Professional Documents
Culture Documents
CCNP Trouble Shooting Lab Workbook
CCNP Trouble Shooting Lab Workbook
hor
ized
CCNP TSHOOT
St
ude
ntL
abMa
nua
l
Web:www.
net
wor
ker
shome.
com Emai
l:i
nfo@net w
wor
kew
rw
s .
n
ho e
t
mew
.
co
or
mke
rsh
ome
.co
m
Aut
hor
ized
CCNPT
SHOOTL
ABWORKBOOK
Mo
dul
e1–T
roubl
esho
oti
ngRI
P
Copyr
ightsNet worker
sHome2007-2015
Websi
te:ht
tp:
//
www.networkershome.com;i
nfo@net
worker
shome.
com
Page2of40
Lab 1 – Troubleshooting RIPv1 and
RIPv2 Issues
R1 R2
L0 10.1.1.1/16 F 0/0(.1) F 0/0 (.2) L0 10.2.2.2/16
192.1.12.0/2
S 0/0 (.2)
4
192.1.23.0/2
4
S 0/0 (.3)
192.1.34.0/2
R4 4 R3
Scenario: R3 does not support RIPv2. R1, R2 and R4 have been configured to
run RIPv2.
Issue: Routes are not getting propagated. Make sure that R3 only run RIPv1
and R4 runs RIPv2. Make sure routes are getting propagated and reachable
from all routers.
R1 R2
L0 10.1.1.1/16 F 0/0(.1) F 0/0 (.2) L0 10.2.2.2/16
192.1.12.0/2
S 0/0 (.2)
4
192.1.23.0/2
4
S 0/0 (.3)
192.1.34.0/2
R4 4 R3
Issue: Routes are not getting propagated. Make sure that all routes are
reachable based on the above requirements.
CCNPT
SHOOTL
ABWORKBOOK
Mo
dul
e2–T
roubl
esho
oti
ngE
IGRP
Copyr
ightsNet worker
sHome2007-2015
Websi
te:ht
tp:
//
www.networkershome.com;i
nfo@net
worker
shome.
com
Page5of40
Lab 1 – Troubleshooting EIGRP
Communication Issues
R1 R2
L0 10.1.1.1/16 F 0/0(.1) F 0/0 (.2) L0 10.2.2.2/16
192.1.12.0/2
S 0/0 (.2)
4
192.1.23.0/2
4
S 0/0 (.3)
192.1.34.0/2
R4 4 R3
Scenario: R1, R2, R3 and R4 have been configured to run EIGRP in AS 12353.
All Neighbor relationships should have been authenticated using a key ID of 1
and a key-string of C1SCO.
Issue: Routes are not getting exchanged between the Routers. Make sure that
all routes are reachable based on the above requirements.
R1 R2
L0 10.1.1.1/16 F 0/0(.1) F 0/0 (.2) L0 10.2.2.2/16
192.1.12.0/2
S 0/0 (.2)
4
192.1.23.0/2
4
S 0/0 (.3)
R4
L0 10.4.4.4/16 F 0/0(.4) F 0/0 (.3) L0 10.3.3.3/16
192.1.34.0/2
F 0/1(.4) 4 R3
192.1.45.0/24
F 0/0(.5)
L0 10.5.5.5/16
R5
CCNPT
SHOOTL
ABWORKBOOK
Mo
dul
e3–T
roubl
esho
oti
ngOSPF
Copyr
ightsNet worker
sHome2007-2015
Websi
te:ht
tp:
//
www.networkershome.com;i
nfo@net
worker
shome.
com
Page9of40
Lab 1 – Troubleshooting OSPF
Communication Issues
R1 R2
L0 1.1.1.1/8 L0 2.2.2.2/8
L0 192.1.100.0/24
R3
R4
Scenario: R1, R2, R3 and R4 have been configured to run OSPF. R1 and R2
should have been the Designated Routers for the Ethernet segment, with R1
having higher priority than R2. All loopbacks should have been advertised with
their proper masks. All Routers should be communicating to each other using
the highest level of authentication.
Issue: Routes are not getting exchanged between the Routers. Make sure that
all routes are reachable based on the above requirements.
R1 R2
L0 10.1.1.1/16 F 0/0(.1) F 0/0 (.2) L0 10.2.2.2/16
192.1.12.0/2
S 0/0 (.2)
4
192.1.23.0/2
4
S 0/0 (.3)
R4
L0 10.4.4.4/16 F 0/0(.4) F 0/0 (.3) L0 10.3.3.3/16
192.1.34.0/2
F 0/1(.4) 4 R3
192.1.45.0/24
F 0/0(.5)
L0 10.5.5.5/16
R5
R1
R4
R2
Frame-Relay
R3
Scenario: R1 (The HUB) has been configured with two sub-interfaces, one of
the two sub-interfaces is configured to connect R1 to R4, this sub-interface
should have been configured in a point-to-point manner using the following IP
addressing:
o R1 = 192.1.14.1 /24
o R4 = 192.1.14.4 /24
The second sub-interface on R1 should have been configured in a multipoint
manner, and this sub-interface should have been configured to connect R1 to
routers R2 and R3 using the following IP addressing:
o R1 = 192.1.123.1 /24
o R2 = 192.1.123.2 /24
o R3 = 192.1.123.3 /24
All routers be able to ping every IP address including their own within their IP
address space.
OSPF should have been configured on the routers to advertise the loopback
networks. These routes should be reachable from all devices.
Restrictions:
L0 1.1.0.0 – R1 192.1.12.0/24 R2
S 0/0(.1) L0 2.1.0.0 –
L3 1.1.3.0/24 S 0/0 (.2) L3 2.1.3.0/24
Area 10
F 0/0 (.2)
192.1.23.0/24
Area 0
F 0/0 (.3)
R4 Area 100 R3
Scenario: Routing should have been configured based on the above diagram.
Also, the loopback networks from R1 and R4 should have been summarized
using the longest possible summary address into other areas.
Issue: Routes are not getting exchanged between the Routers. Make sure that
all routes are reachable based on the above requirements.
L0 1.1.0.0 – R1 192.1.12.0/24 R2
S 0/0(.1) L0 2.1.0.0 –
L1 1.1.1.0/24 S 0/0 (.2) L1 2.1.1.0/24
192.1.23.0/24
Area 100 Area 0
F 0/0 (.3)
R3
F 0/0(.4)
192.1.45.0/24
F 0/0(.5)
L0 5.1.0.0/24
R5 RIPv2
Scenario: Routing should have been configured based on the above diagram.
Area 10 routers should only have Intra-area routes. These routers have had
connectivity to all routes in the network. Area 100 routers should have had
Intra-area routes and Routes getting redistributed into OSPF from RIP. It
should also reachability to all other routes in the network. Loopback on R2 and
R3 should be injected into OSPF as external routes. All routers should have
connectivity to the RIP routes.
L0 1.1.0.0 – R1 192.1.12.0/24 R2
S 0/0(.1) L0 2.1.0.0 –
L1 1.1.1.0/24 S 0/0 (.2) L1 2.1.1.0/24
192.1.23.0/24
Area 10
E 0/0 (.3)
R4 Area 100 R3
Scenario: Routing should have been configured based on the above diagram.
The Virtual Link needed to be authenticated.
Issue: Routes are not getting exchanged between the Routers. Make sure that
all routes are reachable based on the above requirements.
CCNPT
SHOOTL
ABWORKBOOK
Mo
dul
e4–T
roubl
esho
oti
ngBGP
Copyr
ightsNetworker
sHome2007-2015
Websi
te:ht
tp:
//
www.networker
shome.com;i
nfo@net
worker
shome.
com
Page19of40
Lab 1 – Troubleshooting BGP
Communication Issues
Physical Layout
R1 192.1.12.0/24 R2 L0 2.2.2.2/8
L0 1.1.1.1/8 S 0/0(.1)
S 0/0 (.2)
L1 12.1.0.1/16
F 0/0 (.2)
R5 192.1.23.0/24
L0 4.4.4.4/8 L1 13.1.0.1/16
R4 R3
BGP Layout
R3
AS 5
AS 1
AS 234
R1 R2 R4 R5
Issue: Routes are not getting exchanged between the Routers. Make sure that
all routes are reachable based on the above requirements.
Physical Layout
R1 192.1.12.0/24 R2 L0 2.2.2.2/8
L0 1.1.1.1/8 S 0/0(.1)
S 0/0 (.2)
L1 12.1.0.1/16
F 0/0 (.2)
192.1.23.0/24
F 0/0 (.3)
S 0/0(.4) 192.1.34.0/24
S 0/0 (.3) L0 3.3.3.3/8
L0 4.4.4.4/8 L1 13.1.0.1/16
R4 R3
BGP Layout
R3
AS 1
AS 234
R1 R2 R4
R2
Loopback 1 – 192.2.1.1/24
Loopback 2 – 192.2.2.1/24
Loopback 3 – 192.2.3.1/24
Loopback 4 – 192.2.4.1/24
Loopback 5 – 192.2.5.1/24
Loopback 6 – 192.2.6.1/24
Loopback 7 – 192.2.7.1/24
Loopback 8 – 192.2.8.1/24
R3
Loopback 1 – 150.3.16.1/20
Loopback 2 – 150.3.36.1/22
Loopback 3 – 150.3.40.1/22
Loopback 4 – 150.3.50.1/23
Loopback 5 – 150.3.65.1/24
Loopback 6 – 150.13.0.1/16
Loopback 7 – 150.14.64.1/18
These routes should have been filtering using the following conditions:
R2 should have blocked all the 192.2.X.0 routes that have an odd
number in the third octet from propagating outside the local AS using
the distribute-list command with an ACL.
R4 should have blocked all the 192.2.X.0 routes that have an even
number in the third octet from coming in using the distribute-list
command with an ACL. The Distribute-list command. It should have
been done globally for the BGP process.
R1 should have blocked all the 150.X.X.0 routes that have a subnet
mask between 17 and 23 bits from coming in.
Issue: Routes are not getting filtered properly based on the above
requirements. Make sure the routes are filtered based on the above
requirements.
R1 192.1.12.0/24 R2
S 0/0(.1)
S 0/0 (.2) L0 2.2.2.2/8
L0 1.1.1.1/8
F 0/0 (.2)
F 0/0 (.1)
192.1.23.0/24
192.1.14.0/24
F 0/0 (.3)
F 0/0 (.4)
L0 4.4.4.4/8 L0 3.3.3.3/8
S 0/0(.4)
S 0/0 (.3)
192.1.34.0/24
R4 R3
BGP Layout
R2
AS 1
AS 234
R3
R1
R4
All egress (outgoing) traffic from AS 234 should have been configured to
go through R2 in the outbound direction using the Local Preference
attribute.
Issue: Routes are following the said pattern. Make sure the routes flow between
AS 1 and AS 234 based on the above requirements.
CCNPT
SHOOTL
ABWORKBOOK
Mo
dul
e5–T
roubl
esho
oti
ngOt
herT
echno
logi
es
Copyr
ightsNetworker
sHome2007-2015
Websi
te:ht
tp:
//
www.networker
shome.com;i
nfo@net
worker
shome.
com
Page26of40
Lab 1 – Troubleshooting PBR and GRE
Issues
R1 R2
L0 1.1.1.1/8 F 0/0(.1) 192.1.12.0/24 F 0/0 (.2)
L0 2.2.2.2/8
192.1.23.0/24
S 0/0 (.3)
L0 3.3.3.3/8
L1 10.3.3.3/24
R3
The rest of the networks should have been configured in EIGRP 100. Traffic
from network 3.0.0.0/8 to network 1.0.0.0/8 should always use the
192.1.112.0/24 link. All other traffic should use the routing table to route the
traffic. A PBR route-map has been configured to do that.
Issue: The above requirements are not being met. Make sure the above
requirements should be met.
R1 R2
Lo 0 F 0/0 F 0/0 3 Lo 0
2000:192:1:12::/64
S 0/0
2000:192:1:23::/64
S 0/0
2000:192:1:34::/64
Lo 0 F 0/0 F 0/0 Lo 0
R4 R3
Scenario: IPv6 routing has been configured on R1,R2, R3 and R4. IPv6
addresses should have been assigned to the Physcial links based on the
following:
Loopback0 interfaces on all routers should have configured using the auto-
assigned addresses as follows:
R1 – Loopback0 – 2001:1:1:1::/64
R2 – Loopback0 – 2001:2:2:2::/64
R3 – Loopback0 – 2001:3:3:3::/64
R4 – Loopback0 – 2001:4:4:4::/64
Issue: The above requirements are not being met. Make sure the above
requirements should be met.
R1 R2
Lo 0 F 0/0 F 0/0 3 Lo 0
2000:192:1:12::/64
S 0/0
2000:192:1:23::/64
S 0/0
2000:192:1:34::/64
Lo 0 F 0/0 F 0/0 Lo 0
R4 R3
Scenario: IPv6 routing has been configured on R1,R2, R3 and R4. IPv6
addresses should have been assigned to the Physcial links based on the
following:
Loopback0 interfaces on all routers should have configured using the auto-
assigned addresses as follows:
R1 – Loopback0 – 2001:1:1:1::/64
R2 – Loopback0 – 2001:2:2:2::/64
R3 – Loopback0 – 2001:3:3:3::/64
R4 – Loopback0 – 2001:4:4:4::/64
Issue: The above requirements are not being met. Make sure the above
requirements should be met.
CCNPT
SHOOTL
ABWORKBOOK
Mo
dul
e6–T
roubl
esho
oti
ngSwi
tc
hingT
echno
logi
es
Copyr
ightsNetworker
sHome2007-2015
Websi
te:ht
tp:
//
www.networker
shome.com;i
nfo@net
worker
shome.
com
Page32of40
Lab 1 – Troubleshooting STP, VTP and
Inter-VLAN Routing Issues
R5
F 0/0 (.5)
192.1.15.0/24 VLAN 10
F 0/0.1 (.1)
R1
F 0/0.2 (.1)
192.1.13.0/24 VLAN 20
F0/0.1 (.3)
R3
F0/0.2 (.3)
192.1.34.0/24 VLAN 30
VLAN 30 (.15)
F 0/0 (.4)
R4 SW1
VLAN 40 (.15)
192.1.2.0/24 VLAN 40
F 0/0 (.2)
R2
Scenario: All Switches should have been configured in a VTP Domain CISCO.
SW1 should have been configured as a Server and all other switches. The VTP
communication should have been authenticated with a password of CCNP.
All the trunk ports should have been configured with Dot1q as the
encapsulation method.
EIGRP in AS 100 should have been run on all the routers and SW1 to provide
reachability.
SWI should have been configured as the Root bridge for VLANs 10 and 20. SW2
should have been configured as the Root Switch for VLANs 30 and 40.
Issue: The above requirements are not being met. Make sure the above
requirements should be met.
R5
F 0/0 (.5)
192.1.15.0/24 VLAN 10
F 0/0.1 (.1)
R1
F 0/0.2 (.1)
192.1.13.0/24 VLAN 20
F0/0.1 (.3)
R3
F0/0.2 (.3)
192.1.34.0/24 VLAN 30
VLAN 30 (.15)
F 0/0 (.4)
R4 SW1
VLAN 40 (.15)
192.1.2.0/24 VLAN 40
F 0/0 (.2)
R2
There is Security policy on your network such only R1 F0/0 and R2 F0/0
should be able to connect to Ports F 0/1 and F0/2 on SW1.
Ports F 0/5 – F 0/6 are in VLAN 40 on SW2. Some PC’s are going to be
connected to them in the future. These ports should have been configured to
learn 2 MAC address dynamically. If a third device tried to connect to them, the
ports should have been error disabled automatically.
There are PCs that are connected or will be connected to SW1 ports F0/17 –
18. These ports should have been set with dot1x authentication. These ports
should be put into VLAN 40 if authentication was successful. The
authentication should have used a RADIUS server located at 192.1.2.100 using
“cisco” as the key.
If the PC did not support Dot1X authentication, it should have been put into
VLAN 60. If the user had failed the authentication, it should have been put into
VLAN 61.
Issue: The above requirements are not being met. Make sure the above
requirements should be met.
SW1
SW2
VLAN 80
VLAN 90
SW4
VLAN 80
SW3
VLAN 90
Scenario: SW1 and SW4 belong to the same company. SW2 and SW3 belong
to the Service Provider. The Service provider is providing Layer-2 connectivity
between the 2 sites for the company using Q-in-Q Tunneling. The Company
has 2 VLAN’s (80 and 90). VLAN 80 on either site should have been able to
connect to each other. VLAN 90 on either site should have been able to connect
to each other. SW1 and SW4 should have been able to see each other in the
“Show CDP neighbor” command as a neighbor.
Issue: The above requirements are not being met. Make sure the above
requirements should be met.
R1 192.1.15.0/24 VLAN 10
VLAN 10 Primary
F 0/0 (.1)
192.1.100.0/24
R2 R3 R4 R5
VLAN 30 Isolated
VLAN 20 Community
Issue: The above requirements are not being met. Make sure the above
requirements should be met.
R1
F 0/0 (.1)
192.1.11.0/24 VLAN 11
R3 R4
F 0/1 (.3) F 0/1 (.4)
192.1.22.0/24 VLAN 20
F0/0(.2)
R2
Scenario: HSRP has been configured between R3 and R4 on VLAN 11. They
are using .34 as the Virtual HSRP address. R3 should have been the preferred
Router. R1 should have been pointing to the virtual HSRP address as the
Default Gateway.
Issue: The above requirements are not being met. Make sure the above
requirements should be met.