clns route-cache ! interface Serial1/3 no ip address serial restart-delay 0 no clns route-cache ! interface FastEthernet2/0 ip address 171.15.15.1 255.255.255.0 duplex half no clns route-cache no shu mpls ip ! interface FastEthernet2/1 ip address 171.14.14.1 255.255.255.0 duplex half no clns route-cache rate-limit input 8000 1000 2000 conform-action transmit exceed-action drop mpls ip no shu ! interface FastEthernet4/0 ip address 171.16.16.1 255.255.255.0 duplex half no clns route-cache no shu www.passccielab.com All rights reserved Created by lofrent -6-

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

mpls ip ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip classless ! no ip http server ! ! ! ! ! ! control-plane ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous stopbits 1 line aux 0 stopbits 1 line vty 0 4 no login ! ! end

R2 hostname Passccielab.com_Rack30R2 ! boot-start-marker boot-end-marker ! ! ip subnet-zero ip cef www.passccielab.com All rights reserved Created by lofrent -7-

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! ! no ip domain-lookup ! no mpls traffic-eng auto-bw timers frequency 0 call rsvp-sync ! ! ! ! mpls label protocol ldp mpls ldp router-id lo0 ! ! ! ! interface Loopback0 ip address 2.2.2.2 255.255.255.255 no clns route-cache ! interface FastEthernet2/0 ip address 171.25.25.2 255.255.255.0 duplex half no clns route-cache mpls ip no shu ! interface FastEthernet2/1 ip address 171.24.24.2 255.255.255.0 duplex half no clns route-cache no shu mpls ip ! interface FastEthernet3/0 no ip address duplex half no clns route-cache ! interface Serial5/0 ip address 171.26.26.2 255.255.255.0 no fair-queue serial restart-delay 0 no clns route-cache www.passccielab.com All rights reserved Created by lofrent -8-

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

mpls ip no shu ! interface Serial5/1 no ip address serial restart-delay 0 no clns route-cache ! interface Serial5/2 no ip address serial restart-delay 0 no clns route-cache ! interface Serial5/3 no ip address serial restart-delay 0 no clns route-cache ! interface FastEthernet6/0 ip address 171.23.23.2 255.255.255.0 duplex half no clns route-cache mpls ip no shu ! ip classless ! no ip http server ! ! ! router os 1 net 0.0.0.0 0.0.0.0 a 0 ! ! ! control-plane ! ! dial-peer cor custom ! ! ! ! www.passccielab.com All rights reserved Created by lofrent -9-

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

line con 0 exec-timeout 0 0 logging synchronous stopbits 1 line aux 0 stopbits 1 line vty 0 4 ! ! end

R3

Passccielab.com_Rack30R3#sh run Building configuration...

Current configuration : 2412 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Passccielab.com_Rack30R3 ! boot-start-marker boot-end-marker ! username Passccielab.com_Rack30R1 password 0 cisco ! ip subnet-zero ip cef ! ! mpls label protocol ldp mpls ldp router-id lo0

no ip domain-lookup ! ip vrf site-b rd 34:22 route-target export 34:22 www.passccielab.com All rights reserved Created by lofrent - 10 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! no mpls traffic-eng auto-bw timers frequency 0 call rsvp-sync ! ! ! ! ! ! ! ! interface Loopback0 ip address 3.3.3.3 255.255.255.255 no clns route-cache ! interface Serial1/0 ip vrf forwarding site-b ip address 171.3.22.3 255.255.255.0 no fair-queue ppp authentication chap serial restart-delay 0 clockrate 64000 no clns route-cache mpls ip ! interface Serial1/1 no ip address serial restart-delay 0 no clns route-cache ! interface Serial1/2 no ip address shutdown serial restart-delay 0 no clns route-cache ! interface Serial1/3 no ip address shutdown serial restart-delay 0 no clns route-cache ! interface FastEthernet2/0 ip address 171.13.13.3 255.255.255.0 www.passccielab.com All rights reserved Created by lofrent - 11 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

duplex half no clns route-cache mpls ip no shu ! interface FastEthernet4/0 ip address 171.23.23.3 255.255.255.0 duplex half no clns route-cache mpls ip no shu ! interface FastEthernet4/1 duplex half no clns route-cache no shu ! router eigrp 100 no auto-summary ! address-family ipv4 vrf site-b redistribute bgp 10 metric 10000 100 255 1 1500 network 171.3.22.3 0.0.0.0 no auto-summary exit-address-family autonomous-system 100 ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! router bgp 10 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 4.4.4.4 remote-as 10 neighbor 4.4.4.4 update-source seaial1/1 neighbor 5.5.5.5 remote-as 10 neighbor 5.5.5.5 update-source Loopback0 neighbor 6.6.6.6 remote-as 10 neighbor 6.6.6.6 update-source Loopback0 ! address-family ipv4 neighbor 4.4.4.4 activate www.passccielab.com All rights reserved Created by lofrent - 12 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

neighbor 5.5.5.5 activate neighbor 6.6.6.6 activate no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 4.4.4.4 activate neighbor 4.4.4.4 send-community extended neighbor 5.5.5.5 activate neighbor 5.5.5.5 send-community extended neighbor 6.6.6.6 activate neighbor 6.6.6.6 send-community extended exit-address-family ! address-family ipv4 vrf site-b no auto-summary redistribute eigrp 100 no synchronization exit-address-family ! ip classless ! no ip http server ! ! ! ! ! ! control-plane ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous stopbits 1 line aux 0 stopbits 1 www.passccielab.com All rights reserved Created by lofrent - 13 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

line vty 0 4 no login ! ! end

R4

Passccielab.com_Rack30R4#sh run Building configuration... Current configuration : 2369 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Passccielab.com_Rack30R4 ! boot-start-marker boot-end-marker ! ! ip subnet-zero ip cef ! mpls label protocol ldp mpls ldp router-id lo0 ! no ip domain-lookup ! ip vrf site-b rd 34:22 route-target export 34:22 ! no mpls traffic-eng auto-bw timers frequency 0 call rsvp-sync ! ! ! ! www.passccielab.com All rights reserved Created by lofrent - 14 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! ! ! ! interface Loopback0 ip address 4.4.4.4 255.255.255.255 no clns route-cache ! interface FastEthernet0/0 ip address 171.14.14.4 255.255.255.0 duplex half mpls ip no clns route-cache no shu ! interface FastEthernet1/0 ip address 171.24.24.4 255.255.255.0 duplex half no clns route-cache mpls ip no shu ! interface FastEthernet2/0 ip vrf forwarding site-b ip address 171.4.15.4 255.255.255.0 duplex half mpls ip no clns route-cache no shut interface Serial3/0 no ip address shutdown no fair-queue serial restart-delay 0 no clns route-cache ! interface Serial3/1 no ip address shutdown serial restart-delay 0 no clns route-cache ! interface Serial3/2 www.passccielab.com All rights reserved Created by lofrent - 15 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0) no ip address shutdown serial restart-delay 0 no clns route-cache ! interface Serial3/3 no ip address shutdown serial restart-delay 0 no clns route-cache ! router ospf 101 vrf site-b log-adjacency-changes redistribute bgp 10 subnets network 0.0.0.0 255.255.255.255 area 0 ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! router bgp 10 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 3.3.3.3 remote-as 10 neighbor 3.3.3.3 update-source Loopback0 neighbor 5.5.5.5 remote-as 10 neighbor 5.5.5.5 update-source Loopback0 neighbor 6.6.6.6 remote-as 10 neighbor 6.6.6.6 update-source Loopback0 ! address-family ipv4 neighbor 3.3.3.3 activate neighbor 5.5.5.5 activate neighbor 6.6.6.6 activate no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 3.3.3.3 activate neighbor 3.3.3.3 send-community extended neighbor 5.5.5.5 activate neighbor 5.5.5.5 send-community extended neighbor 6.6.6.6 activate www.passccielab.com All rights reserved Created by lofrent - 16 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

neighbor 6.6.6.6 send-community extended exit-address-family ! address-family ipv4 vrf site-b redi ospf 101 no auto-summary no synchronization exit-address-family ! ip classless ! no ip http server ! ! ! ! ! ! control-plane ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous stopbits 1 line aux 0 stopbits 1 line vty 0 4 no login ! ! end

R5 Passccielab.com_Rack30R5#sh run Building configuration... www.passccielab.com All rights reserved Created by lofrent - 17 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Current configuration : 2561 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Passccielab.com_Rack30R5 ! boot-start-marker boot-end-marker ! ! mpls label protocol ldp mpls ldp router-id lo0 ip subnet-zero ip cef ! ! no ip domain-lookup ! ip vrf site-a rd 56:22 route-target export 56:22

! no mpls traffic-eng auto-bw timers frequency 0 call rsvp-sync ! ! ! ! ! ! ! ! interface Loopback0 ip address 5.5.5.5 255.255.255.255 no clns route-cache ! interface FastEthernet0/0 ip vrf forwarding site-a www.passccielab.com All rights reserved Created by lofrent - 18 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

ip address 171.5.11.5 255.255.255.0 duplex half mpls ip no clns route-cache no shu ! interface Serial1/0 no ip address shutdown serial restart-delay 0 no clns route-cache ! interface Serial1/1 no ip address shutdown serial restart-delay 0 no clns route-cache ! interface Serial1/2 no ip address shutdown serial restart-delay 0 no clns route-cache ! interface Serial1/3 no ip address shutdown serial restart-delay 0 no clns route-cache ! interface FastEthernet2/0 ip address 171.15.15.5 255.255.255.0 duplex half mpls ip no clns route-cache no shu ! interface FastEthernet4/0 ip address 171.25.25.5 255.255.255.0 duplex half mpls ip no clns route-cache ! router ospf 101 vrf site-a www.passccielab.com All rights reserved Created by lofrent - 19 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

log-adjacency-changes redistribute bgp 10 subnets network 0.0.0.0 255.255.255.255 area 0 ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! router bgp 10 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 3.3.3.3 remote-as 10 neighbor 3.3.3.3 update-source Loopback0 neighbor 4.4.4.4 remote-as 10 neighbor 4.4.4.4 update-source Loopback0 neighbor 6.6.6.6 remote-as 10 neighbor 6.6.6.6 update-source Loopback0 ! address-family ipv4 neighbor 3.3.3.3 activate neighbor 4.4.4.4 activate neighbor 6.6.6.6 activate no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 3.3.3.3 activate neighbor 3.3.3.3 send-community extended neighbor 4.4.4.4 activate neighbor 4.4.4.4 send-community extended neighbor 6.6.6.6 activate neighbor 6.6.6.6 send-community extended exit-address-family ! address-family ipv4 vrf site-a redistribute ospf 101 vrf site-a no auto-summary no synchronization exit-address-family ! ip classless ! no ip http server www.passccielab.com All rights reserved Created by lofrent - 20 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! ! ! ! ! ! control-plane ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous stopbits 1 line aux 0 stopbits 1 line vty 0 4 no login ! ! end

R6

Passccielab.com_Rack30R6#sh run Building configuration... Current configuration : 2776 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime service password-encryption ! hostname Passccielab.com_Rack30R6 ! boot-start-marker boot-end-marker www.passccielab.com All rights reserved Created by lofrent - 21 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! ! mpls label protocol ldp mpls ldp router-id lo0

ip subnet-zero ip cef ! ! no ip domain-lookup ! ip vrf site-a rd 56:22 route-target export 56:22 ! ip multicast-routing mpls traffic-eng tunnels no mpls traffic-eng auto-bw timers frequency 0 mpls ldp router-id Loopback0 force mpls label protocol ldp pseudowire-class fr-fe encapsulation mpls interworking ip !

call rsvp-sync ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 6.6.6.6 255.255.255.255 no clns route-cache ! interface FastEthernet0/0 ip vrf forwarding site-a ip address 171.67.67.6 255.255.255.0 www.passccielab.com All rights reserved Created by lofrent - 22 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

duplex half mpls ip no clns route-cache no shut ! interface FastEthernet1/0 ip address 171.16.16.6 255.255.255.0 duplex half mpls ip no clns route-cache no shu ! interface Serial3/0 ip address 171.26.26.6 255.255.255.0 serial restart-delay 0 no clns route-cache mpls ip no shut ! interface Serial3/2 no ip address serial restart-delay 0 no clns route-cache ! interface Serial3/3 no ip address serial restart-delay 0 no clns route-cache ! router os 100 vrf site-a net 0.0.0.0 255.255.255.255 a 0 ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! router bgp 10 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 3.3.3.3 remote-as 10 neighbor 3.3.3.3 update-source Loopback0 neighbor 4.4.4.4 remote-as 10 neighbor 4.4.4.4 update-source Loopback0 www.passccielab.com All rights reserved Created by lofrent - 23 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

neighbor 5.5.5.5 remote-as 10 neighbor 5.5.5.5 update-source Loopback0 ! address-family ipv4 neighbor 3.3.3.3 activate neighbor 4.4.4.4 activate neighbor 5.5.5.5 activate no auto-summary no synchronization exit-address-family ! address-family vpnv4 neighbor 3.3.3.3 activate neighbor 3.3.3.3 send-community extended neighbor 4.4.4.4 activate neighbor 4.4.4.4 send-community extended neighbor 5.5.5.5 activate neighbor 5.5.5.5 send-community extended exit-address-family ! address-family ipv4 vrf site-a no auto-summary no synchronization exit-address-family ! ip classless ! no ip http server ! ip bgp-community new-format ! ! ! ! ! control-plane ! ! dial-peer cor custom ! ! ! ! line con 0 www.passccielab.com All rights reserved Created by lofrent - 24 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

exec-timeout 0 0 logging synchronous stopbits 1 line aux 0 stopbits 1 line vty 0 4 no login ! ! end

R7

Passccielab.com_Rack30R7#sh run Building configuration... Current configuration : 1272 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Passccielab.com_Rack30R7 ! boot-start-marker boot-end-marker ! ! ip subnet-zero ip cef ! ! no ip domain-lookup ! no mpls traffic-eng auto-bw timers frequency 0 call rsvp-sync ! ! www.passccielab.com All rights reserved Created by lofrent - 25 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! ! ! ! ! ! interface Loopback0 ip address 7.7.7.7 255.255.255.255 no clns route-cache ! interface FastEthernet0/0 ip address 171.78.78.7 255.255.255.0 duplex auto speed auto no clns route-cache ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco ! interface FastEthernet0/1 ip address 171.67.67.7 255.255.255.0 duplex auto speed auto no clns route-cache ! interface Serial1/0 ip address 171.7.11.7 255.255.255.0 no fair-queue serial restart-delay 0 no clns route-cache ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco ! interface Serial1/1 ip address 171.7.12.7 255.255.255.0 serial restart-delay 0 no clns route-cache ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco ! interface Serial1/2 no ip address serial restart-delay 0 no clns route-cache www.passccielab.com All rights reserved Created by lofrent - 26 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! interface Serial1/3 no ip address serial restart-delay 0 no clns route-cache ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip classless ! no ip http server ! ! ! ! ! ! control-plane ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous stopbits 1 line aux 0 stopbits 1 line vty 0 4 no login ! ! end

R8

Passccielab.com_Rack30R8#sh run www.passccielab.com All rights reserved Created by lofrent - 27 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Building configuration...

Current configuration : 966 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Passccielab.com_Rack30R8 ! boot-start-marker boot-end-marker ! ! no aaa new-model memory-size iomem 10 ! ! ip cef no ip domain lookup ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! www.passccielab.com All rights reserved Created by lofrent - 28 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! interface Loopback0 ip address 8.8.8.8 255.255.255.255 ! interface Ethernet0/0 ip address 171.89.89.8 255.255.255.0 half-duplex ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco no sh ! interface Serial0/0 ip address 171.8.11.8 255.255.255.0 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco no sh ! interface Ethernet0/1 ip address 171.78.78.8 255.255.255.0 half-duplex ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco no sh ! interface Serial0/1 no ip address ! interface Ethernet1/0 no ip address half-duplex ! interface Ethernet1/1 no ip address half-duplex ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! no ip http server no ip http secure-server ! ! ! www.passccielab.com All rights reserved Created by lofrent - 29 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! ! ! control-plane ! ! ! ! ! ! ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login !

R9

Passccielab.com_Rack30R9#sh run Building configuration... Current configuration : 730 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Passccielab.com_Rack30R9 ! boot-start-marker boot-end-marker ! ! no aaa new-model www.passccielab.com All rights reserved Created by lofrent - 30 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

ip subnet-zero no ip domain lookup ! ! ! ! ! interface Loopback0 ip address 9.9.9.9 255.255.255.255 ! interface Ethernet0 ip address 171.90.90.9 255.255.255.0 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco no shut ! interface Ethernet1 ip address 171.89.89.9 255.255.255.0 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco no shu ! interface Serial0 no ip address shutdown no fair-queue ! interface Serial1 no ip address shutdown ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip http server ip classless ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous www.passccielab.com All rights reserved Created by lofrent - 31 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

line aux 0 line vty 0 4 login ! en

R10 Passccielab.com_Rack30R10#sh run Building configuration... Current configuration : 697 bytes ! version 12.1 no service single-slot-reload-enable service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Passccielab.com_Rack30R10 ! ! ! ! ! ! ip subnet-zero no ip domain-lookup ! partition flash 2 8 8 ! ! ! ! interface Loopback0 ip address 10.10.10.10 255.255.255.255 ! interface Ethernet0 ip address 171.90.90.10 255.255.255.0 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco no sh ! interface Ethernet1 www.passccielab.com All rights reserved Created by lofrent - 32 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

no ip address ! interface Serial0 no ip address shutdown ! interface Serial1 no ip address shutdown ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip classless no ip http server ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! end

R11

Building configuration... Current configuration : 1196 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Passccielab.com_Rack30R11 ! boot-start-marker boot-end-marker www.passccielab.com All rights reserved Created by lofrent - 33 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! ! ip subnet-zero ip cef ! ! no ip domain-lookup ! no mpls traffic-eng auto-bw timers frequency 0 call rsvp-sync ! ! ! ! ! ! ! ! interface Loopback0 ip address 11.11.11.11 255.255.255.255 no clns route-cache ! interface FastEthernet0/0 ip address 171.5.11.11 255.255.255.0 duplex half no clns route-cache ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco no shut ! interface Serial3/0 ip address 171.7.11.11 255.255.255.0 no fair-queue serial restart-delay 0 clockrate 64000 no clns route-cache ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco no shu ! interface Serial3/1 ip address 171.11.12.11 255.255.255.0 serial restart-delay 0 no clns route-cache www.passccielab.com All rights reserved Created by lofrent - 34 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco no shu ! interface Serial3/2 ip address 171.8.11.11 255.255.255.0 serial restart-delay 0 no clns route-cache ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco no shu ! interface Serial3/3 no ip address serial restart-delay 0 no clns route-cache ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip classless ! no ip http server ! ! ! ! ! ! control-plane ! ! dial-peer cor custom ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous stopbits 1 line aux 0 stopbits 1 www.passccielab.com All rights reserved Created by lofrent - 35 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

line vty 0 4 no login ! ! end

R12

Passccielab.com_Rack30R12#sh run Building configuration... Current configuration : 1043 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Passccielab.com_Rack30R12 ! boot-start-marker boot-end-marker ! ! no aaa new-model ! resource policy ! memory-size iomem 10 ip subnet-zero ! ! ip cef no ip dhcp use vrf connected ! ! no ip ips deny-action ips-interface ! ! ! ! ! www.passccielab.com All rights reserved Created by lofrent - 36 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 12.12.12.12 255.255.255.255 ! interface Ethernet0/0 ip address 171.12.13.12 255.255.255.0 half-duplex ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco no shu ! interface Serial0/0 ip address 171.7.12.12 255.255.255.0 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco no shu ! interface Ethernet0/1 no ip address half-duplex ! interface Serial0/1 ip address 171.11.12.12 255.255.255.0 clockrate 64000 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco no shu ! interface Ethernet1/0 www.passccielab.com All rights reserved Created by lofrent - 37 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

no ip address half-duplex ! interface Ethernet1/1 no ip address half-duplex ! router ospf 1 no log-adjacency-changes network 12.12.12.12 0.0.0.0 area 0 network 171.7.12.12 0.0.0.0 area 0 network 171.11.12.12 0.0.0.0 area 0 network 171.12.13.12 0.0.0.0 area 2 ! no ip http server no ip http secure-server ip classless ! ! ! ! ! ! control-plane ! ! ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 login ! ! end

www.passccielab.com All rights reserved

Created by lofrent

- 38 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

R13

Passccielab.com_Rack30R13#sh run Building configuration... Current configuration : 612 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Passccielab.com_Rack30R13 ! ! ip subnet-zero ! ! ! ! interface Loopback0 ip address 13.13.13.13 255.255.255.255 ! interface Ethernet0 ip address 171.12.13.13 255.255.255.0 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco no shu ! interface Ethernet1 ip address 171.13.14.13 255.255.255.0 ip ospf authentication message-digest ip ospf message-digest-key 1 md5 cisco no shu ! interface Serial0 no ip address ! interface Serial1 no ip address ! www.passccielab.com All rights reserved Created by lofrent - 39 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip classless no ip http server ! ! ! line con 0 line aux 0 line vty 0 4 login !

R14

Passccielab.com_Rack30R14#sh run Building configuration...

Current configuration : 678 bytes ! version 12.1 no service single-slot-reload-enable service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Passccielab.com_Rack30R14 ! ! ! ! ! ! ip subnet-zero no ip domain-lookup ! ! ! ! interface Loopback0 www.passccielab.com All rights reserved Created by lofrent - 40 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

ip address 14.14.14.14 255.255.255.255 ! interface Ethernet0 ip address 171.13.14.14 255.255.255.0 no shu ! interface Serial0 no ip address shutdown ! interface Serial1 no ip address shutdown ! interface BRI0 no ip address shutdown ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 0 ! ip classless no ip http server ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login

R15

Passccielab.com_Rack30R15#sh run Building configuration... Current configuration : 1050 bytes ! www.passccielab.com All rights reserved Created by lofrent - 41 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Passccielab.com_Rack30R15 ! boot-start-marker boot-end-marker ! ! no network-clock-participate slot 1 no network-clock-participate wic 0 no aaa new-model ip subnet-zero ! ! ! ip cef ip audit po max-events 100 ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 15.15.15.15 255.255.255.255 ! interface FastEthernet0/0 ip address 171.15.17.15 255.255.255.0 www.passccielab.com All rights reserved Created by lofrent - 42 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

duplex auto speed auto no sh ! interface Serial0/0 ip address 171.15.16.15 255.255.255.0 encapsulation frame-relay frame-relay map ip 171.15.16.16 112 broadcast frame-relay lmi-type cisco ip ospf network point-to-point ip ospf message-digest-key 1 md5 cisco no shu ! interface FastEthernet0/1 ip address 171.4.15.15 255.255.255.0 duplex auto speed auto no shu ! router ospf 100 log-adjacency-changes network 15.15.15.15 0.0.0.0 area 0 network 171.4.15.15 0.0.0.0 area 0 network 171.15.17.15 0.0.0.0 area 0 network 171.15.16.15 0.0.0.0 area 1 area 1 authentication message-digest ! ip http server no ip http secure-server ip classless ! ! ! ! ! ! ! ! ! ! ! line con 0 line aux 0 line vty 0 4 www.passccielab.com All rights reserved Created by lofrent - 43 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

login ! ! end

R16

Passccielab.com_Rack30R16#SH RUN Building configuration...

Current configuration : 765 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Passccielab.com_Rack30R16 ! ! ip subnet-zero no ip domain-lookup ! ! ! ! interface Loopback0 ip address 16.16.16.16 255.255.255.255 ! interface Ethernet0 no ip address ! interface Serial0 ip address 171.15.16.16 255.255.255.0 encapsulation frame-relay frame-relay lmi-type cisco frame-relay map ip 171.15.16.15 211 broadcast ip ospf network point-to-point ip ospf message-digest-key 1 md5 cisco no sh www.passccielab.com All rights reserved Created by lofrent - 44 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! interface Serial1 no ip address ! interface BRI0 no ip address encapsulation hdlc shutdown ! router ospf 1 log-adjacency-changes network 16.16.16.16 0.0.0.0 area 1 network 171.15.16.16 0.0.0.0 area 1 area 1 authentication message-digest ! ip classless no ip http server ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! end

R17

Passccielab.com_Rack30R17#s run Building configuration... Current configuration : 991 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption www.passccielab.com All rights reserved Created by lofrent - 45 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! hostname Passccielab.com_Rack30R17 ! ! ip subnet-zero no ip domain-lookup ! ! ! ! interface Ethernet0 ip address 171.15.17.17 255.255.255.0 ! interface Serial0 no ip address encapsulation frame-relay frame-relay lmi-type cisco ! interface Serial0.18 point-to-point ip address 171.78.17.17 255.255.255.0 ip ospf message-digest-key 1 md5 cisco frame-relay interface-dlci 315 ! interface Serial0.20 point-to-point ip address 171.207.17.17 255.255.255.0 ip ospf message-digest-key 1 md5 cisco frame-relay interface-dlci 314 ! interface Serial1 no ip address shutdown ! router ospf 1 log-adjacency-changes area 2 authentication message-digest network 171.15.17.17 0.0.0.0 area 0 network 171.78.17.17 0.0.0.0 area 2 network 171.100.100.7 0.0.0.0 area 2 ! ip classless no ip http server ! ! ! www.passccielab.com All rights reserved Created by lofrent - 46 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! end

R18

Passccielab.com_Rack30R18#s run Building configuration...

Current configuration : 1098 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Passccielab.com_Rack30R18 ! ! ip subnet-zero no ip domain-lookup ! ! ! ! interface Loopback0 ip address 18.18.18.18 255.255.255.255 ! interface Ethernet0 ip address 171.18.19.18 255.255.255.0 ip ospf message-digest-key 1 md5 cisco ! interface Serial0 no ip address encapsulation frame-relay no fair-queue frame-relay lmi-type cisco ! www.passccielab.com All rights reserved Created by lofrent - 47 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

interface Serial0.18 point-to-point ip address 171.78.17.18 255.255.255.0 ip ospf message-digest-key 1 md5 cisco frame-relay interface-dlci 513 ! interface Serial0.20 point-to-point ip address 171.208.28.18 255.255.255.0 ip ospf message-digest-key 1 md5 cisco frame-relay interface-dlci 514 ! interface Serial1 no ip address shutdown ! interface BRI0 no ip address encapsulation hdlc shutdown ! router ospf 1 log-adjacency-changes area 2 authentication message-digest network 0.0.0.0 255.255.255.255 area 2 ! ip classless no ip http server ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! end R19

Passccielab.com_Rack30R19#SH RUN Building configuration...

www.passccielab.com All rights reserved

Created by lofrent

- 48 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Current configuration : 655 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Passccielab.com_Rack30R19 ! ! ip subnet-zero no ip domain-lookup ! ! ! ! interface Loopback0 ip address 19.19.19.19 255.255.255.255 ! interface Ethernet0 ip address 171.18.19.19 255.255.255.0 ip ospf message-digest-key 1 md5 cisco no shu ! interface Serial0 no ip address shutdown ! interface Serial1 no ip address shutdown ! interface BRI0 no ip address encapsulation hdlc shutdown ! router ospf 1 log-adjacency-changes network 0.0.0.0 255.255.255.255 area 2 area 2 authentication message-digest ! ip classless no ip http server www.passccielab.com All rights reserved Created by lofrent - 49 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! end

R20

Passccielab.com_Rack30R20#s run Building configuration... Current configuration : 1084 bytes ! version 12.2 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Passccielab.com_Rack30R20 ! ! ip subnet-zero no ip domain-lookup ! ! ! ! interface Loopback0 ip address 20.20.20.20 255.255.255.255 ! interface Ethernet0 ip address 171.20.21.20 255.255.255.0 ip ospf message-digest-key 1 md5 cisco ! interface Serial0 www.passccielab.com All rights reserved Created by lofrent - 50 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

no ip address encapsulation frame-relay frame-relay lmi-type cisco ! interface Serial0.18 point-to-point ip address 171.208.28.20 255.255.255.0 ip ospf message-digest-key 1 md5 cisco frame-relay interface-dlci 415 ! interface Serial0.20 point-to-point ip address 171.207.17.20 255.255.255.0 ip ospf message-digest-key 1 md5 cisco frame-relay interface-dlci 413 ! interface Serial1 no ip address shutdown ! interface BRI0 no ip address encapsulation hdlc shutdown ! router ospf 1 log-adjacency-changes area 2 authentication message-digest network 0.0.0.0 255.255.255.255 area 2 ! ip classless no ip http server ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! end

R21 www.passccielab.com All rights reserved Created by lofrent - 51 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Passccielab.com_Rack30R21#SH RUN Building configuration...

Current configuration : 1150 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Passccielab.com_Rack30R21 ! boot-start-marker boot-end-marker ! ! no aaa new-model ip subnet-zero no ip domain lookup ! ! ! ! ! interface Loopback0 ip address 21.21.21.21 255.255.255.0 ! interface Loopback20 ip address 172.16.2.1 255.255.255.0 secondary ip address 172.16.3.1 255.255.255.0 secondary ip address 172.16.4.1 255.255.255.0 secondary ip address 172.16.5.1 255.255.255.0 secondary ip address 172.16.6.1 255.255.255.0 secondary ip address 172.16.7.1 255.255.255.0 secondary ip address 172.16.8.1 255.255.255.0 secondary ip address 172.16.1.1 255.255.255.0 ! interface Ethernet0 www.passccielab.com All rights reserved Created by lofrent - 52 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

ip address 172.20.20.21 255.255.255.0 ip ospf message-digest-key 1 md5 cisco no sh ! interface Ethernet1 ip address 171.21.25.21 255.255.255.0 no sh ! interface Serial0 no ip address ! interface Serial1 no ip address ! router ospf 1 log-adjacency-changes network 171.20.21.21 0.0.0.0 area 2 area 2 nssa area 2 authentication message-digest redis rip sub area 2 nssa ! router rip version 2 network 172.16.0.0 no auto-summary ! no ip http server ip classless ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! end

R22 www.passccielab.com All rights reserved Created by lofrent - 53 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Passccielab.com_Rack30R22# Building configuration...

SH RUN

Current configuration : 1143 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Passccielab.com_Rack30R22 ! boot-start-marker boot-end-marker ! ! no aaa new-model no network-clock-participate slot 1 no network-clock-participate wic 0 ip cef ! ! ! ! no ip domain lookup ip auth-proxy max-nodata-conns 3 ip admission max-nodata-conns 3 ! ! ! ! ! key chain cisco key 1 key-string cisco ! ! ! ! www.passccielab.com All rights reserved Created by lofrent - 54 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 22.22.22.22 255.255.255.255 ! interface FastEthernet0/0 ip address 171.234.234.2 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 cisco no sh duplex auto speed auto ! interface Serial0/0 ip address 171.3.22.22 255.255.255.0 encapsulation ppp no fair-queue ppp chap hostname cisco ppp chap password cisco

interface FastEthernet0/1 no sh duplex auto speed auto ! ! router eigrp 100 network 22.0.0.0 network 171.3.0.0 www.passccielab.com All rights reserved Created by lofrent - 55 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

network 171.234.0.0 no auto-summary ! ip forward-protocol nd ! ! ip http server no ip http secure-server ! ! ! ! control-plane ! ! ! ! ! ! ! ntp authentication-key 1 md5 cisco ntp authenticate ntp source Loopback0 ntp master ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! ! R23

Passccielab.com_Rack30R23#SH RUN Building configuration... Current configuration : 1057 bytes ! version 12.3 www.passccielab.com All rights reserved Created by lofrent - 56 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Passccielab.com_Rack30R23 ! boot-start-marker boot-end-marker ! no logging console ! no aaa new-model ip subnet-zero no ip domain lookup ! ! key chain cisco key 1 key-string cisco ! ! ! ! interface Loopback0 ip address 23.23.23.23 255.255.255.255 ! interface Ethernet0 ip address 171.234.234.3 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 cisco no shu ! interface Ethernet1 ip address dhcp ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 cisco no shu ! interface Serial0 no ip address shutdown ! interface Serial1 no ip address www.passccielab.com All rights reserved Created by lofrent - 57 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

shutdown ! router eigrp 100 network 23.0.0.0 network 171.200.200.0 0.0.0.255 network 171.234.234.0 0.0.0.255 no auto-summary ! no ip http server ip classless ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! ntp authentication-key 1 md5 ccie ntp authenticate ntp server 22.22.22.22 key 1 ntp trusted-key 1 end

R24

Passccielab.com_Rack30R24>EN Passccielab.com_Rack30R24#SH RUN Building configuration...

Current configuration : 1114 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Passccielab.com_Rack30R24 ! www.passccielab.com All rights reserved Created by lofrent - 58 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

boot-start-marker boot-end-marker ! no logging console ! no aaa new-model ip subnet-zero no ip domain lookup ! ! key chain cisco key 1 key-string cisco ! ! ! ! interface Loopback0 ip address 24.24.24.24 255.255.255.255 ! interface Ethernet0 ip address 171.234.234.4 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 cisco no shu ! interface Ethernet1 ip address dhcp ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 cisco no shu ! interface Serial0 no ip address shutdown ! interface Serial1 no ip address shutdown ! router eigrp 100 network 24.24.24.24 0.0.0.0 network 171.200.200.0 0.0.0.255 network 171.234.234.0 0.0.0.255 www.passccielab.com All rights reserved Created by lofrent - 59 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

no auto-summary ! no ip http server ip classless ! ! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! ntp authentication-key 1 md5 ccie ntp authenticate ntp server 22.22.22.22 key 1 ntp trusted-key 1 end

R25

ack30R25#SH RUN Building configuration...

Current configuration : 897 bytes ! version 12.3 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Passccielab.com_Rack30R25 ! boot-start-marker boot-end-marker ! ! www.passccielab.com All rights reserved Created by lofrent - 60 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

no aaa new-model ip subnet-zero no ip domain lookup ! ip dhcp pool cisco network 171.200.20.0 255.255.255.0 ! key chain cisco key 1 key-string cisco ! ! ! ! interface Loopback0 ip address 25.25.25.25 255.255.255.255 ! interface Ethernet0 ip address 171.200.200.5 255.255.255.0 ip authentication mode eigrp 100 md5 ip authentication key-chain eigrp 100 cisco no shut ! interface Ethernet1 ip address 171.21.25.25 255.255.255.0 no shu ! interface Serial0 no ip address shutdown ! interface Serial1 no ip address shutdown ! router eigrp 100 network 25.25.25.25 0.0.255.255 network 171.21.25.25 0.0.255.255 network 171.200.200.5 0.0.0.255 auto-summary ! no ip http server ip classless ! www.passccielab.com All rights reserved Created by lofrent - 61 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! ! ! line con 0 exec-timeout 0 0 logging synchronous line aux 0 line vty 0 4 login ! end

Sw1

Switch#SH RUN Building configuration... Current configuration: ! version 12.0 no service pad service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Switch ! ! ! ! ! ! vlan ! ip subnet-zero ! ! ! interface FastEthernet0/1 switchport access vlan 234 www.passccielab.com All rights reserved Created by lofrent - 62 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

switchport mode access ! interface FastEthernet0/2 switchport access vlan 234 switchport mode access ! interface FastEthernet0/3 switchport access vlan 234 switchport mode access ! interface FastEthernet0/4 ! interface FastEthernet0/5 ! interface FastEthernet0/6 ! interface FastEthernet0/7 ! interface FastEthernet0/8 ! interface FastEthernet0/9 ! interface FastEthernet0/10 ! interface FastEthernet0/11 ! interface FastEthernet0/12 ! interface VLAN1 no ip directed-broadcast no ip route-cache ! ! line con 0 transport input none stopbits 1 line vty 0 4 login line vty 5 15 login ! end

www.passccielab.com All rights reserved

Created by lofrent

- 63 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

--------------------------------------------------frame-relay

Frame-relay_Switch#s run Building configuration...

Current configuration: ! version 11.2 ! hostname Frame-relay_Switch ! ! frame-relay switching ! interface Ethernet0 no ip address shutdown ! interface Serial0 no ip address encapsulation frame-relay clockrate 64000 frame-relay intf-type dce frame-relay lmi-type cisco frame-relay route 413 interface Serial2 314 frame-relay route 415 interface Serial1 514 ! interface Serial1 no ip address encapsulation frame-relay clockrate 64000 frame-relay intf-type dce frame-relay lmi-type cisco frame-relay route 503 interface Serial2 305 frame-relay route 514 interface Serial0 415 ! interface Serial2 no ip address encapsulation frame-relay clockrate 64000 frame-relay intf-type dce frame-relay lmi-type cisco frame-relay route 314 interface Serial0 413 frame-relay route 305 interface Serial1 503 www.passccielab.com All rights reserved Created by lofrent - 64 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! interface Serial3 no ip address encapsulation frame-relay clockrate 64000 frame-relay intf-type dce frame-relay lmi-type cisco frame-relay lmi-type ansi frame-relay route 112 interface Serial4 211 ! interface Serial4 no ip address encapsulation frame-relay clockrate 64000 frame-relay intf-type dce frame-relay lmi-type cisco frame-relay route 211 interface Serial3 112 ! interface Serial5 no ip address shutdown ! interface Serial6 no ip address shutdown ! interface Serial7 no ip address shutdown ! interface Serial8 no ip address shutdown ! interface Serial9 no ip address shutdown ! interface BRI0 no ip address shutdown ! no ip classless ! www.passccielab.com All rights reserved Created by lofrent - 65 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 login ! end

www.passccielab.com All rights reserved

Created by lofrent

- 66 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Troubleshooting Q&A:
1. R25 can not ping R22 the ip address in DHCP POOL network command and interface ip address mismatch. change the network in DHCP pool,Let them in the same network

2.

R22 is R23 and R24s NTP Server, but r23 and r24 can not get right time from r22. The synchronization between them doesnt work. NTP password mismatch remove ntp password and config it again

3.

R15 can not establish ospf neighborhood with R16. LMI-type mismatch between R15, R16 and Frame-relay switch(one side is cisco and another side is ansi) change R15, R16 lmi-type to the same as frame-relay switch

4.

R18 can not establish ospf neighborhood with R17. In Frame-relay switch the route dlci number is wrong change the dlci number

5.

R20 can not ping the routes in R21 RIP process. OSPF neighorhood have problem, one side config area 2 nssa. also the ip address is wrong remove area 2 nssa and fix the ip address

6.

R9 and R10 want to access R11 go though R8-R7-R11, but now it go though R8-R11, Fix this problem. config PBR for it

7.

The link between R22 and R3 is PPP and this link enable authentication. The link is down now, try to find the problem and fix it. the username between R3 and R22 is wrong change the username

8.

R4 try to use extend ping with size 500bytes and ip precedence5 ping R5, but it doesnt work.

www.passccielab.com All rights reserved

Created by lofrent

- 67 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

On R1,there is rate-limit rate-limit access-group ACL 8000 2000 ZZZZ conform-action transmit exceed-action drop change those volume

9.

R22 and R15 are CEs, they learn the routs though MPLS VPN, but they can not ping vpn routes. R3 and R4 no import router-target; the update-source between R3 and R4 is wrong. config import router-target on the vrf and change the update-source.

10. R7 can not ping R15 R4 and R6 no import router-target config import router-target on R4 and R6

11. R14 can not ping R7 On R12, interface connect to R13 is in area 2, area mismatch. Change it to area 0

www.passccielab.com All rights reserved

Created by lofrent

- 68 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Part 3: CCIE RS LAB

www.passccielab.com All rights reserved

Created by lofrent

- 69 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

www.passccielab.com All rights reserved

Created by lofrent

- 70 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

LAB Physical Topology

www.passccielab.com All rights reserved

Created by lofrent

- 71 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

www.passccielab.com All rights reserved

Created by lofrent

- 72 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

www.passccielab.com All rights reserved

Created by lofrent

- 73 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

VLAN and IP Address -vlan 2 name VLAN_BB2 -vlan 3 name VLAN_BB3 -vlan 11 name VLAN_A -vlan 13 name VLAN_B -vlan 15 name VLAN_BB1 -vlan 22 name VLAN_C -vlan 24 name VLAN_H -vlan 44 name VLAN_F -vlan 45 name VLAN_G -frame-realy: (R1-R2) R1: YY.YY.15.242, R2: YY.YY.15.241 -BB1 is 150.1.YY.254/24 -BB2 is 150.2.YY.254/24 -BB3 is 150.3.YY.254/24 Loopback ip address Host name Rack YY R1 Rack YYR2 Rack YYR3 Rack YYR4 Rack YYR5 Rack YYSW1 Rack YYSW2 Rack YYSW3 Rack YYSW4 Loopback 0 interface IP address YY.YY.1.1/32 YY.YY.2.2/32 YY.YY.3.3/32 YY.YY.4.4/32 YY.YY.5.5/32 YY.YY.7.7/32 YY.YY.8.8/32 YY.YY.9.9/32 YY.YY.1010/32

Unless specified above, all interface else must be 24 bit mask addressing. Pre-configuration in real exam Interface IP F/R MAPING VTP and VLAN On R1 En Config t Line console 0 Logg syn Exec-timeout 0 Line vty 0 4 Pass cisco Hostname Rack YYR1

www.passccielab.com All rights reserved

Created by lofrent

- 74 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Interface loopback 0 Ip address YY.YY.1.1 255.255.255.255 Interface fa0/0 No ip address Shutdown Duplex auto Speed auto

Interface s0/0/0 No ip address Shutdown Clock rate 256000

Interface s0/1/0 Bandwith 128 No ip address Encap ppp Shutdown On R2 En Config t Line console 0 Logg syn Exec-timeout 0 Line vty 0 4 Pass cisco Hostname Rack YYR2

Interface loopback 0 Ip address YY.YY.2.2 255.255.255.255 Interface fa0/0 No ip address Shutdown Duplex auto Speed auto

Interface fa0/1 No ip address Shutdown Duplex auto www.passccielab.com All rights reserved Created by lofrent - 75 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Speed auto

Interface so0/0/0 No ip address Shutdown Clockrate 2000000 On R3 En Configurate T Line console 0 Logg syn Exec-tiemout 0 Line vty 0 4 Pass cisco Hostname RackYYR3 Interface Loopback 0 Ip address YY.YY.3.3 255.255.255.255 Interface fa0/1 Ip address YY.YY.15.193 255.255.255.224 Shutdown Duplex auto Speed auto

Interface s0/0/0 Ip address YY.YY.15.245 255.255.255.252 Clcok rate 512000 Encap ppp Shutdown

On R4 En Config t Line console 0 Logg syn Exec-timeout 0 Line vty 0 4 Pass cisco Hostname Rack YYR4 Interface YY.YY.4.4 255.255.255.255

www.passccielab.com All rights reserved

Created by lofrent

- 76 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Interface fa0/0 Ip address YY.YY.15.65 255.255.255.224 Shutdown Duplex auto Speed auto

Interface fa0/1 Ip address YY.YY.15.33 255.255.255.224 Shutdown Duplex auto Speed auto Interface s0/0/0 Description conn to R1 s0/0/0

Interface s0/1/0 Description conn to R2 s0/0/0

On R5 En Config t Line console 0 Logg syn Exec-timeout 0 Line vty 0 4 Pass cisco

Hostname Rack YYR5 Interface loopback 0 Ip address YY.YY.15.97 255.255.255.224 Shutdown Duplex auto Speed auto Interface s0/0/0 Bandwith 128 Ip address YY.YY.15.250 255.255.255.252 Encap ppp

Interface s0/1/0 Ip address YY.YY.15.246 255.255.255.252 Encap PPP On sw1 www.passccielab.com All rights reserved Created by lofrent - 77 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

En Config t Line console 0 Logg syn Exec-timeout 0 Line vty 0 15 Pass cisco Host RackYYSW1

Vtp mode server Vtp domain CCIERouting and switching Vtp password cisco

Vlan 2 Name vlan_BB2 Vlan 3 Name vlan_BB3 Vlan 11 Name vlan_A Vlan 13 Name vlan_B Vlan 15 Name vlan_BB1 Vlan 22 Name vlan_C Vlan 24 Name vlan_H Vlan 44 Name vlan_F Vlan 45 Name vlan_G Interface loopback 0 Ip address YY.YY.7.7 255.255.255.0

Interface fa0/3 Switchport access vlan 3 Switchport mode access

Interface fa0/4 Swithport access vlan 44 Switchport mode access

www.passccielab.com All rights reserved

Created by lofrent

- 78 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Interface fa0/5 Switchport access vlan 15 Swithport mode access Interface fa0/10 Switchport access vlan 15 Interface range fa0/19-24 Switchport trunk encap dot1q Switchport mode trunk On sw2 En Config t Line console 0 Logg syn Exec-timeout 0 Line vty 0 15 Pass cisco Host RackYYSW2

Vtp mode client Vtp domain CCIERouting and switching Vtp password cisco0

Interface loopback 0 Ip address YY.YY.8.8 255.255.255.0 Interface fa0/1 Switchport access vlan 11 Switchport mode access Interface fa0/3 Swithport access vlan 24 Switchport mode access Interface fa0/5 Switchport access vlan 45 Swithport mode access Interface fa0/10 Switchport access vlan 2 www.passccielab.com All rights reserved Created by lofrent - 79 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Switchport mode access

Interface range fa0/19-24 Switchport trunk encap dot1q Switchport mode trunk On SW3 En Config t Line console 0 Logg syn Exec-timeout 0 Line-vty 0 15 Pass cisco Host Rack YYSW3 Vtp mode client Vtp domain CCIERoutingandSwitching Vtp password cisco Interface loopback 0 Ip address YY.YY.9.9 255.255.255.255 Interface fa0/10 Switchport access vlan 3 Switchport mode access Interface range fa0/19-23 Switchport trunk encapsulation dot1q Switchport mode trunk

Interface fa0/24 Switchport access vlan 44 Switchport mode access

On SW4 En Config Line console 0 Logg syn Exec-timeout 0 Line vty 0 15 Pass cisco www.passccielab.com All rights reserved Created by lofrent - 80 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Hostname RackYYSW4 Vtp domain CCIERoutingandswitching Vtp password cisco

Interface loopback 0 Ip address YY.YY.10.10 255.255.255.255 Interface range fa0/19-23 Switchport trunk encap dot1q Switchport mode trunk Interface fa0/24 Switchport access vlan 44 Swithport mode access

Secession:
Has Pre-configuration on your exam:

Vlan trunking protocol VTP is domain CCIERoutingandswitching+YY For example,the rack number of 3 would have a VTP domain of 802.1q trunk between all fout switches PPP on the serial links between R1 throug R5 and R3 through R5

Section1-lager 2.Technologies
Errors in the initial config l SW1 vtp domain name is ccieroutingandswitchingyy and the others are

ccieroutingandswitching. Solution :change SW1 vtp domain name to ccieroutingandswitching l SW1 VTP password is cisc0 and the others are cisco. Solution :change SW1 vtp password to cisco l On SW2 fastethernet0/10 config switchport backup f0/4, this command will cause interface

www.passccielab.com All rights reserved

Created by lofrent

- 81 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

fasterthernet 0/4 down. Solution :remove it

1.1 Troubleshoot layer 2 switching One-two(or four) faults have been injected into the pre-configurations. These issues may impede a working solution for certain portions of this labs exam and affect any labs exam section. You must verify that all of your configurations work as expected. If something is not working as expected then you must fix the underlying problem Point will be awarded for solving each problem. However, if you fail to solve a particular problem , and the injected fault prevents you from having a working solutions of this lab, then you will lose points for the fault and the lab that is not working

SW1: Vtp domain ccieroutingandswitching Vtp password cisco

SW2: Interface f0/10 No switchport backup f0/4

R1: Interface s0/0 Ip add 5.5.15.249 255.255.255.252

R3: Interface s0/1 Ip add 5.5.15.245 255.255.255.252

R5:

www.passccielab.com All rights reserved

Created by lofrent

- 82 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Interface s0/0 Ip add 5.5.15.250 255.255.255.252

Interface s0/1 Ip add 5.5.15.246 255.255.255.252

1.2 implement the Access switch parts of the switched neework. Vlan port assignments are per the following table

VLAN ID 2 3 11 13 15 22 24 44 45

VLAN NAME VLAN_BB2 VLAN_BB3 VLAN_A VLAN_B VLAN_BB1 VLAN_C VLAN_H VLAN_F VLAN_G

Router I/F or function port SW2 F0/10 R3 G0/0 R1 G0/1 R3 G0/1 R5 FA0/1

R4 F0/1 R4 FA0/0 R5 FA0/1

Configure all of the appropriate nontrunking access switch ports on sw1,sw2 and sw3, according to the following requirements

l l l l l l

Configure the VLANS for the access switch ports show as the vlan tables Include the ports to BB1,BB2 and BB3 Configure trunk between sw2 f0/2 and R2 G0/1 Make sure that the spanning tree enters the forwarding state immediately Only for these access switch ports , by passing the listening and learning states Avoid transmitting bridge protocol date units(BPDUS)on these access switch prots, if a

www.passccielab.com All rights reserved

Created by lofrent

- 83 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

BPDU is received on any of these ports, the ports should transition back to the listening, learning and forward states l Add any special layer 2 commands that are required that are required on the routers including trunk configuration

SW1: Spanning-tree portfast default Spanning-tree portfast bpdufilter default

Interface fa0/3 Switchport access vlan 3 Switchport mode access

Interface fa0/4 Switchport access vlan 44 Switchport mode access

Interface fa0/5 Switchport access vlan 15 Switchport mode access

Interface fa0/10 Switchport access vlan 15 Switchport mode access

Interface vlan 11 Ip address 5.5.15.162 255.255.255.224

Interface vlan 13

www.passccielab.com All rights reserved

Created by lofrent

- 84 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Ip address 5.5.15.194 255.255.255.224

SW2: Spanning-tree portfast default Spanning-tree portfast bpdufilter default

Interface fa0/1 Swichport access vlan 11 Switchport mode access

Interface fa0/2 Switchport trunk encap dot1q Switchport trunk allowed vlan 22,24 Switchport mode trunk

Interface fa0/3 Switchport access vlan 13 Switchport mode access

Interface fa0/4 Switchport access vlan 24 Switchport mode access

Interface fa0/5 Switchport access vlan 45 Switchport mode access

Interface fa0/10 Switchport access vlan 2

www.passccielab.com All rights reserved

Created by lofrent

- 85 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Switchport mode access

Interface vlan 2 Ip address 150.2.5.1 255.255.255.0

Interface vlan 22 Ip address 5.5.15.130 255.255.255.224

SW3: Spanning-tree portfast default Spanning-tree portfast bpdufilter default

Interface fa0/10 Switchport access vlan 3 Switchport mode access

SW4: Spanning-tree portfast default Spanning-tree portfast bpdufilter default

Interface vlan 44 Ip address 5.5.15.66 255.255.255.224

Interface vlan 45 Ip address YY.YY.15.98 255.255.255.224

1.2 Implement frame relay Use the following requirements to configure R1 and R2 for frame relay and R4 as the frame relay switch

www.passccielab.com All rights reserved

Created by lofrent

- 86 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

l l l l

Use ANSL LMH on frame relay switch and auto-sesing on R1 and R2 Dont use any static frame relay maps or inverse address resolutions protocol Use RFC 1490/RFC2427(IETF)encapsulation Use the data-link connection identifier DLCI assignments from the table below

Frame Relay DLCI assignments ROUTER R1 frame-relay interface R2 frame-relay interface DLCI assignments 100 200

R1: Interface Serial0/1 No ip address Encapsulation frame-relay No frame-relay inverse-arp Frame-relay lmi-type ansi ! Interface Serial0/1.12 point-to-point Ip address 5.5.15.242 255.255.255.252 Frame-relay interface-dlci 100 IETF

R2: Interface Serial0/1 No ip address Encapsulation frame-relay No fair-queue No frame-relay inverse-arp Frame-relay lmi-type ansi

www.passccielab.com All rights reserved

Created by lofrent

- 87 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

! Interface Serial0/1.21 point-to-point Ip address 5.5.15.241 255.255.255.252 Frame-relay interface-dlci 200 IETF

R4: Interface Serial0/0 No ip address Encapsulation frame-relay Clockrate 512000 Frame-relay lmi-type ansi Frame-relay intf-type dce Frame-relay route 200 interface Serial0/1 100 ! Interface Serial0/1 No ip address Encapsulation frame-relay Clockrate 512000 Frame-relay lmi-type ansi Frame-relay intf-type dce Frame-relay route 100 interface Serial0/0 200

1.3 Traffic control protection from the backones configure traffic control on the three backone links, protecting your network from a broadcast storm. This protection should begin once broadcast traffic is half(50%) avaible bandwith the port should remain functioning during this time

On SW1SW3 Interface fa0/10

www.passccielab.com All rights reserved

Created by lofrent

- 88 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Storm-control broadcast level 50

Description: Storm control prevents traffic on a LAN from begin disrupted by a broadcast Multicast , or unicast storm on one of the physical interfaces. A vlan storm occurs when packets flood the lab. Creating excessive traffic and degrading network performance Specify the rising threshold level for broadcast, multicast,ro unicast traffic as a percentage(up to two decimal places) of the bandwith. The port blocks traffic when the rising threshold is reached . the range is 0.00 to 100.00 Sw1: Interface fastethernet0/10 Storm-control broadcast level 50.00

Sw2: Interface fastethernet0/10 Storm-control broadcast level 50.00

Sw3: Interface fastethernet0/10 Storm-control broadcast level 50.00

1.4 Trunking manipulations Configure the trunk ports between sw1, sw2, sw3 and sw4 according to the following requirements l l Disable DTP on the six distribution ports for each switch Set the list of allowed vlans that can receive and send traffic on these Interfaces in tagged format, in particular , only allow VLAN 3. 11. 13. 44. 45

SW1/SW2/SW3/SW4:

www.passccielab.com All rights reserved

Created by lofrent

- 89 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Interface fastethernet0/19 Switchport trunk encapsulation dot1q Switchport trunk allowed vlan 3,11,13,44,45 Switchport mode trunk Switchport nonegotiate

Interface fastethernet0/20 Switchport trunk encapsulation dot1q Switchport trunk allowed vlan 3,11,13,44,45 Switchport mode trunk Switchport nonegotiate

Interface fastethernet0/21 Switchport trunk encapsulation dot1q Switchport trunk allowed vlan 3,11,13,44,45 Switchport mode trunk Switchport nonegotiate

Interface fastethernet0/22 Switchport trunk encapsulation dot1q Switchport trunk allowed vlan 3,11,13,44,45 Switchport mode trunk Switchport nonegotiate

Interface fastethernet0/23 Switchport trunk encapsulation dot1q Switchport trunk allowed vlan 3,11,13,44,45 Switchport mode trunk Switchport nonegotiate

www.passccielab.com All rights reserved

Created by lofrent

- 90 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Interface fastethernet0/24 Switchport trunk encapsulation dot1q Switchport trunk allowed vlan 3,11,13,44,45 Switchport mode trunk Switchport nonegotiate

Section II layer 3 technologies


After finishing each of the following questions, make sure that all configured interfaces and subnets are consistently visible on all pertinent routers and switches

Dont redistribute between any interior gateway protocol( IGP) and board gateway protocols BGP You need to ping a bgp route only if it is stated in a question, otherwise the route should be only in the bgp table At the end of section 2. All subnets in your topology, including the loopback interface expected for sw3, must be reachable via ping, Therefore redistribute as you wish unless directly stated in a question. The backone interface must be reachable only if they are part of the solution to a question The loopback interface can be seen as either /24 or /32 in the routing tables unless stated otherwise in a question The loopback interfaces can be added into your IGP either via redistribution or added to a routing process of your choice

2.1 Implement IPV4 OSPF l Configure open shortest path first ( OSPF)

www.passccielab.com All rights reserved

Created by lofrent

- 91 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Updates should be advertised only out of the interfaces that are indicated in the IGP topology diagram

l l l

Dont manually change the router ID Dont create additional ospf areas Configure ospf area 2 such that there are no TYPE5 Advertisements (LSA) in the area, R1 should generate a default route.

Configure OSPF over frame relay between R1 and R2 choosing a network type that requires designate router(DR) and backup designate router(BDR) negotiations and has the fatest recover times

Note

Network type Point-to-point Point-to-multipoint broadcast NBMA

Hello/dead 10/40 30/120 10/40 30/120

DR X X O O

R1: Interface Serial0/0.12 point-to-point Ip ospf network broadcast Ip ospf dead-interval minimal hello-multiplier 20

Router ospf 5 Area 2 nssa default-information-originate Network 5.5.1.1 0.0.0.0 area 0 Network 5.5.15.161 0.0.0.0 area 0 Network 5.5.15.242 0.0.0.0 area 2

www.passccielab.com All rights reserved

Created by lofrent

- 92 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

R3: Router ospf 5 Network 5.5.3.3 0.0.0.0 area 0 Network 5.5.15.193 0.0.0.0 area 0

SW1: Router ospf 5 Network 5.5.7.7 0.0.0.0 area 0 Network 5.5.15.162 0.0.0.0 area 0 Network 5.5.15.194 0.0.0.0 area 0

R2: Interface Serial0/0.21 point-to-point Ip ospf network broadcast Ip ospf dead-interval minimal hello-multiplier 20

Router ospf 5 Area 2 nssa Network 5.5.2.2 0.0.0.0 area 2 Network 5.5.15.129 0.0.0.0 area 2 Network 5.5.15.241 0.0.0.0 area 2

SW2: Router ospf 5 Area 2 nssa Network 5.5.8.8 0.0.0.0 area 2 Network 5.5.15.130 0.0.0.0 area 2

www.passccielab.com All rights reserved

Created by lofrent

- 93 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

2.2 Implement IPV4 EIGRP l Configure enchanced interior gateway routing protocol(EIGRP)100 and EIGRP YY per the IGP topology diagram l l Eigrp updates should be advertise only out to the interface per the IGP topology diagram On R1 , redistribute between ospf and eigrp YY. However all of the routes that are indicated below from backone3 (EIGRP100)should not be redistributed between both protocols l Use route maps to accomplish this requirement. All route maps should utilize the same access lists

150.3.YY.0/24 198.198.1.0/30 198.198.4.0/24 198.198.21.0/24 198.198.22.0/24

l l

On R3, redistrubte from EIGRP 100 into OSPF On R3, redistribute from EIGRP 100 into eigrp YY.however three networks 198.2.1.0 198.2.5.0 should be aggregated into a single address with the most specific mask possible

R1: Router eigrp 5 Redistribute ospf 5 metric 10000 100 255 1 1500 route-map filter Network 5.5.15.249 0.0.0.0 No auto-summary

Access-list 10 permit 4.1.1.0 Access-list 10 permit 128.28.2.0 Access-list 10 permit 198.1.1.4 Access-list 10 permit 198.2.1.0

www.passccielab.com All rights reserved

Created by lofrent

- 94 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Access-list 10 permit 198.2.3.0 Access-list 10 permit 198.2.5.0

Route-map filter deny 10 Match ip address 10 Route-map filter permit 20

Router ospf 5 Redistribute eigrp 5 subnets route-map filter

R3: Interface s0/1 Ip summary-address eigrp 5 198.2.0.0 255.255.248.0

Router eigrp 100 Network 150.3.5.1 0.0.0.0 No auto-summary

Router eigrp 5 Redistribute ospf 5 metric 10000 100 255 1 1500 Redistribute eigrp 100 Network 5.5.15.245 0.0.0.0 No auto-summary

Router ospf 5 Redistribute eigrp 100 subnets Redistribute eigrp 5 subnets

R5:

www.passccielab.com All rights reserved

Created by lofrent

- 95 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Router eigrp 5 Network 5.5.5.5 0.0.0.0 Network 5.5.15.97 0.0.0.0 Network 5.5.15.246 0.0.0.0 Network 5.5.15.250 0.0.0.0 No auto-summary

SW4: Router eigrp 5 Network 5.5.10.10 0.0.0.0 Network 5.5.15.98 0.0.0.0 No auto-summary

2.3 Implement RIP Version 2 l l l l l Configure RIP version 2 (RIP V2) per the IGP topology diagram RIP updates should be advertise only out the interface per the IGP topology diagram All rip updates should be unicast All rip updates must be able to receive and process RIPV1 packets Configure RIP and EIGRP on sw4, and mutually resditribute between RIP and ospf on R2,eigrp learned routes should be preferred over OSPF routes

R2: Interface Ethernet1/0.24 Ip rip receive version 1 2 Ip rip send version 1 2

Router ospf 5 Redistribute rip subnets

www.passccielab.com All rights reserved

Created by lofrent

- 96 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Router rip Version 2 Redistribute ospf 5 metric 5 route-map denydefault Passive-interface default Network 5.0.0.0 Neighbor 5.5.15.33 No auto-summary

Ip prefix-list default permit 0.0.0.0/0

Route-map denydefault deny 10 Match ip address prefix default Route-map denydefault permit 20

R4: Interface Ethernet0/0 Ip rip receive version 1 2 Ip rip send version 1 2

Interface Ethernet0/1 Ip rip receive version 1 2 Ip rip send version 1 2

Router rip Version 2 Passive-interface default Network 5.0.0.0 Neighbor 5.5.15.66 Neighbor 5.5.15.34

www.passccielab.com All rights reserved

Created by lofrent

- 97 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

No auto-summary

SW4: Router eigrp 5 Distance eigrp 90 115 Redistribute rip metric 1000 100 255 1 1500

Router rip Version 2 Redistribute eigrp 5 metric 1 Passive-interface default Network 5.0.0.0 Neighbor 5.5.15.65 No auto-summary

Interface Vlan44 Ip rip receive version 1 2 Ip rip send version 1 2

2.4 Implement IPV6 l Internte protocol version 6 ( IPV6) to configure IPV6 unique local unicast address using the eui-64 interface identifier R4 G0/1 and R2 G0/1.Z (VLAN 24) R2 S0/0.Z and R1 S0/0.Z FC01:DB8:74:9::/64 eui-64

FC01:DB8:74:A::/64 eui-64

R1 G0/1 and SW1 Svi 11 FC01:DB8:74:B::/64 eui-64 l l Configure ospfv3 per the IPV6 topology Ensure that R4 can ping sw1 using IPV6

R1:

www.passccielab.com All rights reserved

Created by lofrent

- 98 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Ipv6 unicast-routing

Ipv6 router ospf 10 Router-id 5.5.1.1

Interface Ethernet0/1 Ipv6 address FC01:DB8:74:B::/64 eui-64 Ipv6 ospf 10 area 1

Interface serial0/0.12 Ipv6 address FC01:DB8:74:A::/64 eui-64 Ipv6 ospf 10 area 1

R2: Ipv6 unicast-routing

Ipv6 router ospf 10 Router-id 5.5.2.2

Interface Ethernet 1/0.24 Ipv6 address FC01:DB8:74:9::/64 eui-64 Ipv6 ospf 10 area 0

Interface serial0/0.21 Ipv6 address FC01:DB8:74:A::/64 eui-64 Ipv6 ospf 10 area 1

R4: Ipv6 unicast-routing

www.passccielab.com All rights reserved

Created by lofrent

- 99 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Ipv6 router ospf 10 Router-id 5.5.4.4

Interface Ethernet0/1 Ipv6 address FC01:DB8:74:9::/64 eui-64 Ipv6 ospf 10 area 0

SW1: Sdm prefer dual-ipv4-and-ipv6 default Ipv6 unicast-routing

Ipv6 router ospf 10 Router-id 5.5.6.6

Interface Ethernet0/1 Ipv6 address FC01:DB8:74:B::/64 eui-64 Ipv6 ospf 10 area 1

2.5 Implement IPV4 BGP Referring the BGP routing diagram . Configure BGP with these parameters l l l Configure two bgp confederations R1, R3, R5 and sw4 (ASYY1) and R2 and SW2 (ASYY2) The confederation peers should neighbor between R1 and R2 and between SW4 and R2 EBGP: SW2 EBGP peers with the router 150.2.YY.254 on backone 2 in AS 254. This router advertise five routes with format 197.68.z.0/24 and the AS path 254 l EBGP: R5 EBGP peers with the route 150.1.YY.254 on backone 1 in as 254, this router advertise five routers with the format 197.68.z.0/24 and the as path 254 253 l The bgp devices should all prefer the path through R5 (150.1.yy.254) for network 197.68.21.0/24 and 197.68.22.0/24 The internal board gateway protocol (IBGP) devices should

www.passccielab.com All rights reserved

Created by lofrent

- 100 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

all prefer the path through sw2 (150.2.yy.254) for network 197.68.1.0/24 197.68.4.0/24 and 197.68.5.0/24 this manipulation should be accomplished only on one router using route maps that refer to a single access list l l Configure only the loopback 0 ip address to propagate BGP route information BGP routes should be advertised to AS 254

R1: Router bgp 52 No synchronization Bgp router-id 5.5.1.1 Bgp log-neighbor-changes Bgp confederation identifier 5 Bgp confederation peers 51 Neighbor 5.5.2.2 remote-as 51 Neighbor 5.5.2.2 ebgp-multihop 255 Neighbor 5.5.2.2 update-source Loopback0 Neighbor 5.5.5.5 remote-as 52 Neighbor 5.5.5.5 update-source Loopback0 No auto-summary

R2: Router bgp 51 No synchronization Bgp router-id 5.5.2.2 Bgp log-neighbor-changes Bgp confederation identifier 5 Bgp confederation peers 52 Neighbor 5.5.1.1 remote-as 52 Neighbor 5.5.1.1 ebgp-multihop 255

www.passccielab.com All rights reserved

Created by lofrent

- 101 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Neighbor 5.5.1.1 update-source Loopback0 Neighbor 5.5.7.7 remote-as 51 Neighbor 5.5.7.7 update-source Loopback0 Neighbor 5.5.9.9 remote-as 52 Neighbor 5.5.9.9 ebgp-multihop 255 Neighbor 5.5.9.9 update-source Loopback0 No auto-summary

R3: Router bgp 52 No synchronization Bgp router-id 5.5.3.3 Bgp log-neighbor-changes Bgp confederation identifier 5 Neighbor 5.5.5.5 remote-as 52 Neighbor 5.5.5.5 update-source Loopback0 No auto-summary

R5: Router bgp 52 No synchronization Bgp router-id 5.5.5.5 Bgp log-neighbor-changes Bgp confederation identifier 5 Neighbor as52 peer-group Neighbor as52 remote-as 52 Neighbor as52 update-source Loopback0 Neighbor as52 route-reflector-client Neighbor as52 next-hop-self

www.passccielab.com All rights reserved

Created by lofrent

- 102 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Neighbor 5.5.1.1 peer-group as52 Neighbor 5.5.3.3 peer-group as52 Neighbor 5.5.9.9 peer-group as52 Neighbor 150.1.5.254 remote-as 254 Neighbor 150.1.5.254 route-map loc in No auto-summary

Access-list 5 permit 197.68.21.0 0.0.0.255 Access-list 5 permit 197.68.22.0 0.0.0.255

Route-map loc permit 10 Match ip address 5 Set local-preference 110 Route-map loc permit 20 Set local-preference 90

SW2: Router bgp 51 No synchronization Bgp router-id 5.5.7.7 Bgp log-neighbor-changes Bgp confederation identifier 5 Neighbor 5.5.2.2 remote-as 51 Neighbor 5.5.2.2 update-source Loopback0 Neighbor 5.5.2.2 next-hop-self Neighbor 150.2.5.254 remote-as 254 No auto-summary

SW4:

www.passccielab.com All rights reserved

Created by lofrent

- 103 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Router bgp 52 No synchronization Bgp router-id 5.5.9.9 Bgp log-neighbor-changes Bgp confederation identifier 5 Bgp confederation peers 51 Neighbor 5.5.2.2 remote-as 51 Neighbor 5.5.2.2 ebgp-multihop 255 Neighbor 5.5.2.2 update-source Loopback0 Neighbor 5.5.5.5 remote-as 52 Neighbor 5.5.5.5 update-source Loopback0 No auto-summary

SETION III IP multicast


3.1 implement PIM spares mode for IPV6 multicast Enable pim sparse mode ( pim-sm) on the lan between R4-fa0/1 and R2-Gi0/1, R1 G0/1 and SW1 Svi, and on the WAN link between R2 and R1, Using these criteria l Configure R4-fa0/1 to be the redezvous point (RP) for the FF08::4000:4000 multicast group no other groups should be permited

R1: Ipv6 cef Ipv6 multicast-routing

Ipv6 pim rp-address R4G0/1_IPV6_address multicast

Ipv6 access-list multicast

www.passccielab.com All rights reserved

Created by lofrent

- 104 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Permit ipv6 host FF08::4000:4000 any

R2: Ipv6 cef Ipv6 multicast-routing

Ipv6 pim rp-address R4G0/1_IPV6_address multicast

Ipv6 access-list multicast Permit ipv6 host FF08::4000:4000 any

R4: Ipv6 cef Ipv6 multicast-routing

Ipv6 pim rp-address R4G0/1_IPV6_address multicast

Ipv6 access-list multicast Permit ipv6 host FF08::4000:4000 any

SW1: Ipv6 cef Ipv6 multicast-routing

Ipv6 pim rp-address R4G0/1_IPV6_address multicast

Ipv6 access-list multicast Permit ipv6 host FF08::4000:4000 any

www.passccielab.com All rights reserved

Created by lofrent

- 105 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

3.2 multicast joins l l Configure R2 s0/0/0.Z as an ipv6 receiver for the multicast group FF08::4000:4000 R2 should be able to ping the multicast group FF08::4000:4000

R2: Interface s0/0/0.Z Ipv6 mld join-group FF08::4000:4000

4.1 secure HTTP access Enable secure HTTP access for R5. Enable authentication using the list "HTTP" which utilizes local user authentication. Configure two different users for access to R5; the user cisco(password'cisco'), who only has privilege 1 access to R5; and the user

ADMIN(password'cisco')who has privilege 15 access to R5.

R5: Aaa new-model Aaa authentication login HTTP local Aaa authorization exec HTTP local

Username cisco privilege 1 password cisco Username ADMIN privilege 15 password CISCO

Ip http secure-server Ip http authentication aaa login-authentication HTTP Ip http authentication aaa exec-authorization HTTP

4.2 secure the WAN PPP LINKS Configure challenge handshake atuthentication protocol(CHAP)on R5 for the link to R1 and R3,

www.passccielab.com All rights reserved

Created by lofrent

- 106 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

according to the following requirements l An authentication, authorization, and according (AAA) list named R1 and R3 for R1 and R3 respectively l Authentication for R1 should first try the radius server 198.2.3.128 using a key of cisco and fall back to local login in the event of a failure to connect to the radius server l l R1 should present itself to R5 as RACKYYR1 with a shared password cisco, Authentication for R3 should first try the TACAS server 198.2.3.129 using a key of cisco and fall back to local login in the event of a failure to connect to the TACAS server l R3 should present itself to R5 as BACKUP with a shared password of CISCO

R5: Aaa new-model Aaa authentication ppp R1 group radius local Aaa authentication ppp R3 group tacacs+ local Username rackyyr1 password cisco Username BACKUP password CISCO Radius-server host 198.2.5.128 key cisco Tacacs-server host 198.2.5.129 key cisco

Interface s0/0 Ppp authentication chap R1

Interface s0/1 Ppp authentication chap R3

R1: Aaa new-model Aaa authentication ppp R1 group radius local Radius-server host 198.2.5.128 key cisco

www.passccielab.com All rights reserved

Created by lofrent

- 107 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Interface s0/0 Ppp chap hostname rackyyr1 Ppp chap password cisco

R3: Aaa new-model Aaa authentication ppp R1 group tacacs+local Tacacs-server host 198.2.5.129 key cisco

Interface s0/1 Ppp chap hostname BACKUP Ppp chap password CISCO

4.3 MQC-Based frame-relay traffic shaping On R2, Configure parent class-default commited information rate(CIR) as 64kb, when no backward explicit congestion notification(BECNS) are present and 32kb when BECNS are present

Differenatiate between voice packets which should receive a guaranteed bandwith of 40 percent and data which should receive a guarantedd bandwith of 35 percent

Voice packets are marked as expedited forwarding (EF)

Class 1 or 2(AF11 OR AF21) Enable class-based weighted fair queuing (CBWFQ) for child class-default

R2: Class-map match-all DATA Match ip dscp af11 af21

www.passccielab.com All rights reserved

Created by lofrent

- 108 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Class-map match-all VOICE Match ip dscp ef

Policy-map CBWFQ Class VOICE Priority percent 40 Class DATA Bandwidth percent 35

Policy-map MQC Class class-default Shape average 64000 Shape adaptive 32000 Service-policy CBWFQ

Map-class frame-relay FR Service-policy output MQC

Int ser0/0.21 Frame-relay interface-dlci 200 Class FR

4.4 autoqos over PPP To 4.3 continue to address voip quality of service (QOS) by configuring cisco autoqos over PPP link between R1 and R5

R1: Interface s0/0 Auto qos voip trust

www.passccielab.com All rights reserved

Created by lofrent

- 109 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

R5: Interface s0/0 Auto qos voip trust

4.5 First Hop Redundancy To facilitate load balancing and backup for hosts off of VLAN_H, configure GLBP on VLAN_H, Use any group number. R4 should have the higher priority with the ability for R2 to assume control if the priority of R4 decreases. Use MD5 authentication to protect the GLBP group. Use the key-string 'cisco'. Configure the IP yy.yy.35.35 as your GLBP virtual address.

R2: Interface Ethernet0/1.24 Glbp 1 ip YY.YY.15.35 Glbp 1 preempt Glbp 1 authentication md5 key-string cisco

R4: Interface Ethernet0/1 Glbp 1 ip YY.YY.15.35 Glbp 1 priority 105 Glbp 1 preempt Glbp 1 authentication md5 key-string cisco

4.6 polled and broadcast NTP Enable network time protocol (NTP) on R2,R3 and R4 according to the following requirement l l l R2 should act as an NTP server to R3 R4 should provide broadcast NTP updates only to VLAN_H The hardware clocks on R2,R3 and R4 should be updated by the sofeware clock

www.passccielab.com All rights reserved

Created by lofrent

- 110 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

l l

R4 should use loopback 0 as the source address Absent an external time server, R4 should use its own system clock to synchronize R2 and R3

l l

Set the clock on R4 as 8:00 am (08:00),January 1 2000 Ultimately, the clocks on R2,R3 and R4 should be in synchronized

R4: Clock set 8:00:00 1 jan 2000 Ntp master 2 Ntp update-calendar

Interface e0/1 Ntp broadcast

R2: Ntp server 5.5.4.4 Ntp server 5.5.4.4 source loopback 0 Ntp update-calendar

Interface e0/1.24 Ntp broadcast client

R3: Ntp server 5.5.4.4 Ntp server 5.5.4.4 source loopback 0 Ntp update-calendar

4.7 DHCP server Configure R1 as DHCP server with the following requirement

www.passccielab.com All rights reserved

Created by lofrent

- 111 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

l l l l l

Hosts off VLANS C,H,A and B should be able to assigned address from R1 using DHCP Address off of the subnets for VLAN_C,H,Aand B should be aviable to R1 for distribution All other YY.YY.15.Z subnet ranges should not be avaible to R1 for use. Use the loopback 0 address of R1 for all connections Configure the domain name as passccielab.com, the DNS server as YY.YY.15.163, and the NETBIO server as YY.YY.15.164. These options must be configured only one time

l l

Each address lease should be valid for only one day Each DHCP client should be provided a default router address of a locally connected router

R1: Ip forward-protocol udp bootpc

Ip dhcp excluded-address 5.5.15.161 5.5.15.162 Ip dhcp excluded-address 5.5.15.193 5.5.15.194 Ip dhcp excluded-address 5.5.15.129 5.5.15.130 Ip dhcp excluded-address 5.5.15.33 5.5.15.35

Ip dhcp pool VLAN_A Network 5.5.15.160 255.255.255.224 Domain-name passccielab.com Dns-server 198.2.3.163 Netbios-name-server 198.2.3.165 Default-router 5.5.15.161 Lease 1

Ip dhcp pool VLAN_B Network 5.5.15.192 255.255.255.224 Domain-name passccielab.com Dns-server 198.2.3.163

www.passccielab.com All rights reserved

Created by lofrent

- 112 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Netbios-name-server 198.2.3.165 Default-router 5.5.15.193 Lease 1

Ip dhcp pool VLAN_C Network 5.5.15.128 255.255.255.224 Domain-name passccielab.com Dns-server 198.2.3.163 Netbios-name-server 198.2.3.165 Default-router 5.5.15.129 Lease 1

Ip dhcp pool VLAN_H Network 5.5.15.32 255.255.255.224 Domain-name passccielab.com Dns-server 198.2.3.163 Netbios-name-server 198.2.3.165 Lease 1

R2: Ip forward-protocol udp bootpc

Interface e0/1.24 Ip helper-address 1.1.1.1 Interface e0/1.22 Ip helper-address 1.1.1.1

R4: Ip forward-protocol udp bootpc

www.passccielab.com All rights reserved

Created by lofrent

- 113 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

Interface e0/1 Ip helper-address 1.1.1.1

SW2: Ip forward-protocol udp bootpc

Interface vlan 22 Ip helper-address 1.1.1.1

R3: Ip forward-protocol udp bootpc

Interface e0/1 Ip helper-address 1.1.1.1

SW1: Ip forward-protocol udp bootpc

Interface vlan 11 Ip helper-address 1.1.1.1

Interface vlan 13 Ip helper-address 1.1.1.1

Section V. Optimize the network


5.1 Netflow data export Configure netflow on R4 to according to the following requirement www.passccielab.com All rights reserved Created by lofrent - 114 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

source should be VLAN_H Export all data to 198.2.5.10 Use UDP port 9991 for exporting Use netflow version 9 only

R2: Ip flow-export source e0/1.24 Ip flow-export destination 198.2.5.10 9991 Ip flow-export version 9

5.2 Embedded event manager monitor of cpu Configure three different event manager applets on R3 acconding to the following requirements: l If the 5 min CPU value(cpmcputotal5minrev) goes above 60 percent, the first 10 lines of the show processes cpu command output should be emailed to engineer@passccielab.com from EEM@passccielab.com with a subject of "cpualert5min" using the mail server 198.2.5.10 Polling should be every 60 seconds

R3: Event manager applet CPU Event snmp oid "xxx" get-type exact entry-op ge entry-val "60" poll-interval 60000 Action 1.0 cli command enable Action 2.0 cli command "show process cpu | include ^___[1-9]|^__10" Action 3.0 mail server 198.2.5.10 to engineer@passccielab.com from EEM@passccielab.com subject cpualert5min body $_cli_result

5.3 TFTP SERVER Configure R3 as a TFTP server with the following requirements l l l R4 should be able to copy the file TEST from the flash memory of R3 No other files should be aviable from R3 No other devices should be able to copy the files TEST from R3

Note: You do not need to create the TEST file on R3 or attempt to make a actual copy www.passccielab.com All rights reserved Created by lofrent - 115 -

www.CareerCert.info
CCIE LAB Routing & Switching (V4.0)

R3: Access-list 4 permit YY.YY.4.4 Access-list 4 permit YY.YY.15.65 Access-list 4 permit YY.YY.15.33 Tftp-server flash:TEST 4

www.passccielab.com All rights reserved

Created by lofrent

- 116 -