You are on page 1of 275

for Cisco's CCIE Routing & Switching Lab Exam, Volume 1 (v5

)

F
a 0
l
l
8

CCIE Routing & Switching
Volume 1 Workbook
Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Table of Contents
iPexpert's End-User License Agreement ...............................................................................................................................12
Welcome, and Thank You! ....................................................................................................................................................14
Feedback ...............................................................................................................................................................................14
Technical Support and Freebies ............................................................................................................................................14
Cisco's New Retake Policy .....................................................................................................................................................16
Cisco R&S V5 Blueprint (Primary Sections w/ Assigned Point Values) .................................................................................16
About This Lab Preparation Workbook .................................................................................................................................16
Additional Information Pertaining to Cisco's CCIE R&S Lab Exam ........................................................................................16
Section 1: Layer 2 Technologies .................................................................................................................................................... 19
Lab 1: Configure and Troubleshoot Switch Port Modes........................................................................................................... 20
iPexpert’s Recommended Reading Material ........................................................................................................................21
iPexpert’s Recommended Video Training .............................................................................................................................21
Topology Details ....................................................................................................................................................................21
Diagram 1.1: Switch Port Modes Topology...........................................................................................................................22
Lab 1 Setup ............................................................................................................................................................................22
Configuration Tasks ...............................................................................................................................................................22
Table 1.2 ................................................................................................................................................................................23
Table 1.3 ................................................................................................................................................................................23
Table 1.4 ................................................................................................................................................................................23
Helpful Verification Commands ............................................................................................................................................24
Lab 2: Configure and Troubleshoot VTP ................................................................................................................................... 25
iPexpert’s Recommended Reading Material ........................................................................................................................26
iPexpert’s Recommended Video Training .........................................................................................................................26
Topology Details ....................................................................................................................................................................26
Diagram 2.1: VTP Topology ...................................................................................................................................................27
Lab 2 Setup ............................................................................................................................................................................27
Configuration Tasks ...............................................................................................................................................................27
Helpful Verification Commands ............................................................................................................................................28
Lab 3: Configure and Troubleshoot Portchannels .................................................................................................................... 29
iPexpert’s Recommended Reading Material ........................................................................................................................30
iPexpert’s Recommended Video Training .............................................................................................................................30
Topology Details ....................................................................................................................................................................30
Diagram 3.1: Portchannels Topology ....................................................................................................................................31
Lab 3 Setup ............................................................................................................................................................................31
Configuration Tasks ...............................................................................................................................................................31
Helpful Verification Commands ............................................................................................................................................32
Lab 4: Configure and Troubleshoot Spanning-tree Protocol .................................................................................................... 33
iPexpert’s Recommended Reading Material ........................................................................................................................34
iPexpert’s Recommended Video Training .............................................................................................................................34
Topology Details ....................................................................................................................................................................35
Diagram 4.1: Spanning Tree Topology ..................................................................................................................................35

2|Page Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Lab 4 Setup ............................................................................................................................................................................35
Configuration Tasks ...............................................................................................................................................................35
Helpful Verification Commands .........................................................................................................................................37
Lab 5: Configure and Troubleshoot Multi-Instance Spanning-tree Protocol (MST) ................................................................. 38
iPexpert’s Recommended Reading Material ........................................................................................................................39
iPexpert’s Recommended Video Training .............................................................................................................................39
Topology Details ....................................................................................................................................................................39
Diagram 5.1: MST Topology ..................................................................................................................................................40
Lab 5 Setup ............................................................................................................................................................................40
Configuration Tasks ...............................................................................................................................................................41
Helpful Verification Commands ............................................................................................................................................41
Lab 6: Miscellaneous Layer 2 Topics ........................................................................................................................................ 43
iPexpert’s Recommended Reading Material ........................................................................................................................44
iPexpert’s Recommended Video Training .............................................................................................................................44
Topology Details ....................................................................................................................................................................44
Diagram 6.1: SPAN and RSPAN Topology..............................................................................................................................45
Lab 6 Setup ............................................................................................................................................................................45
Configuration Tasks ...............................................................................................................................................................45
Helpful Verification Commands ............................................................................................................................................46
Lab 7: HDLC and PPP/PPPoE..................................................................................................................................................... 47
iPexpert’s Recommended Reading Material ........................................................................................................................48
iPexpert’s Recommended Video Training .............................................................................................................................48
Topology Details ....................................................................................................................................................................48
Diagram 7.1: HDLC and PPP/PPoE Topology.........................................................................................................................49
Lab 7 Setup ............................................................................................................................................................................49
Configuration Tasks ...............................................................................................................................................................49
Helpful Verification Commands ............................................................................................................................................50
Section 2: Layer 3 Technologies .................................................................................................................................................... 53
Lab 8: Configure and Troubleshoot Basic IP Routing................................................................................................................ 53
iPexpert’s Recommended Reading Material ........................................................................................................................54
iPexpert’s Recommended Video Training .............................................................................................................................54
Topology Details ....................................................................................................................................................................54
Diagram 8.1: Basic IP Routing Topology ...............................................................................................................................55
Lab 8 Setup ............................................................................................................................................................................55
Configuration Tasks ...............................................................................................................................................................56
Helpful Verification Commands ............................................................................................................................................57
Lab 9: Configure and Troubleshoot Routing Information Protocol (Part 1) ............................................................................. 58
iPexpert’s Recommended Reading Material ........................................................................................................................59
iPexpert’s Recommended Video Training .............................................................................................................................59
Topology Details ....................................................................................................................................................................60
Diagram 9.1: RIP Version 2 Topology ....................................................................................................................................60
Lab 9 Setup ............................................................................................................................................................................60
Configuration Tasks ...............................................................................................................................................................61

3|Page Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Helpful Verification Commands ............................................................................................................................................62
Lab 10: Configure and Troubleshoot Routing Information Protocol (Part 2) ........................................................................... 63
iPexpert’s Recommended Reading Material ........................................................................................................................64
iPexpert’s Recommended Video Training .............................................................................................................................64
Topology Details ....................................................................................................................................................................64
Diagram 10.1: RIP Version 2 Topology ..................................................................................................................................65
Lab 10 Setup ..........................................................................................................................................................................65
Configuration Tasks ...............................................................................................................................................................66
Helpful Verification Commands ............................................................................................................................................67
Lab 11: Configure and Troubleshoot EIGRP (Part 1) ................................................................................................................ 68
iPexpert’s Recommended Reading Material ........................................................................................................................69
iPexpert’s Recommended Video Training .............................................................................................................................69
Topology Details ....................................................................................................................................................................70
Diagram 11.1: EIGRP Topology .............................................................................................................................................70
Lab 11 Setup ..........................................................................................................................................................................71
Configuration Tasks ...............................................................................................................................................................71
Table 11.2 ..............................................................................................................................................................................71
Helpful Verification Commands ............................................................................................................................................72
Lab 12: Configure and Troubleshoot EIGRP (Part 2) ................................................................................................................ 73
iPexpert’s Recommended Reading Material ........................................................................................................................74
iPexpert’s Recommended Video Training .............................................................................................................................74
Topology Details ....................................................................................................................................................................75
Diagram 12.1: EIGRP Topology .............................................................................................................................................75
Lab 12 Setup ..........................................................................................................................................................................76
Configuration Tasks ...............................................................................................................................................................76
Helpful Verification Commands ............................................................................................................................................77
Lab 13: Configure and Troubleshoot EIGRP (Part 3) ................................................................................................................ 78
iPexpert’s Recommended Reading Material ........................................................................................................................79
iPexpert’s Recommended Video Training .............................................................................................................................79
Topology Details ....................................................................................................................................................................80
Diagram 13.1: EIGRP Topology .............................................................................................................................................80
Lab 13 Setup ..........................................................................................................................................................................80
Configuration Tasks ...............................................................................................................................................................81
Helpful Verification Commands ............................................................................................................................................82
Lab 14: Configure and Troubleshoot OSPF (Part 1) .................................................................................................................. 83
iPexpert’s Recommended Reading Material ........................................................................................................................84
iPexpert’s Recommended Video Training .............................................................................................................................84
Topology Details ....................................................................................................................................................................84
Diagram 14.1: EIGRP Topology .............................................................................................................................................85
Lab 14 Setup ..........................................................................................................................................................................85
Configuration Tasks ...............................................................................................................................................................86
Table 14.2 ..............................................................................................................................................................................86
Table 14.3 ..............................................................................................................................................................................87

4|Page Version 5.2F

.......................................................................................................................................................102 iPexpert’s Recommended Reading Material ................................................................110 Helpful Verification Commands ...............................................1: OSPF Topology ...................................................................................................................................................................................................................................................... 96 iPexpert’s Recommended Reading Material .99 Configuration Tasks ...................................................94 Helpful Verification Commands ................................................104 Lab 17 Setup ..............................................................................................................4 .....104 Configuration Tasks ....................................................................................................................................................................90 Topology Details ......103 Diagram 17.......................................................105 Table 17............................................................98 Topology Details ...................................................................................................................................................................................................................................................................................................................................2 ...............................109 Topology Details .................................87 Table 14....................................................................3 .......................................................................................................................................................................................................................................................................................................................................................103 Topology Details .113 iPexpert’s Recommended Reading Material ..................................................................................................................92 Lab 15 Setup ....................................................................iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam..............................................................................................................................................................................................................................109 iPexpert’s Recommended Video Training .........................................................................................................................................................................................................................................112 Lab 19: Configure and Troubleshoot BGP (Part 2) .........................................................................................................................................................................................................................................................................................................................114 5|Page Version 5...................................................................................106 Helpful Verification Commands .................................................................................................................................103 iPexpert’s Recommended Video Training ......................................98 Diagram 16.................................................................................................................................114 iPexpert’s Recommended Video Training ..................................................................105 Table 17......................................................................................................................................................................................97 iPexpert’s Recommended Video Training .................................................................................................................................................................................1: BGP Topology ..4 ......................................................................107 Lab 18: Configure and Troubleshoot BGP (Part 1) ..........108 iPexpert’s Recommended Reading Material .........................................................................................................................................................................................................................................................................................................................................................................................................................................100 Helpful Verification Commands ...........................................................................................................................................................................................................................5 ..........................................................................................................93 Table 15......................................................................................................................................................................................110 Lab 18 Setup ...110 Diagram 18...................................................................................................106 Table 17................................................... Volume 1 Table 14............91 Diagram 15......................................................................................................................................................................................................................................................................95 Lab 16: Configure and Troubleshoot OSPF (Part 3) .............................................................................................101 Lab 17: Configure and Troubleshoot OSPF (Part 4) ..................................................................................................................................................................................................................................................................................1: OSPF Topology ...............................................................99 Lab 16 Setup ................................................ 89 iPexpert’s Recommended Reading Material .......................................................................2 .............................................................................................114 Topology Details .................................................................................................................................................110 Configuration Tasks ....................................................92 Configuration Tasks ....................................................................................................87 Lab 15: Configure and Troubleshoot OSPF (Part 2) .......................1: OSPF Topology ...................................................................................................................2F .........90 iPexpert’s Recommended Video Training ...........................87 Helpful Verification Commands ..................................................................................................

.................................................................................................................................................................................................................................................................................................................................115 Configuration Tasks .............115 Lab 19 Setup .....................................................119 iPexpert’s Recommended Video Training ...............................................................................................................................118 iPexpert’s Recommended Reading Material ..........................................1: BGP Topology ............................................................................................................................................136 iPexpert’s Recommended Video Training ..............................................................................................................................................................................................................................................................................126 Helpful Verification Commands ...................................................................131 Configuration Tasks ............136 Topology Details ........131 Diagram 22.............................................................................................................................................................1: Multicast Operations Topology .....................................................................................................................142 Lab 24 Setup ...........................................................................................................................................................................................................................................142 6|Page Version 5...............1: BGP Topology ..................................................................................................124 iPexpert’s Recommended Reading Material ..........1: BGP Topology ...............................................................................................................................................................................2F ..............................................................................................................................................................................................................................................................................126 Configuration Tasks ..................................................................................................................................................................................................120 Lab 20 Setup ....125 Diagram 21........................................141 iPexpert’s Recommended Video Training ........................................................................................................................................................................................................................................................................1: BGP Topology ......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................132 Helpful Verification Commands .................................................................130 Topology Details ..........................................................................................................................................................................................117 Lab 20: Configure and Troubleshoot BGP (Part 3) ...............................................................................................................................................................................................137 Configuration Tasks ........................................................................................................................................................................................................140 iPexpert’s Recommended Reading Material ................................................................136 Diagram 23...................135 iPexpert’s Recommended Reading Material .................................................................................................................................................................................................................................................iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam..........................................128 Lab 22: Configure and Troubleshoot BGP (Part 5) .....................................141 Topology Details ..................................................................................................142 Configuration Tasks ...........................................................................................................................................................................................................................................................................................115 Helpful Verification Commands ..................................................................................................................119 Topology Details .................................................................................................................................125 iPexpert’s Recommended Video Training .............................................................................................................................139 Lab 24: Configure and Troubleshoot Protocol Independent Multicast Operations (Part 2) ......................138 Helpful Verification Commands ...................................................125 Topology Details ..............................................1: Multicast Operations Topology ..........................................................................................122 Lab 21: Configure and Troubleshoot BGP (Part 4) .......................................................................120 Configuration Tasks ...................133 Lab 23: Configure and Troubleshoot Protocol Independent Multicast Operations (Part 1) ..........................................126 Lab 21 Setup ......................................................................................... Volume 1 Diagram 19...............................................137 Lab 23 Setup .........119 Diagram 20...................................130 iPexpert’s Recommended Video Training ............................................................................141 Diagram 24..................120 Helpful Verification Commands ................................................................................................................................................................................................129 iPexpert’s Recommended Reading Material ..............................131 Lab 22 Setup ........................................................................................................

.....................................................................................167 Table 28.166 Configuration Tasks ................................................................................................................................................154 Lab 26 Setup ...............................................................................................9 ..........................................................................................153 iPexpert’s Recommended Video Training ................................................................................159 Configuration Tasks ...160 Table 27........................................................................................................165 iPexpert's Recommended Video Trainig .................162 Table 27............165 Diagram 28.........................1: Multicast Operations Topology .............................................5 .............................153 Diagram 26..............................................................................................................................158 iPexpert’s Recommended Video Training .....3 ........................................................................................................164 iPexpert’s Recommended Reading Material ..........................162 Helpful Verification Commands .....................................................................................................................................................................................................2F ..........................................................................................................................167 Table 28........................................................................................147 Topology Details ....................................................................................................................................................................................................................................................................................................................................................................................................................160 Table 27...................................................................................................................................................................................................................................................................................161 Table 27.............................................................................................................................................3 ...........................................................................................................................................................158 Diagram 27..................144 Lab 25: Configure and Troubleshoot Protocol Independent Multicast Operations (Part 3) ......................................................................................................................................................................................................................................................................................................................................................................................................6 ............................................................10 .......................................................154 Helpful Verification Commands .......................................................157 iPexpert’s Recommended Reading Material .....................................................................................................................................................................................................................................................................................................................................................................................................................2 ........................... Volume 1 Helpful Verification Commands .......153 Topology Details .............................................................................................................iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.......................1: Multicast Operations Topology .................167 Table 28...........................................................................................................................158 Topology Details .............................................................................................................................................................................................................................154 Configuration Tasks ...163 Lab 28: Configure and Troubleshoot IP Version 6 (Part 2) ..............................................................................................................................................................................................................................................................................................................................................148 Configuration Tasks .......................................1: IPv6 Routing Topology .......................................................................................................................................................................................................................................................................................................................................................................4 .......................................2 ...8 .......146 iPexpert’s Recommended Reading Material .......................................................................................................................................162 Table 27...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................4 ........................156 Lab 27: Configure and Troubleshoot IP Version 6 (Part 1) ..................................................................................................147 Diagram 25.........................167 7|Page Version 5.................150 Lab 26: Configure and Troubleshoot Protocol Independent Multicast Operations (Part 4) ..............................................1: IPv6 Routing Topology ................161 Table 27...............................7 .148 Helpful Verification Commands ...................................................163 Topology Details ..................159 Lab 27 Setup ...................................................152 iPexpert’s Recommended Reading Material .......................................................................147 iPexpert’s Recommended Video Training ...............................161 Table 27....................................................................................................160 Table 27.166 Lab 28 Setup ....................................................................................................................................................................................148 Lab 25 Setup .................................................................................................................................160 Table 27..........................................................................................................................

......................170 iPexpert’s Recommended Reading Material ...............................................................................................................................................175 Table 29.........................180 iPexpert’s Recommended Video Training ..............................................................172 Table 29......5 .............................................................................................................8 ...............................................................................172 Lab 29 Setup .......................................................................................................................................................................................................................174 Table 29..........3 ............................................................................................................................................183 Diagram 30........169 Topology Details .............4: VRF Customer_A and VRF Customer _B Topology...........................180 Topology Details .............................................................................................................................................................................................................................................................................................................168 Table 28...........................187 iPexpert’s Recommended Video Training ..............................188 8|Page Version 5.....................................................................4 ...........................................................................................................................................................173 Table 29......................181 Lab 30 Setup ........................................................................................................12 ...............................1: MPLS L3 VPN Topology................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................6 ..........................................7: Full-Mesh Peering Topology .......................................................................................................................................178 Lab 30: Configure and Troubleshoot Multiprotocol Label Switching (Part 1) ..................................................................................................................................................................................173 Table 29....................182 Table 30.....174 Table 29..............................................................................................................................................169 Lab 29: Configure and Troubleshoot IP Version 6 (Part 3) ......................................181 Configuration Tasks .....................................188 Lab 31 Setup .................................2 ......................................................................................................................................176 Section 3: VPN Technologies ........................................2F ...........................................................5 ...........................6 ....................................................................................187 Diagram 31.....................................................................................182 Diagram 30...............................................................................................................................................2 ..................175 Table 29.............................6 ..............................................................................................................................................................................174 Table 29............................................................................................180 Diagram 30........................................................................184 Helpful Verification Commands ...171 Diagram 29.......................................................3 ....................................................................................................................................................................................................................7 .................................................................................................................................................................................................................................................................................................................................................1: MPLS L3 VPN Topology....................183 Table 30...................................186 iPexpert’s Recommended Reading Material ..................................................8 ....................................................................................................................................................................................168 Table 28....................................................................................................................................................................181 Table 30................................169 Helpful Verification Commands ............................................................................5 .............................................................................................................................................................................................................................................................................................................11 ..................168 Table 28......7 ...................................................................................................................................................................................................................................................................................................172 Configuration Tasks ...................................................................................................................................................................................................................................................................................................................................175 Table 29..................................................................................................................................................................................................................................................................176 Helpful Verification Commands ..............................173 Table 29...................................10 ............ Volume 1 Table 28..9 ..............iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam......................179 iPexpert’s Recommended Reading Material ........................................................1: IPv6 Version 6 Topology ................................................................................................................187 Topology Details ...........................................................184 Lab 31: Configure and Troubleshoot Multiprotocol Label Switching (Part 2) ..........174 Table 29.........171 iPexpert's Recommended Video Trainig ...........................................183 Table 30..............................................................................................................................................................

...............................................190 Lab 32: Configure and Troubleshoot IPsec Virtual Private Networks (Part 1) .............................................................................................................................................................................................................................................................................................................................7 .......................................198 iPexpert’s Recommended Video Training ............................204 Lab 34: Security (Part I) ....................193 iPexpert’s Recommended Video Training .......................................................................................................................201 Table 33...............................................................216 iPexpert’s Recommended Reading Material ..................................200 Table 33.............................................................................................2F .....................................1: IPsec Virtual Private Network Topology .................................................................................................................1: IPsec Virtual Private Network Topology ......................................................................................................................................................................................................200 Table 33.........................................................................................................189 Helpful Verification Commands .................200 Table 33........................................................................208 Lab 34 Setup ....207 Diagram 34............................................202 Helpful Verification Commands ..............................................................................................................208 Table 34.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................6 .............................................................198 Diagram 33.......................................................................................................................................217 Topology Details .....214 Lab 35: Security (Part 2) ................................................................................................................... Volume 1 Configuration Tasks ................................................................................201 Table 33..................................................................................2 .........................................................................................................2 .....................................218 Lab 35 Setup ............................................................................................................................................................................................................................................................................188 Table 31..............................................................................................................................................................................2 ...................................................................................................................................................................................................................................................................193 Topology Details ..........................................................................................4 ...................................................................................5 ....................197 iPexpert’s Recommended Reading Material ..........................................................................194 Configuration Tasks ........................................................................................................................................................................9 ......................................................202 Table 33.....................................................................................................3 ...........................................1: Security Topology ....................203 Section 4: Infrastructure Security.........................................................3 ....192 iPexpert’s Recommended Reading Material ....................................................................................................................................................................................................193 Diagram 32...........................................................................................1: Security Topology ...........................................................................195 Helpful Verification Commands ....................................8 ................................................................206 iPexpert’s Recommended Video Training .................207 Topology Details ...................................................................................................................................................................202 Table 33.................................................................................................................................217 iPexpert’s Recommended Video Training .................................205 iPexpert’s Recommended Reading Material .......................................................................................................................................................................................................................................................................................................................................................................................................................................................................194 Lab 32 Setup ...................................................................198 Topology Details .......................................................................................................217 Diagram 35........................................................................................iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam........................................................................................................................................................................218 9|Page Version 5.............................................210 Helpful Verification Commands ............................................209 Configuration Tasks ............................................................................................................................................................................................................................................................................................................199 Configuration Tasks ................................................................................201 Table 33.....196 Lab 33: Configure and Troubleshoot IPsec Virtual Private Networks (Part 2) ........................................................................................................................199 Lab 33 Setup ........................................................................................................189 Table 31..............................

..............237 iPexpert’s Recommended Reading Material ................................................................239 Diagram 38.....................................................................2 ........................224 Topology Details .........................................................1: Quality of Service Mechanisms Topology ............227 Configuration Tasks ............233 Topology Details ...234 Lab 37 Setup ..............................................................................................................................245 Lab 40: Configure and Troubleshoot IP/IOS Services (Part 2) ...............................................220 Helpful Verification Commands ........................................................................................................................................................................................................................................................................................224 iPexpert’s Recommended Video Training .........................................................................................................................................................................................................................................243 iPexpert’s Recommended Video Training .........................................................................................................................................................................................................................................................................................................................................................................225 Diagram 36..................................243 Topology Details .....................................................228 Helpful Verification Commands ........................1: IP/IOS Services Topology ..............................................226 Table 36.......................................................................................234 Configuration Tasks .....................................................................................................................................................232 iPexpert’s Recommended Reading Material ...........234 Diagram 37............................................................................................................1: Quality of Service Mechanisms Topology ........................... Volume 1 Table 35.......................................................................................................................................................................................................................................................................................................................................................................................................................................................229 Section 5: Infrastructure Services .....246 iPexpert’s Recommended Reading Material .............................................................................................2F ........................................239 Topology Details .....................247 iPexpert’s Recommended Video Training ..................................231 Lab 37: Configure and Troubleshoot Quality of Service Mechanisms (Part 1) ..................................................................................................................................................................................235 Lab 38: Configure and Troubleshoot Quality of Service Mechanisms (Part 2) ..........................................................................................................................................................................................................................................................239 Lab 38 Setup ..........................................................................................................................................................................242 iPexpert’s Recommended Reading Material ...................................................................................................................................................................................................................................................................................240 Configuration Tasks ......................................................................................................................................................................................................................................................................................................................225 Lab 36 Setup .......................................................................................................244 Lab 39 Setup .......................248 10 | P a g e Version 5....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................241 Lab 39: Configure and Troubleshoot IP/IOS Services (Part 1) ........................................................223 iPexpert’s Recommended Reading Material ............................................................................................................................248 Lab 40 Setup .............................................233 iPexpert’s Recommended Video Training ...........................................................................................................................................................................................................................................................243 Diagram 39..........................................................................................................................................................................................................................................247 Topology Details .....................1: IP/IOS Services Topology ......................................................................................................................................................................................................................................................................................................................................................................................................................................219 Configuration Tasks ...........................................................................247 Diagram 40.......................................1: Security Topology .....................244 Helpful Verification Commands ......................240 Helpful Verification Commands ........................................222 Lab 36: Security (Part 3) .......................244 Configuration Tasks ............................................234 Helpful Verification Commands .....................................................238 iPexpert’s Recommended Video Training ..........................................iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam........................2 ................................

........................................................................................................................................................................................................272 11 | P a g e Version 5..........................................................................................................................266 iPexpert’s Recommended Video Training ...............................................................................................................251 iPexpert’s Recommended Reading Material ....................................................................................266 Diagram 44...................................................................................................................................................................248 Helpful Verification Commands ..........................................................................................................................261 Diagram 43...262 Configuration Tasks ......................................................................................................................257 Configuration Tasks .......................................................................255 iPexpert’s Recommended Reading Material ..............................2 ............................................254 Lab 42: Configure and Troubleshoot IP/IOS Services (Part 4) ....261 Topology Details ...........................................................................................................................................................................................................266 Topology Details .......................................................................................................................................................................................................................................................................................268 Lab 45: Configure and Troubleshoot IP/IOS Services (Part 7) .........................................................................262 Helpful Verification Commands ..................................................................................................................................................................................................................................................................................................................................................................................................iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam..................................................................................................................................1: IP/IOS Services Topology .........................257 Helpful Verification Commands ...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................1: IP/IOS Services Topology .................................................................................253 Lab 41 Setup ..............................................................................................................267 Helpful Verification Commands .256 iPexpert’s Recommended Video Training .........................................252 iPexpert’s Recommended Video Training ...........................................................................................................................................................................................................................................265 iPexpert’s Recommended Reading Material ............267 Lab 44 Setup ....................252 Topology Details ..........................257 Lab 42 Setup ..267 Table 44...................................................................................................................................................256 Topology Details ........................................................................................................................270 iPexpert’s Recommended Video Training .......................................................................................................................................................................................................1: IP/IOS Services Topology .1: IP/IOS Services Topology ................................261 iPexpert’s Recommended Video Training .................................................................................................................................................................................................................................................................................260 iPexpert’s Recommended Reading Material ...............262 Lab 43 Setup ................................................................................................................................................................................................ Volume 1 Configuration Tasks ....................................................................................................................................................................259 Lab 43: Configure and Troubleshoot IP/IOS Services (Part 5) .................................................................................................................................................................................................................................................................................................271 Configuration Tasks ..............................267 Configuration Tasks .............253 Configuration Tasks .................................1: IP/IOS Services Topology ...............270 Topology Details ..................................................................................................................................250 Lab 41: Configure and Troubleshoot IP/IOS Services (Part 3) ..................................................................................................................................................................................................................270 Diagram 45.................................................................................................................................................................................................269 iPexpert’s Recommended Reading Material .......................................................................................................................................................2F ............................................263 Lab 44: Configure and Troubleshoot IP/IOS Services (Part 6) .............................................................................................271 Helpful Verification Commands .......................................................................................252 Diagram 41...................................................................................................................................253 Helpful Verification Commands ............................................................271 Lab 45 Setup ........256 Diagram 42..............................................

you agree to be bound by the terms of this License. the “Licensor. THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.” LICENSOR HEREBY DISCLAIMS ALL OTHER WARRANTIES. This agreement gives you specific legal rights. You agree that any litigation or other proceeding between you and Licensor in connection with the Training Materials shall be brought in the Michigan state or courts located in Port Huron. mechanical. EXPRESS. lease. download or distribute in any form or by any means. post. non- commercial use without the prior written permission of IPEXPERT. loan. scenarios and courses (the "IPEXPERT Information") are reserved to IPEXPERT. recording or otherwise any part of the Training Materials and IPEXPERT Information other than printing out or downloading portions of the text and images for your own personal. audio.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. The Training Materials shall be used by only ONE (1) INDIVIDUAL who shall be the sole individual authorized to use the Training Materials throughout the term of this License. and other proprietary rights in the Training Materials and in the Training Materials. and you may have other rights that vary from state to state. Choice of Law and Jurisdiction This Agreement shall be governed by and construed in accordance with the laws of the State of Michigan. or create derivative works based upon the Training Materials in whole or in part. Michigan. DO NOT OPEN OR USE THE TRAINING MATERIALS. By using the Training Materials. electronic. SO THE ABOVE LIMITATIONS OR EXCLUSIONS MAY NOT APPLY TO YOU. Inc. decompile. SOME STATES DO NOT ALLOW THE LIMITATION OF INCIDENTAL DAMAGES OR LIMITATIONS ON HOW LONG AN IMPLIED WARRANTY LASTS.2F . All copyright. transmit. and you should promptly contact the Licensor for return instructions.” from whom you have licensed the IPEXPERT training materials (the “Training Materials”). store. This is a legally binding agreement between you and IPEXPERT. trademark. you may not use the Training Materials. without reference to any conflict of law principles. You may not modify. the Licensor is unwilling to license the Training Materials to you. OR STATUTORY. or disassemble the Training Materials. The Training Materials cannot be used by or transferred to any other person. You may not use the Training Materials or IPEXPERT Information in any manner that infringes the rights of any person or entity. and all other materials originated by IPEXPERT at its site. Copyright and Proprietary Rights The Training Materials are the property of IPEXPERT. ("IPEXPERT") and are protected by United States and International copyright laws. You may not reproduce. text. You shall observe copyright and other restrictions imposed by IPEXPERT. If any provision of this Agreement is held invalid. Exclusions of Warranties THE TRAINING MATERIALS AND DOCUMENTATION ARE PROVIDED “AS IS. 12 | P a g e Version 5. IMPLIED. In this event. You may not rent. the remainder of this License shall continue in full force and effect. graphics. INCLUDING WITHOUT LIMITATION. The parties agree that the United Nations Convention on Contracts for the International Sale of Goods shall not apply to this License. sell or time-share the Training Materials or accompanying documentation. barter. except to the extent these terms have been modified by a written agreement (the “Governing Agreement”) signed by you (or the party that has licensed the Training Materials for your use) and an executive officer of Licensor. upload. design elements. If you do not agree to the License terms. and you consent to the jurisdiction of such courts to decide the matter. Volume 1 iPexpert's End-User License Agreement END USER LICENSE FOR ONE (1) PERSON ONLY IF YOU DO NOT AGREE WITH THESE TERMS AND CONDITIONS. You may not reverse engineer. in its workbooks.

OR COSTS OF COVER. IN NO EVENT WILL THE LICENSOR’S LIABILITY UNDER. INCIDENTAL. or disclosure of the Training Materials and accompanying documentation by the U. HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY.” respectively. ARISING OUT OF. modification.212. OR RELATING TO THIS AGREEMENT EXCEED THE AMOUNT PAID TO LICENSOR FOR THE TRAINING MATERIALS.7202 and FAR Section 12.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. WITHOUT LIMITING THE FOREGOING. Entire Agreement This is the entire agreement between the parties and may not be modified except in writing signed by both parties. Volume 1 Limitation of Claims and Liability ANY ACTION ON ANY CLAIM AGAINST IPEXPERT MUST BE BROUGHT BY THE USER WITHIN ONE (1) YEAR FOLLOWING THE DATE THE CLAIM FIRST ACCRUED.Restricted Rights The Training Materials and accompanying documentation are “commercial computer Training Materials” and “commercial computer Training Materials documentation. Government . 13 | P a g e Version 5. INDIRECT. REGARDLESS OF WHETHER LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. LOSS OF DATA. as applicable.2F . display. DO NOT OPEN OR USE THE TRAINING MATERIALS AND CONTACT LICENSOR FOR INSTRUCTIONS ON RETURN OF THE TRAINING MATERIALS.S. U. LICENSOR WILL NOT BE LIABLE FOR LOST PROFITS. performance.S. Government shall be governed solely by the terms of this Agreement and shall be prohibited except to the extent expressly permitted by the terms of this Agreement. LICENSOR SHALL NOT BE LIABLE FOR ANY SPECIAL. pursuant to DFAR Section 227. reproduction release. OR CONSEQUENTIAL DAMAGES. OR SHALL BE DEEMED WAIVED. Any use. IF YOU DO NOT AGREE WITH THE ABOVE TERMS AND CONDITIONS.

com alias. Your feedback is what continually keeps us enhancing our product portfolio. telephone number and what certification and track you feel that they're interested in. I'd personally like to thank you for putting your greatest certification journey in our hands. 14 | P a g e Version 5. and trusting us to deliver cutting-edge training to help you accomplish this goal. free of charge. In addition. CCIE #5244 (Emeritus) / Founder & CEO . Wayne A. Our online support community has attracted a membership of your peers from around the world.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. please do so via the feedback@ipexpert.iPexpert. Inc. Google+ and YouTube for more in-depth discussion on current industry trends and CCIE preparation tips.com and let us know how iPexpert played a role in your success. If your referral makes a purchase. If your referrals exceed a certain threshold. my team and I feel extremely confident that your chances of passing will improve dramatically with the use of our training materials. CCIE number and the track to success@ipexpert. and Thank You! On behalf of the entire iPexpert team. Volume 1 Welcome. when you pass your CCIE Lab Exam. we want to hear about it! Please email your Full Name (used in the CCIE Verification Tool). and is monitored on a daily basis by our instructors and our students. we value the feedback (both positive and constructive) offered by our clientele.2F . email address. Lastly. If you have any of your peers who you feel will value by the use of any of our training materials. LinkedIn. You can also follow up on Facebook. we are also proud to lead the industry with multiple support options at your disposal. and approve of our training and 2) it helps us to continue to grow as a company. value. Twitter. If there is anything you'd like us to know. It tells us that. -Respectfully. Our dedication to offering the best tools and content to help students succeed could not be possible without your comments and suggestions. Although there is no way to guarantee a 100% pass rate on the CCIE Lab. we will provide you with in-house credit that can be used at any time. referrals are very important to us. 1) you like. please send us their name. We also consistently publish technical articles / papers on our blog. Feedback At iPexpert. Technical Support and Freebies To conclude. we will also include a gift card of your choice (either an American Express or Amazon gift card). We would like to be sure you're welcomed into the "CCIE Club" appropriately. and it is greatly appreciated. send you a gift for your accomplishment. Lawson II.

The next section consists of the Diagnostics section.  And.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. it's VERY IMPORTANT that you are well-prepared for all three Sections of the Lab Exam. which is the actual "lab" that most people focus on. we have not provided all of the topics and subtopics that Cisco has provided.2F .  Cisco has also made a drastic change in the topology that you'll be given. which will require you to have a CCO and Cisco Learning Network login prior to being given access. so you're familiar with the intricacies and technological specifics that can be introduced with a topology that large. We recommend that you reference Cisco's website URL. you could fail the Lab Exam if you don't receive enough points in 1 of the 3 sections. Cisco has created this impressive blueprint and broken it into sections. however. 15 | P a g e Version 5.  Cisco has also changed their retake policy which now requires their CCIE candidates to wait longer durations before their next attempt(s). That URL was found here at the date of this book's publication. The changes consisted of a modification of the lab structure to now include:  A restructure of the way the lab is delivered. The third section is the Configuration section. finally. It's common knowledge at the time of this book's publication that the topology you're given has gone from their previous 6 to 8 router / 4 switch topology (seen in the labs previous to V4). and have been primarily concerned about in the past. At any point. which is done without access to your rack. Volume 1 How to Use This Lab Preparation Workbook In 2014 Cisco announced a new CCIE Routing & Switching blueprint for their V5 of the Lab Exam. Cisco provides you with the 5 section titles and the number of points so you're able to understand how their grading works and how much focus and attention is placed on that various section. The primary section outline is provided below. which provides these details for the Routing & Switching V5 Lab. Below we have listed Cisco's new policy. You will first have to complete a Troubleshooting section where you'll have access to the rack that Cisco provides you to do so. It's imperative that you work through practice scenarios on a large topology. This change was one of the biggest changes we've seen the over 14 years since we've been delivering cutting-edge CCIE training materials. to a topology that could potentially consist of up to 40 routers and 8 switches. With this new lab structure.

zip file that's accessed when you're logged into your iPexpert's Member's Area. you'll be asked to reference various diagrams and to pre-load configurations. These pre-loaded configurations will be automatically loaded when you're utilizing our online rack rental solution.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 Cisco's New Retake Policy Cisco R&S V5 Blueprint (Primary Sections w/ Assigned Point Values)  Layer 2 Technologies: 20%  Layer 3 Technologies: 40%  VPN Technologies: 20%  Infrastructure Security: 5%  Infrastructure Services: 15% About This Lab Preparation Workbook Throughout this workbook. or endorsed in any way by Cisco. Additional Information Pertaining to Cisco's CCIE R&S Lab Exam NOTE The following information has been obtained from Cisco's Learning Network. unless otherwise noted. 16 | P a g e Version 5. If you're asked to reference a table.2F . it will be located within this actual workbook. We are not affiliated with. All diagrams are provided in a .

but are responsible for all devices residing in the network (hubs. Point values and testing criteria are provided.). Cost The Lab Exam cost does not include travel and lodging expenses. but the exam assumes knowledge of the more common protocols and technologies. More detail is found on the Routing & Switching Lab Exam Blueprint and the list of Lab Equipment and IOS Versions. You must report any suspected equipment issues to the proctor during the exam. No outside reference materials are permitted in the lab room. For more information on the Lab Exam Registration please reference the Take Your Lab Exam tab.2F . 17 | P a g e Version 5. You will not configure end-user systems. a 30 minute Diagnostic section.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Costs may vary due to exchange rates and local taxes (VAT. and a 5 hour Configuration section. Lab Environment The Cisco documentation is available in the lab room. adjustments cannot be made once the exam is over. Lab Exam Grading The labs are graded by proctors who ensure that all the criteria have been met. hands-on exam which requires you to configure and troubleshoot a series of complex networks to given specifications. Candidates must reach a minimum threshold in all three sections and achieve an overall passing score. Price not confirmed and is subject to change until full payment is made. etc. GST). Volume 1 About the CCIE Lab Exam The CCIE Lab Exam is an eight-hour. Lab Format The CCIE Routing & Switching Lab Exam consist of a 2 hour Troubleshooting section. You are responsible for any fees your financial institution charges to complete the payment transaction. The documentation can be navigated using the index. Candidates may choose to borrow up to 30 minutes from the Configuration section and use it in the Troubleshooting section. Knowledge of troubleshooting is an important skill and candidates are expected to diagnose and solve issues as part of the CCIE Lab Exam. They will use automatic tools to gather data from the routers in order to perform preliminary evaluations.

Refunds are given only when results change from fail to pass. the network must be up and running for a candidate to receive credit. A Review involves having a second proctor verify your answers and any applicable system- generated debug data saved from your exam. Reviews are available for all other tracks. 18 | P a g e Version 5. and Service Provider technology tracks. Results are Pass/Fail and failing score reports indicate major topic areas where additional study and preparation may be useful.2F . A Reread costs $1000. Payment is made online via credit card and your Reread or Review will be initiated upon successful payment. Reevaluation of Lab Results A Reread involves having a second proctor load your configurations into a rack to re-create the test and re-score the entire exam. As with the configuration section. Payment Terms Make your request within 14 days following your exam date by using the "Request for Reread" link next to your lab record. usually within 48 hours. Candidates will be presented with a series of trouble tickets for preconfigured networks and need to diagnose and resolve the network fault or faults.00 USD. You may not cancel the appeal request once the process has been initiated. Troubleshooting The CCIE Routing & Switching Lab Exam features a 2 hour troubleshooting section. Candidates who finish the Troubleshooting section early may proceed on to the Diagnostic section.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 Results You can review your Lab Exam results online (login required). Rereads are available for the Routing & Switching. but they will not be allowed to go back to Troubleshooting. NOTE This concludes any referenced content seen or found on Cisco's Learning Network.00 USD and a Review costs $400.

Volume 1 Section 1: Layer 2 Technologies 19 | P a g e Version 5.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

Estimated Time to Complete: 2 hours 20 | P a g e Version 5. CDP and some other related features.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 Lab 1: Configure and Troubleshoot Switch Port Modes Technologies Covered  CDP  Access ports  VLAN database  VLAN  Trunking  dot1Q  Native VLAN  Manual pruning  Layer 3 native interfaces  SVIs  Router-on-a-stick Overview You have been tasked to configure the Layer 2 part of the network and to enable the routing between 2 VLANs in a router-on-a-stick topology. You will be configuring VLANs.

com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide /cli_rel_4_0_1a/CLIConfigurationGuide/AccessTrunk.com/c/en/us/support/docs/lan-switching/inter-vlan-routing/41860-howto-L3- intervlanrouting.cisco. Extended.com/c/en/us/td/docs/ios-xml/ios/cdp/configuration/15-mt/cdp-15-mt- book/nm-cdp-discover.html  Configuring Access and Trunk Interfaces: http://www.cisco.cisco. We recommend watching the following learning videos which cover the topics seen in this lab scenario.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching Lab Exam.  Video Title: CDP  Video Title: Access Ports  Video Title: VLAN Database  Video Title: dot1q  Video Title: Native VLAN  Video Title: Manual Pruning  Video Title: Normal.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F . You may also refer to the diagram located within your configuration files for topology information. and Voice VLANs Topology Details Logically connect and configure your network as displayed in the drawing below.html  Configuring InterVLAN Routing on Layer 3 Switches: http://www. Volume 1 iPexpert’s Recommended Reading Material  Cisco Discovery Protocol Version 2: http://www. The topology used in the lab will be the following: 21|P a g e Version 5.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. CDP should only be running on the E3/1 and E3/2 interfaces.2F . 22 | P a g e Version 5. Volume 1 Diagram 1. the broadcasted CDP packets should not report mismatched native VLAN IDs. NOTE Load the initial configuration files before starting to work on the tasks. Connect to the terminal server for the online rack. Between Cat1 and Cat2.1: Switch Port Modes Topology Lab 1 Setup  This lab is intended to be used with online rack access. Disable CDP on R2. Configuration Tasks 1. and the neighbor should be declared lost after 6 missing updates. The updates should be sent every 20 seconds. 3. 4. and complete the configuration tasks as detailed below. Disable CDP on the connection between R6 and Cat2. Between Cat1 and Cat2. 2.

Configure interface E3/0 in access mode VLAN 101 on Cat1 and Cat2. 7.0. Volume 1 5.1. on E3/2. Allow only VLAN 103 on the trunk.0.4 E0/0.1/24 Cat2 Vlan 101 10.1/24 R2 E0/0 10.101. Ensure that you can ping from interface Vlan 103 on Cat1 to interface Vlan 101 on Cat2 by using R6 as the inter-VLAN routing point.0. 6.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. The configuration of the VLANs should appear in the running-configuration and no VLAN distribution protocol should be running. 102.0.103. 23|P a g e Version 5. Allow VLAN 102. 9.3 Cat1 Vlan 103 10. Do not use the ip route command.2/24 11.0.0. VLAN 999 should be the native VLAN. 8.103 10.1. VLAN103. Configure the following IP addresses under the following interfaces: Table 1.2 Cat1 E0/2 10. Configure an ISL trunk between Cat1 and Cat2 on E3/1. Configure VLAN 101. Configure a dot1q trunk between Cat1 and Cat2.2F .2/24 Make sure that ping between the two Interfaces above is working. Allow DTP to negotiate whether a trunk forms. VLAN999. 10.6/24 E0/0. VLAN102. and 999 in the VLAN local database of Cat1 and Cat2 with the respective name of VLAN101. Configure only the following SVIs: Table 1. VLAN 103 should be sent untagged.101 10.6/24 12.101. Configure the following sub-interfaces on E0/0 of R6: Table 1. 103.103.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Section 1 Copyright© iPexpert. Volume 1. For instructor and developer support. All Rights Reserved. Volume 1 Helpful Verification Commands  Show cdp  Show cdp neighbor  Show vtp status  Show interface trunk  Show interface Ethernet 1/2 switchport Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide.2F . This concludes Lab 1 of iPexpert's CCIE Routing & Switching Workbook. 24 | P a g e Version 5.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Estimated Time to Complete: 2 hours 25|P a g e Version 5.2F . Your VTP set-up should be secured and highly available. Volume 1 Lab 2: Configure and Troubleshoot VTP Technologies Covered  VTPv1  VTPv2  VTPv3  VTP pruning Overview You have been tasked to automatically distribute the VLANs in the network using VTP. You have to propagate normal VLANs. as well as extended VLANs.

Volume 1 iPexpert’s Recommended Reading Material  Understanding VLAN Trunk Protocol: http://www. You may also refer to the diagram located within your configuration files for topology information.cisco.  Video Title: VTPv1 and VTPv2  Video Title: VTPv3  Video Title: VTP pruning Topology Details Logically connect and configure your network as displayed in the drawing below.cisco.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching Lab Exam.html  VTP Version 3: http://www.com/c/en/us/products/collateral/switches/catalyst-6500-series- switches/solution_guide_c78_508010.2F .com/c/en/us/support/docs/lan-switching/vtp/10558-21. We recommend watching the following learning videos which cover the topics seen in this lab scenario. The topology used in the lab will be the following: 26 | P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

Volume 1 Diagram 2.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. NOTE Load the initial configuration files before starting to work on the tasks. and complete the configuration tasks as detailed below. Configure a dot1q trunk allowing all VLANs on all the connections between Cat1 and Cat2. and between Cat3 and Cat4. Configuration Tasks 1. between Cat2 and Cat3.1: VTP Topology 0 Lab 2 Setup  This lab is intended to be used with online rack access. Connect to the terminal server for the online rack. 27|P a g e Version 5.

7.2F . Configure R2 in VLAN 150 and R5 in VLAN 1500 as client ports. Add VLAN 150 and 151 on Cat4. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. Configure Cat3 not to update its VLAN database. but not to Cat3. Volume 1 2. 4. Configure Cat1 and Cat2 as client of Cat4. This password should be stored in the NVRAM database. Volume 1. but not on Cat3. 28 | P a g e Version 5. Configure the VTP domain with a password of "090909". Since Cat1 does not have any client ports in VLAN 151. Helpful Verification Commands  Show interface trunk  Show interface Ethernet 1/2 switchport  Show VTP status  Show VLAN Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. 5. Cat3 should silently forward VTP packets. and check that those VLANs are now present on Cat1 and Cat2. This concludes Lab 2 of iPexpert's CCIE Routing & Switching Workbook. 3. 6. and make sure that it is propagated to Cat1 and Cat2. make sure that broadcast packets in VLAN 151 will never be transmitted to Cat1. Ensure that the next VLAN created will not be propagated to switches where this VLAN is not allowed on any trunks. 9. Section 1 Copyright© iPexpert. 8. Ensure that Cat2 can take over the server role in the case of a failure of Cat4. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. Configure Cat4 as the server of the VTP domain iPexpert. All Rights Reserved. 10. Add VLAN 1500 on Cat4.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. For instructor and developer support.

Estimated Time to Complete: 3 hours 29|P a g e Version 5. Volume 1 Lab 3: Configure and Troubleshoot Portchannels Technologies Covered  LACP etherchannel  PagP etherchannel  Manual etherchannel  L2 etherchannel  L3 etherchannel  Load-balancing  Etherchannel misconfiguration guard Overview You have been tasked to configure seamless redundancy in the network by bundling several physical connections into a logical connection called port-channel. In addition. you should traffic- engineer the way that traffic is distributed on the different members of those port-channels.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

2F .html  EtherChannel Misconfiguration Guard: http://www.com/c/en/us/td/docs/switches/metro/me3600x_3800x/software/release/15- 4_1_S/configuration/guide/3800x3600xscg/swstpopt.html .com/c/en/us/td/docs/switches/metro/me3600x_3800x/software/release/15- 4_3_S/configuration/guide/3800x3600xscg/swethchl.cisco.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 iPexpert’s Recommended Reading Material  Configuring EtherChannels: http://www.cisco.com/c/en/us/td/docs/switches/metro/me3600x_3800x/software/release/15- 4_3_S/configuration/guide/3800x3600xscg/swethchl.cisco. You may also refer to the diagram located within your configuration files for topology information.wp1113708  Configuring EtherChannel Load Balancing: http://www. We recommend watching the following learning videos which cover the topics seen in this lab scenario.  Video Title: Manual Ethernetchannels  Video Title: PAgP  Video Title: LACP  Video Title: Layer2 and Layer3 Etherchannels  Video Title: Load-Balancing  Video Title: Etherchannel Misconfiguration Guard Topology Details Logically connect and configure your network as displayed in the topology drawing.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching Lab Exam. The topology used in the lab will be the following: 30 | P a g e Version 5.

and allow only VLAN 101. 2. Cat2 should never start the negotiation.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 Diagram 3. configure a PagP port-channel Po34 ISL trunk. Connect to the terminal server for the online rack. configure a static port-channel Po23 dot1q trunk and allow only VLAN 101. and complete the configuration tasks as detailed below. Between Cat3 and Cat4. and allow only VLAN 102. NOTE Load the initial configuration files before starting to work on the tasks. Configure PagP to protect the port-channel against unidirectional failure and assume both switches are PAgP-capable. Between Cat2 and Cat4. Cat3 should not start the etherchannel negotiation. 3.2F .1: Portchannels Topology Lab 3 Setup  This lab is intended to be used with online rack access. Between Cat2 and Cat3. configure a LACP port-channel Po24 trunk. Configuration Tasks 1. 31|P a g e Version 5.

All Rights Reserved. make sure that all the flows coming from a MAC address are using the same PagP member when the packet returns to this MAC address. all the TCP flows from a source MAC address to the same destination MAC address should use the same member in all the port- channels just configured. On the Port-channel between the Cat2 and the Cat4. On the Port-channel between the Cat3 and the Cat4. Section 1 Copyright© iPexpert. 5. Po14.2F . Use the subnet 10. Create a static redundant routed port. Volume 1 4. Configure the four switches with a mechanism to disable the port-channel in the case of a mis- configuration that leads to the port-channel receiving Spanning-Tree BPDUs on two different members. For instructor and developer support.x/24 where x is the device.0. 6. between. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area.14. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. 32 | P a g e Version 5. Cat1 and Cat2. 7. 8. Ensure that E5/0 will be used as LACP failover if 9 members are present in the Port-channel.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Helpful Verification Commands  Show etherchannel summary  Show etherchannel port-channel  Show etherchannel load-balance Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. Volume 1. This concludes Lab 3 of iPexpert's CCIE Routing & Switching Workbook. Ensure that Cat4 controls LACP negotiation.

BPDUfilter  Loopguard  Rootguard  Backbonefast  Loopfast  UDLD Overview You have been tasked to guarantee in a redundant L2 network a loop-free topology by configuring the Spanning Tree protocol. The 2 routers R6 and R9 will be considered as hosts that should not make part of the spanning-tree topology. Estimated Time to Complete: 4 hours 33|P a g e Version 5. Volume 1 Lab 4: Configure and Troubleshoot Spanning-tree Protocol Technologies Covered  PVST+  Switch priority  Port priority  Path cost  STP timers  Port fast  BPDUguard.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Traffic engineering and optimization is also required.

com/c/en/us/td/docs/switches/metro/me1200/controller/guide/b_nid_control ler_book/b_nid_controller_book_chapter_0111. We recommend watching the following learning videos which cover the topics seen in this lab scenario.  Video Title: UDLD  Video Title: PVST+  Video Title: Switch Priority  Video Title: Port Priority  Video Title: Path Cost  Video Title: STP Timers  Video Title: BPDU Guard  Video Title: BPDU Filter  Video Title: Loopguard  Video Title: Rootguard  Video Title: Portfast 34 | P a g e Version 5.com/c/en/us/td/docs/switches/metro/me3600x_3800x/software/release/15- 4_1_S/configuration/guide/3800x3600xscg/swstpopt.cisco.2F .html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching Lab Exam. Volume 1 iPexpert’s Recommended Reading Material  Configuring Spanning-Tree Protocol: http://www.cisco.html  Configuring Optional Spanning-Tree Features: http://www.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

Configure the 4 Catalysts to run PVST+ (and not rapid PVST+). and complete the configuration tasks as detailed below. Configuration Tasks 1.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 Topology Details Logically connect and configure your network as displayed in the drawing below. You may also refer to the diagram located within your configuration files for topology information. Connect to the terminal server for the online rack. The topology used in the lab will be the following: Diagram 4. 35|P a g e Version 5. Configure all the inter-switch connections as dot1q trunks.2F . NOTE Load the initial configuration files before starting to work on the tasks.1: Spanning Tree Topology Lab 4 Setup  This lab is intended to be used with online rack access. allowing all VLANs. 2.

VLAN 22 should be native of the dot1q trunk. 13. When a failure occurs on a switch with Uplinkfast feature on. Reduce the convergence time associated with indirect failures in the network. a maximum of 100 dummy multicast packets have to generate every second in order to update the rest of the network bridging tables. With all connections up on VLAN 22. 7. 5. Configure the ports connected to the routers to transition immediately from blocked to forwarding. Configure Cat1 as the secondary root bridge for VLAN 22. 36 | P a g e Version 5. 12.2F . In VLAN 22. Configure the port to re-enable itself automatically after 1 minute. Enable the Uplinkfast feature on the switches where it cannot create loops. Enable Rootguard on the e3/1 interface of Cat1. Configure Cat3 as the primary root bridge on for VLAN 22. the max aging time to 20s and the forward delay to 15s. configure the switch port to ignore and silently drop them. Configure Cat2 as the primary root bridge for VLAN 21. the traffic from R6 to R9 should be forwarded using the following path: Cat2-Cat1-Cat3-Cat4. 14.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. 16. 8. Do not use a command containing root in order to achieve this. the traffic from Cat1 to Cat2 and from Cat3 and Cat4 should flow over the E3/0 connections. the traffic from R6 to R9 should be forwarded using the following path: Cat2-Cat3-Cat4. Configure Cat1 as a VTP server for the domain iPexpert and configure VLAN 21 and 22. If R9 sends BPDUs. 9. Optimize the timers to the number of switches. Configure R9 as a client with a trunk connection allowing VLAN 22. With all connections up on VLAN 21. With all connections up on VLAN 21. Configure Cat4 as the secondary root bridge for VLAN 21. change the hello timer to 5s. 4. Volume 1 3. 11. 15. configure the switch port to transition to error-disabled when it happens. the traffic from Cat1 to Cat2 and from Cat3 and Cat4 should flow over the E3/0 connections. Configure R6 as a client in VLAN 21 in access mode. If R6 sends BPDUs. 17. Do not use a command containing priority in order to achieve this. make sure that Cat2 and Cat4 will be the least preferable switches to become the root of this network. On VLAN 22. With all connections up on VLAN 22. 18. 10. 6.

37|P a g e Version 5. Volume 1.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. re-enable that port automatically after 5 minutes. The link between Cat1 and Cat3 should be protected from a loop caused by a unidirectional link. Do not use UDLD. All Rights Reserved. Section 1 Copyright© iPexpert.2F . This concludes Lab 4 of iPexpert's CCIE Routing & Switching Workbook. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. If UDLD puts Cat1’s or Cat4’s E4/0 into the error-disable state. For instructor and developer support. 20. Helpful Verification Commands  Show spanning-tree  Show spanning-tree summary  Show spanning-tree VLAN x  Show spanning-tree root Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. Volume 1 19.

Estimated Time to Complete: 2 hours 38 | P a g e Version 5.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Multi-instance Spanning-tree (MST) allows a switch to run one STP instance for a group of VLANs. You have been tasked to optimize the spanning-tree protocol in order to reduce the load on the CPU of the switches. Volume 1 Lab 5: Configure and Troubleshoot Multi- Instance Spanning-tree Protocol (MST) Technologies Covered  MST  MST region  RPVST+ Overview The switches in this lab are experiencing very high CPU utilization.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 iPexpert’s Recommended Reading Material  Configuring MSTP: http://www.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12- 2_55_se/configuration/guide/3750xscg/swmstp.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/72836- rapidpvst-mig-config.2F . The topology used in the lab will be the following: 39|P a g e Version 5. We recommend watching the following learning videos which cover the topics seen in this lab scenario.  Video Title: Rapid PVST+  Video Title: MST Topology Details Logically connect and configure your network as displayed in the drawing below.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching Lab Exam.cisco. You may also refer to the diagram located within your configuration files for topology information.html  Spanning-Tree from PVST+ to Rapid-PVST+: http://www.

2F . NOTE Load the initial configuration files before starting to work on the tasks. 40 | P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. and complete the configuration tasks as detailed below. Connect to the terminal server for the online rack.1: MST Topology Lab 5 Setup  This lab is intended to be used with online rack access. Volume 1 Diagram 5.

MST instance 10 will encompass the VLAN range 100-150. Configure the MST region iPexpertRegion to always be the root of the CST. 10. configure Cat3 to always be the root primary and Cat2 to be the root secondary. 200. 220. 8. and 210 on Cat4. 230. 11. Configure VLAN 100. 200. 4. For MST instance 20. 7. 12. and Cat3. Helpful Verification Commands  Show spanning-tree detail  Show spanning-tree mst configuration  Show spanning-tree vlan X 41|P a g e Version 5. For MST instance 10. and 210 on Cat1. Do not use the priority command. and Cat3 to run the MST protocol with the name iPexpertRegion. Ensure that port E3/0 on the Cat4 is in BLK state. 6. make sure that the STP blocked path is on the E3/0 for instance 10. 210. 110. Configure VLAN 100. Ensure that port E4/0 on Cat4 is in BLK state. and 250. 110. 2. 240. Cat2. Configure all the inter-switch connection as trunk dot1q trunking all the VLANs. Make sure that the spanning-tree reconfiguration on Cat4 occurs in less than one second with 802.2F . Cat2.1w.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. MST instance 20 will encompass the VLANs 200. 5. Volume 1 Configuration Tasks 1. 3. 9. Between Cat1 and Cat2. Configure Cat1. configure Cat2 to be the root primary and Cat3 to be the root secondary.

For instructor and developer support. Volume 1 Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. All Rights Reserved. Volume 1.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. 42 | P a g e Version 5. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. This concludes Lab 5 of iPexpert's CCIE Routing & Switching Workbook. Section 1 Copyright© iPexpert. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide.2F .

Voice VLAN. Estimated Time to Complete: 2 hours 43|P a g e Version 5. Volume 1 Lab 6: Miscellaneous Layer 2 Topics Technologies Covered  Managing MAC address table  Voice VLANs  Smartports Macros  Private VLAN Overview This lab focuses on several miscellaneous Layer 2 Topics.2F . Macros and Private VLANs. such as CAM table management.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

 Video Title: Errdisable Recovery  Video Title: Managing MAC Address Table Topology Details Logically connect and configure your network as displayed in the drawing below.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12- 2_53_se/configuration/guide/3750xscg/swmacro. Volume 1 iPexpert’s Recommended Reading Material  Configuring Private VLANS: http://www.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F .html  Configuring Auto Smartport Macros: http://www.cisco. We recommend watching the following learning videos which cover the topics seen in this lab scenario. You may also refer to the diagram located within your configuration files for topology information.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching Lab Exam. The topology used in the lab will be the following: 44 | P a g e Version 5.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12- 2_53_se/configuration/guide/3750xscg/swpvlan.

Volume 1 Diagram 6. the dynamic MAC-address table entries should be removed from the table when they are not re-learned after 10 seconds. Configuration Tasks 1. On Cat1. Configure a dot1q trunk between Cat2 and R6. This trunk should be allowed on VLAN 121 and VLAN 122. NOTE Load the initial configuration files before starting to work on the tasks. Connect to the terminal server for the online rack. On Cat1. 4. On Cat1 configure interface E1/1 as an access port in VLAN 120. add a static entry that indicates the MAC address of the interface E0/0 of R5 is located in VLAN 120 behind interface E1/1.1: Layer 2 Topology Miscellaneous Lab 6 Setup  This lab is intended to be used with online rack access.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F . 2. 45|P a g e Version 5. 3. and complete the configuration tasks as detailed below.

This port-channel is a dot1q trunk allowing VLAN 121.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. 7. and VLAN 500. 46 | P a g e Version 5. A laptop called "Laptop2" with a Wireshark sniffer is connected on Cat1 on the port E0/3. Volume 1 5. Volume 1. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. A laptop called "Laptop1" with a Wireshark sniffer is connected on Cat2 on the port E1/3. Helpful Verification Commands  Show macro auto device  Show interface private-vlan mapping  Show monitor session Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area.2F . 8. Configure a LACP port-channel between Cat1 and Cat2. For instructor and developer support. VLAN 122. Configure this port with an access port in VLAN 1. The voice traffic on E1/0 should use this voice VLAN. Configure this port with dot1q trunk encapsulation allowing all the VLANs. Bundle interface E3/0 with E3/1 on both sides. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. All Rights Reserved. This concludes Lab 6 of iPexpert's CCIE Routing & Switching Workbook. Configure a VLAN of 33 reserved for voice traffic on Cat3. 6. Section 1 Copyright© iPexpert.

PPP connection may have to be authenticated or aggregated in a bundle. Estimated Time to Complete: 2 hours 47|P a g e Version 5. CHAP  PPPoE  MLPPP  PPP inter-leaving  RTP reserve  Virtual-assembly Overview You have been tasked to configure the serial connections of your network with HDLC and PPP encapsulation.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. You will also have to deal with fragmentation.2F . Volume 1 Lab 7: HDLC and PPP/PPPoE Technologies Covered  HDLC  PPP PAP. inter-packet delay and basic queuing mechanisms.

GUID-CEEDEFE1-326B-4D1B-AB06-4290FDF04F53 iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching Lab Exam.cisco.html  PPPoE Server : http://www. The topology used in the lab will be the following: 48 | P a g e Version 5.2F .com/c/en/us/td/docs/ios-xml/ios/bbdsl/configuration/15-mt/bba-15-mt- book/bba-ppoe-client.cisco.  Video Title: L2 Introduction  Video Title: PPP Configuration  Video Title: PPP and AAA Topology Details Logically connect and configure your network as displayed in the drawing below.html .com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/15-mt/sec-usr- aaa-15-mt-book/sec-cfg-authentifcn.html  PPP over Ethernet Client: http://www. You may also refer to the diagram located within your configuration files for topology information.cisco.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 iPexpert’s Recommended Reading Material  Configuring Authentication: http://www.com/c/en/us/td/docs/ios-xml/ios/bbdsl/configuration/15-mt/bba-15-mt- book/bba-ppoe-client. We recommend watching the following learning videos which cover the topics seen in this lab scenario.

Turn on the CHAP authentication with the password of “Password35”. The virtual-template number should use id 23 and the IP address configured on the virtual template is 10.26. The IP pool is called “iPexpertpool” and the range is from 10. 5. 49|P a g e Version 5. Connect to the terminal server for the online rack.2F .26.1. The link between R3 and R5 should be using the PPP encapsulation. Turn on the PAP authentication with the password of “Password361”. Limit the number of sessions established (per client MAC address) to 3.26. R6 is the server side and R2 is the client side.255. 3.1: HDLC and PPP/PPoE Topology Lab 7 Setup  This lab is intended to be used with online rack access. The link between R3 and R6 should be using the PPP encapsulation.20. Check that you can ping from R3 to R6. On the server side. a BBA is called “iPexpertgroup”. and complete the configuration tasks as detailed below. The link between R3 and R4 should be using the HDLC encapsulation.10 to 10. Configure PPPoE between the R6 and the R2 routers. If the PAP authentication is unsuccessful.1.255.6 255. Check that you can ping from R3 to R4. 2. 4. Check that you can ping from R3 to R5.1. Volume 1 Diagram 7. Configuration Tasks 1.0.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. CHAP authentication has to kick in with a password of “Password362”.

Configure the ip address of 10. 11. Bundle with PPP multilink the two serial connections between R6 and R9. There will be voice traffic running over the multilink PPP connection. Use a group ID of 69. 12.1.9/24 on the R9 PPP multilink69. Ensure that a small voice packet is delayed a maximum of 20 ms because of the transmission of a big data packet. Make sure that unnecessary fragmentation is avoided.69. Volume 1 6. On the client side. Check that you can ping from R6 to R9. Configure the IP address of 10. Helpful Verification Commands  Show ppp interface  Show pppoe summary  Show pppoe statistics  Show vpdn  Show vpdn session all 50 | P a g e Version 5.6/24 on the R6 PPP multilink69. Check that you can ping from R6 to R2.2F . 8.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. The client R2 should authenticate when connecting on the server. 7. Reserve 1 Mbps in a special queue for real-time packet flows designated to the UDP port starting 32768 and ending 32867. use the ID 26 for both the dialer interface and the dialer-pool-number interface. Create a local account username called R2 with the password "Password26".1.69. 13. Ensure that it is checked on the PPP multilink interfaces that all the fragments of an IP datagram are received on the virtual interfaces before forwarding them. 9. 10.

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Technical Verification and Support

To verify your configurations please ensure that you have downloaded the latest “final
configurations” from within the iPexpert Member’s Area.

You may also verify your configurations and obtain a detailed overview of why specific
commands were used within the accompanying Detailed Solution Guide.

For instructor and developer support, please be sure to submit questions through our
interactive support community that’s accessible from the Member’s Area.

This concludes Lab 7 of iPexpert's CCIE Routing & Switching Workbook, Volume 1, Section 1
Copyright© iPexpert. All Rights Reserved.

51|P a g e Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Section 2: Layer 3 Technologies

52 | P a g e Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Lab 8: Configure and Troubleshoot Basic IP
Routing

Technologies Covered

 Static route
 Traffic engineering
 Floating static route
 Object tracking
 PBR
 GRE

Overview

You have been tasked to configure basic routing in your network. Knowledge of routing-related
concepts will be critical in this lab; Proxy ARP, Static Routing, GRE tunnels and (Local) Policy Based
routing will have to be configured.

Estimated Time to Complete: 4 hours

53|P a g e Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

iPexpert’s Recommended Reading Material

 Policy-based Routing:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_pi/configuration/15-mt/iri-15-mt-
book/iri-pbr.html

 Basic IP Routing:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_pi/configuration/15-mt/iri-15-mt-
book/iri-iprouting.html

 Configuring a GRE Tunnel:
https://supportforums.cisco.com/document/13576/how-configure-gre-tunnel

 How GRE Keepalives Work:
http://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/118370-
technote-gre-00.html

iPexpert’s Recommended Video Training

iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE
Routing & Switching Lab Exam. We recommend watching the following learning videos which
cover the topics seen in this lab scenario.

 Video Title: IP Routing

 Video Title: Policy-based Routing

 Video Title: Tunneling & GRE

 Video Title: GRE tunnels

 Video Title: Service Level Agreement (SLA) and Object Tracking

Topology Details

Logically connect and configure your network as displayed in the drawing below. You may also
refer to the diagram located within your configuration files for topology information.

The topology used in the lab will be the following:

54 | P a g e Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Diagram 8.1: Basic IP Routing Topology

Lab 8 Setup

 This lab is intended to be used with online rack access. Connect to the terminal server for the
online rack, and complete the configuration tasks as detailed below.

NOTE
Load the initial configuration files before starting to work on the tasks.

55|P a g e Version 5.2F

At this point. 8.4. Configure DMVPN phase 2 as the underlying technology.0/24 pointing to the next-hop on R4. The tunnel0 interface should go down because of a recursion issue.6/24 on R6. Ensure that you can ping the loopback0 of R2 and R3 with a ping sourcing from the E0/0 ip address of R6. On R1. 56 | P a g e Version 5. Volume 1 Configuration Tasks 1. On R6. On R4. Leave this tunnel0 down as it is.0. Configure a GRE tunnel interface Tunnel0 between the loopback0 of R6 and the loopback0 of R3. On R2 tunnel interface. Configure default routes on R6 and R3 to each other with an AD of 250. 10.0. 5. but to R5 as a next-hop. 9.0. configure a default-route using the next-hop of R1. Check that you can ping the loopback0 of R3 with a ping sourcing on the tunnel interface of R1. On R1. Check that you can ping the loopback0 of R2 and R3.1/24 on R1 and 16. Configure static routing so that you can ping the loopback0 of R1 with a ping sourcing from the loopback0 IP address of R6. configure a static route to network 10. R2. configure a floating default route that will be used in the case that the tunnel interface to R1 goes down. R1. Create a static ARP entry to achieve this task. On R1.0/16 pointing to E0/0. Use ip address 36. This floating route should not point to R1. you are not asked to configure all the static routing that will make the backup path operational. Disable proxy-ARP on E0/1 of R2 and R3. 14. 3. disable proxy-arp. On R3. On R1. Multicast support has to be configured. configure a static route to the loopback network of router R3 using the Tunnel 0 as egress with an AD of 5. 12.0. Configure a GRE tunnel interface Tunnel16 between the loopback0 of R6 and the loopback0 of R1.1.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Use ip address 16. 11. On R6. On R4. and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes. The ping should follow the R6-R3-R1 route and use the DMVPN tunnel. configure a default-route using the next-hop of R5 with an AD of 5. configure a static route to the loopback0 of R2 using the tunnel interface on R2 as the egress interface.0.2F . configure a static route to the network 10.0. 2. ensure that you can ping the loopback0 of R2 with a ping sourcing on the tunnel interface of R1.3/24 on R3 and 36.6/24 on R6.0. 13. 6.0. 4.0. 7. configure a static route to the loopback0 of R3.1.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. use local-policy based routing to route to the loopback interface of R9. Volume 1. Do not use local policy-base routing. the traffic should be routed over R4. 18. For instructor and developer support. configure default routing using policy-based routing. Helpful Verification Commands  Show route-map  Show policy-map interface x/x  Show ip route  Show interface tunnel x Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area.2F . Use object tracking and IP SLA. 16. Section 2 Copyright© iPexpert. Volume 1 15. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. On R5. On R6. The default-route using the next-hop of R5 should be used when the loopback0 of R1 has become unreachable. On R9. This concludes Lab 8 of iPexpert's CCIE Routing & Switching Workbook. When CDP detects that R5 to R3 connectivity is down. You should be able to ping the loopback0 of R6 with a ping sourcing from the loopback0 of R9. 57|P a g e Version 5. 17. This default routing should be pointing to a next-hop of R3 IP address using PBR. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. use local-policy based routing to route to the loopback interface of R6. All Rights Reserved.

Volume 1 Lab 9: Configure and Troubleshoot Routing Information Protocol (Part 1) Technologies Covered  RIP version 2  Split-horizon  Auto-summarization  Send and receive version  Manual summarization  Convergence timers  Offset-list  Distribute-list  Per neighbor AD filtering Overview You have been tasked to configure routing in your network using the RIP version 2 protocol. Summarization will have to be enabled in certain places and RIP timers will have to be tuned.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Full IP reachability in Hub & Spoke topology must be accomplished in this lab and some of the devices must exchange routing updates in a secure way. Estimated Time to Complete: 2 hours 58 | P a g e Version 5.2F .

com/c/en/us/td/docs/ios-xml/ios/iproute_rip/command/irr-cr-book/irr-cr- rip.html  Configuring RIPv2: http://www. Volume 1 iPexpert’s Recommended Reading Material  Administrative Distance : http://www.html  RIP Commands and Features: http://www. We recommend watching the following learning videos which cover the topics seen in this lab scenario.cisco.cisco.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.cisco.  Video Title: Basic RIP Configuration  Video Title: RIPv2 Split Horizon Part I and II  Video Title: RIPv2 Authentication  Video Title: RIPv2 Auto-Summary  Video Title: RIPv2 Manual Summarization  Video Title: RIPv2 Convergence and Convergence Timers  Video Title: RIPv2 Standard ACL Distribution-List  Video Title: RIPv2 Extended ACL Distribution-List  Video Title: RIPv2 Prefix-List Distribution List  Video Title: RIPv2 Offset-Lists  Video Title: Passive Interface RIP  Video Title: RIPv2 Filtering via Administrative Distance 59|P a g e Version 5.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching Lab Exam.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/15986-admin- distance.2F .com/c/en/us/td/docs/ios-xml/ios/iproute_rip/configuration/15-mt/irr-15-mt- book/irr-cfg-info-prot.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. 60 | P a g e Version 5. NOTE Load the initial configuration files before starting to work on the tasks. You may also refer to the diagram located within your configuration files for topology information. and complete the configuration tasks as detailed below.2F .1: RIP Version 2 Topology Lab 9 Setup  This lab is intended to be used with online rack access. Connect to the terminal server for the online rack. Volume 1 Topology Details Logically connect and configure your network as displayed in the drawing below. The topology used in the lab will be the following: Diagram 9.

Use manual summarization.16.0. R2.0.0. configure Serial4/0 to send updates every 6 seconds towards R5. On R2. DMVPN is the underlying used technology. Configure RIP MD5 authentication on the 11. Configure RIP version 2 in this DMVPN network.1.2F . Configure RIP filtering so that R3 does not learn 5. Advertise the loopbacks of R5 in the RIP process. 10 second hold. 3. R5 should learn all RIP subnets.0. Configure the RIP timers on R1. Do not use distribute-list or administrative distance poisoning.0. and 80 second flush.0/8 should be routed via the tu23 and the network 24. On R1.0. all the traffic should be sent to R2.0/24 is advertised to the router R3. Advertise loopbacks of R6 in the RIP process.0/24 network. 10. Do not use any access-list. and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. R6 is running version 1. and R3 to 20 second updates.0. On R2. a key number 1.236. R1. 7.0. 11. 13.0. 14.0/24 can send and receive either version 1 or version 2 packets.0/8.0/8 entry in the routing table of R5. 5.0/24 received on Ethernet0/0 should be rejected. On R3.0. and a key-string of “iPpassword”. and the network 201. Volume 1 Configuration Tasks 1. Do not use offset-list or administrative distance poisoning. and R3 should never be used as a next hop.0. 2.0/24 received on Ethernet0/1 should be rejected.1. Advertise the loopbacks 10 of R1.0/8 should be routed via the E0/1. Ensure that the network 200. 61|P a g e Version 5. Use a key chain of “iPexpertchain”. Configure 2 Prefix-lists. Make sure that the interfaces part of network 172.16. 12. 4. R2.236. Enable RIP on the 172. 15. Configure RIP version 2 between R5 and R3. On R1. Do not use manual summarization.0. 9. 6. R2. 16.0/24 network. Ensure full reachability in this hub and spoke technology.0. distribute- list. and R3 in the RIP process. the network 23. the network 200. Use administrative distance poisoning. 8. Ensure that there is a single 10.0. and do not change AD values. 40 second invalid. check that you can ping the loopback10 of R3 sourcing from the loopback10 of R2.

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Helpful Verification Commands
 Show ip protocols
 Show ip route rip
 Show ip rip database

Technical Verification and Support

To verify your configurations please ensure that you have downloaded the latest “final
configurations” from within the iPexpert Member’s Area.

You may also verify your configurations and obtain a detailed overview of why spec ific
commands were used within the accompanying Detailed Solution Guide.

For instructor and developer support, please be sure to submit questions through our
interactive support community that’s accessible from the Member’s Area.

This concludes Lab 9 of iPexpert's CCIE Routing & Switching Workbook, Volume 1, Section 2
Copyright© iPexpert. All Rights Reserved.

62 | P a g e Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Lab 10: Configure and Troubleshoot
Routing Information Protocol (Part 2)

Technologies Covered

 RIP default route
 RIP update
 Unicast update
 Broadcast update
 Triggered update
 Source validation

Overview

You have been tasked to configure routing in your network using the RIP version 2 protocol. Full
IP reachability in Hub & Spoke topology must be accomplished in this lab and some of the devices
must exchange routing updates as unicast. Triggered Updates, Source Validation and PPP with
IPCP for address allocation will have to be configured.

Estimated Time to Complete: 2 hours

63|P a g e Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

iPexpert’s Recommended Reading Material

 Configuring RIPv2:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_rip/configuration/15-mt/irr-15-mt-
book/irr-cfg-info-prot.html

 Advanced RIP Features:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_rip/configuration/15-mt/irr-15-mt-
book/irr-adv-rip.html

 RIP Commands and Features:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_rip/command/irr-cr-book/irr-cr-
rip.html

iPexpert’s Recommended Video Training

iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE
Routing & Switching Lab Exam. We recommend watching the following learning videos which
cover the topics seen in this lab scenario.

 Video Title: RIPv2 Split-Horizon

 Video Title: RIPv2 Update Operations and Manipulations

 Video Title: RIPv2 Basic Default Routing

 Video Title: RIPv2 Advanced Default Routing

 Video Title: RIPv2 Offset-lists

Topology Details

Logically connect and configure your network as displayed in the drawing below. You may also
refer to the diagram located within your configuration files for topology information.

The topology used in the lab will be the following:

64 | P a g e Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Diagram 10.1: RIP Version 2 Topology

Lab 10 Setup

 This lab is intended to be used with online rack access. Connect to the terminal server for the
online rack, and complete the configuration tasks as detailed below.

NOTE
Load the initial configuration files before starting to work on the tasks.

65|P a g e Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Configuration Tasks

1. R1, R2, and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the
spokes. DMVPN is the underlying used technology. Configure RIP version 2 in this DMVPN
network.

2. The RIP updates have to be sent as unicast packets on the DMVPN tunnels.

3. Advertise the loopbacks 0 of R1, R2, and R3 in the RIP process.

4. Ensure full reachability in this hub and spoke technology. On R2, check that you can ping the
loopback of R3 sourcing from the loopback of R2.

5. Configure RIP version 2 between R1 and R4. Advertise the loopback of R4 into the RIP process.

6. R1 should advertise a default route to all its RIP neighbors with the exception of R4.

7. If the E0/0 interface is going down, R1 will stop advertising this default route.

8. Configure RIP version 2 on the LAN connecting R2, R3, and R6. Advertise the loopback of R6 into
the RIP process.

9. The RIP updates should be broadcasted on the LAN 10.1.236.0/24.

10. Configure RIP version 2 on the serial connection between R3 and R5. Advertise the loopback 0 of
R5 into the RIP process.

11. The RIP updates between R3 and R5 should stay silent. Updates should be sent only when there is
a change in the topology.

12. Configure RIP version 2 on the serial connection between R6 and R9. Advertise the loopback of
R9 into the RIP process.

13. Configure PPP encapsulation on the serial connection between R6 and R9. Use IPCP for address
allocation with PPP. R6 is the server side (IP address 10.1.69.6/24) and R9 is client side (IP address
10.1.69.9/32 assigned by server). Ensure that R6 is getting the RIP updates from R9 and that you
can ping the loopback of R9 sourcing from the loopback of R6.

14. R5 should advertise a default-route to R3. This default-route should only be advertised if the
network 10.1.2.2/32 is present in the routing table.

66 | P a g e Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Helpful Verification Commands
 Show ip protocols
 Show ip route rip
 Show ip rip database

Technical Verification and Support

To verify your configurations please ensure that you have downloaded the latest “final
configurations” from within the iPexpert Member’s Area.

You may also verify your configurations and obtain a detailed overview of why specific
commands were used within the accompanying Detailed Solution Guide.

For instructor and developer support, please be sure to submit questions through our
interactive support community that’s accessible from the Member’s Area.

This concludes Lab 10 of iPexpert's CCIE Routing & Switching Workbook, Volume 1, Section 2
Copyright© iPexpert. All Rights Reserved.

67|P a g e Version 5.2F

2F . Volume 1 Lab 11: Configure and Troubleshoot EIGRP (Part 1) Technologies Covered  EIGRP AS mode  EIGRP named mode  Stub  Summarization  Authentication  Key chain rotation  Prefix number limiting Overview You have been tasked to configure the routing reachability in your network using the EIGRP protocol. will have to be configured. such as EIGRP Stub or Prefix Limiting. Loopback interfaces of DMVPN devices must be reachable within the Cloud and more advanced topics.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Estimated Time to Complete: 3 hours 68 | P a g e Version 5. Two ways of configuring EIGRP (AS vs Named mode) will be tested in this lab.

com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol- eigrp/13669-1.2F .cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15-mt- book/ire-wid-met. We recommend watching the following learning videos which cover the topics seen in this lab scenario.cisco.html  EIGRP Prefix Limit Support: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15-mt- book/ire-pre-ls.html  EIGRP Stub Routing: http://www. Part 1 and Part 2  Video Title: Classic EIGRP Authentication  Video Title: Classic EIGRP Key Chain Operations 69|P a g e Version 5.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15-mt- book/ire-enhanced-igrp.html  EIGRP: http://www.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15-mt- book/ire-eigrp-stub-rtg.cisco.html  EIGRP Wide Metrics: http://www.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/command/ire-cr-book.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.html  EIGRP Commands : http://www.cisco.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching Lab Exam.  Video Title: EIGRP  Video Title: EIGRP Neighbor Formation and Maintenance  Video Title: EIGRP Named Operation  Video Title: EIGRP Named Operation Authentication. Volume 1 iPexpert’s Recommended Reading Material  Introduction to EIGRP : http://www.cisco.

1: EIGRP Topology 70 | P a g e Version 5. The topology used in the lab will be the following: Diagram 11.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. You may also refer to the diagram located within your configuration files for topology information. Volume 1  Video Title: EIGRP Summarization (Classic)  Video Title: EIGRP Stub Routing  Video Title: EIGRP Stub Routing with Leak Maps Topology Details Logically connect and configure your network as displayed in the drawing below.

and complete the configuration tasks as detailed below. Make sure that the traffic from the spoke to spoke is not transiting by the hub. 2. Setup EIGRP routing in autonomous configuration mode with AS11 in this DMVPN network. R1. NOTE Load the initial configuration files before starting to work on the tasks. Make sure that there is full connectivity between loopbacks with the DMVPN network. and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes.x. 5. On R9.0. Advertise the loopbacks of R2 and R3 in the EIGRP process. DMVPN is the underlying used technology. On R6 and R9. Only the 12.1.1. and loopbacks of R2 should stay reachable. 6. 4. setup EIGRP routing in named configuration mode using AS11 and the name of “iPexpert”. R2 should advertise the 12. ensure that you can ping the loopback1 of R2 from the loopback0 of R9. Configuration for this task should be performed on R2.x/24 networks should be redistributed from connected into the routing protocol.2 bandwidth 100 000 kilobits per s delay 5 tens of microsecond reliability 255 load 20 mtu 1500 bytes 7. Configuration Tasks 1.0/16 network out to R1 with a metric using the following parameters: Table 11. R2. so R2 should not receive EIGRP query packets anymore. 71|P a g e Version 5. R2 is not transiting any traffic. Redistribute only the loopback0 on R1 in the EIGRP process. 8.2F . 3. Advertise the loopbacks of R6 and R9 in the EIGRP process.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Connect to the terminal server for the online rack. Volume 1 Lab 11 Setup  This lab is intended to be used with online rack access.

For instructor and developer support. Volume 1 9. Section 2 Copyright© iPexpert. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. Configure EIGRP HMAC-SHA-256 authentication between R6 and R9. 11. On R6. Volume 1. This concludes Lab 11 of iPexpert's CCIE Routing & Switching Workbook. Helpful Verification Commands  Show ip eigrp interfaces [detail]  Show ip eigrp neighbors [detail]  Show ip eigrp topology  Show ip protocols  Show eigrp protocols  Show ip eigrp traffic Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. Use a key chain called “keyiPexpert1” with 2 keys.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Do not take any other action when this max limit of 10 is exceeded. tear down the EIGRP neighborship relations when more than 20 prefixes are received by the EIGRP process. Use a key-string of “Password3”. 10. On R6. generate a syslog message when the maximum prefix limit of 10 has been accepted from the neighbor R9. Key 2 with a key-string of “Password2” will be used from 03:00:00 Jan 1 2015 onwards. Key 1 with a key-string of “Password1” is used since 03:00:00 Jan 1 2014 until 03:00:00 Jan 1 2015. Configure EIGRP authentication between R6 and R3. but can already be used one month before and is still valid one month after. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. and generate a syslog message when more than 10 prefixes have been accepted.2F . 12. All Rights Reserved. 72 | P a g e Version 5. but can be used since 03:00:00 Dec 15 2014.

The focus of this lab includes some more advanced EIGRP features. Load Balancing). Volume 1 Lab 12: Configure and Troubleshoot EIGRP (Part 2) Technologies Covered  Summarization with default routing  Summarization with leak-map  Summarization with floating default routing  EIGRP metric weights  TE  Unequal cost load balancing  EIGRP timers Overview You have been tasked to configure the routing reachability in your network using the EIGRP protocol.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. such as Summarization (with/without leak-maps). Estimated Time to Complete: 3 hours 73|P a g e Version 5.g. metric calculations and Traffic Engineering (e.2F .

cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15- mt-book/ire-enhanced-igrp.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15- mt-book/ire-sup-routemap.cisco.html . Volume 1 iPexpert’s Recommended Reading Material  EIGRP: http://www.  Video Title: Classic EIGRP Metrics  Video Title: EIGRP Wide Metrics and Diagnostics  Video Title: EIGRP Summarization (Default Routing)  Video Title: EIGRP Summarization (Leak Maps)  Video Title: EIGRP Summarization (Selective Leak Maps). Part 1 and Part 2  Video Title: EIGRP Unequal Cost Load Sharing  Video Title: EIGRP Hello Hold Timers  Video Title: EIGRP SIA Timer  Video Title: EIGRP Feasibility Condition and the Topology Table  Video Title: EIGRP Metric Manipulation for Traffic Engineering 74 | P a g e Version 5.GUID-C35AF8A8-B927-4A98-8EB9-D0E38A68CBBC iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching Lab Exam.cisco.html  EIGRP Support for Route Map Filtering: http://www.html  EIGRP Route Tag Enhancements: http://www. We recommend watching the following learning videos which cover the topics seen in this lab scenario.2F .com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15- mt-book/ire-en-rou-tags.

1: EIGRP Topology 75|P a g e Version 5. The topology used in the lab will be the following: Diagram 12. Volume 1 Topology Details Logically connect and configure your network as displayed in the drawing below.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. You may also refer to the diagram located within your configuration files for topology information.2F .

configure summarization in a way that R6 only receives a default-route from R3. On R3. K3=1. configure summarization in a way that R7 receives from R4 a default-route and the loopback0 networks of R1. On R3. 11. Configuration Tasks 1. and complete the configuration tasks as detailed below. 7. Leak also the loopback 10. NOTE Load the initial configuration files before starting to work on the tasks. DMVPN is the underlying used technology. On R6. Advertise the loopback0 of R4 and R7 into the EIGRP process. and R3 in the EIGRP process using network statements. Setup EIGRP routing in autonomous configuration mode with AS4 in this DMVPN network. 8. Use a floating route summarization. 3. Setup EIGRP routing between R3 and R5. configure summarization in a way that R5 only receives a default-route from R3. and R3. R2. check that you can ping the loopback of R9 using the loopback of R3 as a source. 10. 6. 4. R2. On R4. Advertise the loopback0 into the EIGRP process. and between the R4 and R7.1. and K5=0. Volume 1 Lab 12 Setup  This lab is intended to be used with online rack access. Setup EIGRP routing between R4 and R5.4. Setup EIGRP routing between R1 and R4. Advertise the loopback0 of R6 and R9 into the EIGRP process. Setup EIGRP routing between R3 and R6. Connect to the terminal server for the online rack. 2. check that you can ping the loopback of R7 using the loopback of R1 as a source. 9. check that you can ping the loopback of R9 using the loopback of R3 as a source. and between the R6 and R9. Advertise loopback0 on R1. 12. R2. On R3. In the whole EIGRP domain. K4=0. On R3. K2=0. 76 | P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes. configure the metric calculation to use K1=0. R1. 5. configure summarization in a way that R9 only receives a default-route from R6.2F . On R1.4.

configure a NSF during 5 minutes when the R6 NSF-capable router is undertaking a switchover. Helpful Verification Commands  Show ip eigrp interfaces [detail]  Show ip eigrp neighbors [detail]  Show ip eigrp topology  Show ip protocols  Show eigrp protocols  Show ip eigrp traffic Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. a delay of 256 on the link between R4 and R1. This concludes Lab 12 of iPexpert's CCIE Routing & Switching Workbook. 17. Configure R6 to send EIGRP hello packets every 1 s to R9. For instructor and developer support. 16. and a delay of 128 on the link between R3 and R5. Volume 1. 14. Section 2 Copyright© iPexpert. 15. In the EIGRP domain. Use off-set list when it is necessary. 77|P a g e Version 5. Volume 1 13. Configure bidirectional un-equal cost load-balancing between R4 and R5. a delay of 256 on the link between R1 and R3. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area.2F . On R9. Configure a delay of 512 on the link between R4 and R5. All Rights Reserved. ensure that a router that has not replied to an EIGRP Query packets for 2 minutes is declared Stuck in Active.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

2F . Volume 1 Lab 13: Configure and Troubleshoot EIGRP (Part 3) Technologies Covered  Stub routing with leak-map  Filtering with passive interfaces  Filtering with distribute-list  Filtering with offset-list  Filtering with AD  Filtering with route-maps  Bandwidth pacing  Neighbor logging  Router-id  Maximum hops Overview You have been tasked to configure the routing reachability in your network using the EIGRP protocol. Specifically. Estimated Time to Complete: 3 hours 78 | P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. route filtering will be tested along with some other EIGRP features such as Bandwidth Pacing or redistribution.

EIGRP: http://www. Volume 1 iPexpert’s Recommended Reading Material  EIGRP Stub Routing: http://www.  Video Title: EIGRP Stub Routing with Leak Maps  Video Title: EIGRP Equal Cost Load Sharing  Video Title: EIGRP Filtering (Standard ACLs)  Video Title: EIGRP Filtering (Extended ACLs)  Video Title: EIGRP Filter (Offset List)  Video Title: EIGRP Filter (Administrative Distance)  Video Title: EIGRP Filter (Route Maps)  Video Title: EIGRP Duplicate Router ID Detection  Video Title: EIGRP Filter (Maximum Hops)  Video Title: EIGRP Filter (Maximum Hops Named Operation) 79|P a g e Version 5.cisco.html  IP Routing .cisco.html  EIGRP Support for Route Map Filtering: http://www.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15- mt-book/ire-eigrp-stub-rtg.2F .cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15- mt-book/ire-sup-routemap.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. We recommend watching the following learning videos which cover the topics seen in this lab scenario.com/c/en/us/tech/ip/enhanced-interior-gateway-routing-protocol- eigrp/index.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.

80 | P a g e Version 5. Volume 1 Topology Details Logically connect and configure your network as displayed in the drawing below. The topology used in the lab will be the following: Diagram 13. You may also refer to the diagram located within your configuration files for topology information.1: EIGRP Topology Lab 13 Setup  This lab is intended to be used with online rack access. NOTE Load the initial configuration files before starting to work on the tasks.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. and complete the configuration tasks as detailed below. Connect to the terminal server for the online rack.

0/24. 9.1. and 10.0/24. R2. Configure EIGRP on the serial connection between R6 and R9. and R3 in the EIGRP process. make sure that the traffic is load-balanced between the serial interface and the ethernet interface. Use network statements.2F . Use network statements.0/24. create a filter based on ACL. Use the network statement. create filters based on ACL.5/32. 10.11. Use an extended access-list to achieve this. DMVPN Phase II is the underlying used technology. 15. R3 should use the E0/1 connection to reach 10. 6.0/24. 16. Configure EIGRP on the LAN between R1 and R4. Setup EIGRP routing in autonomous configuration mode with AS33 in this DMVPN network. R4 should use the Ethernet connection to reach 10. On R4. Between R3 and R6. 81|P a g e Version 5. Advertise the loopbacks of R9 in the EIGRP process except loopback 3. R3 should still advertise towards R1 the network 10. 14.6. 5. 11.9/32.11.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Configure EIGRP on the serial connection between R3 and R6.4.22. On R6. On R3. Make sure that the traffic is load-balanced on the 2 connections. R3 should use the serial 4/2 connection to reach 10. create a filter based on offset-list.1. 3.4/32.9.9. Volume 1 Configuration Tasks 1. R2.11. and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes. Use a standard access-list to achieve this.6.1.33. redistribute all connected interfaces into the EIGRP process.5. Configure R2 and R3 as stub routers that advertise connected and summary routes.5. R4 should use the serial connection to reach 10. 7.33. 10. Configure a distribute-list with prefix-list to prevent R1 from learning the network 10. On R6. Use network statements.6. Advertise the loopbacks of R4 in the EIGRP process. 12.0/24. 4. On R4. Advertise the loopbacks of R5 in the EIGRP process. 8.0/24.6. 2. Configure EIGRP on the connection between R4 and R5. create a filter based on offset-list. R1. Configure a distribute-list with prefix-list to prevent R1 from advertising the network 10. Configure EIGRP on the LAN between R3 and R6. 13. Advertise the loopbacks of R1.

Configure R1 not to install the route 10.1. 18. 19. make sure that EIGRP control traffic cannot exceed 25% of the bandwidth.9. there is a preconfigured static route to 172. 24. configure the EIGRP process to reject EIGRP packets that have transited over more than 10 hops. On the serial connection between R4 and R5. All Rights Reserved.2F .0/24. Redistribute this static route into EIGRP and tag this route with a tag of 666.22. configure the EIGRP process to reject the 10. The R4 and R5 routers should log EIGRP neighbor relationship changes. Volume 1. 23. On R6. Manipulate AD.11. 82 | P a g e Version 5. On R9.0/24 network. On R6 and R9. 20. This concludes Lab 13 of iPexpert's CCIE Routing & Switching Workbook. Volume 1 17. 22. For instructor and developer support.4.16. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. You are only allowed to change the EIGRP router-id.9 and redistribute the loopback3 into EIGRP.0/24. On R9.9. configure an EIGRP router-id as 9.9. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. 21. Helpful Verification Commands  Show ip eigrp interfaces  Show ip eigrp neighbors  Show ip eigrp topology  Show ip protocols  Show ip eigrp traffic Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. Filter this route out on R6 based on the tag 666. Section 2 Copyright© iPexpert.

Volume 1 Lab 14: Configure and Troubleshoot OSPF (Part 1) Technologies Covered  DR/BDR  OSPF network types  OSPF path selection  OSPF per neighbor cost  OSPF auto-cost reference bandwidth  OSPF version 3 address-family support Overview You have been tasked to configure routing in a network using OSPF. you will have to know how OSPF Network Types affect routing in a DMVPN Cloud and how to correctly configure it given certain restrictions.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. you must also know how to manipulate link cost in OSPF and how to use IPv6 OSPF (OSPFv3) to carry IPv4 prefixes.2F . Estimated Time to Complete: 4 hours 83|P a g e Version 5. To properly solve this lab. In addition.

com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13685-13.  Video Title: OSPF Introduction and Architecture  Video Title: OSPF Database and LSA Types  Video Title: OSPF Adjacencies.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/9237-9.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.html  OSPF Neighbor Problems: http://www. Authentication.cisco.cisco.html  OSPF Design Guide: http://www.html  OSPF Neighbor States: http://www.2F .com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/7039-1.cisco.cisco. and Network Types  Video Title: Adjacency Forming Topology Details Logically connect and configure your network as displayed in the drawing below.cisco.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. You may also refer to the diagram located within your configuration files for topology information.html  OSPF FAQ: http://www.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/command/iro-cr-book.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13699-29.html  OSPF Commands & Features: http://www. We recommend watching the following learning videos which cover the topics seen in this lab scenario. Volume 1 iPexpert’s Recommended Reading Material  Configuring OSPF: http://www.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-mt/iro-15- mt-book/iro-cfg. The topology used in the lab will be the following: 84 | P a g e Version 5.cisco.

and complete the configuration tasks as detailed below.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. 85|P a g e Version 5. Volume 1 Diagram 14.1: EIGRP Topology Lab 14 Setup  This lab is intended to be used with online rack access. Connect to the terminal server for the online rack. NOTE Load the initial configuration files before starting to work on the tasks.2F .

On R5. R2. R2.236. 8. 7. you are not allowed to change the default network type and not allowed to modify the timers. and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes. Advertise only the loopback 0 of R6 into OSPF area 236. and R3 should always be elected as the BDR. R4. Do not use a network statement. Use the following global unicast addresses: 86 | P a g e Version 5. and R1 are also in a hub and spoke topology where R4 is the hub and R1 and R5 are the spokes. In the whole OSPF network. R4. 3. Volume 1 Configuration Tasks 1. check that you can ping the loopback of R6 sourcing from the loopback of R5. DMVPN is the underlying used technology. and R6.1. 5.0/24 into area 236 on R2.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. R1. R5. Configure OSPF process 1 area 0 in this network. The election of a DR should not take place.2 R1 Area 1 R2 Area 2 R3 Area 3 R4 Area 4 R5 Area 5 Check that you have full reachability between the loopbacks. R3. 9. R2 should always be elected as the DR. The election of a DR should take place in this network. especially on R2. The DR should always be on the hub router. We are going to have links faster than 100M in the network. Manipulate the OSPF cost so that R1 prefers R2 over R3 to reach the loopback of R6.2F . Multicast is not enabled on the DMVPN tunnels. and R5. configure loopbacks 0 as the OSPF router-ids and advertise loopback0 of the routers into OSPF in the following areas: Table 14. Configure OSPF process 1 area 0 in this network. check that you can ping the loopback of R5 sourcing from the loopback of R2. 4. DMVPN is the underlying used technology. On R1. 6. On routers R2 and R3. Configure OSPF version 3 area 0 for IPv4 between R6 and R9. R3. Configure the network 10. Do not configure anything under the interfaces. a gigaethernet link should have a cost of 1 and a fast ethernet link should have a 10. 2.

6/32 R9 20. Advertise the IPv4 address loopback1 of R6 and R9 into area 0 of the OSPF version 3 processes. Create the following IPv4 address loopback1: Table 14.5 R6 2001:bd8::6/64 R9 2001:bd8::9/64 12.1.4 R6 20.9/32 11.6. use the IPv6 following address for loopback0: Table 14. Helpful Verification Commands  Show ip protocols  Show ip ospf  Show ip ospf database  Show ip ospf interface [brief]  Show ip ospf neighbor 87|P a g e Version 5. If necessary.1.9. make sure that you can ping the loopback of R9 sourcing from the loopback of R6.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 Table 14. On R6.3 R6 s3/0 2001::6/64 R9 s3/0 2001::9/64 10.

For instructor and developer support.2F . please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. 88 | P a g e Version 5. Volume 1 Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. This concludes Lab 14 of iPexpert's CCIE Routing & Switching Workbook. Volume 1. All Rights Reserved. Section 2 Copyright© iPexpert.

such as Authentication.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. will be also tested in this scenario. Other OSPF features. and more. Volume 1 Lab 15: Configure and Troubleshoot OSPF (Part 2) Technologies Covered  Discontiguous area  Virtual-links  GRE tunnels  Non-backbone transit area  OSPF authentication  Flood reduction  Demand circuit  Summarization  Discard-route  Flood reduction Overview You have been tasked to configure OSPF as the routing protocol of your network. Summarization.2F . Estimated Time to Complete: 4 hours 89|P a g e Version 5. The knowledge of OSPF areas is required to successfully finish this lab. Flood reduction.

html  Configuring Route Summarization between OSPF Areas: http://www.3.html  OSPF Demand Circuit Feature: http://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/16437- ospfdbtoc.2F .html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching Technology Workbook. We recommend watching the following learning videos prior to completing this lab scenario.html  OSPF Commands & Features: http://www.cisco.  Video Title: OSPF Inter-Area Operations.GUID-E90BEE21-D50C-4D32-82F4-67C0C43543E1  Establishing Virtual Links: http://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/5132-dc.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/command/iro-cr-book.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13703-8.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.cisco.html .com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-mt/iro-15-mt- book/iro-cfg.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-mt/iro-15-mt- book/iro-cfg.html .html  What are OSPF areas and Virtual Links: http://www. and Virtual Links 90 | P a g e Version 5.GUID-F45462C5-D0CD-41AD-8D25-6E236494A9F6  Configuring OSPF Area Parameters: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-mt/iro- 15-mt-book/iro-cfg. Volume 1 iPexpert’s Recommended Reading Material  OSPF Database Explanation: http://www.cisco. Area Types.GUID-7E5D9BDB-F49C-49E6-9216-0566AB069269  OSPF Area Transit Capability: http://www.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-mt/iro-15- mt-book/iro-area-trans. and External Routes  Video Title: OSPF Area Types  Video Title: LSA Types 1.cisco.cisco.2.html .

Volume 1  Video Title: OSPF Stub Area Configurations  Video Title: OSPF Adjacencies. The topology used in the lab will be the following: 91|P a g e Version 5. You may also refer to the diagram located within your configuration files for topology information. Authentication and Network Types  Video Title: OSPF Summarization and Filtering  Video Title: OSPF Advanced Configuration and Filtering Topology Details Logically connect and configure your network as displayed in the drawing below.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.1: OSPF Topology Lab 15 Setup  This lab is intended to be used with online rack access.2F . and complete the configuration tasks as detailed below. Connect to the terminal server for the online rack. 92 | P a g e Version 5. Volume 1 Diagram 15.

12. and R3 should present in the OSPF database of R1 as LSAs type 1. The election of a DR should take place in this network. Use an IP address of 36. Volume 1 NOTE Load the initial configuration files before starting to work on the tasks. DMVPN is the underlying used technology.236.5/32 to be part of area 45. 4. Ensure that there is IP connectivity between loopback0 of R7 and the loopback0 of R2.1. Without modifying any OSPF costs. and R3.6/24 when necessary. R1. R2.0/24 into area 14 on R1 and R4. Configure the network 10.1.0/24.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. ensure that the trace route is using the R7. 8.1.1. Add the loopback0 of R7 into the area 47 process as a network statement. Configuration Tasks 1. Configure an OSPF cost of 60000 on the interfaces belonging to the network 10.5. Configure area 236 as a stub area.2F . 13. Configure OSPF process 1 area 0 in this network. R4. On R7. The DR should always be on the hub router.0/24 to be part of area 0.1. Configure the network 10. and R6. 10.3/24 and 36. 7. 3. The loopback0 networks of R1.47.0/24 into area 69 on R6 and R9. and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes. The path through R3 should be used. R2. Configure the network 10.14. Configure the network 10. 2. Add the loopback0 of R4 into the area 14 process as a network statement.0. Ensure that there is IP connectivity between loopback0 of R9 and the loopback0 of R1. Configure the network 10.0/24 into area 47 on R4 and R7.45. Add the loopback0 of R9 into the area 69 process as a network statement.0/24 into area 236 on R2.0.1. 9. 93|P a g e Version 5. as a transit. and R3 path. Configure the network 10. 6. 5. we can observe that the trace route is following the path R7. The routing is using a non- backbone area. R4.69.0. 11.35.1. when performing a trace route from the loopback of R7 to the loopback of R3. as the transit area is a stub area. Do not use a virtual-link.0.1. R5.14. that is to say area 45.0/24 and the network 10. Redistribute only the loopback0 of R6 into the area 236. R3. R1.

OSPF process is reflooding by default every LSAs every 30 minutes. The key value should be set to 2 and the password to “iPexpert2015”. OSPF should not exchange periodic hellos and periodic refreshes of LSAs over the point-to-point connection between R6 and R9. redistribute the pre-configured routes into OSPF and make sure that they appear as one routing entry in the routing table in all other OSPF routers. 94 | P a g e Version 5.9/16 Loopback 10 10. 23.2F . 19.9. Use internal summary. 22. On R5.2 Loopback 8 10. Configure MD5 authentication only on the connection between R5 and R3. On R6. 17. 18.9.8.9/16 20. The key value should be set to “iPexpert”. Configure area 45 in a way that LSAs never age out in this area. 16.9/16 Loopback 9 10. 21.9. Configure the following loopbacks on R9: Table 15. Volume 1 14.9. On R9. Configuration can only be applied on R9. This should not be necessary for LSAs sent out of the two serial interfaces on R5. Those 3 loopbacks should be seen in the area 0 routing table as a single summary network. Protect the connection between R5 and R4 with the Null authentication. Configure plain-text authentication on the connection between R6 and R9. configure authentication under the routing process.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.10. Make sure that this authentication is enforced even if this is an on-demand circuit. ensure that the summary route created in Task 20 is not present in the routing table pointing to Null0. 15.

please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. This concludes Lab 15 of iPexpert's CCIE Routing & Switching Workbook. Section 2 Copyright© iPexpert.2F . 95|P a g e Version 5. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. For instructor and developer support.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 Helpful Verification Commands  Show ip protocols  Show ip ospf  Show ip ospf database  Show ip ospf interface  Show ip ospf neighbor Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. All Rights Reserved. Volume 1.

Estimated Time to Complete: 4 hours 96 | P a g e Version 5. FA Suppression and Reliable Conditional Default Routing are also part of this lab. Other features.2F . Volume 1 Lab 16: Configure and Troubleshoot OSPF (Part 3) Technologies Covered  Stub area  Totally not so stubby area  NSSA  NSSA type 5 to type 7 translation  LSA filtering  FA Suppression  Reliable conditional default routing Overview The knowledge of implementation OSPF Area Types is critical for this lab.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. You have to know the differences between the Stub/Total Stub/NSSA areas and how they affect redistribution in general. like LSA Filtering.

html .html  OSPF NSSA: http://www.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13703-8.cisco.html  How OSPF Injects a Default Route into a Normal Area: http://www.html  OSPF ABR Type 3 LSA Filtering: http://www.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/47869- ospfdb10.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/47868- ospfdb9.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/command/iro-cr-book.cisco.html  How does OSPFgenerate Default Routes: http://www.html  OSPF Commands & Features: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-mt/iro-15-mt- book/iro-abr-type-3.html  Configuring OSPFv2 NSSA: http://www.2F .com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-mt/iro-15-mt- book/iro-cfg.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-mt/iro-15-mt- book/iro-cfg. Volume 1 iPexpert’s Recommended Reading Material  OSPF Areas and Virtual Links: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-mt/iro-15-mt- book/iro-for-add-sup.cisco.GUID-9270D0BB-AE66-4589-B5A8-23DB1224EFF0  Reducing LSA Flooding: http://www.html  How OSPF Injects a Default Route into a Not So Stubby Area: http://www.cisco.cisco.GUID-33666AA8-7396-4E2A-B5C2-69C2DF992FC6  OSPF Forwarding Address Suppression: http://www.html 97|P a g e Version 5.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/47870- ospfdb11.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13692- 21.cisco.html .cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/6208-nssa.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.html  How OSPF Injects a Default Route into a Stub or Totally Stub Area: http://www.cisco.

5. The topology used in the lab will be the following: 98 | P a g e Version 5. You may also refer to the diagram located within your configuration files for topology information. Volume 1 iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam. and 7  Video Title: OSPF Advanced Configuration and Filtering  Video Title: OSPF Stub Area Configurations  Video Title: OSPF Inter-Area and External Routes in the Database  Video Title: OSPF Forward Address Topology Details Logically connect and configure your network as displayed in the drawing below.  Video Title: OSPF Area Types  Video Title: OSPF Summarization and Filtering  Video Title: OSPF LSA Types 4.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. We recommend watching the following learning videos which cover the topics seen in this lab scenario.2F .

1: OSPF Topology Lab 16 Setup  This lab is intended to be used with online rack access. Volume 1 Diagram 16. Connect to the terminal server for the online rack.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. NOTE Load the initial configuration files before starting to work on the tasks.2F . and complete the configuration tasks as detailed below. 99|P a g e Version 5.

DMVPN is the underlying used technology. configure the network 10.1. Area 35 is a totally NSSA area. redistribute the static routes configured in Task 5 (except loopback2) into OSPF. Get OSPF routing up and routing with process 1 area 0 in this DMVPN network.11. Redistribute loopback1. The election of a DR should not take place in this network. and R3 into the area 0 process as network statements. On R6. R9 should be configured with a default route. 5. R2. 4. and loopback2 networks of R9. In the routing-table of R1. configure the network 10.0/24 using a summary-address command.236. Add the loopback0 of R1. R2. 11.0/24 as part of OSPF area 35. the only IA OSPF-learned route should be a default route with the ABRs as the next-hop.35. On R6. Inject the loopback0 of R5 into the area 35 process as a network statement. Area 236 is a totally Not-so-stub area having two ABRs to area 0. Block the LSA 7 to LSA 5 translation for the network 10. On R3 and R5. ensure that you can ping the loopback0 and loopback1 of R9 from the loopback0 of R1 as a source. and R6. 10. The cost of the default route to R2 should be modified and this cost should be the default cost +1. you can ping to the loopback0 of R9 with the ping sourcing from loopback 4 of R5. In the R6 routing-table. ensure that the default route in the R6 routing table is using R3 as a next hop. loopback1.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.1. and loopback4 of R5 into the area 35 each as a N2 route and each with a metric of 55.11.0/24 should show as E2.2F . R3. Filter the forwarding address for the type-7 LSAs originated at R5 using the area 35 range not-advertise in command on the ABR. Configure Area 14 in a way that it does not receive any LSA 5 updates. On R1.1. 6. 7.5. 100 | P a g e Version 5. 12. loopback2. Ensure full reachability and test that you can ping from R4 the loopback 0 of R9 from the loopback 0 of R4 as a source. Do not modify any OSPF timers.1. 9.9. Add the loopback0 of R6 into the area 236 process as a network statement. On R1 and R4. Volume 1 Configuration Tasks 1. loopback3.9. configure the network 10.14. 13. Add loopback0 of R4 into the area 14 process as a network statement.0/24 as part of OSPF area 236. Make sure that on R5. R1. 2. 10.0/24 should show as E1 and 10. configure static routing to ensure the reachability of the loopback0. 3. and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes. By manipulating OSPF cost. 8. On R2.0/24 as part of OSPF area 14.

21. Volume 1 14. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide.2F . This default route should be redistributed into OSPF only if the network 10. 15. Instruct R3 to become the forwarding address itself and check that the IP address reachability is restored. that is to say check that you can ping to the loopback0 of R9 with the ping using as a source the loopback4 of R5. 101|P a g e Version 5. On R1.5. in a reliable way. Use IP SLA to track. This concludes Lab 16 of iPexpert's CCIE Routing & Switching Workbook. Volume 1.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.0/24 is present in the routing table of R1. Section 2 Copyright© iPexpert. For instructor and developer support. All Rights Reserved. You are allowed to add one static route in this task. there is a default route pre-configured. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. Helpful Verification Commands  Show ip protocols  Show ip ospf  Show ip ospf database  Show ip ospf interface  Show ip ospf neighbor  Show ip ospf border-routers Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. this network.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. along with other OSPF features such as Timers Optimization and Resource Limiting. Various filtering methods (ACLs.2F . Volume 1 Lab 17: Configure and Troubleshoot OSPF (Part 4) Technologies Covered  Filtering with distribute-lists  Filtering with discard-route  Filtering with administrative distance  Filtering with route-maps  NSSA ABR external prefix filtering  Database filtering  Stub router advertisement  OSPF timers optimization  Resource limiting Overview In the last lab for OSPF you will be mostly dealing with route filtering. prefix-lists. route-maps) will be tested. Estimated Time to Complete: 4 hours 102 | P a g e Version 5. AD manipulations.

html  OSPF Link-State Database Overload Protection: http://www.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-mt/iro- 15-mt-book/iro-lk-state-db.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/command/iro-cr-book. and 7  Video Title: OSPF Stub Area Configurations  Video Title: OSPF Summarization and Filtering  Video Title: OSPF Advanced Configurations and Filtering Topology Details Logically connect and configure your network as displayed in the drawing below. The topology used in the lab will be the following: 103|P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F . Volume 1 iPexpert’s Recommended Reading Material  OSPF Inbound Filtering Using Route Map with a Distribute List: http://www. You may also refer to the diagram located within your configuration files for topology information.  Video Title: Area Types  Video Title: LSA Types 4.cisco. We recommend watching the following learning videos that cover the topics seen in this lab scenario.cisco.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.html  OSPF Stub Router Advertisement: http://www.cisco.5.cisco.html  OSPF Commands & Features: http://www.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-mt/iro-15-mt- book/iro-stub-router.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-mt/iro-15-mt- book/iro-inbound.

1: OSPF Topology Lab 17 Setup  This lab is intended to be used with online rack access. 104 | P a g e Version 5. and complete the configuration tasks as detailed below. Connect to the terminal server for the online rack. Volume 1 Diagram 17.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F . NOTE Load the initial configuration files before starting to work on the tasks.

5 from the loopback 0 of R3.6. the network 10. R2. Confirm that you can ping from R3 the loopback0 of R5 10. 6.0.2. Make sure that R2 is still having full reachability.9. Redistribute this default route into OSPF area 0. 4. 11. DMVPN is the underlying used technology.1. loopback2. loopback3. R2. Distribute loopback1.36. 2. Ensure that the loopback0 network of R1 is not included by the OSPF process in the routing table of R9.2F . On R5. Use point-to-multipoint network type on the hub and the 2 spokes. Configure OSPF process 1 area 0 in this network.9/32 should be filtered out and not be propagated.0/24 into area 0 on R3 and R6. Configure the following router-ids and make sure that they are in use by the process.1. 105|P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Use distribute-list and access-list.1. and loopback4 of R9 into the area 69 process as E2 type. On R3.6.3. Volume 1 Configuration Tasks 1.69. Table 17.9. 9. and R6 should present in the OSPF database of R1 as LSAs type 1.3 R6 6.0/16 within the area 69. On R1.6 R9 9. 3.9 7. configure the area 0 to advertise a summary network of 10. R1.5. 5. Configure the network 10. On R9. On the ABR R6. R3. Use prefix-list and distribute-list.21. 10. 8. The loopback 0 networks of R1.3.0/24 into area 69 on R6 and R9. Configure network 10. configure a default route pointing to R3. prevent the flooding of link-state advertisements to R2 by using the database-filter all out command applied to a neighbor.2 R1 1. and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes.9.1.1. Use network statement to advertise loopback0. configure a default route pointing to R5.1.2.2 R3 3.1 R2 2.

15.1. set the following rate-limit values for LSA advertisement: Table 17. On R9. in order to improve convergence. Try to ping loopback0 of R5 from loopback0 of R9. Use prefix-list and area filter-list. 18.41. Use summary-address command. 14.9/32 should be present in the OSPF database but not in the routing table. the default route is not being used and the ping is failing. 19. On R9. Configure R6 so that R1 doesn’t receive the 10. filter the 10.4.22. redistribute all connected interfaces into OSPF. Volume 1 12. On R1. On R9. On R9.1.9. Ensure that this 10.0. 106 | P a g e Version 5. the network 10.2F . enable incremental SPF. Configure a NSSA area 14 between R1 and R4.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.4.4/32 and 10.0.4 Spf-start 10 ms Spf-hold 4800 ms Spf-max-wait 90000 ms 21.9/32 prefix. Manipulate the administrative distance to achieve this. 13. 17. Check that IP reachability is still working between the OSPF advertised prefixes once this feature is enabled.9.0/16 is suppressed.3 Start-interval 10 ms Hold-interval 100 ms Max-interval 5000 ms 20. On R1. 22.11. Configure on all the routers a feature that will remove the transit networks from the OSPF database.0/16 route on the ABR.1. Because of the presence of a 10. 16. configure the minimum interval for accepting the same LSA to 80 ms. configure OSPF throttling timers: Table 17.4/32 out and let the other networks coming from area 14 advertise to the area 0. On R9. On R4. configure OSPF Update flood packet-pacing to 5 ms.

please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. First warning should be sent when 80% of the threshold is reached. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. 24. This concludes Lab 17 of iPexpert's CCIE Routing & Switching Workbook. limit to 1000 the number of non-self-generated LSAs the OSPF routing process can keep in the OSPF database.2F . Section 2 Copyright© iPexpert. All Rights Reserved.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. On R9. For instructor and developer support. Volume 1 23. Volume 1. Helpful Verification Commands  Show ip protocols  Show ip ospf  Show ip ospf database  Show ip ospf interface  Show ip ospf neighbor Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. 107|P a g e Version 5. R9 should fire up a syslog message when more than 3 prefixes are redistributed.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. RIP. Estimated Time to Complete: 4 hours 108 | P a g e Version 5. Route Reflection will be also tested in this scenario. Volume 1 Lab 18: Configure and Troubleshoot BGP (Part 1) Technologies Covered  EBGP peering  EBGP multihop  EBGP Disable-connected-check  Update source  iBGP peering  Route Reflector Overview You have been tasked to configure routing in your network using multiple protocols . EIGRP. iBGP and eBGP.OSPF.2F . BGP is the focus of this lab – you will be asked to configure peerings between directly and non-directly connected routers.

com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt- book/irg-basic-net. We recommend watching the following learning videos which cover the topics seen in this lab scenario.cisco.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt- book/cisco_bgp_overview.html  BGP 4: http://www.  Video Title: BGP Overview and Architecture  Video Title: BGP Peering – External and Internal  Video Title: BGP Route Reflectors and Confederations  Video Title: BGP Lecture 109|P a g e Version 5. Volume 1 iPexpert’s Recommended Reading Material  Cisco BGP Overview: http://www.cisco.cisco.html  BGP Case Studies: http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13751-23.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt- book/irg-bgp4.html  Configuring a Basic BGP Network: http://www.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/5816-bgpfaq- 5816.html  Sample Configuration for iBGP and eBGP With or Without a Loopback Address: http://www.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt- book/irg-int-features.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/26634-bgp- toc.cisco.cisco.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.html  BGP FAQ: http://www.html  Configuring Internal BGP Features: http://www.

NOTE Load the initial configuration files before starting to work on the tasks.2F . You may also refer to the diagram located within your configuration files for topology information. The topology used in the lab will be the following: Diagram 18. Connect to the terminal server for the online rack. 110 | P a g e Version 5. 2. Volume 1 Topology Details Logically connect and configure your network as displayed in the drawing below. Routing between R1 and R5 should be configured with RIP version 2. Configure an eBGP peering between R1 in AS 1 and R5 in AS 65001. Configuration Tasks 1. This peering should be established between the loopback0 of each router. Loopback0 reachability has to be achieved thanks to this protocol.1: BGP Topology Lab 18 Setup  This lab is intended to be used with online rack access. and complete the configuration tasks as detailed below.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

Advertise the loopback0 of R4 into OSPF. This peering should be established between the loopback0 of each router. Loopback0 reachability has to be achieved thanks to this method. and into OSPF. Advertise the loopback0 of R3 in BGP using a network statement. This peering should be established between the loopback0 of each router. 4. Loopback0 reachability has to be achieved thanks to this method. 111|P a g e Version 5. Configure OSPF area 0 on R5 to R4 connection. 16. use the ebgp multihop command. 18. do not use the ebgp multihop command. 7. Make sure you can still ping from R3’s loopback0 to R7’s loopback1. 13. Configure iBGP peering between R4 and R2. Advertise loopback0 of R9 into BGP using a network statement. 15. Configure an eBGP peering between R2 in AS 65001 and R7 in AS 7. Configure OSPF area 0 on the R2 to R5 connection. Routing between R2 and R7 should be configured with EIGRP.2F . You are not allowed to use the redistribute command but you can add a single default route in this task. Configure an eBGP peering between R4 in AS 65001 and R9 in AS 9. Routing between R4 and R9 should be configured with static routes. Advertise loopback1 of R7 in BGP using a network statement. 12. 14. Enable synchronization on R5. 17. Configure iBGP peering between R2 and R5. Make sure that the ping from R3 to R7 is up and running. Loopback0 reachability has to be achieved thanks to this protocol.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. This peering should be established between the loopback0 of each router. Use the minimum number of hops necessary in the ebg-multihop command. This peering should be established between the loopback0 of each router. Use of static routes on R8 is required. 5. Advertise the loopback0 of R2. 6. This peering should be established between the loopback0 of each router. On the peering between R1 and R5. 9. Volume 1 3. Configure an eBGP peering between R3 in AS 3 and R5 in AS 65001. Advertise the loopback1 of R1 in BGP using a network statement. Check that you can ping from R2 to the loopback1 of R7. 10. On the peering between R3 and R5. Configure R2 as a route-reflector for R4 and R5. 11. Routing between R3 and R5 should be configured with static routes. R5. 8.

please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. Section 2 Copyright© iPexpert. configure R2 and R6 as part of a RR cluster with cluster-id 1. All Rights Reserved.R6 and R4 . 21. 112 | P a g e Version 5. Helpful Verification Commands  Show ip bgp  Show ip bgp neighbor  Show ip bgp protocols  Show ip bgp paths  Show ip bgp summary Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. Volume 1 19. For redundancy. 20.R6. Advertise loopback0 of R6 into OSPF. For instructor and developer support. Configure OSPF area 0 on connections R2 . make sure that you can ping from loopback1 to loopback0 of R3. This concludes Lab 18 of iPexpert's CCIE Routing & Switching Workbook. and R9.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. On R7. Volume 1. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide.2F .

Confederations will have to be deployed and connectivity restored with the aid of GRE. Volume 1 Lab 19: Configure and Troubleshoot BGP (Part 2) Technologies Covered  Next-hop-self  BGP next-hop with route-map  BGP Confederation  GRE tunnels Overview In the second lab for BGP you will be tasked to manipulate the Next Hop attribute. Estimated Time to Complete: 4 hours 113|P a g e Version 5.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 iPexpert’s Recommended Reading Material  Configuring BGP Route Map with Next-Hop Self: http://www.html  BGP Case Studies: http://www.  Video Title: BGP Introduction  Video Title: BGP Route Reflectors and Confederation Configuration  Video Title: BGP Peering – External and Internal  Video Title: BGP Filtering and Manipulation Topology Details Logically connect and configure your network as displayed in the drawing below. The topology used in the lab will be the following: 114 | P a g e Version 5.html .com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt- book/irg-int-features.cisco.reference_7C7E244EE3FF41E194AB15277BD80C90  Configuring Internal BGP Features: http://www.cisco. We recommend watching the following learning videos which cover the topics seen in this lab scenario.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt- book/irg-int-features.cisco.2F .com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/26634-bgp- toc. You may also refer to the diagram located within your configuration files for topology information.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.

Volume 1 Diagram 19. 4. but make sure that EIGRP route is more preferred. Routing between R6 and R9 should be configured with static routes. Configure an eBGP peering between R4 in AS 65019 and R7 in AS 7. Configuration Tasks 1.2F . This peering should be established between the loopback0 of each router. Loopback0 reachability has to be achieved thanks to this protocol. Connect to the terminal server for the online rack. Loopback0 reachability has to be achieved thanks to this method. 2. Advertise loopback0 of R7 into BGP using a network statement. NOTE Load the initial configuration files before starting to work on the tasks.1: BGP Topology Lab 19 Setup  This lab is intended to be used with online rack access.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. and complete the configuration tasks as detailed below. 115|P a g e Version 5. Routing between R4 and R7 should be configured with EIGRP. 3.

Loopback0 reachability has to be achieved thanks to this protocol. 21. This peering should be established between the loopback0 of each router. 6. Advertise loopback0 of R8 in BGP using a network statement. Do not advertise anything else into OSPF. Advertise the loopback0 of R4 and R6 into OSPF using a network statement. Use of 2 static routes is allowed. you should be able to ping from R8 to the loopback0 of R7 with the ping sourced from the loopback0 of R8. 15. R7. Reconfigure routers R2. 16. 7. and R4 are part of confederation with ID 46. and R9. 18. Configure iBGP between R4 and R6. Ensure full reachability between R1. Routing between R8 and R2 should be configured with EIGRP. Routing between R5 and R1 should be configured with RIP. Configure OSPF area 0 only between R4 and R6. 11. 116 | P a g e Version 5. 19. Advertise loopback0 of R1 in BGP using a network statement. Use a route-map to enable the IP connectivity between the loopback0 of R1 and the loopback0 of R8. 17. R8. 13. Configure eBGP peering between R1 in AS 1 and R5 in AS 65019. 20. Advertise loopback0 of R9 in BGP using a network statement. Volume 1 5. Do not advertise anything else into OSPF. 14. Loopback0 reachability has to be achieved thanks to this protocol. This peering should be established between the loopback0 of each router. R2 and R5 are part of confederation with ID 25. R5 and R6. Configure an eBGP peering between R6 in AS 65019 and R9 in AS 9. As an example. Configure iBGP between R5 and R2. 22. Configure an OSPF cost of 10 on this link. 10. Advertise the loopback0 of R5 and R2 into OSPF using a network statement. Use next-hop-self to enable IP connectivity between loopback0 of R7 and the loopback0 of R9. R4. 9.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Configure OSPF area 0 between R5 and R4. R6. Configure an eBGP peering between R2 in AS 65019 and R8 in AS 8. This peering should be established between loopback0 of each router. 8. Configure OSPF area 0 only between R5 and R2. 12.2F .

Helpful Verification Commands  Show ip bgp  Show ip bgp neighbor  Show ip bgp protocols  Show ip bgp paths  Show ip bgp summary Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. Use the network 10. 24. 25. Make sure that you are again able to ping from R8 to the loopback0 of R1 with the ping sourced from the loopback0 of R8. Volume 1. All Rights Reserved. Configure OSPF area 0 on the connection between R2 and R3 with an OSPF cost of 1. and R8 and R9. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. Section 2 Copyright© iPexpert.145. For instructor and developer support. This concludes Lab 19 of iPexpert's CCIE Routing & Switching Workbook.1. R8 and R7. Configure OSPF area 0 on the connection between R5 and R3 with an OSPF cost of 1. You are not allowed to redistribute BGP routes into OSPF.0/24 for the tunnel interfaces and two static routes. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. Restore the IP connectivity between R8 and R1. 117|P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F . Volume 1 23.

Origin and MED attributes. AS Path. To successfully finish this scenario you have to know what is the purpose of Weight.2F . Volume 1 Lab 20: Configure and Troubleshoot BGP (Part 3) Technologies Covered  Weight  Local Preference  As-path prepending  Origin  MED  Always compare MED  AS-path ignore  Maximum AS Limit Overview The focus of this lab is BGP Attribute manipulations. and how to configure/modify them. Estimated Time to Complete: 4 hours 118 | P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Local Preference.

com/articles/article.ciscopress.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15- mt-book/connecting_to_a_service_provider_using_external_bgp.cisco.2F .asp?p=1565538&seqNum=4  Connecting to a Service Provider using External BGP: http://www.cisco.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. You may also refer to the diagram located within your configuration files for topology information. We recommend watching the following learning videos that cover the topics seen in this lab scenario.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/16046-bgp- med. The topology used in the lab will be the following: 119|P a g e Version 5.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.cisco.html BGP Deterministic MED vs Always Compare MED: http://www.html  BGP and Internet Connectivity: http://www.  Video Title: BGP Route Propagation Control  Video Title: BGP Filtering & Manipulations  Video Title: BGP Attributes and Best-path Selection Process Topology Details Logically connect and configure your network as displayed in the drawing below.html  BGP MED for Path Selection: http://www.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13759-37.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13753-25. Volume 1 iPexpert’s Recommended Reading Material  BGP Best Path Selection Algorithm: http://www.

Configure an eBGP peering between R6 in AS 65002 and R8 in AS 8. 120 | P a g e Version 5. Configure an iBGP peering between R4 and R7 in AS 65001. 3.1: BGP Topology Lab 20 Setup  This lab is intended to be used with online rack access.1.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Make sure that the 10. Connect to the terminal server for the online rack. NOTE Load the initial configuration files before starting to work on the tasks. Volume 1 Diagram 20. Configuration Tasks 1. and complete the configuration tasks as detailed below.78.1. 2. Configure an eBGP peering between R4 in AS 65001 and R6 in AS 65002.46.0/24 network and that the network 10.0/24 is carried in the BGP updates with an origin of i.2F .

advertise the network 10. Volume 1 4. You don’t have to test connectivity in this task.1. Configure an eBGP connection between R2 and R3 in AS 3.3. Change the configuration on R7 and use a route-map called LOCALPRF_RM. On R6. modify the origin of route 10. The loopback0 of R2 should be present in the BGP database with an origin attribute of incomplete. Use a prefix-list called WEIGHT_PL and a route-map called WEIGHT_RM.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.1. 16.0/24 with a network statement.1. Advertise loopback0 and loopback1 of R3 using network statements.1.6. 9. Redistribute the EBGP next-hop into OSPF area 0.3/32.2F .1. 12.1. 121|P a g e Version 5. Configure R3 and use the prefix-list called MED_PL 2 and a route-map called MED_RM2. Use a prefix-list called ORIGIN_PL and a route-map called ORIGIN_RM.11.3. 6. 8.4/32 is pointing towards R6. 10.4. 14. Ensure that the traffic is routed via R6 to reach network 10. On R2 and R6. The loopback0 of R8 should be present in the BGP database with an origin attribute of IGP. The loopback0 of R4 should be present in the BGP database with an origin attribute of incomplete. Configure R8 so that the traffic originated on R6 is going through AS 65001 to reach the network 10.6/32 loopback. 18.8/32. Configure OSPF area 0 between R6 and R2. Use a MED value of 200. 10. 15. 5. 19.8 route via R8 should have the following AS-path attribute: 8 8 8 8 i.8.26.26. manipulate the weight attribute so that the route to 10. Ensure that the traffic is routed via R2 to reach network 10. Configure iBGP connection between R6 and R2 – use AS 65002. 17. The loopback0 of R6 should be present in the BGP database with an origin attribute of incomplete. In order to reach the 10. On R3. routers in AS 65001 should route the traffic over R8 through AS 8. The loopback0 of R7 should be present in the BGP database with an origin attribute of internal.1. Redistribute the EBGP next-hop into OSPF area 0. 11. On R8. 7.8.0/24 and ensure that this route is reached primarily through R6. Use a prefix-list called PREPEND_PL and a route-map called PREPEND_RM. Configure an eBGP connection between R6 and R3 in AS 3. Configure R3 and use the prefix-list called MED_PL 6 and a route-map called MED_RM6. Use a MED value of 300. 20. 13. Configure an eBGP peering between R8 in AS 8 and R7 in AS65001.3.

7/32 network has to point towards R4 and not transit through AS 65002 anymore.1. prepend the AS 65001 4 times when advertising the network 10. On R5.6. 26. The route from R5 to the loopback0 should now be transiting through AS 65002.1.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. 24. 23. On R6. Configure an eBGP connection between R2 and R5 (AS 5) and between R4 and R5. On R4. 22. 25. 27. that is to say the route to R6 is pointing to R7 on R4.7.0/24 using a network statement.7/32 to R5. the AS-path attribute should be ignored and the route to the 10. On the peering between R2 and R5. advertise the network 10.22. Helpful Verification Commands  Show ip bgp  Show ip bgp paths  Show ip bgp summary  Show ip bgp neighbor 122 | P a g e Version 5. This network should be advertised to router R4 using the MED 500 and prepending one more AS in the AS-path. A syslog message should be sent when more than 40 BGP updates are advertised from R5 to R2.7. Use MED to achieve this. shut down the peering if more than 50 BGP updates are advertised from R5 to R2. Advertise the loopback of R5 into BGP with an origin of “?”.2F . Use a prefix-list called ALWAYSCOMPMED_PL and a route-map called ALWAYSCOMPMED_RM. Volume 1 21. Configure R4 and ensure that R4 always prefers the route with the lowest MED.

For instructor and developer support. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. 123|P a g e Version 5. Section 2 Copyright© iPexpert. Volume 1. All Rights Reserved. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. This concludes Lab 20 of iPexpert's CCIE Routing & Switching Workbook. Volume 1 Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area.

such as Attribute/Advertise maps and Communities.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Other advanced features will also have to be configured.2F . Volume 1 Lab 21: Configure and Troubleshoot BGP (Part 4) Technologies Covered  Aggregation  Summary-only  Suppress-map  Unsuppress-map  AS-set  Attribute-map  Advertise-map  Community no-export  Community local-AS  Community no-advertise Overview Aggregation (along with suppress/unsuppress maps) is the main focus of this scenario. Estimated Time to Complete: 4 hours 124 | P a g e Version 5.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13750-22. We recommend watching the following learning videos that cover the topics seen in this lab scenario.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt- book/irg-int-features.cisco. The topology used in the lab will be the following: 125|P a g e Version 5.html  Understanding Route Aggregation in BGP: http://www.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.html  How to Block One or More Networks from a BGP Peer: http://www.2F .cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/5441- aggregation. Volume 1 iPexpert’s Recommended Reading Material  Configuring Internal BGP Features: http://www. You may also refer to the diagram located within your configuration files for topology information.  Video Title: BGP  Video Title: BGP Route Propagation Control  Video Title: BGP Aggregation and Filtering  Video Title: BGP Filtering Using ACLs and Prefix Lists Topology Details Logically connect and configure your network as displayed in the drawing below.

NOTE Load the initial configuration files before starting to work on the tasks.1: BGP Topology Lab 21 Setup  This lab is intended to be used with online rack access. 4. 2. R3 has to advertise a summary route representing the loopback1. Configure an iBGP peering between R2 and R6 in AS 65001. loopback3 and the loopback4 addresses of R3. Connect to the terminal server for the online rack.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. The aggregate address command cannot be used. loopback2.2F . 3. and complete the configuration tasks as detailed below. 126 | P a g e Version 5. Volume 1 Diagram 21. Configure an eBGP peering between R3 in AS 3 and R6. Configure an eBGP peering between R3 in AS 3 and R2. Configuration Tasks 1.

loopback23 and the loopback24 addresses of R3. R3 has to advertise a summary route representing the loopback21. 9. On R4. and the loopback14 addresses of R3.153.153. loopback13. On the peerings with R2 and R6. advertise the networks 153. 11.154. loopback22. Configure an eBGP peering between R4 in AS 4 and R5 in AS 5. 13.0/14. Specific subnets should not be advertised. 6. R3 has to advertise a summary route representing the loopback11. 7. 127|P a g e Version 5. This aggregate should have in its AS-path attribute all the ASs that were contained in the AS-path attribute of the more specific networks.0/24 has to be sent with the No-Export community. On R3.200. On R6. Use redistribution and a prefix-list with one single line. 17. loopback14 network should be the only specific network advertised towards R2. Use an unsuppress-map.0. loopback21 network should be the only specific network advertised towards R2. Configure an eBGP peering between R4 in AS 4 and R7 in AS 7. 8.0/16 into BGP using network statements.0/16 to R4. configure the aggregate 200. 14. configure an aggregate for the network 153. Advertise the network 200.0/24 into BGP using a network statement.0/16 and 200.2.0/24 into BGP using a network statement.0/24 into BGP using network statements.153.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.153.0.201.153. In the addition to the summary route. More specific networks should also be advertised. Use a route-map called NOEXPORT_RM.152. Use an unsuppress-map.0/22 with the summary-only and with the AS-SET option on.200. Use a route-map called ATTRIBUTEMAP_RM. Advertise the network 200. the network 153. 15.153.1. loopback22 network should be the only specific network advertised towards R6. advertise the networks 200. In the addition to the summary route. The more specific networks should not be advertised to R6. 16.0/24 and 153. 10. In the addition to the summary route.0. On R5. configure the community of no- advertise. 19. 12. Use network statements.2F .0. 18. Configure an eBGP peering between R4 in AS 4 and R6 in AS 65001.1. When advertising out the network 200. Ensure that this aggregate is advertised to R4. Use a suppress-map.0. Volume 1 5. loopback12.1.

advertise the network 10.0/8 will be advertised to R7 and R6.4. On R4. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide.22. Use a route-map called ADVERTISEMAP_RM.0/8 with the summary-only and with the AS-SET option on. On R4. You are not allowed to use an attribute-map to remove the community. Section 2 Copyright© iPexpert. 21. 128 | P a g e Version 5. Ensure that the network 10.22. Helpful Verification Commands  Show ip bgp  Show ip bgp paths  Show ip bgp summary  Show ip bgp as-path access-list  Show ip bgp filter-list  Show ip bgp regexp Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area.2F .0 will be advertised to R6 with a community that will prevent it to be advertised to other eBGP peers. For instructor and developer support.0.0/24 into BGP using a network statement. configure an aggregate for the network 200.0. All Rights Reserved. This concludes Lab 21 of iPexpert's CCIE Routing & Switching Workbook. 23.4. Ensure that the network 200. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. 22.0. Volume 1 20. Volume 1.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.0.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F . AS Path manipulations and other advanced features (e.g. BGP dampening). Volume 1 Lab 22: Configure and Troubleshoot BGP (Part 5) Technologies Covered  Route Filtering  Local AS  Replace AS  Dual AS  Remove Private AS  Dampening  ORF  BGP allowas-in Overview In this last lab for BGP you will have to deal with Filtering. Estimated Time to Complete: 4 hours 129|P a g e Version 5.

 Video Title: BGP Filtering and Manipulations  Video Title: BGP Aggregation and Filtering  Video Title: BGP Route Propagation Control 130 | P a g e Version 5.cisco.html  Removing Private AS Numbers: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt- book/irg-route-map-continue.html  BGP Local-AS Feature: http://www.com/c/en/us/td/docs/ios/12_2/ip/configuration/guide/fipr_c/1cfbgp.2F .cisco. Volume 1 iPexpert’s Recommended Reading Material  BGP Route-Map Continue: http://www.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt- book/removing_private_as_numbers_from_the_as_path_in_bgp___.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13761-39.cisco.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.html  BGP Prefix-Based Outbound Route Filtering: http://www.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/112236- allowas-in-bgp-config-example.cisco.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/15-mt/irg-15-mt- book/bgp_prefix-based_outbound_route_filtering.html  Allowas-in Feature in BGP: http://www. We recommend watching the following learning videos that cover the topics seen in this lab scenario.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.html  Configuring BGP Route Filtering by Neighbor http://www.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 Topology Details Logically connect and configure your network as displayed in the drawing below. 131|P a g e Version 5.1: BGP Topology Lab 22 Setup  This lab is intended to be used with online rack access. The topology used in the lab will be the following: Diagram 22. You may also refer to the diagram located within your configuration files for topology information. Connect to the terminal server for the online rack. and complete the configuration tasks as detailed below.2F . NOTE Load the initial configuration files before starting to work on the tasks.

0/24 and 153. Volume 1 Configuration Tasks 1.0/24 network to use the following dampening parameters:  Max-Suppress=60 minutes  Suppress=2000 points  Reuse=800 points  Half-Time=15 minutes 15. 11.153.153. Configure an eBGP peering between R6 and R4 in AS 4. the private AS number 65003 have to be stripped off from the AS-path before being sent. filter out 153. 7. advertise networks 153. On R3. Configure an eBGP peering between R2 and R5 in AS 5. On R3.153. On R3. configure the 153. In routes received from R2. 5. 14. 8.153. 10. On R6. Configure an eBGP peering between R2 and R3 in AS 3.154. in all advertisements sent towards R4.153.0/24 using network statements. 13. 4. 9.153.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Configure an eBGP peering between R6 and R3 in AS 3. Configure an iBGP peering in AS 65001 between R2 and R6.0/24.0/24 network to use the following dampening parameters:  Max-Suppress=50 minutes  Suppress=2500 points 132 | P a g e Version 5. on the peering between R3 and R2. Regarding the routes advertised from R3 to R2 and R6. On R3.153. 6. AS 3 should not appear in the AS-path. Use access-list.154. Use a prefix-list. Advertise the loopback0 of R5 into BGP. R5 should appear to R2 as if it is using AS 65005 but R5 should still be in AS 5.153.153. 12. 3.154. filter out 153.0/24. On R3. 2. on the peering between R3 and R6. R3 should appear to R2 and R6 as if it is using AS 65003 but R3 should still be in AS 3. the AS 65005 should not appear in the AS-path. configure the 153.2F .

21. On R6.0/24 inbound on the peering towards R4. On R8. configure the BGP peering to use fast session deactivation. 17. Volume 1  Reuse=600 points  Half-Time=10 minutes 16.0/24 and not sending updates for networks that are filtered when arriving on R6.2F . 20. On R4. 19. Between R6 and R4. 18.4. Make sure that the two routers exchange information via the ORF capability and that R4 will be filtering the network 10.11. 22.4.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Use the allowas-in command. advertise the loopback0 into BGP using a network statement. Configure an eBGP peering between R6 and R8 in AS 4. Helpful Verification Commands  Show ip bgp  Show ip bgp paths  Show ip bgp summary  Show ip bgp as-path access-list  Show ip bgp filter-list  Show ip bgp regexp 133|P a g e Version 5. filter network 10. advertise the loopbacks in BGP using network statements.11. Make sure that you can ping from loopback0 of R8 which is originated in AS 4 to the loopback0 of R4 which is always originated in AS 4.

You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. Section 2 Copyright© iPexpert. All Rights Reserved.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. This concludes Lab 22 of iPexpert's CCIE Routing & Switching Workbook. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. Volume 1. Volume 1 Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. For instructor and developer support.2F . 134 | P a g e Version 5.

You also have to know how to deal with RPF failures. Estimated Time to Complete: 3 hours 135|P a g e Version 5. For Sparse Mode.2F . you have to understand the concept of a Rendezvous Point (RP) and methods of configuring it.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. This includes PIM Dense and Sparse Modes. Volume 1 Lab 23: Configure and Troubleshoot Protocol Independent Multicast Operations (Part 1) Technologies Covered  PIM dense mode  PIM sparse-dense mode  PIM sparse mode  RPF failure  Accept RP  Accept Register  DR election  NMBA mode Overview Multicast routing will have to be configured in this lab.

cisco. We recommend watching the following learning videos that cover the topics seen in this lab scenario. Volume 1 iPexpert’s Recommended Reading Material  IP Multicast Technology Overview: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipmulti_pim/configuration/imc-pim-15-mt- book/imc_tech_oview.com/c/en/us/td/docs/ios-xml/ios/ipmulti_pim/configuration/imc-pim-15-mt- book/imc_basic_cfg.  Video Title: Multicast Operations Lecture  Video Title: Multicast Configuration  Video Title: IP Multicast  Video Title: IP Multicast Configuration and Troubleshooting Topology Details Logically connect and configure your network as displayed in the drawing below. The topology used in the lab will be the following: 136 | P a g e Version 5.2F . You may also refer to the diagram located within your configuration files for topology information.html  Configuring Basic IP Multicast: http://www.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.

Connect to the terminal server for the online rack. NOTE Load the initial configuration files before starting to work on the tasks.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. 137|P a g e Version 5. Volume 1 Diagram 23. and complete the configuration tasks as detailed below.1: Multicast Operations Topology Lab 23 Setup  This lab is intended to be used with online rack access.2F .

Volume 1 Configuration Tasks 1.2F . Use the loopback0 interface for the RP IP address. 6. Configure OSPF in area 55 on all the connections between R1.1. R4. 13.1. 9. 7.9.5.9.0/24 network. There is a multicast server connected on R9 that is sending a stream with the IP address 229. and R5. R1 is the ABR. 2. Use network statements. Setup OSPF in area 0 in this DMVPN network. Shut down the interface e0/1 on R2.163.145. 4.9. The listeners for this group are located on R1 and R4 only.0/24 with an OSPF cost of 2000.5 and 229. Configure the network to route this multicast stream from the source to the listeners with the use of a static RP. Use network statements.9.5. R6. 12. Cost out the network 10.5. Configure R5 E0/1 to join 229. The listeners for this group are located on R2. Do not enable multicast on the 10. 8. Configure R1 E0/0 to join 225.9. The listeners for this group are located on R5 on network 10.1.0/24 network.5. Configure OSPF in area 99 on all the connections between R2.9 and make sure that you can ping this multicast group from R9. Make sure that you can ping from the loopback0 of R2 to the loopback0 of R3. the use of mroute is allowed.45. Make sure that R1 is the RP only for the groups 225.5 and make sure that you can ping this multicast group from R5.1. Configure R3 to send the PIM join message to the RP on behalf of the 10.3. Configure the network to route this multicast stream from the source to the listeners without the use of any RP.9. 10. Advertise the loopbacks of R1. 3.1. Configure the OSPF network type as NBMA. 138 | P a g e Version 5. Cost out the network 10.0/24 network. and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes. There is a multicast server connected on R5 that is sending a stream with the IP address 225. Use network statements.0/24 with an OSPF cost of 2000. R3 is the ABR. R1.5. DMVPN phase 2 without IPSec is the underlying used technology. There is a multicast server connected on R3 that is sending a stream with the IP address 233.9. R3.45. 5.0/24. R2. The use of mroute is allowed.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.3.5. Advertise the loopbacks of R4 and R5 in the OSPF process.9.3. Configure the network to route this multicast stream from the source to the listeners with the use of a static RP.236. Advertise the loopbacks of R6 and R9 in the OSPF process.236.5. and R3 in the OSPF process. 11. and R9.1. Do not enable multicast on the 10. If necessary. R2.

7.3. Ensure that R2 and R3 send registers (*.3.G) entries for the group 233.200. Volume 1.2F . The multicast group will be 227.3. Configure the router R3 so that when he becomes the RP for this multicast group. Use the loopback0 interface for the RP IP address.1.7 and the source is going to be the server 10.200. Make sure that you can ping multicast group 233.63. There is a plan to add a new multicast datastream. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. 17.3. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. 16. For instructor and developer support.3.7.1. Section 2 Copyright© iPexpert.3 from R3.63.3. 139|P a g e Version 5. This concludes Lab 23 of iPexpert's CCIE Routing & Switching Workbook. All other servers trying to register this group should be denied. Volume 1 14. 15.3. Make sure that R1 is allowed to be the RP for the group 233.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.3 only to the router R1. the only allowed source is the IP address 10. All Rights Reserved. Helpful Verification Commands  Show ip pim rp  Show ip pim rpf  Show ip pim interface  Show ip pim neighbor  Show ip mroute  Show ip igmp Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area.

In addition.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Knowledge of Auto RP and BSR is required to successfully finish this lab. Volume 1 Lab 24: Configure and Troubleshoot Protocol Independent Multicast Operations (Part 2) Technologies Covered  Auto-RP  Auto-RP filtering  Auto-RP listener  Multiple RP candidates  Multicast boundary  BSR  BSR Propagation filtering Overview The focus of this scenario is a RP configuration.2F . you will be asked to limit propagation of multicast packets in this network. Estimated Time to Complete: 3 hours 140 | P a g e Version 5.

cisco. Volume 1 iPexpert’s Recommended Reading Material  Auto-RP Overview: http://www.GUID-D1656247-AFA8-4F67-8114-FB290E579FDD  IP Multicast Boundary: http://www.com/c/en/us/td/docs/ios-xml/ios/ipmulti_pim/configuration/imc-pim-15-mt- book/imc_basic_cfg.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. We recommend watching the following learning videos which cover the topics seen in this lab scenario.html . The topology used in the lab will be the following: 141|P a g e Version 5.com/c/en/us/td/docs/ios-xml/ios/ipmulti_pim/configuration/imc-pim-15-mt- book/imc_basic_cfg.html .com/c/en/us/td/docs/ios-xml/ios/ipmulti_pim/configuration/imc-pim-15-mt- book/imc_basic_cfg.GUID-C55E3B04-9F79-48F9-AD66-665823A20D8B iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.html .cisco.  Video Title: Multicast Operations Lecture  Video Title: Multicast Configuration  Video Title: IP Multicast  Video Title: IP Multicast Configuration and Troubleshooting Topology Details Logically connect and configure your network as displayed in the drawing below. You may also refer to the diagram located within your configuration files for topology information.2F .GUID-08C0EDBD-4A85-4FC3-AF2C-AA930C578F3C  BSR Overview: http://www.cisco.

Setup EIGRP AS 10 in this DMVPN network. R1. Connect to the terminal server for the online rack.2F .1: Multicast Operations Topology Lab 24 Setup  This lab is intended to be used with online rack access. Volume 1 Diagram 24. and complete the configuration tasks as detailed below.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. NOTE Load the initial configuration files before starting to work on the tasks. DMVPN phase 1 without IPsec is the underlying used technology. and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes. 142 | P a g e Version 5. Configuration Tasks 1. R2.

Auto-RP advertisements should be sent every 5 seconds to R1. Create 2 “rp-announce-filters” that make sure that R8 will only become the RP for multicast group 228.145. R9 should not become the RP for routers that are more than 1 hop away.69.3. and the network 10. 228.1. R5.2.0/24.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.228.2F .0/24. Configure PIM on the 10.36. The loopback0 has to be used in the advertisements. the network 10.169. and R8 don’t fall back to PIM dense mode for unknown multicast addresses. R8. 143|P a g e Version 5. and that R8 has been chosen to be the PIM DR. 5.3. Extend the EIGRP routing domain to include the network 10. 14. 4.228.1.2.2.1. and check that you can ping this multicast group from R7.3. the network 10.1.14. and that R1 will only become the RP for multicast groups 228. 8.1.3. Configure R1 so that it never sends and receives on interface E0/1 multicast traffic from group 228. R7. The 2 connections between R9 and R6 have to be configured with PIM sparse-mode (no PIM sparse-dense mode).0/24. Advertise the loopbacks of R6 and R9 in the EIGRP process using network statements.0/24. and the network 10. Use network statements. 15.228.145. Auto-RP will be used on those networks.2. R4. R4. You are not allowed to use ip pim auto-rp listener command. 10. Enable R1.1. Configure the interface E0/1 on R5 to join the group 228.22.228.1. Volume 1 2.14. 7.45.1.228. R9 has to be configured as an auto-RP candidate for all multicast groups. the network 10.2.0/24. 6. Make sure that the auto-RP advertisements regarding those groups are also filtered. the network 10. Extend the EIGRP routing domain to include the network 10. Create an “rp-announce-filter” that makes sure that R7 will never become a RP. R4 should be configured as the mapping agent.228. Their loopback0 should be used in the advertisements.1.45.2. and R3 in the EIGRP process. R7. R2. and 228.1.0/24. Configure E0/1 on R5 to join the group 228.228 and check that you can ping this multicast group from R7.0/24. Advertise the loopbacks of R1. 3.228.1. 9.0/24.228.1.1.228. the network 10.63.0/24.1.2.1. and R5 in the EIGRP process using network statements. Advertise the loopbacks of R7. and that R1 has been chosen to be the RP for 228. Ensure that the routers R1.3.2.3. 11.0/24. and 228.2. and R6 has to be configured as the mapping agent.1. 228.1. 13.0/24. and R8. and the network 10. R7.1.1. and R8 as auto-RP candidates for the following multicast groups: 228.2. Make sure that you can ping from the loopback0 of R2 to loopback0 of R3. 12.228 and 228.228. 16.

and that R9 has been chosen to be the RP.1.1.63.1. Enable PIM sparse mode on all interfaces on the network 11. Ensure that R7.1.0/24 and 10. Use the interface that is always up on a router. 19. 20. and check that you can ping this multicast group from R6. Volume 1 17. Configure R2 as the BSR. Configure the interface E0/1 on R2 to join the group 225.229. Helpful Verification Commands  Show ip pim rp [mapping]  Show ip pim rpf  Show ip pim interface  Show ip pim neighbor  Show ip mroute  Show ip pim bsr-router  Show ip pim autorp  Show ip pim interface detail 144 | P a g e Version 5. 18. Configure R1 as the primary RP and configure R3 as a backup RP.225.36. 23. Use the interfaces that are always up on a router. and R4 don’t receive information about RPs elected by PIM bootstrap router process.225.0/24.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F . R8. One of the two should be configured with the default priority.0/24. 22.225 and check that you can ping this multicast group from R1.229. Enable PIM sparse mode on the network 10.229. Configure the interface S3/0 on R9 to join the group 229. Ensure that R6 doesn’t receive information about RPs elected by PIM bootstrap router process. 21.

You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. Section 2 Copyright© iPexpert. For instructor and developer support.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. All Rights Reserved. 145|P a g e Version 5. Volume 1 Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. Volume 1. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. This concludes Lab 24 of iPexpert's CCIE Routing & Switching Workbook.2F .

Volume 1 Lab 25: Configure and Troubleshoot Protocol Independent Multicast Operations (Part 3) Technologies Covered  Multicast stub routing  IP IGMP helper-address  SSM  IGMP filtering  IGMP timers  Multicast helper map  PIM bidirectional  Multicast rate limiting Overview Advanced multicast features are the main topics covered in this lab.2F . Estimated Time to Complete: 4 hours 146 | P a g e Version 5. Source-Specific Multicast (SSM) and Bidirectional PIM. You have to know how to deploy Stub multicast routing.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. The knowledge of IGMP is also required to successfully finish this scenario.

pdf iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam. We recommend watching the following learning videos which cover the topics seen in this lab scenario.html .2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.  Video Title: IP Multicast  Video Title: IP Multicast Configuration and Troubleshooting Topology Details Logically connect and configure your network as displayed in the drawing below.com/c/en/us/td/docs/ios/12_2/ip/configuration/guide/fipr_c/1cfssm.com/c/en/us/td/docs/ios-xml/ios/ipmulti_pim/configuration/imc-pim-15-mt- book/imc_basic_cfg.com/servlet/JiveServlet/previewBody/13600-102-1- 52383/Chapter 9 BSR.cisco.cisco. Volume 1 iPexpert’s Recommended Reading Material  SSM Overview: http://www.cisco. You may also refer to the diagram located within your configuration files for topology information.GUID-A21DDBAA-CFAA-4F48-8B4D-C4ACAE8061CB  Configuring Source Specific Multicast: http://www.html  BSR Protocol: https://learningnetwork. The topology used in the lab will be the following: 147|P a g e Version 5.

2F . Use the point-to-multipoint OSPF on the 2 two spokes. Setup OSPF area 0 in this DMVPN network. NOTE Load the initial configuration files before starting to work on the tasks. R1. R2. and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes. Connect to the terminal server for the online rack. DMVPN phase 1 without IPsec is the underlying used technology. Volume 1 Diagram 25. and complete the configuration tasks as detailed below. 148 | P a g e Version 5. Configuration Tasks 1.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.1: Multicast Operations Topology Lab 25 Setup  This lab is intended to be used with online rack access.

4.1. R6. Make sure that no OSPF neighborships will ever be formed on those networks.2.2. 14.2.1.0/24.1. On R1. 10. Advertise the loopbacks of R1. Make sure that interface E0/1 on R5 can receive traffic multicast for the group 224.0/24.99. and 10. R6. R8.0/24. Advertise the loopbacks of R4.2.0/8.99. R7. Make sure that you can ping from the loopback0 of R7 to the loopback0 of R9. there is only one client receiving several multicast streams. R5.0/24 and 10.3. The source of the multicast stream 224.1. and R8. 11. R2. Enable multicast connectivity between this source and this receiver. R7. the router should immediately stop forwarding this multicast stream on the LAN and not try to send a group-specific query for this multicast group. Use network statements.0/24 in the OSPF process. 11.0/24.3.3 from R1 only when the ping is sourced from the loopback0 of R1. You are not allowed to remove the filter configured in the previous question. R9 has to be protected from an IGMP DOS attack. configure statically the loopback0 of R1 as the RP for all multicast groups. As soon as this client is sending an IGMP leave group message.0/24. 8. R6 should only accept on the interface E0/1 multicast clients that want to join a group in the range 225.69.0. 149|P a g e Version 5. 5.77.1.148. The receiver of this multicast stream is on the VLAN 10.1. R5. and R3 in the OSPF process.1.1.1. 6.3. Use network statements. 3.0. and R9 in the OSPF process.1. 7.2 is located on the VLAN 77. 9. Configure PIM sparse mode on the networks 10. and R9 into the OSPF area 0.0/24. and consequently not allowed to build a PIM adjacency over the connection between R4 and R7. 10.3. Use the command ip pim neighbor-filter on R4. Configure IP PIM dense mode on network 10. 12.2.148. Volume 1 2. Advertise the networks 10. Do not enable PIM on this interface.3 only if it is sourced from the loopback0 of R1.2 and 226.2. Verify that you can ping this multicast group 224.47.2.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Use network statements. Check on R6 that the filtering configured in the previous question is working. No PIM adjacency should be formed over this connection. 13.2. On the interface E0/0 of R9.0.2 and check that you can ping this multicast group from R8. R7.2.236.2F . On the network 10. R8. R4. allow the maximum number of IGMP states to be 25. Introduce R4. Configure the interface E0/1 on R7 to join the group 224. Configure interface E0/1 of R9 to join multicast groups 225. Make sure that you can ping from the loopback0 of R2 to the loopback0 of R3.

16.1. 19. On the VLAN 136.148.1. On R9. This broadcast traffic should be transported by the multicast group 227.0/24.22.0/24 and 10.0/24.7.22. and the connection between R3 and R1. 21. IGMP protocol should communicate to the multicast clients that they should report their group’s membership in a maximum of 30 seconds after receiving a query.1. Configure R1 to limit to 5M the bandwidth that the multicast stream with a destination of 224.7.1.1.0/24.148. There is a server that is connected to the network 10.148. Helpful Verification Commands  Show ip pim int  Show ip pim neigh  Show ip pim rp [mapping]  Show ip igmp int  Show ip igmp groups  Show policy-map interface 150 | P a g e Version 5.7 when crossing the connection between R2 and R1.22 can use out of the tunnel interface.1. Configure R6 to limit to total bandwidth for multicast traffic to 20 M on all its interfaces in the egress direction. Volume 1 15. The multicast traffic should be converted back to a broadcast when reaching the network 10. The loopback0 of the R1 has to be configured as the RP and the mapping agent in this PIM bidirectional setup.22.136. The backup querier should become the querier for this LAN if it hasn’t seen a query packet within 1 minute. 20.0/24.2F . Configure bidirectional PIM for a multicast stream of 224. 17. 18.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.22 on the network 11. configure IGMP to send membership queries every 30 seconds.22. This server is sending broadcast UDP traffic to port 2500 to a client connected to the network 10.

2F . Volume 1. For instructor and developer support. This concludes Lab 25 of iPexpert's CCIE Routing & Switching Workbook. All Rights Reserved. 151|P a g e Version 5. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. Volume 1 Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. Section 2 Copyright© iPexpert.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide.

Volume 1 Lab 26: Configure and Troubleshoot Protocol Independent Multicast Operations (Part 4) Technologies Covered  RPF failure  Multicast BGP extension  BSR propagation filtering  MSDP Overview Multicast troubleshooting is included in this scenario. you also have to know how to deploy MSDP and be familiar with L2 multicast related topics.2F . In addition. The ability of finding and fixing RPF failures is essential for this lab.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Estimated Time to Complete: 3 hours 152 | P a g e Version 5.

You may also refer to the diagram located within your configuration files for topology information.  Video Title: IP Multicast  Video Title: IP Multicast Configuration and Troubleshooting  Video Title: MSDP Multicast Part 1  Video Title: MSDP Multicast Part 2 Topology Details Logically connect and configure your network as displayed in the drawing below.com/c/en/us/td/docs/ios-xml/ios/ipmulti_pim/configuration/imc-pim-15-mt- book/imc_msdp_im_pim_sm.cisco.com/c/en/us/td/docs/ios/12_2/ip/configuration/guide/fipr_c/1cfmbgp.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. The topology used in the lab will be the following: 153|P a g e Version 5. We recommend watching the following learning videos that cover the topics seen in this lab scenario.cisco.2F .html  Using MSDP to Interconnect Multiple PIM-SM Domains: http://www.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam. Volume 1 iPexpert’s Recommended Reading Material  Configuring Multiprotocol BGP Extensions for IP Multicast: http://www.

Connect to the terminal server for the online rack. Volume 1 Diagram 26. R4 and R3.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.1: Multicast Operations Topology Lab 26 Setup  This lab is intended to be used with online rack access. 154 | P a g e Version 5. and complete the configuration tasks as detailed below.2F . 2. Configuration Tasks 1. Configure PIM sparse-mode on the ethernet connections between R5 and R4. and on the serial connection between R3 and R6. R4. R4 and R3. Configure OSPF area 0 routing on the ethernet connections between R5 and R4. Advertise the loopbacks of R5. NOTE Load the initial configuration files before starting to work on the tasks. and R6 in the OSPF process. and R3 and R6. Use network statements. R3.

and on the connection between R1 and R2.7. We are going to use multicast BGP. Configure PIM in sparse mode on the connection between R5 and R8. Volume 1 3. 17. Verify that the feed from R6 to the multicast group 225.7. Use the Physical IP addresses for the peering’s.7. 6. R3 should be configured as the BSR and the RP for the all multicast groups. 18. 4.7. 11. Use the PIM bootstrap router solution to advertise the RP. Use the loopback 0 of R2 as the RP IP address. 10.7. on the connection between R8 and R2. Use the PIM bootstrap router solution to advertise the RP. 13. 16. To solve the RPF failure.7.7. Use the Physical IP addresses for the peering’s. you are not allowed to configure ip mroutes. 9.7. Verify that you cannot ping from R6 to the multicast group 225. Do not enable PIM on this link. Configure an eBGP peering between R4 and R3. Configure an iBGP peering between R5 and R4 in AS20. Separate the two BSR domains and make sure that the propagation of the BSR packets is filtered on the connection between R5 and R8.7. 15. Advertise all the circuits where there is a PIM neighborship into BGP with network statements. 12. on the connection between R8 and R2. Remove OSPF from all the routers where it is running and shut down the direct connection between R5 and R3.7.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Configure on each BGP router an “address-family ipv4 multicast”. Advertise loopback0 networks. Use the Physical IP addresses for the peering’s. Verify that you can ping from R6 to the multicast group 225. Advertise The RP IP address into the address-family used for multicast. 155|P a g e Version 5. 8. On R5. Use the loopback 0 of R3 as the RP IP address.7. Configure OSPF area 0 routing on the connection between R5 and R8.7. Configure OSPF area 0 routing on the serial connection between R5 and R3. 5. Configure an iBGP peering between R3 and R6 in AS10.7 is again reaching R5 after the migration from OSPF to BGP.7.2F . Manipulate this OSPF cost to ensure that the direct link between R5 and R3 is the preferred path for OSPF. 19. configure on the interface E0/0 an IGMP join for the group 228. R2 should be configured as the BSR and the RP for the all multicast groups. and on the connection between R1 and R2. 14. On R6.7 because of a RPF failure. configure on the interface E0/0 an IGMP join for the group 225. 7.

7.7.7. Configure R3 as the PIM DR for the network 10. and R5 path.7. verify that the IGMP filtering configured in the previous question is working. the router R6 and R1 are replying. configure on the interface E0/0 an IGMP join for the group 228. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area.7. Use MSDP. 21. On R7. On R9. Volume 1.7.0/24. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. All Rights Reserved. On R1. R4. Enable OSPF process 2 on the R3.2F .7. For instructor and developer support. You can add 1 static route.7.1. 22. configure on the interface E0/0 an IGMP join for the group 229.179. Section 2 Copyright© iPexpert. Volume 1 20. On Cat2.7.7. Helpful Verification Commands  Show ip msdp  Show ip msdp count  Show ip msdp peer  Show ip msdp summary  Show ip msdp sa-cache  Show bgp ipv4 multicast  Show ip rpf Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.7. 156 | P a g e Version 5. This concludes Lab 26 of iPexpert's CCIE Routing & Switching Workbook. configure on the interface E0/0 an IGMP join for the group 229.7. Make sure that when you ping from R4 to the group 228.

like Filtering and Summarization.2F . You have to know how IPv6 works with DMVPN and for this lab specifically.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Estimated Time to Complete: 4 hours 157|P a g e Version 5. Volume 1 Lab 27: Configure and Troubleshoot IP Version 6 (Part 1) Technologies Covered  IPv6 addressing  DMVPN for IPv6  RIPng  RIPng prefix filtering  RIPng summarization  RIPng offset-list  RIPng default route Overview In this scenario you will be tasked to configure IPv6 addresses and routing. how to deploy RIPng along with certain protocol features.

 Video Title: IPv6 Lecture  Video Title: IPv6 Configuration  Video Title: RIPng Basic Setup  Video Title: RIPng across DMVPN  Video Title: RIPng Filtering with IPv6 Prefix-Lists  Video Title: RIPng Manual Summarization  Video Title: RIPng Default Routes  Video Title: RIPng Filtering and Traffic Engineering via Metric Manipulation Topology Details Logically connect and configure your network as displayed in the drawing below.html  IPv6 Routing: Route Redistribution: http://www.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.com/c/en/us/td/docs/ios-xml/ios/iproute_rip/configuration/15-mt/irr-15- mt-book/ip6-rip-route-redist. Volume 1 iPexpert’s Recommended Reading Material  RIP for IPV6: http://www. The topology used in the lab will be the following: 158 | P a g e Version 5.cisco.cisco.2F .html  Configuring Routing Information Protocol: http:/www.com/c/en/us/td/docs/ios-xml/ios/iproute_rip/configuration/15-mt/irr-15-mt- book/ip6-rip.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.com/c/en/us/td/docs/ios-xml/ios/iproute_rip/configuration/15-mt/irr-15-mt- book/irr-cfg-info-prot. You may also refer to the diagram located within your configuration files for topology information. We recommend watching the following learning videos that cover the topics seen in this lab scenario.cisco.

Volume 1 Diagram 27. and complete the configuration tasks as detailed below.2F . NOTE Load the initial configuration files before starting to work on the tasks.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. 159|P a g e Version 5. Connect to the terminal server for the online rack.1: IPv6 Routing Topology Lab 27 Setup  This lab is intended to be used with online rack access.

On R1. create an IP host mapping called R1LAN for the IPv6 global address of the E0/0 of R1.3/24 Table 27.2/24 R3 E0/0 10.123. 6.2 R1 E0/1 10. Check that you can ping R2LAN from R1. Configure the DMVPN phase 3 tunnel infrastructure for IPv6.1.1/24 R2 E0/0 10. 4. 5.1. Use RIPng with the identifier of “iPexpert” to enable IP routing between the interface E0/0 of R1 and the interface E0/1 of R2.1.3 Link Local Unicast Global Unicast R1 interface Tunnel23 FE80::1 2001:DB8:AAAA:1::1/64 R2 interface Tunnel23 FE80::2 2001:DB8:AAAA:1::2/64 R3 interface Tunnel23 FE80::3 2001:DB8:AAAA:1::3/64 2.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F . and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes. R2.123. Use the following addresses: Table 27. Volume 1 Configuration Tasks 1. Configure the following IPv6 addresses: Table 27. Configure the following interfaces to automatically assign IPv6 addresses to their interfaces: 160 | P a g e Version 5.123. R1. Do not implement encryption. create an IP host mapping called R2LAN for the IPv6 global address of the E0/1 of R2.4 Link Local Unicast Global Unicast R1 interface E0/0 EUI-64 format 2001:DB8:BBBB:1::/64 EUI-64 format R2 interface E0/1 EUI-64 format 2001:DB8:CCCC:1::/64 EUI-64 format 3. On R2. Check that you can ping R1LAN from R2.

Ensure that R3 is able to ping the IPv6 address of loopback4 of R7.2F . Configure the following IPv6 address on the connection between R6 and R7: Table 27. On R7.6 Link Local Unicast Global Unicast R6 interface E0/0 FE80::1 2001:DB8:DDDD:1::6/64 R7 interface E0/0 FE80::2 2001:DB8:DDDD:1::7/64 9. configure the following IPv6 loopback addresses: Table 27. Configure the following IPv6 addresses on the connection between R3 and R4: 161|P a g e Version 5.7 Global Unicast R7 interface Loopback4 2001:DB8:EEEE:4::7/64 R7 interface Loopback5 2001:DB8:EEEE:5::7/64 R7 interface Loopback6 2001:DB8:EEEE:6::7/64 R7 interface Loopback7 2001:DB8:EEEE:7::7/64 10.5 R6 E0/1 R8 E0/1 R9 E0/1 7. Enable RIPng with the identifier “iPexpert” on R6. 8. Check that R8 can reach the IPv6 global address that has been previously assigned to the E0/1 of R6 and to the E0/1 of R9. 13. Enable RIPng with the identifier of “iPexpert” on the connection between R6 and R7. and R9. Ensure that R6 receives from R7 a summary route encompassing all the loopbacks. and on the 4 loopbacks on R7. 11. Volume 1 Table 27.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. R8. 12. Enable RIPng on the tunnel interface of the router R3.

8 Link Local Unicast Global Unicast R3 interface S4/3 FE80::1 2001:DB8:1111:1::3/64 R4 interface S4/0 FE80::2 2001:DB8:1111:1::4/64 14.2F . Configure the following IPv6 addresses on the connection between R3 and R5: Table 27.9 Link Local Unicast Global Unicast R3 interface S4/0 FE80::1 2001:DB8:2222:1::3/64 R5 interface S4/0 FE80::2 2001:DB8:2222:1::5/64 15. 17. You have to configure R3 only to complete this task and you are not allowed to configure static routes. and on the connection between R4 and R5. Configure the following IPv6 addresses on the connection between R4 and R5: Table 27. on the connection between R3 and R5.10 Link Local Unicast Global Unicast R4 interface E0/0 FE80::1 2001:DB8:FFFF:1::4/64 R5 interface E0/0 FE80::2 2001:DB8:FFFF:1::5/64 16. Volume 1 Table 27. 19. 18.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. The default route and the summarized route for the loopbacks of R7 should be the 2 only RIP process iPexpert entries in the IPv6 routing table of R4 and R5. The connection R4-R3 should only be used in case the connection R5-R3 is going down. Ensure that R4 and R5 have a default route pointing towards R3. iPexpert and 345. 20. The clients on VLAN 2001:DB8:FFFF:1::/64 should be always routed over the connection R5-R3. Enable full IPv6 connectivity between the 2 RIPng domains. Enable RIPng with the identifier of 345 on the connections between R3 and R4. Use an IPv6 prefix-list called “SUMMARYR7”. Configure R3 to achieve this task. 162 | P a g e Version 5.

2F . For instructor and developer support.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 Helpful Verification Commands  Show ipv6 rip  Show ipv6 route[rip]  Show ipv6 rip database Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. This concludes Lab 27 of iPexpert's CCIE Routing & Switching Workbook. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. 163|P a g e Version 5. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. All Rights Reserved. Section 2 Copyright© iPexpert. Volume 1.

such as summarization. Estimated Time to Complete: 4 hours 164 | P a g e Version 5. Specifically.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. This includes certain more advanced protocol features. Volume 1 Lab 28: Configure and Troubleshoot IP Version 6 (Part 2) Technologies Covered  EIGRPv6  EIGRPv6 summarization  EIGRPv6 default route  EIGRPv6 authentication  EIGRPv6 unequal load balancing Overview You have been tasked to configure IPv6 routing in your network. you have to know how to deploy EIGRPv6. authentication and unequal-cost Load Balancing.2F .

The topology used in the lab will be the following: 165|P a g e Version 5.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15- mt-book/ip6-route-eigrp.html iPexpert’s Recommended Video Training  No associated videos Topology Details Logically connect and configure your network as displayed in the drawing below.2F . You may also refer to the diagram located within your configuration files for topology information.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 iPexpert’s Recommended Reading Material  Cisco EIGRP for IPV6 Implementation: http://www.cisco.

1: IPv6 Routing Topology Lab 28 Setup  This lab is intended to be used with online rack access. NOTE Load the initial configuration files before starting to work on the tasks.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. and complete the configuration tasks as detailed below. Connect to the terminal server for the online rack.2F . 166 | P a g e Version 5. Volume 1 Diagram 28.

123. R2.1. Enable EIGRPv6 with an AS of 123 on the DMVPN network between R1. 167|P a g e Version 5. and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes. Check that you can ping the loopback0 of R3 from R6 and R9.4 Global Unicast R1 interface lo0 2001:DB8:A:A::1/128 R2 interface lo0 2001:DB8:A:A::2/128 R3 interface lo0 2001:DB8:A:A::3/128 4.2F . Configure an IPv6 NHRP authentication of iPexpert and a NHRP network-id of 123.1/24 R2 E0/0 10. R1. and R3. 6. 3.2 R1 E0/1 10. Configure the following loopback IPv6 addresses: Table 28.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Configure EIGRPv6 with an AS of 123 on the LAN 2001:DB8:CCCC:1::/64.123.3/24 Table 28.1.1. Configure the DMVPN phase 3 tunnel infrastructure for IPv6. Make sure that there is IPv6 connectivity between the loopbacks of R1. Volume 1 Configuration Tasks 1. Use the following addresses: Table 28. Do not implement encryption. and R3.123.3 Link Local Unicast Global Unicast R1 interface Tunnel23 FE80::1 2001:DB8:AAAA:1::1/64 R2 interface Tunnel23 FE80::2 2001:DB8:AAAA:1::2/64 R3 interface Tunnel23 FE80::3 2001:DB8:AAAA:1::3/64 2.2/24 R3 E0/0 10. 5. R2. R2.

There should only be a routing entry to reach the summary route 2001:DB8:A:A::/126. 12.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. and a key-string of “iPexpert”. On R2. Check that you can ping the loopback0 of R3 from R6 and R9. Check that you can ping the loopback0 of R3 and the loopback0 of R2 from R8. 9. and R3. Volume 1 7. Only a default route should be advertised.5 Link Local Unicast Global Unicast R3 interface S4/3 FE80::1 2001:DB8:1111:1::3/64 R4 interface S4/0 FE80::2 2001:DB8:1111:1::4/64 13. Configure EIGRPv6 with an AS of 123 on the LAN 2001:DB8:BBBB:1::/64. Configure the following IPv6 addresses on the connection between R4 and R5: Table 28. create an IPv6 static default route pointing to Null0 and make sure that R2 will be the default router for all packets with an unknown IPv6 addresses in the EIGRP domain AS 123. there should be no specific entries for the loopbacks of R1. Use a key chain called “iPexpertchain”. Configure the following IPv6 addresses on the connection between R3 and R5: Table 28. Configure EIGRPv6 authentication between R1 and R8. Router R1 should not advertise any specific networks to R8.6 Link Local Unicast Global Unicast R3 interface S4/0 FE80::1 2001:DB8:2222:1::3/64 R5 interface S4/0 FE80::2 2001:DB8:2222:1::5/64 14. Use the “ipv6 summary-address eigrp” on R1 to resolve this task. R2. In the routing table of R6 and R9. 11. 8.2F .7 Link Local Unicast Global Unicast R4 interface E0/0 FE80::1 2001:DB8:FFFF:1::4/64 R5 interface E0/0 FE80::2 2001:DB8:FFFF:1::5/64 168 | P a g e Version 5. 10. a key number of 2. Configure the following IPv6 addresses on the connection between R3 and R4: Table 28.

the routing entry towards the loopback of R5 should contain 2 next- hops. one next-hop being R4 and the other being R5 directly. All Rights Reserved. Volume 1 15.8 Global Unicast R4 interface lo0 2001:DB8:A:A::4/128 R5 interface lo0 2001:DB8:A:A::5/128 17. between R3 and R5. Make sure that there is IPv6 connectivity between the loopbacks of R2 and R4. Volume 1. Configure the following loopback IPv6 addresses: Table 28. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. 169|P a g e Version 5. Use the variance command. and between R4 and R5. Configure EIGRPv6 with an AS of 345 on the connections between R3 and R4. In the routing table of R3. 18. For instructor and developer support. Helpful Verification Commands  Show ipv6 eigrp interface  Show ipv6 eigrp neighbor  Show ipv6 route eigrp  Show eigrp protocols Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. 16.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F . please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. The cost of the direct path should not be made equal to the cost of the indirect path (via R3). This concludes Lab 28 of iPexpert's CCIE Routing & Switching Workbook. Section 2 Copyright© iPexpert.

You have to know how to deploy the protocol and configure its features.2F . Volume 1 Lab 29: Configure and Troubleshoot IP Version 6 (Part 3) Technologies Covered  OSPFv3  OSPFv3 traffic engineering  OSFPv3 virtual link  OSPFv3 summarization  IPv6 NAT-PT  Protocol redistribution Overview You have been tasked to configure IPv6 routing in your network using OSPFv3. IPv6 NAT-PT is also part of this lab. like Summarization and Virtual Links. Estimated Time to Complete: 4 hours 170 | P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. same as protocol redistribution.

You may also refer to the diagram located within your configuration files for topology information.html iPexpert’s Recommended Video Training  No associated videos Topology Details Logically connect and configure your network as displayed in the drawing below.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-mt/iro-15-mt- book/ip6-route-ospfv3. The topology used in the lab will be the following: 171|P a g e Version 5.2F . Volume 1 iPexpert’s Recommended Reading Material  IPv6 Routing OSPFv3: http://www.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.cisco.

and complete the configuration tasks as detailed below. Do not implement encryption.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 Diagram 29. Connect to the terminal server for the online rack. Configure the DMVPN phase 3 tunnel infrastructure for IPv6.2F .1: IPv6 Version 6 Topology Lab 29 Setup  This lab is intended to be used with online rack access. R2. and R3 are in a hub and spoke topology where R1 is the hub and R2 and R3 are the spokes. NOTE Load the initial configuration files before starting to work on the tasks. Configuration Tasks 1. R1. Use the following addresses: 172 | P a g e Version 5.

1/24 R2 E0/0 10.1.2.5/32 Table 29.2. DR election should not be taking place.2 R1 E0/1 10. and R3.2/24 R3 E0/0 10.123.3/32 R4 lo10 4.123. 3.123. Volume 1 Table 29. R2.5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. R2. Enable OSPFv3 process 99 in area 0 on the DMVPN network between R1.4/32 R5 lo10 5. 6.2F .1. and R3.4 Global Unicast R1 interface lo0 2001:DB8:A:A::1/128 R2 interface lo0 2001:DB8:A:A::2/128 R3 interface lo0 2001:DB8:A:A::3/128 4. Configure an IPv6 NHRP authentication of “iPexpert” and a NHRP network-id of 123.3. Make sure that there is IPv6 connectivity between the loopbacks of R1. Configure the following IPv6 addresses on the connection between R3 and R2: 173|P a g e Version 5. On R1.1. Configure the following loopback IPv6 addresses: Table 29.1.3.1. and R3 use the loopback10 IPv4 address as the OSPF router-ID.4. 5. R2.3/24 R1 lo10 1.3 Link Local Unicast Global Unicast R1 interface Tunnel23 FE80::1 2001:DB8:AAAA:1::1/64 R2 interface Tunnel23 FE80::2 2001:DB8:AAAA:1::2/64 R3 interface Tunnel23 FE80::3 2001:DB8:AAAA:1::3/64 2.5.1/32 R2 lo10 2.4.2/32 R3 lo10 3.

7 Link Local Unicast Global Unicast R5 interface E0/1 FE80::1 2001:DB8:FFFF:1::5/64 R4 interface E0/0 FE80::2 2001:DB8:FFFF:1::4/64 11. You have to configure R1 to achieve this task. Volume 1 Table 29.8 Global Unicast R5 interface lo0 2001:DB8:A:A::5/128 R4 interface lo0 2001:DB8:A:A::4/128 12. Configure the following loopback IPv6 addresses: Table 29.2F . 9. R1 should always route via R2 to reach network 2001:DB8:CCCC:1::/64. 174 | P a g e Version 5. Configure the following IPv6 addresses on the connection between R5 and R4: Table 29. Only in case of a failure of the connectivity between R1 and R2. Enable OSPFv3 process 99 in area 55 on the network 2001:DB8:2222:1::/64 and loopback0 of R5. Configure the following IPv6 addresses on the connection between R3 and R5: Table 29. Enable OSPFv3 process 99 in area 0 on the network 2001:DB8:CCCC:1::/64. 8. should the path via R3 be chosen.6 Link Local Unicast Global Unicast R3 interface S4/0 FE80::1 2001:DB8:2222:1::3/64 R5 interface S4/0 FE80::2 2001:DB8:2222:1::5/64 10.5 Link Local Unicast Global Unicast R2 interface E0/1 FE80::1 2001:DB8:CCCC:1::2/64 R3 interface E0/1 FE80::2 2001:DB8:CCCC:1::3/64 7.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

Make sure that there is IPv6 connectivity between the loopbacks of R1. Configure the following IPv6 addressees: Table 29. R2.11 Link Local Unicast Global Unicast R8 interface E0/0 FE80::1 2001:DB8:4444:1::8/64 R8 interface S3/0 FE80::1 2001:DB8:5555:1::8/64 R7 interface S3/0 FE80::2 2001:DB8:5555:1::7/64 R7 interface E0/1 FE80::1 2001:DB8:7777:1::7/64 R4 interface E0/1 FE80::2 2001:DB8:4444:1::4/64 20.2F . Volume 1 13. and loopback11. and R5. and on R1 advertise a single summary network encompassing all the 4 loopbacks.10 Global Unicast R8 interface lo8 2001:DB8:F:F:8000::8 /80 R8 interface lo9 2001:DB8:F:F:9000::8/80 R8 interface lo10 2001:DB8:F:F:A000::8/80 R8 interface lo11 2001:DB8:F:F:B000::8/80 18. Enable OSPFv3 process 99 in area 44 on the network 2001:DB8:FFFF:1::/64 and loopback0 of R4. 14. configure the following loopback IPv6 addresses: Table 29. 17. loopback9. On R4 and on R8. Configure the following IPv6 addresses on the connection between R1 and R8: Table 29. R3. On R8. R4. 19. Enable OSPFv3 area 88 on the connection between R1 and R8. configure RIPng with an ID of 48 on the connection between R4 and R8. enable OSPFv3 on loopback8. loopback10. 15.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. On R8.9 Link Local Unicast Global Unicast R1 interface E0/0 FE80::1 2001:DB8:BBBB:1::1/64 R8 interface E0/1 FE80::2 2001:DB8:BBBB:1::8/64 16. 175|P a g e Version 5.

EIGRPv6 in AS 78 should be also running on the interface E0/1 of R7.6/24 25.56.56. Make sure that you can ping IPv6 2001:DB8:6666:1::6 from all the loopbacks 0 in the routing domain. In particular.1.56. On R8 and on R7. Ensure IPv6 connectivity between the RIPng routing domain. The IPv4 protocol is running on the LAN between R5 and R6.12 R5 E0/0 10. the OSPFv3 routing domain. 22.5/24 R6 E0/0 10.1. you should be able to ping the IP address 2001:DB8:4444:1::8/64 from router R3. you should be able to IPv6 ping the lo0 of R2 from router R7. configure EIGRPv6 in AS 78 on the connection between R8 and R7. Volume 1 21.2F . 24. and the EIGRPv6 routing domain.6 by using the IPv6 address 2001:DB8:6666:1::6. Helpful Verification Commands  Show ipv6 ospf neighbor  Show ipv6 ospf interface  Show ipv6 ospf database  Show ipv6 ospf routes 176 | P a g e Version 5. 26. Configure the following IP addresses: Table 29.1. You are allowed to configure a static route on R3.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. and you should be able to ping the IP address 2001:DB8:4444:1::8/64 from router R7. 23. R3 should be able to ping 10. The rest of the configuration should be performed on R5.

Volume 1. Section 2 Copyright© iPexpert. Volume 1 Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. This concludes Lab 29 of iPexpert's CCIE Routing & Switching Workbook.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. All Rights Reserved. You may also verify your configurations and obtain a detailed overview of why specifi c commands were used within the accompanying Detailed Solution Guide.2F . For instructor and developer support. 177|P a g e Version 5.

Volume 1 Section 3: VPN Technologies 178 | P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F .

Volume 1 Lab 30: Configure and Troubleshoot Multiprotocol Label Switching (Part 1) Technologies Covered  IPv4 VPN address-family  LSP  LDP  L3VPN  Customer Edge  Provider Edge  Provider  Export map Overview You have been tasked to configure a MPLS L3 VPN service on an existing MPLS backbone. The CEs are managed by the Service Provider and the loopbacks of the CEs should be leaked from the VRF of the customer into the management VRF of the Service provider. Estimated Time to Complete: 4 hours 179|P a g e Version 5.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

Volume 1 iPexpert’s Recommended Reading Material  Multiprotocol Label Switching Overview: http://www.  Video Title: MPLS Lecture  Video Title: MPLS L3VPN Lecture  Video Title: MPLS and LDP Basic Configurations  Video Title: MPLS Troubleshooting LDP-Based Network  Video Title: MPLS Building L3VPN Network Topology Details Logically connect and configure your network as displayed in the drawing below. The topology used in the lab will be the following: 180 | P a g e Version 5.com/c/en/us/td/docs/ios-xml/ios/mp_basic/configuration/15-mt/mp-basic-15- mt-book/mp-mpls-overview.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/15-mt/mp-l3- vpns-15-mt-book/mp-bgp-mpls-vpn.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/15-mt/mp-l3- vpns-15-mt-book/mp-cfg-layer3-vpn.html  Multiprotocol BGP MPLS VPN: http://www.2F . We recommend watching the following learning videos that cover the topics seen in this lab scenario.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.cisco.html  MPLS Virtual Private Networks: http://www. You may also refer to the diagram located within your configuration files for topology information.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.cisco.

R6. and complete the configuration tasks as detailed below. 2. Volume 1 Diagram 30. In order to optimize the building of the MPLS forwarding-table. R4. The network is pre-configured with OSPF and LDP and the PEs are the R5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F . Connect to the terminal server for the online rack. and R2 routers. Configure the following L3 MPLS VPN routing tables on the R5 and on the R6: 181|P a g e Version 5. Configuration Tasks 1. NOTE Load the initial configuration files before starting to work on the tasks. make sure that only LSPs for the loopback interfaces will be built.1: MPLS L3 VPN Topology Lab 30 Setup  This lab is intended to be used with online rack access.

8.20. Table 30.5. 182 | P a g e Version 5.10. 7.6.20. 5.6/32 Customer_A R6 Loopback20 10. The engineer was too quick and the merger between Customer_A and Customer_B is not going ahead. Redistribute the loopbacks created in the Task 3 in their respective VPNs and check that you can ping from loopback to loopback within the same VPN. Customer_A and Customer_B companies are merging.6. Configure the BGP routing sessions that will permit to exchange the VPNv4 information between the PEs.5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.10. 9.2F . Make sure that the loopbacks redistributed at PE router R5 have a known origin.3 R5 Loopback10 10. Configure the following loopbacks for the VPN Customer_A and Customer_B. 6. Volume 1 Table 30.2 AS VPN name rd rt export rt import 1 Customer_A 1 10 10 1 Customer_B 2 20 20 3. Use static routes.5/32 Customer_A R5 Loopback20 10.5/32 Customer_B R6 Loopback10 10. Configure R1 and R9 to be part of VRF Customer_A and R3 to be part of VRF Customer_B.6/32 Customer_B 4. Use BGP AS 1.

1. The service provider is offering a service where the CEs are managed.3/32 10. Create the management VRF on the router R2.1.2F . Table 30. The management CE of the Service provider is the router called BB2.1001 183|P a g e Version 5.3. Route loopback0 interfaces of the CEs statically and make sure that those loopbacks are routed in their respective VRF.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.1/32 R9 loopback0 10.9.1.5 R1 loopback0 10.9/32 R3 loopback0 10.1. Volume 1 Diagram 30. 11.6 AS VPN name rd rt export rt import 1 SP_Management 100 1000 1000.4: VRF Customer_A and VRF Customer _B Topology Configure the following loopbacks: Table 30. Verify that R1 loopback0 can ping R9 loopback0. Customer_A has chosen a managed service for its CEs.

Diagram 30. and make sure that the management network can only see the loopback of R1 and R9.128/25. 13.1.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. we create a full-mesh peering topology between R2. Configure the multi-protocol BGP environment to enable the exchange of the RT information. Helpful Verification Commands  Show mpls interfaces  Show mpls ldp neighbor  Show mpls ldp parameters  Show mpls ldp discovery  Show ip route vrf  Show ip bgp vpnv4 184 | P a g e Version 5. Use an export map called CE_Loopback_Export on R5 and on R6.7: Full-Mesh Peering Topology 14.129/25 and route it statically into the SP_Management VPN. R5. As we are using iBGP. Create on BB2 a loopback 100 with the following IP address: 192. Volume 1 12. The management network is using the network 192.1. and R6.2F . The R1 CE and the R9 CE from Customer A has to be reachable from the service provider management network.168.168.

2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1. For instructor and developer support. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. 185|P a g e Version 5. This concludes Lab 30 of iPexpert's CCIE Routing & Switching Workbook. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. Volume 1 Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. Section 3 Copyright© iPexpert. All Rights Reserved.

Estimated Time to Complete: 4 hours 186 | P a g e Version 5. OSPF Sham Link and EIGRP SoO is also part of this lab.2F . Volume 1 Lab 31: Configure and Troubleshoot Multiprotocol Label Switching (Part 2) Technologies Covered  PE-CE static routing  PE-CE RIP routing  PE-CE OSPF routing  OSPF Domain-ID  OSPF sham-link  PE-CE EIGRP routing  EIGRP SoO Overview You have been tasked to configure a MPLS L3 VPN service on an existing MPLS backbone.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. You will have to configure the routing between the CEs and the PEs for two customer L3 VPNs.

You may also refer to the diagram located within your configuration files for topology information.html  MPLS Virtual Private Networks: http://www.cisco.html  MPLS VPN Support for EIGRP Between PE and CE: http://www. We recommend watching the following learning videos which cover the topics seen in this lab scenario.2F .html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/15-mt/mp-l3- vpns-15-mt-book/mp-cfg-layer3-vpn. Volume 1 iPexpert’s Recommended Reading Material  MPLS VPN OSPF PE and CE Support: http://www.  Video Title: MPLS Introduction  Video Title: MPLS Troubleshooting L3VPN Examples  Video Title: MPLS OSPF as PE CE Routing Protocol  Video Title: MPLS Topology Details Logically connect and configure your network as displayed in the drawing below.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/15-mt/mp-l3- vpns-15-mt-book/mp-vpn-support-eigrp-betw-pe-ce.cisco.cisco. The topology used in the lab will be the following: 187|P a g e Version 5.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/15-mt/mp-l3- vpns-15-mt-book/mp-vpn-ospf-pe-ce-support.

and complete the configuration tasks as detailed below. Configuration Tasks 1. Volume 1 Diagram 31. The MPLS cloud is using BGP AS 1. 188 | P a g e Version 5. R4. and R2 as PE routers. Connect to the terminal server for the online rack. 2. Configure R5. Establish MP-BGP sessions between the PEs. R6. NOTE Load the initial configuration files before starting to work on the tasks.1: MPLS L3 VPN Topology Lab 31 Setup  This lab is intended to be used with online rack access.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Create the following L3 VPNs on all PEs. Use R4 as a route- reflector for all the PEs. Use the loopbacks 0 for the source of the peerings.2F .

R9 is a CE in VRF Customer_B. 9. Ensure that you have IP reachability between lo0 of R7. R1 is a CE in VRF Customer_A. Make sure that you have full reachability between Lo15. 6.4/32 Customer_A R4 Loopback24 10.20.5. R7 is a CE connected to PE R6 in VRF Customer_A. and Lo24 in VPN Customer_B. Lo26.2F .20.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.5/32 Customer_B R6 Loopback16 10. 7.6.10.4. Lo22. 5. Volume 1 Table 31.2/32 Customer_B R4 Loopback14 10.6. Make sure that you have full reachability between Lo25.2 AS VPN name rd rt export rt import 1 Customer_A 10 10 10 1 Customer_B 20 20 20 3.2. The loopback of the router R9 should be routed using RIP version 2 within the VPN Customer_B. Lo12. The loopback of the router R8 should be routed using OSPF process ID 8 in area 0 within the VPN Customer_A. and Lo14 in VPN Customer_A.3 R5 Loopback15 10.5.10. Do not redistribute BGP into RIP. The loopback of the router R7 should be routed using OSPF process ID 7 in area 0 within the VPN Customer_A. and R1.6/32 Customer_B R2 Loopback12 10. 8. Lo16.10. Make sure that the loopbacks are routed in the VPN MPLS cloud using network statements. R8 is a CE connected to PE R2 in VRF Customer_A. Table 31.5/32 Customer_A R5 Loopback25 10.20.20.4. Configure the following loopbacks for the VPN Customer_A and Customer_B.6/32 Customer_A R6 Loopback26 10.10.2. The loopback of the router R1 should be routed statically within the VPN Customer_A. 189|P a g e Version 5.2/32 Customer_A R2 Loopback22 10. R8.4/32 Customer_B 4. Ensure that you have IP reachability between lo0 of R1 and lo0 of R7.

R3 is a CE connected to PE R2 in VRF Customer_B. Use metric 1 1 1 1 1 when redistributing BGP into EIGRP on the PE. 11. 15. Use metric 1 1 1 1 1 when redistributing BGP into EIGRP on the PE. By using the extended community 1:11 and 1:12.6.2.6/32 on R6. Ensure that you have IP reachability between lo0 of R9 and lo0 of R3. Helpful Verification Commands  Show mpls interfaces  Show mpls ldp neighbor  Show mpls ldp parameters  Show mpls ldp discovery  Show ip route vrf  Show ip bgp vpnv4 vrf  Show ip bgp vpnv4 vrf VRF_name network_address  Show ip ospf sham-links 190 | P a g e Version 5. ensure that it is not allowed that an EIGRP route that has been distributed into BGP on R2 can be learnt via R6 when BGP is redistributed into EIGRP on R6. Routing between R3 and R6 is using EIGRP ID 1 with AS 200.2/32 on R2. and vice-versa. Make sure that the path over the MPLS backbone is the preferred path for traffic going from R7 to R8.6. Configure the connection between R7 and R8 in OSPF area 0 with an IP ospf cost of 4000.1.0/24 should be present in the OSPF database as a LSA type 3. the network 10. Volume 1 10. R3 is a CE connected to PE R6 in VRF Customer_B.7. Use the loopback66 with IP address 6. Use the loopback22 with IP address 2. use a domainID of 78. The loopback of the router R3 should be routed using EIGRP ID 1 with AS 200 within the VPN Customer_B. 13.2F .2. 12. On R8. If necessary.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. 14.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. Section 3 Copyright© iPexpert.2F . Volume 1 Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. Volume 1. For instructor and developer support. This concludes Lab 31 of iPexpert's CCIE Routing & Switching Workbook. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. 191|P a g e Version 5. All Rights Reserved.

The knowledge of ISAKMP/IPSec is required to successfully finish this scenario.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F . Static VTIs are also covered. Volume 1 Lab 32: Configure and Troubleshoot IPsec Virtual Private Networks (Part 1) Technologies Covered  GRE tunnels  IPsec tunnels  GRE over IPsec  IPsec VTIs Overview You have been tasked to configure GRE tunnels and IPsec encryption on different connections of your network. Estimated Time to Complete: 4 hours 192 | P a g e Version 5.

html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.com/en/US/docs/ios-xml/ios/sec_conn_ikevpn/configuration/15-2mt/sec-key- exch-ipsec.html  LAN-to-LAN IPsec Tunnel between Two Routers: http://www.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 iPexpert’s Recommended Reading Material  How to Configure a GRE Tunnel: https://supportforums.  Video Title: GRE Tunnels  Video Title: Tunneling and GRE  Video Title: IPSec VPN Configuration  Video Title: Troubleshooting L2L VPNs Topology Details Logically connect and configure your network as displayed in the drawing below.2F .com/c/en/us/support/docs/routers/1700-series-modular-access- routers/71462-rtr-l2l-ipsec-split.com/document/13576/how-configure-gre-tunnel  Cisco Tunnel Configuration Examples and TechNotes: http://www.cisco.cisco.html  Configuring IKE for IPSec VPNs: http://www.cisco.com/c/en/us/tech/ip/ip-tunneling/tech-configuration-examples-list. You may also refer to the diagram located within your configuration files for topology information. We recommend watching the following learning videos that cover the topics seen in this lab scenario. The topology used in the lab will be the following: 193|P a g e Version 5.cisco.

NOTE Load the initial configuration files before starting to work on the tasks. Volume 1 Diagram 32. Connect to the terminal server for the online rack. 194 | P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F .1: IPsec Virtual Private Network Topology Lab 32 Setup  This lab is intended to be used with online rack access. and complete the configuration tasks as detailed below.

Use an encryption of AES. 9. Configure IPsec encryption on the ethernet connection between R5 and R8. 12.2F . Between R4 and R3.168. 3. 4. Use a GRE over IPsec tunneling. You are not allowed to clear the DF-bit or to intervene in the TCP negotiation. 2. Volume 1 Configuration Tasks 1. 195|P a g e Version 5. Configure a GRE tunnel on the serial connection between R2 and R9. Make sure that the IP connectivity between the loopback0 of R2 and the loopback0 of R9 is still up and running. Use a hash of MD5 and pre-shared key of “iPexpert” during the phase 1 negotiation. You are not allowed to use a dynamic routing protocol or a default route.58.8/24. You are not allowed to configure anything on the R6 router.9/24 on R9. Configure the tunnel to restore connectivity between the server and the client. IP address on R5 is 192. You are not allowed to use a dynamic routing protocol or a default route. 5.58. Use the E0/1 of R2 and S3/0 of R9 as source/destination of the tunnel. The tunnel1 interface has an IP address of 192. 6. use esp-3des encryption and an esp-md5-hmac authentication during the phase 2 negotiation. use esp-3des encryption and an esp-sha-hmac authentication during the phase 2 negotiation. Between R5 and R8.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. 8. The web server is sending IP packets with a size of 1500 bytes and the DF-bit set.29. 11. You are not allowed to use a dynamic routing protocol or a default route. 10.168.168. Traffic going from loopback0 of R4 to loopback0 of R3 should be encrypted in both directions. Between R2 and R9.168. Traffic going from loopback0 of R2 to loopback0 of R9 should transit through this GRE tunnel. use esp-des encryption and an esp-md5-hmac authentication during the phase 2 negotiation. Use a hash of MD5 and pre-shared key of “iPexpert” during the phase 1 negotiation. There is a Web server which is connected to a client and the traffic is running over Tunnel 1. The client cannot communicate with the server. Traffic going from loopback0 of R5 to loopback0 from R8 should be encrypted in both directions.5/24 and IP address on R8 is 192. 7.29. a DH group number 2 and pre-shared key of “iPexpert” during the phase 1 negotiation. Create a VTI on both ends.2/24 on R2 and an IP address of 192. Encrypt the GRE traffic tunnel between R2 and R9. Configure a LAN-to-LAN IPsec tunnel on the serial connection between R4 and R3.

All Rights Reserved. Section 3 Copyright© iPexpert. Volume 1. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. 196 | P a g e Version 5. For instructor and developer support.2F . please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. This concludes Lab 32 of iPexpert's CCIE Routing & Switching Workbook. Volume 1 Helpful Verification Commands  Show crypto  Show crypto isakmp sa  Show crypto ipsec sa  Show interface tunnel x  Show crypto session [det] Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

Estimated Time to Complete: 4 hours 197|P a g e Version 5. You will be tasked to deploy this technology in Phases I and II. IPSec will have to be deployed to protect the in-cloud communication.2F . Volume 1 Lab 33: Configure and Troubleshoot IPsec Virtual Private Networks (Part 2) Technologies Covered  DMVPN phase 1 EIGRP  DMVPN phase 1 OSPF  DMVPN phase 2 EIGRP  DMVPN phase 2 OSPF  DMVPN phase 1 with IPSec  DMVPN phase 2 with IPSec Overview The main focus of this lab is DMVPN.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. using EIGRP and OSPF to exchange private prefixes.

com/c/en/us/td/docs/ios-xml/ios/sec_conn_dmvpn/configuration/15-mt/sec- conn-dmvpn-15-mt-book/sec-conn-dmvpn-dmvpn. The topology used in the lab will be the following: 198 | P a g e Version 5. We recommend watching the following learning videos which cover the topics seen in this lab scenario.ww?SESSION_ID=78731&tclass=popup iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.html  DMVPN Design Guide: http://www.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. You may also refer to the diagram located within your configuration files for topology information.2F .com/c/en/us/td/docs/solutions/Enterprise/WAN_and_MAN/DMVPDG. Volume 1 iPexpert’s Recommended Reading Material  Dynamic Multipoint VPN: http://www.ciscolive.  Video Title: Phase 1 DMPVN  Video Title: Phase 1 DMVPN EIGRP  Video Title: Phase 1 DMVPN OSPF  Video Title: Phase 2 DMPVN  Video Title: Phase 2 DMVPN EIGRP  Video Title: Phase 2 DMVPN OSPF  Video Title: DMPVN Encryption Topology Details Logically connect and configure your network as displayed in the drawing below.com/online/connect/sessionDetail.cisco.DMVPN Concepts: https://www.html  Cisco Live .cisco.

199|P a g e Version 5. NOTE Load the initial configuration files before starting to work on the tasks.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. and complete the configuration tasks as detailed below.1: IPsec Virtual Private Network Topology Lab 33 Setup  This lab is intended to be used with online rack access. Volume 1 Diagram 33. Connect to the terminal server for the online rack.2F .

2.0. The Hub has to act as a NHS.0. Configure the following loopbacks: Table 33.2/32 R3 Loopback11 10. 2. The network-ID of the NHRP network is 11. Configure EIGRP AS 11 on the DMVPN tunnels. Configure DMVPN phase 1 between R1.11.0. and R6. and R3.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. R2. Use esp-des encryption and an esp-md5-hmac authentication during the phase 2 negotiation. Volume 1 Configuration Tasks 1. a DH group number 2 and a wild-card pre-shared key of “iPexpert” during the phase 1 negotiation. The network-ID of the NHRP network is 22.6/32 5.11. The tunnels number 11 is sourced from the loopback0. 8. OSPF should enable the IP connectivity between the loopback0 of R1. Use a tunnel key of 22.2F .11.2 R2 11.3 R2 Loopback11 10. R3.6. R3.2/24 Spoke R3 11. and R6. A new registration request should be sent every 10 seconds. configure the spokes as EIGRP stub and advertise the loopback 11 of each router with a network statement.0.3/24 Spoke R6 11.6/24 Hub 3. Configure DMVPN phase 1 between R2. A registration request sent by the spokes to the NHS should be kept for 60 seconds if no new update for this entry is received. Configure EIGRP AS 1 on the network between R2. Don’t use dynamic mapping. and R6. and R3. Configure OSPF process 2 area 0 on the network between R1.0. Make sure that there is IP reachability between the loopback11 of R2. 7.3/32 R6 Loopback11 10. R2. 6. Secure the traffic with IPSec on the DMVPN tunnels. R2. Use the following IP addresses: 200 | P a g e Version 5. and R3. 4. The tunnels number 22 is sourced from the loopback0. Use a hash of MD5.0. R3. Use a tunnel key of 11. R3. EIGRP should enable the IP connectivity between the loopback0 of R2. Use the following IP addresses: Table 33.3. and R6.

1/32 R2 Loopback22 10.0. R4.22.4/24 Hub R5 33. Do not use dynamic mapping. Configure OSPF process 22 area 0 on the DMVPN tunnels and advertise the loopback 22 of each router with a network statement.0.22.2. Use esp-aes encryption and an esp- sha-hmac authentication during the phase 2 negotiation. and R5. setup EIGRP routing in named configuration mode using AS3 and the name of iPexpert. 10.5/24 Spoke 15. R4.0. The tunnels numbers 33 are sourced from the loopback0.4 R1 22. Configure the following loopbacks: Table 33. R4.0. Authenticate the NHRP network with an ID of 22 with the key “iPexpert”.1.5 R1 Loopback22 10. and R6.22. The network-ID of the NHRP network is 33.0.0.1/24 Spoke R4 33. Volume 1 Table 33.0.0. and R5.2/32 R3 Loopback22 10.3/32 11.0. Use an encryption of AES and a wild-card pre-shared key of “iPexpert” during the phase 1 negotiation.0.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2/24 Spoke R3 22. 13. On the LAN between R1. Make sure that there is IP reachability between the loopback22 of R2. 14.1/24 Hub R2 22. Configure the following loopbacks: 201|P a g e Version 5.6 R1 33. Configure DMVPN phase 2 between R1.2F . 12. and R5. Secure the traffic with IPSec on the DMVPN tunnels. Use the following IP addresses: Table 33. Use a tunnel key of 33.0.3/24 Spoke 9.3. There should not be any DR elected – use Point-to-Multipoint network on the Spokes and Point-to-Multipoint Non-Broadcast on the Hub. EIGRP should enable the IP connectivity between the loopback0 of R1. R3.0.

19.8/24 Hub 20.5. OSPF should enable the IP connectivity between the loopback0 of R5. Multicast should be enabled on the DMVPN tunnels.44.2F . setup OSPF process 4 area 0.7/32 R8 Loopback44 10. and R8.33.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. R7. The network-ID of the NHRP network is 44. R7. Secure the traffic with IPSec on the DMVPN tunnels.5.0. Use esp-des encryption and an esp- md5-hmac authentication during the phase 2 negotiation.44. Use an encryption of 3-DES and a wild-card pre-shared key of “iPexpert” during the phase 1 negotiation. Configure DMVPN phase 2 between R5. 18.5/24 Spoke R7 44. Use the following IP addresses: Table 33. Make sure that a ping from the loopback 33 of R1 to the loopback 33 of R5 is always going through the hub. The election of a DR should take place in this network.5/32 16.8.0.0. Configure the following loopbacks: Table 33. 202 | P a g e Version 5. 17. Configure OSPF process 44 area 0 on the DMVPN tunnels and advertise the loopback 44 of each router with a network statement.33.4/32 R5 Loopback33 10.1/32 R4 Loopback33 10. Make sure that a ping from the loopback 44 of R7 to the loopback 44 of R5 is going directly from R7 to R5.0. The DR should always be on the hub router.5/32 R7 Loopback44 10.0.9 R5 Loopback44 10. and R8.8 R5 44. Do not use OSPF type broadcast.7. Configure EIGRP process 33 on the DMVPN tunnels and advertise the loopback 33 of each router with a network statement.7 R1 Loopback33 10.44.4. The tunnels numbers 44 are sourced from the loopback0. Use a tunnel key of 44.7/24 Spoke R8 44.1. On the LAN between R5. and R8.8/32 21. No NHRP configuration should be done on the hub.33. R7. Volume 1 Table 33.0.

You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. Secure the traffic with IPSec on the DMVPN tunnels. Helpful Verification Commands  Show dmvpn  Show ip nhrp  Show crypto isakmp sa  Show crypto ipsec sa  Show dmvpn  Show crypto isakmp policy  Show crypto ipsec profile  Show crypto session [det] Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. a DH group number 1 and a wild-card pre-shared key of “iPexpert” during the phase 1 negotiation. Use esp- aes encryption and an esp-sha-hmac authentication during the phase 2 negotiation.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Section 3 Copyright© iPexpert. For instructor and developer support. Volume 1. This concludes Lab 33 of iPexpert's CCIE Routing & Switching Workbook. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. Use an encryption of AES. 203|P a g e Version 5.2F . Volume 1 22. All Rights Reserved.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F . Volume 1 Section 4: Infrastructure Security 204 | P a g e Version 5.

Object Groups. Access Lists.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F . such as basic AAA. PBR and uRPF. Volume 1 Lab 34: Security (Part I) Technologies Covered  AAA  CLI Views  Standard Access Lists  Extended Access Lists  Reflexive Access Lists  Dynamic Access Lists  Object Groups  PBR  uRPF Overview Multiple Security features are covered in this lab. CLI Views. Estimated Time to Complete: 5 hours 205|P a g e Version 5.

cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/15-mt/sec-usr- aaa-15-mt-book/sec-cfg-authorizatn.cisco.html  Accounting: http://www.html  Authentication: http://www.cisco.html  CLI Views: http://www.2F .html  Authorization: http://www.com/c/en/us/td/docs/ios-xml/ios/sec_usr_ssh/configuration/15-mt/sec-usr- ssh-15-mt-book/sec-usr-ssh-sec-shell.com/c/en/us/td/docs/ios-xml/ios/sec_usr_cfg/configuration/15-mt/sec-usr-cfg- 15-mt-book/sec-cfg-sec-4cli.html  Unicast Reverse Path Forwading: http://www.cisco.html 206 | P a g e Version 5.html  Access-Lists: http://www.cisco.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_rad/configuration/15-mt/sec-usr- rad-15-mt-book/sec-cfg-radius.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/15-mt/sec-usr- aaa-15-mt-book/sec-cfg-authentifcn.html  Configuring RADIUS: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_cfg/configuration/15-mt/sec-usr-cfg- 15-mt-book/sec-role-base-cli.com/c/en/us/td/docs/ios-xml/ios/sec_data_urpf/configuration/15-mt/sec- data-urpf-15-mt-book.com/c/en/us/td/docs/ios-xml/ios/sec_data_acl/configuration/15-mt/sec-data- acl-15-mt-book. Volume 1 iPexpert’s Recommended Reading Material  Passwords.html  Secure Shell Configuration Guide: http://www.cisco. Privileges and Logins: http://www.com/c/en/us/td/docs/ios-xml/ios/sec_usr_aaa/configuration/15-mt/sec-usr- aaa-15-mt-book/sec-cfg-accountg.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

NOTE Static/default routes are NOT allowed unless otherwise stated in the task. Logically connect and configure your network as displayed in the drawing below. You can use “cisco” for any password if other password was not explicitly mentioned in the question. making it much easier when you step into the real lab. Volume 1 iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam. You will need to pre-configure the network with the base configuration files. You may also refer to the diagram located within your configuration files for topology information. Part 2 Topology Details It is recommended to create your own diagram at the beginning of each lab so any potential information you find useful during your preparations can be reflected on this drawing.  Video Title: AAA  Video Title: Device Access Control  Video Title: Security Lecture.2F . 207|P a g e Version 5. We recommend watching the following learning videos that cover the topics seen in this lab scenario.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Multiple topology drawings are available for this chapter.

2F . Volume 1 Diagram 34.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. and complete the configuration tasks as detailed below. Connect to the terminal server for the online rack. 208 | P a g e Version 5.1: Security Topology Lab 34 Setup  This lab is intended to be used with online rack access. NOTE Load the initial configuration files before starting to work on the tasks.

9.0.9/24 R9 101 Loop0 2010:10:11::9/64 9.0.2F .117.1.8/24 E0/0.8.9.8/24 8::8/64 Cat1 SVI70 70 10.70.1/24 E0/0 2172:41:41::1/64 R1 41 Loop0 1.41.2/24 2::2/64 172. Volume 1 Table 34.70.2.70.3/24 E0/1 2010:0:115::3/64 R3 115 Loop0 3.9/24 9::9/64 10.11.10.8/24 2010:10:11::8/64 E0/1 10.10.140/24 209|P a g e Version 5.9/24 E0/1 2172:41:41::9/64 41 E0/0 10.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.41.2/24 2010:70:70::2/64 E0/0 70 10.2 Device Port VLAN IP Address 172.115 101 2010:0:115::8/64 R8 E0/0.0.117 115 10.117.0.3.115.2.115.3.8/24 Loop0 117 2010:0:117::8/64 8.70.1/24 1::1/64 10.41.2/24 R2 E0/1 117 2010:0:117::2/64 Loop0 2.1.3/24 3::3/64 10.8.41.11.

 Create two local user accounts – “admin” and “secops”.  Enable accounting for network traffic – records should be kept for when a session initiates and when it terminates. AAA EXEC Authorization  Remove local authentication on R3.  Make sure that enable password is MD5-encrypted. AAA  Configure R1 for AAA. Enable AAA. Volume 1 Configuration Tasks 1.  When someone authenticates as “secops” he/she should be placed at level 8. after successful authentication.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. 210 | P a g e Version 5.10. Local Authentication & Authorization  Enable SSH on R3.  Users who telnet to this device should be authenticated by the default method list using a line password (“iPexpert”).  When “admin” connects to R3 remotely via SSH it should be automatically placed at level 15 after successful authentication.90). 2. Use domain-name “ipexpert.11.  Network access should be authorized – if RADIUS is down authorization should succeed for authenticated users.  Protect RADIUS communication using key “iPexpert”.  Anyone who knows enable password (“cisco”) should be able to access Privilege Level.  Don’t use AAA to accomplish this task. RADIUS traffic should be sent using new port numbers. respectively.2F . Console line should not be affected.  Users “admin” and “secops” should be still assigned to privilege levels 15 and 8. 3.com”.  PPP authentication requests should be authenticated using RADIUS server (10.

2F . o Issue “ping” and “telnet”. o Configure any dynamic routing protocol.  Create a local user account “netops” who should be able to do the following: o Access all show commands except for any show crypto command.  When “secops” issues the enable command he should be automatically given Privilege Level access without prompting for password.  Create a local user account “secops” who should be able to do the following: o Access all show crypto commands.  Use “iPexpert” as a password for all views. 211|P a g e Version 5. This person should be always able to do what “netops” and “secops” can do. Volume 1  User “secops” should be able to access the following commands: o show running-config o configure terminal o ip routing o ip route  User “admin” should have access to all commands.  Create another user account . 4.  Create a local user account “administrator” who should be given access to all commands.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.“ops”. AAA with CLI Views  Configure R2 for CLI Views using AAA.  Don’t use any default method lists in this task. o Configure any crypto command in the global config mode.

o UDP-based traceroute (IOS) to any destination – use a single ACL line. o R1 acts as a Telnet. Volume 1 5. Web and SQLNET (TCP 1521) server – permit this traffic only to its loopback0 in a single ACL line.  Implement this using a Standard ACL with a single “deny” entry.  You are allowed to change a single IP address on R8. o All TCP segments destined to R1’s Loopback 44 but only with SYN and ACK bits set and FIN bit being not set. and R8 should be able to ping all interfaces of R1 (regardless of the TTL in the packets).  All routers should be able to reach R3 only from interfaces configured with odd IPv4 addresses. R1 should be able to ping all routers except R3 as well.2F . Allow the following traffic: o OSPFv2 – be very specific here.111.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.111.111. Traffic Filtering – Standard ACLs  R8 is configured with the following loopback networks: o 111.4/32 o 111.6/32  R1 should be configured to drop & log packets sourced from those addresses using a Standard ACL.  Configure an IPv6 ACL on R9’s E0/0 inbound in the following way: o Allow Telnet to R1’s Loopback 0. R9.  Traffic sourced from other IPv4 addresses should be dropped.2/32 o 111. This ACL should have as few entries as possible with a minimum overlap.111.111. o All IP packets with any source and destination with a TTL 0-253 and 255 (in a single ACL line). Traffic Filtering – Extended ACLs  Configure an IPv4 ACL on R9’s E0/0 inbound. 6. o Routers R2.111. 212 | P a g e Version 5.

Include source MAC address in the logs. 2014 has been declared a no-work day. o Deny all IPv6 packets with Routing Extension Header. and SSH. o Make sure OSPFv3 adjacencies are not affected.  Return traffic should be allowed dynamically.  Block all IPv4 and IPv6 fragments coming to E0/1 on R2 – don’t use an access-list to accomplish that.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. 9. same as all ICMPv6 packets. Ensure that no traffic is allowed to the above mentioned loopbacks for the entire day. Traffic Filtering – Reflexive Access-Lists  Users in VLAN 70 should be allowed through R2 to any destination when using WWW.2F .  Only allow OSPF. Dynamic entries should timeout after a minute. 8.  Deny and log all other IPv4 & IPv6 traffic. Make sure you see a log message for every packet dropped by this entry.  November 11.  All other traffic should not be affected.  Permit and log all IPv4 DNS traffic (TCP and UDP) to R8’s Loopback0 and 12. Traffic Filtering – IP Fragments  Modify an ACL from the previous task to block all IPv4 fragments regardless of the time/date. 213|P a g e Version 5.  Use Reflexive Access-Lists. Traffic Filtering – Time Ranges & Object-Groups  All web traffic destined to R8’s Loopback 12.14. Telnet. 7. This Includes encrypted traffic. ICMP. and Telnet inbound on E0/1. Volume 1 o Deny all IPv6 packets with missing or unknown L4 information. and 16 interfaces should be denied during business hours Mon-Fri 9am-5pm. Use a single ACL entry to configure this.

3 should be blackholed on R8.2.2F . Helpful Verification Commands  Show aaa authentication  Show cef interface  Show access-lists  Show privilege  Show parser view 214 | P a g e Version 5.  AAA should be already enabled on this device (from one of the previous tasks).3.2 over port 3023. Policy-Based Routing  Telnet traffic sourced from R2’s loopback0 destined to 3. Dynamic (Lock & Key) Access-Lists  You decided that traffic originating in VLAN 70 should be allowed through R2 only for authenticated users. Unicast Reverse Path Forwarding (URPF)  Enable Loose Mode uRPF on R8.  Packets received with unknown sources should be dropped. Volume 1 10.168.0/24 – they should be allowed and logged.  Users will be authenticating using Telnet to 2.3.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.  Sessions should not be idle for more than 2 minutes.  An exception to this policy is packets coming from 192.  Sessions longer than 30 minutes require re-authentication.1.  Don’t use a default route when uRPF decisions are made.  Use PBR to accomplish that. 12.2.  A valid local user account for this task is “intuser” with password “cisco”. 11.

Volume 1 Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. Volume 1. This concludes Lab 34 of iPexpert's CCIE Routing & Switching Workbook. All Rights Reserved. For instructor and developer support. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. 215|P a g e Version 5. Section 4 Copyright© iPexpert.2F .

2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. TCP Intercept. Logging. Volume 1 Lab 35: Security (Part 2) Technologies Covered  NBAR  NBAR2  TCP Intercept  Packet Logging  Port Security Overview In the second lab for Security. VLAN Filtering and Port Security. you will be tasked to configure NBAR. Estimated Time to Complete: 3 hours 216 | P a g e Version 5.

cisco.cisco.html  Port ACLs and VLAN ACLs: http://www.2F . html  Port Security: http://www.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.  Video Title: Switch Security Manipulations Topology Details It is recommended to create your own diagram at the beginning of each lab so any potential information you find useful during your preparations can be reflected on this drawing.html  Private VLANs and VACLs: http://www.html  Configuring TCP Intercept: http://www.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15- 0_2_se/configuration/guide/3750x_cg/swacl.com/c/en/us/td/docs/ios-xml/ios/qos_nbar/configuration/15-mt/qos-nbar-15- mt-book/nbar-mqc. You will need to pre-configure the network with the base configuration files. 217|P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 iPexpert’s Recommended Reading Material  Configuring NBAR: http://www.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfdenl.cisco. We recommend watching the following learning videos that cover the topics seen in this lab scenario.com/c/en/us/support/docs/switches/catalyst-6000-series-switches/10601- 90.cisco.cisco. making it much easier when you step into the real lab. Multiple topology drawings are available for this chapter.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release /15-0_2_se/configuration/guide/3750x_cg/swtrafc.

and the Physical Topology.  Verify basic L2/L3 connectivity. Use IP Addressing Table.2F . Diagram 35.  This lab is intended to be used with online rack access. and complete the configuration tasks as detailed below. NOTE Load the initial configuration files before starting to work on the tasks. Volume 1 NOTE Static/default routes are NOT allowed unless otherwise stated in the task.1: Security Topology Lab 35 Setup  Please login to your Security vRack and load the initial Configuration. Connect to the terminal server for the online rack. Lab Diagram. You can use “cisco” for any password if other password was not explicitly mentioned in the question. 218 | P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

1/24 E0/0 2172:41:41::1/64 R1 41 1.3. Volume 1 Table 35.9/24 2172:41:41::9/64 E0/0 101 10.117 10.0.41.2F .2/24 R2 E0/1 2010:0:117::2/64 117 2.115 10.10.8/24 2010:0:117::8/64 117 Loop0 8.9.3.2.41.9/24 9::9/64 E0/1 10.3/24 Loop0 3::3/64 10.117.3/24 E0/1 2010:0:115::3/64 R3 115 3.0.10.1.9.8.70.140/24 219|P a g e Version 5.41.41.115.9/24 R9 2010:10:11::9/64 Loop0 9.8.2/24 E0/0 2010:70:70::2/64 70 10.70.11.2/24 Loop0 2::2/64 E0/1 41 172.117.8/24 2010:0:115::8/64 R8 115 E0/0.8/24 8::8/64 Cat1 SVI70 70 10.2.70.2 Device Port VLAN IP Address 172.11.70.115.1.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.0.0.8/24 2010:10:8::8/64 101 E0/0.1/24 Loop0 1::1/64 10.

8.  Use a technology that examines IPv4 and IPv6 packets. NBAR Protocol Discovery  Enable NBAR Protocol Discovery on R9’s E0/0.8. 2.2F . 220 | P a g e Version 5.  Apply the policy outbound on E0/1. TCP Intercept  There are multiple servers in VLAN 70 hosting various TCP-based applications.  The string should be case insensitive.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.  Several DoS attacks took place recently targeted at those devices. NBAR Next-Gen (NBAR2)  Configure R8 to drop all terminal-related traffic except PCANYWHERE. Volume 1 Configuration Tasks 1.  The Slammer worm propagates over UDP port 1434 and its packets are exactly 404B long. o All encrypted traffic should be dropped. 3. NBAR  Using NBAR create and apply a policy outbound on R2’s E0/1 to drop the Slammer worm traffic.  Make sure statistics are obtained for IPv4 and IPv6 traffic.8 (R8).  Enable classification of IPv6 traffic that is carried over Teredo tunnels.  Also implement a policy for peer-to-peer traffic: o All clear-text packets should be rate-limited to 200kbps.  In the same policy all HTTP packets with string “attack” in the URL should be dropped but only when traffic is going to a WWW server 8. 4.

 Make sure router stops managing the sessions after 40 minutes of inactivity.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. R2 should start randomly dropping them. the sessions should be reset faster .  The reset segment should be sent if a session does not establish within 20 seconds.  Logs should be also sent to a buffer – allocate 16384B of memory for this purpose.3. TCP Intercept Passive Mode  There are some other TCP servers that were recently attacked with large amount of spoofed SYN requests (3.1 and they should be rate-limited to 200 per second except for Sev 1 messages. Volume 1  Configure R2 to intercept TCP connection requests to this segment. or when a total number of half-open sessions exceed 300.  If the total number of half-open connections reaches 400.  Use detailed time stamps for log and debugs including local time zone.2F .  If a number of connection attempts within the last minute exceed 100.0/24 segment). 6. 221|P a g e Version 5.after 10 seconds.3.  Log messages should be sent with source of 1. and the time of day. Packet Logging  Configure R1 to send all logged messages to a Syslog server located at 10.  If a FIN exchange or RST packet was seen for a session. 5.  This should cease if the number of half-open sessions falls below 200.  Use facility type local1.70.1.1. it should be dropped after 7 seconds.  R3 should be configured to send a reset to the server under attack but it should not participate in the handshake.70.100.

Helpful Verification Commands  Show ip nbar port-map  Show ip nbar protocol-discovery  Show port-security [interface]  Show vlan access-map Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. All Rights Reserved. Port Security  Enable Port Security on Cat2. For instructor and developer support. Section 4 Copyright© iPexpert.  On the same interface also allow frames coming from 0000. 222 | P a g e Version 5. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. but don’t configure address statically. Volume 1.  Anytime the switch reboots it should not affect the Port Security table. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. The switch should try to automatically recover from a violation every 50 seconds.2F .3333. Volume 1 7. This concludes Lab 35 of iPexpert's CCIE Routing & Switching Workbook.2222.  If a violation occurs frames should be dropped.  Make sure that port connected to R1 will accept frames with R1’s MAC.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. and a Syslog and SNMP traps should be generated.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Control Plane Policing and Control Plane Protection.2F . Volume 1 Lab 36: Security (Part 3) Technologies Covered  DHCP Snooping  Terminal Line Access  Control Plane Policing  Control Plane Protection Overview The main focus of this lab is Layer 2 and Control Plane Security. You will have to know how to configure features such as DHCP Snooping. Estimated Time to Complete: 4 hours 223|P a g e Version 5.

2F .com/c/en/us/td/docs/ios-xml/ios/qos_plcshp/configuration/15-mt/qos-plcshp- 15-mt-book/qos-plcshp-cpp.cisco. Volume 1 iPexpert’s Recommended Reading Material  DHCP Features and IP Source Guard: http://www.cisco.html  Control Plane Protection: http://www.html  Control Plane Logging: http://www.com/c/en/us/td/docs/ios-xml/ios/qos_plcshp/configuration/15-mt/qos-plcshp- 15-mt-book/qos-plcshp-ctrl-pln-plc.cisco.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.cisco.  Video Title: IOS DHCP Server Fundamentals  Video Title: Optimize the Network  Video Title: Control Plane Policing & Protection  Video Title: Device Access Control 224 | P a g e Version 5.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.com/c/en/us/td/docs/ios-xml/ios/qos_plcshp/configuration/15-mt/qos-plcshp- 15-mt-book/qos-plcshp-cpl.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15- 0_2_se/configuration/guide/3750x_cg/swdhcp82. We recommend watching the following learning videos that cover the topics seen in this lab scenario.html  Control Plane Policing: http://www.

You will need to pre-configure the network with the base configuration files.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. making it much easier when you step into the real lab.2F . NOTE Static/default routes are NOT allowed unless otherwise stated in the task. You can use “cisco” for any password if other password was not explicitly mentioned in the question Diagram 36. Volume 1 Topology Details It is recommended to create your own diagram at the beginning of each lab so any potential information you find useful during your preparations can be reflected on this drawing.1: Security Topology 225|P a g e Version 5. Multiple topology drawings are available for this chapter.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 Lab 36 Setup  Please login to your Security vRack and load the initial Configuration.2F .  This lab is intended to be used with online rack access. NOTE Load the initial configuration files before starting to work on the tasks. 226 | P a g e Version 5. Connect to the terminal server for the online rack. Use IP Addressing Table. Lab Diagram.  Verify basic L2/L3 connectivity. and the Physical Topology. and complete the configuration tasks as detailed below.

2 Device Port VLAN IP Address 10.0.8/24 2010:10:11::8/64 101 E0/0.8/24 8::8/64 Cat1 SVI70 70 10.8.10. Volume 1 Table 36.0.10.117 10.70.1.2F .115.115.10.3.117.9/24 9::9/64 E0/1 10.0.11.0.3/24 Loop0 3::3/64 10.115 10.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.1.1/24 E0/0 2010:10:11::1/64 R1 101 1.2/24 R2 E0/1 2010:0:117::2/64 117 2.2/24 E0/0 2010:70:70::2/64 70 10.9/24 2010:10:11::9/64 R9 Loop0 9.3.9.2.2.8/24 2010:0:117::8/64 117 Loop0 8.1/24 Loop0 1::1/64 10.140/24 227|P a g e Version 5.2/24 Loop0 2::2/64 E0/0 101 10.70.11.8.8/24 2010:0:115::8/64 R8 115 E0/0.70.3/24 E0/1 2010:0:115::3/64 R3 115 3.70.11.117.9.

3.115.  Outbound telnet packets destined to 1.  Ensure that snooping bindings don’t disappear after a reload. 2.  Management traffic should be allowed from the following subnets: o 10. pw: cisco). Volume 1 Configuration Tasks 1.0.3.0/24 o 2010:0:117::/64  R1 should only accept Telnet.2F .  Configure R9 to act as a DHCP Server in this VLAN.117. DHCP Snooping  Secure DHCP communication in VLAN 101 using DHCP Snooping.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Controlling Terminal Line Access  Secure VTY lines on R9 and R1.1 should be dropped and logged. 228 | P a g e Version 5.  R9 should only allow SSH access (user: cisco. The lease times should be accurate .0.  Make sure R1 and R8 obtain their address dynamically.configure & use R9 as a NTP server. 3.  Rate-limit all ICMP packets to 15 per second.  Rate-limit all ICMPv6 packets to 70000bps.  All HTTP packets originating from 3. Control Plane Policing  R8 should be configured to protect its CPU using CoPP.3 should be dropped.  Rate-limit client DHCP traffic to 15pps.1. Log messages should be generated every 2 seconds and they should include TTL and length of dropped packets.0/24 o 10.1.

 No more than 30 packets for all other TCP/UDP protocols enabled on the router should be seen in the queue.  Packets destined to non-listening ports should be silently dropped.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.  Telnet connections over port 3020 should be unaffected. Control Plane Protection – Logging  All malformed & allowed packets received on Host subinterface should be logged.  Input queue of R9 should not be overwhelmed by any single protocol traffic.  No more than 100 BGP and 4 SSH packets should be queued.  All IPv4 transit traffic punted to the CPU should be policed to 512kbps.  Rate-limit those log messages to one every 5 seconds.  Allowed and over the Input Queue limit SSH traffic should be logged as well. Control Plane Protection  Enable Control Plane Protection on R9.2F . Helpful Verification Commands  Show ip dhcp server  Show ip dhcp server bindings  Show ip source binding  Show control-plane  Show class-map  Show run policy-map 229|P a g e Version 5. 4. Volume 1  OSPFv2 and OSPFv3 packets should not be affected by this configuration.  Log all dropped Transit packets that entered R9 through interface E0/0. 5.

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Technical Verification and Support

To verify your configurations please ensure that you have downloaded the latest “final
configurations” from within the iPexpert Member’s Area.

You may also verify your configurations and obtain a detailed overview of why specific
commands were used within the accompanying Detailed Solution Guide.

For instructor and developer support, please be sure to submit questions through our
interactive support community that’s accessible from the Member’s Area.

This concludes Lab 36 of iPexpert's CCIE Routing & Switching Workbook, Volume 1, Section 4
Copyright© iPexpert. All Rights Reserved.

230 | P a g e Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Section 5: Infrastructure Services

231|P a g e Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Lab 37: Configure and Troubleshoot Quality
of Service Mechanisms (Part 1)

Technologies Covered

 Classification and marking
 Bandwidth percent
 LLQ
 WRED
 Dynamic flows
 ECNs

Overview

Voice over IP will be deployed in your network and you have been tasked to configure QOS in
your network. Knowledge of classification, marking LLQ and Congestion Avoidance is essential for
this scenario.

Estimated Time to Complete: 2 hours

232 | P a g e Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

iPexpert’s Recommended Reading Material

 Classification Overview:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_classn/configuration/15-mt/qos-classn-
15-mt-book/qos-classn-oview.html

 MQC:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_mqc/configuration/15-mt/qos-mqc-15-
mt-book/qos-mqc.html

 Marking Network Traffic:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_classn/configuration/15-mt/qos-classn-
15-mt-book/qos-classn-mrkg-ntwk-trfc.html

 Classifying Network Traffic:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_classn/configuration/15-mt/qos-classn-
15-mt-book/qos-classn-ntwk-trfc.html

 Congestion Management Overview:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_conmgt/configuration/15-mt/qos-
conmgt-15-mt-book/qos-conmgt-oview.html

 Low Latency Queuing with Priority Percentage Support:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_conmgt/configuration/15-mt/qos-
conmgt-15-mt-book/qos-conmgt-llq-pps.html

iPexpert’s Recommended Video Training

iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE
Routing & Switching lab exam. We recommend watching the following learning videos that cover
the topics seen in this lab scenario.

 Video Title: Intro to QoS

 Video Title: Quality of Service Lecture

 Video Title: Quality of Service Configuration

 Video Title: Classification and Marking, Part 1-4

233|P a g e Version 5.2F

iPexpert’s Lab Preparation Workbook
for Cisco’s CCIE Routing & Switching Lab Exam, Volume 1

Topology Details

Logically connect and configure your network as displayed in the drawing below. You may also
refer to the diagram located within your configuration files for topology information.

The topology used in the lab will be the following:

Diagram 37.1: Quality of Service Mechanisms Topology

Lab 37 Setup

 This lab is intended to be used with online rack access. Connect to the terminal server for the
online rack, and complete the configuration tasks as detailed below.

NOTE
Load the initial configuration files before starting to work on the tasks.

Configuration Tasks

1. R2 is a customer managed CE and R6 is the entry point to the service provider. The traffic
received on the E0/0 is untrusted and should be re-marked when entering the service provider
network. A class called VOICE should be created for traffic with destination ports in the RTP
range 32512 32768, a class called SQL should be created for traffic with destination ports in the

234 | P a g e Version 5.2F

1 out of 10 packets should be randomly dropped. 1 out of 5 packets should be randomly dropped. a QOS policy will be enforced. In order to slow-down TCP traffic in case of congestion. The TCP hosts that are transiting on the connection between R3 and R4 are supporting ECN. the SQL traffic should have 30% of the bandwidth reserved and the OFFICE_BOSS traffic should have 20% of the bandwidth reserved. some packets in the default queue should be randomly dropped before the queue is getting full and tail-dropping. enable WRED to begin to randomly drop packets with the IP precedence of 3 when the queue contains 20 packets and to tail-drop when the number of packets in the queue reaches more than 30 packets. On the interface S4/0 of R3. 4. 3. configure a hold queue of 200 packets. 10. On R6. On the interface S3/0 of R6. 7. The goal of this marking is to trigger the receiver to suggest the source to decrease the TCP window size.1. configure the minimum possible queue size. configure a policy-map called TRAFFIC_COLOURING. 10% of the bandwidth is allocated to VOICE traffic. Helpful Verification Commands  Show class-map  Show policy-map  Show policy-map interface 235|P a g e Version 5. 6. The Voice traffic should be prioritized before any other traffic in case of congestion.222. and the OFFICE_BOSS with the DSCP AF21. Instead of randomly beginning to drop packets. 2. 9. Volume 1 TCP range 1433 1434 and a class called OFFICE_BOSS should be created for traffic originated from the LAN 10.2F . 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. On the interface S3/0 of R6. ensure that packets with a dscp of AF21 begin to be randomly dropped when the queue contains 100 packets and to tail-drop when the number of packets in the queue reach more than 200 packets. On the WAN link between R3 and R6. 8. On the interface S4/0 of R4. WRED should be configured to mark the packet that was supposed to be dropped. Enable WRED to take into account the DSCP field. In case of congestion. The remaining unclassified traffic should have the DSCP field reset to 0.0/24. This policy-map should mark the VOICE traffic with the DSCP EF. the SQL traffic with the DSCP AF31.

236 | P a g e Version 5. Section 5 Copyright© iPexpert.2F . All Rights Reserved. This concludes Lab 37 of iPexpert's CCIE Routing & Switching Workbook. Volume 1.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. For instructor and developer support.

Volume 1 Lab 38: Configure and Troubleshoot Quality of Service Mechanisms (Part 2) Technologies Covered  Traffic shaping  Policing  Hierarchical policers  Percent-based policers  Header compression  NBAR Overview You have been tasked to configure QOS in your network. Header Compression and NBAR (classification). Policing (including Hierarchical Policers).2F . Estimated Time to Complete: 2 hours 237|P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. The technologies covered include Traffic Shaping.

html  Classification Configuration Guide: http://www.html  Header Compression: http://www. Volume 1 iPexpert’s Recommended Reading Material  DiffServ for QoS: http://www.html  Hierarchical Queuing Framework: http://www.cisco.html  Configuring NBAR: http://www.com/c/en/us/td/docs/ios-xml/ios/qos_plcshp/configuration/15-mt/qos-plcshp- 15-mt-book.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_nbar/configuration/15-mt/qos-nbar-15- mt-book/nbar-mqc.2F .com/c/en/us/td/docs/ios-xml/ios/qos_hdrcomp/configuration/15-mt/qos- hdrcomp-15-mt-book.com/c/en/us/td/docs/ios-xml/ios/qos_classn/configuration/15-mt/qos-classn- 15-mt-book/qos-classn-ntwk-trfc.cisco.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.cisco.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_nbar/configuration/15-mt/qos-nbar-15- mt-book/clsfy-traffic-nbar.html  Classifying Traffic using NBAR: http://www.com/c/en/us/td/docs/ios-xml/ios/qos_hrhqf/configuration/15-mt/qos-hrhqf- 15-mt-book/qos-hrhqf.com/c/en/us/td/docs/ios-xml/ios/qos_classn/con  Classifying Network Traffic: http://www.html  Policing and Shaping: http://www.cisco.cisco.html 238 | P a g e Version 5.com/c/en/us/td/docs/ios-xml/ios/qos_dfsrv/configuration/15-mt/qos-dfsrv- 15-mt-book/qos-dfsrv.com/c/en/us/td/docs/ios-xml/ios/qos_classn/configuration/15-mt/qos-classn- 15-mt-book.cisco.html  Marking Network Traffic: http://www.cisco.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. We recommend watching the following learning videos that cover the topics seen in this lab scenario.1: Quality of Service Mechanisms Topology 239|P a g e Version 5. Part 1-4 Topology Details Logically connect and configure your network as displayed in the drawing below. Volume 1 iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.  Video Title: Quality of Service Lecture  Video Title: Quality of Service Configuration  Video Title: Classification and Marking. You may also refer to the diagram located within your configuration files for topology information.2F . The topology used in the lab will be the following: Diagram 38.

Packets that conform are sent.101 of R2. 9. NOTE Load the initial configuration files before starting to work on the tasks. 4.2F . On the interface E0/1. 2. add the following classes: the class called CUSTOMER1 is matching IP DSCP CS4 and the class called CUSTOMER2 is matching IP traffic with a destination TCP port of 69. Packets that belong to neither AF32 nor AF33 are re-marked with a DSCP of AF12. police the traffic to a CIR of 128 kbps with a Bc of 1500 bytes and a PIR of 256 kbps with a Be of 4500 bytes. a class called SILVER matching DSCP AF31 has 256 kbits/s reserved. Packets marked with a DSCP of AF32 and AF33 that conform are sent. 6. 5. Class BRONZE can obtain throughput up to a peak of 512 kbps if enough bandwidth is available. Configuration Tasks 1. 7. On R3 and R6. 8. a class called BRONZE matching DSCP AF21 has 256 Kbits/s reserved. Class SILVER has to be shaped to 512 kbits/s with a normal burst size of 2048 bits. On the WAN link between R3 and R4. Traffic not matching any access-list should be shaped to 100 kbps. Under congestion. Create a policy-map called Serial_Policy_Child and enforce this QOS policy on the traffic that has already been policed in the previous question. in the policy-map called Serial_policy1. packets with a DSCP of AF32 and AF33 that exceed are re- marked with DSCP of AF11 and transmitted. On R3 and R6. This QOS policy has 3 classes of service. The service-policy Serial_Policy_Child has two 240 | P a g e Version 5. in the class called CUSTOMER1. enforce a QOS policy using a policy-map called Serial_Policy_Parent. This QOS policy has only the class default. and packets that violate are dropped. Volume 1 Lab 38 Setup  This lab is intended to be used with online rack access. police the traffic to a CIR of 64 kbps with a Bc of 1500 bytes and a PIR of 128 kbps with a Be of 3000 bytes. This policy-map is used to police the traffic to 100 kbps. On R3 and R6. Connect to the terminal server for the online rack. Limit the egress TCP traffic for destination port 80 to 1 kbps and the egress TCP traffic for destination port 443 to 300 kbps. and packets that violate are dropped. configure traffic-shaping. On the WAN link between R3 and R6. enforce a QOS policy using a policy-map called Serial_Policy1.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. 3. and complete the configuration tasks as detailed below. packets that exceed are re-marked with a COS of 0 and transmitted. Create a class-map called AF3233. in the class called CUSTOMER2. and a class called GOLD matching DSCP EF has 512 kbits/s reserved.

Section 5 Copyright© iPexpert. Enable RTP header compression on this connection. For instructor and developer support. Volume 1 classes called CLASS1 and CLASS2. This QOS policy has 2 classes called LOTUS and URL. On the link between R6 and R2. URL class is matching HTTP traffic that contains a URL of /iPexpert is policed to 512 kbps. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. Helpful Verification Commands  Show policy-map  Show policy-map interface  Show traffic-shape Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. enforce a QOS policy using a policy-map called Serial_Policy_Percentage. This policy-map is used to police the traffic to a CIR of 60% of the available bandwidth and to a PIR of 90% of the available bandwidth. 10.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1. All Rights Reserved. 13. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. configure PPP encapsulation and enable RTP enhanced header compression. CLASS1 is matching UDP traffic and CLASS2 is matching TCP traffic. On the WAN link between R3 and R5. CLASS1 should be policed to 20 kbps and CLASS 2 should be policed to 50 kbps.2F . This QOS policy has only the class default. LOTUS class is matching Lotus notes traffic and is shaped to 512 kbps. 241|P a g e Version 5. enforce a QOS policy using a policy-map called Serial_Policy_NBAR on R6. 12. This concludes Lab 38 of iPexpert's CCIE Routing & Switching Workbook. Consider that the connection between R3 and R4 is a satellite link. 11. On the WAN link between R3 and R5.

You have to know how to enable logging (including sending logs to a Syslog server).2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Estimated Time to Complete: 1 hour 242 | P a g e Version 5. Volume 1 Lab 39: Configure and Troubleshoot IP/IOS Services (Part 1) Technologies Covered  Syslog logging  Logging timestamps  Logging to flash  Conditional debugging Overview You have been tasked to configure various management services in your network. how to configure change notifications and finally enable the archiving feature.

com/c/en/us/td/docs/ios-xml/ios/config-mgmt/configuration/15mt/config- mgmt-15-mt-book/cm-config-logger.cisco.cisco.2F . We recommend watching the following learning videos that cover the topics seen in this lab scenario. You may also refer to the diagram located within your configuration files for topology information.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.com/c/en/us/td/docs/ios-xml/ios/bsm/configuration/15-mt/bsm-15-mt- book/bsm-troubleshooting.  Video Title: IP and IOS Services Lecture  Video Title: Optimize the Network Topology Details Logically connect and configure your network as displayed in the drawing below.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.com/c/en/us/td/docs/ios-xml/ios/bsm/configuration/15-mt/bsm-15-mt- book. Volume 1 iPexpert’s Recommended Reading Material  Basic System Management Configuration Guide: http://www.html  Troubleshooting and Fault Management: http://www. The topology used in the lab will be the following: 243|P a g e Version 5.cisco.html  Configuration Change Notification and Logging: http://www.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. and complete the configuration tasks as detailed below. Connect to the terminal server for the online rack.2. 2. Volume 1 Diagram 39. If two system messages arrive with the same timestamps. make sure (with sequence numbers) that you still know which one was generated first. Configure R2 to log all messages with a severity from 1 to 7 in an internal buffer.2. Configure R2 to log only emergencies. alerts. 4. The size of this buffer should be 20000. NOTE Load the initial configuration files before starting to work on the tasks. 3. Make sure that any type of log messages has the exact date and time stamp (and not the uptime).2. Configure R2 to log system messages to a syslog server with the IP address 10. Send only emergencies.1: IP/IOS Services Topology Lab 39 Setup  This lab is intended to be used with online rack access. and error messages to the console. and critical messages. Configuration Tasks 1. alerts. 5. critical.2F . 244 | P a g e Version 5.

Helpful Verification Commands  Show logging  Show archive log config  Show debugging Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. Log every configuration command entered on R9. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. Make sure that the passwords and SNMP community strings are replaced by ****asterisks****. For instructor and developer support. Also.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. All Rights Reserved. Limit the rate of logging messages to 70 per second for all logging messages. Volume 1 6. This concludes Lab 39 of iPexpert's CCIE Routing & Switching Workbook. Log the last 500 configuration command messages locally. 7. Volume 1. Ensure that the router does keep a history file of 10 logged messages prepared to be sent as SNMP traps.2F . Section 5 Copyright© iPexpert. 245|P a g e Version 5. except for those with a severity level 5. send notifications of configuration changes to a syslog server. 8. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide.

Estimated Time to Complete: 2 hours 246 | P a g e Version 5. The knowledge of NTP Access-Lists is also required to successfully finish this scenario. SNMP versions 2/3 and NTP will be configured in this lab. Volume 1 Lab 40: Configure and Troubleshoot IP/IOS Services (Part 2) Technologies Covered  SNMP v2  SNMP v3  NTP Overview You have been tasked to configure management services in your network.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Specifically.2F .

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. The topology used in the lab will be the following: 247|P a g e Version 5.ht ml#wp1001170  Setting Time and Calendar Services: http://www.cisco.  Video Title: IP and IOS Services Lecture  Video Title: IP and IOS Services Configuration Topology Details Logically connect and configure your network as displayed in the drawing below.cisco.2F .com/c/en/us/td/docs/ios-xml/ios/bsm/configuration/15-mt/bsm-15-mt- book/ip6-ntpv4.cisco.com/c/en/us/td/docs/ios-xml/ios/bsm/configuration/15-mt/bsm-15-mt- book/bsm-time-calendar-set. You may also refer to the diagram located within your configuration files for topology information. We recommend watching the following learning videos that cover the topics seen in this lab scenario.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf012.cisco.html  SNMP: http://www.com/c/en/us/td/docs/ios-xml/ios/snmp/configuration/15-mt/snmp-15-mt- book/nm-snmp-cfg-snmp-support.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.html  NTP ACL: http://www. Volume 1 iPexpert’s Recommended Reading Material  NTPv4 in IPv6: http://www.

3 to poll the router with read-only permission using the community string iPexpert. R2 should send IPSEC traps to the server 10. Connect to the terminal server for the online rack. permit only hosts 10.4. ACKed trap means that an ACK packets should be sent by the server back to R2 to confirm that he received the trap. NOTE Load the initial configuration files before starting to work on the tasks. The community iPexpert is included in the traps. 248 | P a g e Version 5. Use access-list number 6. The community iPexpert is included in the traps. 3.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. On R2. R2 should send all syslog messages as SNMP ACKed traps to the server 10. and complete the configuration tasks as detailed below. 4.4.4 using SNMPv2c. Volume 1 Diagram 40. permit any SNMP server to poll the router with read-only permission using the community string iPexpert.4.4 and 10.4.4.4.4. 2.1: IP/IOS Services Topology Lab 40 Setup  This lab is intended to be used with online rack access.4 using SNMPv2c.4. Configuration Tasks 1.2F . On R6.

On R3.5. define a RO group called ROGROUP. Configure NTP authentication between R3 and R5 with a key number of 1 and a password of “ iPexpert”. 8.35. 11.3. On R3. On R3. Configure R3 as client from NTP server R5. NTP server on R5 should source packets from interface S4/0. This polling should be configured according to the AuthPriv security model. R3 is going to be polled by a NMS with an IP address of 10.5. Associate this group with read view ROVIEW. 10. 12. 13. Configure R5 as a stratum 5 NTP master.1.5. On R5. Make sure that only 10. Use an access-list called NTPCLIENT. 9. a RO view called ROVIEW and a RW view called RWVIEW. 7. define a RW group called RWGROUP. Create two views.2F .5 using payload encryption. Associate to this group with read view ROVIEW and the following user:  username: Username1  password: Password1  encryption password: iPexpert  Use the SHA authentication method and the 3-DES encryption method.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.5.1. 6. The user Username1 generates the traps and informs. 249|P a g e Version 5. write view RWVIEW and the following user:  username: Username2  password: Password2  encryption password: iPexpert  Use the MD5 authentication method and the AES-256 encryption method. Volume 1 5. make sure that the only NTP client that can synchronized with R5 is the client with the IP address 10. Configure on R3 an access-list called NTPSERVER. Make the MIB-2 objects accessible for both views.5 can be the NTP server for R3.35. enable traps and informs to be sent to 10.5.

You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide.2F . Volume 1 Helpful Verification Commands  Show snmp  Show snmp group  Show snmp user  Show snmp community  Show snmp host  Show snmp enine-id  Show ntp status  Show ntp association Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. This concludes Lab 40 of iPexpert's CCIE Routing & Switching Workbook. All Rights Reserved. For instructor and developer support. Volume 1. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. Section 5 Copyright© iPexpert. 250 | P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

The knowledge of DHCP protocol is required for this lab. along with Proxy and Local Proxy ARP. Volume 1 Lab 41: Configure and Troubleshoot IP/IOS Services (Part 3) Technologies Covered  Proxy ARP  Local Proxy ARP  DHCP Overview In this scenario you will be tasked to configure multiple management services.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Estimated Time to Complete: 2 hours 251|P a g e Version 5.

cisco.com/c/en/us/support/docs/ip/dynamic-address-allocation-resolution/13718- 5.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dhcp/configuration/15-mt/dhcp- 15-mt-book/config-dhcp-server.html  DHCP Relay Agent: http://www.cisco. Volume 1 iPexpert’s Recommended Reading Material  Proxy ARP: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dhcp/configuration/15-mt/dhcp-15- mt-book/config-dhcp-relay-agent.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dhcp/configuration/15-mt/dhcp-15- mt-book/dhcp-overview.html  DHCP Process: http://www.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.html  DHCP Server Configuration: http://www. You may also refer to the diagram located within your configuration files for topology information. We recommend watching the following learning videos which cover the topics seen in this lab scenario.  Video Title: IP and IOS Services Lecture  Video Title: IP and IOS Services Configuration Topology Details Logically connect and configure your network as displayed in the drawing below. The topology used in the lab will be the following: 252 | P a g e Version 5.2F .cisco.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

On R2. and complete the configuration tasks as detailed below.2. disable the mechanism that makes this IP connectivity possible. when someone is trying to reload the router.0/24 and 10.1. On R2. NOTE Load the initial configuration files before starting to work on the tasks. Configure R3 as a DHCP server for the network 10.35. 2.9 with the ping sourced from IP address 10.1 and 10.1.26. 253|P a g e Version 5.0/24.35. Do not modify this mask on the other side of the connection between R6 and R2.36.1 respectively.1.26.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.1: IP/IOS Services Topology Lab 41 Setup  This lab is intended to be used with online rack access. Connect to the terminal server for the online rack.2F . However. Volume 1 Diagram 41.2 with a mask 255.26.36. Configure the IP address 10.2. The DNS server IP address is 10. make sure that the interface E0/1 is replying to all the ARP requests sent on the network 10. Default gateways are 10. In the routing table of R2. there are only the connected networks.255.1.0 on the interface E0/1 of R2.1.1. On the interface of R6. the reload command should have no effect.0/24.0.2. R2 is able to ping 10.1.1.69. 3.2. Configuration Tasks 1.

5. Section 5 Copyright© iPexpert.1-10.35. The interface E0/0 of R7 should retrieve an IP address from the DHCP pool configured earlier.26.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.0/24.1.0/24.1. The IP address range 10. The RADIUS server has IP address 10. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area.1-11 from the DHCP range. Exclude 10. Default gateway is 10. 10.11 should be excluded from the IP addresses allocated to the clients by the server. The DNS server IP address is 10. R3 will also be DHCP servers for the network 10. The IP address range 10.79.2. 7.1.11 should be excluded from the IP addresses allocated to the clients by the server. This concludes Lab 41 of iPexpert's CCIE Routing & Switching Workbook.35. Configure R9 as a DHCP server for the network 10. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. The DNS server IP address is 10.2.2.1.2.1.2. configure AAA and Radius for DHCP accounting.36.1. 254 | P a g e Version 5.79. 6. Volume 1 4.36.100 should always be assigned to the server with the mac address aaaa. All Rights Reserved.2F .1. Volume 1. On R9.cccc.2.2. The IP address 10.1.1-10. 8.2.26. Default gateway is 10.2. Helpful Verification Commands  Show ip arp  Clear ip arp  Show ip dhcp pool  Show ip dhcp binding Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area.35.1. For instructor and developer support.1.bbbb.79.1.1. 9.

VRRP and GLBP. preemption and Load Distribution for certain FHRPs is also part of this scenario. Configuration of authentication. Volume 1 Lab 42: Configure and Troubleshoot IP/IOS Services (Part 4) Technologies Covered  IP SLA  HSRP  VRRP  GLBP Overview IP/IOS Services covered in this lab include IP SLA and First Hop Redundancy Protocols : HSRP. Estimated Time to Complete: 2 hours 255|P a g e Version 5.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.

The topology used in the lab will be the following: 256 | P a g e Version 5.cisco. You may also refer to the diagram located within your configuration files for topology information.cisco.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 iPexpert’s Recommended Reading Material  IP SLA Configuration Guide: http://www.  Video Title: Service Level Agreement and Object Tracking  Video Title: IP and IOS Services Lecture  Video Title: IP and IOS Service Configuration  Video Title: First-Hop Redundancy Protocols Topology Details Logically connect and configure your network as displayed in the drawing below.2F .com/c/en/us/td/docs/ios-xml/ios/ipsla/configuration/15-mt/sla-15-mt- book. We recommend watching the following learning videos that cover the topics seen in this lab scenario.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/15-mt/fhp-15-mt- book.html  First Hop Redundancy Protocol Configuration Guide: http://www.

200 with the community “iPexpert”.1. and complete the configuration tasks as detailed below. a second trap will again be sent.2F . When the connection between R7 and R9 is lost. R7 will send a trap and trigger a ping 10. UDP packets should be sent to 10. Volume 1 Diagram 42. 257|P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Configuration Tasks 1.1: IP/IOS Services Topology Lab 42 Setup  This lab is intended to be used with online rack access. On the connection between R7 and R9.79. If connectivity is not re-established after 60 seconds. 2. Connect to the terminal server for the online rack.222. NOTE Load the initial configuration files before starting to work on the tasks. configure IP SLA on R7 to measure the UDP jitter. This measurement should run indefinitely. Enable R7 to send CISCO-SYSLOG-MIB traps to the SNMP server 10.1.9 every 5 seconds during 60 seconds.9 port 3200 every 10 seconds with a DSCP marking of EF.79.1.

Virtual IP address is 10. Those packets have to be sent to 10.222. 10.1.0/24.108. configure on R8 a TCP operation to 10.108.1. 11. it should always be the master.222 for the website www.1.com. Between R6 and R8. Virtual IP address is 10. Authenticate the GLBP routers with a MD5 hashed password of “iPexpert133”. 4. When the ICMP echo from R8 to R6 fails. Virtual IP address is 10.1. Volume 1 3. 5. The IP SLA control messages between R6 and R9 have to be authenticated using a key-chain called “iPexpert”.0/24.1.144. 12. As long as R8 is up and running.133.0/24. 13. Configure HSRP between R8 and R2 on the network 10.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Between R6 and R9. and R1 on the network 10. 10% of the traffic should use R2 as a gateway and 10% of the traffic should use R1 as a gateway. 14. the priority should be decreased the minimum in such a way that R2 takes over the primary role.1. Between R8 and R2.68. 6. 7. it should recover this role 1 minute after coming back online. configure an IP SLA job on R6 that will generate an ICMP echo with a packet size of 1000 bytes every 10 seconds.2 on port 80 that requires R2 to be configured as a responder. Configure VRRP between R2 and R1 on the network 10.108.1.9.1. R2. 8.ipexpert.1. Configure GLBP between R8. This key-chain should use key number 3 and a key string of “iPexpert”. 258 | P a g e Version 5. Authenticate the VRRP routers with a password of “iPexpert”. configure on R6 a TCP operation to 10.155.108. 9. Authenticate the HSRP routers with a clear text password of “iPexpert”. it should stay the master and when an outage occurs.108. When R2 is up and running.69. Configure R8 to perform every 30 seconds a DNS lookup on the DNS server 10.1.108.8 on port 443 that doesn’t require R8 to be configured as a responder.108.

2F . Section 5 Copyright© iPexpert. Volume 1. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. 259|P a g e Version 5. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 Helpful Verification Commands  Show standby  Show standby brief  Show vrrp  Show glbp  Show ip sla configuration  Show ip sla application  Show ip sla statistics  Show ip sla summary  Show ip sla responder Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. For instructor and developer support. All Rights Reserved. This concludes Lab 42 of iPexpert's CCIE Routing & Switching Workbook.

including Policy NAT.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F . Volume 1 Lab 43: Configure and Troubleshoot IP/IOS Services (Part 5) Technologies Covered  NAT Overload  NAT Route-maps  Static NAT  Static PAT  NAT no alias  NAT no payload  Policy NAT Overview This lab focuses on Network Address Translation (NAT). Estimated Time to Complete: 2 hours 260 | P a g e Version 5. PAT) are covered. Multiple NAT technologies (Dynamic. The knowledge of certain NAT features is also tested. like for example the “no alias” keyword. Static.

The topology used in the lab will be the following: 261|P a g e Version 5.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/15-mt/nat-15-mt- book/iadnat-rmap-outin.cisco. Volume 1 iPexpert’s Recommended Reading Material  NAT Configuration: http://www. We recommend watching the following learning videos that cover the topics seen in this lab scenario.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.html  Reversible NAT: http://www.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/15-mt/nat-15-mt- book/iadnat-addr-consv.2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. You may also refer to the diagram located within your configuration files for topology information.cisco.  Video Title: IOS NAT Topology Details Logically connect and configure your network as displayed in the drawing below.

6 is unsuccessful.69.69.79.1: IP/IOS Services Topology Lab 43 Setup  This lab is intended to be used with online rack access.1.1. Clear the ARP cache and verify that the ping from R7 to 100.69.1. On R7.0/24 is the outside network. Make sure that the ping from R7 to 100.69. 3.69. Ensure that the ping from R7 to 100.6 is successful using a static NAT – map 10. We don’t want R9 to respond to the ARP request for 100. 100.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.1.1. 10. 2. Connect to the terminal server for the online rack.20. 262 | P a g e Version 5.1.1.20. configure a default route towards R9.1.0/24 is the inside network.69. NOTE Load the initial configuration files before starting to work on the tasks. Volume 1 Diagram 43.6 is again successful by configuring a static ARP entry on router R6.79.2F . Configuration Tasks 1. and complete the configuration tasks as detailed below.7 to 100.

10. a new connection will use a mapping of an already mapped public IP address with a different port number. configure a default route towards R6. You have to use the ip nat outside command on R8. 10.1.0/24 is the outside network. 6. Traffic coming from R2 should be dynamically NATed to the IP address 100. 100.9.1.68. Volume 1 4.0/24 is the outside network. When no more address is available in the public range. Use a route-map to achieve this task.0/24 to the interface E0/0.20. On R2.69.68. enable the TCP small server service on TCP port 13 called “datetime”. configure a dynamic PAT that maps the internal range 11.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. 100. On R9.9. On R9.1. 8.9.0/24 is the inside network. R1 should be able to reach R6 without configuring any static/default routes.9/24. Ensure that the payload will not be modified by the static NAT entry configured on R9.0/24 is the inside network.1.1.0/24 is the outside network.255. Helpful Verification Commands  Show ip nat translations  Show ip nat statistics  Clear ip nat translations 263|P a g e Version 5.9. 7. 100. configure loopback0 with an IP address of 10. configure a dynamic NAT that maps the internal range 10.1. On R8.1. 100. 100.1.68. Ensure that you can telnet from R1 to R6 by using the “add-route” keyword in the NAT rule.1.9.1. 11. 11. On R8.9. 12.30 on port 4000 will return the daytime information. On R9.0/24 to the public address range 100.69. 9.0/24 is the outside network.1. On R9.2F . 10.1.69.1.1.1.1.108.0/24 is the inside network. 13.9/24.69.69. Make sure that telnet from R9 to 100. configure loopback1 with an IP address of 11. 5.0/24 is the inside network. configure a default route towards R8.241-100.69.

264 | P a g e Version 5. Section 5 Copyright© iPexpert. This concludes Lab 43 of iPexpert's CCIE Routing & Switching Workbook. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Volume 1 Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. All Rights Reserved.2F . Volume 1. For instructor and developer support. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide.

Estimated Time to Complete: 1 hour 265|P a g e Version 5. high performance options and more).iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Another part of the labs is related to tuning the TCP stack on the routers (PMTUD.2F . Volume 1 Lab 44: Configure and Troubleshoot IP/IOS Services (Part 6) Technologies Covered  IP precedence accounting  IP output packet accounting  IP access violation accounting  MAC address accounting  TCP optimization Overview The main focus of this scenario is IP Accounting.

Volume 1 iPexpert’s Recommended Reading Material  Cisco IOS Accounting Features: http://www.html iPexpert’s Recommended Video Training  No associated videos Topology Details Logically connect and configure your network as displayed in the drawing below.GUID-2C668491-3A84-4985-A47D-296850FEE20C  Configuring TCP: http://www.com/c/en/us/td/docs/ios-xml/ios/ipapp/configuration/15-s/iap-15-s-book/iap- ipserv.asp?p=764234&seqNum=4  Configuring IP Accounting: http://www. The topology used in the lab will be the following: 266 | P a g e Version 5.cisco.ciscopress.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.cisco.html .com/c/en/us/td/docs/ios-xml/ios/ipapp/configuration/15-mt/iap-15-mt- book/iap-tcp. You may also refer to the diagram located within your configuration files for topology information.2F .com/articles/article.

On R7. perform on the E0/1 accounting based on IP precedence on received packets. Volume 1 Diagram 44.9. Configure the following loopbacks: Table 44. Connect to the terminal server for the online rack.9/32 267|P a g e Version 5. NOTE Load the initial configuration files before starting to work on the tasks.2F .1.1.1: IP/IOS Services Topology Lab 44 Setup  This lab is intended to be used with online rack access. Configuration Tasks 1. 2.2 R8 loopback0 10.8.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.8/32 R9 loopback0 10. and complete the configuration tasks as detailed below.

On R2. 4. On R8. 5. This concludes Lab 44 of iPexpert's CCIE Routing & Switching Workbook. 9. All Rights Reserved. activate PMTUD. 10. Ensure that IP accounting displays the number of packets blocked by the access-list from Task 4. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. 7. On the interface E0/1 of R6. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. Volume 1 3. R8 should wait for a maximum of 10 seconds to receive a TCP SYN. Volume 1. Make sure that the “TCP silly window syndrome” will not affect R8. 8. For instructor and developer support. Helpful Verification Commands  Show ip accounting  Clear ip accounting  Show interface x precendence  Show interface x accounting  Show interface x mac-accounting Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. 11. On R6.2F . Advertise loopback0 of R8 and R9 into OSPF using network statements. 6. On R2. activate high performance TCP options as described in RFC 1323.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. Section 5 Copyright© iPexpert. create an access-list to block traffic going from loopback0 of R8 to the loopback0 of R9. collect statistics about traffic per MAC address in the egress and ingress direction. configure the outgoing TCP queue to contain a maximum of 10 packets. 268 | P a g e Version 5.

iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.2F . Volume 1 Lab 45: Configure and Troubleshoot IP/IOS Services (Part 7) Technologies Covered  Netflow ingress and egress  Netflow top talkers  Netflow aggregation cache  Netflow random sampling  Netflow input filters Overview The management service covered in this lab is NetFlow. The Top Talkers feature and Random Sampling configuration is also tested in this scenario. You have to know how to configure this technology and how to send the collected data to an aggregation server. Estimated Time to Complete: 1 hour 269|P a g e Version 5.

The topology used in the lab will be the following: 270 | P a g e Version 5.cisco. We recommend watching the following learning videos that cover the topics seen in this lab scenario.2F . You may also refer to the diagram located within your configuration files for topology information. Volume 1 iPexpert’s Recommended Reading Material  NetFlow: http://www.com/c/en/us/td/docs/ios-xml/ios/netflow/configuration/15-mt/nf-15-mt- book.html  Flexible Netflow Configuration Guide: http://www.html iPexpert’s Recommended Video Training iPexpert’s Video on Demand training library contains a wealth of videos pertaining to the CCIE Routing & Switching lab exam.cisco.com/c/en/us/td/docs/ios-xml/ios/fnetflow/configuration/15-mt/fnf-15-mt- book/cgf-topn.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam.html  Flexible Netflow – Top N Talkers Support: http://www.cisco.  Video Title: NetFlow Topology Details Logically connect and configure your network as displayed in the drawing below.com/c/en/us/td/docs/ios-xml/ios/fnetflow/configuration/15-mt/fnf-15-mt- book.

Configuration Tasks 1. and complete the configuration tasks as detailed below. 3. If R8 uses BGP. 4.33 on port 2333 in version 5 format.79. Make sure that the flows information is not duplicated. Only 1 out of 50 packets should be captured by Netflow. randomly.2F . 2. Connect to the terminal server for the online rack. the peer AS should be included in exports.33 on port 2333 in version 9 format. and to send them to server 10. 271|P a g e Version 5.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. and to send them to server 10. Setup R9 to collect Netflow version 9 statistics on E0/0 and E0/1. Volume 1 Diagram 45. ensure that a flow in the cache that was not refreshed during 10 seconds expires.79. Configure R8 to export flow records every 2 minutes.1. NOTE Load the initial configuration files before starting to work on the tasks. On R8.1. Setup R8 to collect Netflow version 9 statistics on E0/0 and E0/1.1: IP/IOS Services Topology Lab 45 Setup  This lab is intended to be used with online rack access.

configure Netflow on interface E0/1 and interface E0/0 to only capture traffic between 10. 7. On R1. the next-hop IP address using a flow record called “IPEXPERTRECORD”.2F .1. On R1. 9. 11. aggregate flow based of destination prefix present in the routing table.9. Activate Flexible NetFlow configuration in the ingress and egress direction on interface E0/1.8.iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. the flow direction. Volume 1 5.79.55 on port 3444 every 30 seconds using a flow exporter called “IPEXPERTEXPORTER”. Never aggregate with a mask number lower than /24.8 and 10. 10.9. On R7. configure Flexible Netflow to export statistics to the server 10.1. on the Netflow running on the E0/0. The Netflow template should be sent every minute in version 9 to server 10. On R7. Use a class-map called “NETFLOWCLASS” and a policy-map called “NETFLOWPOLICY” 6. Helpful Verification Commands  Show ip flow  Show ip flow top-talkers  Show ip cache flow  Show flow record  Show flow exporter  Show flow monitor 272 | P a g e Version 5.79.44. configure Netflow version 9 on interface E0/0 to capture Netflow statistics in egress and ingress directions. setup Netflow to display in the command line the 20 top speakers going through interface E0/0. configure Flexible Netflow to collect the source and destination IPv4 address. Only 1 out of 2 packets from this flow should be captured. On R2.1. On R6. Sort the top speaker by bytes. 8.1.

2F .iPexpert’s Lab Preparation Workbook for Cisco’s CCIE Routing & Switching Lab Exam. This concludes Lab 45 of iPexpert's CCIE Routing & Switching Workbook. Volume 1 Technical Verification and Support To verify your configurations please ensure that you have downloaded the latest “final configurations” from within the iPexpert Member’s Area. All Rights Reserved. 273|P a g e Version 5. Volume 1. You may also verify your configurations and obtain a detailed overview of why specific commands were used within the accompanying Detailed Solution Guide. For instructor and developer support. please be sure to submit questions through our interactive support community that’s accessible from the Member’s Area. Section 5 Copyright© iPexpert.