Prerequisites: CCNP level skills.
Note!
I have created a pdf document with OSPF Lab 1 and 2 containing a detailed lab breakdown. Check it out if want. Any feedback is most welcome.
http://www.4shared.com/document/W8lhDzNo/Hacking-Cisco-OSPF-Lab1-2-Brea.htmlTopology
Task 1
Configure authentication between R3 and R5 (use password: 'CISCO123'). Configure the BGP timers: hello=30 seconds, holdtime=90 on R3 for all its iBGP peers. R3's iBGP sessions should inherit the same password. Do not use 'neighbor <address> password' command in R3 to accomplish your goal. R1 and R2 and R5 can use this command. The configuration stipulates that iBGP current and future policy in R3 should be configured as a template.Solution
Task 1
Configure authentication between R3 and R5 (use password: 'CISCO123'). Configure the BGP timers: hello=30 seconds, holdtime=90 in R3 for all its iBGP peers. R3's iBGP sessions should inherit the same password. Do not use 'neighbor <address> password' command on R3 to accomplish your goal. R1 and R2 and R5 can use this command. The configuration stipulates that iBGP current and future policy in R3 should be configured as a template.
R1 Configuration:
!
router bgp 123
no synchronization
bgp router-id 172.16.101.1
bgp log-neighbor-changes
network 172.16.101.0 mask 255.255.255.0
neighbor 10.1.13.3 remote-as 123
neighbor 10.1.13.3 password CISCO123
neighbor 10.1.14.4 remote-as 40
no auto-summary
no synchronization
bgp router-id 172.16.101.1
bgp log-neighbor-changes
network 172.16.101.0 mask 255.255.255.0
neighbor 10.1.13.3 remote-as 123
neighbor 10.1.13.3 password CISCO123
neighbor 10.1.14.4 remote-as 40
no auto-summary
!
R2 Configuration:
!
router bgp 123
no synchronization
bgp router-id 172.16.102.2
bgp log-neighbor-changes
network 172.16.102.0 mask 255.255.255.0
neighbor 10.1.23.3 remote-as 123
neighbor 10.1.23.3 password CISCO123
neighbor 10.1.23.3 next-hop-self
neighbor 10.1.24.4 remote-as 40
no auto-summary
no synchronization
bgp router-id 172.16.102.2
bgp log-neighbor-changes
network 172.16.102.0 mask 255.255.255.0
neighbor 10.1.23.3 remote-as 123
neighbor 10.1.23.3 password CISCO123
neighbor 10.1.23.3 next-hop-self
neighbor 10.1.24.4 remote-as 40
no auto-summary
!
R3 Configuration:
!
router bgp 123
template peer-policy IBGP_POLICY
next-hop-self
exit-peer-policy
!
template peer-session AUTHENTICATION
password CISCO123
exit-peer-session
!
template peer-session IBGP_ROUTERS
remote-as 123
timers 30 90
inherit peer-session AUTHENTICATION
exit-peer-session
!
no synchronization
bgp router-id 172.16.103.3
bgp log-neighbor-changes
network 172.16.103.0 mask 255.255.255.0
neighbor 10.1.13.1 inherit peer-session IBGP_ROUTERS
neighbor 10.1.13.1 inherit peer-policy IBGP_POLICY
neighbor 10.1.23.2 inherit peer-session IBGP_ROUTERS
neighbor 10.1.23.2 inherit peer-policy IBGP_POLICY
neighbor 10.1.35.5 remote-as 50
neighbor 10.1.35.5 inherit peer-session AUTHENTICATION
no auto-summary
template peer-policy IBGP_POLICY
next-hop-self
exit-peer-policy
!
template peer-session AUTHENTICATION
password CISCO123
exit-peer-session
!
template peer-session IBGP_ROUTERS
remote-as 123
timers 30 90
inherit peer-session AUTHENTICATION
exit-peer-session
!
no synchronization
bgp router-id 172.16.103.3
bgp log-neighbor-changes
network 172.16.103.0 mask 255.255.255.0
neighbor 10.1.13.1 inherit peer-session IBGP_ROUTERS
neighbor 10.1.13.1 inherit peer-policy IBGP_POLICY
neighbor 10.1.23.2 inherit peer-session IBGP_ROUTERS
neighbor 10.1.23.2 inherit peer-policy IBGP_POLICY
neighbor 10.1.35.5 remote-as 50
neighbor 10.1.35.5 inherit peer-session AUTHENTICATION
no auto-summary
!
Verification:
Pic. R3's Neighbors.