Lab Manual For CCNP

CISCO CERTIFIED NETWORK PROFESSIONAL
LAB MANUAL
ROUTING
Module 1 – EIGRP
EIGRP LABS INDEX
1. CONFIGURING BASIC EIGRP
2. CONFIGURING IP DEFAULT-NETWORK COMMAND
3. CONFIGURE ROUTE SUMMARIZATION
4. LOAD BALANCING ACROSS EQUAL COST PATH
5. LOAD BALANCING ACROSS UNEQUAL COST PATH
6. CONFIGURE EIGRP AUTHENTICATION (MD5)
7. CONFIGURE EIGRP STUB
8. EIGRP REDISTRIBUTION WITH RIPv2
9. EIGRP REDISTRIBUTION WITH OSPF
10. CONFIGURE EIGRP WITH REDISTRIBUTE CONNECTED.
11. CONFIGURE EIGRP AND IGRP

Lab 1 – Basic EIGRP Configuration
R1 R2
E0 S 0/2/0 S0 E0
Interface IP Address Configuration
R1
Interface IP Address Subnet Mask

S 0/2/0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
E0 20.1.1.1 255.0.0.0
Lab Objective:
Task 1
Configure EIGRP on 2 routers in AS 100. Disable Auto-summary.
R1 R2
Router eigrp 100 Router eigrp 100

Network 1.0.0.0 Network 1.0.0.0
No auto-summary No auto-summary
Verification :
R1#show ip route
C 1.0.0.0/8 is directly connected, Serial0/2/0

D 20.0.0.0/8 [90/2195456] via 1.1.1.2, 00:43:52, Serial0/2/0
C 10.0.0.0/8 is directly connected, FastEthernet0/0
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 100

H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 1.1.1.2 Se0/2/0 13 00:45:08 355 2130 0 106
Lab 9 Lab 2 –Triggered
– IP RIP Configuring ip default-network
Command
R1 R2
R3
E0 S0 S1 S0
S0/2
E0
E0
R1

S1 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S1 1.1.1.2 255.0.0.0
S0 2.2.2.1 255.0.0.0
E0 30.1.1.1 255.0.0.0
R3

S 0/2 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Lab Objective:
Task 1
Configure EIGRP according to the above scenario. Configure R1 ( S0, E0 ), R2 ( S1, S0,
E0 ) in EIGRP AS 100 and R3 ( S0/2 ) in EIGRP AS 200. Do not advertise network
30.0.0.0 in EIGRP process. R1 wants to send packets to network 30.0.0.0. Use the Ip
default-network command to accomplish this task. Also disable auto-summary.
R1 R2

No auto-summary Network 2.0.0.0
No auto-summary
Ip route 30.0.0.0 255.0.0.0 2.2.2.2

Ip default-network 2.0.0.0
R3
Router eigrp 100

Network 2.0.0.0
No auto-summary.
Verification :
R1#show ip route
Gateway of last resort is 1.1.1.2 to network 2.0.0.0

D* 2.0.0.0/8 [90/2681856] via 1.1.1.2, 00:00:14, Serial0/2/0
D 20.0.0.0/8 [90/2195456] via 1.1.1.2, 00:04:43, Serial0/2/0
The output displays network 2.0.0.0 as a D* route in the routing table as this is candidate
default-route established in R1 to reach network 30.0.0.0.
Note: When we ping from R1 to 30.1.1.1 network
R1 # ping 30.1.1.1
Result: 100% success
Lab 3 – Route Summarization with EIGRP
R1 R2
R3
E0 S0/2/0 S1 S0 Loopback 1-8
S0/2
E0 E0
R1

S 0/2/0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S1 1.1.1.2 255.0.0.0
S0 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S 0/2 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Loopback 1 172.168.0.1 255.255.255.0
Loopback 2 172.168.1.1 255.255.255.0
Loopback 3 172.168.2.1 255.255.255.0
Loopback 4 172.168.3.1 255.255.255.0
Loopback 5 172.168.4.1 255.255.255.0
Loopback 6 172.168.5.1 255.255.255.0
Loopback 7 172.168.6.1 255.255.255.0
Loopback 8 172.168.7.1 255.255.255.0
Lab Objective:
Task 1
Configure the following Loopback Interfaces on R3 and advertise them under EIGRP:
Loopback 1: 172.168.0.1/24
Loopback 2: 172.168.1.1/24
Loopback 3: 172.168.2.1/24
Loopback 4: 172.168.3.1/24
Loopback 5: 172.168.4.1/24
Loopback 6: 172.168.5.1/24
Loopback 7: 172.168.6.1/24
Loopback 8: 172.168.7.1/24
R3
Interface loopback 1
Ip address 172.168.0.1 255.255.255.0
Ip address 172.168.1.1 255.255.255.0
Ip address 172.168.2.1 255.255.255.0
Ip address 172.168.3.1 255.255.255.0
Ip address 172.168.4.1 255.255.255.0
Ip address 172.168.5.1 255.255.255.0
Ip address 172.168.6.1 255.255.255.0
Ip address 172.168.7.1 255.255.255.0
Router eigrp 100

Network 2.0.0.0
Network30.0.0.0
Network 172.168.1.0 0.0.0.255
Network 172.168.2.0 0.0.0.255
Network 172.168.3.0 0.0.0.255
Network 172.168.4.0 0.0.0.255
Network 172.168.5.0 0.0.0.255
Network 172.168.6.0 0.0.0.255
Network 172.168.7.0 0.0.0.255
Network 172.168.0.0 0.0.0.255
No auto-summary
Task 2
Configure EIGRP on R1 and R2. Advertise the directly connected networks in EIGRP in
AS 100. Disable auto-summary. Also configure route summarization so that only one
summary route is advertised to R1.
R1 R2

No auto-summary
Int s0
Ip summary-address eigrp 100 172.168.0.0
255.255.248.0
Verification :
R1#show ip route
D 2.0.0.0/8 [90/2681856] via 1.1.1.2, 00:00:02, Serial0/2/0
D 20.0.0.0/8 [90/2195456] via 1.1.1.2, 00:00:02, Serial0/2/0
172.168.0.0/21 is subnetted, 1 subnets
D 172.168.0.0 [90/2809856] via 1.1.1.2, 00:00:02, Serial0/2/0
D 30.0.0.0/8 [90/2707456] via 1.1.1.2, 00:00:02, Serial0/2/0
R2#show ip route
C 1.0.0.0/8 is directly connected, Serial0
C 20.0.0.0/8 is directly connected, Ethernet0
172.168.0.0/16 is variably subnetted, 9 subnets, 2 masks
D 172.168.4.0/24 [90/2297856] via 2.2.2.2, 00:07:13, Serial1
D 172.168.5.0/24 [90/2297856] via 2.2.2.2, 00:07:08, Serial1
D 172.168.6.0/24 [90/2297856] via 2.2.2.2, 00:07:04, Serial1
D 172.168.7.0/24 [90/2297856] via 2.2.2.2, 00:06:56, Serial1
D 172.168.0.0/24 [90/2297856] via 2.2.2.2, 00:06:49, Serial1
D 172.168.0.0/21 is a summary, 00:01:24, Null0
D 172.168.1.0/24 [90/2297856] via 2.2.2.2, 00:07:33, Serial1
D 172.168.2.0/24 [90/2297856] via 2.2.2.2, 00:07:25, Serial1
D 172.168.3.0/24 [90/2297856] via 2.2.2.2, 00:07:18, Serial1
D 10.0.0.0/8 [90/2172416] via 1.1.1.1, 00:01:30, Serial0
D 30.0.0.0/8 [90/2195456] via 2.2.2.2, 00:08:03, Serial1
With route summarization on R2 a summary route is created pointing to null 0
Lab 4 – Load balancing across Equal Cost Path
R1 R2
S0 S0
E0 E0
S1
S1
R2

S0 2.2.2.1 255.0.0.0
S1 1.1.1.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S1 1.1.1.2 255.0.0.0
S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Lab Objective:
Task 1
Configure EIGRP AS 100 as per the above scenario and verify load balancing using the
traceroute command on R3 :
R2 R3

Verification :
R3#show ip route

D 20.0.0.0/8 [90/2195456] via 1.1.1.1, 00:07:42, Serial1
[90/2195456] via 2.2.2.1, 00:07:42, Serial0
First Traceroute packet going via 1.1.1.1
R3#traceroute 20.1.1.1
Type escape sequence to abort.

Tracing the route to 20.1.1.1
1 1.1.1.1 32 msec
2.2.2.1 20 msec *
Second Traceroute packet going via 2.2.2.1

1 2.2.2.1 20 msec
1.1.1.1 28 msec *
Lab 5 – Load balancing across Unequal Cost
Path
(Scenario Based On Lab 4)
R2

S0 2.2.2.1 255.0.0.0
S1 1.1.1.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S1 1.1.1.2 255.0.0.0
S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Lab Objective:
Task 1
Configure EIGRP AS 100 as per the above scenario. Make the links unequal cost paths
using the bandwidth command in interface mode and verify load balancing .
Use the variance command to gain load balancing
R1 R2

No auto-summary Variance 2
No auto-summary
Interface S 0
Bandwidth 800
The variance multiplier set in the variance command when multiplied by the successor
FD, must be greater than the feasible successor FD. Thus the feasible successors whose
FD is less than the above calculated value are installed in the routing table.
Verification :
With out the variance command:
R2#sh ip eigrp topology
P 1.0.0.0/8, 1 successors, FD is 2169856

via Connected, Serial1
via Connected, Serial0
via 1.1.1.2 (2681856/2169856), Serial1
via Connected, Ethernet0
via 1.1.1.2 (2195456/281600), Serial1
via 2.2.2.2 (3737600/281600), Serial0
The output displays 2 routes installed in the topology table with 2 different costs.
R2#show ip route

D 30.0.0.0/8 [90/2195456] via 1.1.1.2, 00:01:42, Serial1
With the variance command:
R2#show ip route

D 30.0.0.0/8 [90/2195456] via 1.1.1.2, 00:00:04, Serial1
[90/3737600] via 2.2.2.2, 00:00:04, Serial0
The output displays 2 routes installed in the routing table.

Lab 6 – EIGRP Authentication
R1 R2
E0 S1 S0 E0
R1

S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R2

S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Lab Objective:
Task 1
Configure MD5 authentication for the links. Use cisco123 as the key-string with a key-id
of 1.
R1 R2
Int S1 Int S 0
Ip authentication mode eigrp 100 md5 Ip authentication mode eigrp 100 md5
Ip authentication key-chain eigrp 100 chain1 Ip authentication key-chain eigrp 100 chain 2
Key chain chain1 Key chain chain 2

Key 1 Key 1
Key-string cisco123 Key-string cisco123
Verification
With EIGRP Authentication:

H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 2.2.2.2 Se1 14 00:00:24 40 240 0 2
Verify authentication by using debug EIGRP packets
R2#debug eigrp packets
*Mar 1 02:52:50.895: EIGRP: Sending HELLO on Ethernet0

*Mar 1 02:52:50.899: AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar 1 02:52:53.219: EIGRP: received packet with MD5 authentication, key id = 1
*Mar 1 02:52:53.223: EIGRP: Received HELLO on Serial1 nbr 2.2.2.2

*Mar 1 02:52:53.223: AS 100, Flags 0x0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0 p
With authentication mismatch:

-----------NIL----------------
R2#debug eigrp packets
*Mar 1 02:58:05.895: EIGRP: Sending HELLO on Serial1

*Mar 1 02:58:06.347: EIGRP: Sending HELLO on Ethernet0
*Mar 1 02:58:08.471: EIGRP: pkt key id = 1, authentication mismatch
*Mar 1 02:58:08.475: EIGRP: Serial1: ignored packet from 2.2.2.2, opcode = 5 (invalid
authentication)
Lab 7 – Configuring EIGRP STUB
R1 R2
R3
E0 S0 S1/0 S1 Loopback 0 - 3
S1/0
E 0/0 E0
R1

S0 2.2.2.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S 1/0 2.2.2.2 255.0.0.0
S1 3.3.3.1 255.0.0.0
E 0/0 20.1.1.1 255.0.0.0
R3

S 1/0 3.3.3.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Loopback 0 172.168.0.1 255.255.255.0
Loopback 1 172.168.1.1 255.255.255.0
Loopback 2 172.168.2.1 255.255.255.0
Loopback 3 172.168.3.1 255.255.255.0
Lab Objective:
Task 1
Configure EIGRP AS 100 as per the above scenario on R1, R2 and R3. Disable auto-
summary. Only one summary route must be advertised to R2 and R1
R1 R2

No auto-summary
R3
Router eigrp 100

Network 3.0.0.0
Network 30.0.0.0
Network 172.168.0.0
No auto-summary
Interface s 1/0
Ip summary-address eigrp 100 172.168.0.0
255.255.252.0
Verification :
Without configuring stub in R3:
R2#show ip route
C 2.0.0.0/8 is directly connected, Serial1/0

C 20.0.0.0/8 is directly connected, Ethernet0/0
D 172.168.0.0 [90/20640000] via 3.3.3.2, Serial1/1
D 10.0.0.0/8 [90/20537600] via 2.2.2.1, Serial1/0
D 30.0.0.0/8 [90/20537600] via 3.3.3.2, Serial1/1
The output displays directly connected routes, summary route and Eigrp routes.
Task 2 :
Configure Eigrp Stub on R3, preventing R3 to send any routes to R2, but R2 receives
routes from R1.
R3
Router eigrp 100

Eigrp stub receive-only
Verification :
R2#show ip route

D 10.0.0.0/8 [90/20537600] via 2.2.2.1, Serial1/0
The output displays only network 10.0.0.0 (eigrp route) coming from R1 but no eigrp
routes from R3.
Task 3 :
Configure Eigrp Stub on R3, allowing R3 to send only connected routes to R2, but R2
receives any routes from R1.
R3
Router eigrp 100

Eigrp stub connected
Verification :
R2#show ip route

D 172.168.0.0 [90/20640000] via 3.3.3.2, Serial1/1
D 172.168.1.0 [90/20640000] via 3.3.3.2, Serial1/1
D 172.168.2.0 [90/20640000] via 3.3.3.2, Serial1/1
D 172.168.3.0 [90/20640000] via 3.3.3.2, Serial1/1
D 10.0.0.0/8 [90/20537600] via 2.2.2.1, Serial1/0
D 30.0.0.0/8 [90/20537600] via 3.3.3.2, Serial1/1
The output displays only connected eigrp routes from R3 to R2, but receives all routes
from R1.
Task 4 :
Configure Eigrp Stub on R3, allowing only summary routes from R3 to R2, but R2
receives any routes from R1.
R3
Router eigrp 100

Eigrp stub summary
Verification :
R2#show ip route

D 172.168.0.0 [90/20640000] via 3.3.3.2, Serial1/1
D 10.0.0.0/8 [90/20537600] via 2.2.2.1, Serial1/0
The output displays only summary route from R3, and also all routes from R1.
Task 5 :
Configure Eigrp Stub on R3, allowing connected and summary routes from R3 to R2,
but R2 receives any routes from R1.
R3
Router eigrp 100

Eigrp stub
Verification :
R2#show ip route

D 172.168.0.0 [90/20640000] via 3.3.3.2, Serial1/1
D 10.0.0.0/8 [90/20537600] via 2.2.2.1, Serial1/0
D 30.0.0.0/8 [90/20537600] via 3.3.3.2, Serial1/1
The output displays both connected and summary routes from R3 , as the command eigrp
stub defaults to ”eigrp stub connected summary”.
Task 6 :
R1 R2
R3
E0 S0 S1/0 S1/1 Loopback 0 - 3
S1/0
E0
E 0/0
FA0/0
FA 0/1
R4
R1

S0 2.2.2.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S 1/0 2.2.2.2 255.0.0.0
S1/1 3.3.3.1 255.0.0.0
E 0/0 20.1.1.1 255.0.0.0
R3

S 1/0 3.3.3.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Loopback 0 172.168.0.1 255.255.255.0
Loopback 1 172.168.1.1 255.255.255.0
Loopback 2 172.168.2.1 255.255.255.0
Loopback 3 172.168.3.1 255.255.255.0
R4

Fa 0/0 30.1.1.2 255.0.0.0
Fa 0/1 40.1.1.1 255.0.0.0
Lab Objective :
Configure EIGRP in AS 100 on R1, R2, R3. Advertise only interface fa0/0 on R4 in
EIGRP AS 100. Configure static route in R3 to reach network 40.0.0.0 via 30.1.1.1.
Redistribute the static route in EIGRP AS 100.
R3
Ip route 40.0.0.0 255.0.0.0 30.1.1.2
Router eigrp 100

Redistribute static metric 10 10 10 10 10
Eigrp stub static
Verification :
R2#show ip route
D EX 40.0.0.0/8 [170/256514560] via 3.3.3.2, Serial1/1
D 10.0.0.0/8 [90/20537600] via 2.2.2.1, Serial1/0
The output displays only directly connected of R1, R2 and redistributed static route from
R3, but blocking connected routes and summary routes from R3.
The output also displays the redistributed route as an external EIGRP route with AD
value of 170.
Lab 8– Redistribute EIGRP with RIPv2
R1 R2
R3
S0 S0 S1
S0
E0
E0 Loopback 0 E0
R1

S0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
Loopback 0 40.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Task 1
Configure EIGRP AS 100 on R1 ( S0, E0 ), R2 ( S0, E0 ) and RIPv2 on R2 ( S1,

Loopback 0 ) and R3 ( S0, E0 ) as per the above scenario. Mutually redistribute both
protocols.
R1 R3
Router eigrp 100 Router rip

Network 1.0.0.0 Version 2
No auto-summary
R2
Router eigrp 100

Network 1.0.0.0
Network 20.0.0.0
No auto-summary
Redistribute rip metric 10 10 10 10 10
Router rip
Version 2
Network 2.0.0.0
Network 40.0.0.0
No auto-summary
Redistribute eigrp 100 metric 10
Verification :
R1#show ip route

D EX 2.0.0.0/8 [170/256514560] via 1.1.1.2, 00:01:24, Serial0/2/0
D 20.0.0.0/8 [90/2195456] via 1.1.1.2, 00:12:18, Serial0/2/0
D EX 40.0.0.0/8 [170/256514560] via 1.1.1.2, 00:01:24, Serial0/2/0
D EX 30.0.0.0/8 [170/256514560] via 1.1.1.2, 00:01:24, Serial0/2/0
R2#show ip route

C 40.0.0.0/8 is directly connected, Loopback0
D 10.0.0.0/8 [90/2172416] via 1.1.1.1, 00:14:29, Serial0
R 30.0.0.0/8 [120/1] via 2.2.2.2, 00:00:15, Serial1
R3#show ip route
R 1.0.0.0/8 [120/10] via 2.2.2.1, 00:00:23, Serial0

R 20.0.0.0/8 [120/10] via 2.2.2.1, 00:00:23, Serial0
R 40.0.0.0/8 [120/1] via 2.2.2.1, 00:00:23, Serial0
R 10.0.0.0/8 [120/10] via 2.2.2.1, 00:00:23, Serial0
The output displays that RIP routes are advertised in R1 EIGRP AS 100 as ‘D EX’ routes.
EIGRP routes are advertised in RIP as ‘R’ routes.
Lab 9 – Redistributing EIGRP with OSPF
R1 R2
R3
S0 S0 S1
S0
E0
E0 E0
R1

S0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Task 1 :
Configure EIGRP AS 100 on R1 ( S0, E0 ), R2 ( S0 ) and OSPF area 0 on R2 ( S1, E0 ),

R3 ( S0 ) and OSPF area 1 on R3 ( E0 ) as per the above scenario. Mutually redistribute
both protocols.
R1 R3
Router ospf 1
Router eigrp 100 Network 2.2.2.2 0.0.0.0 area 0
Network 1.0.0.0 Network 30.0.0.0 0.255.255.255 area 1
Network 10.0.0.0
No auto-summary
R2
Router eigrp 100

Network 1.0.0.0
No auto-summary
Redistribute ospf 1 metric 10 10 10 10 10
Router ospf 1
Network 2.2.2.1 0.0.0.0 area 0
Network 20.0.0.0 0.255.255.255 area 0
Redistribute eigrp 100 metric 10 subnets
Verification :
R1#show ip route
1.0.0.0/8 is directly connected, Serial0/2/0

D EX 2.0.0.0/8 [170/256514560] via 1.1.1.2, 00:00:57, Serial0/2/0
D EX 20.0.0.0/8 [170/256514560] via 1.1.1.2, 00:00:57, Serial0/2/0
D EX 30.0.0.0/8 [170/256514560] via 1.1.1.2, 00:00:57, Serial0/2/0
R2#show ip route

D 10.0.0.0/8 [90/2172416] via 1.1.1.1, 00:11:11, Serial0
O IA 30.0.0.0/8 [110/74] via 2.2.2.2, 00:00:42, Serial1
R3#show ip route
O E2 1.0.0.0/8 [110/10] via 2.2.2.1, 00:01:05, Serial0

O 20.0.0.0/8 [110/74] via 2.2.2.1, 00:01:05, Serial0
O E2 10.0.0.0/8 [110/10] via 2.2.2.1, 00:01:05, Serial0
Lab 10 – Configuring EIGRP with Redistribute
Connected
R1 R2
E0 S0 S0 E0
R1

S0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
E0 20.1.1.1 255.0.0.0
Task 1 :
Configure EIGRP AS 100 and do not advertise network 10.0.0.0 and network 20.0.0.0
and redistribute network 10.0.0.0 and 20.0.0.0 into EIGRP.
R1 R2

Redistribute connected metric 10 10 10 10 10 Redistribute connected metric 10 10 10 10 10
Verification :
R1#show ip route
D EX 20.0.0.0/8 [170/256514560] via 1.1.1.2, 00:00:40, Serial0/2/0
R2#show ip route

D EX 10.0.0.0/8 [170/256514560] via 1.1.1.1, 00:00:33, Serial0
The output displays ‘D EX’ routes for both networks 10.0.0.0 and 20.0.0.0 in the routing
tables.
Module 2 – OSPF
OSPF LAB INDEX
1. CONFIGURING OSPF IN SINGLE AREA
2. CONFIGURING OSPF IN MULTIPLE AREA
3. CONFIGURING ABR AND ASBR
4. CONFIGURE STUB
5. CONFIGURE TOTAL STUB
6. CONFIGURE NSSA
7. CONFIGURE NSSA TOTAL STUB
8. OSPF ROUTE SUMMARIZATION
9. OSPF VIRTUAL LINK
10. CONFIGURING OSPF AUTHENTICATION
11. OSPF ON BROADCAST MULTIACCESS

Lab 1 – Configuring OSPF in a Single Area
R1 R2
R3
S0 S0 S1
S0
E0
E0 E0
R1

S0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Lab Objective:
Configure the Interface IP addresses based on the above table

Task 1
Configure OSPF in Area 0. Advertise all networks on all routers.
R1 R2
Router ospf 1 Router ospf 1

Network 1.1.1.1 0.0.0.0 area 0 Network1.1.1.2 0.0.0.0 area 0
Network 10.0.0.0 0.255.255.255 area 0 Network 2.2.2.1 0.0.0.0 area 0
Network 20.0.0.0 0.255.255.255 area 0
R3
Router ospf 1
Network 2.2.2.2 0.0.0.0 area 0
Network 30.0.0.0 0.255.255.255 area 0
Verification :
R1 # show ip route

O 2.0.0.0/8 [110/128] via 1.1.1.2, 00:03:58, Serial0/2/0
O 20.0.0.0/8 [110/74] via 1.1.1.2, 00:03:58, Serial0/2/0
O 30.0.0.0/8 [110/138] via 1.1.1.2, 00:03:58, Serial0
OSPF routes are displayed as “O” routes in the routing table.
R1 # show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface

30.1.1.1 0 FULL/ - 00:00:32 2.2.2.2 Serial1
10.1.1.1 0 FULL/ - 00:00:33 1.1.1.1 Serial0
The symbol indicated by a dash [-] represents that the neighbor is on the serial interface
and DR and BDR are not used on point-to-point interfaces.
R1 # show ip ospf
Routing Process "OSPF 1" with ID 10.1.1.1

---output omitted---
This command displays the OSPF router-id.

Task 2
Configure OSPF in Area 0. Advertise all networks on all routers. Hard Code the Router-
id based on the following Loop back ip address:
R1 Loopback 0 6.6.6.6
R1 R2
int loopback 0 int loopback 0

ip address 6.6.6.6 255.255.255.255 ip address 7.7.7.7 255.255.255.255
R3
int loopback 0
ip address 8.8.8.8 255.255.255.255
Router ospf 1
Network 8.8.8.8 0.0.0.0 area 0
Verification :
R1# show ip ospf
Routing Process "OSPF 1" with ID 6.6.6.6

---output omitted---
This output displays that router-id chosen is 6.6.6.6 as it is the loopback address.
Repeat the same on router2 with loopback address as 7.7.7.7 and on router 3 with
loopback as 8.8.8.8 and verify using show ip OSPF command
Task 3
Configure OSPF in Area 0. Advertise all networks on all routers. Hard Code the Router-
id based on the following :
R1 3.3.3.3
R2 4.4.4.4
R3 5.5.5.5
R1 R2
Router-id 3.3.3.3 Router-id 4.4.4.4
Network 7.7.7.7 0.0.0.0 area 0
R3
Router ospf 1
Router-id 5.5.5.5
Network 2.2.2.2 0.0.0.0 area 0
Network 30.0.0.0 0.255.255.255 area 0
Network 8.8.8.8 0.0.0.0 area 0
Verification :-
R1#show ip ospf
Routing Process "ospf 1" with ID 3.3.3.3
This output displays that 3.3.3.3 router-id takes preference over physical and loopback
interface.
Lab 2 – Configuring OSPF in Multiple Areas
( Sceanrio Based on Lab 1 )
R1

S0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Task 1
Configure OSPF in Area 0 on R1 ( S0 ), R2 ( S0, E0 ).

Configure OSPF in Area 1 on R1 ( E0 ).
Configure OPSF in Area 2 on R2 ( S1 ), R3 ( S0, E0 )
R1 R2

Network 1.1.1.1 0.0.0.0 area 0 Network 1.1.1.2 0.0.0.0 area0
Network 20.0.0.0 0.255.255.255 area0
R3
Router ospf 1
Network 2.2.2.2 0.0.0.0 area2
Network 30.0.0.0 0.255.255.255 area2
Verification :
R1# show ip route

O IA 2.0.0.0/8 [110/128] via 1.1.1.2, 00:07:11, Serial0/2/0
O 20.0.0.0/8 [110/74] via 1.1.1.2, 00:07:11, Serial0/2/0
O IA 30.0.0.0/8 [110/138] via 1.1.1.2, 00:07:11, Serial0/2/0
The output displays ‘O’, ‘O IA’ routes.
The ABR can be verified by using the following command
R1# show ip ospf border-routers
OSPF Process 1 internal Routing Table

Codes: i - Intra-area route, I - Inter-area route
i 20.1.1.1 [64] via 1.1.1.2, Serial0/2/0, ABR, Area 0, SPF 2
R2#show ip route

O IA 10.0.0.0/8 [110/65] via 1.1.1.1, 00:11:06, Serial0
O 30.0.0.0/8 [110/74] via 2.2.2.2, 00:11:54, Serial1
R2#show ip ospf border-routers

i 10.1.1.1 [64] via 1.1.1.1, Serial0, ABR, Area 0, SPF 6
R3#show ip route
O IA 1.0.0.0/8 [110/128] via 2.2.2.1, 00:12:44, Serial0

O IA 20.0.0.0/8 [110/74] via 2.2.2.1, 00:12:43, Serial0
O IA 10.0.0.0/8 [110/129] via 2.2.2.1, 00:11:55, Serial0
Task 2
Configure OSPF as per task 1 and manipulate the Hello-interval time on R1
R1
int s0
ip ospf hello-interval 5
Verification :
Default hello-interval time:
R1#show ip ospf interface serial 0/2/0
Serial0/2/0 is up, line protocol is up

Internet Address 1.1.1.1/8, Area 0
Process ID 1, Router ID 10.1.1.1, Network Type POINT_TO_POINT, Cost: 64
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
R1#show ip ospf neighbor

20.1.1.1 0 FULL/ - 00:00:35 1.1.1.2 Serial0/2/0
Verifying ospf neighbors after manipulating the hello-interval time in R1.
-------Nil------
There will be no neighbor relationship because of hello-interval mismatch.
This can be verified by using ‘debug ip ospf events’ command, where the output displays
a mismatch hello parameter statement.
R1#debug ip ospf events
*May 28 09:20:31.403: OSPF: Rcv hello from 20.1.1.1 area 0 from Serial0/2/0 1.1.
1.2
*May 28 09:20:31.403: OSPF: Mismatched hello parameters from 1.1.1.2
*May 28 09:20:31.403: OSPF: Dead R 40 C 20, Hello R 10 C 5
The output displays a mismatch hello parameter statement.
Lab 3 – Configuring ABR and ASBR
( Scenario Based on Lab 1 )
R1

S0/2/0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Task 1
Configure OSPF in Area 0 on R1 ( S0/2/0, E0 ), R2 ( S0 )

Configure OSPF in Area 1 on R2 ( S1 ), R3 ( S0, E 0 ).
Configure EIGRP AS 100 on R2 ( E0 ) and redistribute into OSPF.
R1 R2

R3 Router eigrp 100

Network 20.0.0.0
Router ospf 1 No auto-summary
Network 2.2.2.2 0.0.0.0 area 1
Network 30.0.0.0 0.255.255.255 area 1 Router ospf 1
Verification :
R1#show ip route

O IA 2.0.0.0/8 [110/128] via 1.1.1.2, 00:12:21, Serial0/2/0
O IA 30.0.0.0/8 [110/138] via 1.1.1.2, 00:11:13, Serial0/2/0
The output displays ‘O’ and ‘O IA’ routes.

The output also shows that network 20.0.0.0 is missing in the routing table.
As EIGRP is a NON-OSPF routing protocol, we need to redistribute EIGRP into OSPF
R1#show ip route

O IA 2.0.0.0/8 [110/128] via 1.1.1.2, 00:00:04, Serial0/2/0
O E2 20.0.0.0/8 [110/10] via 1.1.1.2, 00:00:04, Serial0/2/0
O IA 30.0.0.0/8 [110/138] via 1.1.1.2, 00:00:04, Serial0/2/0
Note: If we want OE1 routes then the redistribute command should be configured using
metric-type
R2
Router ospf 1
Redistribute eigrp 100 metric-type 1 metric
10 subnets
.R1#show ip route

O IA 2.0.0.0/8 [110/128] via 1.1.1.2, 00:01:43, Serial0/2/0
O E1 20.0.0.0/8 [110/74] via 1.1.1.2, 00:00:12, Serial0/2/0
O IA 30.0.0.0/8 [110/138] via 1.1.1.2, 00:01:43, Serial0/2/0
To verify which router is ABR / ASBR : -
R1 # show ip ospf border-routers

i 20.1.1.1 [64] via 1.1.1.2, Serial0/2/0, ABR/ASBR, Area 0, SPF
Lab 4 – Configure OSPF Stub Area
R1

S0/2/0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Task 1

R1 R2

R3
Router ospf 1
Network 2.2.2.2 0.0.0.0 area2
Network 30.0.0.0 0.255.255.255 area2
Task 2 : Configure EIGRP AS 100 on R2 ( E0 ) and redistribute into OSPF.
R2
Router eigrp100
Network 20.0.0.0
No auto-summary
Router ospf 1
Verification :
R3#show ip route
O IA 1.0.0.0/8 [110/128] via 2.2.2.1, 00:01:08, Serial0

O E2 20.0.0.0/8 [110/10] via 2.2.2.1, 00:00:03, Serial0
O IA 10.0.0.0/8 [110/129] via 2.2.2.1, 00:01:08, Serial0
The output displays inter-area routes (O IA) and OSPF external type 2
(O E2).
R3#show ip ospf database
OSPF Router with ID (30.1.1.1) (Process ID 1)
Router Link States (Area 1)
Link ID ADV Router Age Seq# Checksum Link count

20.1.1.1 20.1.1.1 243 0x8000000A 0x00B788 2
30.1.1.1 30.1.1.1 243 0x80000008 0x0034CD 3
Summary Net Link States (Area 1)
Link ID ADV Router Age Seq# Checksum

1.0.0.0 20.1.1.1 277 0x80000004 0x002FB2
10.0.0.0 20.1.1.1 277 0x80000004 0x00C314
Type-5 AS External Link States
Link ID ADV Router Age Seq# Checksum Tag

20.0.0.0 20.1.1.1 172 0x80000007 0x00A8D0 0
The output displays Type-5 external link-states.
Task 3
Configure OSPF Area 1 as Stub.
R2 R3
Area 1 stub Area 1 stub
After configuring stub, verify the routing table on R3

10.1.1.1 0 FULL/ - 00:00:30 1.1.1.1 Serial0
30.1.1.1 0 FULL/ - 00:00:38 2.2.2.2 Serial1
R3#show ip route
O IA 1.0.0.0/8 [110/128] via 2.2.2.1, 00:00:03, Serial0

O IA 10.0.0.0/8 [110/129] via 2.2.2.1, 00:00:03, Serial0
O*IA 0.0.0.0/0 [110/65] via 2.2.2.1, 00:00:03, Serial0
The output displays default route and inter-area routes, both designated with (OIA) in the
routing table.
Default route is denoted as (O* IA).


20.1.1.1 20.1.1.1 543 0x8000000C 0x00CB76 2
30.1.1.1 30.1.1.1 543 0x8000000A 0x004EB3 3

0.0.0.0 20.1.1.1 552 0x80000001 0x00E73F
1.0.0.0 20.1.1.1 552 0x80000005 0x004B97
10.0.0.0 20.1.1.1 552 0x80000005 0x00DFF8
The output does not display the ‘Type 5 External LSA.
Note: If stub is not configured on both routers OSPF neighborship will not establish. It
can be verified by the following commands.

10.1.1.1 0 FULL/ - 00:00:35 1.1.1.1 Serial0
30.1.1.1 0 DOWN/ - - 2.2.2.2 Serial1
R2#debug ip ospf events
Mar 1 03:12:42.491: OSPF: Rcv hello from 30.1.1.1 area 1 from Serial1 2.2.2.2
*Mar 1 03:12:42.491: OSPF: Hello from 2.2.2.2 with mismatched Stub/Transit area
option bit
The output displays mismatched Stub/Transit area option bit .
Lab 5 – Configuring Totally Stub Area

R1

S0/2/0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Task 1

R1 R2

R3
Router ospf 1
Network 2.2.2.2 0.0.0.0 area2
Network 30.0.0.0 0.255.255.255 area2
R2
Router eigrp100
Network 20.0.0.0
No auto-summary
Router ospf 1
Verification :
Verify the routing table on R3:
R3#show ip route
O IA 1.0.0.0/8 [110/128] via 2.2.2.1, 00:01:08, Serial0

O E2 20.0.0.0/8 [110/10] via 2.2.2.1, 00:00:03, Serial0
O IA 10.0.0.0/8 [110/129] via 2.2.2.1, 00:01:08, Serial0
The output displays inter-area (O IA) and external type 2 (O E2) routes.
The OSPF database on R3 can be verified using the following command :

20.1.1.1 20.1.1.1 243 0x8000000A 0x00B788 2
30.1.1.1 30.1.1.1 243 0x80000008 0x0034CD 3

1.0.0.0 20.1.1.1 277 0x80000004 0x002FB2
10.0.0.0 20.1.1.1 277 0x80000004 0x00C314

20.0.0.0 20.1.1.1 172 0x80000007 0x00A8D0 0
The output displays summary net link states and type-5 AS external link-states.
Now, to block both the summary net link-states and type-5 external link-states, configure
Area 1 as total stub .
Task 3
Configure R2 and R3 as total stub .
R2 R3

Area 1 stub no-summary Area 1 stub no-summary
Verifying the routing table on R3
R3#show ip route

O*IA 0.0.0.0/0 [110/65] via 2.2.2.1, 00:00:30, Serial0
Inter-area and external routes are not visible in the routing table, but they are accessible
via the inter-area default route (O * IA).
Verify the OSPF database
OSPF Router with ID (30.1.1.1) (Process ID)

----------Output has been omitted for brevity-------------

0.0.0.0 20.1.1.1 125 0x80000003 0x00E341
No Type-5 External LSA and Summary Net Link Type 3, but you can see a default route.
Lab 6 – Configuring NSSA

R1

S0/2/0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Task 1
Configure OSPF in Area 0 on R1 ( S0/2/0 ), R2 ( S0 ).

Configure OSPF in Area 1 on R2 ( S1 ), R3 ( S0 ).
R1 R2

Network 2.2.2.1 0.0.0.0 area2
R3
Router ospf 1
Network 2.2.2.2 0.0.0.0 area2
R2
Router eigrp100
Network 20.0.0.0
No auto-summary
Router ospf 1
Task 3 : Configure RIPv2 on R1 ( E0 ), R3 ( E0 ) and redistribute into OSPF.
R1 R3
Router rip Router rip

Net 10.0.0.0 Net 30.0.0.0
Version 2 Version 2

Redistribute rip metric 10 subnets Redistribute rip metric 10 subnets
Verification :
R3#show ip route
O IA 1.0.0.0/8 [110/128] via 2.2.2.1, 00:00:22, Serial0

O E2 20.0.0.0/8 [110/10] via 2.2.2.1, 00:00:22, Serial0
O E2 10.0.0.0/8 [110/10] via 2.2.2.1, 00:00:22, Serial0
The output displays inter-area (O IA), external type2 (O E2) routes.

20.1.1.1 20.1.1.1 141 0x80000013 0x00A591 2
30.1.1.1 30.1.1.1 141 0x80000010 0x00939C 2

1.0.0.0 20.1.1.1 149 0x80000001 0x0035AF
Summary ASB Link States (Area 1)

10.1.1.1 20.1.1.1 149 0x80000001 0x009047

10.0.0.0 10.1.1.1 328 0x80000001 0x009102 0
20.0.0.0 20.1.1.1 1830 0x80000008 0x00A6D1 0
The OSPF database displays summary net link states, type-5 external net link states.
Now, configure NSSA on R2 & R3, where R3 acts as NSSA ASBR that generates type-7
LSA and R2 acts as NSSA ABR that converts the type-7 LSA into type-5 LSA, when it
leaves the NSSA area.
Task 4
Configure R2 and R3 as NSSA .
R2 R3

Area 1 nssa default-information-originate Area 1 nssa default-information-originate
R3#show ip route
O IA 1.0.0.0/8 [110/128] via 2.2.2.1, 00:00:06, Serial0

O N2 20.0.0.0/8 [110/10] via 2.2.2.1, 00:00:06, Serial0
O*N2 0.0.0.0/0 [110/1] via 2.2.2.1, 00:00:06, Serial0
The output displays ‘O N2’ and ‘O* N2’ routes in the routing table.

20.1.1.1 20.1.1.1 428 0x80000015 0x0047E7 2
30.1.1.1 30.1.1.1 428 0x80000012 0x0035F2 2

1.0.0.0 20.1.1.1 435 0x80000002 0x00D805
Type-7 AS External Link States (Area 1)

0.0.0.0 20.1.1.1 435 0x80000001 0x0099F9 0
20.0.0.0 20.1.1.1 434 0x80000001 0x00EE87 0
30.0.0.0 30.1.1.1 458 0x80000001 0x00A7B1 0
No Type-5 External Link States but allows Special Type-7 External Link State
R2#show ip route

O E2 10.0.0.0/8 [110/10] via 1.1.1.1, 00:02:33, Serial0
O N2 30.0.0.0/8 [110/10] via 2.2.2.2, 00:02:33, Serial1
R1#show ip route

O IA 2.0.0.0/8 [110/128] via 1.1.1.2, 00:14:38, Serial0/2/0
O E2 20.0.0.0/8 [110/10] via 1.1.1.2, 00:03:23, Serial0/2/0
O E2 30.0.0.0/8 [110/10] via 1.1.1.2, 00:03:16, Serial0/2/0

10.1.1.1 10.1.1.1 145 0x8000000B 0x001250 2
20.1.1.1 20.1.1.1 133 0x8000000B 0x00FF56 2

2.0.0.0 20.1.1.1 1429 0x80000005 0x0020BF

10.0.0.0 10.1.1.1 145 0x80000002 0x008F03 0
20.0.0.0 20.1.1.1 1429 0x80000009 0x00A4D2 0
30.0.0.0 20.1.1.1 1263 0x80000001 0x0096D6 0
Lab 7 – Configure NSSA Total Stub

(Scenario Based on Lab 1)
R1

S0/2/0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Task 1

R1 R2

Network 2.2.2.1 0.0.0.0 area2
R3
Router ospf 1
Network 2.2.2.2 0.0.0.0 area2
R2
Router eigrp100
Network 20.0.0.0
No auto-summary
Router ospf 1
Task 3 : Configure RIPv2 on R1 ( E0 ), R3 ( E0 ) and redistribute into OSPF.
R1 R3
Router rip Router rip

Net 10.0.0.0 Net 30.0.0.0
Version 2 Version 2

Redistribute rip metric 10 subnets Redistribute rip metric 10 subnets
Verification :
R3#show ip route
O IA 1.0.0.0/8 [110/128] via 2.2.2.1, 00:00:22, Serial0

O E2 20.0.0.0/8 [110/10] via 2.2.2.1, 00:00:22, Serial0
O E2 10.0.0.0/8 [110/10] via 2.2.2.1, 00:00:22, Serial0
The output displays inter-area (O IA), external type2 (O E2) routes.

20.1.1.1 20.1.1.1 141 0x80000013 0x00A591 2
30.1.1.1 30.1.1.1 141 0x80000010 0x00939C 2

1.0.0.0 20.1.1.1 149 0x80000001 0x0035AF
Summary ASB Link States (Area 1)

10.1.1.1 20.1.1.1 149 0x80000001 0x009047

10.0.0.0 10.1.1.1 328 0x80000001 0x009102 0
20.0.0.0 20.1.1.1 1830 0x80000008 0x00A6D1 0
The OSPF database displays summary net link states, type-5 external net link states.
Task 4 :
Configure R2 and R3 as NSSA Total Stub .
R2 R3

Area 1 nssa no-summary Area 1 nssa no-summary
R3#show ip route

O N2 20.0.0.0/8 [110/10] via 2.2.2.1, 00:00:15, Serial0
O*IA 0.0.0.0/0 [110/65] via 2.2.2.1, 00:00:15, Serial0
The output displays O N2 and O* IA routes only.

20.1.1.1 20.1.1.1 177 0x80000017 0x0043E9 2
30.1.1.1 30.1.1.1 118 0x80000015 0x002FF5 2

0.0.0.0 20.1.1.1 187 0x80000001 0x006FAF
Type-7 AS External Link States (Area 1)

20.0.0.0 20.1.1.1 186 0x80000001 0x00EE87 0
30.0.0.0 30.1.1.1 118 0x80000002 0x00A5B2 0
No Type-5 External Link States, no Type-3 Summary link but allows Special Type-7
External Link State .
Lab 8 – Configure OSPF Route Summarization

R1 R2
R3
E0 S0/2/0 S0 S1 Loopback 0 - 3
S0
E0 E0
R1

S0/2/0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Loopback 0 172.168.0.1 255.255.255.0
Loopback 1 172.168.1.1 255.255.255.0
Loopback 2 172.168.2.1 255.255.255.0
Loopback 3 172.168.3.1 255.255.255.0
Task 1 : Configure Route Summarization at ABR
Configure OSPF in Area 0 on R1 ( S0/2/0, E0 ), R2 ( S0 ).

Configure OSPF in Area 1 on R2 ( S1 ), R3 ( S0, E0, Loopback 0 – 3 ).
Create the following Loopbacks on R3:
Loopback 0 – 172.168.0.1/24
Loopback 1 – 172.168.1.1/24
Loopback 2– 172.168.2.1/24
Loopback 3 – 172.168.3.1/24
Advertise these newly created loopbacks in OSPF using the network command. Make
sure they appear in the routing table using a /24 mask. These routes should be seen as a
single summarized route outside of area 1.
R3 R2
Int loopback 0 Router ospf 1

Ip add 172.168.0.1 255.255.255. 0 Area 1 range172.168.0.0 255.255.252.0
Ip ospf network point-to-point
Int loopback 1
Ip add 172.168.1.1 255.255.255. 0
Int loopback 2
Ip add 172.168.2.1 255.255.255. 0
Int loopback 3
Ip add 172.168.3.1 255.255.255. 0
Router ospf 1
Network 172.168.0.0 0.0.255.255 area 1
Network 2.2.2.2 0.0.0.0 area 1
Network 30.0.0.0 0.255.255 area 1
R1#show ip route

O IA 2.0.0.0/8 [110/128] via 1.1.1.2, 00:17:26, Serial0/2/0
O IA 20.0.0.0/8 [110/74] via 1.1.1.2, 00:17:26, Serial0/2/0
O IA 172.168.0.0 [110/129] via 1.1.1.2, 00:00:11, Serial0/2/0
The output displays a smaller routing table by displaying only one summarized route for
the contiguous networks.
Task 2 : Configure Route Summarization At ASBR
(Scenario Based On Task 1)
Configure OSPF on the routers as per the above scenario.

Create the following Loopbacks on R3:
Loopback 0 – 172.168.0.1/24
Loopback 1 – 172.168.1.1/24
Loopback 2– 172.168.2.1/24
Loopback 3 – 172.168.3.1/24
Advertise these newly created loopbacks in EIGRP AS 100 using the network command
and redistribute these networks into OSPF Area 1. These routes should be seen as a single
summarized route.
R3
Int loopback 0
Ip add 172.168.0.1 255.255.255. 0
Int loopback 1
Ip add 172.168.1.1 255.255.255. 0
Int loopback 2
Ip add 172.168.2.1 255.255.255. 0
Int loopback 3
Ip add 172.168.3.1 255.255.255. 0
Router ospf 1
Network 2.2.2.2 0.0.0.0 area 1
Network 30.0.0.0 0.255.255 area 1
Router eigrp 100

Network 172.168.0.0
No auto-summary
Router ospf 1
Summary-address 172.168.0.0 255.255.252.0
Verification :
R2#show ip route

O E2 172.168.0.0 [110/10] via 2.2.2.2, 00:00:45, Serial1
O 10.0.0.0/8 [110/65] via 1.1.1.1, 00:07:28, Serial0
O 30.0.0.0/8 [110/74] via 2.2.2.2, 00:07:28, Serial1
The output displays a smaller routing table.
R3#show ip route
O IA 1.0.0.0/8 [110/128] via 2.2.2.1, 00:12:14, Serial0

O 20.0.0.0/8 [110/74] via 2.2.2.1, 00:12:14, Serial0
172.168.0.0/16 is variably subnetted, 5 subnets, 2 masks
O 172.168.0.0/22 is a summary, 00:03:01, Null0
O IA 10.0.0.0/8 [110/129] via 2.2.2.1, 00:12:14, Serial0
The output displays a summary route pointing to interface null 0 on R3 routing table.
This is automatically generated by default, when manual summarization is configured so
as to prevent routing loops.
Lab 9 – Configuring OSPF Virtual Links
R1 R2
R3
S0/2/0 S0 S1
S0
E0
E0 E0
R1

S0/2/0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Task 1 :
Configure OSPF in Area 0 on R1 ( S0/2/0, E0 ), R2 ( S0, E0 ).

R1 R2

Network 20.0.0.0 0.255.255.255 area 0
R3
Router ospf 1
Network 2.2.2.2 0.0.0.0 area1
Network 30.0.0.0 0.255.255.255 area 2
Verification :
Verifying the routing table on R1 in area0 :
R1#show ip route

O IA 2.0.0.0/8 [110/128] via 1.1.1.2, 00:22:43, Serial0/2/0
O 20.0.0.0/8 [110/74] via 1.1.1.2, 00:22:43, Serial0/2/0
The output displays net 20.0.0.0 as ‘O’ and net 2.0.0.0 as ‘O IA’, but there is no net
30.0.0.0, as it is not connected to area0.
We need to configure virtual links between R2 & R3 and this area that connects to area0
is called the transit area.
Each router R2 & R3 point at the router-id of the other router.
Task 2 :
Configure Virtual Link between R2 and R3 :
R2 R3

Area 1 virtual-link 30.1.1.1 Area 1 virtual-link 20.1.1.1
Verifying the routing table on R1 :
R1#show ip route

O IA 2.0.0.0/8 [110/128] via 1.1.1.2, 00:00:00, Serial0/2/0
O 20.0.0.0/8 [110/74] via 1.1.1.2, 00:00:00, Serial0/2/0
O IA 30.0.0.0/8 [110/138] via 1.1.1.2, 00:00:00, Serial0/2/0
The output displays network 30.0.0.0 as ‘O’ route because of the virtual link configured,
the router1 assumes that net 30.0.0.0 is in the same area0.
R2#show ip ospf virtual-links
Virtual Link OSPF_VL0 to router 30.1.1.1 is up

Run as demand circuit
DoNotAge LSA allowed.
Transit area 1, via interface Serial1, Cost of using 64
Transmit Delay is 1 sec, State POINT_TO_POINT,
Hello due in 00:00:00
Adjacency State FULL (Hello suppressed)
Index 2/3, retransmission queue length 0, number of retransmission 1
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 1, maximum is 1
Last retransmission scan time is 0 msec, maximum is 0 msec
The output displays virtual-link to other router and as well, ‘DoNotAge’ option set.
Task 3 : Configure Virtual Link when area connecting two backbone areas.
(Scenario Based on Task 1)

Configure OSPF in Area 2 on R2 ( E0, S1 ), R3 ( S0, E0 ).
R1 R2

Network 20.0.0.0 0.255.255.255 area 0
R3
Router ospf 1
Network 2.2.2.2 0.0.0.0 area 0
Network 30.0.0.0 0.255.255.255 area 0
Verification :
Verify the routing table on R1

R1#show ip route

O IA 2.0.0.0/8 [110/128] via 1.1.1.2, 00:00:43, Serial0/2/0
O IA 20.0.0.0/8 [110/74] via 1.1.1.2, 00:00:43, Serial0/2/0
O IA 30.0.0.0/8 [110/138] via 1.1.1.2, 00:00:34, Serial0/2/0
The output displays network 2.0.0.0, 20.0.0.0 and 30.0.0.0 as O IA routes.
R2#show ip route

O 30.0.0.0/8 [110/74] via 2.2.2.2, 00:05:26, Serial 1
O IA 10.0.0.0/8[110/74]via 1.1.1.2, 00:07:43, Serial 0/2/0
R3#show ip route
O IA 1.0.0.0/8 [110/128] via 2.2.2.1, 00:08:27, Serial1

O 20.0.0.0/8 [110/74] via 2.2.2.1, 00:08:27, Serial1
When we check the routing table on R3, the output does not have network 10.0.0.0 in the
routing table.
Task 4 :
Configure Virtual Link between R1 and R2 :
R1 R2

Area 1 virtual-link 20.1.1.1 Area 1 virtual-link 10.1.1.1
After Configuring Virtual Link:
R1#show ip route

O 2.0.0.0/8 [110/128] via 1.1.1.2, 00:00:45, Serial0/2/0
O 20.0.0.0/8 [110/74] via 1.1.1.2, 00:00:45, Serial0/2/0
O 30.0.0.0/8 [110/138] via 1.1.1.2, 00:00:45, Serial0/2/0
R2#show ip route

O 10.0.0.0/8 [110/65] via 1.1.1.1, 00:02:10, Serial0
O 30.0.0.0/8 [110/74] via 2.2.2.2, 00:02:10, Serial1
R3#show ip route
O IA 1.0.0.0/8 [110/128] via 2.2.2.1, 00:05:37, Serial1

O 20.0.0.0/8 [110/74] via 2.2.2.1, 00:05:37, Serial1
O 10.0.0.0/8 [110/129] via 2.2.2.1, 00:05:37, Serial1
Now, when we verify the routing table on R1, R2, R3, we see that all O IA routes are
advertised as ‘O’ routes as the routers assume that the networks belong to the same area
because of the virtual link.
Also we can see network 10.0.0.0 in R3 routing table as O route.

Lab 10 – Configuring OSPF Authentication
R1 R2
E0 S 0/2/0 S0 E0
R1

S0/2/0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
E0 20.1.1.1 255.0.0.0
Lab Objective:
Task 1
All routers should Authenticate Routing updates using the simple password
authentication method. Use a key-string of cisco123.
R1
Router ospf 1
Network 1.1.1.1 0.0.0.0 area 0
Network 10.0.0.0 0.255.255.255 area 0
Int s 0/2/0
Ip ospf authentication-key cisco123
Ip ospf authentication
R2
Router ospf 1
Network 1.1.1.2 0.0.0.0 area 0
Network 20.0.0.0 0.255.255.255 area 0
Int s0
Ip ospf authentication-key cisco123
Ip ospf authentication
Verification :

20.1.1.1 0 FULL/ - 00:00:34 1.1.1.2 Serial0/2/0
The output displays neighbor in full state.
If there is a mismatch in the password, there will be no OSPF neighbor relationship

established.
R1#show ip route

O 20.0.0.0/8 [110/74] via 1.1.1.2, 00:09:23, Serial0/2/0
Simple authentication on R1 and R2, but different passwords:
R1#debug ip ospf adj
*May 29 06:29:03.966: OSPF: Rcv pkt from 1.1.1.2, Serial0/2/0 : Mismatch

Authentication Key - Clear Text
Simple authentication on R1, no authentication on R2:

Authentication type. Input packet specified type 0, we use type 1

*Mar 1 01:14:09.311: OSPF: Rcv pkt from 1.1.1.1, Serial0 : Mismatch Authentication
type. Input packet specified type 1, we use type 0
Task 2
(Scenario based on Task 1 )
All routers should Authenticate Routing updates using the most secure authentication
method. Use Key 1 with a key-string of cisco123. Do not use wide authentication.
R1
Router ospf 1
Network 1.1.1.1 0.0.0.0 area 0
Network 10.0.0.0 0.255.255.255 area 0
Int S0/2/0
Ip ospf message-digest-key 1 md5 cisco123
Ip ospf authentication message-digest
R2
Router ospf 1
Network 1.1.1.2 0.0.0.0 area 0
Network 20.0.0.0 0.255.255.255 area 0
Int S0
Ip ospf message-digest-key 1 md5 cisco123
Ip ospf authentication message-digest
Verification :

20.1.1.1 0 FULL/ - 00:00:34 1.1.1.2 Serial0/2/0
If there is mismatch in key or password, there will not be OSPF neighbor relationship
established between the two routers.
R1#show ip route

O 20.0.0.0/8 [110/74] via 1.1.1.2, 00:09:23, Serial0/2/0
MD5 authentication on R1, no authentication on R2:

*May 29 06:50:02.162: OSPF: Send with youngest Key 1
Authentication type. Input packet specified type 0, we use type 2
Lab 11 – OSPF on Broadcast Multiaccess
R3
E0
E0
R2 SW1
F 0/0
R1
R1

Fa0/0 10.1.1.1 255.0.0.0
R2

E0 20.1.1.1 255.0.0.0
R3

E0 30.1.1.1 255.0.0.0
Lab Objective:
Task
Configure OSPF as per the above scenario.
R1 R2

R3
Router ospf 1
Network 30.0.0.0 0.255.255.255 area 0
Verification :
The DR & BDR election can be verified by using the following commands

10.1.1.2 1 FULL/BDR 00:00:35 10.1.1.1 Ethernet1
10.1.1.3 1 FULL/DR 00:00:30 10.1.1.3 Ethernet1
R3#show ip ospf interface
Ethernet0 is up, line protocol is up

Internet Address 10.1.1.3/8, Area 0
Process ID 1, Router ID 10.1.1.3, Network Type BROADCAST, Cost: 10
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 10.1.1.3, Interface address 10.1.1.3
Backup Designated router (ID) 10.1.1.2, Interface address 10.1.1.1
oob-resync timeout 40
Hello due in 00:00:00
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 4 msec
Neighbor Count is 2, Adjacent neighbor count is 2
Adjacent with neighbor 10.1.1.2 (Backup Designated Router)
Adjacent with neighbor 10.1.1.1
 Routers notify DR on 224.0.0.6

 DR notifies others on 224.0.0.5.
 Router with highest priority value is the DR
 Router with second highest priority value is BDR
 Default for interface OSPF priority is 1
 In case of a tie, router-id (highest) is preferred
 A router with priority set to 0 cannot become the DR/BDR and is called DR other
 DR election is non-preemptive
Setting priority for DR election
(config-if) # ip ospf priority number

-Default is 1
-Range is 0-255.
Module 3 – BGP
BGP LAB INDEX
1. BGP BASIC CONFIGURATION
2. BGP USING LOOPBACK ADDRESS
3. eBGP WITH MULTIHOP COMMAND
4. eBGP WITH MULTIHOP COMMAND (LOAD BALANCING)
5. BGP NEXT-HOP ATTRIBUTE
6. ORIGIN ATTRIBUTE
7. WEIGHT ATTRIBUTE
8. LOCAL PREFERENCE
9. CONFIGURING MED ATTRIBUTE USING DEFAULT-METRIC

COMMAND
10. MED ATTRIBUTE
11. AS-PATH ATTRIBUTE
12. AUTHENTICATION IN BGP
13. CONFIGURING PEER-GROUP
14. ROUTE AGGREGATION IN BGP
Lab 1 – Basic BGP Configuration

BGP AS 100
R2 E0
S0
S1
S0 S0
R1 R3
S1
S1 E0
E0
BGP AS 200
R1

S0 1.1.1.1 255.0.0.0
S1 3.3.3.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
S1 3.3.3.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Lab Objective:
Task 1
Configure a BGP neighbor relationship between R1, R2 and R3. R1 should be in AS 200,
R2 should be in AS 100 and R3 should be in AS 200.
R1 R2
Router bgp 200 Router bgp 100

Neighbor 1.1.1.2 remote-as 100 Neighbor 1.1.1.1 remote-as 200
No synchronization No synchronization
R3
Router bgp 200

Neighbor 3.3.3.1 remote-as 200
Network 2.0.0.0
Network 3.0.0.0
Network 30.0.0.0
No synchronization
Verification :
R1#show ip bgp summary
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down state/PfxRcd
1.1.1.2 4 100 10 12 8 0 0 00:04:54 3

3.3.3.2 4 200 12 11 8 0 0 00:06:57 4
The output displays that BGP neighbors have established a TCP connection.
R1#show ip route

B 2.0.0.0/8 [200/0] via 3.3.3.2, 00:08:31
B 20.0.0.0/8 [20/0] via 1.1.1.2, 00:07:17
B 30.0.0.0/8 [200/0] via 3.3.3.2, 00:08:31
The output states that the BGP routes denoted as ‘B’ in the routing table.
R1#show ip bgp
Network Next Hop Metric LocPrf Weight Path

* 1.0.0.0 1.1.1.2 0 0 100 i
*> 0.0.0.0 0 32768 i
* 2.0.0.0 1.1.1.2 0 0 100 i
*>i 3.3.3.2 0 100 0 i
* i3.0.0.0 3.3.3.2 0 100 0 i
*> 0.0.0.0 0 32768 i
*> 10.0.0.0 0.0.0.0 0 32768 i
*> 20.0.0.0 1.1.1.2 0 0 100 i
*i 2.2.2.1 0 100 0 100 i
*>i30.0.0.0 3.3.3.2 0 100 0 i
The output displays the BGP table.
Lab 2 – Connecting BGP using Loopback

R2 E0
Loopback 0
S0
S1
S0 S0
R1 R3
S1
S1
E0 Loopback 0
E0
Loopback 0 BGP AS 100
R1

S0 1.1.1.1 255.0.0.0
S1 3.3.3.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
Loopback 0 50.50.50.50 255.255.255.255
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
Loopback 0 75.75.75.75 255.255.255.255
R3

S0 2.2.2.2 255.0.0.0
S1 3.3.3.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Loopback 0 100.100.100.100 255.255.255.255
Lab Objective:
Task 1
Configure a BGP neighbor relationship between R1, R2 and R3. All routers should be
configured in AS 100. Establish the neighbor relationship based on Loopback 0
addresses. Configure EIGRP as the routing protocol in AS 100. Advertise all loopback
networks under EIGRP.
R1 R2


Neighbor 75.75.75.75 update-source loopback 0 Neighbor 50.50.50.50 update-source loopback 0
Neighbor 100.100.100.100 update-source Neighbor 100.100.100.100 update-source loopback 0
loopback 0 No synchronization
No synchronization
R3
Router eigrp 100

Network 2.0.0.0
Network 3.0.0.0
Network 30.0.0.0
Network 100.0.0.0
No auto-summary
Router bgp 100
Neighbor 50.50.50.50 update-source loopback 0
Neighbor 75.75.75.75 update-source loopback 0
No synchronization
Verification :
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
75.75.75.75 4 100 10 10 1 0 0 00:06:48 0

100.100.100.100 4 100 10 10 1 0 0 00:06:50 0
The output displays that neighbors established a TCP connection between them.
Lab 3 – ebgp-Multihop
R1 R2
S0/2/0 S0
FA0/0
S E0
BGP AS 100 1
BGP AS 200
R1

S 0/2/0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
E0 20.1.1.1 255.0.0.0
Lab Objective:
Task 1 :
Configure a BGP neighbor relationship between R1 and R2. R1 should be configured in

AS 100 and R2 should be in AS 200. Establish the neighbor relationship between peers
that are not directly connected. You are allowed to create a static route on each router to
accomplish this task.
R1 R2
Ip route 20.1.1.1 255.0.0.0 1.1.1.2 Ip route 10.1.1.1 255.0.0.0 1.1.1.1

Neighbor 20.1.1.1 ebgp-multihop Neighbor 10.1.1.1 ebgp-multihop
Verification :
20.1.1.1 4 200 18 18 1 0 0 00:08:23 0
The output displays neighborship as established.

Lab 4 – ebgp-Multihop (Load Balancing)
S0/2/0
Loopback 0 S0 Loopback 0
R1 R2
E0 S1
S0/2/1 E0
S
BGP AS 100 1 BGP AS 200
R1

S 0/2/0 1.1.1.1 255.0.0.0
S 0/2/1 2.2.2.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
Loopback 0 50.50.50.50 255.255.255.255
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.2 255.0.0.0
E0 20.1.1.1 255.0.0.0
Loopback 0 75.75.75.75 255.255.255.255
Lab Objective:
Task 1 :
Configure a BGP neighbor relationship between R1 and R2. R1 should be configured in

AS 100 and R2 should be in AS 200. Establish the neighbor relationship between peers
using loopbacks. Create a static route on each router to accomplish this task.
R1 R2
Ip route 75.75.75.75 255.255.255.255 Ip route 50.50.50.50 255.255.255.255

1.1.1.2 1.1.1.1
Ip route 75.75.75.75 255.255.255.255 Ip route 50.50.50.50 255.255.255.255
2.2.2.2 2.2.2.1

Neighbor 75.75.75.75 update-source Neighbor 50.50.50.50 update-source
loopback 0 loopback 0
Neighbor 75.75.75.75 ebgp-multihop Neighbor 50.50.50.50 ebgp-multihop
Verification :
75.75.75.75 4 200 16 16 1 0 0 00:12:01 0
R1#show ip route

C 50.50.50.50 is directly connected, Loopback0
S 75.75.75.75 [1/0] via 2.2.2.2
[1/0] via 1.1.1.2
Routing table displays two choices to reach the next hop 75.75.75.75, one via 2.2.2.2 and
the other via 1.1.1.2.
The load balancing can be verified by issuing the traceroute command:
1 2.2.2.2 16 msec
1.1.1.2 16 msec *

1 1.1.1.2 24 msec
2.2.2.2 16 msec
Lab 5 – BGP Next Hop Attribute

R1 R2 R3
S0/2/0 S1
S0 S0
E0 E0 E0
BGP AS 100 BGP AS 200
R1

S 0/2/0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Lab Objective:
Task 1 :
Configure BGP on the routers as per the above scenario.

R1 R2

Network 1.0.0.0 Neighbor 1.1.1.1 remote-as 100
No synchronization Network 2.0.0.0
Network 20.0.0.0
No synchronization
R3
Router bgp 200

Network 2.0.0.0
Network 30.0.0.0
No synchronization
R1 advertises network 10.0.0.0 to R2 with the next hop of 1.1.1.1 and R2 advertises
network 20.0.0.0 to R1 with the next hop of 1.1.1.2.
For iBGP, the protocol states that the next hop that eBGP advertises, should be carried
into iBGP, because of this rule, R2 advertises network 10.0.0.0 to its iBGP peer R3 with a
next hop of 1.1.1.1. Therefore for R3, the next hop to reach network 10.0.0.0 is via
1.1.1.1 and not 2.2.2.1.
Make sure that R3 can reach network 10.0.0.0 via IGP, otherwise R3 drops packets with
the destination of 10.0.0.0 or advertise via network commands in BGP.
Verification :
R3#show ip route
B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:08:24

B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:09:11
B 10.0.0.0/8 [200/0] via 1.1.1.1, 00:08:11
The output on R3 displays that the network 10.0.0.0 can be reached via 1.1.1.1.
Task 2 :
Configure BGP such that R2 advertises its updates to iBGP peers via 2.2.2.1 instead of
1.1.1.1. You can use the next-hop-self command to accomplish this task.
R2
Router bgp 200

Neighbor 2.2.2.2 next-hop-self
Neighbor 1.1.1.1 next-hop-self
Network 1.0.0.0
Network 2.0.0.0
Network 20.0.0.0
No synchronization
Verification :
R3#show ip route
B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:00:05

B 10.0.0.0/8 [200/0] via 2.2.2.1, 00:00:05
The output displays that for R3 to reach network 10.0.0.0 is via 2.2.2.1 because of the
next-hop-self command. R2 advertises network 10.0.0.0 via 2.2.2.1 to R3, instead of
carrying the next-hop advertised by eBGP.
Lab 6 – Origin Attribute

R1 R2 R3
S0/2/0 S1
S0 S0
E0 E0 E0
R1

S 0/2/0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Lab Objective:
Task 1 :
Configure BGP on all the three routers. Do not advertise network 30.0.0.0 on R3 in BGP,
instead create static route on R2 to reach 30.0.0.0 via 2.2.2.2 and redistribute this static
route into BGP.
R1 R3

Network 10.0.0.0 No synchronization
No synchronization
R2
ip route 30.1.1.1 255.0.0.0 2.2.2.2
Router bgp 200

Network 1.0.0.0
Network 2.0.0.0
Network 20.0.0.0
Redistribute static
No synchronization
Verification :
R1#show ip bgp

* 1.0.0.0 1.1.1.2 0 0 200 i
*> 0.0.0.0 0 32768 i
*> 2.0.0.0 1.1.1.2 0 0 200 i
*> 10.0.0.0 0.0.0.0 0 32768 i
*> 20.0.0.0 1.1.1.2 0 0 200 i
*> 30.1.1.0/24 1.1.1.2 0 0 200 ?
R1 reaches 2.0.0.0 via ‘200 i’ means that the next AS path is 200 and the origin of the
route is IGP.
R1 also reaches 30.0.0.0 via ‘200 ?’, means that the next AS is 200 and that the origin is
incomplete and is a redistributed static route.
Lab 7 – Setting Cisco Weight Attribute

BGP AS 200
R2 E0
S0
S1
S0 S0
R1 R3
S1 S1 E0
E0
R1

S0 1.1.1.1 255.0.0.0
S1 3.3.3.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
S1 3.3.3.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Lab Objective:
Task 1 :
Configure AS 200 such that all traffic destined for network 3.0.0.0 should go through R3.
Use the Weight attribute to accomplish this task.
R1 R3

R2
Router bgp 200

Neighbor 1.1.1.1 weight 500
Neighbor 2.2.2.2 weight 1000
Network 1.0.0.0
Network 2.0.0.0
Network 20.0.0.0
Redistribute static
No synchronization
Verification :
R2#show ip route

B 3.0.0.0/8 [20/0] via 2.2.2.2, 00:00:04
B 10.0.0.0/8 [20/0] via 2.2.2.2, 00:00:04
B 30.0.0.0/8 [20/0] via 2.2.2.2, 00:00:04
The output displays that R2 has been forced to use R3 as the next-hop to reach network
3.0.0.0
R2#show ip bgp 3.0.0.0
BGP routing table entry for 3.0.0.0/8, version 4

Paths: (2 available, best #2, table Default-IP-Routing-Table)
Advertised to non peer-group peers:
1.1.1.1
100
1.1.1.1 from 1.1.1.1 (10.1.1.1)
Origin IGP, metric 0, localpref 100, weight 500, valid, external
300
2.2.2.2 from 2.2.2.2 (30.1.1.1)
Origin IGP, metric 0, localpref 100, weight 1000, valid, external, best
The output displays two paths and shows the path via 2.2.2.2 as the best path choosen
because of the highest weight set to that path.

1.1.1.1
100
1.1.1.1 from 1.1.1.1 (10.1.1.1)
Origin IGP, metric 0, localpref 100, weight 500, valid, external
300 100
2.2.2.2 from 2.2.2.2 (30.1.1.1)
Origin IGP, localpref 100, weight 1000, valid, external, best
The output displays two paths and shows the path via 2.2.2.2 as the best path choosen
because of the highest weight set to that path.
Task 2 :
Configure route-map using weight attribute to manipulate the routing information on R2.
R2
Access-list 1 permit 30.0.0.0 0.255.255.255

Route-map list 1 permit 10
Match ip address 1
Set weight 1000

Match ip add 2
Set weight 1000
Router bgp 200

Neighbor 1.1.1.1 route-map list 1 in
Neighbor 2.2.2.2 route-map list 2 in
Verification :
R2#sh ip route

B 3.0.0.0/8 [20/0] via 1.1.1.1, 00:00:02
B 10.0.0.0/8 [20/0] via 2.2.2.2, 00:00:02
B 30.0.0.0/8 [20/0] via 1.1.1.1, 00:00:02
The routing table displays that R2 is learning network 10.0.0.0 via 2.2.2.2 and network
30.0.0.0 via 1.1.1.1

2.2.2.2
300
2.2.2.2 from 2.2.2.2 (30.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external
100 300
1.1.1.1 from 1.1.1.1 (10.1.1.1)
The output displays the best path to reach network 30.0.0.0 from R2 is via 1.1.1.1,
because of the highest weight attribute set to that path.

1.1.1.1
300 100
2.2.2.2 from 2.2.2.2 (30.1.1.1)
100
1.1.1.1 from 1.1.1.1 (10.1.1.1)
The output displays the best path to reach network 10.0.0.0 from R2 is via 2.2.2.2,
because of the highest weight attribute set to that path.
Lab 8 – Setting Local Preference

BGP AS 200
R2 E0
S0
S1
S0 S0
R1 R3
S1
S1 E0
E0
BGP AS 100
R1

S0 1.1.1.1 255.0.0.0
S1 3.3.3.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
S1 3.3.3.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Lab Objective:
Task 1 :
Configure AS 100 such that all traffic destined for AS 200 should go through R2. Use
Local-Preference Attribute to accomplish this task.
R1 R3

Network 1.0.0.0 Bgp default-preference 500
No synchronization Network 30.0.0.0
No synchronization
R2
Router bgp 200

Network 1.0.0.0
Network 2.0.0.0
Network 20.0.0.0
No synchronization
Verification :
R3#show ip route
B 1.0.0.0/8 [20/0] via 2.2.2.1, 00:00:01

B 20.0.0.0/8 [20/0] via 2.2.2.1, 00:00:01
B 10.0.0.0/8 [200/0] via 3.3.3.1, 00:00:01
The output displays that R3 learns network 1.0.0.0 via 2.2.2.1.
200
2.2.2.1 from 2.2.2.1 (20.1.1.1)
Origin IGP, metric 0, localpref 500, valid, external, best
Local
3.3.3.1 from 3.3.3.1 (10.1.1.1)
Origin IGP, metric 0, localpref 100, valid, internal
The output displays that path 2.2.2.1 is the best path, because of the highest local
preference value over the other path.
Task 2 :
Configure route-map using local-preference attribute to manipulate the routing

information on R3.
R3

Match ip address 1
Set local preference 50
Router bgp 200

Neighbor 2.2.2.1 route-map list1 in
Network 3.0.0.0
Network 2.0.0.0
Network 30.0.0.0
No synchronization
Verification :
R3#show ip route
B 1.0.0.0/8 [200/0] via 3.3.3.1, 00:02:17
B 20.0.0.0/8 [200/0] via 1.1.1.2, 00:01:41
B 10.0.0.0/8 [200/0] via 3.3.3.1, 00:02:17

200
2.2.2.1 from 2.2.2.1 (20.1.1.1)
200
1.1.1.2 from 3.3.3.1 (10.1.1.1)
Origin IGP, metric 0, localpref 100, valid, internal, best
The output displays that path 1.1.1.2 is the best path, because of the highest local
preference value over the other path.
Lab 9 – Configuring MED

(Scenario Based On Lab 9)
R1

S0 1.1.1.1 255.0.0.0
S1 3.3.3.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
S1 3.3.3.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Lab Objective:
Task 1 :
All ingress (incoming) traffic to AS 200 should use the path through R3 using the MED
attribute. Configure the MED on R1 to 100 and Configure the MED on R3 to 50. Lower
MED will be preferred.
R1 R3
Access-list 1 permit 10.0.0.0 Access-list 1 permit 30.0.0.0

0.255.255.255 0.255.255.255
Route-map list 1 permit 10 Route-map list 1 permit 10
Match ip add 1 Match ip add 1
Set metric 200 Set metric 50
Route-map list 1 permit 20 Route-map list 1 permit 20

Set metric 100 Set metric 100

Neighbor 1.1.1.2 route-map list 1 out Neighbor 2.2.2.1 route-map list 1 out
Verification :
R2#show ip route

B 3.0.0.0/8 [20/100] via 1.1.1.1, 00:00:04
B 10.0.0.0/8 [20/100] via 2.2.2.2, 00:00:04
B 30.0.0.0/8 [20/50] via 2.2.2.2, 00:00:04
The output displays that network 10.0.0.0 & 30.0.0.0 are learnt via 2.2.2.2 because of the
lowest MED value set to this path.

1.1.1.1
100
2.2.2.2 from 2.2.2.2 (30.1.1.1)
100
1.1.1.1 from 1.1.1.1 (10.1.1.1)

1.1.1.1
100
2.2.2.2 from 2.2.2.2 (30.1.1.1)
100
1.1.1.1 from 1.1.1.1 (10.1.1.1)
The output displays best path 2.2.2.2 with a metric 50 lower than other path.
Lab 10 – Configuring MED using default-

metric command
R1 R2 R3
S0 S1
S0 S0
E0 E0 E0
BGP AS 100 OSPF Area 0
R1

S0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Lab Objective:
Task 1 :
Configure BGP and OSPF as per the above scenario. Redistribute OSPF into BGP and
verify the metric values displayed in the output by default .
R1 R2
Router bgp 100 Router ospf 1

Neighbor 1.1.1.2 remote-as 100 Network 2.2.2.1 0.0.0.0 area 0
Network 1.0.0.0 Network 20.0.0.0 0.255.255.255 area 0
Network 10.0.0.0
No synchronization Router bgp 100
Network 1.0.0.0
No synchronization
Redistribute ospf 1
R3
Router ospf 1
Network 2.2.2.1 0.0.0.0 area 0
Network 30.0.0.0 0.255.255.255 area 0
Verification :
R1#show ip route

B 2.0.0.0/8 [200/0] via 1.1.1.2, 00:03:10
B 20.0.0.0/8 [200/0] via 1.1.1.2, 00:03:10
B 30.0.0.0/8 [200/74] via 2.2.2.2, 00:02:35
The output displays routes 2.0.0.0 and 20.0.0.0 with a metric of ‘0’ as they are directly
connected to R2 and when passed to R1 travel with a metric of ‘0’.
Task 2 :
Configure BGP and OSPF as per the above scenario. Redistribute OSPF into BGP using a
metric value of 5.
R2
Router ospf 1
Network 2.2.2.1 0.0.0.0 area 0
Network 20.0.0.0 0.255.255.255 area 0
Router bgp 100
Network 1.0.0.0
No synchronization
Redistribute ospf 1 metric 5
Verification :
R1#show ip route

B 2.0.0.0/8 [200/0] via 1.1.1.2, 00:02:39
B 20.0.0.0/8 [200/0] via 1.1.1.2, 00:02:39
B 30.0.0.0/8 [200/5] via 2.2.2.2, 00:02:07
The output displays network 30.0.0.0 changed to metric of 5. But observe that network
2.0.0.0 and 20.0.0.0 still remain with a metric of ‘0’ as they are not displayed as
redistributed routes instead they are learn’t as connected routes on R2.
Task 3 :
Configure BGP and OSPF as per the above scenario. Redistribute OSPF into BGP using a
metric value of 5 and also redistribute connected routes with a metric set to 50.
R2
Router ospf 1
Network 2.2.2.1 0.0.0.0 area 0
Network 20.0.0.0 0.255.255.255 area 0
Router bgp 100

Network 1.0.0.0
No synchronization
Redistribute ospf 1 metric 5
Redistribute connected metric 50
Verification :
R1#show ip route

B 2.0.0.0/8 [200/50] via 1.1.1.2, 00:02:39
B 20.0.0.0/8 [200/50] via 1.1.1.2, 00:02:39
B 30.0.0.0/8 [200/5] via 2.2.2.2, 00:02:07
The output displays network 30.0.0.0 changed to metric of ‘5’. Also network 2.0.0.0 and
20.0.0.0 with a metric of ‘50’.
Task 4 :
Configure BGP and OSPF as per the above scenario. Redistribute OSPF into BGP and
use the default-metric command to change the metric.
R2
Router ospf 1
Network 2.2.2.1 0.0.0.0 area 0
Network 20.0.0.0 0.255.255.255 area 0
Router bgp 100

Network 1.0.0.0
No synchronization
Redistribute ospf 1
Default-metric 75
Verification :
R1#show ip route

B 2.0.0.0/8 [200/0] via 1.1.1.2, 00:00:33
B 20.0.0.0/8 [200/0] via 1.1.1.2, 00:00:33
B 30.0.0.0/8 [200/75] via 2.2.2.2, 00:00:00
The output displays network 30.0.0.0 with a metric value changed to 75.
Lab 11 – AS-Path Attribute

R1 R2 R3
S0 S1
S0 S0
E0
S1 E0 E0
S1
BGP AS 100 BGP AS 200 BGP AS 300
AS 100
S1
R4
S0
E0
BGP AS 400
R1
S0 1.1.1.1 255.0.0.0
S1 3.3.3.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
S1 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 2.2.2.2 255.0.0.0
S1 4.4.4.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
R4

S1 3.3.3.2 255.0.0.0
S0 4.4.4.1 255.0.0.0
E0 40.1.1.1 255.0.0.0
Lab Objective:
Task 1 :
Configure BGP on all the routers.
R1 R2

R3 R4
Verification :
R4#show ip route
B 1.0.0.0/8 [20/0] via 3.3.3.1, 00:01:15

B 2.0.0.0/8 [20/0] via 4.4.4.2, 00:01:15
B 20.0.0.0/8 [20/0] via 3.3.3.1, 00:01:15
B 10.0.0.0/8 [20/0] via 3.3.3.1, 00:01:15
B 30.0.0.0/8 [20/0] via 4.4.4.2, 00:01:15

3.3.3.1
300
4.4.4.2 from 4.4.4.2 (30.1.1.1)
100 200 300
3.3.3.1 from 3.3.3.1 (3.3.3.1)
Origin IGP, localpref 100, valid, external
The output displays that network 30.0.0.0 is reached via 4.4.4.2 from R4 as it is the
shortest path when compared to the other path via 3.3.3.1.
Task 2 :
Manipulate the path to reach network 30.0.0.0 on R4. You can use as-path prepend
command using route-map to accomplish this task.
R4
Access-list 1 permit 30.0.0.0
0.255.255.255
Route-map map 1 permit 10

Match ip add 1
Set as-path prepend 400 400 400 400
Route-map map1 permit 20
Router bgp 400

Neighbor 4.4.4.2 route-map map 1 in
Verification :
R4#show ip route
B 1.0.0.0/8 [20/0] via 3.3.3.1, 00:00:34

B 2.0.0.0/8 [20/0] via 4.4.4.2, 00:00:34
B 20.0.0.0/8 [20/0] via 3.3.3.1, 00:00:34
B 10.0.0.0/8 [20/0] via 3.3.3.1, 00:00:34
B 30.0.0.0/8 [20/0] via 3.3.3.1, 00:00:34

4.4.4.2
400 400 400 400 300
4.4.4.2 from 4.4.4.2 (30.1.1.1)
100 200 300
3.3.3.1 from 3.3.3.1 (3.3.3.1)
Origin IGP, localpref 100, valid, external, best
The output displays that network 30.0.0.0 is reached via 3.3.3.1 from R4 as it is the
shortest path when compared to the other path via 4.4.4.2.
Lab 12 – BGP Neighbor MD5 Authentication
R1 R2
S0 S0
E0
S E0
BGP AS 100 1
BGP AS 200
R1

S0 1.1.1.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 1.1.1.2 255.0.0.0
E0 20.1.1.1 255.0.0.0
Lab Objective:
Task 1 :
Configure BGP on all the routers. Configure R1 in AS 100 and R2 in AS 200. Configure
MD5 Authentication between R1 and R2 using a password of cisco123.
R1 R2

Neighbor 1.1.1.2 password cisco123 Neighbor 1.1.1.1 password cisco123
Verification :
R1#show ip route

B 20.0.0.0/8 [20/0] via 1.1.1.2, 00:00:04
1.1.1.2 4 200 13 11 4 0 0 00:01:43 2
Authentication in R2 and no authentication in R1:
R2#debug ip bgp events
04:58:02: %TCP-6-BADAUTH: No MD5 digest from 1.1.1.1:179 to 1.1.1.2:11087

Authentication mismatch:
R2#debug ip bgp events
05:01:09: %TCP-6-BADAUTH: Invalid MD5 digest from 1.1.1.1:11040 to 1.1.1.2:179

Lab 13 – Configuring Peer-groups

R3
Loopback 0
S0
E0
R2 R1
S0
S0
S1
S2
E0 E0
R4
Loopback 0 BGP AS 200
S0
E0 Loopback 0
BGP AS 100
R1

S0 3.3.3.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 3.3.3.2 255.0.0.0
S1 1.1.1.1 255.0.0.0
S2 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
Loopback 0 7.7.7.7 255.255.255.255
R3

S0 1.1.1.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Loopback 0 8.8.8.8 255.255.255.255
R4

S0 2.2.2.2 255.0.0.0
E0 40.1.1.1 255.0.0.0
Loopback 0 6.6.6.6 255.255.255.255
Lab Objective:
Task 1 :
Configure BGP on all the routers. Configure R1 in AS 200 and configure R2, R3 and R4 in AS
100. Configure the loopbacks as per the scenario and advertise in BGP. Also configure route-map
blocking network 10.0.0.0 from being advertised to iBGP peers. You can use peer-group to
accomplish these tasks.
R1 R2
ip route 7.7.7.7 255.255.255.255 3.3.3.2 Router bgp 100

Neighbor internal peer-group
Router bgp 200 Neighbor internal remote-AS 100
Neighbor 7.7.7.7 remote-as 100 Neighbor internal update-source loopback 0
Neighbor 7.7.7.7 ebgp-multihop Neighbor internal route-map map1 out
Network 3.0.0.0 Neighbor 8.8.8.8 peer-group internal
Network 10.0.0.0 Neighbor 6.6.6.6 peer-group internal
No synchronization
R3 R4

Neighbor internal peer-group Neighbor internal peer-group
Neighbor internal remote-AS 100 Neighbor internal remote-AS 100
Neighbor internal update-source Neighbor internal update-source loopback 0
loopback 0 Neighbor 7.7.7.7 peer-group internal
Neighbor 7.7.7.7 peer-group internal Neighbor 8.8.8.8 peer-group internal
Neighbor 6.6.6.6 peer-group internal
Configuring BGP using peer-group simplifies configuration reducing the number of statements in
the configuration.
Lab 14 – Route Aggregation

R1 R2 R4
S0 S2
S0 S0
E0 E0
S1 E0
BGP AS 100 BGP AS 200 BGP AS 400

AS 100
Loopback 1 – 5
S0
R3
E0
BGP AS 300
R1

S0 3.3.3.1 255.0.0.0
E0 10.1.1.1 255.0.0.0
R2

S0 3.3.3.2 255.0.0.0
S1 1.1.1.1 255.0.0.0
S2 2.2.2.1 255.0.0.0
E0 20.1.1.1 255.0.0.0
R3

S0 1.1.1.2 255.0.0.0
E0 30.1.1.1 255.0.0.0
Loopback 1 172.1.0.1 255.255.0.0
Loopback 2 172.2.0.1 255.255.0.0
Loopback 3 172.3.0.1 255.255.0.0
Loopback 4 172.4.0.1 255.255.0.0
Loopback 5 172.5.0.1 255.255.0.0
R4

S0 2.2.2.2 255.0.0.0
E0 40.1.1.1 255.0.0.0
Lab Objective:
Task 1 :
Configure BGP on all the routers. Create loopbacks on R3 as per the above scenario and
advertise them under BGP.
Loopback 1 – 172.1.0.1/16
Loopback 2 – 172.2.0.1/16
Loopback 3 – 172.3.0.1/16
Loopback 4 – 172.4.0.1/16
Loopback 5 – 172.5.0.1/16
R3
interface Loopback1
ip address 172.1.0.1 255.255.0.0
interface Loopback2
ip address 172.2.0.1 255.255.0.0
interface Loopback3
ip address 172.3.0.1 255.255.0.0
interface Loopback4
ip address 172.4.0.1 255.255.0.0
interface Loopback4
ip address 172.5.0.1 255.255.0.0
Router BGP 300

Network 172.1.0.0
Network 172.2.0.0
Network 172.3.0.0
Network 172.4.0.0
Network 172.5.0.0
Task 2
Configure Route Aggregation on R3 such that these routes are summarized as a single
route.
R3
Router bgp 300

Aggregate-address 172.0.0.0 255.248.0.0
Verification :
R1#show ip route
B 1.0.0.0/8 [20/0] via 3.3.3.2, 00:15:39
B 2.0.0.0/8 [20/0] via 3.3.3.2, 00:16:38
B 20.0.0.0/8 [20/0] via 3.3.3.2, 00:15:39
B 172.1.0.0/16 [20/0] via 3.3.3.2, 00:08:03
B 172.2.0.0/16 [20/0] via 3.3.3.2, 00:08:03
B 172.3.0.0/16 [20/0] via 3.3.3.2, 00:08:03
B 172.4.0.0/16 [20/0] via 3.3.3.2, 00:08:03
B 172.5.0.0/16 [20/0] via 3.3.3.2, 00:07:03
B 40.0.0.0/8 [20/0] via 3.3.3.2, 00:16:38
B 30.0.0.0/8 [20/0] via 3.3.3.2, 00:08:51
B 172.0.0.0/13 [20/0] via 3.3.3.2, 00:00:34
The routing table displays the prefix route (172.0.0.0/13) and also all the specific-routes.
Task 3
route. Only the Summary route should be send to R3’s neighbors
R3
Router bgp 300
Aggregate-address 172.0.0.0 255.248.0.0 summary-only
Verification :
R1#show ip route
B 1.0.0.0/8 [20/0] via 3.3.3.2, 00:20:36

B 2.0.0.0/8 [20/0] via 3.3.3.2, 00:21:35
B 20.0.0.0/8 [20/0] via 3.3.3.2, 00:20:36
B 40.0.0.0/8 [20/0] via 3.3.3.2, 00:21:35
B 30.0.0.0/8 [20/0] via 3.3.3.2, 00:13:48
B 172.0.0.0/13 [20/0] via 3.3.3.2, 00:00:20
The output displays only the prefix route (172.0.0.0/13) and suppresses all the specific
routes.
Task 4
route. Only the Summary route and the 172.1.0.0, 172.2.0.0 and 172.3.0.0 route should be
send to R3’s neighbor, blocking 172.4.0.0 and 172.5.0.0 routes.
R3

Access-list 1 deny 0.0.0.0 255.255.255.255
Route-map map 1 permit 10

Match ip address 1
Router bgp 200

Aggregate-address 172.0.0.0 255.248.0.0 suppress-map map1
By definition of suppress-map, the match criteria set to permit will be suppressed and the
rest will be forwarded.
Verification :
R1#show ip route
B 1.0.0.0/8 [20/0] via 3.3.3.2, 00:00:32

B 2.0.0.0/8 [20/0] via 3.3.3.2, 00:00:32
B 20.0.0.0/8 [20/0] via 3.3.3.2, 00:00:32
B 172.1.0.0/16 [20/0] via 3.3.3.2, 00:00:33
B 172.2.0.0/16 [20/0] via 3.3.3.2, 00:00:33
B 172.3.0.0/16 [20/0] via 3.3.3.2, 00:00:33
B 40.0.0.0/8 [20/0] via 3.3.3.2, 00:00:32
B 30.0.0.0/8 [20/0] via 3.3.3.2, 00:00:33
B 172.0.0.0/13 [20/0] via 3.3.3.2, 00:00:32
The output displays only 172.1.0.0/16, 172.2.0.0/16 & 172.3.0.0/16, thus blocking
172.4.0.0 and 172.5.0.0 routes.
R2#show ip bgp

* 1.0.0.0 1.1.1.2 0 0 300 i
*> 0.0.0.0 0 32768 i
* 2.0.0.0 2.2.2.2 0 0 400 i
*> 0.0.0.0 0 32768 i
* 3.0.0.0 3.3.3.1 0 0 100 i
*> 0.0.0.0 0 32768 i
*> 10.0.0.0 3.3.3.1 0 0 100 i
*> 20.0.0.0 0.0.0.0 0 32768 i
*> 30.0.0.0 1.1.1.2 0 0 300 i
*> 40.0.0.0 2.2.2.2 0 0 400 i
*> 172.0.0.0/13 0.0.0.0 32768 i
*> 172.1.0.0 1.1.1.2 0 0 300 i
*> 172.2.0.0 1.1.1.2 0 0 300 i
*> 172.3.0.0 1.1.1.2 0 0 300 i
s> 172.4.0.0 1.1.1.2 0 0 300 i
s> 172.5.0.0 1.1.1.2 0 0 300 i
The output displays network 172.4.0.0 and 172.5.0.0 as suppressed routes.
Task 5
route. Configure route-map and set the attribute origin to the route-map and implement in
BGP process such that the aggregate address appears as incomplete route.
R3
Route-map map1
Set origin incomplete
Router bgp 300
Aggregate-address 172.0.0.0 255.248.0.0 attribute-map map1
Verification :

Paths: (1 available, best #1)
200, (aggregated by 200 20.1.1.1)
3.3.3.2 from 3.3.3.2 (20.1.1.1)
Origin incomplete, localpref 100, valid, external, atomic-aggregate, best
The output displays network 172.0.0.0 as incomplete route.

SWITCHING
SWITCHING LAB INDEX

1. IMPLEMENTING VLAN’s
2. CONFIGURE TRUNKING
3. DYNAMIC TRUNKING PROTOCOL
4. IMPLEMENTING INTER-VLAN ROUTING
5. PROPAGATING VLAN CONFIGURATION WITH VTP
6. IMPLEMENTING SPANNING TREE PROTOCOL
7. LOAD BALANCING IN STP
8. IMPLEMENTING MSTP
9. CONFIGURE LINK AGGREGATION USING ETHER-CHANNEL
10. CONFIGURE LAYER 3 REDUNDANCY WITH HSRP
11. CONFIGURE LAYER 3 REDUNDANCY WITH VRRP
12. CONFIGURE LAYER 3 REDUNDANCY WITH GLBP
Lab 1 – Implementing VLANs

20.1.1.2/24 VLAN 3 20.1.1.3/24 VLAN 3
F 0/2 F 0/4
SW1
PC2 PC4
F 0/1 F 0/3
PC1 PC3
10.1.1.2/24 VLAN 2 10.1.1.3/24 VLAN 2
SW1
Ports Assigned VLANs PC

FA 0/1 VLAN 2 PC 1 (10.1.1.2)
FA 0/2 VLAN 3 PC 2 (20.1.1.2)
FA 0/3 VLAN 2 PC 3 (10.1.1.3)
FA 0/4 VLAN 3 PC 4 (20.1.1.3)
Task 1
Create VLAN 2 and VLAN 3 and assign name SALES and FINANCE to each VLAN.
Configure ports fa 0/2 –fa 0/4 as access-ports and assign VLAN 2 to ports fa 0/1 and
fa0/3. Assign VLAN 3 to ports fa 0/2 and fa 0/4. Configure VLANs using the database
mode.
SW1
Vlan database
Vlan 2
vlan 2 name sales
Vlan 3
Vlan 3 name finance
Int fa0/1
Switchport mode access
Switchport access vlan2
Int fa0/2
Int fa0/3
Int fa0/4
Verification :
SW1#show interfaces fastEthernet 0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
The output displays mode as access.
SW1#show vlan brief

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gi0/1, Gi0/2
2 sales active Fa0/1, Fa0/3
3 finance active Fa0/2, Fa0/4
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
The output displays VLAN 2, name SALES assigned to ports fa 0/1 and fa 0/3. Also
VLAN 3, name FINANCE assigned to ports fa 0/2 and fa 0/4.
Verifying connectivity between PC 1 and PC 3 (i.e PC’s in the same vlan):
From PC 1:
Ping is successful.
Verifying connectivity between PC 1 and PC 2 (i.e PC’s in different vlan):
From PC 1:
Ping not successful.
Therefore we need a router connected to the switch to do inter-vlan communication. Also

the link should be configured as trunk.
Task 2
Create VLAN 2 and VLAN 3 and assign name SALES and FINANCE to each VLAN.
Configure ports fa 0/2 –fa 0/4 as access-ports and assign VLAN 2 to ports fa 0/1 and
fa0/3. Assign VLAN 3 to ports fa 0/2 and fa 0/4. Configure VLANs using the global
configuration mode.
SW1
Vlan 2
name sales
Vlan 3
name finance
Int fa0/1
Int fa0/2
Int fa0/3
Int fa0/4
Lab 2 – Configure Trunking
F 0/1 F 0/2
SW1
PC1 PC2
F 0/11
10.1.1.2/24 VLAN 2 20.1.1.2/24 VLAN 3
F 0/11
SW2
F 0/1 F 0/2
PC3 PC4
10.1.1.3/24 VLAN 2 20.1.1.3/24 VLAN 2
SW1

FA 0/1 VLAN 2 PC 1 (10.1.1.2)
FA 0/2 VLAN 3 PC 2 (20.1.1.2)
FA 0/11
Configured as trunk
SW2

FA 0/1 VLAN 2 PC 3 (10.1.1.3)
FA 0/2 VLAN 3 PC 4 (20.1.1.3)
FA 0/11
Configured as trunk
Task 1
Create VLANs according to the scenarioand assign to their respective access-ports.

Configure ISL trunk between SW1 (fa0/11) and SW 2 (fa0/11)
SW1
Vlan 2
name sales
Vlan 3
name finance
Int fa0/1
Int fa0/2
Int fa0/11
shutdown
Switchport trunk encapsulation isl
Switchport mode trunk
No shutdown
SW2
Vlan 2
name sales
Vlan 3
name finance
Int fa0/1
Int fa0/2
Int fa0/11
shutdown
Switchport trunk encapsulation isl
No shutdown
Verification :
SW1#show interfaces trunk
Port Mode Encapsulation Status Native vlan

Fa0/11 on isl trunking 1
Port Vlans allowed on trunk

Fa0/11 1-4094
Port Vlans allowed and active in management domain

Fa0/11 1-3
Port Vlans in spanning tree forwarding state and not pruned

Fa0/11 1-3
SW1#show interfaces fastEthernet 0/11 switchport
Name: Fa0/11
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: isl
Operational Trunking Encapsulation: isl
Negotiation of Trunking: On
Verifying connectivity between PC 1 and PC 3(i.e PC’s in the same vlan)
From PC 1
Ping successful.
From PC 1:
Task 2
Create VLANs according to the scenarioand assign to their respective access-ports.

Configure 802.1q (dot1q) trunk between SW1 (fa0/11) and SW 2 (fa0/11)
SW1
Int fa0/11
shutdown
Switchport trunk encapsulation dot1q
No shutdown
SW2
Int fa0/11
shutdown
Switchport trunk encapsulation dot1q
No shutdown
Verification :
SW1#show interfaces trunk

Fa0/11 on 802.1q trunking 1

Fa0/11 1-4094

Fa0/11 1-3

Fa0/11 1-3
SW1#show interfaces fa0/11 switchport
Name: Fa0/11
Switchport: Enabled
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
The output displays mode as trunk and encapsulation used is dot1q, and the default native
vlan is vlan1 which is used to carry the untagged frames across.
Verifying connectivity between PC 1 and PC 3 (i.e PC’s in the same vlan)
From PC 1
Ping successful.
From PC 1:
Ping not successful.
Therefore we need to configure inter-vlan routing.

Lab 3 – Implementing Inter-VLAN Routing
R1
E0
20.1.1.2/24 VLAN 20 20.1.1.3/24 VLAN 20
F 0/3 F 0/4 F 0/5
SW1
PC3 PC4
F 0/1 F 0/2
PC1 PC2
10.1.1.2/24 VLAN 10 10.1.1.3/24 VLAN 10
SW1

FA 0/1 VLAN 10 PC 1 (10.1.1.2)
FA 0/2 VLAN 10 PC 2 (10.1.1.3)
FA 0/3 VLAN 20 PC 3 (20.1.1.2)
FA 0/4 VLAn 20 PC 4 (20.1.1.3)
FA 0/5
Configured as trunk
R1
Sub-Interfaces Ip Address Subnet - Mask

E 0/0.10 10.1.1.1 255.0.0.0
E 0/0.20 20.1.1.1 255.0.0.0
E0
Configured as trunk
Task 1
Create VLAN 10 and assign to ports fa 0/1 and fa 0/2. Create VLAN 20 and assign to
ports fa 0/3 and fa 0/4. Configure port fa 0/5 as dot1q trunk. Use sub-interfaces on
interface e 0 on R1 to accomplish this task.
R1
Int e 0
No ip address
Int e 0/0.10
Encapsulation dotlq 10
Ip address 10.1.1.1 255.0.0.0
Int e 0/0.20
Encapsulation dotlq 20
Ip address 20.1.1.1 255.0.0.0
SW1
Vlan 10
Name sales
Vlan 20
Name finance
Int fa 0/1
Switchport access vlan 10
Int fa 0/2
Int fa 0/3
Int fa 0/4
Int fa 0/5
Shutdown
Switchport trunk encapsulation dotlq
Switchport nonegotiate
No shutdown
Verification :
Verify if PC’s in VLAN 10 can communicate with PC’s in VLAN 20.
From PC 1 (10.1.1.2) :
Ping successful which means inter-vlan communication is working properly.
SW1#show int fa0/5 switchport
Name: Fa0/5
Switchport: Enabled
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
The output displays trunk dot1q encapsulation enabled.
Task 2
Implementing inter-vlan communication on a multilayer switch. Create VLAN 10 and
assign to ports fa 0/1 and fa 0/2. Create VLAN 20 and assign to ports fa 0/3 and fa 0/4.
Configure SVI and assign Ip address.
20.1.1.2/24 VLAN 20 20.1.1.3/24 VLAN 20
F 0/3 F 0/4
SW1
PC3 PC4
F 0/1 F 0/2
PC1 PC2
10.1.1.2/24 VLAN 10 10.1.1.3/24 VLAN 10
SW1
Ip routing
Interface vlan 10
Ip address 10.1.1.1 255.0.0.0
No shutdown
Interface vlan 20
Ip address 20.1.1.1 255.0.0.0
No shutdown
Verification :
From PC 1 (10.1.1.2) :
Ping 100% successful which means inter-vlan communication is working properly.
Lab 4 – Propagating VLAN Configuration with

VTP
SW1 SW2
F 0/11 F 0/11
Task 1
Configure Switch1 as the VTP Server and the other Switch (SW2) as VTP Client. Use
CISCO as the Domain name. Authenticate the relationship using CISCO123 as the
password.
Switch1 Switch2
VTP domain CISCO VTP domain CISCO

VTP mode server VTP mode client
VTP password CISCO123 VTP password CISCO123
Task 2
Create VLANs 2,3,4, and 5 on SW1 (VTP SERVER) and name them as aaa, bbb, ccc,
ddd.
Switch1
Vlan 2
Name aaa
Vlan 3
Name bbb
Vlan 4
Name ccc
Vlan 5
Name ddd
Verification :
SW1#show vtp status

VTP Version :2
Configuration Revision : 15
Maximum VLANs supported locally : 1005
Number of existing VLANs :9
VTP Operating Mode : Server
VTP Domain Name : CISCO
The output displays vtp revision number, configuration revision number, vtp operation
mode and vtp domain name.
SW2#show vtp status
VTP Version :2
Configuration Revision : 15
Maximum VLANs supported locally : 1005
Number of existing VLANs :9
VTP Operating Mode : Client
VTP Domain Name : CISCO
The output displays vtp revision number, configuration revision number, vtp operation
mode and vtp domain name.
SW2#show vlan brief

---- -------------------------------- --------- -------------------------------
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gi0/1
Gi0/2
2 aaa active
3 bbb active
4 ccc active
5 ddd active
The output displays VLANs 2, 3, 4, 5 propagated from vtp server.
Lab 5 – Implementing Spanning Tree Protocol

F 0/9 F 0/9
SW1 SW2
F 0/11 F 0/11
Task 1
Configure Switch1 as the VTP Server and the other Switch (SW2) as VTP Client.
Configure SW1 to be the STP root for VLAN 1. Change the forward delay time such that
the port transitions from listening to learning state in just 6 seconds instead of the default
of 15 seconds. Configure ports fa 0/9 and fa 0/11 as dot1q trunks on both the switches.
Switch1 Switch2
VTP domain CISCO VTP domain CISCO

VTP mode server VTP mode client
VTP password CISCO123 VTP password CISCO123
Interface range fa0/9, fa0/11 Interface range fa0/9, fa0/11

Switchport trunk encapsulation Switchport trunk encapsulation
Switchport mode trunk Switchport mode trunk
Spanning-tree vlan 1 root primary

Spanning-tree vlan 1 forward-time 6
Verification :
SW1#show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 24577
Address 0014.a82f.a680
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 6 sec
Bridge ID Priority 24577 (priority 24576 sys-id-ext 1)

Aging Time 300
Interface Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------
Fa0/1 Desg FWD 19 128.1 P2p
Fa0/11 Desg FWD 19 128.11 P2p
The output displays that SW1 is the root bridge and forward delay time is 6 seconds.
SW1#debug spanning-tree events
05:23:22: STP: VLAN0004 Fa0/9 -> listening

05:23:22: set portid: VLAN0005 Fa0/9: new port id 8009
05:23:23: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9,
changed state to up
05:23:28: STP: VLAN0001 Fa0/9 -> learning
05:23:34: STP: VLAN0001 Fa0/9 -> forwarding
05:23:52: STP: VLAN0002 Fa0/9 -> forwarding
The output displays the transition of ports from listening to learning in just 6 seconds
instead of the default of 15 seconds.
Task 2
20.1.1.2/24 VLAN 20 20.1.1.3/24 VLAN 20
F 0/3 F 0/4
SW1
PC3 PC4
F 0/1 F 0/2
PC1 PC2
10.1.1.2/24 VLAN 10 10.1.1.3/24 VLAN 10
Configure ports fa0/1 - fa0/3 on SW1 to operate in portfast mode.
Switch1
Int range fa0/1 - fa0/3

Spanning-tree portfast
Verification :
SW1#show spanning-tree interface fa0/1 detail

Port 1 (FastEthernet0/1) of VLAN0001 is forwarding
Port path cost 19, Port priority 128, Port Identifier 128.1.
Designated root has priority 24577, address 0014.a82f.a680
Designated bridge has priority 24577, address 0014.a82f.a680
Designated port id is 128.1, designated path cost 0
Timers: message age 0, forward delay 0, hold 0
Number of transitions to forwarding state: 1
The port is in the portfast mode
Link type is point-to-point by default
BPDU: sent 3140, received 0
The output displays that port fa0/1 is in portfast mode and also we see that BPDU’s are
sent
Verify the transition by shutting down interface fa 0/1 and again bringing the interface up.

05:36:16: set portid: VLAN0001 Fa0/1: new port id 8001
05:36:16: STP: VLAN0001 Fa0/1 ->jump to forwarding from blocking
The output displays port fa 0/1 jumps to forwarding state from blocking immediately
because of portfast enabled on that port.
Task 3
Configure SW1 to quickly switch its root port in the event of an uplink failure. Trunking
should be configured between the switches.
Switch1
spanning-tree uplinkfast
Verification :
VLAN0001
Address 000f.34f4.f080
Cost 3019
Port 11 (FastEthernet0/11)

Aging Time 300
Uplinkfast enabled

---------------- ---- --- --------- -------- --------------------------------
Fa0/9 Altn BLK 3019 128.9 P2p
Fa0/11 Root FWD 3019 128.11 P2p
The output displays cost of ports increased by 3000 & priority of the bridge has increased
to 49152.
Verify the transition from blocking to forwarding :
 Shutdown the port fa0/9 which is in the forwarding state.
SW1#debug spanning-tree uplinkfast
00:47:18: STP FAST: UPLINKFAST: make_forwarding on VLAN0001 FastEthernet0/11

root port id new: 128.11 prev: 128.9
00:47:18: %SPANTREE_FAST-7-PORT_FWD_UPLINK: VLAN0001 FastEthernet0/11

moved to Forwarding (UplinkFast).
00:47:18: STP: UFAST: removing prev root port Fa0/9 VLAN0001 port-id 8009
The output displays the transition of port fa0/11 from blocking to forwarding in one
second.
Task 4
SW1 SW2
F 0/9 F 0/9
Configure portfast on port fa 0/9 between SW1 and SW2. (By default all ports on the
switch are in dynamic desirable mode, they autonegotiate to become trunk. Portfast
should not be enabled on trunk as there is a possibility of loops, we need to shutdown the
port fa 0/9 and enable portfast on both the switches on port fa 0/9). Enable BPDU guard
on port fa 0/9 of SW1 to stop BPDU’s on that port.
Switch1 Switch2
Int fa 0/9 Int fa 0/9

Shutdown Shutdown
Spanning-tree portfast Spanning-tree portfast
Spanning-tree bpdu guard enable
Now bring the port fa 0/9 on both switches to up. As soon as the BPDU’s are being sent
on the port . The port enabled with BPDU guard will immediately come into err-disable
state .
Verification :
Console messages on SW1 when the bpdu’s are received on the bpduguard enabled port
fa0/9

changed state to up
01:04:31: %SPANTREE-2-BLOCK_BPDUGUARD: Received BPDU on port
FastEthernet0/9 with BPDU Guard enabled. Disabling port.
01:04:31: %PM-4-ERR_DISABLE: bpduguard error detected on Fa0/9, putting Fa0/9 in
err-disable state
changed state to downstate.
SW1#show interfaces fa0/9
FastEthernet0/9 is down, line protocol is down (err-disabled)

Hardware is Fast Ethernet, address is 0014.a82f.a689 (bia 0014.a82f.a689)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
The output displays the port as (err-disabled) state. But the BPDU’s are sent out of this
port, it doesn’t affect that feature.
Task 5
R1
E 0/0
F 0/3
F 0/9 F 0/9
SW1 SW2
F 0/11 F 0/11
Configure R1 to send BPDUs to SW 1. Enable BPDU guard on port fa0/3 on sw1 to

block the access port fa 0/3 on SW 1, if any BPDUs received.
R1 Switch1
Int e0/0 Int fa0/3

No ip address Spanning-tree bpduguard enable
Bridge-group 1
Bridge 1 protocol ieee

Bridge 1 priority 4096
Verification :
SW1#show interfaces fa0/3
FastEthernet0/3 is down, line protocol is down (err-disabled)

Hardware is Fast Ethernet, address is 0014.a82f.a683 (bia 0014.a82f.a683)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
The output displays the port as (err-disabled) state. But the BPDU’s are sent out of this
port, it doesn’t affect that feature.
01:33:13: %SPANTREE-2-BLOCK_BPDUGUARD: Received BPDU on port

FastEthernet0/3 with BPDU Guard enabled. Disabling port.
01:33:13: %PM-4-ERR_DISABLE: bpduguard error detected on Fa0/3, putting Fa0/3

inerr-disable state
The output displays that as soon as BPDU received on port fa0/3, it is disabled because of
the BPDU guard enabled on that port.
Task 6
Configure portfast on port fa0/3 on sw1. Enable BPDU filter on port fa0/3 on sw1.
Configure R1 to send BPDUs to port fa0/3 on sw1.
R1 Switch1
Int e0/0 Int fa0/3

No shutdown Switchport mode access
No ip address Spanning-tree portfast
Bridge-group 1 Spanning-tree bpduguard enable
Bridge 1 protocol ieee

Bridge 1 priority 4096
Verification :

Designated root has priority 32769, address 000f.34f4.f080
Link type is shared by default
Bpdu filter is enabled
The output displays BPDU filter enabled and no BPDU’s sent or received
Task 7
F 0/9 F 0/9
SW1 SW2
F 0/11 F 0/11
Configure SW1 to be the root for VLAN 1. Configure root guard feature on SW1 port
fa0/9, fa0/11.
Switch1
Spanning-tree vlan 1 root primary

Int range fa0/9, fa0/11
No shutdown
Spanning-tree guard root
Verification :

Root guard is enabled on the port
The output displays root guard enabled on port.

Now change the priority in SW2:
Switch2
Spanning-tree vlan 1 priority 4096
As root guard is enabled on SW1, the ports on SW1 change to root inconsistent ports,
thus blocking the port when superior BPDUs are received on SW1.
Port 9 (FastEthernet0/9) of VLAN0001 is broken (Root Inconsistent)

Root guard is enabled on the port
03:29:15: %SPANTREE-2-ROOTGUARD_BLOCK: Root guard blocking port

FastEthernet0/9 on VLAN0001.
03:29:15: STP: VLAN0001 Fa0/9 -> blocking
The output displays that root guard blocking port fa0/9

VLAN0001

Aging Time 300
---------------- ---- --- --------- -------- --------------------------------
Fa0/9 Desg BKN* 19 128.9 P2p *ROOT_Inc
Fa0/11 Desg BKN* 19 128.11 P2p *ROOT_Inc
The output displays that the ports fa0/9 & fa0/11 are in “BKN” state as root-inconsistent
type.
SW1#show spanning-tree inconsistentports
Name Interface Inconsistency

-------------------- ---------------------- ------------------
VLAN0001 FastEthernet0/9 Root Inconsistent
VLAN0001 FastEthernet0/11 Root Inconsistent
The output displays both fa 0/9 and fa 0/11 as inconsistent ports.
Task 8
Configure SW1 to the root bridge for vlan1. Configure loop guard on SW2, i.e., on the
switch that is not the root bridge. Configure ports fa0/9 & fa0/11 between SW1 and SW2
as trunk ports.
Switch1 Switch2
Int range fa0/9 , fa0/11 Int range fa0/9 , fa0/11

Switchport trunk encapsulation dot1q Switchport trunk encapsulation dot1q
Spanning-tree vlan 1 root primary Spanning-tree guard loop
Verification :
SW2#show spanning-tree interface fastEthernet 0/9 detail

Loop guard is enabled on the port
The output displays that loop guard is enabled on the port.
Now filter BPDU’s on port fa 0/9 on SW1 :
Switch1
Int fa0/9
Spanning-tree bpdufilter enable
BPDU’s will be stopped on SW1 and the port changes to loop inconsistent.
Port 9 (FastEthernet0/9) of VLAN0001 is broken (Loop Inconsistent)

Designated bridge has priority 32769, address 000f.34f4.f080
Loop guard is enabled on the port
The loop inconsistent state indicates that the port is not receiving any BPDU’s or not
sending any BPDU’s through the port.
SW2#show spanning-tree inconsistentports
Name Interface Inconsistency

-------------------- ---------------------- ------------------
VLAN0001 FastEthernet0/9 Loop Inconsistent
Number of inconsistent ports (segments) in the system : 1
Lab 6 – Load Balancing in STP

Task 1
(Scenario Based on Lab 5 – Task 7)
Configure VTP to propagate VLAN information. Create 2 VLANs (VLAN 2, VLAN 3)

on SW1 (VTP server). Configure SW1 to be the root for VLAN 2 and configure SW2 to
be the root for VLAN 3.
Switch1 Switch2
spanning-tree vlan 2 root primary spanning-tree vlan 3 root primary
Verification :
VLAN0002
----------Output Omitted----------

---------Output Omitted----------

---------------- ---- --- --------- -------- --------------------------------
Fa0/11 Desg FWD 19 128.11 P2p
The output displays that SW1 is root for VLAN 2 i.e both ports fa 0/9 and fa 0/11 are in
forwarding state.
VLAN0003
----------Output Omitted---------

----------Output Omitted----------

---------------- ---- --- --------- -------- --------------------------------
Fa0/9 Root FWD 19 128.9 P2p
Fa0/11 Altn BLK 19 128.11 P2p
The output displays that SW1 is not root for VLAN 3 and port fa 0/9 is in forwarding and
fa 0/11 is in blocked state as it is not the root bridge. Thus load balancing is achieved.
Task 2
Configure dotlq trunk between SW1 and SW2 on ports fa0/9 and fa0/11. Configure VTP
on both the switches to propagate VLAN information. Create VLANs 1 to 6 on SW1
(server). Allow VLANs 2, 4, 6 on port fao/9 on SW1 & SW2. Allow VLANs 1, 3, 5 on
port fao/11 on SW1 & SW2.
Switch1 Switch2
Int fa0/9 Int fa0/9

Switchport trunk encapsulation dotlq Switchport trunk encapsulation dotlq
Switchport trunk allowed vlan 2, 4, 6 Switchport trunk allowed vlan 2, 4, 6
Int fa0/11 Int fa0/11

Switchport trunk allowed vlan 1, 3, 5 Switchport trunk allowed vlan 1, 3, 5
Verification :
SW1#show int trunk


Fa0/9 2,4,6
Fa0/11 1,3,5

Fa0/9 2,4,6
Fa0/11 1,3,5

Fa0/9 2,4,6
Fa0/11 1,3,5
The output displays that on port fa0/9 only vlans 2, 4, 6 and on port fa0/11 only vlans
1,3,5 are allowed
VLAN0002
Cost 19

Aging Time 300

---------------- ---- --- --------- -------- --------------------------------
Fa0/9 Root FWD 19 128.9 P2p
The output displays that port fa0/9 is in forwarding state as vlans 2 is configured to allow
on port fa0/9.
VLAN0003
Cost 19

Aging Time 300

---------------- ---- --- --------- -------- --------------------------------
Fa0/11 Root FWD 19 128.11 P2p
The output displays that port fa0/11 is in forwarding state as vlan 3 is configured to allow
on port fa0/11. Thus load balancing is achieved.
Lab 7 – Implementing MSTP
(Scenario Based on Lab 6 – Task 1)

Task 1
Configure dotlq trunks on ports fa0/9 and fa0/11. Configure VTP to propagate VLAN
information. Configure instance 1 MSTP and map VLANs 1, 2, 3. Configure instance 2
MSTP and map VLANs 4, 5, 6. Make SW1 the STP root for instances 1, 2.
Switch1 Switch
Int range fa0/9, fa0/11 Int range fa0/9, fa0/11

Vtp domain CISCO Vtp domain CISCO

Vtp mode server Vtp mode client
Vtp password cisco123 Vtp password cisco123
Vlan 2 Spanning-tree mode mst

Name aaa Spanning-tree mst configuration
Vlan 3 Instance 1 vlan 1 – 3
Name bbb Instance 2 vlan 4 – 6
Vlan 4
Name ccc
Vlan5
Name ddd
Vlan 6
Name 666
Spanning-tree mode mst

Spanning-tree mst configuration
Instance 1 vlan 1 – 3
Instance 2 vlan 4 – 6
Spanning-tree mst 1 – 2 root primary
Verification :
SW1#show spanning-tree mst 1
###### MST01 vlans mapped: 1-3

Bridge address 0014.a82f.a680 priority 24577 (24576 sysid 1)
Root this switch for MST01
---------------- ---- --- --------- -------- --------------------------------
Fa0/9 Desg FWD 200000 128.9 P2p
Fa0/11 Desg FWD 200000 128.11 P2p
The output displays the VLANs mapped to this MST instance 1.


---------------- ---- --- --------- -------- --------------------------------
Fa0/9 Desg FWD 200000 128.9 P2p
Fa0/11 Desg FWD 200000 128.11 P2p
The output displays the VLANs mapped to this MST instance 2.
Task 2
Configure MSTP on SW1 & SW2. Make SW1 the STP root for instance 1. Make SW2
the STP root for instance 2. Configure MST instance 1 and map VLANs 1 - 3. Configure
MST instance 2 and map VLANs 4 - 6.
Switch1 Switch2
Spanning-tree mode mst Spanning-tree mode mst

Spanning-tree mst configuration Spanning-tree mst configuration
Instance 1 vlan 1 – 3 Instance 1 vlan 1 – 3
Instance 2 vlan 4 – 6 Instance 2 vlan 4 – 6
Spanning-tree mst 1 root primary Spanning-tree mst 2 root primary
Verification :

---------------- ---- --- --------- -------- --------------------------------
Fa0/9 Desg FWD 200000 128.9 P2p
Fa0/11 Desg FWD 200000 128.11 P2p

Root address 000f.34f4.f080 priority 24578 (24576 sysid 2)
port Fa0/9 cost 200000 rem hops 19

---------------- ---- --- --------- -------- --------------------------------
Fa0/9 Root FWD 200000 128.9 P2p
Fa0/11 Altn BLK 200000 128.11 P2p
The output displays that sw1 acts as the root bridge for vlans 1-3 only.
This can be verified from the output that ports fa0/9 and fa0/11 are in forwarding state
only for vlans 1-3 whereas one port forwarding and other blocking for vlans 4-6 on the
same switch.

Bridge address 000f.34f4.f080 priority 32769 (32768 sysid 1)
Root address 0014.a82f.a680 priority 24577 (24576 sysid 1)
port Fa0/9 cost 200000 rem hops 19

---------------- ---- --- --------- -------- --------------------------------
Fa0/9 Root FWD 200000 128.9 P2p
Fa0/11 Altn BLK 200000 128.11 P2p

Bridge address 000f.34f4.f080 priority 24578 (24576 sysid 2)

---------------- ---- --- --------- -------- --------------------------------
Fa0/9 Desg FWD 200000 128.9 P2p
Fa0/11 Desg FWD 200000 128.11 P2p
The output displays that sw2 acts as the root bridge for vlans 4-6 only.
This can be verified from the output that ports fa0/9 and fa0/11 are in forwarding state
only for vlans 4-6 whereas one port forwarding and other blocking for vlans 1-3 on the
same switch.
Lab 8 – Configuring Link Aggregation with

EtherChannel
F 0/9 F 0/9
SW1 SW2
F 0/11 F 0/11
Task 1
Configure L 2 trunk between SW1 & SW2 using default encapsulation on ports fa0/9,
fa0/11.
Configure ether channel between SW1 and SW2 on interfaces fa0/9, fa0/11, without
using negotiation protocols.
Configure interfaces fa0/9, fa0/11 on SW1 & SW2 in channel group 1 with a mode of
“on”.
Switch1 Switch2
Interface port-channel 1 Interface port-channel 1
Int range fa0/9, fa0/11 Int range fa0/9, fa0/11

Channel-group 1 mode on Channel-group 1 mode on
Verification :
SW2#show etherchannel summary
Flags: D - down P - in port-channel

I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
u - unsuitable for bundling
U - in use f - failed to allocate aggregator
d - default port
Number of channel-groups in use: 1

Number of aggregators: 1
Group Port-channel Protocol Ports

------+-------------+-----------+-----------------------------------------------
1 Po1(SU) - Fa0/9(P) Fa0/11(P)

The output displays port channel created for ports fa0/9, fa0/11 and is denoted as po 1
(su) where, s : layer 2, u : in use, P : in port channel
SW2#show interfaces port-channel 1 switchport
Name: Po1
Switchport: Enabled
Administrative Mode: dynamic desirable
By default all interfaces are in dynamic desirable mode which automatically negotiates to
become trunk if not specified.
The output displays default ISL trunking for this port-channel.
SW2#show int trunk

Po1 desirable n-isl trunking 1

Po1 1-4094

Po1 1

Po1 1
The output displays the port-channel interface as trunk instead of individual ports.
VLAN0001

---------------- ---- --- --------- -------- --------------------------------
Po1 Desg FWD 12 128.65 P2p
The output displays the forwarding port as portchannel 1 instead of separate port because
of ether channel configured on ports fa0/9, fa0/11, they appear as one bundle.
Task 2
Configure L 2 trunk between SW1 & SW2 using dot1q or isl encapsulation on ports fa
0/7 , fa 0/9, fa 0/11.
Configure ether channel between SW1 and SW2 on interfaces fa 0/7, fa0/9, fa0/11. Both
switches SW1 and SW2 should initiate negotiation via PAgP.
Switch1 Switch2
Int range fa0/7 , fa0/9 , fa0/11 Int range fa0/7 , fa0/9 , fa0/11
Channel-group 1 mode desirable Channel-group 1 mode desirable
Verification :

d - default port


------+-------------+-----------+-----------------------------------------------
1 Po1(SU) PAgP Fa0/7(P) Fa0/9(P) Fa0/11(P)
The output displays protocol as “PAgP” and Po1 (SU) (port-channel 1) created for ports
fa0/7, fa0/9, fa0/11, where s : layer 2, U : in use.
SW1#show interfaces port-channel 1 switchport
Name: Po1
Switchport: Enabled
Administrative Mode: dynamic desirable
The output displays that this interface port-channel 1 has automatically negotiated to
become trunk.
SW1#show int trunk

Po1 desirable n-isl trunking 1

Po1 1-4094

Po1 1

Po1 1
The output displays port-channel 1 as trunk instead of individual ports.
VLAN0001
Cost 9
Port 65 (Port-channel1)

Aging Time 300

---------------- ---- --- --------- -------- --------------------------------
Po1 Root FWD 9 128.65 P2p
The output displays the forwarding port as portchannel 1 instead of separate ports.
Task 3
Configure L 2 trunk between SW1 & SW2 using dot1q or isl encapsulation on ports
fa 0/7 , fa 0/9, fa 0/11.
Configure ether channel between SW1 and SW2 on interfaces fa 0/7, fa0/9, fa0/11. Both
switches SW1 and SW2 should initiate negotiation via LAcP.
Switch1 Switch2
Int range fa0/7 , fa0/9 , fa0/11 Int range fa0/7 , fa0/9 , fa0/11
Channel-group 1 mode active Channel-group 1 mode active
Verification :

d - default port


------+-------------+------------------+-----------------------------------------------
1 Po1(SU) LACP Fa0/7(P) Fa0/9(P) Fa0/11(P)
The output displays protocol as “LACP” and po1 (SU) (port-channel 1) created for ports
fa0/7, fa0/9, fa0/11.
Task 4
Configure interface port-channel 1 to ports fa0/7, fa0/9, fa0/11.

Configure VLAN 100 and assign to ports fa0/7, fa0/9, fa0/11.
Configure ether-channel between SW1 & SW2 i.e. create channel-group 1 with the mode
“on” (without using negotiating protocols).
Switch1 Switch2
Interface range fa0/7, fa0/9, fa0/11 Interface range fa0/7, fa0/9, fa0/11
Switchport mode access Switchport mode access
Switchport access vlan 100 Switchport access vlan 100
Verification :
SW1#show vlan brief

---- -------------------------------- --------- -------------------------------
Fa0/5, Fa0/6, Fa0/8, Fa0/10
Fa0/12, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gi0/1, Gi0/2
100 VLAN0100 active Po1
The output displays portchannel 1 in VLAN 100 instead of individual ports.


------+-------------------+-----------+-----------------------------------------------
1 Po1(SU) - Fa0/7(P) Fa0/9(P) Fa0/11(P)
The output displays no protocol and po1 (SU) created for ports fa0/7, fa0/9, fa0/11, where
:
P = Port-channel, s = layer 2, U = in use.
Task 5
To configure Layer 3 ether-channel, create the port channel logical interface, assign ip
address and then put the ethernet interfaces into the port-channel.
Switch1 Switch2

Ip add 100.0.0.1 255.0.0.0 Ip add 100.0.0.2 255.0.0.0
Interface range fa0/7, fa0/9, fa0/11 Interface range fa0/7, fa0/9, fa0/11
No switchport No switchport
No ip address No ip address
Verification :
Test the connectivity of port-channel

Ping from SW1 to SW2
100 % successful
SW1#ping 100.0.0.2

Sending 5, 100-byte ICMP Echos to 100.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
SW1#show Etherchannel summary



------+-------------------+-----------+-----------------------------------------------
1 Po1(RU) - Fa0/7(P) Fa0/9(P) Fa0/11(P)

The output displays port channel 1 created and denoted as po1 (RU) where : R = layer 3,
U = in use, p = port-channel
Lab 9 – Configuring HSRP
R1 E0
S0
S1
S 1/0 SW1 S1/1

F 0/3 F 0/1
R2 R3
F 0/5
E 0/0 E 0/0
PC1
RIP
Interface IP Address Configuration :
R1

S0 3.3.3.2 255.0.0.0
S1 2.2.2.2 255.0.0.0
E0 20.1.1.1 255.0.0.0
R2

S 1/0 3.3.3.1 255.0.0.0
E 0/0 10.1.1.1 255.0.0.0
R3

S 1/1 2.2.2.1 255.0.0.0
E 0/0 10.1.1.2 255.0.0.0
SW1
Ports VLAN Assigned Connected To

FA 0/1 VLAN 1 R3 (10.1.1.2)
FA 0/3 VLAN 1 R2 (10.1.1.1)
FA 0/5 VLAN 1 PC 1 (10.1.1.3)
Task 1
Configure routing protocol (RIP) on R1, R2, and R3.

Configure ports fa0/3, fa0/1 & fa0/5 as access ports on SW1
Configure HSRP group 1 on R2 & R3, using the virtual ip address 10.1.1.10.
R2 R3
Int e0/0 Int e0/0

Standby 1 ip 10.1.1.10 Standby 1 ip 10.1.1.10
Standby 1 preempt Standby 1 priority 100
Standby 1 priority 200
Verification :
R3#show standby brief

P indicates configured to preempt.
|
Interface Grp Prio P State Active Standby Virtual IP
Et0/0 1 100 P Standby 10.1.1.1 local 10.1.1.10
The output displays that this is the standby router and the active router is (10.1.1.1), the virtual ip
is (10.1.1.10) and this router configured to preempt.
R2#show ip arp
Protocol Address Age (min) Hardware Addr Type Interface

Internet 10.1.1.10 - 0000.0c07.ac01 ARPA Ethernet0/0
Internet 10.1.1.2 23 0001.4289.a241 ARPA Ethernet0/0
Internet 10.1.1.3 19 0008.0216.0d31 ARPA Ethernet0/0
Internet 10.1.1.1 - 0008.a3d1.b540 ARPA Ethernet0/0
The output displays ip add 10.1.1.10 (virtual ip) with the MAC address 0000.0c07.ac01, which is
well-known HSRP MAC addres 01 : hsrp group identifier ,0000.0c : vendor code,
07.ac : HSRP .
Verify the route chosen to reach network 20.1.1.1
From PC1 : tracert 20.1.1.1
From PC1:
Traceroute command displays that the packet reaches 10.1.1.1 (active router) and reaches
20.1.1.1.
Shut down the interface E0/0 on router 2 and traceroute .
From PC1 : tracert 20.1.1.1
Traceroute command displays that the packet reaches 10.1.1.2 (standby router becomes
active) and then reaches 20.1.1.1.
Task 2
Configure tracking on R2, so that in case of failure of S 1/0, the priority is decreased
automatically, so that the standby router takes the active role.
R2
Int e0/0
Standby 1 track s1/0 150
Verification :
|
Interface Grp Prio P State Active addr Standby addr Group addr
Et0/0 1 200 P Active local 10.1.1.2 10.1.1.10
The output displays that this is the standby router and the active router is (10.1.1.1), the virtual ip
is (10.1.1.10) and this router configured to preempt.
From PC1:
Traceroute command displays that the packet reaches 10.1.1.1 (active router) and reaches
20.1.1.1.
Shut down the interface s1/0 on router 2 and traceroute .

|
Interface Grp Prio P State Active addr Standby addr Group addr
Et0/0 1 50 P Standby 10.1.1.2 local 10.1.1.10
The priority is decreased to 50 from 200 automatically, and the router becomes standby
for the HSRP group.
The traceroute command displays that the packets are sent via 10.1.1.2 (standby becomes
active) because of higher priority value.
Lab 10 – Configuring VRRP

R1 E0
S0
S1
SW1
S 0/2 S1
F 0/3 F 0/1
R2 R3
F 0/5
FA 0/0 E 0/0
PC1
RIP
R1

S0 3.3.3.2 255.0.0.0
S1 2.2.2.2 255.0.0.0
E0 20.1.1.1 255.0.0.0
R2

S 0/2 3.3.3.1 255.0.0.0
E 0/0 10.1.1.1 255.0.0.0
R3

S1 2.2.2.1 255.0.0.0
E 0/0 10.1.1.2 255.0.0.0
SW1

FA 0/1 VLAN 1 R3 (10.1.1.2)
FA 0/3 VLAN 1 R2 (10.1.1.1)
FA 0/5 VLAN 1 PC 1 (10.1.1.3)
Task 1

Configure ports fa0/3, fa0/1 & fa0/5 as access ports on SW1
Configure VRRP group 1 on R2 & R3, using the virtual ip address 10.1.1.10.
R2 R3
Int fa 0/0 Int e 0/0

Vrrp 1 ip 10.1.1.10 Vrrp 1 ip 10.1.1.10
Vrrp 1 priority 200 Vrrp 1 priority 100
Vrrp 1 timers advertise 4 Vrrp 1 timers learn
Vrrp 1 preempt Vrrp 1 preempt
Verification :
R2#show vrrp brief
Interface Grp Pri Time Own Pre State Master addr Group addr
FastEthernet0/0 1 200 12218 Y Master 10.1.1.1 10.1.1.10
The output displays that this router is master and virtual ip address is 10.1.1.10
R3#show vrrp brief
Ethernet0/0 1 100 12609 Y Backup 10.1.1.1 10.1.1.10
The output displays that this router is backup router

From PC1:
When packets sent to network 20.1.1.1 from PC1 (10.1.1.3), the packet first reaches
10.1.1.1 (master) and finally reaches the destination.
Shut down the interface Fa0/0 on router 2 and traceroute .
R3#debug vrrp packets
*Mar 1 05:01:40.790: %VRRP-6-STATECHANGE: Et0/0 Grp 1 state Backup -> Master

*Mar 1 05:01:40.790: VRRP: Grp 1 sending Advertisement checksum 6FF1
The output displays the transition of backup to master on R3.
R3#show vrrp brief
Ethernet0/0 1 100 3609 Y Master 10.1.1.2 10.1.1.10
The output displays that R3 is master now.
From PC1:
When traceroute from PC1 to 20.1.1.1, the output displays that packet is reaching
20.1.1.1 via 10.1.1.2.
Lab 11 – Configuring GLBP

R1 E0
S0
S1
S 0/2 SW1 S1
F 0/3 F 0/1
R2 R3
FA 0/0 E 0/0
F 0/5 F 0/7
PC1 PC2
RIP
R1

S0 3.3.3.2 255.0.0.0
S1 2.2.2.2 255.0.0.0
E0 20.1.1.1 255.0.0.0
R2

S 0/2 3.3.3.1 255.0.0.0
FA 0/0 10.1.1.1 255.0.0.0
R3

S1 2.2.2.1 255.0.0.0
E 0/0 10.1.1.2 255.0.0.0
SW1

FA 0/1 VLAN 1 R3 (10.1.1.2)
FA 0/3 VLAN 1 R2 (10.1.1.1)
FA 0/5 VLAN 1 PC 1 (10.1.1.3)
FA 0/7 VLAN 1 PC 2 (10.1.1.4)
Task 1

Configure ports fa0/3, fa0/1, fa0/5 and fa0/7 as access ports on SW1
Configure GLBP.
R2 R3
Int fa 0/0 Int e 0/0

Glbp 1 ip 10.1.1.10 Glbp 1 ip 10.1.1.10
Glbp 1 priority 200 Glbp 1 priority 100
Glbp 1 timers msec 250 msec 750 Glbp 1 timers msec 250 msec 750
Glbp 1 preempt
Verification :
R2#show glbp brief
Interface Grp Fwd Pri State Address Active router Standby route
Fa0/0 1 - 200 Active 10.1.1.10 local 10.1.1.2
Fa0/0 1 1 7 Active 0007.b400.0101 local -

Fa0/0 1 2 7 Listen 0007.b400.0102 10.1.1.2 -
When the PC’s send traffic to 20.0.0.0 network, the traffic is send via the active router
which is R2. If R2 is busy in sending the traffic then R3 takes the active state and R2 is in
the listening state. Thus load balancing is achieved.
R2#show glbp
FastEthernet0/0 - Group 1
State is Active
2 state changes, last state change 00:11:30
Virtual IP address is 10.1.1.10
Hello time 250 msec, hold time 750 msec
Next hello sent in 0.000 secs
Redirect time 600 sec, forwarder time-out 14400 sec
Preemption enabled, min delay 0 sec
Active is local
Standby is 10.1.1.2, priority 100 (expires in 0.530 sec)
Priority 200 (configured)
Weighting 100 (default 100), thresholds: lower 1, upper 100
Load balancing: round-robin
Group members:
0001.4289.a241 (10.1.1.2)
0006.534b.7090 (10.1.1.1) local
There are 2 forwarders (1 active)
Forwarder 1
State is Active
1 state change, last state change 00:11:20
MAC address is 0007.b400.0101 (default)
Owner ID is 0006.534b.7090
Redirection enabled
Active is local, weighting 100
Forwarder 2
State is Listen
MAC address is 0007.b400.0102 (learnt)
Owner ID is 0001.4289.a241
Redirection enabled, 599.800 sec remaining (maximum 600 sec)
Time to live: 14399.800 sec (maximum 14400 sec)
Active is 10.1.1.2 (primary), weighting 100 (expires in 0.546 sec)
The output displays that the active router takes its default MAC address, whereas the
second forwarder learns the MAC address from the default gateway (active forwarding
router) (i.e. R2). Load balancing is achieved in round-robin algorithm.
How To verify :
Traceroute from PC1 to 20.0.0.0 network, the packet is send via R2.
Traceroute from PC2 to 20.0.0.0 network, the packet is send via R2.
If R2 is busy then the packet is send via R3, which is verified from the above output
( traceroute 20.1.1.1 from PC2)
From PC1:
The first packet reaches 20.1.1.1 via 10.1.1.1
From PC2:
The first packet reaches 20.1.1.1 via 10.1.1.2

Lab Manual For CCNP

Uploaded by

Copyright:

Available Formats

Lab Manual For CCNP

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Lab Manual For CCNP

Uploaded by

Copyright:

Available Formats

CISCO CERTIFIED NETWORK PROFESSIONAL

1. CONFIGURING BASIC EIGRP

2. CONFIGURING IP DEFAULT-NETWORK COMMAND

3. CONFIGURE ROUTE SUMMARIZATION

4. LOAD BALANCING ACROSS EQUAL COST PATH

5. LOAD BALANCING ACROSS UNEQUAL COST PATH

6. CONFIGURE EIGRP AUTHENTICATION (MD5)

7. CONFIGURE EIGRP STUB

8. EIGRP REDISTRIBUTION WITH RIPv2

9. EIGRP REDISTRIBUTION WITH OSPF

10. CONFIGURE EIGRP WITH REDISTRIBUTE CONNECTED.

11. CONFIGURE EIGRP AND IGRP

Interface IP Address Configuration

Interface IP Address Subnet Mask

Interface IP Address Subnet Mask

Configure EIGRP on 2 routers in AS 100. Disable Auto-summary.

Router eigrp 100 Router eigrp 100

C 1.0.0.0/8 is directly connected, Serial0/2/0

R1#show ip eigrp neighbors

IP-EIGRP neighbors for process 100

Interface IP Address Configuration

Interface IP Address Subnet Mask

Interface IP Address Subnet Mask

Interface IP Address Subnet Mask

Router eigrp 100 Router eigrp 100

Ip route 30.0.0.0 255.0.0.0 2.2.2.2

Router eigrp 100

Gateway of last resort is 1.1.1.2 to network 2.0.0.0

C 1.0.0.0/8 is directly connected, Serial0/2/0

Note: When we ping from R1 to 30.1.1.1 network

Interface IP Address Configuration

Interface IP Address Subnet Mask

Interface IP Address Subnet Mask

Interface IP Address Subnet Mask

Router eigrp 100

Router eigrp 100 Router eigrp 100

Interface IP Address Configuration

Interface IP Address Subnet Mask

Interface IP Address Subnet Mask

Router eigrp 100 Router eigrp 100

C 1.0.0.0/8 is directly connected, Serial1

First Traceroute packet going via 1.1.1.1

Type escape sequence to abort.

Second Traceroute packet going via 2.2.2.1

Type escape sequence to abort.

Interface IP Address Subnet Mask

Interface IP Address Subnet Mask

Use the variance command to gain load balancing

Router eigrp 100 Router eigrp 100

With out the variance command:

R2#sh ip eigrp topology

P 1.0.0.0/8, 1 successors, FD is 2169856

C 1.0.0.0/8 is directly connected, Serial1

With the variance command:

C 1.0.0.0/8 is directly connected, Serial1

The output displays 2 routes installed in the routing table.

Interface IP Address Configuration

Interface IP Address Subnet Mask