Saturday, July 19, 2014

Welcome to Free CCNA and CCNP Tutorials




If you wish to contact me, you will find my email address in the 'About me' section.

IOU Forbidden Fruit
Article about IOU aka IOS on Unix which is Cisco router/switch lightweight emulator.



The below topology will only work with the labs I have been re-writing currently (the ones marked 're-written' in the title).


The new revamped topology I plan to use for all labs looks like shown below.
Pic. 1 - LAN Wiring.
Pic. 2 - WAN Wiring.


Pic. 3 - The Layer 2 Topology Used for All Labs
(based on pic. 1 and pic. 2).


Pic. 4 - The Layer 3 Topology Used for All Labs
(based on pic. 1 and pic. 2).
Pic. 3 and Pic. 4 topology is the result of applying the following configuration in the topology presented in Pic.1 and Pic. 2

Pic.1/2 Configuration (link below)

Disclaimer!
This is a personal weblog. The opinions expressed here represent my own and not those of my employer.  I try to have an open mind you can expect that my opinions may and probably will change in time. You may leave some comments but I reserve the right to ignore them completely. 

The technical content of this blog is a product of weekend/sleepless-and-or-hotel night/after-work technical struggle. Despite all efforts, it may be inaccurate and reflects the author's knowledge as of the time of writing the posts. The author of the posts will not assume any liability or responsibility to any person or entity with respect to loss or damages incurred from information contained in this blog. Any resemblance to some other training materials and/or CCNA/CCNP/CCIE exams is completely coincidental.

© Jaro 2013

Wednesday, February 26, 2014

Cisco: Intermediate Level

Blog Sections:




Intermediate Lab Categories:
OSPF | EIGRP | RIPv2 | BGP | Multicast | MPLS | IPv6 | Security | 

*** OSPF ****

Lab 001 - OSPF Point-to-Point Mode 
Lab 001 - OSPF Point-to-Point Mode - Solution
Lab 002 - OSPF in Broadcast Networks
Lab 003 - OSPF in NBMA Networks
Lab 004 - OSPF in Point-to-Multipoint
Lab 005 - OSPF in Point-to-Multipoint Non-broadcast
Lab 006 - OSPF Multi-Area Network
Lab 007 - OSPF Authentication
Lab 008 - OSPF Filtering with Distribute-List
Lab 009 - OSPF Filtering with Route-Map
Lab 010 - OSPF Filtering with Distance
Lab 011 - OSPF Filtering with Area Range
Lab 012 - OSPF Filtering with Area Filter-List
Lab 013 - OSPF LSA Flood Filtering
Lab 014 - OSPF Stub Area
Lab 015 - OSPF Totally Stubby Area
Lab 016 - OSPF NSSA Area LSA7-to-5 Translation
Lab 017 - OSPF NSSA Totally Stub Area
Lab 018 - OSPF FA Suppression in Translated Type-5 LSAs
Lab 019 - OSPF External Prefix Filtering
Lab 020 - OSPF Path Influencing Using Cost
Lab 021 - OSPF Path Influencing Using Bandwidth
Lab 022 - OSPF Path Influencing Using Neighbor Cost
Lab 023 - OSPF Changing Auto-Cost Reference-Bandwidth
Lab 024 - OSPF Virtual Link Example 1
Lab 025 - OSPF Virtual Link Example 2
Lab 026 - OSPF Virtual Link Example 3
Lab 027 - OSPF Path Selection with Transit Capability
Lab 028 - OSPF Stub Router Advertisement
Lab 029 - OSPF Reducing LSA Flooding
Lab 030 - OSPF On Demand Circuits
Lab 031 - OSPF Default Routing
Lab 032 - OSPF Conditional Default Routing
Lab 033 - OSPF Conditional Default Routing with IP SLA
Lab 034 - OSPF Discard Route
Lab 035 - OSPF Resource Management
Lab 036 - OSPF Timers
Lab 037 - OSPF Other Features

**** EIGRP ****

Lab 038 - EIGRP NBMA Network
Lab 039 - EIGRP Automatic Summarization
Lab 040 - EIGRP Manual Summarization
Lab 041 - EIGRP Summarization with Default Route
Lab 042 - EIGRP Summarization with a Floating Default Route
Lab 043 - EIGRP Summarization with Administrative Distance 255
Lab 044 - EIGRP Selective Summarization with a Leak Map
Lab 045 - EIGRP Filtering with Standard ACL
Lab 046 - EIGRP Filtering with Extended ACL
Lab 047 - EIGRP Filtering with Prefix-List
Lab 048 - EIGRP Filtering with Route-Map
Lab 049 - EIGRP Filtering with Administrative Distance
Lab 050 - EIGRP Filtering with Passive-Interface
Lab 051 - EIGRP Filtering with Offset-List
Lab 052 - EIGRP Filtering with Stub Routing
Lab 053 - EIGRP Filtering with Stub Routing and Leak Map
Lab 054 - EIGRP Default Route Advertisement
Lab 055 - EIGRP Unequal Cost Load Balancing
Lab 056 - EIGRP Traffic Engineering with the Delay
Lab 057 - Frame-Relay Packet Pacing
Lab 058 - EIGRP Authentication
Lab 059 - EIGRP Router ID
Lab 060 - EIGRP Unicast Communication
Lab 061 - EIGRP Timers
Lab 062 - EIGRP Other Features

**** RIPv2 ****


**** BGP ****

Lab 081 - BGP Internal Session (IBGP)
Lab 082 - BGP External Session (EBGP) and Advertisements
Lab 083 - BGP Synchronization
Lab 084 - BGP Next-Hop on Broadcast and NBMA Networks
Lab 085 - EBGP Multihop
Lab 086 - BGP Disable-Connected-Check
Lab 087 - BGP Authentication
Lab 088 - BGP Auto-Summary
Lab 089 - non-BGP Transit with IGP Redistribution
Lab 090 - non-BGP Transit with GRE Tunnel
Lab 091 - non-BGP Transit with MPLS
Lab 092 - BGP Next-Hop Modification
Lab 093 - IBGP Route-Reflector
Lab 094 - BGP Confederations
Lab 095 - BGP Path Selection using Weight
Lab 096 - BGP Path Selection using Local Preference
Lab 097 - BGP Path Selection using MED
Lab 098 - BGP Path Selection Always-Compare-MED
Lab 099 - BGP Path Selection using AS-Prepending
Lab 100 - BGP Hidden Feature BESTPATH AS-PATH IGNORE
Lab 101 - BGP Path Selection Using Origin
Lab 102 -  BGP Path Selection using DMZLINK-BW
Lab 103 - BGP Path Selection using MAXAS-LIMIT
Lab 104 - BGP Filtering using Standard ACL
Lab 105 - BGP Filtering using Extended ACL
Lab 106 - BGP Filtering using Prefix-List
Lab 107 - BGP Aggregation using IP Route Null0
Lab 108 - BGP Aggregation using Aggregate-Address
Lab 109 - BGP Aggregation with Unsuppress-Map
Lab 100 - BGP Aggregation with Suppress-Map
Lab 111 - BGP Aggregation with AS-SET
Lab 112 - BGP Aggregation with ATTRIBUTE-MAP
Lab 113 - BGP Aggregation with ADVERTISE-MAP
Lab 114 - BGP Communities - NO-EXPORT
Lab 115 - BGP Communities - NO-ADVERTISE
Lab 116 - BGP Communities - LOCAL-AS
Lab 117 - BGP Community Policy
Lab 118 - BGP Conditional Route Advertisement Part 1
Lab 119 - BGP Conditional Route Injection
Lab 120 - BGP Default Route Advertisement
Lab 121 - BGP Conditional Route Advertisement Part 2
Lab 122 - BGP AS-Path Access-List
Lab 123 - BGP Local-AS
Lab 124 - BGP Local-AS No-prepend
Lab 125 - BGP Local-AS No-prepend Replace-AS
Lab 126 - BGP Local-AS No-prepend Dual-AS
Lab 127 - BGP Allowas-In
Lab 128 - BGP Remove-Private-AS
Lab 129 - BGP Next-Hop using Next-Hop-Self
Lab 130 - BGP Next-Hop using Route-map
Lab 131 - BGP Next-Hop using Redistribution into IGP
Lab 132 - BGP Dampening
Lab 133 - BGP Dampening using Route-Map
Lab 134 - BGP Backdoor
Lab 135 - BGP TTL Security

**** Multicast ****


**** MPLS ****

Lab 177 - MPLS Overlapping VPNs
Lab 178 - MPLS Common Services VPN
Lab 179 - MPLS Internet Access (via global routing table)
Lab 180 - MPLS Internet Access (as VPN)
Lab 181 - MPLS BGP Cost Community
Lab 182 - EIGRP SoO
Lab 183 - AToM Vlan Mode
Lab 184 - L2TPv3
Lab 185 - MPLS L2 VPN

**** IPv6 ****

Lab 186 - Creating IPv6 Topology
Lab 187 - IPv6 On Frame-Relay Links
Lab 188 - RIPng Basic Configuration
Lab 189 - IPv6 Address Auto-Configuration
Lab 190 - IPv6 Prefix Summarization
Lab 191 - RIPng on NBMA Links
Lab 192 - RIPng Protocol Redistribution
Lab 193 - RIPng Default Route Propagation
Lab 194 - RIPng Prefix Filtering
Lab 195 - RIPng Path Selection Using Metric
Lab 196 - EIGRPv6 NBMA Network
Lab 197 - EIGRPv6 Default Route 1
Lab 198 - EIGRPv6 Default Route 2
Lab 199 - EIGRPv6 Prefix Summarization
Lab 200 - EIGRPv6 Authentication
Lab 201 - EIGRPv6 Unequal Load Balance
Lab 202 - OSPFv3 in NBMA Networks
Lab 203 - OSPFv3 Path Influencing
Lab 204 - OSPFv3 Virtual Link
Lab 205 - OSPFv3 Prefix Summarization
Lab 206 - IPv6 Protocol Redistribution
Lab 207 - IPv6 Access Control List
Lab 208 - IPv6 NAT-PT
Lab 209 - IPv6 over IPv4 Using GRE Tunnel
Lab 210 - IPv6 over IPv4 Using IPv6IP Tunnel
Lab 211 - IPv6 Automatic 6to4 Tunnel 
Lab 212 - IPv6 MP-BGP 




In order to use OSPF (re-written) labs, you must download the topology and initial configurations as per links below.

GNS3 Topology

OSPF Labs Initial Configuration

OSPF Labs (re-written)

© Jaro 2013 

OSPF NSSA Area LSA7-to-5 Translator Election




Task 1
In the task 3 of the previous lab you configured R3 as the gateway for all inter-area prefixes. Remove this configuration making area 34 NSSA with both R3 and R4 injecting N2 default route.

Task 2
Ensure that R3 is the LSA7-to-5 Translator.

Questions
Try to answer the following questions:
  1. In case there are two or more ABRs connected to the NSSA area, which device translates LSA7 to LSA5 while injecting NSSA external routes into OSPF area 0?
Lab Solution

Solution configuration can be accessed below; solution contains task 1 and task 2 (if you want to save it, click the link, then go to File-->Download):
https://drive.google.com/file/d/0BwE5C95tpjZOSDZzZGV0czdmak0/edit?usp=sharing


Task 1
In the task 3 of the previous you configured R3 as the gateway for all inter-area prefixes. Remove this configuration making area 34 NSSA with both R3 and R4 injecting N2 default route.

R4 Config:
!
router ospf 1
 no area 34 no-summary

 area 34 nssa default-information-originate
!

Note!
Both R3 and R4 have the same 'area 34 nssa default-information-originate' configured in the OSPF router.

Pic. 2 - R3 and R4 Inject N2 Default Route.


Task 2
Ensure that R3 is the LSA7-to-5 Translator.

Note!
In order to see which device is advertising 10.0.7.7/32 prefix, check 'show ip ospf database' on R1. Look at the output below:

Pic. 3 - LSA7-to-LSA5 Current Translator (now change in the config).


R3 Config:

Pic. 4 - R3 Configuration.


Note!
For this change to take effect, clear ip ospf process on R3 as per Pic. 3, but also clear ospf process on R1 before you check the below:

Pic. 5 - LSA7-to-LSA5 Current Translator.



Study Drill

The router with the highest router-id becomes LSA7-to-LSA5 translator. 


Tuesday, February 25, 2014

OSPF Stub Network Traffic Engineering




Task 1
Remove the OSPF configuration done in the previous labs and configure network as per topology diagram (top).

Task 2
Configure mutual redistribution between OSPF and EIGRP domain. Check OSPF routing table on SW1.

Task 3
Configure OSPF area 34 such that R3 becomes the gateway for all Inter-Area prefixes and R4 for all External prefixes. Should R3 go down, R4 should become the gateway of last resort for all prefixes. Do not modify the cost of any links to accomplish the task.

Questions
Try to answer the following questions:
  1. When OSPF is presented with intra-area, external, nssa, inter-area prefixes, what is the order of choosing the best path?
Lab Solution

Solution configuration can be accessed below; solution contains task 1 and task 2 (if you want to save it, click the link, then go to File-->Download):
https://drive.google.com/file/d/0BwE5C95tpjZOdFNVUFdGbTlHaHM/edit?usp=sharing


Task 1
Remove the OSPF configuration done in the previous labs and configure network as per topology diagram (top).

Note!
I do not show how to remove all previous OSPF configuration to reduce the length of the post.

R1 Config:
!
interface Serial0/0
 ip address 172.16.0.1 255.255.255.0
 encapsulation frame-relay
 ip ospf network point-to-multipoint
 clock rate 2000000
 frame-relay map ip 172.16.0.4 104 broadcast
 frame-relay map ip 172.16.0.3 103 broadcast
 frame-relay map ip 172.16.0.2 102 broadcast
 frame-relay map ip 172.16.0.1 102
 no frame-relay inverse-arp
!
router ospf 1
 log-adjacency-changes
 network 10.0.1.1 0.0.0.0 area 12
 network 172.16.0.1 0.0.0.0 area 0
 network 172.16.12.1 0.0.0.0 area 12
!

R2 Config:
!

router ospf 1

 log-adjacency-changes
 network 10.0.2.2 0.0.0.0 area 12
 network 172.16.12.2 0.0.0.0 area 12
!

R3 Config:
!
interface Serial0/0
 ip address 172.16.0.3 255.255.255.0
 encapsulation frame-relay
 ip ospf network point-to-multipoint
 clock rate 2000000
 frame-relay map ip 172.16.0.4 301
 frame-relay map ip 172.16.0.3 301
 frame-relay map ip 172.16.0.2 301
 frame-relay map ip 172.16.0.1 301 broadcast
 no frame-relay inverse-arp
!
router ospf 1
 log-adjacency-changes
 area 34 nssa
 network 172.16.0.3 0.0.0.0 area 0
 network 172.16.100.3 0.0.0.0 area 34
!

R4 Config:
!
interface Serial0/0
 ip address 172.16.0.4 255.255.255.0
 encapsulation frame-relay
 ip ospf network point-to-multipoint
 clock rate 2000000
 frame-relay map ip 172.16.0.4 401
 frame-relay map ip 172.16.0.3 401
 frame-relay map ip 172.16.0.2 401
 frame-relay map ip 172.16.0.1 401 broadcast
 no frame-relay inverse-arp
!
!
router ospf 1
 log-adjacency-changes
 area 34 nssa
 network 172.16.0.4 0.0.0.0 area 0
 network 172.16.100.4 0.0.0.0 area 34
!
router eigrp 1
 network 172.16.45.4 0.0.0.0
 no auto-summary
!

R5 Config:
!
router eigrp 1
 network 10.0.5.5 0.0.0.0
 network 172.16.45.5 0.0.0.0
 no auto-summary
!

SW1 Config:
!
route-map CONNECTED permit 10
 match interface Loopback0
!
router ospf 1
 log-adjacency-changes
 area 34 nssa
 redistribute connected subnets route-map CONNECTED
 network 172.16.100.7 0.0.0.0 area 34
!

Task 2
Configure mutual redistribution between OSPF and EIGRP domain. Check OSPF routing table on SW1.

R4 Config:
!
router ospf 1
 redistribute eigrp 1 subnets
!
router eigrp 1
 redistribute ospf 1 metric 1 1 1 1 1
!
Pic. 2 - OSPF Routing Table on SW1. 


Task 3
Configure OSPF area 34 such that R3 becomes the gateway for all Inter-Area prefixes and R4 for all External prefixes. Should R3 go down, R4 should become the gateway of last resort for all prefixes. Do not modify the cost of any links to accomplish the task.

R3 Config:
!
router ospf 1
 area 34 nssa default-information-originate
!

R4 Config:
!
router ospf 1
 area 34 nssa no-summary
!

Pic. 3 - OSPF Routing Table on SW1 After the Reconfiguration.



Note!
R3 still allows Inter-Area prefixes and for all unknown destination injects default route. R4 Defines the area as Not-So-Totally-Stubby Area which effectively blocks Inter-Area prefixes. For all unknown destination it inject default route. Since R3 provides the longest match for Inter-Area prefixes it becomes the gateway of last resort as long as it is available. R4 injects default route as Inter-Area prefix, whereas R3 as N2 prefix. The reason R4 is selected as preferred default gateway is due to the path selection process in OSPF which follows this sequence:

intra-area > inter-area > external > nssa-external. 


Study Drill

OSPF uses the following sequence to select the best path: intra-area > inter-area > external > nssa-external. Try to shutdown sub-interface f0/1.100. As soon as SW1 realizes that R3 injects N2 default routefor all unknown destinations.



Pic. 4 - R4 F0/1.100 Shutdown.