Question 1 create a MP-BGP session between two PE routers that will be used to support the RED VPN

Answer: Command 1: router bgp 65001 Command 2: neighbor 172.16.1.2 remote-as 65001 Command 3: neighbor 172.16.1.2 update-source loopback 0 Command 4: address-family vpnv4 Command 5: neighbor 172.16.1.2 activate Question 2 configure EBGP as the CE to PE routing protocol for VPN RED on a PE router.

Answer: Command 1: router bgp 65001 Command 2: address-family ipv4 vrf RED Command 3: neighbor 172.16.1.2 remote-as 65002 Question 3 redistribute the RED VPN routes from the EIGRP vrf into the BGP vrf

Answer: Command 1: router bgp 65001 Command 2: address-family ipv4 vrf RED Command 3: redistribute eigrp 101 Question 4 Drag the BGP MED function on the left to the command that enables it on the right. Not all apply

Answer: bgp deterministic med: Enforce the comparison of MED between all paths received from the same autonomous system bgp always-compare-med: Allow the comparison of MED for paths from neighbors in different autonomous systems bgp bestpath med-confed: Enable MED comparison among paths learned from confederation peers Question 5 CE1A and CE2A belong to the Customer_A VPN. Select the correct command for the PE1 router to establish static routing from PE1 to the CE1A 192.168.1.0/24 network by selecting them from the dropdown menus below. Some of the commands must be entered in the correct order. Also enable propagation of the static route into MP-iBGP. Assume the MP-iBGP session between PE1 and PE2 have been configured already.

Answer: 1. ip route vrf Customer_A 192.168.1.0 255.255.255.0 10.1.1.2 Serial0/0 2. router BGP 50111 3. address-family ipv4 vrf Customer_A 4. redistribute static

BGP Prefix-Based Filtering Lab Sim

April 1st, 2011 in Lab Sim Go to comments

Question After the network administrator modified the configuration on the WGR1 router, the WGR1 router is not able to receive any prefixes from AS22. The network administrator original intent was to only filter out a particular prefix from AS22. Fix the configuration on the WGR1 router to solve the problem. You have correctly solved the problem once the WGR1 router is able to receive 23 prefixes from AS22. Enable secret password is cisco

First check the configuration of this router with the show running-config WGR1# show running-config We should also check the ip prefix-list configuration with the show ip prefix-list as well: Currently we are not sure what you will see when typing these two show commands but we guess it can be something like this: WGR1# show ip prefix-list ip prefix-list 1: 1 entries seq 5 deny 10.0.0.0/8

(Note: 10.0.0.0/8 is just an example)

The problem here is that there is always an implicit deny all entry at the end of each prefix-list. If the packet doesnt match any entry of the prefix-list, it will match the implicit deny all and the packet will be filtered out. Therefore we have to permit all packets with the command: WGR1#configure terminal WGR1(config)#ip prefix-list 1 seq 10 permit 0.0.0.0/0 le 32 WGR1(config)#exit The /0 part says check 0 bit of 0.0.0.0; meaning that I dont care what any of the bits are. The le 32 part says that the subnet mask can be 32 bits or less (down to the number of bits we are checking) -> down to 0. So we arent going to check any bits and the network can have a subnet mask of anything between 0 and 32 bits. This would be any. Force BGP to clear its table and reset all BGP sessions: WGR1#clear ip bgp * Display the status of all BGP connections WGR1#show ip bgp summary WGR1#copy running-config startup-config

--------------------------------------------------------------------------

MPLS TDP Neighbor Lab Sim

April 2nd, 2011 in Lab Sim Go to comments

Question R1 and R2 are not able to establish MPLS TDP neighbor relationship between them. Use various show commands to troubleshoot the problem then use the proper configuration command(s) to solve the MPLS TDP issue. Once R1 and R2 can see each other as MPLS TDP neighbor, then you have successfully completed the simulation. Privileged mode password: mpls

Answer and Explanation Before reading the answer and explanation, you can try solving this question yourself by download the initial configuration and running it with GNS 3 here: Download MPLS Lab Sim Initial Configuration GNS3 file (Notice that the only difference of this file and the real exam is it doesnt have privileged mode password and the interfaces between 2 routers are S1/0, not S0/0 and S0/1. The IOS used is c3660jk9o3s-mz.124-17.bin. Also, you must change the image and config paths of the net file to make it work well ) Use the show mpls ldp neighbor or show tag-switching tdp neighbor command on both routers to see their neighbor relationship. R1 (and R2)# show mpls ldp neighbor We notice that the outputs show nothing, meaning that the TDP neighbor between two routers has not been established. (Note: We can use the show mpls ldp neighbor to view the TDP neighbors because this command displays the state of both TDP and LDP neighbors. If not, you can use the show tag-switching tdp neighbor command instead) Now use the show running-config command on both routers and notice in the RIP section R1 (and R2)#show running-config

The problem here is when a loopback interface is configured on the router, it will automatically become the TDP-id of that router (same as the router-id) but we didnt declare this network in the RIP configuration -> MPLS TDP neighbor failed. You can also check to see which interface is used as the TDP-id by the show mpls ldp discovery (notice the command is ldp, not tdp) R1# show mpls ldp discovery

To fix this, we have to declare the routers loopback network in the RIP configuration R1#configure terminal R1(config)#router rip R1(config-router)#network 1.0.0.0 R1(config-router)#end R2#configure terminal R2(config)#router rip R2(config-router)#network 2.0.0.0 R2(config-router)#end Now if we use the show mpls ldp neighbor again we can see the neighbor relationship has been established. R1# show mpls ldp neighbor