Você está na página 1de 629

Cisco Router History and Architectural Overview

Since the early 1990s, Cisco has taken a new approach towards device modularity on enterprise
network devices. In the past; the Cisco 2500 Series Routers, excluding the 2524 had fixed port(s)
configuration ranging from Ethernet, Serial, Token Ring, ISDN and Terminal Lines which in this case it
imposed a limit for network investment protection and scalability within an enterprise networks.
With the announcement and release of the Cisco 3600 Series Routers in 1996, businesses felt a relief in
investment protection as they were not required to replace an entire router when upgrading WAN
and/or LAN link aggregation. Companies could easily migrate from using an ISDN line to a content line
with the swap of a WIC (WAN Interface Module) as well as upgrade LAN ports from 10Base-T to
10/100Tx with the change of a NM (Network Module).
The Cisco 2600 Series routers, announced in March of 1998 was the next milestone for Cisco Systems
Inc., a new generation Multi-Service router(s) engineered to provide secure, wire-speed delivery of
simultaneous voice, data, video, and wireless services. However, the Cisco 2600 Series platforms lacked
one feature that was available on the Cisco 3600 Series routers which upset several network engineers
throughout the industry which was the PCMCIA flash card slots. Engineers that were familiar with the
3600 Series platforms found that during disaster recover, the restoration of configuration files as well as
IOS images was simple with the change of a PCMCIA Flash card.
The 3700 Series platforms which include the 3725 and the 3745 were announced around the same time
as the Cisco 2600 Series. These platforms was a major stepping stone in Ciscos device architecture as
these platforms introduced the removable Compact Flash (CF) card memory which is commonly used
with Digital Cameras. Even today, devices such as the 2800, 3800 Series ISR (Integrated Services
Routers), ASA 5500 Series Firewalls, and countless other platforms were designed to utilize Compact
Flash (CF) Cards. CF cards proved to be several times faster and more resilient than previous storage
technology utilized by Cisco devices.
In May of 2002, Cisco launched the new Cisco 2600XM Series Multi-Service Routers which included
several upgraded system architecture features such as a revision of the current Motorola Processor,
125MHZ SDRAM, 16MB integrated flash with a max flash of 48MB, and support of 128MB RAM.
Later, with the release of 12.2(8r) bootrom, the 2600XM Series Multi-service Routers physically
supported 256MB RAM. However, when 12.2(8r) was first introduced it only provided the futureability to use 256MB RAM. At that given time the Cisco IOS for the 2600XM were still limited to 128MB
RAM, however the benefit from using 256MB RAM and the 12.2(8r) bootrom is that the bootrom would
decompress the Cisco IOS image into address space not addressed by IOS kernel. Traditionally when the
images got larger on the 2600XM platform the processor addressable memory space shrunk as the
images are decompressed and loaded into memory upon boot (unlike the 2500 series which are ran
directly from flash) This gave a significant performance boot on the 2600XM platforms. At that time the
upgrade was offered, using 256MB RAM on a 2600XM platform gave you an additional 50-60MB or so as
the decompressed image did not reside in IOS processor addressable memory. If you do the show
memory command on a 2600XM with 256MB RAM running 12.3T youll see that the process should
have 128MB available to address. IOS versions released after October of 2004 had the ability to address
the full 256MB ram minus the decompressed image.

The Cisco 2691 router was also released at the same time as the 2600XM and its the fastest platform in
the 2600 Series portfolio. Designed with higher throughput, scalability, and versatility in mind. The Cisco
2691 Series router was the baby brother to the Cisco 3725 Series router. In a side by side comparison,
they look very similar; However performance and modularity and PRICE sets them apart.
The 1800, 2800 and 3800 Series routers support the HWIC (High-speed WAN Interface Cards) which
supports 400Mbps aggregate (shared among all slots) whereas previous WIC technology only supported
8Mbps aggregate per PCI BUS.
Example; the 2600XM Series has two integrated WIC slots on a shared bus. The 2600XM supports a
single WIC-2T port operating at 8Mbps speed or two ports at 4Mbps but due to the shared bus, the
other WIC slot cannot be used. This limitation also applied to the NM-1FE2W, NM-1FE1R2W, NM-2FE2W
and NM-2W network modules.
The 2800 Series ISR Routers (Excluding 2801) have four HWIC slots supporting 400Mbps aggregate
(400Mbps per all slots on a chassis) and one or more NME (Network Module Enhanced) slots operating
at a shared 1.2Gbps across all slots within the platform whereas its predecessor; Network Module was
only capable of operating at shared speeds up to 600Mbps across all network module slots within the
platform.
Several platforms including but not limited to the 2600 Series, 3700 Series and even newer Integrated
Services Routers have internal expansion slot(s) called AIM slots. AIM, which stands for Advanced
Integration Module is used for expanding the capabilities of a particular platform. There are a vast range
of Advanced Integration Modules available from Cisco such as the AIM-CUE which is the Cisco Unity
Express module that provides voice mail functionality for the Unified Communications Manager Express
platform or even the AIM-VPN module which is a cryptographic processor which offloads cryptographic
functions from the routers processor thus increasing router performance.
Click on the Router Matrix Chart tab to view charts of common routers including ports, slots,
performance, max RAM and FLASH;

Common Cisco Router Specifications


Cisco 2500 Series Routers
Token
Ring

ISDN

2H

16MB

2H

16MB

2H

16 Hub Ports

Router

RAM

Flash

Serial*

2501

16MB

16MB

2H

2502

16MB

16MB

2H

2503

16MB

16MB

2504

16MB

2507

16MB

Ethernet RJ45

AUI

Async
Lines*

2509

16MB

16MB

2H

8 Lines
Octal

2509RJ

16MB

16MB

1H

8 Lines
RJ-45

2510

16MB

16MB

2H

8 Lines
Octal

2511

16MB

16MB

2H

16 Lines
Octal

2511RJ

16MB

16MB

1H

16 Lines
RJ-45

2512

16MB

16MB

2H

16 Lines
Octal

2513

16MB

16MB

2H

2514

16MB

16MB

2H

2515

16MB

16MB

2H

2516

16MB

16MB

2H

14 Hub Ports 1
Ethernet Port

2518

16MB

16MB

24 Port Module

2520

16MB

16MB

2H 2L

2521

16MB

16MB

2H 2L

2522

16MB

16MB

2H 8L

1
Shared

2523

16MB

16MB

2H 8L

2524

16MB

16MB

1
Shared

2525

16MB

16MB

Notes: This chart was compiled for lab use only; these routers should NEVER be used in
production. 2500s have a Motorola 68030 20 MHz processor. Have 1x 80pin SIMM RAM slot & 2x pin
SIMM Flash slots. Some 2500 series routers have 2MB DRAM soldered onto the mainboard used for

buffer/shared memory. Async Lines can be used as modem ports or terminal lines used in access
servers. *H = High Speed Synchronous Serial Interface. *L = Low Speed Synchronous/Asynchronous
Serial Interface.

Cisco 1600 Series Routers


56k
DSU

Performance

4k pps

4k pps

AUI RJ45
Shared

1 BRI

4k pps

33Mhz

AUI RJ45
Shared

1
Ncontent

4k pps

33Mhz

1 RJ45 1
Shared

4k pps

Router

RAM

Flash*

CPU

Ethernet

WIC

1601

24MB

16MB

33Mhz

AUI RJ45
Shared

1602

24MB

16MB

33Mhz

AUI RJ45
Shared

1603

24MB

16MB

33Mhz

1604

24MB

16MB

1605

24MB

16MB

ISDN

Notes: 1600 Series used PCMCIA Flash Cards. 1600 Series routers use a Motorola 68360 33Mhz
Processor.

Cisco 3600 Series Routers


Router

RAM

Flash

CPU

3620

64MB

32MB

80Mhz

3631-CO

256MB

128MB

3640

128MB

3660

Ethernet

WIC

NM

AIM

Performance

None

20-40k pps

240Mhz

None

70k pps

32MB

100Mhz

None

50-70k pps

64MB

64MB

225Mhz

1 or 2 Fast Eth

100-120k pps

3661-CO

64MB

64MB

225Mhz

1 or 2 Fast Eth

100-120k pps

3662

256MB

64MB

225Mhz

1 or 2 Fast Eth

100-120k pps

Notes: 3600 Series routers are completely modular and support PCMCIA Flash Cards. 3620 & 3640 use
an IDT R7000 RISC Processor 3631 uses a PMC-Sierra RM7061A RISC Processor 3660s use a QED
RM5271 RISC Processor

Cisco 2600 & 2600XM Series Routers


Router

RAM

Flash

CPU

Ethernet

WIC

NM

AIM

Performance

2610

64MB

16MB

40Mhz

(1) 10Base-T

15k pps

2611

64MB

16MB

40Mhz

(2) 10Base-T

15k pps

2612*

64MB

16MB

40Mhz

(1) 10Base-T

15k pps

2613*

64MB

16MB

40Mhz

None

15k pps

2620

64MB

16MB

50Mhz

(1) FastEthernet

25k pps

2621

64MB

16MB

50Mhz

(2) FastEthernet

25k pps

2650

128MB

32MB

80Mhz

(1) FastEthernet

37k pps

2651

128MB

32MB

80Mhz

(2) FastEthernet

37k pps

2610XM

128MB

48MB

40Mhz

(1) FastEthernet

20k pps

2611XM

128MB

48MB

40Mhz

(2) FastEthernet

20k pps

2620XM

128MB

48MB

50Mhz

(1) FastEthernet

30k pps

2621XM

128MB

48MB

50Mhz

(2) FastEthernet

30k pps

2650XM

128MB

48MB

80Mhz

(1) FastEthernet

40k pps

2651XM

128MB

48MB

80Mhz

(2) FastEthernet

40k pps

2691

256MB

128MB

160Mhz

(2) FastEthernet

70k pps

Notes: The 2600 Series utilize the MCP860 PowerQUICC Processor. The 2612 & 2613 have an RJ45
Token Ring port. The 2691 supports both internal and CF (Compact Flash) Storage. 2620 & 2621 can
support 32MB Flash with 12.1(3r) bootrom or later. The 2600XM Series can support 256MB DRAM using
12.2(8r) bootrom or later.

Cisco 1700 Series Routers


Router
1701

RAM

Flash

CPU

Ethernet

128MB

32MB

40Mhz

(1) FastEthernet

ISDN

WIC

VIC

Performance

12k pps

1710

1711

96MB

64MB

16MB

16MB

48Mhz

(1) FastEthernet
& (1) 10Base-T

7k pps

100Mhz

(1) FastEthernet
& (4) 10/100
Switch Ports

13.5k pps

13.5k pps

1712

128MB

32MB

100Mhz

(1) FastEthernet
& (4) 10/100
Switch Ports

1720

48MB

16MB

48Mhz

(1) FastEthernet

8.5k pps

1721

128MB

32MB

48Mhz

(1) FastEthernet

12k pps

1750

48MB

16MB

48Mhz

(1) FastEthernet

8.5k pps

1751

96MB

32MB

48Mhz

(1) FastEthernet

12k pps

1760

128MB

64MB

80Mhz

(1) FastEthernet

4*

16k pps

Notes: 1700 Series Routers use a Motorola MCP RISC PowerQUICC Processor 1711 & 1712 have an
integrated VPN Hardware services module. Models 1720 and later support an installable VPN Hardware
Services Module. The 1711 Router has an integrated 56k v.90 analog modem. The 1760 has 4 available
VIC slots, two of which can only support WICs.

Cisco 3700 Series Routers


Route
r

RAM

Flash

CPU

Ethernet

WI
C

N
M

AI
M

HDS
M

Performanc
e

3725

256M
B

128M
B

240Mh
z

(2)
FastEthern
et

100k pps

3745

256M
B

128M
B

350Mh
z

(2)
FastEthern
et

225k pps

Notes: 3700 Series routers support High Density Service Modules (HDSMs) 3745 Can support 512MB
DRAM (2x256MB SODIMM) using 12.3(6r) Bootrom. 3700 Series routers support Online Insertion &
Removal (OIR) of NMs and Power Supplies.

Cisco 1800 Series Routers

Rout
er

RAM

Flas
h

Ethernet

aDSL

HWI
C

WiF
i

US
B

Performan
ce

1801

384M
B

128M
B

(1)
FastEthern
et

aDSL
Over
Pots

Yes

70k pps

1802

384M
B

128M
B

(1)
FastEthern
et

aDSL
over
ISDN

Yes

70k pps

1803

384M
B

128M
B

(1)
FastEthern
et

SHDS
L

Yes

70k pps

1805

384M
B

128M
B

(1)
FastEthern
et

None

Yes

70k pps

1811

384M
B

128M
B

(2)
FastEthern
et

None

Yes

70k pps

1812

384M
B

128M
B

(2)
FastEthern
et

None

Yes

70k pps

1841

384M
B

128M
B

250Mh
z

(2)
FastEthern
et

Yes*

No*

1*

75k pps

1861

384M
B

128M
B

250Mh
z

(2)
FastEthern
et

None

No

75k pps

CPU

Notes: All 1800 Series use a QED RM52xx Processor All 1800 Series excluding the 1841 have an 8 Port
10/100 Managed Switch. The 1841 does not have integrated WiFi but supports WiFi via the HWICAP The 1841 has a single USB 1.1 Port, Other 1800 Series have USB 2.0 The 1841 supports the aDSL
& G.SHDSL WIC and HWICs.The 1841 has an AIM Slot (Advanced Integration Module) The 1841
supports the majority of existing WICs, VWICs and VICs (Data Mode Only) The 1805 has an integrated
Cable DOCSIS 2.0 port and a 4 10/100 Port Managed Switch The 1861 has 4x Integrated FXS ports, 2x
BRI S/T, 8 Port 2x POE 10/100 Managed Switch.

Cisco 2800 Series Routers


Rout
er

RAM

Flas
h

CPU

Ethernet

HWI
C

NM
E

AI
M

DS
P

Performan
ce

2801

512M
B

256M
B

250Mh
z

(2)
FastEthernet

90k pps

2811

768M
B

256M
B

350Mh
z

(2)
FastEthernet

120k pps

1GB

256M
B

466Mh
z

(2)
GigabitEther
net

170k pps

1GB

256M
B

466Mh
z

(2)
GigabitEther
net

220k pps

2821

2851

Notes: The 2800 Series Routers have an Integrated Cryptographic Processor for VPN Services. The
2800 Series Routers have installable Digital Signal Processors (DSPs) for voice Services. The 2801
Does not support the HWIC-1GE (1 Port SFP HWIC) The 2800 Series supports the HWIC-1FE but not
the HWIC-2FE. HWIC-2FEs require 3800 Series.

Cisco 3800 Series Routers


Route
r

3825

3845

RA
M

Flas
h

CPU

Ethernet

HWI
C

NM
E

1GB

256M
B

500Mh
z

(2)
GigabitEther
net

1GB

256M
B

650Mh
z

(2)
GigabitEther
net

AI
M

DS
P

Performan
ce

350k pps

500k pps

Notes: The 3800 Series routers support High Density Service Modules (HDSMs) The 3800 Series routers
have a single Small Pluggable Form-factor (SFP) port. The 3825 Uses a Single-core Broadcom
BCM1125H 500 MHz Processor. The 3845 use a Dual-Core Broadcom BCM1250 650 MHz Processor.

Core Knowledge
So you take a brand new Cisco Router or switch out of the box and the very first thing you must do prior
to installing it is to put a basic configuration on it. In order to configure the basics on a Cisco device you
must first Console into the device.
If you ever take a brand new Cisco device out of the box youll see that it comes with a blue flat cable
that has a DB9 serial connector on one end and a network RJ45 connector on the other. Dont be fooled,
this is not a next generation Ethernet cable or some token ring cable but rather a Cisco Console Cable.
You use this cable to connect to he Cisco device via Serial Port so you can configure the device using
command line.

Because Cisco devices do not have graphics cards or the ability to use a mouse and keyboard, you must
connect to the device using another computer that provides that functionality so you can configure the
device via Console CLI.
In order to connect to a Cisco device via Console youll need to use a Terminal Emulator application.
Applications that you commonly use to perform this task can be Windows HyperTerminal which is
included with Windows XP however Windows Vista and newer requires you to manually
download/install this application.
An extremely popular terminal emulator is Putty which is completely free to download, you can get this
by clicking the Putty Terminal Emulator link found in the useful links menu section in the footer.
The most popular paid terminal emulator is known as SecureCRT which is developed by VanDyke. This
application at the time of writing this lab is $99 per single user license and supports SSH/Telnet/Serial
and a bunch of other protocols commonly not used anymore. SecureCRT however provides extremely
useful scripting functionality and logging capabilities along with the ability to save sessions in different
folders so you can easily connect to existing equipment later.
In many situations in real life you may be required to connect to a Cisco device via console when you
lock yourself out making an error in configuration such as misconfiguring an Access Control List or
perhaps you peg the processor by executing a processor intensive debug command. None the less, as a
Network engineer you must know how to console into a Cisco device.
Lab Prerequisites
In order to complete this lab you will need a real Cisco Router or Switch.
Prior to attempting this lab you must have a terminal emulator application installed such as
HyperTerminal, Putty or SecureCRT.
Lab Objectives
To complete this lab you will perform the following objectives;

Connect your PC to your Cisco Router or Switch using the blue Cisco Console Cable.

Execute putty and connect to your Cisco Router or Switch using Serial COM1 or your respective
COM port at the speed of 9600bps.

Power on your Cisco device and verify your console session by watching the device boot up on
the terminal emulator.

Before you Continue


It is recommended that you attempt to complete these lab objectives the first time without looking at
the Lab Instruction section.
If you are a student preparing for the Cisco CCNA Certification Exam than you are more likely to
remember how to complete these objectives if you attempt to complete them the first time on your

own with the use of the core knowledge section found in this lab. You should only resort to the Lab
Instruction section to verify your work.
Lab Instruction
While most terminal emulation software differs in available features and/or protocols, all terminal
emulators achieve the same goal. In this walk through, Putty will be used, which is freely available (See
Lab Summary) to connect to a Cisco device and establish a console session to the Cisco Command Line
Interface.
Step 1: Connect your Cisco console cable or terminal adapter to a Serial port on your computer.
Step 2: Connect the RJ45 end of the console cable to the Console port on your Cisco Lab Access Server
(Cisco 2509, 2511 or a Cisco router with a NM-xxA/S Network Module) do not power on your router yet.
Step 3: When first running the Putty executable you will be presented with the Putty Configuration
Window as shown below;

Step 4: After the Putty configuration window appears, move the bullet from SSH to Serial;
Note: COM1 is the default communications port for Putty Serial communications; you may need to
change your COM port to match the port which your console cable is connected to. 9600 BAUD is the
default speed for Putty. 9600 is also the default speed for Cisco devices using the configuration register
of 02102 (Configuration registers will be discussed in a later chapter)

Step 5: Once youve verified the COM port and Speed click Open and a new window will appear. This
window will be the terminal window. Once the COM# Putty terminal window has appeared, power on
your Cisco Device. After the device has booted; assuming that the NVRAM is clear, you will be prompted
with a Setup Configuration Dialog:
After you are presented with the Setup Configuration Dialog type n for no and press enter. You will
then be prompted to press Return to Get Started!, after pressing Enter you will be at the routers user
mode command line interface which looks like the following;

After you have reached this point you have completed the objectives of this lab.
Real World Application
This lab will help you will identify the Cisco Internetwork Operating System (Cisco IOS) Running on a
Cisco Device. Knowing what Cisco IOS Version and Feature Set is running on your Cisco devices is crucial
to planning and deploying required features. Think of Feature Sets as Windows Vista Distributions, you
have Basic, Home Edition, Home Premium, Business, Ultimate and Enterprise. In Cisco IOS, we have
similar distributions called Feature Sets that dictate which features will be available for you to
configure. Each feature set have different prices. Some feature sets contain the same features as others;
this will be discussed later in the lab.

Lab Prerequisites

Complete Lab 1.2 before attempting this lab or have a current Cisco console session open to
your Cisco device.

Lab Objectives

Identify what IOS Version and Features Set your Cisco device is currently running.

Lab Instruction
There are several ways to identify which Cisco IOS your Cisco device is running. First way being to
examine the boot dispatch, this will display the image name that is loaded from flash which in return can
be used to identify the IOS Version and Feature Set of the image.
Provided below is an example of the required dispatch from the boot process which can be used to
identify which IOS Version and Feature Sets the router is currently loading.
Cisco Internetwork Operating System Software
IOS (tm) 3600 Software (C3620-IK9O3S7-M), Version 12.3(25), RELEASE SOFTWARE (fc1)
Turn your attention to line 2 where you see C3620-IK9O3S7-M; this displays the features that are
included in the image and the loading type (which will be discussed later)for the image that is currently
be loaded by the Router. Following the feature set being loaded you can also see the Version of the IOS.
As shown in this example, the router is currently booting IOS Version 12.3(25)
The most common way of obtaining IOS identification information is by using the show
version command. This command shows various information pertaining to the Cisco IOS Version and
Feature Set as well as hardware information about the router.
The textbox below shows the dispatch of the show version command.
Router#show version
Cisco Internetwork Operating System Software
IOS (tm) 3600 Software (C3620-IK9O3S7-M), Version 12.3(25), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2008 by cisco Systems, Inc.
Compiled Mon 28-Jan-08 20:16 by alnguyen

ROM: System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)

Router uptime is 23 minutes


System returned to ROM by reload
System image file is "flash:c3620-ik9o3s7-mz.123-25.bin"

This product contains cryptographic features and is subject to United


States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to


export@cisco.com.

cisco 3620 (R4700) processor (revision 0x81) with 60416K/5120K bytes of memory.
Processor board ID 24807256
R4700 CPU at 80MHz, Implementation 33, Rev 1.0
Bridging software.
X.25 software, Version 3.0.0.
2 FastEthernet/IEEE 802.3 interface(s)
32 terminal line(s)
DRAM configuration is 32 bits wide with parity disabled.
29K bytes of non-volatile configuration memory.
32768K bytes of processor board System flash (Read/Write)

Configuration register is 0x2102

Router#
As you can see lines 2, 3 & 4 are identical to previously discussed boot dispatch information. However
take look at line 13 and youll seeSystem image file is flash:c3620-ik9o3s7-mz.123-25.bin This is the
actual image file name that is currently running on the router. This image name is very helpful in
identifying the IOS Version and Feature set.
Prior to Cisco IOS Version 12.4, Cisco had a very complex naming convention for their Feature Sets. This
naming convention consisted of letters identifying certain features in the image.
Below is a chart comprised of common pre-standing naming convention identification letters;
Image Letter

Feature Set

IP

IP on 1700 Series Platforms

IP Plus

S6

IP Plus No ATM

S7

IP Plus No Voice

Enterprise

IOS Firewall/Intrusion Detection

Cryptorgaphy/IPSEC/SSH

K8

56Bit DES Encryption (Weak Cryptography)

K9

3DES/AES Encryption (Strong Cryptography)

H323

Services Selection Gateway (SSG)

Remote Access Server or Packet Data Serving Node (PDSN)

Apple Talk

Novel IP/IPX

Vox

IBM

Unlawful Intercept

Service Provider

Telco

Telecommunications Feature Set

Boot

Boot Image (Used on high end routers/switches)

Now lets break down the naming convention of the image name for our previous image; flash:c3620ik9o3s7-mz.123-25.bin;

Now lets break down the Features included with this image as shown below;

i = IP k9 = Strong Cryptography (3DES / AES) o3 = IOS Firewall/Intrusion Detection s7 = Plus (7 = No


Voice)
Official Image Name: Cisco 3620 12.3(25) IP/FW/IDS PLUS 3DES IPSEC NO VOICE
Many images differ in how they load and their compression. As these features are also identified in the
image name below, the following chart will identify execution types and compression formats.

Image Letter

IOS Boot Location

The image executes from Flash memory.

The image executes from RAM.

The image executes from ROM

The image is relocatable.

The image is compressed using ZIP format.

The image is compressed using MZIP format.

The image is compressed using STAC format.

The example 3620 image used in this lab executes from RAM and uses ZIP compression.
As of 2006, Cisco has introduced a new naming convention for feature sets. This new naming convention
started in 12.3 and was implemented as the feature set naming standard in 12.4
Below is a feature tree comprised of the new naming convention used for Cisco router images 12.3T and
greater;

You can see that IP Base is the basic image, from this image it branches off into IP Voice, Advanced
Security or Enterprise Base.
IP Voice also has an upgrade to Service Provider Services, which includes SP Services Features, IP Voice
Features and IP Base features.
Only Advanced Images contain Advanced Encryption Standard (AES) Cryptography
The following categories summarize the new naming convention:
Feature Set

Description

Base

Entry level image (IP Base, Enterprise Base)

Services

addition of IP Telephony Service, MPLS, Voice over IP, Voice over Frame
Relay and ATM (Included in SP Services, Enterprise Services)

Advanced

Addition of VPN, Cisco IOS Firewall, 3DES encryption, SSH, Cisco IOS IPSec
and Intrusion Detection Systems (IDS) (Advanced Security, Advanced IP
Services)

Enterprise

Addition of multi-protocols, including IBM, IPX, AppleTalk (Enterprise


Base, Enterprise Services)

Just like the new naming convention for Cisco Router IOS, Cisco has given the Switch IOS a new naming
convention as well. This naming convention is very similar to the router IOS naming convention. Shown
below is a feature tree of the new switch IOS naming convention;

Below are some examples of images using the new Cisco naming convention;
Example images for a Cisco 2800 Series Router: c2800nm-adventerprisek9-mz.124-21.bin c2800nmipbase-mz.124-21.bin
Example Images for a Cisco Catalyst 3750 Series Switch: c3750-advipservicesk9-mz.12244.SE.bin c3750-ipservicesk9-mz.122-44.SE.bin c3750-ipbase-mz.122-44.SE.bin
IP Base; formally known as Standard Multilayer Image (SMI) on Cisco Catalyst 3550 Series switches
includes advanced quality of service, rate limiting, access control lists (ACLs) and basic static and RIP
routing functionality.
IP Services; formally known as Enhanced Multilayer Image (EMI) on Cisco Catalyst 3550 Series Switches
has a more feature rich set of enterprise-class routing functionality as well as advanced hardware-based
IP Unicast and IP Multicast routing, policy based routing (PBR).
Advanced IP Services is not available as a pre-installed license but is available as an upgrade license. This
feature set includes IPv6 routing and IPv6 ACL support.
Enterprise Services & Advanced Enterprise Services are the cream of the crop. The images includes all
features available to the platform; also these license(s) are the most expensive. These license(s) are only
supported on various modular switches such as the Catalyst 4500, 4900, 6500 and others.
Below are a few examples of switch models you can purchase and the software license thats bundled
with the platform(s).
C3560-24PS-S = Cisco 3560 Series 24 Ports PoE with Standard Image (IP Base) C3750-48TS-E = Cisco 3750
Series 48 Port Non-PoE with Enhanced Image (IP Services)
The Cisco Catalyst 2960 Series has a different license model due to the switch being strictly layer 2. The
Catalyst 2960 Series license model is similar to the Catalyst 2950 Series which includes two separate

feature sets, Standard Image and Enhanced Image however, the new feature sets are called LAN LITE &
LAN BASE. These new feature sets do have a significant difference including Quality of Services (QoS),
Gigabit Ethernet Support, RPS, Rapid Spanning Tree, Link State Tracking, 802.1x enhancements, DHCP
Snooping and many more features which can be found on the Cisco website.
Cisco IOS 15.0 was released October 1st 2009 and with this new mainline IOS release, well see the use
of the Universal Image. The feature sets have not changed but now with the use of these new universal
images, image feature sets have to be licensed using a license file stored in NVRAM. Upon boot, the IOS
looks at this license file and activates the features specified in the license; that of which youve
purchased.
Each license file is specific to each platform serial number so therefore license files will not be
swappable. No doubt with all the Cisco IOS piracy that occurs in the Cisco networking world today, Cisco
systems is losing millions if not billions in license profit.
The next generation Integrated Services Routers which include the 1900 Series, 2900 Series and 3900
Series will use a single universal image file and require feature sets to be licensed. As part of the license
management suite, Cisco offers a license management server as well as an IOS feature that can
automatically download the license file from Cisco if your router is able to access the internet.
Cisco also utilized this technology with the 3560E and 3750E Switches. Example IOS IMAGE names
shown below; c3560e-universalk9-mz.122-50.SE2.bin c3750e-universalk9-mz.122-50.SE2.bin c3900universalk9-mz.150-1M.bin [/text]
Configuring a Cisco Access Server
Moving your console cable from one device to another can be time consuming. This lab will discuss and
demonstrate configuration and verification of a Cisco terminal server such as a Cisco 2509, 2511 or the
Cisco NM-16A/S and NM-32A/S
Real World Application:
This lab will teach you how to configure a Cisco Access Server which can be used to access all your Cisco
Lab devices from a single point of administration.
Often times, many companies will utilize Access Servers for direct console access to a Cisco device in a
network rack, this allows the remote administrator(s) to reload the router and examine the bootstrap
dispatch as well as boot into ROM Monitor mode remotely for password recovery, image recovery and
access control list configuration.
Lab Prerequisites

Complete Lab 1.2 before attempting this lab or have a current Cisco console session open to the
access server.

Make sure that the Access Server Async Lines are connected to the respected devices. Example;

Line Number

Device

Router 1

Router 2

Router 3

Router 4

Router 5

Switch 1

Switch 2

Switch 3

Lab Objectives

Assign a Hostname to the Access Server of your preference.

Configure a Loopback interface to use for in reverse telnet sessions.

Configure local ip host(s) for reverse telnet to the loopback interface on the correct lines that
are plugged into their respective devices. See Lab Prerequisites for example.

Prevent the Async lines from establishing an EXEC session with the access server.

Configure the input transport protocol to Telnet on the Async lines.

Optional Prevent reverse telnet sessions on the Async lines from timing-out.

Lab Instruction
Step 1: Assign a Hostname to the Access Server of your preference.
Router>enable
Router#configure terminal

Enter configuration commands, one per line. End with CNTL/Z

Router(config)#hostname Access_Server
Access_Server(config)#
Step 2: Configure a loopback interface for use in reverse telnet sessions.
Access_Server(config)#interface loopback 0
Access_Server(config-if)#ip address 10.10.10.10 255.255.255.255
Access_Server(config-if)#exit
Access_Server(config)#
Step 3: Configure local ip host(s) to utilize the loopback0 interface and the respected Async line for
reverse telnet. To view the available line numbers on your platform issue the do show line command
from global configuration.
Access_Server(config)#ip host r1 2001 10.10.10.10
Access_Server(config)#ip host r2 2002 10.10.10.10
Access_Server(config)#ip host r3 2003 10.10.10.10
Access_Server(config)#ip host r4 2004 10.10.10.10
Access_Server(config)#ip host r5 2005 10.10.10.10
Access_Server(config)#ip host r6 2006 10.10.10.10
Access_Server(config)#ip host sw1 2007 10.10.10.10
Access_Server(config)#ip host sw2 2008 10.10.10.10
Access_Server(config)#ip host sw3 2009 10.10.10.10
Step 4: Prohibit the async lines from establishing an EXEC session with the access server.
Access_Server(config)#line 1 16
Access_Server(config-line)#no exec
Step 5: Configure the transport input protocol on the async lines to Telnet.
Access_Server(config-line)#transport input telnet
Step 6: Optional Prevent reverse telnet sessions on the Async lines from timing-out.
Access_Server(config-line)#exec-timeout 0 0
Access_Server(config-line)#end
Access_Server#
After you have configured the device, be sure to test each and every line by typing in the hostname of
the device you wish to establish a console session with.

Access_Server#r1

Trying r1 (10.10.10.10, 2001) Open

% Please answer yes or no.

Would you like to enter the initial configuration dialog? [yes/no]:


To exit this session use the key stroke combination Ctrl + Shift + 6 then X Executing this key stroke
combination will take you back to your Access Servers CLI.
Access Server#r1

Trying r1 (10.10.10.10, 2001)... Open

% Please answer 'yes' or 'no'.

Would you like to enter the initial configuration dialog? [yes/no]:

Access Server#
You will have several commands available to you for trouble shooting and diagnostics. Such as the show
host command shown below;
Access_Server#show host
Default domain is not set
Name/address lookup uses domain service

Codes: UN - unknown, EX - expired, OK - OK, ?? - revalidate


temp - temporary, perm - permanent
NA - Not Applicable None - Not defined

Host

Port

Flags

Age Type Address(es)

r1

2001

(perm, OK) 0

IP

10.10.10.10

r2

2002

(perm, OK) 0

IP

10.10.10.10

r3

2003

(perm, OK) 0

IP

10.10.10.10

r4

2004

(perm, OK) 0

IP

10.10.10.10

r5

2005

(perm, OK) 0

IP

10.10.10.10

sw1

2006

(perm, OK) 0

IP

10.10.10.10

sw1

2007

(perm, OK) 0

IP

10.10.10.10

sw3

2008

(perm, OK) 0

IP

10.10.10.10

Access_Server#
Also another command available is the show session command. This command will display information
about your current telnet sessions.
Access_Server#show session
Conn Host
* 1 r1

Address
10.10.10.10

Byte Idle Conn Name


0

r1

Access_Server#
You may often be required to clear an Async line because the line is already in use and when trying to
establish a connection to a device may be refused as shown below;
Access_Server#r1
Trying r1 (10.10.10.10, 2001)...
% Connection refused by remote host
Access_Server#
To clear a line that a device is connected to, you must first know the line number which the device is
connected to, this can be found out by doing the show host command as previously discussed. To clear
an Async line, you will use the clear line tty xx. The example shown below is used to clear the Async line
that r1 is connected to.
Access_Server#clear line tty 1
[confirm]
[OK]
Access_Server#

Installing Graphical Network Simulator v3


Learn to install GNS3 onto your workstation or person computer which can be used by most of the labs
published by Free CCNA Workbook.
Real World Application
GNS3 is commonly used as a training tool for those whom are interested in learning how to configure
Cisco equipment or even those whom are seeking to achieve Cisco Career certifications. GNS3 is used by
all levels of Cisco students for training from the CCNA all the way up to the CCIE Certification.
GNS3 was originally intended to be a training tool but has another great use in the real world which is
config verification and command verification. If youre wondering how to setup a feature you have in
mind but do not have a router on hand and cannot do it on production routers then fire up GNS3 and
youre free to configure till your fingers are blue.
Lab Prerequisites
Free CCNA Workbook recommends that your PC has at least a Dual Core processor with 2GB of
RAM to run the Stub Area GNS3 topology.
Free CCNA Workbook highly recommends that your PC have a Quad Core processor with 4GB of
RAM.
Download the GNS3 (Graphical Network Simulator v3) from the link in the side bar or by
clicking HERE
Lab Objectives
Download the Graphical Network Simulator v3 Software (GNS3)
Install GNS3 on your computer.
Lab Instruction
Step 1. Youll need to download the GNS3 all in one package from the link provided in the side bar or by
clicking HERE You can choose to run it or download it to a folder if you wish to keep the executable.
Step 2. After you have downloaded the installer then run the installer and youll be presented with the
Installation Wizard (Shown Below). Please note that you need ADMINISTRATIVE privileges to install
GNS3 & WINPCAP (Required by GNS3)

Step 3. After you are presented with the Installation Wizard click next to continue. You are required to
agree to and accept the License Agreement for GNS3, if you do not accept this agreement then you must
have a physical lab to do the labs found on this website.

Step 4. After accepting the License Agreement you will be presented with the option to rename the
default folder name found on the Start Menu from GNS3 to whatever you like. If you wish to change the
name of the folder then type it in manually or you can accept the default of GNS3 and click next.
Step 5. Now you are presented with the list of packages included in this GNS3 Installer. WinPCAP is a
Packet Capture/Network Monitoring Library that is included with the GNS3 Installer for packet analysis.
Dynamips is the actual router emulator software that GNS3 uses; GNS3 is just a graphical user interface
for Dynamips. PemuWrapper is a Cisco PIX hardware emulator which allows you to run a PIX device in
GNS3 to simulate networks with PIX Firewalls. You can leave all of these packages Checked and click
next.

Step 6. You are now presented with the folder to where the Installer will install GNS3 to. By default
GNS3 will install to the location of C:\Program Files\GNS3 If you are running a 64bit OS then GNS3 will
install to C:\Program Files (x83)\GNS3
Step 7. The GNS3 installer will automatically download WinPCAP and prompt you to install it as shown
below; Click next on the WinPCAP Installer advertisement screen.

Step 8. Click next on the WinPCAP Installer Welcome Screen.

Step 9. You must accept the License Agreement for WinPCAP to install the software.

Step 10. After accepting the License Agreement for WinPCAP, the software will install, click finish
afterwards;

Step 11. After WinPCAP installs GNS3 will install and after its installed Youve successfully installed
GNS3. Click finish to exit the installer.

Real World Application


This lab will teach you how to import the Free CCNA Workbook Lab topology into GNS3. This is required
if you have not built a physical lab to use with this website.
Real world application does not apply to this lab however in this lab you will learn how to configure the
Free CCNA Workbook GNS3 topology which is used on 95% of all labs found in the Free CCNA Workbook.
Lab Prerequisites
Have GNS3 installed and the GNS3 environment variables configured which include the working
directory, execution path, IOS Image directory and temp paths. If you do not have this
completed than check out labs 1-5 Installing Graphical Network Simulator v3 and 1-6 Basic
Graphic Network Simulator v3 Configuration
Have the Cisco IOS images listed in the previous lab extracted and located in the images location
for the c3725 and c3640 platforms.
Ensure that the 3725 and 3640 platforms are configured in the Stub Area Networking GNS3
topology file before importing the Free CCNA Workbook Lab Topology or the importation will
Fail.
Lab Objectives
Download and Import the Free CCNA Workbook Lab Topology file.
Successfully start all routers in the Lab Topology and apply an Idle PC Value to each device.
Familiarize yourself with the Free CCNA Workbook Topology by viewing the GNS3 topology or by
visiting the Topology page found in the main navigation bar across the top of the page.
Lab Instruction
Step 1. First off youll need to ensure youve downloaded the Free CCNA Workbook GNS3 topology file
by clicking the link on the left hand side bar or by clicking HERE!
Step 2. After youve downloaded the Free CCNA Workbook GNS3 topology file, extract it to your desktop
or a folder that you store files to.

Step 3. Load the GNS3 topology by double clicking on the file, GNS3 should load automatically and
import the topology.
Step 4. After GNS3 loads and the topology is imported, you can then start R1 by right clicking on R1 and
clicking start on the context menu. Once youve started this device, you can right click the device again
and click Console to bring up the Putty terminal emulation window. This will present you with console
access to R1 in the topology.
After making sure that the router has booted up into user mode; if prompted you can type n to skip
the Initial Configuration Dialog and wait till you receive the prompt Router>
After youve received the user mode prompt youll need to wait about 10 seconds till the router is idling
then youll need to configure the router with its own IDLE PC value. Dynamips is a very processor
intensive application and each device running within Dynamips will need an IDLE PC value that can be
applied to the device so the application can reduce the physical processor load. Note that an IDLE PC
value is REQUIRED for each device.
Experiment with your IDLE PC values as these values are different on a per machine basis. Be sure to
watch your processor utilization when experimenting with IDLE PC values to determine which values
would best suit your machine. You can view your current processor utilization by starting task manager
when clicking on your task bar; Afterward click on performance.
Once youve successfully started all devices in the topology and applied IDLE PC values to each device,
you should then familiarize yourself with the Free CCNA Workbook topology. You can do so by clicking
the Topology link in the top navigation bar or by clicking HERE!
This page will show you the physical WAN, LAN and Switching topologies used by all labs published by
Free CCNA Workbook. Please note that the most labs found on the website can be completed using
GNS3 v1.0 however all Switching labs require Cisco 3560 Switches. You can get free access to these
switches via the Stub Lab.

Stub Lab Topology Hardware


When Free CCNA Workbook was started back in late 2009, we designed the labs in a manner in which
they could be completed using GNS3 or real Cisco hardware. This of course has changed over the past
few years as some technologies youll be tested on are no longer supported by GNS3. You can however
complete most labs found on this website using GNS3 v1.0 however you will be unable to copy and paste
initial configurations onto the CLI due to the interface numbering differences.
The Stub Lab which is the lab hardware and topology used by Free CCNA Workbook to publish its freely
available labs is built around give Cisco 2811 Series Integrated Services Routers and four Cisco Catalyst
3560 Series multilayer switches. Even though these devices are EoL/EoS (End of Life, End of Service)
they will still run the Cisco IOS 15.x IOS operating system which is a requirement found in the Cisco
CCNA certification exam blueprint(s).
For those of you who wish to build the same lab, at the current market cost (April 2014) this lab is
estimated to cost $2,200 USD minus the Opengear IM4216 (Console Server) which is $2,195.
The following table is a list Cisco hardware used in the Stub Lab and all labs published by Free CCNA
Workbook:

Device
Name

Device
Model

R1
*(CME)*

Cisco
2811

R2

Cisco
2811

R3

Cisco
2811

R4

Cisco
2811

R5

Cisco
2811

256MB

SW1

Cisco
356024PS

Flash

Memory

Ethernet
Interfaces

WIC
Cards

Software

2x FastEthernet

2x WIC1DSU-T1V2

15.1(4)M7 Adv
IP Services

2x FastEthernet

2x WIC1DSU-T1V2

15.1(4)M7 Adv
IP Services

2x FastEthernet

2x WIC1DSU-T1V2

15.1(4)M7 Adv
IP Services

2x FastEthernet

2x WIC1DSU-T1V2

15.1(4)M7 Adv
IP Services

512MB

2x FastEthernet

2x WIC1DSU-T1V2

15.1(4)M7 Adv
IP Services

32MB

128MB

24x FastEthernet, 2x
Gigabit Ethernet

Not
Applicable

12.2(55)SE8 IP
Services

SW2

Cisco
356024TS

32MB

128MB

24x FastEthernet, 2x
Gigabit Ethernet

Not
Applicable

12.2(55)SE8 IP
Services

SW3

Cisco
356024TS

32MB

128MB

24x FastEthernet, 2x
Gigabit Ethernet

Not
Applicable

12.2(55)SE8 IP
Services

SW4

Cisco
356024TS

32MB

128MB

24x FastEthernet, 2x
Gigabit Ethernet

Not
Applicable

12.2(55)SE8 IP
Services

FW1

Cisco
ASA
5510

256MB

1GB

5x FastEthernet

Not
Applicable

ASA 9.1(5)
Security Plus

FW2

Cisco
ASA
5510

256MB

1GB

5x FastEthernet

Not
Applicable

ASA 9.1(5)
Security Plus

512MB

256MB

256MB

256MB

768MB

512MB

512MB

512MB

BB1

Cisco
2811

BB2

Cisco
2811

BB3

Cisco
2811

64MB

64MB

64MB

256MB

256MB

256MB

2x FastEthernet

2x WIC1DSU-T1V2

15.0(1)M10
Adv IP Services

2x FastEthernet

2x WIC1DSU-T1V2

15.0(1)M10
Adv IP Services

2x FastEthernet

2x WIC1DSU-T1V2

15.0(1)M10
Adv IP Services

Lab Physical WAN Topology


The following WAN topology is used by most labs published by Free CCNA Workbook (Excluding Voice).
The WAN topology consist of five Cisco 2811 ISR Series Routers each with two WIC-1DSU-T1-V2 cards
installed in HWIC slots 0 and 1. The WAN topology is used to educate engineers on legacy Frame Relay,
PPP, MLPPP and T1 circuit configurations which are still commonly used in locations where Ethernet
connectivity is unavailable such as gas stations, convenience stores, small branch locations and so on.
The WAN Topology is cabled in a simple ring topology using T1 Cat5e crossovers as depicted below;

The following matrix is a list of circuit information related to the WAN Topology:
Local Router

Local Interface

Remote Router

Remote Interface

R1

Serial0/0/0

R2

Serial0/1/0

R2

Serial0/0/0

R3

Serial0/1/0

R3

Serial0/0/0

R4

Serial0/1/0

R4

Serial0/0/0

R5

Serial0/1/0

R5

Serial0/0/0

R1

Serial0/1/0

Backbone Router Physical WAN Topology


As of 2014 three backbone routers (Cisco 2821s) have been added to the lab topology. These backbone
routers have their own T1 ring WAN topology as depicted below;

The following matrix is a list of circuit information related to the backbone router WAN Topology:
Local Router

Local Interface

Remote Router

Remote Interface

BB1

Serial0/0/0

BB2

Serial0/1/0

BB2

Serial0/0/0

BB3

Serial0/1/0

BB3

Serial0/0/0

BB1

Serial0/1/0

Lab Physical Ethernet Topology


The Ethernet topology is used throughout all labs published on the Free CCNA Workbook website. The
following topology depicts Ethernet connectivity from the Cisco 2811 Series routers to the Cisco 3560
Multilayer Switches.

Local Router

Local Interface

Remote Switch

Switch Port

R1

FastEthernet0/0

SW1

FastEthernet0/1

R1

FastEthernet0/1

SW2

FastEthernet0/1

R2

FastEthernet0/0

SW1

FastEthernet0/2

R2

FastEthernet0/1

SW2

FastEthernet0/2

R3

FastEthernet0/0

SW1

FastEthernet0/3

R3

FastEthernet0/1

SW2

FastEthernet0/3

R4

FastEthernet0/0

SW1

FastEthernet0/4

R4

FastEthernet0/1

SW2

FastEthernet0/4

R5

FastEthernet0/0

SW1

FastEthernet0/5

R5

FastEthernet0/1

SW2

FastEthernet0/5

BB1

FastEthernet0/0

SW1

FastEthernet0/10

BB2

FastEthernet0/0

SW2

FastEthernet0/10

BB3

FastEthernet0/0

SW3

FastEthernet0/10

Backbone Router Ethernet Connectivity


As of July of 2014, Backbone routers have been added to the topology which are 2811s which utilize
their own T1 ring WAN topology and connections to SW1, SW2 and SW3 as depicted below;

Local Router

Local Interface

Remote Switch

Switch Port

BB1

FastEthernet0/0

SW1

FastEthernet0/10

BB2

FastEthernet0/0

SW2

FastEthernet0/10

BB3

FastEthernet0/0

SW3

FastEthernet0/10

Lab Physical Switching Topology


This switching topology shows all the inter-switch link connections between the four switches found in
the lab. This topology is built using crossovers and is primarly used in the Switching labs found on the
Free CCNA Workbook website. Please note that all router Ethernet connectivity depend on the physical
and logical switching topology to be correctly cabled and configured.

Local Switch

Local Interface

Remote Switch

Remote Interface

SW1

FastEthernet0/19

SW3

FastEthernet0/19

SW1

FastEthernet0/20

SW3

FastEthernet0/20

SW1

FastEthernet0/21

SW4

FastEthernet0/21

SW1

FastEthernet0/22

SW4

FastEthernet0/22

SW1

FastEthernet0/23

SW2

FastEthernet0/23

SW1

FastEthernet0/24

SW2

FastEthernet0/24

SW2

FastEthernet0/21

SW3

FastEthernet0/21

SW2

FastEthernet0/22

SW3

FastEthernet0/22

SW2

FastEthernet0/19

SW4

FastEthernet0/19

SW2

FastEthernet0/20

SW4

FastEthernet0/20

SW3

FastEthernet0/23

SW4

FastEthernet0/23

SW3

FastEthernet0/24

SW4

FastEthernet0/24

Real World Application


In this lab you will learn how to configure a GNS3 Ethernet NIO (Network Input/Output) Cloud used in
labs found in the Free CCNA Workbook.
If you are using GNS3 then throughout the Free CCNA Workbook you will be required to connect to the
router using your host machine. The workbook was created so GNS3 can be used while running on a
Windows XP Professional PC. While running GNS3 on other operating systems such as Windows Vista or
Windows 7 is possible but due to the compatibility of GNS3, it is currently recommended that you run
GNS3 on a Windows XP machine.
This lab will show you how to configure a Microsoft Loopback interface used for local host IP
connectivity to an Ethernet interface of a Cisco device within GNS3. This simulates physical connectivity
to the emulated Cisco platform.
You can choose to bind the GNS3 Cloud to your physical adapter rather then the Microsoft Loopback
Adapter; when using the physical adapter this gives you the option to connect to the GNS3 Cisco devices

from another device within your LAN, however connecting to the GNS3 Cisco device via local host will
have a high probability of crashing the Dynamips Engine.
Please note that you may have compatibility issues with Windows 7 and Windows Vista 64bit loopback
interfaces, a 32bit operating system is recommended.
Lab Prerequisites
Load the Free CCNA Workbook GNS3 topology and establish a console session to SW1
Lab Objectives
Install a MS Loopback interface on Windows XP
Configure an IP address on the newly created MS Loopback adapter.
Create a Cloud interface in GNS3 and bind it to the newly created MS Loopback Adapter.
Verify your connectivity by assigning an IP address to SW1 in the same subnet that you assigned
to the MS Loopback adapter. For lab demonstration purposes, Free CCNA Workbook devices will
use 192.168.255.1-8/24 and the host machine is 192.168.255.10/24
Lab Instruction
Step 1. Navigate to the Control Panel by clicking Start > Control Panel or by loading My Computer and
clicking Control Panel down the left side bar within Other Places
Once in control panel double click the Add Hardware icon and the Add Hardware Wizard will pop up as
shown below;

After clicking next the Wizard will automatically search for new hardware; this may take a few minutes;

Once the Wizard has finished searching for new hardware and none is found you will be asked rather or
not the new hardware is already connected, bullet the Yes, I have connected the hardware and click next

Slide the scroll bar on the right side of the list down to the bottom and highlight Add new hardware
device as shown below and click next;

You will now be prompted rather or not you want the Add New Hardware wizard to automatically
search for the new hardware. Click the bottom bullet that says Install the hardware that I manually
select from a list (Advanced) as shown below and click next;

Youre now given a list of different types of hardware you can choose to install. Scroll down the list and
select Network Adapters as shown below and click next;

The next window will display a Manufacture list on the left hand side and devices available to install by
that manufacture on the right. Some computers may have multiple manufacture options to choose
from, if so then select the Microsoft manufacture in the list on the left hand side then select the
Microsoft Loopback Adapter in the list on the right hand side as shown below and click next;

You are now shown the hardware device you are attempting to install prior to installing it as shown
below, just click next and Windows will install the device. A window with a progress bar may pop up
showing the progress of the device driver installation;

Once the Microsoft Loopback Adapter is installed click finish as shown below and restart your computer;

Step 2. Configure an IP address on the newly created MS Loopback adapter.


The Microsoft Loopback Adapter will appear as a physical NIC when you load Network Connections
found in Control Panel. You can configure an IP address on this MS Loopback Adapter just as you would
a physical NIC. Use an IP address range that does not conflict with any networks that youre connected
to. A Great example would be 192.168.255.10/24
Step 3. Create a Cloud interface in GNS3 and bind it to the newly created MS Loopback Adapter.
Load up the Free CCNA Workbook GNS3 topology and in the Node Type list on the left side of the GNS3
window you will see a node called Cloud. Left click that node and hold down the mouse button and drag
that node onto the topology pane as shown below;
Note: Click on the images to open in a browser window in high resolution.

Once the Cloud is in the topology pane, double click the cloud and you will see the Cloud tree and the
list of Clouds available for configuration. Click Cloud 1 named CL1 as shown below;

Once in the Cloud configuration you will notice 2 text boxes under Generic Ethernet NIO (require
Administrator access). If you have multiple network adapters you will see them all listed when clicking
on the first textbox. Find the Adapter that has the name Network Adapter: MS LoopBack and add that
adapter by clicking the ADD. Once completely you will see the Ethernet uid in the large textbox as shown
below;

After Binding the MS Loopback network adapter to Cloud 1 (CL1) its time to logically connect Cloud 1 to
SW1 in the Free CCNA Workbook GNS3 topology. This is done by clicking on the RJ-45 Ethernet plug as
shown in the picture below and selecting FastEthernet;
When logically connecting devices in GNS3, you can only connect the medium that the interfaces on the
virtual devices are rated at. e.g; you cannot connect GigaEthernet to a FastEthernet interface on SW1.

After selecting the FastEthernet medium from the Add a Link button shown in the previous picture
click on the cloud as shown below and you will be given the NIO UID that is associated with that cloud,
highlight and click the NIO UID;

Now drag the link sourced from Cloud 1 (CL1) over to SW1 in the topology and click SW1. This will
automatically terminate the link to the FastEthernet1/0 interface as its the only available interface to
terminate the link to.

Step 4. Verify your connectivity by assigning an IP address to SW1 in the same subnet that you
assigned to the MS Loopback adapter. For lab demonstration purposes, Free CCNA Workbook devices
will use 192.168.255.1-8/24 and the host machine is 192.168.255.10/24.
Now its time to test connectivity so assign an IP address to SW1s FastEthernet1/0 interface and ping the
local host from SW1s command line as shown below;
Router con0 is now available
Press RETURN to get started!
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname SW1
SW1(config)#interface FastEthernet 1/0
SW1(config-if)#ip add 192.168.255.1 255.255.255.0
SW1(config-if)#no shut
SW1(config-if)#end
SW1#ping 192.168.255.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.10, timeout is 2 seconds:
..!!!
Success rate is 60 percent (3/5)
SW1#ping 192.168.255.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/5/8 ms
SW1#

Cisco 2500 Series Router Password Reset | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Cisco 2500 Series Password Reset

Ever get stuck on trying to figure out a forgotten password on a Cisco 2500 Series Router? This lab will discuss and
demonstrate how to bypass the existing passwords to allow you to recover your configuration or reset the password.

Real World Application


While 2500 series routers are long since shocking to see in a production environment, there are some however that remain
production to this day with up times of 8 years or more. The most common use for the Cisco 2500 Series Router(s) are for training
purposes; commonly used in lab environments, the 2500 series router makes a great introductory router to the Cisco IOS
(Internetwork Operating System).

Lab Prerequisites
A Cisco 2500 Series router that has an unknown console or enable password.
An active Serial Console session to the device that youre unable to login to.

Lab Objectives
Break the boot sequence when powering on the Cisco 2500 Series router to place yourself in rom monitor mode.
Change the configuration register to 0x2142 to make the router bypass the contents of NVRAM when booting then initialize the
router (boot the router into IOS)
(Option 1) Once booted, place yourself into privileged mode and copy the start up-config to the running config. Afterward,

http://www.freeccnaworkbook.com/workbooks/ccna/cisco-2500-series-router-password-reset/[4/12/2015 6:40:37 PM]

Cisco 2500 Series Router Password Reset | Free CCNA Workbook

you may change the line password or enable password and write the configuration by to NVRAM by issuing the copy run start
command.
(Option 2) Once booted, place yourself into privileged mode and do a write erase to clear the contents of the NVRAM.
Now change the configuration register back to 0x2102 to boot set the router to boot normally and load the NVRAM contents
upon boot.

Lab Instruction
Shown below is a Cisco 2501 router that has a console password on the device. With such password you will not be able to access
exec mode without authenticating this password correctly. When buying routers used, you may commonly be faced with scenario.
Router con0 is now available
Press RETURN to get started.
User Access Verification
Password:
Step 1 Power cycle the router or power on the router initially. While the router is booting youll need to break the boot sequence to
boot the router into bootrom, you do this by holding down CTRL and pressing PAUSE BREAK. Do this repeatedly till you are placed
at the bootrom prompt.
System Bootstrap, Version 11.0(10c), SOFTWARE
Copyright (c) 1986-1996 by cisco Systems
2500 processor with 14336 Kbytes of main memory
Abort at 0x10B1F3C (PC)
>

Step 2. Change the configuration register so that the router will ignore the contents of the NVRAM when booting into Cisco IOS. Set
the configuration register to 0x2142 and initialize the router (Boot the router to IOS).
>o/r 0x2142
>i

Step 3a (Option 1) After the router has booted into Cisco IOS, youll be prompted by the initial configuration dialog, type n here
and press enter and youll be placed into user mode. Now youre able to place your self into privileged mode by typing enable. Once
in privileged mode you can copy the startup configuration to the running configuration and then change the passwords manually then
saved the configuration by to NVRAM by typing copy run start.
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: n
Press RETURN to get started!
Router>enable
Router#copy start run
Destination filename [running-config]?
506 bytes copied in 3.868 secs (168 bytes/sec)

http://www.freeccnaworkbook.com/workbooks/ccna/cisco-2500-series-router-password-reset/[4/12/2015 6:40:37 PM]

Cisco 2500 Series Router Password Reset | Free CCNA Workbook

ARCVRSR01#configure terminal
ARCVRSR01(config)#enable secret NEWENABLEPASSWORD
ARCVRSR01(config)#line con 0
ARCVRSR01(config-if)#password NEWPASSWORD
ARCVRSR01(config-if)#end
ARCVRSR01#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]
ARCVRSR01#
Step 3b (Option 2) After the router has booted into Cisco IOS, youll be prompted by the initial configuration dialog, type n here
and press enter and youll be placed into user mode. Now youre able to place your self into privileged mode by typing enable. Once
in privileged mode you can erase the contents of NVRAM by issuing the write erase command.
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: n
Press RETURN to get started!
Router>enable
Router#write erase
Erasing the nvram filesystem will remove all files! Continue? [confirm]
[OK]
Erase of nvram: complete
Router#
Step 5 Once youve performed a password reset or NVRAM sanitation, youll need to set the configuration register back to 0x2102
so the router will boot normally and load the NVRAM contents upon a reboot or power failure.
Router#configure terminal
Router(config)#config-register 0x2102
Router(config)#end

Previous Lab

Like

178 Tweet

http://www.freeccnaworkbook.com/workbooks/ccna/cisco-2500-series-router-password-reset/[4/12/2015 6:40:37 PM]

Next Lab

Cisco 2500 Series Router Password Reset | Free CCNA Workbook

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/cisco-2500-series-router-password-reset/[4/12/2015 6:40:37 PM]

Cisco 2600 Series Router Password Reset | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Cisco 2600 Series Password Reset

Have you ever forgotten the password to a modern Cisco Router and need to reset it? This lab will discuss and
demonstrate resetting the password modern Cisco routers starting with the 2600 Series and later.

Real World Application


The Cisco 2600 Series routers are by far the most popular routers used in Lab environments and many still exist today in production
as many business have the moto if it works then Dont fix it.
Recovering passwords or sanitizing the NVRAM contents on a Cisco router rather it be the 2600 series or newer generation routers is
a very common procedure and should be known by any CCNA without referring to documentation.

Lab Prerequisites
A Cisco 2600 Series router or greater that has an unknown console or enable password.
An active Serial Console session to the device that youre unable to log into.

Lab Objectives
Break the boot sequence when powering on the Cisco 2600 Series router to place yourself in ROM monitor mode.
Change the configuration register to 0x2142 to make the router bypass the contents of NVRAM when booting then reset the
router.

http://www.freeccnaworkbook.com/workbooks/ccna/cisco-2600-series-router-password-reset/[4/12/2015 6:41:09 PM]

Cisco 2600 Series Router Password Reset | Free CCNA Workbook

(Option 1) Once booted, place yourself into privileged mode and copy the start up-config to the running config. Afterward,
you may change the line password or enable password and write the configuration by to NVRAM by issuing the copy run start
command.
(Option 2) Once booted, place yourself into privileged mode and do a write erase to clear the contents of the NVRAM.
Now change the configuration register back to 0x2102 to boot set the router to boot normally and load the NVRAM contents
upon boot.
Now change the configuration register back to 0x2102 to boot set the router to boot normally and load the NVRAM contents
upon boot.

Lab Instruction
As shown below is a Cisco 2651XM router that has a console password on the device. With such a password you cannot access
exec mode without authenticating this password correctly. When buying routers used, you may commonly be faced with scenario.
Router con0 is now available
Press RETURN to get started.
User Access Verification
Password:
Step 1 Power cycle the router or power on the router initially. While the router is booting youll need to break the boot sequence to
boot the router into bootrom, you do this by holding down CTRL and pressing PAUSE BREAK. Do this repeatedly till you are placed
at the bootrom prompt.
System Bootstrap, Version 12.2(8r) [cmong 8r], RELEASE SOFTWARE (fc1)
Copyright (c) 2003 by cisco Systems, Inc.
C2600 platform with 262144 Kbytes of main memory
monitor: command "boot" aborted due to user interrupt
rommon 1 >

Step 2 Change the configuration register so that the router will ignore the contents of the NVRAM when booting into Cisco IOS. Set
the configuration register to 0x2142 and boot the router.
rommon 1 >confreg 0x2142
rommon 2 >reset

Step 3a (Option 1 Reset Password) After the router has booted into Cisco IOS, youll be prompted by the initial configuration
dialog, type n here and press enter and youll be placed into user mode. Now youre able to place your self into privileged mode by
typing enable. Once in privileged mode you can copy the start-up configuration to the running configuration and then change the
passwords manually then saved the configuration by to NVRAM by typing copy run start.
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: n
Press RETURN to get started!

http://www.freeccnaworkbook.com/workbooks/ccna/cisco-2600-series-router-password-reset/[4/12/2015 6:41:09 PM]

Cisco 2600 Series Router Password Reset | Free CCNA Workbook

Router>enable
Router#copy start run
Destination filename [running-config]?
506 bytes copied in 3.868 secs (168 bytes/sec)
IMAROUTER#configure terminal
IMAROUTER(config)#enable secret NEWENABLEPASSWORD
IMAROUTER(config)#line con 0
IMAROUTER(config-if)#password NEWPASSWORD
IMAROUTER(config-if)#end
IMAROUTER#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]
IMAROUTER#
Step 3b (Option 2 Factory Reset) After the router has booted into Cisco IOS, youll be prompted by the initial configuration
dialog, type n here and press enter and youll be placed into user mode. Now youre able to place your self into privileged mode by
typing enable. Once in privileged mode you can erase the contents of NVRAM by issuing the write erase command.
By issuing the write erase command it will erase the startup configuration which is stored in NVRAM and reset the router back to the
factory default. This will remove ALL configuration from the router. If you just want erase the configuration on a Cisco Router or
Switch, using the write erase command followed by reload will complete the task.
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: n
Press RETURN to get started!
Router>enable
Router#write erase
Erasing the nvram filesystem will remove all files! Continue? [confirm]
[OK]
Erase of nvram: complete
Router#
Step 4. Once youve performed a password reset or NVRAM sanitation, youll need to set the configuration register back to 0x2102
so the router will boot normally and load the NVRAM contents upon a reboot or power failure.
Router#configure terminal
Router(config)#config-register 0x2102
Router(config)#end

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/cisco-2600-series-router-password-reset/[4/12/2015 6:41:09 PM]

Next Lab

Cisco 2600 Series Router Password Reset | Free CCNA Workbook

Like

10 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/cisco-2600-series-router-password-reset/[4/12/2015 6:41:09 PM]

Fixed Configuration Catalyst Switch Password Reset | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Catalyst Switch Password Reset

Forget the console or enable password(s) to your Catalyst Switch? Not a problem. This lab will discuss and
demonstrate how to reset the password(s) on Cisco fixed configuration Catalyst series switches

Real World Application


In all actuality, people forget passwords everyday but forgetting the password(s) on a Cisco Catalyst series switch can be frustrating.
Unlike a Cisco Router, you actually have to be at the console of the switch rather it be remote desktop to a PC with a console cable
to the switch or physically near the switch. However the Frustrating part is that in order to boot into the SWITCH ROM, you need
someone physically at the switch to unplug it and press in the MODE button on the front of the switch and hold it down while the
power is plugged back in.
This lab will discuss resetting and/or clearing the password(s) for the Cisco Catalyst LAN Switches including but not limited to the
2900XL, 2950, 3500XL, 3550, 3560, 3750 Series switches.
For this very reason forgetting switch passwords can be quite frustrating. As a network engineer that holds the CCNA certification
youre expected to know how perform this procedure without referencing any Cisco documentation.

Lab Prerequisites
Youll need an active Console session with the switch youre unable to access.
Youll need to be physically located near the switch to perform this procedure.

Lab Objectives
http://www.freeccnaworkbook.com/workbooks/ccna/fixed-configuration-catalyst-switch-password-reset/[4/12/2015 6:41:32 PM]

Fixed Configuration Catalyst Switch Password Reset | Free CCNA Workbook

Boot the switch into SWITCH ROM by holding the MODE button down and plugging in the power to the switch.
Rename the configuration file in flash to a different name such as; config.old
Boot the switch and copy the contents of flash:config.old into the running configuration after youve obtained privilege level
access.
Copy the updated configuration to NVRAM by syncing the running config with the start-up config.

Lab Instruction
Step 1 Boot the switch into SWITCH ROM by holding down the MODE button on the front left hand side of the switch and plugging
the power into the switch. Note that different switches require you to hold the MODE button for different periods of time.
Shown below is a table showing the time youre required to hold down the MODE button after powering plugging in the power to the
switch;

Cisco Catalyst Switch Series

LED Behavior and Mode Button Release Action

2900XL, 3500XL, 3550

Release the Mode button after the LED above port FastEthernet0/1 goes out.

2940, 2950

Release the Mode button after approximately 5 seconds when the Status (STAT) LED
goes out. When you release the Mode button, the SYST LED blinks amber.

2960, 2970

Release the Mode button when the SYST LED blinks amber and then turns solid green.
When you release the Mode button, the SYST LED blinks green.

3560, 3750

Release the Mode button after approximately 15 seconds when the SYST LED turns
solid green. When you release the Mode button, the SYST LED blinks green.

Step 2 Once youve successfully booted into SWITCH ROM, youll see the following dispatch;
Boot Sector Filesystem (bs) installed, fsid: 2
Base ethernet MAC Address: 00:14:f2:d2:41:80
Xmodem file system is available.
The password-recovery mechanism is enabled.
The system has been interrupted prior to initializing the
flash filesystem. The following commands will initialize
the flash filesystem, and finish loading the operating
system software:
flash_init
boot
switch:
Step 3 Once your at the SWITCH ROM prompt youll need to initialize the flash by typing the flash_init command.
switch:flash_init
Initializing Flash...
flashfs[0]: 5 files, 1 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 15998976
flashfs[0]: Bytes used: 12282368
flashfs[0]: Bytes available: 3716608

http://www.freeccnaworkbook.com/workbooks/ccna/fixed-configuration-catalyst-switch-password-reset/[4/12/2015 6:41:32 PM]

Fixed Configuration Catalyst Switch Password Reset | Free CCNA Workbook

flashfs[0]: flashfs fsck took 10 seconds.


...done Initializing Flash.
switch:
Step 4 List the files stored in flash to view the avaliable configuration text files. By default the configuration file name is config.text;
switch:dir flash:
Directory of flash:/
1 -rwx 10573494
2 -rwx 684
3 -rwx 1938
4 -rwx 1654
5 -rwx 3096

c3560-advipservicesk9-mz.122-44.SE6.bin
vlan.dat
private-config.text
config.text
multiple-fs

3716608 bytes available (10508886 bytes used)


switch:

Step 5 Youll see in the given example above the config.text file which is 1654 bytes, rename this file to config.old
If you wish to just erase the configuration instead of resetting the password you can use the delete flash:config.text command.
switch:rename flash:config.text flash:config.old

Step 6 After youve renamed the config.text file to config.old verify that the file was indeed renamed correctly by doing the dir flash:
command. Once youve verified that the config file has been renamed boot the switch with the boot command.
Step 7 Once the switch has booted you will be prompted by the initial configuration setup prompt, disregard this to gain user mode
access.
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: n
Switch>
Step 8 OPTIONAL If you do not intend to reset the password as stated by the NOTE in step 5, you can stop now. If you wish to
reset the password on the previous configuration continue to step 9.
Step 9 Change to privileged mode and copy the contents of the old start-up configuration to the running config using the command
copy flash:config.old run
Switch>enable
Switch#copy flash:config.old run
Destination filename [running-config]?
1654 bytes copied in 9.647 secs (171 bytes/sec)
ARSCORESW1#
Step 10 After youve loaded the old configuration file as the running configuration and youre in privileged mode youll be able to
change the passwords such as enable secret or line passwords. Once youve changed these passwords you can save the
configuration by issuing the copy run start command.
Switch#configure terminal
Switch(config)#enable password NEWENABLEPASSWORD
Switch(config)#line con0
Switch(config-line)#password NEWCONSOLELINEPASSWORD

http://www.freeccnaworkbook.com/workbooks/ccna/fixed-configuration-catalyst-switch-password-reset/[4/12/2015 6:41:32 PM]

Fixed Configuration Catalyst Switch Password Reset | Free CCNA Workbook

Switch(config-line)#end
Switch#copy run start
Destination filename [startup-config]?
Building configuration...
[OK]
0 bytes copied in 1.309 secs (0 bytes/sec)
Switch#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/fixed-configuration-catalyst-switch-password-reset/[4/12/2015 6:41:32 PM]

Fixed Configuration Catalyst Switch Password Reset | Free CCNA Workbook

http://www.freeccnaworkbook.com/workbooks/ccna/fixed-configuration-catalyst-switch-password-reset/[4/12/2015 6:41:32 PM]

Cisco Device Initial Configuration Dialog | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Initial Configuration Dialog

So that annoying little prompt you get each time you boot a Cisco Router or Switch up with no config on it asking you
about initial setup can actually be somewhat helpful. This lab will discuss and demonstrate the Initial Configuration
Dialog.

Real World Application


The Initial Configuration Dialog is commonly an annoyance for engineers but on the dull side you are required to know it for the
CCNA exam. However youll never use this configuration dialog once youre experienced in navigating Cisco IOS as the
configurations this dialog makes, youll know how to configure manually.
However; The Initial Configuration Dialog is actually quite useful when shipping a device overseas that is not configured and you
need an inexperienced individual to configure basic connectivity to the device. Other then that scenario, the Initial Configuration
Dialog is commonly disregarded by all experienced network engineers; however as a CCNA youd required to be familiar with the
Initial Configuration Dialog.

Lab Prerequisites
If Youre using GNS3 than load the Free CCNA Workbook GNS3 topology and start R1 than establish a console session with
R1.

Lab Objectives

http://www.freeccnaworkbook.com/workbooks/ccna/cisco-device-initial-configuration-dialog/[4/12/2015 6:41:57 PM]

Cisco Device Initial Configuration Dialog | Free CCNA Workbook

Familiarize yourself with the Initial Configuration Dialog.

Lab Instruction
When opening a brand new Cisco box rather it be a Cisco Switch or Router, after booting the device youll be prompted by the Initial
Configuration Dialog. Youll also be prompted by this dialog if you do the write erase command in privileged mode and reload the
device as it erases the contents of NVRAM. When a Cisco device does not have a startup-config located in NVRAM, the device will
prompt you rather or not to start the Initial Configuration Dialog.
Another reason as to why you may see this is that your configuration register is set to 0x2142 which ignores the contents of NVRAM
upon boot which is commonly used for password recovery.
As shown below in the configuration box youll see the Initial Configuration Dialog prompt; select yes and press return.
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: yes

After starting the System Configuration Dialog, the step by step process is relatively easy and the dialog will explain options in details.
This lab will only demonstrate the basic management configuration, however it is up to you to walk through the entire system
configuration dialog by typing no at the 2nd prompt as shown below;
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
Basic management setup configures only enough connectivity
for management of the system, extended setup will ask you
to configure each interface on the system
Would you like to enter basic management setup? [yes/no]: yes

After typing yes at the basic management setup prompt youll be given the options to configure the hostname and passwords as
shown below;
Configuring global parameters:
Enter host name [Router]: R1
The enable secret is a password used to protect access to
privileged EXEC and configuration modes. This password, after
entered, becomes encrypted in the configuration.
Enter enable secret: CISCO
The enable password is used when you do not specify an
enable secret password, with some older software versions, and
some boot images.
Enter enable password: cisco
The virtual terminal password is used to protect
access to the router over a network interface.
Enter virtual terminal password: cisco

After setting the passwords in the basic management dialog, youll be prompted to enable SNMP (Simple Network Management
Protocol) which is an industry standard protocol to allow device management via an API. After you say yes to this option youll be
required to configure a snmp community string as shown below;

http://www.freeccnaworkbook.com/workbooks/ccna/cisco-device-initial-configuration-dialog/[4/12/2015 6:41:57 PM]

Cisco Device Initial Configuration Dialog | Free CCNA Workbook

Configure SNMP Network Management? [no]: yes


Community string [public]: COMMUNITYSTRINGGOESHERE

After configuring the SNMP options youll be required to configure a single interface within the management network, keep in mind
youll need to type out the entire name of the interface as shown below;
Current interface summary
Any interface listed with OK? value "NO" does not have a valid configuration
Interface
Interface
FastEthernet0/0
FastEthernet0/1
Serial1/0
Serial1/1
Serial1/2
Serial1/3

IP-Address
IP-Address
unassigned
unassigned
unassigned
unassigned
unassigned
unassigned

OK?
OK?
NO
NO
NO
NO
NO
NO

Method
Method
unset
unset
unset
unset
unset
unset

Status
Status
up
up
up
up
up
up

Protocol
Protocol
up
up
down
down
down
down

Enter interface name used to connect to the


management network from the above interface summary: FastEthernet0/0

Once youve selected an interface that will participate in the management network, youre required to configure the IP parameters for
that interface as shown below;
Configuring interface FastEthernet0/0:
Operate in full-duplex mode? [no]:
Configure IP on this interface? [yes]:
IP address for this interface: 10.1.1.1
Subnet mask for this interface [255.0.0.0] : 255.255.255.0
Class A network is 10.0.0.0, 24 subnet bits; mask is /24
Once youve set those options the router will display a script of the changes to be made to the running configuration as shown below;
The following configuration command script was created:
hostname R1
enable secret 5 $1$kGQ2$tr6bd7mW9zjqzfkUHhnCE0
enable password cisco
line vty 0 4
password cisco
no snmp-server
!
no ip routing
!
interface FastEthernet0/0
no shutdown
half-duplex
ip address 10.1.1.1 255.255.255.0
no mop enabled
!
interface FastEthernet0/1
shutdown
no ip address
!
interface Serial1/0
shutdown
no ip address
!
interface Serial1/1
shutdown
no ip address
!
interface Serial1/2
shutdown
no ip address
!
interface Serial1/3

http://www.freeccnaworkbook.com/workbooks/ccna/cisco-device-initial-configuration-dialog/[4/12/2015 6:41:57 PM]

Cisco Device Initial Configuration Dialog | Free CCNA Workbook

shutdown
no ip address
!
end
Afterwards the router gives you the option to save that configuration, start setup over again or disregard the setup information you
just provided to the initial configuration dialog. For this lab Im going to accept the configuration by entering option 2 to save the
configuration to NVRAM and exit to CLI.
[0] Go to the IOS command prompt without saving this config.
[1] Return back to the setup without saving this config.
[2] Save this configuration to nvram and exit.
Enter your selection [2]: 2
The enable password you have chosen is the same as your enable secret.
This is not recommended. Re-enter the enable password.
Building configuration...
Use the enabled mode 'configure' command to modify this configuration.
% Crashinfo may not be recovered at bootflash:crashinfo
% This file system device reports an error
Press RETURN to get started!
R1>

Previous Lab

Like

Next Lab

96 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

GNS3 - Cisco Device Emulator


Download

http://www.freeccnaworkbook.com/workbooks/ccna/cisco-device-initial-configuration-dialog/[4/12/2015 6:41:57 PM]

Cisco Device Initial Configuration Dialog | Free CCNA Workbook

:( http://t.co/wjL6GYuo2O

Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco
CCNA labs that can be completed using
the GNS3 platform.

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/cisco-device-initial-configuration-dialog/[4/12/2015 6:41:57 PM]

Navigating the Cisco Command Line Interface | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Navigating the Cisco CLI

Finding your way around the Cisco Command Line is crucial to becoming a successful Cisco network engineer. This
lab will discuss and demonstrate the different operational modes, shortcuts and more.

Real World Application


As a Cisco network engineer, youll need to master navigating through the command line interface as all cisco devices are configured
via CLI. However there are a few Java configuration GUIs such as ASDM and PDM but these are commonly frowned upon as those
GUI configuration tools tend to make device configurations look unclean to engineers whom use the CLI. As a CCNA Youre required
to master navigation through different CLI modes including but not limited to User Mode, Privileged Mode, Global Configuration
Mode, Interface Configuration Mode, Router Configuration Mode, VLAN Database Configuration Mode, Access-List Configuration
Mode Mode and Line Configuration Mode.

Lab Prerequisites
If you are using GNS3 than load the Stub Area Networking GNS3 topology than start and establish a console session with R1.

Lab Objectives
Familiarize yourself with the different modes on a Cisco IOS based Device.
Familiarize yourself with legacy terminal keystroke combinations for CLI navigation.

http://www.freeccnaworkbook.com/workbooks/ccna/navigating-the-cisco-command-line-interface/[4/12/2015 6:42:26 PM]

Navigating the Cisco Command Line Interface | Free CCNA Workbook

Lab Instruction
Mastering the navigation through the Cisco command line interface is an absolute requirement for any Cisco engineer. There are
several different types of modes in the Cisco CLI. User mode is the mode youre first placed into upon pressing return after entering
your user authentication information, vty or line password. Once youre placed into User Mode, youre limited as to the commands
youre able to execute from the CLI.
However, many commands at the user level can be very informative such including but not limited to; ping, traceroute, show cdp
neighbors, show version and show interface command(s).
In privileged mode, youre given the ability to configure the device and execute management commands including but not limited to;
configure, clear, reload, more, copy, delete, erase and debug.
As shown below in the terminal box you can see that after pressing return youre placed into Cisco CLI with the > greater then sign
next to the hostname. This is called user mode.
Router con0 is now available
Press RETURN to get started.
Router>
At any point in the Cisco CLI you can use the question mark to get a context mode sensitive help list of available commands to
execute from your current privilege level. shown below;
Router>?
Exec commands:
access-enable
access-profile
clear
connect
crypto
disable
disconnect
emm
enable
ethernet
exit
help
lat
lock
login
logout
mrinfo
mstat
mtrace
name-connection
--More--

Create a temporary Access-List entry


Apply user-profile to interface
Reset functions
Open a terminal connection
Encryption related commands.
Turn off privileged commands
Disconnect an existing network connection
Run a configured Menu System
Turn on privileged commands
Ethernet parameters
Exit from the EXEC
Description of the interactive help system
Open a lat connection
Lock the terminal
Log in as a particular user
Exit from the EXEC
Request neighbor and version information from a multicast router
Show statistics after multiple multicast traceroutes
Trace reverse multicast path from destination to source
Name an existing network connection

You can use return to show line by line or space bar to show the next paragraph of available commands. If you wish to exit the list
without pressing space bar continuously to reach the end of the list, press the Q key.
When in user mode you can elevate your privileges by issuing the command enable from the user mode cli prompt. If you have an
enable password or enable secret configured then youll be prompted to provide such authentication information to elevate your
privileges.
Take note that when entering the password on a Cisco device, you will NOT see the password typed out. This is intentionally done by

http://www.freeccnaworkbook.com/workbooks/ccna/navigating-the-cisco-command-line-interface/[4/12/2015 6:42:26 PM]

Navigating the Cisco Command Line Interface | Free CCNA Workbook

Cisco to prevent people from looking over your shoulders.


Router>enable
Password:
Router#
Once in privileged mode youre able to execute commands that allow you to maintain and configure the device such as copy runningconfiguration startup-configuration
Router#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...
[OK]
Router#

When youre in privileged mode you can configure the router by entering the command configure terminal. This command will place
you into global configuration mode where you can make device configuration changes. Note that this may not always be the case, if
a Cisco Access Control Server is used for command authorization then each command you execute will be authorized by the Cisco
ACS server prior to execution. The ACS Server (which is outside of the scope of the CCNA Certification) allows security engineers to
control which users can execute which commands based on configured policies.
Router#configure terminal
Enter configuration commands, one per line.
Router(config)#

End with CNTL/Z.

Within global configuration mode (denoted by the (config)# prompt) you have access to different configuration modes such as
interface configuration mode, router configuration mode, VLAN Database configuration mode, access-list configuration mode and
many others;
Router(config)#interface f0/0
Router(config-if)#router eigrp 1
Router(config-router)#ip access-list extended example_acl_name
Router(config-ext-nacl)#line con 0
Router(config-line)#
To exit a specific mode to the previous mode just execute the command exit
In the early days of the Cisco IOS, keystroke navigation was used. Now days this type of navigation is considered legacy and no
longer used but there is that .001% change that one day youll need it so its good to be aware of its existence.

Key
Result

ESC + F

Move insertion point to the beginning of the next word.

ESC + B

Move insertion point to the beginning of the current word.

ESC + DEL

Erase previous word.

ESC + D

Erase word, or section of a word, following the insertion point.

http://www.freeccnaworkbook.com/workbooks/ccna/navigating-the-cisco-command-line-interface/[4/12/2015 6:42:26 PM]

Navigating the Cisco Command Line Interface | Free CCNA Workbook

ESC + C

Capitalize letter following the insertion point.

ESC + U

Change next word or word section to all UPPERCASE letters.

ESC + L

Change next word or word section to all lowercase letters.

CTRL + A

Move insertion point to the beginning of the line.

CTRL + E

Move insertion point to the end of the line.

CTRL +

Erase entire command line youre working on (to the insertion points left).

CTRL + T

Transpose previous two characters.

CTRL + K

Erase from the cursor to the start of the command line.

CTRL + R

Search the list of commands incrementally based on what you type.

Tab

Complete the path or filename.

UP Arrow

List previous commands up.

DOWN Arrow

List previous commands down.

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been


GNS3 - Cisco Device Emulator

http://www.freeccnaworkbook.com/workbooks/ccna/navigating-the-cisco-command-line-interface/[4/12/2015 6:42:26 PM]

Navigating the Cisco Command Line Interface | Free CCNA Workbook

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco
CCNA labs that can be completed using
the GNS3 platform.

Download

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/navigating-the-cisco-command-line-interface/[4/12/2015 6:42:26 PM]

Configuring an IP address on an Interface | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Interface IP Address Configuration

Knowing how to assigning IP Addresses to Cisco hardware is a deal breaker when it comes to the CCNA and any
networking job dream you have. This lab will discuss how to assign IP addresses to specific interfaces on Cisco
Routers and/or Switches.

Real World Application


As a Cisco Network Engineer, you will be required to know how to configure an IP Address on different types of interfaces. After all,
what good is a Cisco router if it cannot route?
Assigning an IP address to an interface is the foundational requirement for all Cisco devices as Cisco devices are networking
devices.
You can however assign multiple IPv4 addresses to a single interface but there is one catch. When dealing with dynamic routing
protocols, advertisements are sourced from the primary address. Secondary addresses are commonly used during IP address
migrations such as moving from a Class C to a Class A address scheme.

>Lab Prerequisites
If youre using GNS3 than load the Stub Area Networking GNS3 topology than Router 1.
Establish a console session with Router 1.

Lab Objectives

http://www.freeccnaworkbook.com/workbooks/ccna/interface-ip-address-configuration/[4/12/2015 6:42:48 PM]

Configuring an IP address on an Interface | Free CCNA Workbook

Configure the Primary IP Address of 10.234.51.254/24 on interface FastEthernet0/0


Configure a Secondary IP Address of 172.27.48.254/24 on Interface FastEthernet0/0
Activate the FastEthernet0/0 Interface.
Verify your configuration changes via the running-configuration.

Lab Instruction
Configuring an IP address on a Cisco router and/or switch is a very common task and youre required know how to do it without
referencing any documentation as a CCNA.
To get started, navigate your way into Global configuration mode as shown below;
Router con0 is now available

Press RETURN to get started.

Router>enable
Password:
Router#configure terminal
Enter configuration commands, one per line.
Router(config)#

End with CNTL/Z.

Step 1. Configure the IP address 10.234.51.254 on interface FastEthernet0/0. In order to to this configuration youll need to place
yourself into FastEthernet0/0 interface configuration mode as shown below;
To view the available interfaces for configuration execute the interface ? from global configuration mode.
Router(config)#interface FastEthernet 0/0
Router(config-if)#
Once in interface configuration mode you use the command syntax ip address n.n.n.h s.s.s.m; to complete the first lab objective well
need to execute the ip address 10.234.51.254 255.255.255.0 from the FastEthernet0/0 interface configuration mode as shown
below;
Router(config-if)#ip address 10.234.51.254 255.255.255.0
Router(config-if)#

Step 2. Configure a Secondary IP Address of 172.27.48.254/24 on Interface FastEthernet0/0


As noted in the beginning of the lab, secondary IP addresses are commonly used during network re-ip migrations. Using secondary
IP Addresses in production as a architectural design is not recommended by Cisco. To complete the second objective of this lab
youll need to issue the ip adddress command again with the correct address and just add the word secondary to the end of the
command syntax.
Router(config-if)#ip address 172.27.48.254 255.255.255.0 secondary

http://www.freeccnaworkbook.com/workbooks/ccna/interface-ip-address-configuration/[4/12/2015 6:42:48 PM]

Configuring an IP address on an Interface | Free CCNA Workbook

Router(config-if)#
Step 3. Activate the FastEthernet0/0 Interface. By default, all interfaces on a Cisco router are placed in Administratively Down. To
bring an interface up, issue the no shutdown command.
Router(config-if)#no shutdown
Router(config-if)#
%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
Router(config-if)#
Step 4. Verify your configuration changes via the running-configuration.
To verify your configuration changes, exit the interface configuration mode to privileged mode by pressing CTRL + Z and executing
the command show run interface FastEthernet 0/0
Router(config-if)#^Z
%SYS-5-CONFIG_I: Configured from console by console
Router#show run interface FastEthernet 0/0
Building configuration...
Current configuration : 148 bytes
!
interface FastEthernet0/0
ip address 172.27.48.254 255.255.255.0 secondary
ip address 10.234.51.254 255.255.255.0
duplex auto
speed auto
end
Router#

Previous Lab

Like

Next Lab

126 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

http://www.freeccnaworkbook.com/workbooks/ccna/interface-ip-address-configuration/[4/12/2015 6:42:48 PM]

Configuring an IP address on an Interface | Free CCNA Workbook

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/interface-ip-address-configuration/[4/12/2015 6:42:48 PM]

Interface Specific Configurations | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Interface Specific Configurations

When it comes to configuring interface parameters, there are several that you know know off the top hand. This lab will
discuss and demonstrate the most common interface specific configurations that you need to memorize to become a
great network engineer.

Real World Application


Statically configuring interface configurations is a common practice in specific areas of the network such as a Data Center or link
aggregation. Its best practice to configure node to node devices statically and node to host dynamically (auto) excluding data
centers.. As a network engineer youll be required to make such configurations to routers and/or switches in a network quite often.

Lab Prerequisites
If youre using GNS3 than load the Stub Area Networking GNS3 topology than start Router 1.
Establish a console session with Router 1.

Lab Objectives
Statically set the speed of interface FastEthernet0/0 to 100.
Statically set the duplex of interface FastEthernet0/0 to Full.
Configure interface FastEthernet0/0 with an MTU of 1520 bytes.
Configure the bandwidth on interface FastEthernet0/0 to 10Mbps.

http://www.freeccnaworkbook.com/workbooks/ccna/interface-specific-configurations/[4/12/2015 6:43:09 PM]

Interface Specific Configurations | Free CCNA Workbook

Configure a delay of 10ms on interface FastEthernet0/0.


Statically set the MAC address on interface FastEthernet0/0 to ca02.0adc.0ef9.
Disable Keepalives on Interface FastEthernet0/0.
Disable the Cisco Discovery protocol on interface FastEthernet0/0.

Lab Instruction
There are several key interface configurations that youll be required to know as a Cisco engineer. This lab lists some of the most
common interface configuration attributes for a Cisco router.
The first objective of this lab is to statically set the speed of interface FastEthernet0/0 on Router 1 to 100Mbps. This is accomplished
by using the speed command within interface configuration mode as shown below;
Router con0 is now available

Press RETURN to get started.

Router>enable
Password:
Router#configure terminal
Enter configuration commands, one per line.
Router(config)#interface FastEthernet 0/0
Router(config-if)#speed 100

End with CNTL/Z.

When statically setting the speed of an interface on a Cisco device, its best practice to statically set the duplex as well, this is
accomplished by executing the duplex command within interface configuration mode;
Router(config-if)#duplex ?
auto Enable AUTO duplex configuration
full Force full duplex operation
half Force half-duplex operation
Router(config-if)#duplex full

When dealing with Ethernet WAN links or ipsec tunnel interfaces (outside of the ccna scope) it is common to change the Maximum
Transmission Unit (MTU); which is the maximum payload a single packet can encapsulate. To complete Objective 3, youll need to
execute the MTU # within interface configuration mode.
Router(config-if)#mtu ?
<1500-1530> MTU size in bytes
Router(config-if)#mtu 1520

Objective 4. Configure the bandwidth on interface FastEthernet0/0 to 10Mbps. Do not get this confused with the actual speed of the
link as the bandwidth command is used by routing protocols to calculate the dynamic metric. This interface configuration will be
discussed further in detail in the upcoming sections.
Router(config-if)#bandwidth ?

http://www.freeccnaworkbook.com/workbooks/ccna/interface-specific-configurations/[4/12/2015 6:43:09 PM]

Interface Specific Configurations | Free CCNA Workbook

<1-10000000>
inherit
receive

Bandwidth in kilobits
Specify that bandwidth is inherited
Specify receive-side bandwidth

Router(config-if)#bandwidth 10000

Objective 5. Setting the Delay is very much like the bandwidth command; it does not statically set the delay but rather it is used in
dynamic routing protocol metric calculation which again will be discussed in later sections. To accomplish objective 5, youll need to
execute the delay command in interface configuration mode as shown below;
Router(config-if)#delay ?
<1-16777215> Throughput delay (tens of microseconds)
Router(config-if)#delay 10000

Note that Delay is measured in microseconds! 1000 microseconds = 1 millisecond


Objective 6 requires us to manually set a MAC address on the FastEthernet0/0 interface. Manually configuring a MAC address is
commonly required in a variety of scenarios such as mac address based authentication. To configure the MAC address for
FastEthernet0/0, youll use the mac h.h.h command as shown below;
Router(config-if)#mac ?
H.H.H MAC address
Router(config-if)#mac ca02.0adc.0ef9

To verify this configuration without exiting interface configuration mode, execute the command do show interface FastEthernet0/0 as
shown below;
Router(config-if)#do show interface FastEthernet 0/0
FastEthernet0/0 is up, line protocol is up
Hardware is i82543 (Livengood), address is ca02.0adc.0ef9 (bia ca02.0adc.0008)
Internet address is 10.234.51.254/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:01, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
663 packets output, 69307 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Router(config-if)#
Objective 7 requires us to disable keepalives on interface FastEthernet0/0. First off what is a keepalive? Keepalives are a layer2
frame sent from the device to the device to determine if the Ethernet interface link is up. The device sends the frame out on the
transmit ring and if the same frame is not received back then the device knows the the interface is down. To complete objective 7

http://www.freeccnaworkbook.com/workbooks/ccna/interface-specific-configurations/[4/12/2015 6:43:09 PM]

Interface Specific Configurations | Free CCNA Workbook

youll need to use the keepalive command. Keepalives by default are sent every 10 seconds and to disable keepalives manually
configure keepalives to the value of 0 as shown below;
Router(config-if)#keepalive ?
<0-32767> Keepalive period (default 10 seconds)
Router(config-if)#keepalive 0

The last objective of this lab is to disable CDP (Cisco Discovery Protocol) on interface FastEthernet0/0. CDP is a layer 2 protocol
designed by Cisco to exchange device information with no underlying routed network. When you plug two Cisco devices directly into
each other, they will both send and receive CDP frames by default on all ports (excluding frame relay which will be discussed in a
later chapter). To disable CDP on a specific interface, execute the no cdp enable command in interface configuration mode as
shown below;
Router(config-if)#no cdp enable

To verify all configuration changes youve made in this lab you can use the same command you learned in the previous lab do show
run interface FastEthernet 0/0 as shown below;
Router(config-if)#do show run interface FastEthernet0/0
Building configuration...
Current configuration : 245 bytes
!
interface FastEthernet0/0
mac-address ca02.0adc.0ef9
mtu 1520
bandwidth 10000
ip address 172.27.48.254 255.255.255.0 secondary
ip address 10.234.51.254 255.255.255.0
delay 10000
duplex full
speed 100
no keepalive
no cdp enable
end
Router(config-if)#

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/interface-specific-configurations/[4/12/2015 6:43:09 PM]

Next Lab

Interface Specific Configurations | Free CCNA Workbook


Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/interface-specific-configurations/[4/12/2015 6:43:09 PM]

Configuring a Loopback Interface | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring a Loopback Interface

Loopback interfaces are a very common configuration on Cisco devices for that can be used management, logging,
authentication and more. This lab will discuss and demonstrate the creation and removal of loopback interfaces on a
Cisco IOS device.

Real World Application


Loopback interfaces are commonly used in a variety of scenarios including management interface, tunnel source/destination, network
link simulation, dynamic routing process router id and others. As a CCNA youll need to be able to create and remove loopback
interfaces from a Cisco device.
This lab will teach you how to configure a Loopback interface.

Lab Prerequisites
If youre using GNS3 than load the Free CCNA Workbook GNS3 topology than start R1.
Establish a Console session with Router 1.

Lab Objectives
Create interface loopback 1 and assign the IP address 10.233.21.251 255.255.255.0 to the interface.
Remove interface Loopback 1.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-loopback-interface/[4/12/2015 6:43:40 PM]

Configuring a Loopback Interface | Free CCNA Workbook

Lab Instruction
Loopback interfaces are software based logical interfaces that are always up. They are not tied to any physical interface therefore
they cannot go down unless they are administratively shut down.

To create a loopback interface you need to navigate to global configuration mode and execute the command interface loopback #
The interface is created automagically. Configuration shown below;
Router con0 is now available

Press RETURN to get started.

Router>enable
Password:
Router#configure terminal
Enter configuration commands, one per line.
Router(config)#interface loopback ?
Loopback interface number

End with CNTL/Z.

Router(config)#interface loopback 1
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up
Router(config-if)#
After the interface is created youll notice the interface changes to state up instantly. As per the objective youre required to configure
the IP address 10.233.21.251/24 on this interface as shown below;
Router(config-if)#ip address 10.233.21.251 255.255.255.0

Objective 2 request that we remove the Loopback 1 interface, you can remove loopback interfaces by negating the interface
command using the no interface loopback # command as shown below;
Router(config-if)#no interface loopback 1
% Not all config may be removed and may reappear after reactivating the logical-interface/sub-i
nterfaces
Router(config)#
%LINK-5-CHANGED: Interface Loopback1, changed state to administratively down
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to down
Once youve removed the interface youll notice a warning that not all config may have been removed and may reappear after
reactivating the logical-interface/sub-interface.
This has been an issue with Cisco IOS for years and it has yet to be fixed. Basically this warning is letting you know that once you
remove a logical or sub-interface using the no interface command there is the potential for some of the previous configuration to
return when re-creating the same interface. If you experience this issue, a router reload will resolve this problem.

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-loopback-interface/[4/12/2015 6:43:40 PM]

Next Lab

Configuring a Loopback Interface | Free CCNA Workbook

Like

100 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-loopback-interface/[4/12/2015 6:43:40 PM]

Upgrading the Cisco Internetwork Operating System | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Upgrading the Cisco IOS

As a network engineer, we can garuentee you there will come a point in your career where you must upgrade the
Cisco IOS on a Router or Switch. This lab will discuss and demonstrate the upgrade the Cisco IOS update procedure.

Real World Application


Upgrading the IOS on a Cisco device is a common task among Cisco Engineers as New IOS Images typically are released within 3
months give or take. New releases include bug fixes and new features available to the device. Upgrading the Cisco IOS on a Router
or Switch is a MUST KNOW for any Cisco Network Engineer.

Lab Prerequisites
Boot R1 in the Free CCNA workbook GNS3 Lab Topology.
Establish an active Console Session to R1
A Newer Cisco IOS Image compatible with your Cisco Device.
A TFTP Server is required for this lab. You may need to download Solarwinds TFTP Server and configure it prior to attempting
this lab.

Lab Objectives
If needed, Download and Install Solarwinds TFTP Server.
Place the New Cisco IOS Image file in the TFTP Server Root Directory.

http://www.freeccnaworkbook.com/workbooks/ccna/upgrading-the-cisco-ios/[4/12/2015 6:44:00 PM]

Upgrading the Cisco Internetwork Operating System | Free CCNA Workbook

Configure your TFTP Server and Cisco device to be within the same ip subnet, ie; 10.1.1.1/24 & 10.1.1.2/24
Ensure you have Ethernet connectivity from your TFTP server to the Cisco device which youre upgrading.
Copy the new image file from the tftp server to your Cisco device, you will be prompted to erase the flash memory.
Once the new Cisco IOS Image is copied to the device flash memory, reboot the device and verify the upgrade was
successful.

Lab Instruction
Please note that this lab requires a REAL Cisco Router or Switch to perform as GNS3 does not load images from flash memory. You
can however perform this procedure on GNS3 but you will not be able to reboot the device and verify a successful upgrade.
Upgrading the Internetwork Operating System (IOS) on a Cisco device is a pretty common procedure as updated IOS images are
released at least once every three months to fix bugs and provide new features and enable new device hardware.
First off youll need a TFTP server installed and running on your PC with a crossover cable running from your PC to a router, or a
regular patch cable running from the PC to a switch.
To complete the 3rd objective of this lab youll need a console session to a Cisco router or Switch. Ensure that the IP Address youre
assigning to the Cisco device is in the same subnet as the PC. For this lab, well use 10.1.1.1/24 for the PC and 10.1.1.2/24 for the
Cisco device. The objective requires you to configure the IP address on the Ethernet interface connected to the PC. In the example
shown below, interface FastEthernet0/0 is directly connected to the PC;
Router con0 is now available

Press RETURN to get started.

Router>enable
Password:
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface fastethernet 0/0
Router(config-if)#ip address 10.1.1.2 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#end
Router#
To ensure you have Ethernet connectivity between the Cisco device and your computer you can execute the ping command as
shown below.
Router#ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Router#
Once youve verified that you have IP connectivity to your PC your then ready to copy the new image into the devices flash memory.
You achieve this by executing the copy tftp flash command in privileged mode. After executing this command youll be prompted for

http://www.freeccnaworkbook.com/workbooks/ccna/upgrading-the-cisco-ios/[4/12/2015 6:44:00 PM]

Upgrading the Cisco Internetwork Operating System | Free CCNA Workbook

the IP address of the tftp server and the file name of the image you wish to copy from the TFTP Server to the flash memory.
Router#copy tftp flash
Address or name of remote host []? 10.1.1.1
Source filename []? c2600-adventerprisek9-mz.124-15.T11.bin
Destination filename [c2600-adventerprisek9-mz.124-15.T11.bin]?
Accessing tftp://10.1.1.1/c2600-adventerprisek9-mz.124-15.T11.bin...
Erase flash: before copying? [confirm]
Erasing the flash filesystem will remove all files! Continue? [confirm]
Erasing device... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee ...erased
Erase of flash: complete
Loading c2600-adventerprisek9-mz.124-15.T11.bin from 10.1.1.1 (via FastEthernet0/0):
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 34634180 bytes]
Verifying checksum... CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC OK (0x8E89)
34634180 bytes copied in 486.894 secs (71133 bytes/sec)
Router#

Once youve copied the image to flash, reboot the Cisco device and verify that the image loads successfully. If the IOS fails to load
youll need to perform an IOS recovery procedure which is in the next lab.
Router#reload
System configuration has been modified. Save? [yes/no]: no
Proceed with reload? [confirm]
%SYS-5-RELOAD: Reload requested

by console. Reload Reason: Reload Command.

System Bootstrap, Version 12.2(8r) [cmong 8r], RELEASE SOFTWARE (fc1)


Copyright (c) 2003 by cisco Systems, Inc.
C2600 platform with 262144 Kbytes of main memory
program load complete, entry point: 0x80008000, size: 0x2107824
Self decompressing the image : #################################################
################################################################################
################################################################################
################################################################################
################################### [OK]
Smart Init is enabled
smart init is sizing iomem
ID
MEMORY_REQ
00036F
0X00103980
000065
0X00031500
0X00098670
0X00211000
TOTAL:
0X003DE4F0

TYPE
C2651XM Dual Fast Ethernet
Four port Voice PM
public buffer pools
public particle pools

If any of the above Memory Requirements are


"UNKNOWN", you may be using an unsupported
configuration or there is a software problem and
system operation may be compromised.
Rounded IOMEM up to: 3Mb.
Using 1 percent iomem. [3Mb/256Mb]
Increasing IOMEM up to: 8Mb
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

Cisco IOS Software, C2600 Software (C2600-ADVENTERPRISEK9-M), Version 12.4(15)T11,


RELEASE SOFTWARE (fc2)

http://www.freeccnaworkbook.com/workbooks/ccna/upgrading-the-cisco-ios/[4/12/2015 6:44:00 PM]

Upgrading the Cisco Internetwork Operating System | Free CCNA Workbook

Technical Support: http://www.cisco.com/techsupport


Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 28-Oct-09 18:16 by prod_rel_team
Image text-base: 0x800080F8, data-base: 0x83594B3C
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Cisco 2651XM (MPC860P) processor (revision 2.0) with 253952K/8192K bytes of memory.
Processor board ID JAE08030000
M860 processor: part number 5, mask 2
2 FastEthernet interfaces
2 Serial interfaces
32K bytes of NVRAM.
49152K bytes of processor board System flash (Read/Write)
Slot is empty or does not support clock participate
WIC slot is empty or does not support clock participate
Press RETURN to get started!

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

http://www.freeccnaworkbook.com/workbooks/ccna/upgrading-the-cisco-ios/[4/12/2015 6:44:00 PM]

Upgrading the Cisco Internetwork Operating System | Free CCNA Workbook

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/upgrading-the-cisco-ios/[4/12/2015 6:44:00 PM]

Recovering a Corrupt Cisco IOS Image on a 2500 Series Router | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Recovering IOS on a 2500 Series

The Cisco 2500 Series routers are a very common lab router however due to their age you may be required to
recover the device from a corrupt IOS image. This lab will discuss and demonstrate the IOS recovery procedure for
the 2500 Series Routers.

Real World Application


While the Cisco 2500 Series has long past lived its life in the grand scheme of networking, they are however commonly used in LAB
environments. However, there are a lucky few that still run in production today with up times of 8+ years. Many engineers can plea
that upgrading would be more beneficial to the network but the business sees it as $$$. Why upgrade a device that works perfectly
fine and has been for 8+ years? This procedure is commonly used on 2500 series routers that have a corrupt IOS image or NO
image at all. It is common to purchase used routers with the flash memory erased; in which case you would be required to perform
an image restoration process.

Lab Prerequisites
Youll need a Cisco 2500 Series router that has a corrupt image or NO IOS image at all. If you wish to simulate this lab you
can erase the flash on your device and reboot. Please note that youll need to backup the Cisco IOS image prior to erasing it
unless you have another image on hand that you wish to load onto the device.
A console connection to the device is REQUIRED.
Youll need a TFTP server installed on your PC to restore the image.

Lab Objectives

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-2500-series-router/[4/12/2015 6:44:21 PM]

Recovering a Corrupt Cisco IOS Image on a 2500 Series Router | Free CCNA Workbook

Boot the Cisco router into ROM mode by breaking the boot sequence using the keystroke CTRL+Pause Break
Change the configuration register to boot the ROM(BOOT) image. Configuration register to be used is 0x2141
Initialize the router by issuing the i command
Assign an IP address to the ethernet interface and configure a default gateway (if required)
Copy the Cisco IOS image from the TFTP server into flash memory.
Change the configuration register back to its default value and reload the device to ensure that the device boots up properly
with the restored IOS image.

Lab Instruction
Step 1. Boot the router into ROM mode by breaking the boot sequence using the keystroke CTRL+PAUSE BREAK
Copyright (c) 1986-1996 by cisco Systems
2500 processor with 14336 Kbytes of main memory
Abort at 0x10CFA0A (PC)
>
Step 2. Change the configuration register to boot the ROM(BOOT) image. Configuration register to be used is 0x2141
>o/r 0x2141

Step 3. Initialize the router by issuing the i command


>i
System Bootstrap, Version 11.0(10c), SOFTWARE
Copyright (c) 1986-1996 by cisco Systems
2500 processor with 14336 Kbytes of main memory
[OUTPUT TRUNCATED]
Press RETURN to get started!
Step 4 Assign an IP address to the Ethernet interface and configure a default gateway (if required).
Press RETURN to get started!
Router(boot)>enable
Router(boot)#config t
Router(boot)(config)#interface e0
Router(boot)(config-if)#ip add 10.1.1.20 255.255.255.0
Router(boot)(config-if)#no shut
Router(boot)(config-if)#exit
****NOTE: The line below is optional if your TFTP server is not on the same network****
Router(boot)(config)#ip default-gateway 10.1.1.254
Router(boot)(config)#end

Step 5. Copy the Cisco IOS image from the TFTP server into flash memory.
Router(boot)#copy tftp flash

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-2500-series-router/[4/12/2015 6:44:21 PM]

Recovering a Corrupt Cisco IOS Image on a 2500 Series Router | Free CCNA Workbook

System flash directory:


No files in System flash
[0 bytes used, 8388608 available, 8388608 total]
Address or name of remote host [255.255.255.255]? 172.16.20.17
Source file name? c2500-i-l.121-27b.bin
Destination file name [c2500-i-l.121-27b.bin]?
Accessing file 'c2500-i-l.121-27b.bin' on 10.1.1.1...
Loading c2500-i-l.121-27b.bin from 172.16.20.17 (via Ethernet0): ! [OK]
Erase flash device before writing? [confirm]
Copy 'c2500-i-l.121-27b.bin' from server
as 'c2500-i-l.121-27b.bin' into Flash WITH erase? [yes/no]y
Erasing device... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee ...erased
Loading c2500-i-l.121-27b.bin from 172.16.20.17 (via Ethernet0): !!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!! [OUTPUT TRUNCATED] !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 8040260/8388608 bytes]
Verifying checksum... OK (0xCB96)
Flash copy took 0:03:58 [hh:mm:ss]
Router(boot)#
Step 6. Change the configuration register back to its default value and reload the device to ensure that the device boots up properly
with the restored IOS image.
Router(boot)#configure terminal
Router(boot)(config)#configuration-register 0x2102
Router(boot)(config)#end
Router(boot)#reload
System configuration has been modified. Save? [yes/no]: n
Proceed with reload? [confirm]
00:06:51: %SYS-5-RELOAD: Reload requested
System Bootstrap, Version 11.0(10c), SOFTWARE
Copyright (c) 1986-1996 by cisco Systems
2500 processor with 14336 Kbytes of main memory
Notice: NVRAM invalid, possibly due to write erase.
F3: 7916604+123624+619980 at 0x3000060
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-I-L), Version 12.1(27b), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Tue 16-Aug-05 22:38 by pwade
Image text-base: 0x03041FDC, data-base: 0x00001000
cisco 2500 (68030) processor (revision N) with 14336K/2048K bytes of memory.
Processor board ID 11848462, with hardware revision 00000000
Bridging software.
X.25 software, Version 3.0.0.
1 Ethernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read ONLY)
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]:

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-2500-series-router/[4/12/2015 6:44:21 PM]

Recovering a Corrupt Cisco IOS Image on a 2500 Series Router | Free CCNA Workbook

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.

Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-2500-series-router/[4/12/2015 6:44:21 PM]

Recovering a Corrupt Cisco IOS Image on a 2600 Series | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Recovering IOS on a 2600 Series

Recovering a corrupt Cisco IOS Image on a modern Cisco Router which includes the 2600 Series or later is
significantly easier than the 2500 Series. This lab will discuss and demonstrate the IOS recovery procedure for
modern Cisco Routers.

Real World Application


The Cisco 2600 Series Multi-Service router platform is a dying bread as the Cisco 2800 Series has taken its place however the 2600
series continues to be the router of choice when it comes to building your own Cisco Lab. The Cisco 2600 Series ROMMON is very
similar to the latest generation routers so this lab will be a valuable lesson.

Lab Prerequisites
Youll need a Cisco 2600 Series router or greater that has a corrupt Cisco IOS image or NO IOS image at all. If you wish to
simulate this lab you can erase the flash on your device and reboot. Please note that youll need to backup the Cisco IOS
image prior to erasing it unless you have another image on hand that you wish to load onto the device.
A console connection to the device is REQUIRED
Youll need a TFTP server installed on your PC to restore the image.

Lab Objectives
Boot the Cisco router into ROM mode by breaking the boot sequence using the keystroke CTRL + Pause Break

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-2600-series-router/[4/12/2015 6:44:40 PM]

Recovering a Corrupt Cisco IOS Image on a 2600 Series | Free CCNA Workbook

Set the TFTPDNLD variables required to execute the procedure which include IP Address, Subnet Mask, Default Gateway,
TFTP Server, TFTP Image name.
Execute the TFTPDNLD command and load the image into RAM using the -r switch.
Once booted into Cisco IOS, configure a router so that you may copy a Cisco IOS image from a TFTP server to Flash.
Once all necessary configuration is done copy the IOS image from the TFTP server to the flash.
After the copy has completed, reboot the router and verify that the image boots successfully.

Lab Instruction
Please note that in order to complete this lab youll need a REAL Cisco 2600 Series Router or greater as this lab cannot be emulated
on the GNS3 application.
Step 1. Assuming that you already have an active console session to the router and the device is powered you should automatically
be placed into ROMMON if youre Cisco IOS image is corrupt or missing. However you have Press Return to get started Prompt
then youve booted into an IOS image, you should power cycle the router and press CTRL+BREAK repeatedly to break the boot
sequence and be placed into ROM Monitor mode as shown below;
System Bootstrap, Version 12.2(8r) [cmong 8r], RELEASE SOFTWARE (fc1)
Copyright (c) 2003 by cisco Systems, Inc.
C2600 platform with 262144 Kbytes of main memory
device does not contain a valid magic number
boot: cannot open "flash:"
boot: cannot determine first file name on device "flash:"
rommon 1 >
By executing the help command you can see all the available commands in ROMMON as shown below on the 2651XM;
rommon 1 > help
alias
boot
break
confreg
cont
context
cookie
dev
dir
dis
dnld
frame
help
history
meminfo
repeat
reset
set
stack
sync
sysret
tftpdnld
unalias
unset
xmodem
rommon 2 >

set and display aliases command


boot up an external process
set/show/clear the breakpoint
configuration register utility
continue executing a downloaded image
display the context of a loaded image
display contents of cookie PROM in hex
list the device table
list files in file system
display instruction stream
serial download a program module
print out a selected stack frame
monitor builtin command help
monitor command history
main memory information
repeat a monitor command
system reset
display the monitor variables
produce a stack trace
write monitor environment to NVRAM
print out info from last system return
tftp image download
unset an alias
unset a monitor variable
x/ymodem image download

Step 2. In this lab we are most interested in the tftpdnld command.

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-2600-series-router/[4/12/2015 6:44:40 PM]

Recovering a Corrupt Cisco IOS Image on a 2600 Series | Free CCNA Workbook

This command will copy an IOS image from a TFTP Server into flash or load it directly into RAM. By executing the tftpdnld you can
view all required variables for the command to operate properly;
rommon 2 > tftpdnld
Missing or illegal ip address for variable IP_ADDRESS
Illegal IP address.
usage: tftpdnld [-r]
Use this command for disaster recovery only to recover an image via TFTP.
Monitor variables are used to set up parameters for the transfer.
(Syntax: "VARIABLE_NAME=value" and use "set" to show current variables.)
"ctrl-c" or "break" stops the transfer before flash erase begins.
The following variables are REQUIRED to be set for tftpdnld:
IP_ADDRESS: The IP address for this unit
IP_SUBNET_MASK: The subnet mask for this unit
DEFAULT_GATEWAY: The default gateway for this unit
TFTP_SERVER: The IP address of the server to fetch from
TFTP_FILE: The filename to fetch
The following variables are OPTIONAL:
TFTP_VERBOSE: Print setting. 0=quiet, 1=progress(default), 2=verbose
TFTP_RETRY_COUNT: Retry count for ARP and TFTP (default=12)
TFTP_TIMEOUT: Overall timeout of operation in seconds (default=7200)
TFTP_CHECKSUM: Perform checksum test on image, 0=no, 1=yes (default=1)
FE_SPEED_MODE: 0=10/hdx, 1=10/fdx, 2=100/hdx, 3=100/fdx, 4=Auto(deflt)
Command line options:
-r: do not write flash, load to DRAM only and launch image
rommon 3 >
As per the objectives, were required to set the required variables to execute the tftpdnld command. You can issue the set command
to view the current set variables.
rommon 3 > set
PS1=rommon ! >
BOOT=
RET_2_RUTC=0
BSI=0
RANDOM_NUM=1492875412
ROM_PERSISTENT_UTC=1016225763
RET_2_RTS=
RET_2_RCALTS=
?=1
rommon 24 > set
PS1=rommon ! >
BOOT=
RET_2_RUTC=0
BSI=0
RANDOM_NUM=1492875412
ROM_PERSISTENT_UTC=1016225763
RET_2_RTS=
RET_2_RCALTS=
?=0
rommon 4 >
Shown below is the required variables to execute tftpdnld successfully.
rommon
rommon
rommon
rommon
rommon

4
5
6
7
8

>
>
>
>
>

IP_ADDRESS=10.1.1.10
IP_SUBNET_MASK=255.255.255.0
DEFAULT_GATEWAY=10.1.1.254
TFTP_SERVER=172.16.20.17
TFTP_FILE=c2600-i-mz.123-26.bin

You do not need a default gateway if your TFTP Server is on the same subnet as the Cisco router youre recovering.

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-2600-series-router/[4/12/2015 6:44:40 PM]

Recovering a Corrupt Cisco IOS Image on a 2600 Series | Free CCNA Workbook

Once you have set the variables you can continue on to objective 3 by executing the tftpdnld command with the -r switch to copy the
Cisco IOS image from a TFTP Server and load it into ram directly.
rommon 9 > tftpdnld -r
IP_ADDRESS:
IP_SUBNET_MASK:
DEFAULT_GATEWAY:
TFTP_SERVER:
TFTP_FILE:

10.1.1.10
255.255.255.0
10.1.1.254
172.16.20.17
c2600-i-mz.123-26.bin

.....
Receiving c2600-i-mz.123-26.bin from 172.16.20.17 !!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
File reception completed.
program load complete, entry point: 0x80008000, size: 0x765238
Self decompressing the image : ##############################################
####################################################################### [OK]
Smart Init is enabled
smart init is sizing iomem
ID
MEMORY_REQ
00036F
0X00103980
000065
0X00031500
0X00098670
0X00211000
TOTAL:
0X003DE4F0

TYPE
C2651XM Dual Fast Ethernet
Four port Voice PM
public buffer pools
public particle pools

If any of the above Memory Requirements are


"UNKNOWN", you may be using an unsupported
configuration or there is a software problem and
system operation may be compromised.
Rounded IOMEM up to: 4Mb.
Using 3 percent iomem. [4Mb/128Mb]
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

Cisco Internetwork Operating System Software


IOS (tm) C2600 Software (C2600-I-M), Version 12.3(26), RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by cisco Systems, Inc.
Compiled Mon 17-Mar-08 15:23 by dchih
cisco 2651XM (MPC860P) processor (revision 0x200) with 126976K/4096K bytes of memory.
Processor board ID JAE08030QZL (457188033)
M860 processor: part number 5, mask 2
Bridging software.
X.25 software, Version 3.0.0.
2 FastEthernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
49152K bytes of processor board System flash (Read/Write)
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]:
After youve booted your Cisco Router into IOS you may be prompted by the Initial configuration Dialog, type no and press return.

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-2600-series-router/[4/12/2015 6:44:40 PM]

Recovering a Corrupt Cisco IOS Image on a 2600 Series | Free CCNA Workbook

Once youre at the IOS command line youll then need to copy an actual image into flash. Youre probably thinking why did we not
just copy it using TFTPDNLD and the answer is quite simple. Using TFTPDNLD will take significantly longer to copy an image via
TFTP to flash verses booting into RAM and doing a quick IOS image recovery as youve done in a previous lab.
If you need reference the previous lab for copying the image back to flash you can click HERE
The next step is to copy the IOS image from the TFTP Server in Cisco IOS. As shown below the typical prerequisite configuration
required to copy an IOS image from a tftp server to flash.
Router>enable
Router#configure terminal
Router(config)#interface fa0/0
Router(config-if)#ip add 10.1.1.10 255.255.255.0
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#ip route 0.0.0.0 0.0.0.0 10.1.1.254
Router(config)#end
Router#
After youve configured the required configuration to copy an IOS image via TFTP to the Routers flash you can execute the copy
command as shown below;
Router#copy tftp flash
Address or name of remote host []? 172.16.20.17
Source filename []? c2600-adventerprisek9-mz.124-1.bin
Destination filename [c2600-adventerprisek9-mz.124-1.bin]?
Accessing tftp://172.16.20.17/c2600-adventerprisek9-mz.124-1.bin...
Erase flash: before copying? [confirm]
Erasing the flash filesystem will remove all files! Continue? [confirm]
Erasing device... eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee ...erased
Erase of flash: complete
Loading c2600-adventerprisek9-mz.124-1.bin from 172.16.20.17 (via FastEthernet0/0):
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 34634180 bytes]
Verifying checksum... OK (0x8E89)
34634180 bytes copied in 279.014 secs (124131 bytes/sec)
Router#
Now that the new IOS image has copied to flash reload your router and verify that the router reboots.
Router#reload
System configuration has been modified. Save? [yes/no]: no
Proceed with reload? [confirm]
SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload command.
System Bootstrap, Version 12.2(8r) [cmong 8r], RELEASE SOFTWARE (fc1)
Copyright (c) 2003 by cisco Systems, Inc.
C2600 platform with 262144 Kbytes of main memory
program load complete, entry point: 0x80008000, size: 0x2107824
Self decompressing the image : ######################################
Smart Init is enabled
smart init is sizing iomem
ID
MEMORY_REQ
TYPE
00036F
0X00103980 C2651XM Dual Fast Ethernet
000065
0X00031500 Four port Voice PM
0X00098670 public buffer pools

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-2600-series-router/[4/12/2015 6:44:40 PM]

Recovering a Corrupt Cisco IOS Image on a 2600 Series | Free CCNA Workbook

0X00211000 public particle pools


0X003DE4F0

TOTAL:

If any of the above Memory Requirements are


"UNKNOWN", you may be using an unsupported
configuration or there is a software problem and
system operation may be compromised.
Rounded IOMEM up to: 3Mb.
Using 1 percent iomem. [3Mb/256Mb]
Increasing IOMEM up to: 8Mb
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

Cisco IOS Software, C2600 Software (C2600-ADVENTERPRISEK9-M), Version 12.4(1), RELEASE SOFTWARE
(fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Wed 28-Oct-09 18:16 by prod_rel_team
Image text-base: 0x800080F8, data-base: 0x83594B3C
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Cisco 2651XM (MPC860P) processor (revision 2.0) with 253952K/8192K bytes of memory.
Processor board ID JAE08030QZL
M860 processor: part number 5, mask 2
2 FastEthernet interfaces
2 Serial interfaces
32K bytes of NVRAM.
49152K bytes of processor board System flash (Read/Write)
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]:
After verifying that the new image has booted on your device than youve successfully recovered the IOS on your device and
completed the objectives of this lab.

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-2600-series-router/[4/12/2015 6:44:40 PM]

Next Lab

Recovering a Corrupt Cisco IOS Image on a 2600 Series | Free CCNA Workbook

Like

74 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.

Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-2600-series-router/[4/12/2015 6:44:40 PM]

Recovering a Corrupt Cisco IOS Image on a Catalyst Switch | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Recovering IOS on a Catalyst Switch

Unfortunately there is no easy way to recover a corrupt or deleted IOS image on a fixed configuration Cisco Catalyst
switch. You must use xModem which commonly takes 2+ hours. This lab will discuss and demonstrate the IOS
recovery procedure for fixed configuration Catalyst series switches using xModem.

Real World Application


Recovering the Cisco IOS image on a Cisco switch is one of those tasks that is nice to know and not need it then need it and not
know it. In the field you may find yourself faced with a Cisco switch that cannot boot up or crashes when booting up due to a possible
IOS Image corruption.

Lab Prerequisites
This lab will require a REAL switch as this lab cannot be emulated using GNS3.
The Cisco IOS on the switch must be corrupt or missing to perform this lab, to emulate this error you can erase the flash
memory to practice this lab.
An active console session to the device is REQUIRED.
Youll need to use either HyperTerminal or SecureCRT as Putty does not support xModem.

Lab Objectives
Boot the switch into SWITCH ROM mode.

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-catalyst-switch/[4/12/2015 6:45:43 PM]

Recovering a Corrupt Cisco IOS Image on a Catalyst Switch | Free CCNA Workbook

Initialize the flash file system.


OPTIONAL Format the flash file system if needed. (This will remove your startup configuration)
Set the baud rate to 115200 to increase xmodem transfer speed and decrease time required to restore the IOS Image.
Copy the Cisco IOS Image via xModem to Flash:
Set the boot parameter to the new image name located in Flash:
Unset the baud so that it defaults back to 9600.
Boot the switch and verify that the switch boots properly.

Lab Instruction
Recovering the Cisco IOS Image on a fix configuration Cisco Catalyst Series Switch is quite a bit different and more of an old school
way of doing an IOS image recovery. Unfortunately fixed configuration switches require the use of xModem to restore a corrupt or
missing IOS images unlike the Cisco 4500 and Cisco 6500 Series supervisor engines which use compact flash cards
Step 1. Boot your switch into switch ROM mode. This typically involves holding down the STAT button on the front of the switch when
plugging in the power. You can check out the required procedure by clicking HERE!
Once youve booted your switch into Switch ROM mode youll be see the following dispatch;
Boot Sector Filesystem (bs) installed, fsid: 2
Base ethernet MAC Address: 00:14:f2:d2:41:80
Xmodem file system is available.
The password-recovery mechanism is enabled.
The system has been interrupted prior to initializing the
flash filesystem. The following commands will initialize
the flash filesystem, and finish loading the operating
system software:
flash_init
boot
switch:
Step 2. Once youve booted into Switch ROM mode youll need to initialize the flash file system by executing the flash_init command
as shown below;
switch: flash_init
Initializing Flash...
flashfs[0]: 1 files, 1 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 15998976
flashfs[0]: Bytes used: 12474880
flashfs[0]: Bytes available: 3524096
flashfs[0]: flashfs fsck took 10 seconds.
...done Initializing Flash.
switch:
Step 3 OPTIONAL If your image is corrupted you can format your flash file system by executing the format flash: command as
shown below however this will delete your start-up configuration!!!

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-catalyst-switch/[4/12/2015 6:45:43 PM]

Recovering a Corrupt Cisco IOS Image on a Catalyst Switch | Free CCNA Workbook

Switch: format flash:


Are you sure you want to format "flash:" (all data will be lost) (y/n)?y
flashfs[0]: 0 files, 1 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 7741440
flashfs[0]: Bytes used: 1024
flashfs[0]: Bytes available: 7740416
flashfs[0]: flashfs fsck took 12 seconds.
Filesystem "flash:" formatted
Switch:
Step 4. To speed up the xModem file transfer speed youll need to set the console line BAUD rate to 115200 by executing the set
BAUD 115200. If you do this youll need to disconnect your console session and change the serial line speed from 9600 to 115200.
However if you do not set the BAUD to 115200 your file transfer can take up to 3 hours.
switch: set BAUD 115200

Step 5. Once setting the BAUD rate and reconnecting to the console line of your Cisco switch youre ready to copy the IOS image via
xModem to the switchs flash memory by executing the copy xmodem: flash:filename.bin and starting the xModem file transfer from
the terminal emulator client as shown below;
switch: copy xmodem: flash:c3560-ipservicesk9-mz.122-53.SE.bin
Begin the Xmodem or Xmodem-1K transfer now...
CCC
Starting xmodem transfer. Press Ctrl+C to cancel.
Transferring c3560-ipservicesk9-mz.122-53.SE.bin...
100%
12181 KB
6 KB/s 00:31:56
0 Errors
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................................................................
.................
File "xmodem:" successfully copied to "flash:c3560-ipservicesk9-mz.122-53.SE.bin"
switch:

Step 6. Once the IOS image is copied into flash youll need to update the BOOT parameter by executing the set BOOT
flash:filename.bin command as shown below;
switch: set BOOT flash:c3560-ipservicesk9-mz.122-53.SE.bin

Step 7. Once the boot parameter has been set you can now set the BAUD rate back to the default 9600bps by executing the
command unset BAUD. Note that when doing this youll need to disconnect your current console connection and change the baud
speed on your terminal emulator from 115200 back to 9600.
switch: unset BAUD

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-catalyst-switch/[4/12/2015 6:45:43 PM]

Recovering a Corrupt Cisco IOS Image on a Catalyst Switch | Free CCNA Workbook

Step 8 is the last step which is to boot the switch and verify that the switch successfully boots the IOS image placed into flash from
xMODEM. Execute the boot command to load the IOS image specified in the boot parameter as shown below;
switch: boot
Loading "flash:/c3560-ipservicesk9-mz.122-53.SE.bin"...@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
File "flash:/c3560-ipservicesk9-mz.122-53.SE.bin" uncompressed and installed,
entry point: 0x1000000
executing...
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

Cisco IOS Software, C3560 Software (C3560-IPSERVICESK9-M), Version 12.2(53)SE,


RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Sun 13-Dec-09 15:45 by prod_rel_team
Image text-base: 0x01000000, data-base: 0x02E00000
Initializing flashfs...
flashfs[1]: 1 files, 1 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 15998976
flashfs[1]: Bytes used: 12474880
flashfs[1]: Bytes available: 3524096
flashfs[1]: flashfs fsck took 1 seconds.
flashfs[1]: Initialization complete....done Initializing flashfs.
Checking for Bootloader upgrade.. not needed
POST: CPU MIC register Tests : Begin
POST: CPU MIC register Tests : End, Status Passed
POST: PortASIC Memory Tests : Begin
POST: PortASIC Memory Tests : End, Status Passed
POST: CPU MIC interface Loopback Tests : Begin
POST: CPU MIC interface Loopback Tests : End, Status Passed
POST: PortASIC RingLoopback Tests : Begin
POST: PortASIC RingLoopback Tests : End, Status Passed
POST: Inline Power Controller Tests : Begin
POST: Inline Power Controller Tests : End, Status Passed
POST: PortASIC CAM Subsystem Tests : Begin
POST: PortASIC CAM Subsystem Tests : End, Status Passed
POST: PortASIC Port Loopback Tests : Begin
POST: PortASIC Port Loopback Tests : End, Status Passed
Waiting for Port download...Complete
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-catalyst-switch/[4/12/2015 6:45:43 PM]

Recovering a Corrupt Cisco IOS Image on a Catalyst Switch | Free CCNA Workbook

compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
cisco WS-C3560-24PS (PowerPC405) processor (revision M0) with 131072K bytes of
memory.
Processor board ID CAT0928Z2EE
Last reset from power-on
1 Virtual Ethernet interface
24 FastEthernet interfaces
2 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.
512K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address
: 00:14:F2:D2:D1:AF
Motherboard assembly number
: 73-9673-06
Power supply part number
: 341-0029-03
Motherboard serial number
: CAT09880NNZ
Power supply serial number
: LIT091091ZV
Model revision number
: M0
Motherboard revision number
: A0
Model number
: WS-C3560-24PS-S
System serial number
: CAT0911FAEE
Top Assembly Part Number
: 800-25861-03
Top Assembly Revision Number
: A0
Version ID
: V05
CLEI Code Number
: COM1X1FARB
Hardware Board Revision Number : 0x01
Switch Ports Model
------ ----- ----*
1 26
WS-C3560-24PS

SW Version
---------12.2(53)SE

SW Image
---------C3560-IPSERVICESK9-M

Press RETURN to get started!

Previous Lab

Like

116 Tweet

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-catalyst-switch/[4/12/2015 6:45:43 PM]

Next Lab

Recovering a Corrupt Cisco IOS Image on a Catalyst Switch | Free CCNA Workbook

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/recovering-a-corrupt-cisco-ios-image-on-a-catalyst-switch/[4/12/2015 6:45:43 PM]

Configuring the Login, EXEC & MOTD Banner(s) | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Cisco Banners

While working with Cisco gear in the field you will notice that banners have their place. Such as to inform the user of
legal rights or scheduled maintenance. This lab will discuss and demonstrate the different types of Cisco IOS
banners.

Real World Application


In a production network it is common to place banners on Cisco devices which include legal information and other warning
information for unauthorized individuals attempting to establish a exec session with your device(s). Login banners are displayed
upon an attempting exec session establishment, MOTD banners are shown prior to a login banner and before user authentication.
EXEC banners are shown once an individual has started an EXEC session with the device.

Lab Prerequisites
If you are using GNS3 than load the Stub Area Networking GNS3 topology file than start R1.
Establish a Console session with Router 1.

>Lab Objectives
Configure a login banner so that any attempted connections to the device are prompted with Legal information.
Configure an EXEC banner so that when a user establishes an exec session with the device the device displays the hostname
and current line the session was established on.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-banners/[4/12/2015 6:46:07 PM]

Configuring the Login, EXEC & MOTD Banner(s) | Free CCNA Workbook

Configure a Message of The Day (MOTD) Banner to display current scheduled downtime for device maintenance.

Lab Instruction
Step 1. For objective one youre required to configure a Login banner to inform incoming sessions legal information and privacy
information. When configuring a banner youll need to use a delimiting character; which is a character that only appears at the
beginning and end of the banner. The ^ is commonly used. To set a banner youll use the banner command followed by the type of
banner rather it be login, exec, motd and the delimiting character. As shown below you can see a basic Login banner is configured
and configuration is verified by ending and reestablishing an exec session with the device.
Router(config)#banner login ^
Enter TEXT message. End with the character '^'
##########################################
# This is a Login banner used to show
#
#
legal and privacy information.
#
#
#
#
Unauthorized users prohibited
#
##########################################
^
Router(config)#end
Router#exit

As shown below is the login banner configuration verfication;


Router con0 is now available

Press RETURN to get started.

##########################################
# This is a Login banner used to show
#
#
legal and privacy information.
#
#
#
#
Unauthorized users prohibited
#
##########################################
User Access Verification
Password:
Router>
Objective 2 requests that you to configure an exec banner so that any authenticated exec sessions will be shown what the device
hostname is and the line the session is established on. In order to configure this type of banner youll need to know what Banner
Tokens are. Banner tokens are basically a variable you can set in a banner that calls particular information from the device and
dispatches it into the banner. The banner tokens that will be used in this objective are $(hostname) and $(line) which display the
hostname and line number.
To configure the exec banner as required by objective 3, use the following text Session established to $(hostname) on line $(line)
Like the previous Login banner youve configured you execute the same command in global configuration mode but rather executing
banner login ^ youll execute banner exec ^ as shown below;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-banners/[4/12/2015 6:46:07 PM]

Configuring the Login, EXEC & MOTD Banner(s) | Free CCNA Workbook

Router>enable
Password:
Router#
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#banner exec ^
Enter TEXT message. End with the character '^'
Session established to $(hostname) on line $(line)
^
Router(config)#

After the exec banner is configured, verify your configuration by terminating your exec session and reestablishing an exec session to
the device as shown below;
Router(config)#end
Router#exit

Router con0 is now available

Press RETURN to get started.

##########################################
# This is a Login banner used to show
#
#
legal and privacy information.
#
#
#
#
Unauthorized users prohibited
#
##########################################
User Access Verification
Password:
Session established to Router on line 0
Router>
To read more about Banner Tokens click Here!
Objective 3 is the last objective of the lab which is to configure a Message of the Day banner, which is commonly used to display
maintenance information on the Cisco device such as This router will undergo routine maintenance on 01/01/10 from 12:00AM to
2:00AM
The MOTD banner is displayed prior to the login banner on a Cisco Router or Switch and is configured the same was as any other
banner which is to execute the banner command followed by the type of banner and the delimiting character in global configuration
mode. As shown below is an example MOTD banner configuration and verification;
Router>enable
Password:
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#banner motd ^
Enter TEXT message. End with the character '^'
This router will undergo routine maintenance on 01/01/10 from 12:00AM to 2:00AM
^
Router(config)#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-banners/[4/12/2015 6:46:07 PM]

Configuring the Login, EXEC & MOTD Banner(s) | Free CCNA Workbook

To verify the MOTD banner configuration, exit and reestablish an exec session to the device as shown below;
Router(config)#end
Router#exit

Router con0 is now available

Press RETURN to get started.


This router will undergo routine maintenance on 01/01/10 from 12:00AM to 2:00AM
##########################################
# This is a Login banner used to show
#
#
legal and privacy information.
#
#
#
#
Unauthorized users prohibited
#
##########################################
User Access Verification
Password:
Session established to Router on line 0
Router>

Previous Lab

Like

Next Lab

76 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-banners/[4/12/2015 6:46:07 PM]

GNS3 - Cisco Device Emulator


Download

Configuring the Login, EXEC & MOTD Banner(s) | Free CCNA Workbook

:( http://t.co/wjL6GYuo2O

Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco
CCNA labs that can be completed using
the GNS3 platform.

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-banners/[4/12/2015 6:46:07 PM]

Reset Cisco IOS Configuration Specific Defaults | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Defaulting Specific IOS Config

One of the most things to do is having to negate multiple commands using the no statement. There is a better way to
default IOS configuration in specific sections. This lab will discuss and demonstrate the configuration default function.

Real World Application


Often times in production you may want to reset configurations for particular interfaces or other types of configurations back to the
default Cisco IOS configuration. A great example being you have Interface FastEthernet0/0 and it has about 10 lines of configuration
on it and you want to clear the configuration on that interface, typically youd negate the configuration using the no command before
all configuration lines under that interface.
A quick and simple way to clear a configuration on an interface is by using the default command in global configuration followed by
the interface name and number. This command will reset the interface configuration back to the default configuration of no ip
address and shutdown From there you can apply a new configuration to the interface and save a little time by not negating so
many interface configuration lines.

Lab Prerequisites
If you are using GNS3 than load the Stub Area Networking GNS3 topology and start R1.
Establish a Console session with Router 1.

Lab Objectives

http://www.freeccnaworkbook.com/workbooks/ccna/reset-cisco-ios-configuration-specific-defaults/[4/12/2015 6:48:15 PM]

Reset Cisco IOS Configuration Specific Defaults | Free CCNA Workbook

Configure interface FastEthernet0/0 with the IP Address of 10.1.1.254/24 and hard code the Speed to 100Mbps and Duplex to
full.
Reset the configuration previously made on interface FastEthernet0/0 using the default command in global configuration.

Lab Instruction
Step 1. To simulate a configured interface the first objective states that you need to assign the IP Address 10.1.1.254/24 to interface
FastEthernet0/0 as well ass hard code the speed and duplex to 100Mbps/Full Duplex.
Router con0 is now available

Press RETURN to get started.

Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int fa0/0
Router(config-if)#ip add 10.1.1.254 255.255.255.0
Router(config-if)#duplex full
Router(config-if)#speed 100
Router(config-if)#no shut
%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed
state to up
Router(config-if)#

Router(config-if)#do show run int fa0/0


Building configuration...
Current configuration : 94 bytes
!
interface FastEthernet0/0
ip address 10.1.1.254 255.255.255.0
duplex full
speed 100
end
Router(config-if)#
Step 2. Now reset the interface Fa0/0 to the default configuration by executing the default command from global configuration
followed by the interface name and number than verify the configuration.
Router(config-if)#exit
Router(config)#default interface fa0/0
Building configuration...
Interface FastEthernet0/0 set to default configuration
Router(config)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down
%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
Rrouter(config)#do show run interface FastEthernet 0/0
Building configuration...
Current configuration : 73 bytes

http://www.freeccnaworkbook.com/workbooks/ccna/reset-cisco-ios-configuration-specific-defaults/[4/12/2015 6:48:15 PM]

Reset Cisco IOS Configuration Specific Defaults | Free CCNA Workbook

!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
end
Router(config)#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/reset-cisco-ios-configuration-specific-defaults/[4/12/2015 6:48:15 PM]

Reset Cisco IOS Configuration Specific Defaults | Free CCNA Workbook

http://www.freeccnaworkbook.com/workbooks/ccna/reset-cisco-ios-configuration-specific-defaults/[4/12/2015 6:48:15 PM]

Configuring Basic Password Authentication | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Basic Password Authentication

You would never allow anyone in the world to access your email so why would you allow anyone to access your
network hardware? This lab will discuss and demonstrate the configuration and verification of basic password
authentication.

Real World Application


Security is of the uttermost importance in a production network, especially an internet facing production network. Having an insecure
Cisco Router and/or switch is exposing your network to virtually unlimited number of risks. This lab will teach you the basics of
password authentication in the Cisco IOS software to secure your Cisco router and/or switch.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook topology and start R1.
Establish a console session with Router 1.

Lab Objectives
Configure a Console line password so that anyone attempting to establish a console session to the device will be prompted for
a password. Once completed, verify your configuration.
Configure the VTY line 0-4 password so that anyone attempting to establish a telnet/ssh session to the device will be
prompted for a password. Once completed, verify your configuration.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-password-authentication/[4/12/2015 6:48:36 PM]

Configuring Basic Password Authentication | Free CCNA Workbook

Configure an enable password and enable secret. Once completed, verify these configurations.
Configure a Auxiliary line password so that anyone attempting to established an auxiliary line session to the device (routers
only) will be prompted for a password.

Lab Instruction
Step 1. To meet the first objective of protecting the console line with a console password youll need to navigate to the console line
configuration mode as shown below;
--- System Configuration Dialog --Would you like to enter the initial configuration dialog? [yes/no]: no
Press RETURN to get started!
Router>enable
Router#configure terminal
Router(config)#line console 0
Router(config-line)#
Once in console line configuration mode, you can set the password by executing the password passwordgoeshere As shown below,
the password is being set to Cisco123;
Router(config-line)#password Cisco123

Simply setting the password does not enable password authentication. Youll need to tell the router to prompt incoming sessions on
the console line to require a password. This is done by executing the login command from line configuration mode as shown below;
Router(config-line)#login

Now you can test your console line password but first youll have to end your exec session by typing end and exit then attempting to
establish a new exec session via console as shown below;
Router(config-line)#end
Router#exit
Router con0 is now available

Press RETURN to get started.

User Access Verification


Password:
Router>
Step 2. Now its time to configure VTY (Virtual TeleType) lines. The VTY lines are virtual lines used for establishing an exec session
via telnet or ssh. You apply the password to these lines in the same manner as you previously did the console line as shown below;
Router>enable
Router#config terminal
Router(config)#line vty 0 4

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-password-authentication/[4/12/2015 6:48:36 PM]

Configuring Basic Password Authentication | Free CCNA Workbook

Router(config-line)#password Cisco321
Router(config-line)#login

Notice that in this example the password was set to Cisco321 just to demonstrate you can have different passwords per line. In order
to verify this configuration; typically youd need Ethernet connectivity to the device so as per that requirement youll need to assign
an IP address to an interface. For example assign 10.1.1.1 255.255.255.255 to interface loopback0 as shown below;
Router(config-line)#interface lo0
Router(config-if)#ip add 10.1.1.1 255.255.255.255
Router(config-if)#end
Router#

To verify your vty line password configuration you can telnet to your local interface to initiate a telnet exec session as shown below;
Router#telnet 10.1.1.1
Trying 10.1.1.1 ... Open
User Access Verification
Password:
Password:
Router>
As you can see youre prompted for the VTY line password. If you enter the console line password, you will be denied access but
upon entering the correct vty line password youll be authorized to start an exec session as shown above.
Once youve established a telnet session to the router, try to gain privileged level access. Youll immediately notice that youll be
prompted for an enable password in which case none is set so therefore you cannot gain privileged level access.
Router>enable
Password:
Password:
Password:
% Bad passwords
Router>
Step 3. Configure an enable password and secret for the Cisco router to gain privileged level access to the device via telnet. This
configuration is done in global configuration mode. If you still have a telnet session open from the previous objective verification, type
exit. To configure an enable password execute the enable password passwordgoeshere command.
To configure an enable secret you simply execute the enable secret passwordgoeshere as shown below;
Router>exit
[Connection to 10.1.1.1 closed by foreign host]
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#enable password Cisco1
Router(config)#enable secret Cisco2
Router(config)#end
Router#
As shown above the enable password was set to Cisco1 and the enable secret was set to Cisco2

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-password-authentication/[4/12/2015 6:48:36 PM]

Configuring Basic Password Authentication | Free CCNA Workbook

The enable password and enable secret are used for the same authentication, which is to gain access to privileged mode
however if you have both enable password and enable secret set, the enable secret will override the enable password.
Once the enable passwords have been set verify the configuration by executing a reverse telnet to 10.1.1.1 and establishing a telnet
session using the previously set vty lines password then escalate to privileged level access.
Router#telnet 10.1.1.1
Trying 10.1.1.1 ... Open
User Access Verification
Password:
Router>enable
Password:
Password:
Router#
If you typed in the enable password first youll be rejected as the router also has an enable secret set of Cisco2.
Step 4. The last objective only applies to Cisco devices that have an Auxiliary (AUX) port. The AUX port is very similar to the console
port but has modem control pins where you can attach an external modem to the device and dial-in to the device via external 56k
modem and remote manage the device using POTS dial-up service. This is commonly used in out of band management for single
devices however when there are multiple devices per site and out of band management is required its common to have an accessserver setup with a modem to allow console management of multiple devices through a single dial-in device.
To set the AUX line password youll execute the same commands as youve previously done in the console line password
configuration as shown below;
Router#configure terminal
Enter configuration commands, one per line.
Router(config)#line aux 0
Router(config-line)#password AuxPassword123
Router(config-line)#login
Router(config-line)#end
Router#

End with CNTL/Z.

Previous Lab

Like

Tweet

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-password-authentication/[4/12/2015 6:48:36 PM]

Next Lab

Configuring Basic Password Authentication | Free CCNA Workbook

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-password-authentication/[4/12/2015 6:48:36 PM]

Configuring Local User Authentication | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Local User Authentication

Using a single shared password is not the most secure way to control authentication. Giving each individual a
username and password is easier to track. This lab will discuss and demonstrate local user authentication.

Real World Application


Commonly with Cisco devices, multiple users will be accessing and configuring the device, thus requires different user credentials for
individuals with different levels of access required to perform different management duties relating to the Cisco device.
This lab will discuss and demonstrate the configurational requirements for setting up local user accounts.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology and start R1.
Establish a console session with Router 1.
Configure the Loopback0 interface with a host address of 10.1.1.1

Lab Objectives
Configure a user account with the name Tom with a password of Cisco$123 and assign level 15 privileges to this user.
Configure a user account with the name Sally with a password of LetMeSee! and assign level 1 privileges to this user.
Configure the VTY lines 0 through 4 to authenticate incoming exec sessions with the Local User Database using the login

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-local-user-database-authentication/[4/12/2015 6:49:23 PM]

Configuring Local User Authentication | Free CCNA Workbook

local command under line configuration mode.


Verify your configuration by using reverse telnet via the Loopback0 interface.

Lab Instruction
Step 1. As required per the first object, create a user account with the username of tom and password of Cisco$123 and grant this
user level 15 privileges.
Router con0 is now available
Press RETURN to get started.
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#username tom privilege 15 secret Cisco$123

Step 2. Create a user account with the username of Sally and password of LetMeSee! and grant this user level 1 privileges.
Router(config)#username sally privilege 1 secret LetMeSee!
Read Me
Creating a user account with level 15 privileges will place the user in privileged mode upon a successful authentication therefore this
user will not need to provide an enable password. Use caution when assigning level 15 privileges.
Step 3. Configure the VTY lines 0 through 4 to authenticate incoming exec sessions to the local user database. This is done by
executing the login local under line configuration mode.
Router(config)#line vty 0 4
Router(config-line)#login local

Step 4. Verify your configuration by using reverse telnet via the Loopback0 interface. You should receive a username and password
prompt and upon a successful authentication based on the credentials provided you should be granted an exec shell session in user
mode if using the username sally or privileged mode if using the username tom as shown below;
Routerconfig-line)#end
Router#telnet 10.1.1.1
Trying 10.1.1.1 ... Open
User Access Verification
Username: tom
Password:
Router#

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-local-user-database-authentication/[4/12/2015 6:49:23 PM]

Next Lab

Configuring Local User Authentication | Free CCNA Workbook

Like

84 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-local-user-database-authentication/[4/12/2015 6:49:23 PM]

Configuring AAA Authentication Lists | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring AAA Authentication Lists

AAA Authentication lists are commonly used for multiple methods of authentication on a single device such as local
and line. This lab will discuss and demonstrate the configuration and verification of AAA Authentication Lists.

Real World Application and Core Knowledge


Its quite simple, companies with several Cisco devices commonly use RADIUS or TACACS+ for user authentication and
authorization. Local authentication is also used but only as a backup method when communication to the AAA server fails. AAA
servers, rather they be TACACS+ (pronounced tack axe plus) or RADIUS provide a centralized management point to control
authentication and authorization to Cisco devices or other vendor devices for not only management purposes of the device but for
other authentication methods as well such as remote VPN authentication, SSL VPN, 802.1x and proxy authentication.
Please note that the objective of this lab is not part of the CCNA (640-802) Exam objectives, however this material can be found on
the new CCNA Security certification; (Exam: 840-553 IINS). This lab was created to provide you a basic understanding of AAA;
that of which is commonly used in production networks for authentication, authorization and accounting.
When configuring AAA New-model, authorization is not configured by default on newer IOS images therefore when logging into a
Cisco Router and/or Switch with a user account that has level 15 privileges you will not automatically be placed into privileged mode
as you were in the older non-aaa login local authentication method. To fix this youll need to add a AAA statement to specify console
authorization. This is done by executing the aaa authorization console command in global configuration.
The same concepts apply to authorization via VTY lines, you will need to configure a the default authorization list to authorize
commands via local database privilege level, this is done by executing the command aaa authorization exec default local in global
configuration. If you also use a TACACS+ or RADIUS server, the authorization list will authenticate to the server group following the
local database in the event of an authentication server failure.
Note that when enabling AAA New-Model, if you save the configuration without a username and/or a default authentication list you

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-aaa-authentication-lists/[4/12/2015 6:49:45 PM]

Configuring AAA Authentication Lists | Free CCNA Workbook

WILL be locked out of the device and will have to perform a password recovery.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology and start R1.
Establish a console session with Router 1.
Configure a username and password of your choice with level 15 privileges in the local database; See Lab 3-2 for reference.

Lab Objectives
Enable AAA by executing the aaa new-model command in global configuration.
Configure a AAA login authentication list named CONSOLE_AUTH and authenticate to the local database only.
Configure the console line to authenticate using the authentication list you created named CONSOLE_AUTH
Verify your configuration by logging completely out of the router and back in.

Lab Instruction
Step 1. Enable AAA by executing the command aaa new-model in global configuration mode. This enables the new authentication
methods and disables the old authentication methods such as line passwords.
Router con0 is now available

Press RETURN to get started.

Router>enable
Router#configure terminal
Enter configuration commands, one per line.
Router(config)#aaa new-model

End with CNTL/Z.

Step 2. Configure a AAA login authentication list named CONSOLE_AUTH and authenticate to the local database only.
The syntax for configuring a AAA login authentication list is; aaa authentication login LISTNAME AUTHTYPE
In this objective the list name is CONSOLE_AUTH and the authentication type is LOCAL as shown below;
Router(config)#aaa authentication login CONSOLE_AUTH local

Step 3. Now youre ready to configure configure the console line to authenticate users attempting an exec session to the AAA login
authentication list you just created. This is a single command executed in line configuration mode; login authentication listname

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-aaa-authentication-lists/[4/12/2015 6:49:45 PM]

Configuring AAA Authentication Lists | Free CCNA Workbook

Router(config)#line con 0
Router(config-line)#login authentication CONSOLE_AUTH

Step 4. Verify your configuration by logging completely out of the router and logging back in via the console. If configured properly
you should be prompted for a username and password now as shown below;
Router(config-line)#end
Router#exit

Router con0 is now available

Press RETURN to get started.

User Access Verification


Username: john
Password:
Router>

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

The website was founded in late 2009

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-aaa-authentication-lists/[4/12/2015 6:49:45 PM]

GNS3 - Cisco Device Emulator


Download
Reddit.com CCNA Community

Configuring AAA Authentication Lists | Free CCNA Workbook

with the goal of providing FREE Cisco


CCNA labs that can be completed using
the GNS3 platform.

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-aaa-authentication-lists/[4/12/2015 6:49:45 PM]

Configuring AAA Authentication via TACACS+ Server | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

AAA Authentication via TACACS+

Most enteprise companies authenticate network users via TACACS+ to a Cisco ACS Server. This is useful for single
sign-on, management and tracking. This lab will discuss and demonstrate the configuration of a TACACS+ AAA
Authentication List.

Real World Application


No network engineer wants to spend countless hours of time maintaining local user accounts on hundreds of Cisco devices. This
issue was foreseen many many years ago and resolved with AAA. With AAA you can configure the Cisco device rather it be a router
or switch to authentication to a centralized user authentication database. Cisco sells a solution called the Cisco Secure Access
Server which is commonly used in networks larger then 50 nodes to provide centralized authentication, authorization and accounting
services for network devices.
Please note that the contents found in this lab are not part of the CCNA (640-802) Exam objectives, however this material can be
found on the new CCNA Security certification; (Exam: 840-553 IINS). This lab was created to provide you a basic understanding of
AAA; that of which is commonly used in production networks for authentication, authorization and accounting.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology and start R1.
Establish a console session with Router 1.
Complete Lab 3-3 prior to attempting this lab.
Create a local user account and password with level 15 privileges.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-aaa-authentication-via-tacacs-server/[4/12/2015 6:50:07 PM]

Configuring AAA Authentication via TACACS+ Server | Free CCNA Workbook

Lab Objectives
Configure a TACACS+ Server located at 10.1.1.20 with the key of P@s$W0rD!
Configure a login authentication list named CONSOLE_AUTH to authenticate to the tacacs server group then the local
database if authentication to the tacacs server times out.
Assign the authentication list to the console line and verify your configuration. (See Notes)

Lab Instruction
Step 1. First you need to configure the TACACS server host address and key, this is done by executing the tacacs-server host
x.x.x.x key keygoeshere as shown below;
Router con0 is now available
Press RETURN to get started.
Router>enable
Router#configure terminal
Router(config)#tacacs-server host 10.1.1.20 key P@s$W0rD!

Step 2. Now configure the AAA login authentication list name CONSOLE_AUTH to authenticate to the tacacs server first and fail
back to the local user database in the event of a server failure. As previously shown in Lab 3-2 the authtype was just local. The AAA
login authentication list follows the authtype in order from first to last in the syntax. To configure the list to authenticate to the tacacs
server, add group tacacs+ prior to local
To complete the 2nd objective; authenticate to the tacacs server then failback to the local database when the server fails, execute the
Lab 3-2;
Router(config)#line con 0
login
Router(config-line)#login authentication CONSOLE_AUTH group tacacs local
authentication
CONSOLE_AUTH
You will be unable to verify the actual TACACS server authentication as no TACACS server exist in this lab. You can download
with
a trial copy of Cisco ACS and configure the server to authenticate Cisco devices but that is outside of the scope of CCNA and
group
CCNA Security. For verification purposes, use the prerequisites configured local database username and password with level
tacacs
15 privileges.
local

appended
to it as
shown
Router con0 is now available
below;
Press RETURN to get started.

User Access Verification

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-aaa-authentication-via-tacacs-server/[4/12/2015 6:50:07 PM]

Configuring AAA Authentication via TACACS+ Server | Free CCNA Workbook

Username: john
Password:
Router>

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-aaa-authentication-via-tacacs-server/[4/12/2015 6:50:07 PM]

Configuring Secure Shell Virtual Terminal Access (SSH) | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring SSH Access

When it comes to device management you want to ensure that the traffic is secure and encrypted. Telnet
unfortunately is not encrypted which is why SSH is commonly used for administration of Cisco devices. This lab will
discuss and demonstrate the configuration of SSH v1.99 (v2)

Real World Application


Telnet just does not cut the cheese anymore when it comes to production network remote administration security. As you may be
aware, telnet does not encrypt the encapsulated payload so with that being said; anyone on the wire can sniff the traffic and
reconstruct the telnet communications which opens a major vulnerability that passwords can be sniffed as well as other types of
confidential sensitive information that traverses a network via the telnet protocol.
This has been a known issue since the birth of Telnet and has been resolved with the introduction of Secure Shell, also known as
SSH.
SSH in a nut shell is basically Telnet using encryption to securely encapsulate the traffic payload to prevent unwanted sniffing of such
traffic. SSH can use different types of encryption algorithms from Data Encryption Standard (DES) all the way up to AES 256Bit
CBC.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology and start R1.
Establish a console session with Router 1.
Create a loopback interface and configure it with the IP Address 10.1.1.1/24

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ssh-access/[4/12/2015 6:50:25 PM]

Configuring Secure Shell Virtual Terminal Access (SSH) | Free CCNA Workbook

Create an arbitrary username and password in the local user database as required by SSH in order for the VTY lines to
establish a remote exec session.
The VTY Line(s) authentication should be configured to authenticate to the local database. (Note that you can use login local
or a AAA authentication list to accomplish this)

Lab Objectives
Change the hostname from its default hostname Router to something specific to the device. ie; R1
To generate an RSA key, youre required to have a domain name set. Set the domain name executing the ip domain-name
domainname.net command in global configuration.
Create an RSA Genera-Usage certification that is self-signed by the Cisco device.
Configure the transport input protocol on the VTY lines to only accept SSH (this disables telnet and permits only ssh)

Lab Instruction
Step 1. As a requirement to generate an RSA general-usage key youll need to change the hostname to a hostname other then the
default Router hostname. In this case, you can use R1 as shown below;
Router con0 is now available

Press RETURN to get started.

Router>enable
Password:
Router#configure terminal
Enter configuration commands, one per line.
Router(config)#hostname R1
R1(config)#

End with CNTL/Z.

Step 2. Another requirement prior to generating an RSA certificate on the Cisco device is to set a domain name. For the purposes of
this lab, the domain name will be set to freeccnaworkbook.com as shown below;
R1(config)#ip domain-name freeccnaworkbook.com

Step 3. Now youre ready to generate the RSA certificate. To generate the RSA certification youll execute the crypto key generate
rsa general-keys modulus command followed by the modulus keysize which ranges between [360-2048]. As shown below, an RSA
certificate is generated using a 1024 bit modulus key.
R1(config)#crypto key generate rsa general-keys modulus 1024
The name for the keys will be: R1.freeccnaworkbook.com
% The key modulus size is 1024 bits
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ssh-access/[4/12/2015 6:50:25 PM]

Configuring Secure Shell Virtual Terminal Access (SSH) | Free CCNA Workbook

R1(config)#
%SSH-5-ENABLED: SSH 1.99 has been enabled
Youll notice that immediately after the RSA General use keys are generated, SSH v1.99 is enabled. Note that the larger the keysize,
the longer it takes to generate.
Once SSH v1.99 is enabled you can connect to the Cisco device remotely using the SSH v2 protocol found in Putty, SecureCRT and
other terminal emulators; excluding HyperTerminal as it does not support cryptographic connectivity.
Step 5. Configure the transport input protocol on the VTY lines to accept only SSH by executing the transport input ssh under the vty
line configuration mode as shown below;
R1(config)#line vty 0 4
R1(config-line)#transport input ssh

Step 6. Verify your SSH configuration by using the Cisco IOS SSH client and SSH to the routers loopback interface 10.1.1.1
Minimal documentation regarding the Cisco IOS SSH client exist. Use the Cisco IOS context help ? to view available ssh command
options.
R1(config-line)#end
R1#ssh -l john 10.1.1.1
Password:
R1#show ssh
Connection Version Mode Encryption Hmac
0
1.99
IN
aes128-cbc hmac-sha1
0
1.99
OUT aes128-cbc hmac-sha1
%No SSHv1 server connections running.
R1#

State
Session started
Session started

Previous Lab

Like

Tweet

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ssh-access/[4/12/2015 6:50:25 PM]

Username
john
john

Next Lab

Configuring Secure Shell Virtual Terminal Access (SSH) | Free CCNA Workbook

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ssh-access/[4/12/2015 6:50:25 PM]

Configuring Numbered Access Control Lists | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Numbered Access Control Lists

Numbered ACLs are commonly used for simple quick configurations where a single match is needed such as
specifying which host is allowed to access the device via SSH. This lab will discuss and demonstrate the configuration
of numbered Access Control Lists (ACLs)

Real World Application


Access Control Lists are the basis of all network security. ACLs control the flow of traffic through a device and can prevent unwanted
traffic from a particular source to a specific destination. This lab will discuss and demonstrate numbered access list which are not
very common due to the newer named access-list advantages. The biggest downfall of numbered access-list is the time involved
with editing a numbered acl. Unfortunately you cannot manually place ACEs (Access Control List Entries) on specific lines in the
ACL thus causing a time consuming edit to place an ACE on line 10 of a 100 line numbered ACL.
However, as a Cisco Network Engineer you will still see numbered access-list in the field from old deployments or inexperienced
network engineers not knowing the new way of configuring an ACL; either way, its still an objective of the CCNA certification.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and SW1.
Establish a console session with devices R1 and R2.
Configure R1s FastEthernet0/0 interface with the IP address 10.1.1.1/24 and R2s FastEthernet0/0 interface with 10.1.1.2/24
Verify you can ping R2s Ethernet interface from R1 and Vice Versa prior to starting this lab.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-numbered-access-control-lists/[4/12/2015 6:51:06 PM]

Configuring Numbered Access Control Lists | Free CCNA Workbook

Lab Objectives
Create a standard numbered access-list (number of your choice) to prevent the host 10.1.1.2 IP access inbound on R1 Fa0/0
and permit all other traffic. (Verify your configuration)
Create an extended numbered access-list (number of your choice) to prevent telnet access outbound R1 interface Fa0/0 to
host 10.1.1.3 and permit all other traffic.

Lab Instruction
There are several different specific ranges of numbered access-list used to perform different types of access control as shown below
from the Cisco CLI context sensitive help;
R1(config)#access-list ?
<1-99>
IP standard access list
<100-199>
IP extended access list
<1000-1099>
IPX SAP access list
<1100-1199>
Extended 48-bit MAC address access list
<1200-1299>
IPX summary address access list
<1300-1999>
IP standard access list (expanded range)
<200-299>
Protocol type-code access list
<2000-2699>
IP extended access list (expanded range)
<2700-2799>
MPLS access list
<300-399>
DECnet access list
<600-699>
Appletalk access list
<700-799>
48-bit MAC address access list
<800-899>
IPX standard access list
<900-999>
IPX extended access list
compiled
Enable IP access-list compilation
dynamic-extended Extend the dynamic ACL absolute timer
rate-limit
Simple rate-limit specific access list
Step 1. To complete the first objective of this lab you need to create a standard numbered access-list. By referencing the context
sensitive help youll notice the standard ip access-list numbers range between 1 and 99. You can choose a number of your own to
complete this objective but for the purposes of demonstration, number 50 will be used. The objective states that you need to block IP
host 10.1.1.2 inbound access at R1s FastEthernet0/0 interface but permit all other traffic. An example is shown below;
R1 con0 is now available

Press RETURN to get started.

R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#access-list 50 deny host 10.1.1.2
R1(config)#access-list 50 permit any

Now that the numbered access-list is created you need to apply it in the ingress direction of interface Fa0/0 on Router 1 as shown
below;
R1(config)#interface fa0/0
R1(config-if)#ip access-group 50 in

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-numbered-access-control-lists/[4/12/2015 6:51:06 PM]

Configuring Numbered Access Control Lists | Free CCNA Workbook

You can verify your configuration by pinging R1s Fa0/0 interface from R2, as a prerequisite you should have been able to ping the IP
prior to applying the access-list. Now if configured correctly your pings will be Unreachable;
R2>ping 10.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
U.U.U
Success rate is 0 percent (0/5)
R2>
You can also verify that the access-list is properly working by executing the show access-list command in privilege mode on R1. As
shown below by the command results youll notice that the first ACE has a hit count of 8;
R1(config-if)#end
R1#show access-list
Standard IP access list 50
10 deny
10.1.1.2 (8 matches)
20 permit any
R1#
Change the IP address on R2s FastEthernet interface to 10.1.1.3/24 and verify test your access-list again to ensure traffic destined
to destinations excluding 10.1.1.2/32 is permitted;
R2>enable
R2#configure terminal
R2(config)#interface fa0/0
R2(config-if)#ip add 10.1.1.3 255.255.255.0
R2(config-if)#end
R2#
Now ping R2s new Fa0/0 interface ip address (10.1.1.3) and verify you have successful communication;
R1#ping 10.1.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/43/76 ms
R1#
Step 2. Now its time to create an extended numbered access-list. As previously shown in the CLI context sensitive help, youll see
extended numbered access-list ranges between 100 and 199, however Cisco later added expanded ranges for both standard and
extended numbered access-lists. In this objective you need to create an access-list to block telnet traffic oubound on R1s Fa0/0
interface to the host 10.1.1.3 equal to telnet and permit all other traffic. Since telnet is TCP traffic, youll need to specifically match
the traffic by specifying the ACE is TCP only and match the protocol following the destination as you need to prevent traffic from
reaching that destination with the destination port number of 22 (telnet) as shown below;
R1#configure terminal
R1(config)#access-list 150 deny tcp any host 10.1.1.3 eq telnet
R1(config)#access-list 150 permit ip any any

Now this access-list needs to be applied in the egress direction on R1s interface Fa0/0;
R1(config)#interface fa0/0
R1(config-if)#ip access-group 150 out

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-numbered-access-control-lists/[4/12/2015 6:51:06 PM]

Configuring Numbered Access Control Lists | Free CCNA Workbook

Due to the nature of how the Cisco device sources traffic from its self, this objective cannot be tested unless another network and
static routes are configured which will be discussed in a later section. Traffic sourced from a router does not get processed by an
outbound access-list. However, any traffic that traverses the router from one network to host 10.1.1.3 equal to the telnet protocol will
be dropped.
Access-list can be configured on a Cisco device inbound and/or outbound and you must look at it in a way that the router is the traffic
cop saying what traffic is authorized to pass and what traffic gets smacked into the bit bucket.
There is a general rule of thumb when dealing with access list. In order for access lists to be the most effective you should place an
extended access-list closest to the source as possible and a standard access list closest to the destination as possible.
Also keep in mind that there is an IMPLICIT DENY at the end of every access-list, meaning you cannot see the deny statement but
configuration wise, it is the same thing as configuring deny any any at the end of the access list. So by default, traffic will be
dropped unless you permit it. Engineers often times place an explicit deny statement at the end of the access-list in order to log
denied traffic as a method of access-list troubleshooting.

Previous Lab

Like

Next Lab

100 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right

Junos Workbook | Free Juniper

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-numbered-access-control-lists/[4/12/2015 6:51:06 PM]

Configuring Numbered Access Control Lists | Free CCNA Workbook

CCNA labs that can be completed using


the GNS3 platform.

mind would build a perimeter using

JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-numbered-access-control-lists/[4/12/2015 6:51:06 PM]

Configuring Named Access Control Lists | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Named ACLs

It is much easier to remember names than numbers. It is also easier to manage named ACLs because you have the
ability to sequence line items in the ACL. This lab will discuss and demonstrate named Access Control Lists (ACLs)

Real World Application


Numbered Access List have a major downfall which is the ability to edit specific lines in the access-list. Unfortunately the only way to
do that is to edit the lines in a text editor and completely remove and re-add the ACL. Numbered access-list still can be found in
networks all around the world but engineers are now commonly using named access-list to ensure the ability to edit the acl on the fly
with minimal time required. Named ACLs also have a big advantage of being descriptive in the name such as an ACL named
VTY_ACCESS, its quite obvious that that ACL would be for vty line access control.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology and start R1.
Establish a console session with R1 than configure its hostname.
It is recommended that you complete the Previous Lab prior to starting this Lab.
Configure R1s FastEthernet0/0 interface with the IP address 169.254.20.3/29 and R1s FastEthernet0/1 interface with the IP
address 10.1.1.254/24

Lab Objectives

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-named-access-control-lists/[4/12/2015 6:51:27 PM]

Configuring Named Access Control Lists | Free CCNA Workbook

Configured a standard named access-list called INSIDE_IN and permit only 10.1.1.0/24 inbound access; place an explicit deny
statement on line 500 and log denied traffic. Apply this access-list inbound on interface Fa0/1
Configure an extended named access-list called OUTSIDE_IN and deny host 71.23.44.50 and host 204.221.190.5 eq www,
permit all other traffic. Apply this access-list inbound on interface FastEthernet0/0

Lab Instruction
Named access-lists are much like numbered access-list but with names and the addition of line numbers. Now you can specify what
line you wish to place an ACE in the ACL. For example you have an ACL with lines 5, 10, 15, 20, 25, 30 and you need to stick an
entry between line 15 and 20, now you have that ability without having to remove the entire access-list. The new ACE statement will
follow a specific line number when in named access-list configuration mode.
Step 1. The first objective states to create a standard named access-list and permit only the network 10.1.1.0/24 and to configure an
ace on line 500 that denies and logs all denied traffic. The syntax used to completely this objective is; ip access-list standard
ACLNAME as shown below.
R1#configure terminal
Enter configuration commands, one per line.

End with CNTL/Z.

R1(config)#ip access-list standard INSIDE_IN


R1(config-std-nacl)#
When in named access-list configuration mode, its common to start each ACE with a specific line number. If no line number is
specified, the ACE is placed at the bottom of the ACL. Its common to increment ACL line numbers by 5 or 10. To completely the first
Lab objective, configure line 10 to permit 10.1.1.0/24 and explicitly deny all other traffic on line 500 with logging enabled.
R1(config-std-nacl)#10 permit 10.1.1.0 0.0.0.255
R1(config-std-nacl)#500 deny any log

An extended access-list does not use a subnet mask to identify networks but rather wildcard mask which is the inverse notation
of a subnet mask. To read more about wildcards; CLICK HERE

Now in order to apply this named access-list to an interface you must navigate to the correct interface and execute the ip accessgroup command followed by the ACL name and direction as shown below;
R1(config-std-nacl)#exit
R1(config)#int f0/1
R1(config-if)#ip access-group INSIDE_IN in

You can verify your access-list configuration by executing the show access-list command;
R1(config-if)#do show access-list
Standard IP access list INSIDE_IN
10 permit 10.1.1.0, wildcard bits 0.0.0.255
500 deny
any log
R1(config-if)#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-named-access-control-lists/[4/12/2015 6:51:27 PM]

Configuring Named Access Control Lists | Free CCNA Workbook

As you can see you have plenty of space between line10 and the explicit deny statement on line 500 to inject more access control list
entries at a later time.
Step 2. Configure an extended named access-list called OUTSIDE_IN and deny host 71.23.44.50 and host 204.221.190.5 eq www,
permit all other traffic. Apply this access-list inbound on interface Fa0/0;
R1(config-if)#exit
R1(config)#ip access-list extended OUTSIDE_IN
R1(config-ext-nacl)#10 deny ip host 71.23.44.50 any
R1(config-ext-nacl)#20 deny tcp host 204.221.190.5 any eq www
R1(config-ext-nacl)#500 permit ip any any

Now assign the newly created extended named access-list inbound on R1s FastEthernet0/0 interface as shown below;
R1(config-ext-nacl)#exit
R1(config)#int f0/0
R1(config-if)#ip access-group OUTSIDE_IN in

To verify your access-list configuration execute the show access-list OUTSIDE_IN command from privileged mode or by using the do
command within a configuration mode as shown below;
R1(config-ext-nacl)#do sh access-list OUTSIDE_IN
Extended IP access list OUTSIDE_IN
10 deny ip host 71.23.44.50 any
20 deny tcp host 204.221.190.5 any eq www
500 permit ip any any
R1(config-ext-nacl)#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-named-access-control-lists/[4/12/2015 6:51:27 PM]

Configuring Named Access Control Lists | Free CCNA Workbook

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-named-access-control-lists/[4/12/2015 6:51:27 PM]

Configuring the VTY Lines Access Control List | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring VTY Lines ACL

When it comes to mgmt traffic, you want to ensure that ONLY authorized host even have the ability to access the
device. This lab will discuss and demonstrate the configuration and verification of applying an ACL to the VTY Lines.

Real World Application


In production networks its a common security policy to control remote administration to network devices using an access control list
specifying only a particular administrative subnets and/or hosts on the network access to establish a remote exec session to the
device for management.
This lab will teach you how to configure an ACL to control specific networks and/or host access to establish an exec session via VTY
lines used for remote administration.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices start R1, R2, R3 and SW1.
Establish a console session with devices R1, R2, R3 and SW1 than configure their respected host names.
Configure the IP address 10.1.1.1/24 on the FastEthernet0/0 interface of R1.
Configure the IP address 10.1.1.2/24 on the FastEthernet0/0 interface of R2.
Configure the IP address 10.1.1.3/24 on the FastEthernet0/0 interface of R3
Configure a local username and password on R1 with level 15 privileges which will be used to authenticate VTY exec sessions
locally.
Configure R1 to accept both Telnet and SSH sessions.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-vty-lines-access-control-list/[4/12/2015 6:51:47 PM]

Configuring the VTY Lines Access Control List | Free CCNA Workbook

Lab Objectives
Create a named extended access-list called VTY_ACCESS
Deny host 10.1.1.3 from accessing the vty lines via telnet.
Permit the network range 10.1.1.0/24 to use telnet or ssh
Deny all other traffic and log the denied attempted connections.
Configure the access-list on the vty lines using the access-class command.
Verify your configuration and connectivity using R2 and R3.

Lab Instruction
One of the biggest new management features of 12.3T and 12.4 mainline is the ability to use extended access-lists to permit
particular traffic to establish an exec session to the vty lines of a Cisco device using a particular protocol; ie, telnet and/or ssh.
Step 1. Configure a named access-list on R1 called VTY_ACCESS
R1 con0 is now available

Press RETURN to get started.

R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip access-list extended VTY_ACCESS
R1(config-ext-nacl)#
Step 2. Deny host 10.1.1.3 from accessing the vty lines via telnet. In order to complete this objective youll need to specify the
source as host 10.1.1.3 and destination as any eq telnet as shown below;
R1(config-ext-nacl)#10 deny tcp host 10.1.1.3 any eq telnet
Read Me
When traffic is destined to the control plane of the device, in an ACL it is represented as 0.0.0.0/0; AKA: any
Step 3. Permit the network range 10.1.1.0/24 to use telnet or ssh. This objective will require two access list entries, one for telnet
(tcp port 23) and one for ssh (tcp port 22) as shown below;
R1(config-ext-nacl)#20 permit tcp 10.1.1.0 0.0.0.255 any eq 22
R1(config-ext-nacl)#30 permit tcp 10.1.1.0 0.0.0.255 any eq 23

Step 4. Deny all other traffic and log the denied connection attempts.
R1(config-ext-nacl)#500 deny ip any any log

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-vty-lines-access-control-list/[4/12/2015 6:51:47 PM]

Configuring the VTY Lines Access Control List | Free CCNA Workbook

Step 5. Configure the access-list on the vty lines using the access-class command.
R1(config-ext-nacl)#line vty 0 4
R1(config-line)#access-class VTY_ACCESS in
R1(config-line)#end
R1#

Step 6. Verify your configuration and connectivity using R2 and R3.


Before verifying the connectivity using R2 and R3 first be sure to verify your access-list on R1 using the show ip access-list
R1#show access-list
Extended IP access list VTY_ACCESS
10 deny tcp host 10.1.1.3 any eq telnet
20 permit tcp 10.1.1.0 0.0.0.255 any eq 22
30 permit tcp 10.1.1.0 0.0.0.255 any eq telnet
500 deny ip any any log
R1#
After verifying the access-list is correct, you can then test connectivity to R1 from R2 using Telnet and/or SSH. Keep in mind when
you Telnet or SSH from a Cisco device it will use the IP address of the interface that traffic exits to get to that destination, in this case
10.1.1.2/24 as shown below by the show users command;
R2#telnet 10.1.1.1
Trying 10.1.1.1 ... Open
User Access Verification
Username: tom
Password:
R1#show users
Line
0 con 0
* 2 vty 0

User

Interface

User

tom

Host(s)
idle
idle

Idle
Location
00:14:12
00:00:00 10.1.1.2
Mode

Idle

Peer Address

R1#exit
[Connection to 10.1.1.1 closed by foreign host]
R2#ssh -l tom 10.1.1.1
Password:
R1#sh ssh
Connection Version Mode Encryption Hmac
0
1.99
IN
aes128-cbc hmac-sha1
0
1.99
OUT aes128-cbc hmac-sha1
%No SSHv1 server connections running.
R1#

State
Session started
Session started

Username
tom
tom

Now using R3 verify that 10.1.1.3/24 is being denied access via telnet and permitted access via SSH to R1 as shown below;
R3#telnet 10.1.1.1
Trying 10.1.1.1 ...
% Connection refused by remote host
R3#ssh -l tom 10.1.1.1
Password:
R1#show ssh

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-vty-lines-access-control-list/[4/12/2015 6:51:47 PM]

Configuring the VTY Lines Access Control List | Free CCNA Workbook

Connection Version Mode Encryption Hmac


State
0
1.99
IN
aes128-cbc hmac-sha1
Session started
0
1.99
OUT aes128-cbc hmac-sha1
Session started
%No SSHv1 server connections running.
R1#show users
Line
User
Host(s)
Idle
Location
0 con 0
idle
00:13:53
* 2 vty 0
tom
idle
00:00:00 10.1.1.3
Interface

User

Mode

Idle

Username
tom
tom

Peer Address

R1#
You can verify that telnet was indeed denied using the vty line ACL on R1 by executing the show access-list command in privileged
mode. This will show you a hit count number beside each access control list entry;
R1#show access-list
Extended IP access list VTY_ACCESS
10 deny tcp host 10.1.1.3 any eq telnet (1 match)
20 permit tcp 10.1.1.0 0.0.0.255 any eq 22 (4 matches)
30 permit tcp 10.1.1.0 0.0.0.255 any eq telnet (6 matches)
500 deny ip any any log
R1#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right

Junos Workbook | Free Juniper

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-vty-lines-access-control-list/[4/12/2015 6:51:47 PM]

Configuring the VTY Lines Access Control List | Free CCNA Workbook

CCNA labs that can be completed using


the GNS3 platform.

mind would build a perimeter using

JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-vty-lines-access-control-list/[4/12/2015 6:51:47 PM]

Configuring the Password Encryption Service | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Password Encryption Service

Allowing people to see your configuration passwords in plain text is a bad idea. This lab will discuss and demonstrate
the configuration of the Cisco IOS password encryption service.

Real World Application


Level 7 encryption on a Cisco device by todays cryptographic standards is considered extremely weak. There are many websites
that offer a decryption applet to allow you to copy and paste a service password encrypted hash and decrypt the hash for you to
clear text. An example website being this website here.
This lab you will teach you how to configure the password encryption service to encrypt clear text passwords using to level 7
encryption on a Cisco Router and/or Switch.
There is however a good use for this encryption service which is to prevent peaking toms from looking over your shoulder while you
have a configuration displayed on screen from viewing clear text passwords.
When posting configurations online to share be sure to remove the type 7 encrypted passwords as these passwords can be easily
cracked. Type 5 passwords use a MD5 hash which is a one-way (non-reversible) 128bit algorithm. This password cannot be
decrypted due to the nature of the algorithm. When you authenticate to a Cisco device that stores the password in MD5 format, the
device encrypts the password string you provided and matches it to the string stored in configuration. If it matches then the
authentication is successful, if not then authentication is not and your password is declined.
Keep in mind type 7 passwords are considered weak whereas type 5 passwords are uncrackable pe se.
Type 5 password hashes cannot be decrypted with rainbow tables due to the fact the Type 5 password hash is divided into 3
separate sections. Using the Type 5 password hash found in the lab instruction of this lab, $1 represents the Cisco type 5 password,
the $ID2R which represents the salt and $2AKUK4US6yUQVkggSMkLV0 is the actual MD5 hash that is calculated with the salt.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-password-encryption-service/[4/12/2015 6:52:06 PM]

Configuring the Password Encryption Service | Free CCNA Workbook

Cisco does not publish how the salt is technically used in the calculation of the md5 hash therefore it is unknown.
Salts are used in a manner to ensure extra security for md5 strings making them unique and proprietary to the salt function written.
For example; lets say we use the password Hello123 and Cisco places the randomly generated salt after the 2nd character in the
actual passphrase, the prehashed password value would than become He$SALTllo123 in which case would give you a unique
md5 string. Ultimately the point Im tryign to make is that the technique in which Cisco uses the SALT function is proprietary. Keep in
mind salt is randomly generated and stored with the password hash which makes it nearly impossible to even create a rainbow for
every current value of the standard md5 rainbow table because you dont know the function in how the Salt is used as well as you
cannot write a script to set the password on a Cisco device to every possible password found in the rainbow table as the salt is
randomly generated every time you use the enable secret XXXX command.
So when someone tells you that the type5 can be cracked by a rainbow table is completely incorrect as a standard rainbow table will
NOT work because a standard rainbow table does not have MD5 hash values for every possible salted password hashed value that
Cisco IOS can generate.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology and start R1.
Establish a console session with Router 1 than configure the devices respected hostname.

Lab Objectives
Configure a user account locally using the username tom and the secret Cisco
Configure a user account locally using the username john and the password Cisco
Verify that the user accounts tom and john were created by viewing the running configuration.
In global configuration mode enable the password encryption service by executing the service password-encryption
Verify that johns username was encrypted after enabling the password encryption service.
Disable the password encryption service and view if type 5 encryption is removed automatically when the password-encryption
service is disabled.

Lab Instruction
Step 1. Configure a user account locally using the username tom and the secret Cisco
R1 con0 is now available

Press RETURN to get started.

R1>enable
R1#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-password-encryption-service/[4/12/2015 6:52:06 PM]

Configuring the Password Encryption Service | Free CCNA Workbook

configure terminal
Enter configuration commands, one per line.
R1(config)#username tom secret Cisco

End with CNTL/Z.

Step 2. Configure a user account locally using the username john and the password Cisco;
R1(config)#username john password Cisco

Step 3. Verify that the user accounts tom and john were created by viewing the running configuration. TIP: You can view the user
names in the running-configuration by using a regular expression as shown below;
R1(config)#do show run | inc username
username tom privilege 15 secret 5 $1$ID2R$2AKUK4US6yUQVkggSMkLV0
username john privilege 15 password 0 Cisco
R1(config)#
Step 4. In global configuration mode enable the password encryption service by executing the service password-encryption as
shown below;
R1(config)#service password-encryption

Step 5. Verify that johns username was encrypted after enabling the password encryption service by viewing the user names in the
running-configuration as shown below;
R1(config)#do show run | inc username
username tom privilege 15 secret 5 $1$ID2R$2AKUK4US6yUQVkggSMkLV0
username john privilege 15 password 7 106D000A0618
R1(config)#
Step 6. Disable the password encryption service and view if type 7 encryption is removed automatically when the passwordencryption service is disabled.
R1(config)#no service password-encryption
R1(config)#do show run | inc username
username tom privilege 15 secret 5 $1$ID2R$2AKUK4US6yUQVkggSMkLV0
username john privilege 15 password 7 106D000A0618
R1(config)#

When removing the password-encryption service, pre-existing type 7 encrypted passwords will NOT be automatically decrypted.

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-password-encryption-service/[4/12/2015 6:52:06 PM]

Next Lab

Configuring the Password Encryption Service | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-password-encryption-service/[4/12/2015 6:52:06 PM]

Configuring EXEC and Absolute Timeouts | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring EXEC and Absolute Timeouts

Its always good practice to inactivity timeouts on users logged into devices for mgmt purposes. This lab will discuss
and demonstrate the configuration and verification of EXEC and absolute timeouts.

Real World Application


It is common to have a session time in a corporate security policy. In a simple way of putting it, the exec-timeout will terminate an
exec session after the session has been idle for the configured exec-timeout time. The default is 10 minutes.
An absolute timeout however is a the maximum amount of time a single session can remain established. So if you have an absolute
timeout of 12 minutes than even if the user is active, the session will be disconnected at after 12 minutes.
An absolute-timeout is sometimes used on access-servers to force and exec session to terminate regardless if the state is idle after
the specified time.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1.
Establish a console session with devices R1 than configure the devices respected hostname(s).
Create a Loopback interface on R1 and assign it the IP address 10.1.1.1/32
Create a username and password with level 15 privileges and set the VTY lines to authenticate locally.

Lab Objectives

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-exec-timeout-and-absolute-timeout/[4/12/2015 6:52:29 PM]

Configuring EXEC and Absolute Timeouts | Free CCNA Workbook

Configure a one minute exec-timeout on vty lines 0 through 4 of R1 than verify your configuration by establishing a telnet
session to the Loopback0 interface IP address. Once authenticated wait one minute.
Remove the previously configured exec-timeout configuration on R1s vty lines than configure a two minute absolute timeout
on the VTY lines. Afterwards verify your configuration by establishing a telnet session to the Loopback0 interface IP address
and waiting two minutes. If configured correctly you will be automatically disconnected after 120 seconds.

Lab Instruction
Step 1. Configure a 1 minute exec-timeout on vty lines 0 through 4 of R1 and verify your configuration by telneting to the
Loopback0 ip address, authenticating and then idling for 1 minute.
R1 con0 is now available

Press RETURN to get started.

R1>enable
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#line vty 0 4
R1(config-line)#exec-timeout 2
R1(config-line)#end
R1#telnet 10.1.1.1
Trying 10.1.1.1 ... Open

End with CNTL/Z.

User Access Verification


Username: tom
Password:
R1#
[Connection to 10.1.1.1 closed by foreign host]
R1#

Step 2. Remove the previously configured exec-timeout configuration on R1s vty lines than configure a two minute absolute
timeout on the VTY lines. Afterwards verify your configuration by establishing a telnet session to the Loopback0 interface IP address
and waiting two minutes. If configured correctly you will be automatically disconnected after 120 seconds.
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#line vty 0 4
R1(config-line)#no exec-timeout
R1(config-line)#absolute-timeout 2
R1(config-line)#end
R1#telnet 10.1.1.1
Trying 10.1.1.1 ... Open

End with CNTL/Z.

User Access Verification


Username: tom
Password:
R1#
*
*
* Line timeout expired

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-exec-timeout-and-absolute-timeout/[4/12/2015 6:52:29 PM]

Configuring EXEC and Absolute Timeouts | Free CCNA Workbook

*
[Connection to 10.1.1.1 closed by foreign host]
R1#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-exec-timeout-and-absolute-timeout/[4/12/2015 6:52:29 PM]

Configuring Cisco IOS Web Server Authentication | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

IOS Web Server Authentication

Cisco IOS has its own integrated web server and by best practice you would never want to allow anonymous access
to your devices flash memory. This lab will discuss and demonstrate the IOS web server authentication mechanism.

Real World Application


Configuring Cisco IOS Web Server (HTTP and HTTPS) authentication is a common configuration used in production networks to
authenticate unique users on devices that use self-hosted management web interfaces such as Cisco routers running the Cisco
Security Device Manager (SDM) web interface of the Cisco Catalyst Switches that host the Web Based Device Management
interface.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1.
Establish a console session with devices R1 than configure the devices respected hostname(s).
If youre using GNS3 complete this lab than an Ethernet NIO Cloud is required to be connected to R1s FastEthernet1/0
Interface. Reference Lab 1-8 Configuring a GNS3 Ethernet NIO Cloud for NIO cloud configuration.
Configure a local user account with level 15 privileges used for web authentication in this Lab.
Configure the FastEthernet0/0 interface with DHCP or a Static IP address local to your LAN so you can access the switch via
Internet Explorer or FireFox web browser.

Lab Objectives

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-ios-web-server-authentication/[4/12/2015 6:52:49 PM]

Configuring Cisco IOS Web Server Authentication | Free CCNA Workbook

Configure R1 to use the domain name freeccnaworkbook.com.


Enable the Cisco IOS Secure Web server by using the ip http secure-server command in global configuration.
Configure the Cisco IOS Web Service to authenticate to the local user database.
Verify your configuration by connecting to the devices FastEthernet0/0 IP Address via Internet Explorer or FireFox and using
the credentials configured in the lab prerequisites section.

Lab Instruction
Step 1. Configure R1 to use the domain name freeccnaworkbook.com as shown below;
R1 con0 is now available

Press RETURN to get started.

R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip domain-name freeccnaworkbook.com

Step 2. Enable the Cisco IOS secure web server by executing the ip http secure-server command in global configuration as shown
below;
R11(config)#ip http secure-server
% Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
%SSH-5-ENABLED: SSH 1.99 has been enabled
R1(config)#
Step 3. Configure the Cisco IOS Web Service to authenticate to the local user database as shown below;
R1(config)#ip http authentication local

Step 4. Verify your configuration by connecting to the devices FastEthernet0/0 IP Address via Internet Explorer or FireFox and
using the credentials configured in the lab prerequisites section.
Read Me
To view the full resolution of the images below, click the thumbnail image(s) to open the image in a new browser tab.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-ios-web-server-authentication/[4/12/2015 6:52:49 PM]

Configuring Cisco IOS Web Server Authentication | Free CCNA Workbook

As shown in the image above you are prompted for a username and password. Provide the username and password you created in
the prerequisite. Once authenticated successfully you will be presented with the following page;

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-ios-web-server-authentication/[4/12/2015 6:52:49 PM]

Next Lab

Configuring Cisco IOS Web Server Authentication | Free CCNA Workbook

Like

136 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-ios-web-server-authentication/[4/12/2015 6:52:49 PM]

Configure Logging to a Remote SYSLog Server | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Logging to a Syslog Server

Logging information is crucial to understanding hiccups in your network infrastructure. Commonly this is done by
SYSLog. This lab will discuss and demonstrate the configuration and verification of SYSLog.

Real World Application


In production networks routers moan and groan every minute theoretically speaking. Interfaces going up and down, ACL hit counts
incrementing, configuration changes and etc From an administrative standpoint one needs to track all the messages that the
devices generate, these are known as system log messages. Of course one would never log each device to its self as this would be
an administrative disaster to have to pull logs from every single device in the network. Most companies that have a full time engineer
would no doubtingly place a SYSLog server in the network to collect all the messages generated by Cisco devices.
After all why check tens, hundreds if not thousands of devices for local log messages when you can check a single server for log
messages of every device in the network?

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1.
Establish a console session with devices R1 than configure the devices respected hostname(s).
If youre using GNS3 youll need to delete the link connecting to R1s FastEthernet0/0 and configure a Cloud interface linking
to R1s FastEthernet0/0 interface. For reference of this configuration refer to Lab 1-8 Configuring a GNS3 Ethernet NIO
Cloud Configuring a GNS3 Ethernet NIO Cloud
For testing purposes, download Solarwinds Kiwi SYSLog Server which can be found HERE

http://www.freeccnaworkbook.com/workbooks/ccna/configure-logging-to-a-remote-syslog-server/[4/12/2015 6:53:08 PM]

Configure Logging to a Remote SYSLog Server | Free CCNA Workbook

Lab Objectives
Configure R1 to enable logging towards the host IP address assigned to your Cloud 1 Adapter.
Configure the logging option to log level 7 (Debugging) messages and lower.
Generate some SYSLog messages by debugging IP Packet and ping the Clouds interface IP.
Verify the SYSLog messages are correctly sent to the Kiwi SYSLog Server.

Lab Instruction
Step 1. Configure R1 to enable logging towards the host IP address assigned to your Cloud 1 Adapter. To complete this objective
you will use the logging host x.x.x.x command whereas x.x.x.x is the IP address of the SYSLog Server as shown below;
R1 con0 is now available

Press RETURN to get started.

R1>enable
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#logging host 192.168.2.3

End with CNTL/Z.

Step 2. Configure the logging option to log level 7 (Debugging) messages and lower. To complete this task you will use the logging
trap command followed by the level highest level you wish to log (1-7)
R1(config)#logging trap 7
R1(config)#end
R1#
%SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 192.168.2.3 port 514 started
- CLI initiated
R1#
Step 3. Generate some manual SYSLog messages by debugging IP Packet and ping the Clouds interface IP.
R1#debug ip icmp
ICMP packet debugging is on
R1#ping 192.168.255.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.255.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/24/100 ms
R1#
ICMP: echo reply rcvd, src 192.168.255.10, dst 192.168.255.1
ICMP: echo reply rcvd, src 192.168.255.10, dst 192.168.255.1
ICMP: echo reply rcvd, src 192.168.255.10, dst 192.168.255.1
ICMP: echo reply rcvd, src 192.168.255.10, dst 192.168.255.1
ICMP: echo reply rcvd, src 192.168.255.10, dst 192.168.255.1
R1#
Step 4. Verify the SYSLog messages are correctly sent to the Kiwi SYSLog Server.

http://www.freeccnaworkbook.com/workbooks/ccna/configure-logging-to-a-remote-syslog-server/[4/12/2015 6:53:08 PM]

Configure Logging to a Remote SYSLog Server | Free CCNA Workbook

To verify the remote SYSLog is configured properly on R1 youll need a SYSLog server configured on your host machine. For
the purposes of the Free CCNA Workbook lab, Solarwinds Kiwi Server is used for configuration verification. The Kiwi SYSLog
Server IP address is 192.168.255.10/24 and R1s FastEthernet0/0 IP Address is 192.168.255.1/24

A screen shot below that Solarwinds Kiwi is properly receiving the SYSLog messages; Click image to enlarge in new web browser
tab.

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

http://www.freeccnaworkbook.com/workbooks/ccna/configure-logging-to-a-remote-syslog-server/[4/12/2015 6:53:08 PM]

Configure Logging to a Remote SYSLog Server | Free CCNA Workbook

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configure-logging-to-a-remote-syslog-server/[4/12/2015 6:53:08 PM]

Configuring Cisco Discovery Protocol (CDP) | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Cisco Discovery Protocol (CDP)

When working on a network with limited access to documentation you can easily discovery neighboring Cisco devices
using CDP. This lab will discuss and demonstrate the functions of Cisco Discovery Protocol (CDP).

Real World Application & Core Knowledge


Cisco Discovery Protocol is used every single day by network engineers world wide to document and understand physical network
topologies with no documentation at all. CDP operates at Layer 2 of the OSI model and exchanges device information between
MOST Cisco devices such as IP address(es), physical link connectivity, port identifiers, IOS version of neighboring devices, device
capabilities, native VLAN, duplex and VTP management domain.
In this lab you will familiarize yourself with the following commands;

Command

Description

show cdp

Shows CDP hello timer, holdtime and current CDP version running being advertised.

show cdp neighbors

Shows directly connect Cisco device information including hostname, local and remote port(s), Device
capabilities and platform.

show cdp neighbors


detail

Shows detailed information about directly connected Cisco devices such as IOS Version, VTP
management domain, native VLAN and duplex.

clear cdp table

Clears the devices CDP table on the local device and relearns all directly connected Cisco devices by
inspecting received CDP frames on local interfaces.

cdp timer <10-45>

Manually sets the CDP advertisement timer (hello timer) to the specified time in seconds. This
command is configured in global configuration mode.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-discovery-protocol-cdp/[4/12/2015 6:53:27 PM]

Configuring Cisco Discovery Protocol (CDP) | Free CCNA Workbook

cdp holdtime <10-45>

Manually sets the CDP holdtime (dead timer) timer to the specified time in seconds. This command is
configured in global configuration mode.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1 and SW1
Establish a console session with devices R1 and SW1 than configure the devices respected hostname(s).
Configure the IP Address 192.168.255.1/24 on R1s FastEthernet0/0 interface
Configure the IP address 192.168.255.254/24 on SW1s Vlan1 interface.

Lab Objectives
Using only R1, determine which IOS feature set and version is running on SW1.
Using only SW1, determine the IP address of R1 learned via CDP.
Using only R1, determine the port R1 is connected to on SW1.
Using only R1, determine what the Native VLAN and VTP Domain is on the switchport that R1 is directly connected to.
Change the default timers on both R1 and SW1 from 60/180 to 15/45 and verify your configuration changes.

Lab Instruction
Step 1. Using only R1, determine which IOS feature set and version is running on SW1. To determine this information you will
execute the show cdp neighbor detail command in user or privileged mode on R1 as shown below.
R1>show cdp neighbors detail
------------------------Device ID: Router
Entry address(es):
Platform: Cisco 3640, Capabilities: Router Switch IGMP
Interface: FastEthernet0/0, Port ID (outgoing port): FastEthernet0/1
Holdtime : 134 sec
Version :
Cisco IOS Software, 3600 Software (C3640-JK9O3S-M), Version 12.4(13a),
RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Tue 06-Mar-07 20:25 by prod_rel_team
advertisement version: 2
VTP Management Domain: ''
Duplex: full
R1>
As shown above by the underlined statements; SW1 is running ENTERPRISE/FW/IDS PLUS IPSEC 3DES Version 12.4(13a).
Step 2. Using only SW1, determine the IP address of R1 learned via CDP. To obtain this information you will use the show cdp

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-discovery-protocol-cdp/[4/12/2015 6:53:27 PM]

Configuring Cisco Discovery Protocol (CDP) | Free CCNA Workbook

neighbors detail command on SW1 in either user or privileged mode as shown below;
SW1#show cdp neighbors detail
------------------------Device ID: R1
Entry address(es):
IP address: 192.168.255.1
Platform: Cisco 3725, Capabilities: Router Switch IGMP
Interface: FastEthernet0/1, Port ID (outgoing port): FastEthernet0/0
Holdtime : 168 sec
Version :
Cisco IOS Software, 3700 Software (C3725-ADVENTERPRISEK9-M), Version
12.4(15)T14, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Tue 17-Aug-10 12:08 by prod_rel_team
advertisement version: 2
VTP Management Domain: ''
Duplex: full
SW1#
As shown above by the underlined statements; R1 has the IP address 192.168.255.1 assigned to the interface which the CDP frame
was sent out.

Step 3. Using only R1, determine the port R1 is connected to on SW1. To obtain this information you can use either the show cdp
neighbors or show cdp neighbors detail command.
R1#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID
SW1
R1#

Local Intrfce
Fas 0/0

Holdtme
125

Capability
R S I

Platform Port ID
3640
Fas 0/1

As shown above by the underlined statements; R1 FastEthernet0/0 interface is connected to SW1s FastEthernet0/1 port.
Step 4. Using only R1, determine what the Native VLAN and VTP Domain is on the switchport that R1 is directly connected to. This
information is obtained by using the show cdp neighbors detail command as shown below;
R1>show cdp neighbors detail
------------------------Device ID: SW1
Entry address(es):
IP address: 192.168.255.254
Platform: Cisco 3640, Capabilities: Router Switch IGMP
Interface: FastEthernet0/0, Port ID (outgoing port): FastEthernet0/1
Holdtime : 157 sec
Version :
Cisco IOS Software, 3600 Software (C3640-JK9O3S-M), Version 12.4(13a),
RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Tue 06-Mar-07 20:25 by prod_rel_team
advertisement version: 2
VTP Management Domain: ''
Duplex: full
R1>
As shown above by the underlined statements; the VTP Domain is blank. This is called NULL which simply means that no VTP

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-discovery-protocol-cdp/[4/12/2015 6:53:27 PM]

Configuring Cisco Discovery Protocol (CDP) | Free CCNA Workbook

domain has been configured on the switch that advertised that CDP Frame. The native VLAN number on the switchs port that R1 is
directly connected to is VLAN 1.
Step 5. Clear the CDP table on R1 and verify that it has been cleared; afterwards verify that R1 relearns about SW1. To clear the
CDP table, use the clear cdp table command in privileged mode as shown below followed by the verification;
R1#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID
Local Intrfce
Holdtme
Capability Platform Port ID
SW1
Fas 0/0
173
R S I
2650XM
Fas 1/0
R1#clear cdp table
R1#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID
R1#

Local Intrfce

Holdtme

Capability

Platform

Port ID

Step 6. Change the default timers on both R1 and SW1 from 60/180 to 15/45 and verify your configuration changes. To make these
changes you will use the cdp timer and cdp holdtime commands in global configuration. To verify the changes made use the show
cdp command in user or privileged mode as shown below;
R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#cdp timer 15
R1(config)#cdp holdtime 45
R1(config)#end
%SYS-5-CONFIG_I: Configured from console by console
R1#show cdp
Global CDP information:
Sending CDP packets every 15 seconds
Sending a holdtime value of 45 seconds
Sending CDPv2 advertisements is enabled
R1#

Previous Lab

Like

Tweet

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-discovery-protocol-cdp/[4/12/2015 6:53:27 PM]

Next Lab

Configuring Cisco Discovery Protocol (CDP) | Free CCNA Workbook

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-discovery-protocol-cdp/[4/12/2015 6:53:27 PM]

Creating Virtual Local Area Networks (VLANs) | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Creating Virtual Local Area Networks (VLANs)

Understanding the creation and management of VLANs in todays modern networks is crucial to a successful network
engineer. This lab will discuss and demonstrate the configuration and verification of VLANs on the Catalyst Series
Switch.

Real World Application & Core Knowledge


First off lets start off with the definition of a flat network. A Flat network is a type of network design where the network engineer
unknowingly daisy chains together hubs and/or switches to create one single large network that encompass hundreds if not
thousands of devices in a broadcast domain.
From a design perspective this is an insanely bad idea as broadcast and control traffic can overwhelm the network. In a real world
production multi-access network such as ethernet you will notice network performance degrades when you hit the 400+ host on a
given subnet. The most common network size is a /24 netmask which can address 254 usable host ip addresses.
So how do you create a network larger then 400+ nodes? The answer is actually quite a simple 4 letter acronym called VLANs.
Virtual Local Area Networks in the simplest terms partitions a physical switch into multiple isolated LANs so that traffic on one VLAN
cannot communicate to traffic on another VLAN unless it is done so by a router. VLANs can easily be explained as layer 2 network
segregation, whereas layer 3 segregation would be considered sub netting which will be discussed in section 6.
The driving factor to create VLANs is to control the size of a given layer 2 network segment so that broadcast and control traffic does
not overwhelm the given network segment.
Keep in mind when working with the Free CCNA Workbook GNS3 topology that SW1, SW2 and SW3 are Cisco 3640 series routers
with the NM-16ESW switch module. This switch module is configured differently then Cisco Catalyst Series switches. To configure
VLANs on a router which has the NM-16ESW module installed youll need to create the VLANs in VLAN Database Configuration
mode. Keep in mind that the VLAN Database configuration mode has been depreciated in newer Cisco switch IOS software and

http://www.freeccnaworkbook.com/workbooks/ccna/creating-virtual-local-area-networks-vlans/[4/12/2015 6:53:48 PM]

Creating Virtual Local Area Networks (VLANs) | Free CCNA Workbook

creating a VLAN on a Cisco switch is now done via global configuration mode using the vlan # name VLAN_NAME command.
Also note that when verifying NM-16ESW switch configurations that the commands will be slightly different then a Cisco Catalyst
Switch running IOS. It is recommended to purchase a Cisco Catalyst switch such as a 2950G or preferably a 3550 to familiarize
yourself with the commands on a Catalyst based switch.
In this lab you will familiarize yourself with the following commands;

Command

Description

vlan database

This command is executed in privileged mode which places you into VLAN Database
configuration mode. If you are using the Free CCNA Workbook GNS3 topology then this
command will be used quite often throughout Section 4 as SW1, SW2 and SW3 are Cisco
3640s with the NM-16ESW Switch module installed in slot0.

vlan # name vlan_name

This command is executed in VLAN Database configuration mode to create and name a VLAN
when using the NM-16ESW.

abort

This command is executed in VLAN Database configuration mode to exit the VLAN Database
configuration mode without applying any changes that you made while in VLAN Database
configuration mode.

apply

This command is executed in VLAN Database configuration mode will apply any current VLAN
Database configuration changes youve made during your session.

exit

This command is executed in VLAN Database configuration mode and will apply changes that
youve made while in VLAN Configuration mode and exit back to privileged mode.

no vlan #

This command can be executed in VLAN Database configuration mode or VLAN configuration
mode to remove the VLAN that you specify. i.e; no vlan 20

reset

This command is executed in VLAN Database configuration mode will abandon any current
changes made while in VLAN Configuration mode and reread the current VLAN Database.

vlan #

Executed from Global Configuration mode and creates a new VLAN with the specified VLAN
number, once the VLAN is created you will be placed into vlan configuration mode.

vlan VLAN_NAME

This command is executed in VLAN Configuration mode to assign a name to the specified
VLAN number. (Note, Not VLAN Database Configuration Mode)

switchport access vlan #

This command is executed in interface configuration mode to assign a switchport to a specified


VLAN.

show vlan

This command can be executed from user or privileged mode on a Catalyst Switch (Cisco
Catalyst 2950, 3500, 3560, 3750 etc) to view the current vlan configuration.

show vlan-switch

This command can be executed in user or privileged mode on a Cisco router that has a Switch
WIC, HWIC, or Network Module such as the NM-16ESW which is included on SW1, SW2 and
SW3 in the Free CCNA Workbook GNS3 topology.

NOTE: The Lab instruction is demonstrated using a Cisco Catalyst switch, not the NM-16ESW which is used in the Free CCNA
Workbook GNS3 Topology. This lab can however be completed on the Stub Lab. If you wish to complete this lab using GNS3
than you will need to reference the commands above for the NM-16ESW.

http://www.freeccnaworkbook.com/workbooks/ccna/creating-virtual-local-area-networks-vlans/[4/12/2015 6:53:48 PM]

Creating Virtual Local Area Networks (VLANs) | Free CCNA Workbook

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; SW1.
Establish a console session with devices SW1 than configure the devices respected hostname(s).

Lab Objectives
On SW1, create 3 VLANs. VLAN 10 with the name Sales, VLAN 20 with the name Development, VLAN 30 with the name
Marketing.
Assign Port Fa0/1 to VLAN 10, assign interface Fa0/2 to VLAN 20 and assign interface Fa0/3 to VLAN 30. Afterward, verify
your configuration.

Lab Instruction
Step 1. On SW1, create 3 VLANs. VLAN 10 with the name Sales, VLAN 20 with the name Development, VLAN 30 with the name
Marketing.
To complete this objective using GNS3 you will need to navigate to VLAN Database configuration mode by using the vlan database
command in privileged mode. Once in VLAN Database configuration mode you can create the VLANs by using the vlan number
name vlan_name command.
SW1 con0 is now available

Press RETURN to get started.

SW1>enable
SW1#config terminal
Enter configuration commands, one per line.
SW1(config)#vlan 10
SW1(config-vlan)#name Sales
SW1(config-vlan)#vlan 20
SW1(config-vlan)#name Development
SW1(config-vlan)#vlan 30
SW1(config-vlan)#name Marketing
SW1(config-vlan)#end
SW1#

End with CNTL/Z.

Step 2. Assign Port Fa0/1 to VLAN 10, assign interface Fa0/2 to VLAN 20 and assign interface Fa0/3 to VLAN 30. Afterward, verify
your configuration.
To configure switchport interfaces in a specific vlan you will use the switchport access vlan # command in interface configuration
mode. To verify your vlan configuration youll use the show vlan-switch when configuring the NM16-ESW or show vlan on a Cisco
Catalyst Series switch in user or privileged mode as shown below on a Catalyst Series switch.

http://www.freeccnaworkbook.com/workbooks/ccna/creating-virtual-local-area-networks-vlans/[4/12/2015 6:53:48 PM]

Creating Virtual Local Area Networks (VLANs) | Free CCNA Workbook

SW1#configure terminal
SW1(config)#interface Fa0/1
SW1(config-if)#switchport access vlan 10
SW1(config-if)#interface Fa0/2
SW1(config-if)#switchport access vlan 20
SW1(config-if)#interface Fa0/3
SW1(config-if)#switchport access vlan 30
SW1(config-if)#end
SW#show vlan
VLAN Name
Status
Ports
---- ---------------------------- --------- ------------------------------1
default
active
Fa0/4, Fa0/5, Fa0/6, Fa0/7
Fa0/8, Fa0/9, Fa0/10, Fa0/11
Fa0/12, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24, Gi0/1, Gi0/2
10
Sales
active
Fa0/1
20
Development
active
Fa0/2
30
Marketing
active
Fa0/3
1002 fddi-default
act/unsup
1003 token-ring-default
act/unsup
1004 fddinet-default
act/unsup
1005 trnet-default
act/unsup
SW1#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

http://www.freeccnaworkbook.com/workbooks/ccna/creating-virtual-local-area-networks-vlans/[4/12/2015 6:53:48 PM]

Creating Virtual Local Area Networks (VLANs) | Free CCNA Workbook

the GNS3 platform.

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/creating-virtual-local-area-networks-vlans/[4/12/2015 6:53:48 PM]

Configuring a Management VLAN Interface | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Management VLAN Interface

When it comes to switch management, its common to use a dedicated VLAN for management purposes. This lab will
discuss and demonstrate the configuration of a Management VLAN.

Real World Application & Core Knowledge


In the switching world, a logical interface for a VLAN is called a Switched Virtual Interface. When youre configuring a switch you will
see these interfaces represented as a vlan interface. You have the ability to configure these interfaces just as you would a
FastEthernet interface. A VLAN Interface can be assigned an IP address, bridge group, interface description and even a quality of
service policy.
Having a VLAN Interface gives layer 2 devices the ability to communicate with other devices at layer 3. Multi-Layer switches use
VLAN interfaces to enable multi-layer routing functions on a single switch. Basically the switch is its own router-on-a-stick, which is
discussed in lab 4-20. In a Multi-Layer switched network, switches such as the Cisco 3550 and Cisco 3560 use VLAN interfaces as
default gateways for the PCs and other host machines on the network to communicate with other IP Networks.
For example; A Cisco 3550 has 2 VLANs, VLAN 10 and VLAN 20. Both have a VLAN interface assigned to each with an IP address
such as 192.168.10.0/24 and 192.168.20.0/24. When a PC on VLAN 10 needs to communicate to a pc on VLAN 20 it will use the
vlan interface as the default gateway and the switch will route the packet via layer3 and the switch will then switch the packet at
layer2 in the new VLAN.
Layer 2 only switches can only have a single active vlan interface at any given time. This interface is called the Management VLAN
interface. Layer 2 Cisco switches include Cisco 2900XL, 2950 and 2960.
In this lab you will familiarize yourself with VLAN interface configuration mode.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-management-vlan-interface/[4/12/2015 6:54:07 PM]

Configuring a Management VLAN Interface | Free CCNA Workbook

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1 and SW1.
Establish a console session with devices R1 and SW1 than configure the devices respected hostname(s).
For verification purposes you will need configure a VTY line password on R1 and assign the 10.1.1.1/24 host IP address to
R1s FastEthernet0/0 interface.

Lab Objectives
Create the VLAN number 10 and name it Management.
Create the VLAN 10 interface and assign it an IP address of 10.1.1.10/24
Assign the FastEthernet0/1 interface on SW1 to VLAN 10.
Assign the FastEthernet0/1 interface on SW1 to VLAN 10.
The Lab instruction is demonstrated using a Cisco Catalyst switch, not the NM-16ESW as used in GNS3.

Lab Instruction
You should be familiar with the commands required to complete the objectives of this lab from previous labs in the Free CCNA
Workbook.
Step 1. Create the VLAN number 10 and name it Management.
SW1 con0 is now available

Press RETURN to get started.

SW1>enable
SW1>configure terminal
Enter configuration commands, one per line.
SW1(config)#vlan 10
SW1(config-vlan)#name Management
SW1(config-vlan)#end
SW1#

End with CNTL/Z.

Step 2. Create the VLAN 10 interface and assign it an IP address of 10.1.1.10/24.

To complete this objective you first need to create the VLAN interface by going into global configuration and then VLAN interface
configuration mode by using the command interface vlan # Keep in mind that the VLAN interface number is proportional to the vlan
number created. So Interface Vlan10 is used for VLAN 10 whereas interface Vlan20 would be used for VLAN 20.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-management-vlan-interface/[4/12/2015 6:54:07 PM]

Configuring a Management VLAN Interface | Free CCNA Workbook

SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface vlan10
SW1(config-if)#ip address 10.1.1.10 255.255.255.0
SW1(config-if)#no shut
SW1(config-if)#
Step 3. Assign the FastEthernet0/1 interface on SW1 to VLAN 10.
SW1(config-if)#interface FastEthernet0/1
SW1(config-if)#switchport access vlan 10
SW1(config-if)#no shut
SW1(config-if)#end
SW1#
By this point you should now be able to ping R1s FastEthernet0/0 interface as shown below;
R1#ping 10.1.1.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/39/100 ms
R1#
Step 4. Verify the management VLAN configuration by using R1 to telnet the IP address of VLAN 10 on SW1.
R1#telnet 10.1.1.10
Trying 10.1.1.10 ... Open
User Access Verification
Password:
SW1>

Previous Lab

Like

13 Tweet

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-management-vlan-interface/[4/12/2015 6:54:07 PM]

Next Lab

Configuring a Management VLAN Interface | Free CCNA Workbook

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-management-vlan-interface/[4/12/2015 6:54:07 PM]

Configuring Trunk Ports using ISL or 802.1q | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Trunk Ports

Trunk interfaces are a common deployment to allow multiple switches to share traffic belonging to multiple VLANs.
This lab will discuss and demonstrate the configuration and verification of trunking using ISL and 802.1q.

Real World Application & Core Knowledge


So you have multiple VLANs on multiple switches but how do you pass traffic between those switches without plugging a cross over
cable into a port that exist in each VLAN which could be a big waste of port density? The answer is quite simple, its called a trunk
link. At first trunk links can be hard to grasp but the nature of a trunk is only to multiple vlan traffic between 2 or more switches over a
single link. This is done by the cisco proprietary Inter-Switch Link (ISL) trunk encapsulation protocol or the IEEE Standard 802.1q
(dot1q) trunk encapsulation protocol.
As a CCNA you will be required to understand the operation of both trunk encapsulation protocols and how to configure, verify and
troubleshoot trunks links using either ISL or Dot1q.
Inter-Switch Link (ISL) as previously stated is a Cisco proprietary trunk protocol which encapsulates the entire frame into a 26 byte
header and 4 byte Frame Check Sequence (FCS) that prepends and transports the 10 bit VLAN ID across a trunk link to ensure
traffic from SW1 VLAN 10 stays in VLAN 10 when arriving at SW2.
IEEE Standard 802.1q (Dot1q) however DOES NOT encapsulate the entire Ethernet frame but rather injects a 32bit field into the
Ethernet frame between the MAC address and the EtherType/Length fields of the original frame.
The 32 bits in the dot1q field are broken into 4 specific sections. the first 16 bits being the TPID, the next 3 being the PCP, followed
by the CFI and lastly the VID.
The Tag Protocol Identifier (TPID) is a 16-bit field. It is set to a value of 0x8100 in order to identify the frame as an IEEE 802.1Qtagged frame.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-trunk-ports-using-isl-or-802-1q/[4/12/2015 6:54:29 PM]

Configuring Trunk Ports using ISL or 802.1q | Free CCNA Workbook

The Priority Code Point (PCP) is a 3 bit field that refers to the IEEE 802.1p priority. The field indicates the frame priority level which
can be used for the prioritization of traffic. The field can represent 8 values (0 through 7).
The Canonical Format Indicator (CFI) is a 1 bit value; on or off that determines rather or not the MAC address is is in noncanonical
format.
The VLAN Identifier (VID) is a 12-bit field. It uniquely identifies the VLAN to which the frame belongs. The field can have a value
between 0 and 4095.
It is by Ciscos recommendation that all deployments use the IEEE 802.1q standard as this is inter-vendor operable whereas Cisco
ISL is specific to only Cisco switches.
In this lab you will familiarize yourself with the following commands;

Command

Description

switchport mode trunk

This command when executed in interface configuration mode on a switch port will
configure the switchport as a trunk port which carries all VLAN traffic.

switchport trunk encapsulation isl

This command is executed in interface configuration mode to specify that the trunk will
use the Cisco Inter-Switch Link (ISL) encapsulation protocol.

switchport trunk encapsulation dot1q

This command is executed in interface configuration mode to specify that the trunk will
use the IEEE 802.1q standard encapsulation protocol.

show interface trunk

This command is executed in privileged mode to show which interfaces are currently
trunking and which trunking protocol is used.

show interface interfacename#/#


switchport

This command when executed in privileged mode will show information relating to the
specified interface such as the interface operational mode (trunk or access), native
vlan, trunking VLANs permitted on the trunk link and more.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; SW1, SW2, R1 and R2.
Establish a console session with devices SW1, SW2, R1 and R2 than configure the devices respected hostname(s).
Configure R1s FastEthernet0/0 interface with the IP Address 10.1.1.1/24 and R2s FastEthernet0/1 interface with the IP
address of 10.1.1.2/24
Create VLAN 10 as a layer 2 VLAN on SW1 and SW2. (Layer 2 VLANs do not have Layer 3 VLAN interfaces representing the
VLAN; ie, no interface Vlan10.)
Configure SW1s FastEthernet0/1 and SW2s FastEthernet0/2 interfaces as static access interfaces for VLAN 10.

Lab Objectives
Shutdown interfaces FastEthernet0/11 and FastEthernet0/12 on both SW1 and SW2 and configure an IEEE 802.1q trunk on

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-trunk-ports-using-isl-or-802-1q/[4/12/2015 6:54:29 PM]

Configuring Trunk Ports using ISL or 802.1q | Free CCNA Workbook

interface FastEthernet0/10 of both SW1 and SW2.


Verify your trunk link configuration by using the show interface interfacename#/# trunk command.
Verify that R1 has IP reachability to R2 by using ping command on R1.
Change SW1s FastEthernet0/2 interface to be placed into VLAN 5 and verify your verify IP reachability between R1 and R2
again.
The Lab instruction for this lab is demonstrated using a Cisco Catalyst 3560 Series Switch, not the NM-16ESW.. Also note that
the NM-16ESW does not support ISL trunk encapsulation which will be demonstrated in the lab instruction.

Lab Instruction
Step 1. Shutdown interfaces FastEthernet0/11 and FastEthernet0/12 on both SW1 and SW2 and configure an IEEE 802.1q trunk
on interface FastEthernet0/10 of both SW1 and SW2.
To configure an interface as a static trunk youll first need to configure the encapsulation type first as an interface whose trunk
encapsulation is Auto can not be configured to trunk mode.
SW1 con0 is now available

Press RETURN to get started.

SW1>enable
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config-if)#interface range Fa0/11 - 12
SW1(config-if-range)#shutdown
SW1(config-if-range)#interface fa0/10
SW1(config-if)#switchport trunk encapsulation dot1q
SW1(config-if)#switchport mode trunk
SW1(config-if)#no shut
SW1(config-if)#end
SW1#
And now the same configuration on SW2;
SW2 con0 is now available

Press RETURN to get started.

SW2>enable
SW2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config-if)#interface range Fa0/11 - 02
SW2(config-if-range)#shutdown
SW2(config-if-range)#interface fa0/10
SW2(config-if)#switchport trunk encapsulation dot1q
SW2(config-if)#switchport mode trunk
SW2(config-if)#no shut
SW2(config-if)#end
SW2#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-trunk-ports-using-isl-or-802-1q/[4/12/2015 6:54:29 PM]

Configuring Trunk Ports using ISL or 802.1q | Free CCNA Workbook

Step 2 . Verify your trunk link configuration by using the show interface FastEthernet0/10 trunk command as shown below on both
SW1 and SW2;
SW1#show interface FastEthernet0/10 trunk
Port
Fa0/10

Mode
on

Encapsulation
802.1q

Status
trunking

Native vlan
1

Port
Fa0/10

Vlans allowed on trunk


1-4094

Port
Fa0/10

Vlans allowed and active in management domain


1,10

Port
Fa0/10
SW1#

Vlans in spanning tree forwarding state and not pruned


1

SW2#show interface FastEthernet0/10 trunk


Port
Fa0/10

Mode
on

Encapsulation
802.1q

Status
trunking

Native vlan
1

Port
Fa0/10

Vlans allowed on trunk


1-4094

Port
Fa0/10

Vlans allowed and active in management domain


1,10

Port
Fa0/10
SW2#

Vlans in spanning tree forwarding state and not pruned


1

Step 3. Verify that R1 has IP reachability to R2 by using ping command on R1.


Now that you have a trunk link between SW1 and SW2, traffic generated on SW1 in VLAN 10 should be able to propagate to VLAN
10 on SW2. To test this, ping R2s FastEthernet 0/1 interface (IP Address 10.1.1.2) From R1 as shown below;
R1#ping 10.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 4/29/60 ms
R1#
When you ping R2s FastEthernet0/1 interface IP address from R1, the router knows that the destination IP address is on the same
local subnet therefore it ARPs for the MAC address of host 10.1.1.2, This ARP request is received on SW1 and forwarded to SW2
and onto R2 which responds Hey Im 10.1.1.2, my MAC address is ABCD.EF12.3456. Now that R1 knows the MAC address for
10.1.1.2 it then fowards the ICMP packet towards SW1 with the correct destination MAC address. Initially SW1 will not know the
location of that MAC address because the machine is not local to that switch so therefore it will forward the frame out interfaces
within that VLAN except the interface that the frame was received on. When the frame is received by SW2 it then is switched out the
correct port as the MAC exists already in its MAC address table. When R2 responds to the ICMP packet it will then go the opposite
way towards SW1. After SW1 receives a response from R2 destined to R1 seeing a NEW source MAC address that SW1 has not
learned it will then install the MAC address into the CAM Table (Mac Address Table) for future use.
Step 4. Change SW1s FastEthernet0/2 interface to be placed into VLAN 5 and verify your verify IP reachability between R1 and R2
again.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-trunk-ports-using-isl-or-802-1q/[4/12/2015 6:54:29 PM]

Configuring Trunk Ports using ISL or 802.1q | Free CCNA Workbook

You can also test this further by placing SW2s interface that is connected to R2 in a different vlan and attempt to ping R2 from R1
and no doubly it will fail as shown below;
SW2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#interface FastEthernet0/2
SW2(config-if)#switchport access vlan 5
% Access VLAN does not exist. Creating vlan 5
SW2(config-if)#end
SW2#

R1#ping 10.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R1#
As demonstrated in this lab you can use trunk links to pass traffic in multiple VLANs between multiple switches using a single link.
Due to the NM-16ESW and Cisco 2950 not supporting the ISL trunk encapsulation, a configuration example is given below. Note that
the only configuration difference between Dot1q and ISL is the switchport trunk encapsulation isl | dot1q command option.
c3560-Switch1>enable
c3560-Switch1#configure terminal
c3560-Switch1(config)#interface fa0/10
c3560-Switch1(config-if)#switchport trunk encap isl
c3560-Switch1(config-if)#switchport mode trunk
c3560-Switch1(config-if)#end
c3560-Switch1#sh int fa0/10 trunk
Port
Fa0/10

Mode
on

Encapsulation
isl

Status
trunking

Port
Fa0/10

Vlans allowed on trunk


none

Port
Fa0/10

Vlans allowed and active in management domain


none

Native vlan
1

Port
Vlans in spanning tree forwarding state and not pruned
Fa0/10
none
c3560-Switch1#

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-trunk-ports-using-isl-or-802-1q/[4/12/2015 6:54:29 PM]

Next Lab

Configuring Trunk Ports using ISL or 802.1q | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-trunk-ports-using-isl-or-802-1q/[4/12/2015 6:54:29 PM]

Configuring An EtherChannel Link | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring an EtherChannel

Etherchannels are used to build redundant links and bundle multiple links to increase aggregate bandwidth. This lab
will discuss and demonstrate the configuration and verification of static etherchannel links.

Real World Application & Core Knowledge


Ether-Channel is an extremely common technology used in the real world to provide redundancy and port aggregation. For example
you have 2 NICs in a Server and you want to configure them to work simultaneously with each other. Ether-Channel technology
gives you the ability to bundle multiple physical links into a single logical link.
There are 3 types of EtherChannels. The first one which is the most common for port density aggregation from switch to switch is
called called an unconditional or static EtherChannel. From a technical perspective; the mode is on. This is the type of
EtherChannel that this lab will concentrate on however the other two types of EtherChannel technologies are Link Aggregation
Control Protocol (LACP) and Port Aggregation Protocol (PAgP).
LACP is the IEEE Standard and is the most common dynamic ether-channel protocol, whereas PAgP is a Cisco proprietary protocol
and works only between supported vendors and Cisco devices.
Note that Ether-channel technology is general allows for multi-link aggregation, redundancy and load balancing. LACP and PAgP are
dynamic ether-channel protocols that allows for dynamic creation of an EtherChannel. LACP, PAgP and Static EtherChannels are
not compatible with one another. LACP and PAgP will be discussed in the new two labs.
Keep in mind when using LACP and/or PAgP, the devices use more resources to dynamically create a channel such as processing
the aggregation protocol frames and actually creating the channel itself, however when using a static EtherChannel, this downfall
does NOT exist.
Another great example of an ether-channel is two switches inter-connected with two or more links. Due to spanning-tree operations

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-etherchannel-link/[4/12/2015 6:54:47 PM]

Configuring An EtherChannel Link | Free CCNA Workbook

(which will be discussed in another lab); only one of the links will be fowarding at any given time to prevent layer two loops known as
broadcast storms. If you have two or more links in an ether-channel, the multiple links appear as a single logical link and is utilized as
such by the device which includes spanning-tree and therefore the single logical link will forward traffic. Keep in mind if you have two
ether-channels with two links between two of the same switches, one logical link (the ether-channel) will be blocked by Spanning tree
to prevent broadcast storms.
EtherChannel load balancing can be based several configurable options which include destination ip, destination mac address,
source XOR destination IP address, source XOR destination mac address, source ip address or source mac address.
In this lab you will familiarize yourself with the following commands;

Command

Description

channel-group # mode on

This command when execute in interface configuration mode assigns that particular interface to
a channel group number specified and sets the EtherChannel mode to unconditional as stated
by the on

show etherchannel summary

This command when executed from user or privileged mode will display a summary of local
EtherChannel(s) properties such as the channel-group number, ports in the channel group, and
the role the ports the play.

show etherchannel detail

This command when executed from user or privileged mode will display detailed information
relating to the EtherChannel(s) local to the device.

show etherchannel portchannel

This command when executed from user or privileged mode will display the EtherChannels
logical port-channel group interface properties. This will be discussed in more detail in Lab 4-6.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices;R1, R2, SW1 and SW2.
Establish a console session with devices R1, R2, SW1 and SW2 than configure the devices respected hostname(s).
Configure R1s FastEthernet0/0 interface with the IP Address 10.1.1.1/24 and R2s FastEthernet0/1 interface with the IP
address of 10.1.1.2/24
Create VLAN 10 as a layer 2 VLAN on both SW1 and SW2. (Layer 2 VLANs do not have Layer 3 VLAN interfaces
representing the VLAN; ie, no interface Vlan10.)
Place both SW1s FastEthernet0/1 and SW2s FastEthernet0/2 interfaces into VLAN 10.
Configure Interfaces Fa0/10, Fa0/11 and Fa0/12 on SW1 and SW2 to trunk.
Review Lab 4-4 Configuring Trunk Ports using ISL or 802.1q for more information relating to trunk configuration.

Lab Objectives
Configure Interfaces FastEthernet0/10, FastEthernet0/11 and FastEthernet0/12 on both SW and SW2 as an unconditional
EtherChannel.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-etherchannel-link/[4/12/2015 6:54:47 PM]

Configuring An EtherChannel Link | Free CCNA Workbook

Verify that all three interfaces are indeed participating in the EtherChannel by using the show etherchannel summary
command.
Determine what type of load balancing is used on the EtherChannel 1 by using the show etherchannel load-balance
Verify the operation of the EtherChannel trunk link by verifying ip communication between R1 and R2 using the ping
command.

Lab Instruction
Step 1 Configure Interfaces FastEthernet0/10, FastEthernet0/11 and FastEthernet0/12 on both SW and SW2 as an unconditional
EtherChannel.
This is done by using the channel-group # mode on command in interface or interface range configuration mode as shown below;
SW1 con0 is now available

Press RETURN to get started.

SW1>enable
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface range fa0/10 - 12
SW1(config-if-range)#no shut
SW1(config-if-range)#channel-group 1 mode on
Creating a port-channel interface Port-channel1
SW1(config-if-range)#
%EC-5-BUNDLE: Interface Fa0/10 joined port-channel Po1
%EC-5-BUNDLE: Interface Fa0/11 joined port-channel Po1
%EC-5-BUNDLE: Interface Fa0/12 joined port-channel Po1
%LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changed
state to up
SW1(config-if-range)#end
SW1#

SW2 con0 is now available

Press RETURN to get started.

SW2>enable
SW2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#interface range fa0/10 - 12
SW2(config-if-range)#no shut
SW2(config-if-range)#channel-group 1 mode on
Creating a port-channel interface Port-channel1
SW2(config-if-range)#
%EC-5-BUNDLE: Interface Fa0/10 joined port-channel Po1
%EC-5-BUNDLE: Interface Fa0/11 joined port-channel Po1
%EC-5-BUNDLE: Interface Fa0/12 joined port-channel Po1
%LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changed
state to up
SW2(config-if-range)#end
SW2#
Step 2. Verify that all three interfaces indeed participate in the EtherChannel by using the show etherchannel summary command.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-etherchannel-link/[4/12/2015 6:54:47 PM]

Configuring An EtherChannel Link | Free CCNA Workbook

SW1#show etherchannel summary


Flags: D - down
P - in port-channel
I - stand-alone s - suspended
R - Layer3
S - Layer2
U - in use
Group Port-channel Ports
-----+------------+--------------------------------------------1
Po1(SU)
Fa0/10(P) Fa0/11(P) Fa0/12(P)
SW1#

SW2#show etherchannel summary


Flags: D - down
P - in port-channel
I - stand-alone s - suspended
R - Layer3
S - Layer2
U - in use
Group Port-channel Ports
-----+------------+--------------------------------------------1
Po1(SU)
Fa0/10(P) Fa0/11(P) Fa0/12(P)
SW2#
Step 3. Determine what type of load balancing is used on the EtherChannel 1 by using the show etherchannel load-balance as
shown below;
SW1#show etherchannel load-balance
EtherChannel Load-Balancing Configuration:
src-mac
EtherChannel Load-Balancing Addresses Used Per-Protocol:
Non-IP: Source MAC address
IPv4: Source MAC address
IPv6: Source MAC address
SW1#
Step 4. Verify the operation of the EtherChannel trunk link by verifying ip communication between R1 and R2 using the ping
command.
You must complete the pre-requisites before this verification can be successful. Once completely correctly R1 should Ping R2 by
traversing the EtherChannel.
R1#ping 10.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 4/23/52 ms
R1#
If you want to perform additional verification you can shutdown interfaces Fa0/11 and Fa0/12 on SW1 and ensure that the R1 still has
IP connectivity to R2 as shown below;
SW1#config terminal
SW1#interface range f0/11 - 12
SW1#shutdown
SW1#end
SW1#
Configured from console by console
SW1#
%LINK-5-CHANGED: Interface FastEthernet0/11, changed state to
administratively down
%LINK-5-CHANGED: Interface FastEthernet0/12, changed state to
administratively down

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-etherchannel-link/[4/12/2015 6:54:47 PM]

Configuring An EtherChannel Link | Free CCNA Workbook

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed


state to down
SW1#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed
state to down
SW1#
After shutting down two of the three interfaces in the etherchannel youll still have ip communication between R1 and R2 as shown
below;
R1#ping 10.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
R1#

Previous Lab

Like

Next Lab

139 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-etherchannel-link/[4/12/2015 6:54:47 PM]

Configuring An EtherChannel Link | Free CCNA Workbook

Quiz Me! - CCNA R&S Practice


Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-etherchannel-link/[4/12/2015 6:54:47 PM]

Configuring EtherChannel Utilizing PAgP | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring a PAgP EtherChannel

PAgP was the precursor to LACP, developed by Cisco for link aggregation between network nodes to form redundant
resiliant links. This lab will discuss and demonstrate the configuration and verification of PaGP EtherChannel.

Real World Application & Core Knowledge


In the world of EtherChannel technology there are two types of dynamic channel-group protocols, Port Aggregation Protocol (PAgP)
which is a Cisco Proprietary protocol and Link Aggregation Control Protocol (LACP) which is the IEEE standard.
PAgP uses two types of port modes; auto and desirable. PAgP mode desirable attempts to initiate a PAgP dynamic ether-channel
whereas auto does not but accepts PAgP initiation attempts from a device set to desirable.
In this lab you will familiarize yourself with the following commands;

Command

Description

channel-group # mode
desirable

This command when executed in interface configuration mode sets the channel-group number
and PAgP mode to aggressively attempt to form a PAgP EtherChannel. If negotiations fail, the
EtherChannel will not pass traffic.

channel-group # mode auto

This command when executed in interface configuration mode sets the channel-group number
and PAgP mode to listen for PAgP packets but not aggressively negotiate a PAgP
EtherChannel.

show etherchannel summary

This command when executed from user or privileged mode will display a summary of local
EtherChannel(s) properties such as the channel-group number, ports in the channel group, and
the role the ports the play.

show etherchannel detail

This command when executed from user or privileged mode will display detailed information
relating to the EtherChannel(s) local to the device.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-etherchannel-utilizing-pagp/[4/12/2015 6:55:09 PM]

Configuring EtherChannel Utilizing PAgP | Free CCNA Workbook

Lab Prerequisites
Establish a console session with devices R1, R2, SW1 and SW2 than configure the devices respected hostname(s).
Configure interfaces Fa0/10, Fa0/11 and Fa0/12 on both SW1 and SW2 as dot1q trunks.
Configure VLAN 10 on both SW1 and SW2 and assign R1 and R2s switch ports to VLAN 10.
Assign the IP address 10.1.1.1/24 to R1s FastEthernet0/0 interface and 10.1.1.2/24 to R2s FastEthernet0/1 interface.

Lab Objectives
Configure SW1s Fa0/10, Fa0/11 and Fa0/12 interfaces to aggressively attempt to form a PAgP EtherChannel.
Configure SW2s Fa0/10, Fa0/11 and Fa0/12 interfaces to form a PAgP EtherChannel when a device attempts to negotiate a
PAgP EtherChannel only.
Verify that interfaces Fa0/10, Fa0/11 and Fa0/12 on SW1 formed a PAgP EtherChannel correctly.
Ping R2s FastEthernet0/0 interface from R1 to verify communications between the switches.
The NM-16ESW used in the Free CCNA Workbook GNS3 Topology for SW1, SW2 and SW3 does not support the EtherChannel Port Aggregation Protocol (PAgP). This Lab instructional section is demonstrated using two Cisco Catalyst 3560 Series
switches.

Lab Instruction
Step 1 . Configure SW1s Fa0/10, Fa0/11 and Fa0/12 interfaces to aggressively attempt to form a PAgP EtherChannel.
For this youll use the channel-group # mode desirable command in interface or interface range configuration mode as shown below;
SW1 con0 is now available

Press RETURN to get started.

SW1>enable
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface range f0/10 - 12
SW1(config-if-range)#channel-group 1 mode desirable
Creating a port-channel interface Port-channel 1
SW1(config-if-range)#no shut
SW1(config-if-range)#end
SW1#
Step 2. Configure SW2s Fa0/10, Fa0/11 and Fa0/12 interfaces to form a PAgP EtherChannel when a device attempts to negotiate
a PAgP EtherChannel only.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-etherchannel-utilizing-pagp/[4/12/2015 6:55:09 PM]

Configuring EtherChannel Utilizing PAgP | Free CCNA Workbook

For this youll use the channel-group # mode auto command in interface or interface range configuration mode as shown below;
SW2 con0 is now available

Press RETURN to get started.

SW2>enable
SW2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#interface range f0/10 - 12
SW2(config-if-range)#channel-group 1 mode auto
Creating a port-channel interface Port-channel 1
SW2(config-if-range)#no shut
SW2(config-if-range)#end
SW2#

Step 3. Verify that interfaces Fa0/10, Fa0/11 and Fa0/12 on SW1 formed a PAgP EtherChannel correctly.
To verify your configuration you can use either the show etherchannel summary or show etherchannel detail command in user or
privileged mode as shown below;
SW1#show etherchannel summary
Flags: D - down
P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3
S - Layer2
U - in use
f - failed to allocate aggregator
M
u
w
d

not in use, minimum links not met


unsuitable for bundling
waiting to be aggregated
default port

Number of channel-groups in use: 1


Number of aggregators:
1
Group Port-channel Protocol
Ports
------+-------------+-----------+----------------------------------------------1
Po1(SU)
PAgP
Fa0/10(P)
Fa0/11(P)
Fa0/12(P)
SW1#
Step 4. Ping R2s FastEthernet0/0 interface from R1 to verify communications between the switches as shown below;
R1#ping 10.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/2/4 ms
R1#

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-etherchannel-utilizing-pagp/[4/12/2015 6:55:09 PM]

Next Lab

Configuring EtherChannel Utilizing PAgP | Free CCNA Workbook

Like

128 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-etherchannel-utilizing-pagp/[4/12/2015 6:55:09 PM]

Configuring EtherChannel Utilizing LACP | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring an LACP EtherChannel

The industry standard LACP is used for link aggregation between multiple network nodes to ensure redundancy and
availiability. This lab will discuss and demonstrate the configuration and verification of LACP EtherChannel.

Real World Application & Core Knowledge


In the world of EtherChannel technology there are two types of dynamic channel-group protocols, Port Aggregation Protocol (PAgP)
which is a Cisco Proprietary protocol and Link Aggregation Control Protocol (LACP) which is the IEEE standard.
LACP uses two types of port modes; active and passive. LACP active mode unconditionally forms a LACP dynamic ether-channel
whereas passive will only accept LACP negotiation attempts from a device set to active.
LACP is commonly used for Server NIC teaming with Broadcom or Intel NICs that support 802.3ad (LACP). This ensure that the
server has two connections to a switch rather it is a stacked switch for redundancy or a blade chassis whereas the links are on
different blades. If one nic goes down, connectivity to the server is not lost.
In this lab you will familiarize yourself with the following commands;

Command

Description

channel-group # mode active

This command when executed in interface configuration mode sets the channel-group number
and LACP mode to aggressively attempt to form a LACP EtherChannel. If negotiations fail, the
EtherChannel will not pass traffic.

channel-group # mode
passive

This command when executed in interface configuration mode sets the channel-group number
and LACP mode to listen for LACP packets but not aggressively and unconditionally form an
EtherChannel using LACP.

show etherchannel summary

This command when executed from user or privileged mode will display a summary of local

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-etherchannel-utilizing-lacp/[4/12/2015 6:55:28 PM]

Configuring EtherChannel Utilizing LACP | Free CCNA Workbook

EtherChannel(s) properties such as the channel-group number, ports in the channel group, and
the role the ports the play.
show etherchannel detail

This command when executed from user or privileged mode will display detailed information
relating to the EtherChannel(s) local to the device.

Lab Prerequisites
Establish a console session with devices R1, R2, SW1 and SW2 than configure the devices respected hostname(s).
Configure VLAN 10 on both SW1 and SW2 and assign R1 and R2s switch ports to VLAN 10.
Assign the IP address 10.1.1.1/24 to R1s FastEthernet0/0 interface and 10.1.1.2/24 to R2s FastEthernet0/1 interface.

Lab Objectives
Configure SW1s Fa0/10, Fa0/11 and Fa0/12 interfaces to aggressively attempt to form a LACP EtherChannel.
Configure SW2s Fa0/10, Fa0/11 and Fa0/12 interfaces to form a PAgP EtherChannel only when a device attempts to
negotiate a LACP EtherChannel only.
Verify that interfaces Fa0/10, Fa0/11 and Fa0/12 on SW1 formed a LACP EtherChannel correctly.
Verify IP communication over the newly formed LACP Ether-Channel by pinging R2s Fa0/1 IP Address from R1.

The NM-16ESW used in the Free CCNA Workbook GNS3 Topology for SW1, SW2 and SW3 does not support the EtherChannel Link Aggregation Control Protocol (LACP). This Lab instructional section is demonstrated using two Cisco Catalyst
3560 Series switches.

Lab Instruction
Step 1 . Configure SW1s Fa0/10, Fa0/11 and Fa0/12 interfaces to aggressively attempt to form a LACP EtherChannel.
For this youll use the channel-group # mode active command in interface or interface range configuration mode as shown below;
SW1 con0 is now available

Press RETURN to get started.

SW1>enable
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface range f0/10 - 12
SW1(config-if-range)#no shut
SW1(config-if-range)#channel-group 1 mode active

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-etherchannel-utilizing-lacp/[4/12/2015 6:55:28 PM]

Configuring EtherChannel Utilizing LACP | Free CCNA Workbook

Creating a port-channel interface Port-channel 1


SW1(config-if-range)#end
SW1#

Step 2. Configure SW2s Fa0/10, Fa0/11 and Fa0/12 interfaces to form a PAgP EtherChannel only when a device attempts to
negotiate a LACP EtherChannel only.
For this youll use the channel-group # mode passive command in interface or interface range configuration mode as shown below;
SW2 con0 is now available

Press RETURN to get started.

SW2>enable
SW2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#interface range f0/10 - 12
SW2(config-if-range)#no shut
SW2(config-if-range)#channel-group 1 mode passive
Creating a port-channel interface Port-channel 1
SW2(config-if-range)#end
SW2#
Step 3. Verify that interfaces Fa0/10, Fa0/11 and Fa0/12 on SW1 formed a LACP EtherChannel correctly.
To verify the EtherChannel LACP configuration you can use either the show etherchannel summary or show etherchannel detail
command in user or privileged mode as shown below;
SW1#show etherchannel summary
Flags: D - down
P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3
S - Layer2
U - in use
f - failed to allocate aggregator
M
u
w
d

not in use, minimum links not met


unsuitable for bundling
waiting to be aggregated
default port

Number of channel-groups in use: 1


Number of aggregators:
1
Group Port-channel Protocol
Ports
------+-------------+-----------+----------------------------1
Po1(SU)
LACP
Fa0/10(P)
Fa0/11(P)
Fa0/12(P)
SW1#
Step 4. Verify IP communication over the newly formed LACP Ether-Channel by pinging R2s Fa0/1 IP Address from R1 as shown
below;
R1#ping 10.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/2/4 ms
R1#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-etherchannel-utilizing-lacp/[4/12/2015 6:55:28 PM]

Configuring EtherChannel Utilizing LACP | Free CCNA Workbook

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-etherchannel-utilizing-lacp/[4/12/2015 6:55:28 PM]

Configuring a Port Channel Interface | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring a Port Channel Interface

Port-Channel interfaces are logical interfaces assigned to EtherChannel bundles. This lab will discuss and
demonstrate the configuration and verification of Port-Channel interfaces.

Real World Application & Core Knowledge


If you completely the previous three labs then you should be quite familiar with EtherChannel technology by now. As stated in the
previous labs that when you bundle multiple links into an etherchannel they are represented by a single logical link, or you can say a
single logical interface which is known as a port-channel interface.
Port-Channel interfaces are classified as virtual links which will represent the path that traffic traverses when going through an
etherchannel bundle towards a specific destination.
Any commands issued in Port-Channel configuration mode apply to all links in the channel-group.
In this lab you will familiarize yourself with the following commands;

Command

Description

interface port-channel #

When executing this command in global configuration mode you will be placed in Port-Channel
interface configuration mode which configures all bundled links in the specific Ether-Chanel
group number simultaneously.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; SW1 and SW2.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-port-channel-interface/[4/12/2015 6:55:47 PM]

Configuring a Port Channel Interface | Free CCNA Workbook

Establish a console session with devices SW1 and SW2 than configure the devices respected hostname(s).
Configure interfaces Fa0/10, Fa0/11 and Fa0/12 on both SW1 and SW2 as an unconditional EtherChannel using channelgroup number 1.

Lab Objectives
Configure interface Port-Channel1 on both SW1 and SW1 to trunk then verify that the changes youve made on the PortChannel interface have propagated to the bundled links; Fa0/10, Fa0/11 and Fa0/12.
Shutdown interface Port-Channel1 and verify that the command issued in Port-Channel1 interface configuration mode is
executed on the channel-group bundled links.

Lab Instruction
Step 1. Configure interface Port-Channel1 on both SW1 and SW1 to trunk then verify that the changes youve made on the PortChannel interface have propagated to the bundled links; Fa0/10, Fa0/11 and Fa0/12.
Navigate to the Port-Channel1 interface and configure the interface to trunk; afterward verify that the configuration has propagated to
the bundled interfaces as shown below;
SW1 con0 is now available

Press RETURN to get started.

SW1>enable
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface port-channel 1
SW1(config-if)#switchport mode trunk
%EC-5-UNBUNDLE: Interface Fa0/10 left the port-channel Po1
%EC-5-UNBUNDLE: Interface Fa0/11 left the port-channel Po1
%EC-5-UNBUNDLE: Interface Fa0/12 left the port-channel Po1
%EC-5-BUNDLE: Interface Fa0/12 joined port-channel Po1
%EC-5-BUNDLE: Interface Fa0/11 joined port-channel Po1
%EC-5-BUNDLE: Interface Fa0/10 joined port-channel Po1
%DTP-5-TRUNKPORTON: Port Fa0/10-12 has become dot1q trunk
%LINK-3-UPDOWN: Interface Port-channel1, changed state to up
SW1(config-if)#end
SW1#show run
!
interface FastEthernet0/10
switchport mode trunk
channel-group 1 mode on
!
interface FastEthernet0/11
switchport mode trunk
channel-group 1 mode on
!
interface FastEthernet0/12
switchport mode trunk
channel-group 1 mode on
!
SW1#
As shown above when the trunk was configured on the Port-Channel 1 interface, all interface members of the channel-group were

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-port-channel-interface/[4/12/2015 6:55:47 PM]

Configuring a Port Channel Interface | Free CCNA Workbook

removed from the group, configuration applied then re-added to the channel-group.

Step 2. Shutdown interface Port-Channel1 and verify that the command issued in Port-Channel1 interface configuration mode is
executed on the channel-group bundled links as shown below;
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface port-channel 1
SW1(config-if)#shutdown
%EC-5-UNBUNDLE: Interface Fa0/10 left the port-channel Po1
%EC-5-UNBUNDLE: Interface Fa0/11 left the port-channel Po1
%EC-5-UNBUNDLE: Interface Fa0/12 left the port-channel Po1
%DTP-5-NONTRUNKPORTON: Port Fa0/10-12 has become non-trunk
SW1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Port-channel1, changed state to down
%LINK-5-CHANGED: Interface FastEthernet0/10, changed state to administratively down
%LINK-5-CHANGED: Interface FastEthernet0/11, changed state to administratively down
%LINK-5-CHANGED: Interface FastEthernet0/12, changed state to administratively down
SW1(config-if)#
%LINK-5-CHANGED: Interface Port-channel1, changed state to administratively down
SW1(config-if)#do show run
!
interface FastEthernet0/10
switchport mode trunk
shutdown
channel-group 1 mode on
!
interface FastEthernet0/11
switchport mode trunk
shutdown
channel-group 1 mode on
!
interface FastEthernet0/12
switchport mode trunk
shutdown
channel-group 1 mode on
!
SW1#

Previous Lab

Like

Tweet

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-port-channel-interface/[4/12/2015 6:55:47 PM]

Next Lab

Configuring a Port Channel Interface | Free CCNA Workbook

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-port-channel-interface/[4/12/2015 6:55:47 PM]

Configuring a Static ARP Entry | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring a Static ARP Entry

Static ARP entries are commonly used to administratively define Layer 3 to Layer 2 mappings. This lab will discuss
and demonstrate the configuration and verification of static ARP entries.

Real World Application & Core Knowledge


In order to ensure layer three to layer two communication, a switch or router needs to have an ARP table, this table is a local table
that contains ip addresses and their matching associated MAC addresses.
Lets say for example R1 needs to communicate with R2. R1 will first send an ARP request thus requesting the MAC address of R2s
IP address (10.1.1.2/24) and once it receives a reply the information will be placed into R1s ARP table. Now R1 knows the
destination MAC address to use in the frame(s) when sending traffic destined to 10.1.1.2
R1 sends a packet with the destination IP and MAC address of R2, when the local switch receives the frame, it looks at the
destination MAC address and looks up the MAC address in the cam table (also known as mac-address table). When it finds the
matching MAC address and associated switch port and then forwards the frame out the correct port to get to the destination MAC
address.
However, sometimes ARP is not always reliable and in some special scenarios routers and/or switches cannot learn the MAC
address of a directly or indirectly connected host. Such as a virtual machine or a host that does not reply to ARP request for
whatever reason. In this case a static ARP entry is necessary to ensure efficient layer two communications.
Due to basic switch operation, if a frame destined to a MAC address that does not appear in the MAC address table on the switch,
the switch will then forward the frame out all interfaces in the layer two domain (VLAN) except the port in which the frame was
received on. This results in higher resource utilization and a non-optimal switching topology.
In this lab you will familiarize yourself with the following commands;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-static-arp-entry/[4/12/2015 6:56:06 PM]

Configuring a Static ARP Entry | Free CCNA Workbook

Command

Description

arp ip.ip.ip.ip 0123.4567.89ab


arpa

This command when executed in global configuration mode injects a static ARP entry into the
ARP/MAC Address table.

show arp

This command can be executed in user or privileged mode to view the current ARP table on a
Cisco device.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1.
Establish a console session with devices R1 than configure the devices respected hostname(s).

Lab Objectives
Configure a static ARP entry on R1 with the IP address 10.1.1.25 and the mac address 00ac.a1f3.01ab
Verify the ARP entry is correct by using the command show arp

Lab Instruction
Step 1. Configure a static ARP entry on R1 with the IP address 10.1.1.25 and the mac address 00ac.a1f3.01ab

When configuring a static ARP entry you use the command arp x.x.x.x 0000.0000.000 arpa command in global configuration as
shown below;
R1 con0 is now available

Press RETURN to get started.

R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#arp 10.1.1.25 00ac.a1f3.01ab arpa
R1(config)#end
R1#
ARPA stands for Advanced Research Projects Agency for those who are curious as to what arpa stands for at the end of the static
ARP statement. ARPA developed the Ethernet II frame which is currently used by the Internet Protocol.
Step 2. Verify the ARP entry is correct by using the command show arp as shown below;
R1#show arp
Protocol Address

Age (min)

Hardware Addr

Type

Interface

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-static-arp-entry/[4/12/2015 6:56:06 PM]

Configuring a Static ARP Entry | Free CCNA Workbook

Internet
Internet
R1#

10.1.1.1
10.1.1.25

ca00.0d78.0008
00ac.a1f3.01ab

ARPA
ARPA

FastEthernet0/0

Now when R1 sends traffic destined to 10.1.1.25 it will use the MAC address of 00ac.a1f3.01ab regardless. Even if it R1 receives
ARP responses for 10.1.1.25 with a different MAC address. Static ARP entries are more preferred as they are administratively
added.

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-static-arp-entry/[4/12/2015 6:56:06 PM]

Configuring a Static ARP Entry | Free CCNA Workbook


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-static-arp-entry/[4/12/2015 6:56:06 PM]

Configuring VLAN Trunking Protocol (VTP) | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Cisco VTP

Virtual Trunking Protocol, known as VTP is used to share VLAN information from a server switch to multiple client
switches. This makes VLAN management easier across multiple switches. This lab will discuss and demonstrate the
configuration and verification of VTP.

Real World Application & Core Knowledge


One of the biggest hurdles traditionally with maintaining VLANs across multiple switches is the fact that youd have to add/remove
and manage VLANs on each switch independently. VLAN Trunking Protocol, also known as VTP is a technology that allows for the
propagation of VLANs from a single switch to multiple switches in a Server-Client fashion. In this lab youll dive into configuring VTP
Server and VTP Client mode to propagate VLANs from a single switch to multiple switches.
In the world of VTP, the VTP Server is the centralized point of management in the network for VLAN propagation. Whenever you
create a new VLAN on the VTP Server, this VLAN will automatically be propagated to the switches in the same VTP Domain. Think
of a VTP Domain as a single autonomous system, or a single collection of switches that share the same VLANs. For example you
have a large campus building in a University network. This building in the three tier design model will have an access and distribution
core. The VTP Server in this design would be the distribution switch. In most cases, the VTP server would be a chassis switch or a
switch stack to provide redundancy to access switches.
Creating a VLAN on the distribution switch will allow for all access switches to access other access switches on different floors of the
building on the same VLAN, this eliminates the need to create the vlan on 3 separate switches, the distribution, and both access
switches in the given example.
In large enterprise networks VTPv2 can be used in the campus core as VTPv2 can only propagate up to 1005 VLANs, however once
you hit the VTP VLAN ceiling youd be required to migrate to VTP Version 3 to allow for the propagation of 4095 VLANs.
There are three VTP Versions currently; VTP Version 3 which is quite new provides major advantages over versions one and two.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-vlan-trunking-protocol-vtp/[4/12/2015 6:56:27 PM]

Configuring VLAN Trunking Protocol (VTP) | Free CCNA Workbook

VTP Version 1 was the initial release of this technology gives you the ability to configure the switch as a VTP Server, VTP Client, VTP
Transparent Switch (will be discussed in Lab 4-11) and on CatOS switches, VTP Mode OFF which completely disables VTP.
VTP Version 2 is not to much different from v1 however VTPv2 includes the support for token ring VLANs and VTP Pruning. If
neither of these features are required in a network then there is no need to upgrade from version one to version two.
VTP Version 3 on the other hand has significant advantages over its predecessors, two of the most beneficial features to modern
networks is that VTP v3 supports the entire IEEE VLAN Range 1-4095 and also the ability to propagate Private VLAN information.
VTP v3 also gives better administrative control over the VTP domain by allowing you to configure which devices can update other
devices view of the VLAN topology. You now have the option to turn VTP on or off on a per trunk basis and now the VTP server has
a primary and backup VTP server.
Now take a step back for a second and ask yourself what happens if someone else plugs a switch into the network with the same
VTP domain and a higher revision of the database and completely different VLAN information. The answer is quite simple, youre
network goes into the bit bucket as your VLANs on all switches change, some get removed, new ones added and so on. When a
VLAN is removed on a switch and ports are in that specific VLAN, those ports get shutdown. All in all, if this happens on your watch
and its your fault you better update your resume.
But dont worry, there is hope!! With the a VTP Password, you can prevent unwanted VTP server switches in the network. By using a
VTP password switches can only be a client of a VTP Server if the passwords match.
VTP Domains can be unique to location but there is one domain name that is special; VTP Domain: NULL, this domain name
basically is no domain name, its blank and is represented as the domain name NULL. However when it is changed you cannot
change it back to NULL.
In this lab you will familiarize yourself with the following commands;

Command

Description

vtp mode server

This command is executed in global configuration mode and sets the switch as a VTP Server.
This is the default VTP mode for a new switch with the VTP domain set to NULL

vtp mode client

This command is executed in global configuration mode and sets the switch as a VTP client
which learns its VLAN information from the VTP Server in its specified VTP Domain.

vtp domain domainname

This command is executed in global configuration mode and sets the VTP domain of a device.

vtp version i

This command is executed in global configuration mode and sets the VTP Version of the device.

vtp password password

This command is executed in global configuration mode and sets the VTP password to prevent
unauthorized VTP Servers and/or Clients in a particular VTP Domain.

show vtp password

This command can only be executed in privileged mode and displays the current VTP
Password.

show vtp status

This command can be executed from user or privileged mode to view the current VTP
configuration such as VTP mode, Domain, Version, Pruning and more.

The Free CCNA Workbook CCNA GNS3 topology uses the NM-16ESW in a Cisco 3640 series switch. The commands listed

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-vlan-trunking-protocol-vtp/[4/12/2015 6:56:27 PM]

Configuring VLAN Trunking Protocol (VTP) | Free CCNA Workbook

above must be executed in VLAN Database configuration mode and will slightly vary. Be sure to use the context sensitive help.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; SW1, SW2 and SW3.
Establish a console session with devices SW1, SW2 and SW3 than configure the devices respected hostname(s).
Shutdown interfaces Fa0/13, Fa0/14 and Fa0/15 on SW2 and SW3.
Configure interfaces Fa0/10, Fa0/11 and Fa0/12 on both SW1 and SW2 in an EtherChannel. Use channel-group number 1
and configure the channel group to trunk.
Configure interfaces Fa0/13, Fa0/14 and Fa0/15 on SW1 and interfaces Fa0/10, Fa0/11 and Fa0/12 on SW3 in an
EtherChannel. Use channel-group number 2 and configure the channel group to trunk.

Lab Objectives
Configure SW1 as the VTP Server and configure SW2 and SW3 as VTP Clients. Set the VTP Domain name to CISCO on all
three switches.
Configure VLAN 10 with the name Development on the VTP Server and verify that it propagates to SW2 and SW3 properly.
Set the VTP Version to v2 and secure the VTP Domain by using the password Cisco$123. Verify your configuration.

The instructional section of this lab is demonstrated using three Cisco Catalyst 3560 Series switches.

Lab Instruction
Step 1. Configure SW1 as the VTP Server and configure SW2 and SW3 as VTP Clients. Set the VTP Domain name to CISCO on
all three switches.
Configuring the VTP Mode and VTP Domain are done by the use of the vtp mode modetype and the vtp domain domainname as
shown below; Keep in mind when setting the VTP Domain, this must be set prior to the VTP mode if you are setting the VTP domain
on a client switch. If you need to change the VTP domain you must set it to transparent then change the name and/or password then
set the switch back to VTP mode client.
SW1 con0 is now available

Press RETURN to get started.

SW1>enable

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-vlan-trunking-protocol-vtp/[4/12/2015 6:56:27 PM]

Configuring VLAN Trunking Protocol (VTP) | Free CCNA Workbook

SW1#configure terminal
Enter configuration commands, one per line.
SW1(config)#vtp mode server
Device mode already VTP SERVER.
SW1(config)#vtp domain CISCO
Changing VTP domain name from NULL to CISCO
SW1(config)#

End with CNTL/Z.

SW2 con0 is now available

Press RETURN to get started.

SW2>enable
SW2#configure terminal
Enter configuration commands, one per line.
SW2(config)#vtp domain CISCO
Domain name already set to CISCO.
SW2(config)#vtp mode client
Setting device to VTP CLIENT mode.
SW2(config)#

End with CNTL/Z.

SW3 con0 is now available

Press RETURN to get started.

SW3>enable
SW3#configure terminal
Enter configuration commands, one per line.
SW3(config)#vtp domain CISCO
Domain name already set to CISCO.
SW3(config)#vtp mode client
Setting device to VTP CLIENT mode.
SW3(config)#

End with CNTL/Z.

Step 2. Configure VLAN 10 with the name Development on the VTP Server and verify that it propagates to SW2 and SW3 properly.
To complete this objective you need to create the VLAN on the VTP Server, which in this case is SW1. Create the VLAN as you
would any other VLAN on a Cisco Catalyst Series switch as shown below;
SW1(config)#vlan 10
SW1(config-vlan)#name Development
SW1(config-vlan)#end
SW1#

Now verify that the VLAN is being propagated properly by using the show vlan on SW2 and SW3 as shown below;
SW2(config)#end
SW2#show vlan
%SYS-5-CONFIG_I: Configured from console by console
SW2#show vlan
VLAN Name
Status
Ports
---- -------------------------------- --------- ------------------------------1
default
active
Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gi0/1, Gi0/2

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-vlan-trunking-protocol-vtp/[4/12/2015 6:56:27 PM]

Configuring VLAN Trunking Protocol (VTP) | Free CCNA Workbook

10
1002
1003
1004
1005

Development
fddi-default
token-ring-default
fddinet-default
trnet-default

VLAN
---1
10
1002
1003
1004
1005

Type
----enet
enet
fddi
tr
fdnet
trnet

SAID
---------100001
100010
101002
101003
101004
101005

MTU
----1500
1500
1500
1500
1500
1500

active
act/unsup
act/unsup
act/unsup
act/unsup
Parent
------

RingNo
------

BridgeNo
--------

Stp
---ieee
ibm

BrdgMode
-------srb
-

Trans1
-----0
0
0
0
0
0

Trans2
-----0
0
0
0
0
0

Remote SPAN VLANs


-----------------------------------------------------------------------------Primary Secondary Type
Ports
------- --------- ----------------- -----------------------------------------SW2#

SW3(config)#end
SW3#show vlan
VLAN Name
Status
Ports
---- -------------------------------- --------- ------------------------------1
default
active
Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/13, Fa0/14, Fa0/15
Fa0/16, Fa0/17, Fa0/18, Fa0/19
Fa0/20, Fa0/21, Fa0/22, Fa0/23
Fa0/24, Gi0/1, Gi0/2
10
Development
active
1002 fddi-default
act/unsup
1003 token-ring-default
act/unsup
1004 fddinet-default
act/unsup
1005 trnet-default
act/unsup
VLAN
---1
10
1002
1003
1004
1005

Type
----enet
enet
fddi
tr
fdnet
trnet

SAID
---------100001
100010
101002
101003
101004
101005

MTU
----1500
1500
1500
1500
1500
1500

Parent
------

RingNo
------

BridgeNo
--------

Stp
---ieee
ibm

BrdgMode
-------srb
-

Trans1
-----0
0
0
0
0
0

Trans2
-----0
0
0
0
0
0

Remote SPAN VLANs


-----------------------------------------------------------------------------Primary Secondary Type
Ports
------- --------- ----------------- -----------------------------------------SW3#
Step 3. Set the VTP Version to v2 and secure the VTP Domain by using the password Cisco$123. Verify your configuration.
To set the VTP version to v2, you execute the vtp version 2 command on the VTP Server switch, this setting is propagated to all
switches in the VTP domain.
To set the VTP password, use the vtp password passwordgoeshere command in global configuration mode as shown below;
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#vtp version 2
SW1(config)#vtp password Cisco$123
Setting device VLAN database password to Cisco$123
SW1(config)#end
SW1#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-vlan-trunking-protocol-vtp/[4/12/2015 6:56:27 PM]

Configuring VLAN Trunking Protocol (VTP) | Free CCNA Workbook

SW2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#vtp password Cisco$123
Setting device VLAN database password to Cisco$123
SW2(config)#end
SW2#

SW3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW3(config)#vtp password Cisco$123
Setting device VLAN database password to Cisco$123
SW3(config)#end
SW3#
To verify the VTP version mode use the show vtp status command in user or privileged mode as shown below;
SW2#show vtp status
VTP Version
: running VTP2
Configuration Revision
: 3
Maximum VLANs supported locally : 1005
Number of existing VLANs
: 6
VTP Operating Mode
: Client
VTP Domain Name
: CISCO
VTP Pruning Mode
: Disabled
VTP V2 Mode
: Enabled
VTP Traps Generation
: Disabled
MD5 digest
: 0x96 0xF1 0x2F 0xDD 0x5F 0x1F 0x37 0x53
Configuration last modified by 192.168.255.1 at 3-2-93 15:11:27
SW2#
To verify the VTP Password you must use the show vtp password command in privileged mode only as shown below;
SW2#show vtp password
VTP Password: Cisco$123
SW2#

Previous Lab

Like

Tweet

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-vlan-trunking-protocol-vtp/[4/12/2015 6:56:27 PM]

Next Lab

Configuring VLAN Trunking Protocol (VTP) | Free CCNA Workbook

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-vlan-trunking-protocol-vtp/[4/12/2015 6:56:27 PM]

Configuring VTP Transparent Mode and VTP Pruning | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Transparent VTP and VTP Pruning

While VTP may sound to make things cooler it also introduces vulnerabilities into the infrastructure if configured
incorrectly. VTP pruning is used in conjecture with VTP to ensure that traffic destined to specific VLANs are not
passed to switches that do not need it. This lab will discuss and demonstrate the configuration and verification of
Transparent VTP and VTP Pruning.

Real World Application & Core Knowledge


It is recommended that you have completed Configuring VLAN Trunking Protocol (VTP) before proceeding with this lab so that youll
be familiar with VTP Server and Client modes. Unlike VTP Server/Client, Transparent mode does not participate in the VTP domain
at all however it transparent mode will pass VTP frame from one switch to the next.
Transparent switches are a perfect solution when placing a managed Cisco switch in the transit path of two VTP enabled switches,
this way The VTP Server and VTP client(s) can still communicate through the transparent switch and operate correctly
The downfall to transparent switches is that they must have the same VLANs IF they are a transit switch in a VTP domain. A
common implementation with a transparent switch in the transit path of two VTP enabled switches is the requirement for security.
The transparent switch needs to have a specific layer2 or layer 3 enabled VLAN that cannot be anywhere else on the network but
still need access to all other VLANs.
Another example being a simple edge transparent switch that is considered strictly an access switch and does not trunk nor
participate in VTP.
For an example lets say you have a three tier network with Core/Distro/Access layers and you have the VTP server configured on the
distribution switches and the VLAN information propagates down to 24 access switches. To get more detailed lets say a twelve floor
building with two access switches per floor. Lets say VLAN 112 is configured on the twelfth floor however due to VTP propagating
the VLAN information to every single access switch, even switches on the first floor will have VLAN 112. So the big question is, when

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-vtp-transparent-mode-and-vtp-pruning/[4/12/2015 6:56:46 PM]

Configuring VTP Transparent Mode and VTP Pruning | Free CCNA Workbook

a host on VLAN 112 sends broadcast traffic, does every single switch receive the broadcast? The simple answer is yes, as the distro
will forward the broadcast out every trunk link to every access switch except the one it was received on. If you think about it, that is a
big waste of resources. However VTP addresses this issue by a feature called VTP Pruning.
VTP Pruning will prune VLAN traffic on inter-switch trunk links if the neighboring switch is not requesting any traffic destined to that
switch. If a switch does not have any ports in VLAN 401, why does it need the broadcast traffic from 401?, the simple answer is that
it doesnt and when it receive such traffic; its just a waste of switch resources.
In this lab you will familiarize yourself with the following commands;

Command

Description

vtp mode transparent

This command is executed in global configuration mode on a Cisco Catalyst switch and sets the
switch to transparent mode so it does not participate in VTP at all but it does however pass
VTP traffic.

vtp pruning

This command is executed in global configuration mode on on a Catalyst switch to configure the
VTP server to enable the VTP Pruning feature through out the VTP Domain, this setting is also
propagated to all VTP clients in the domain.

show interface

This command can be executed in user or privileged mode to view the current pruning list on a
per link basis.

show vtp status

This command can be executed from user or privileged mode to view the current settings
configured for VTP.

show interface trunk

This command can be executed from user or privileged mode to view which VLANs are being
forwarded down the trunk links and not pruned.

The Free CCNA Workbook GNS3 topology uses the NM-16ESW in a Cisco 3640 series switch. Some of the commands listed
above must be executed in VLAN Database configuration mode and will slightly vary. Be sure to use the context sensitive help.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; SW1, SW2 and SW3.
Establish a console session with devices SW1, SW2 and SW3 than configure the devices respected hostname(s).
Configure SW1 as a VTP Server and Switch 3 as a VTP client using the domain name CISCO.
Shutdown interfaces Fa0/11 and Fa0/12 and configure interface Fa0/10 as a dot1q trunk on SW1
Shutdown interfaces Fa0/11, Fa0/12, Fa0/14 and Fa0/15 and configure interfaces Fa0/10 and Fa0/13 as dot1q trunk
interfaces on SW2.
Shutdown interfaces Fa0/10 through Fa0/12, Fa0/14, Fa0/15 and configure Fa0/13 as a dot1q trunk on SW3
Configure VLANs 10, 20 and 30 on the VTP Server and SW2.
Configure layer 3 interfaces for VLAN 10 on SW1 and SW3 using the IP addresses 10.10.13.1/24 and 10.10.13.3/24

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-vtp-transparent-mode-and-vtp-pruning/[4/12/2015 6:56:46 PM]

Configuring VTP Transparent Mode and VTP Pruning | Free CCNA Workbook

Lab Objectives
Configure SW2 as a VTP Transparent switch and use VTP Version 2, verify your configuration.
Configure VTP Pruning on the VTP server verify and that the configuration was propagated to the VTP Client.
Verify that VTP Pruning is functioning properly by viewing the pruning list on SW1.

The instructional section of this lab is demonstrated using three Cisco Catalyst 3560 Series switches.

Lab Instruction
Step 1. Configure SW2 as a VTP Transparent switch and use VTP Version 2, verify your configuration.
To configure SW2 as a VTP transparent switch youll use the vtp mode transparent command in global configuration; to verify your
configuration change youll use the show vtp status command in user or privileged mode as shown below;
SW2 con0 is now available

Press RETURN to get started.

SW2>enable
SW2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#vtp mode transparent
SW2(config)#vtp version 2
Setting device to VTP TRANSPARENT mode.
SW2(config)#end
SW2#show vtp status
SW2#show vtp status
VTP Version
: running VTP2
Configuration Revision
: 0
Maximum VLANs supported locally : 1005
Number of existing VLANs
: 8
VTP Operating Mode
: Transparent
VTP Domain Name
:
VTP Pruning Mode
: Disabled
VTP V2 Mode
: Enabled
VTP Traps Generation
: Disabled
MD5 digest
: 0x06 0x97 0x82 0xDA 0x39 0x52 0x1E 0xF2
Configuration last modified by 192.168.255.252 at 0-0-00 00:00:00
SW2#

Step 2. Configure VTP Pruning on the VTP server verify and that the configuration was propagated to the VTP Client.
To configure VTP pruning youll use the vtp pruning command in global configuration on the VTP Server only. this setting gets
propagated to all VTP clients in the same VTP domain as shown below;
SW1 con0 is now available

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-vtp-transparent-mode-and-vtp-pruning/[4/12/2015 6:56:46 PM]

Configuring VTP Transparent Mode and VTP Pruning | Free CCNA Workbook

Press RETURN to get started.

SW1>enable
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#vtp pruning
Pruning switched on
SW1(config)#end
SW1#show vtp status
VTP Version
: 2
Configuration Revision
: 2
Maximum VLANs supported locally : 36
Number of existing VLANs
: 8
VTP Operating Mode
: Server
VTP Domain Name
: CISCO
VTP Pruning Mode
: Enabled
VTP V2 Mode
: Enabled
VTP Traps Generation
: Disabled
MD5 digest
: 0x2E 0x9F 0x5E 0x57 0xE3 0x87 0x46 0xFA
Configuration last modified by 10.1.5.1 at 3-1-02 00:10:56
Local updater ID is 10.1.5.1 on interface Vl5 (lowest numbered VLAN
interface found)
SW1#
Show below is the verification that VTP Pruning is being properly propagated to SW3 from the VTP Server (SW1);
SW3#show vtp status
VTP Version
: 2
Configuration Revision
: 3
Maximum VLANs supported locally : 36
Number of existing VLANs
: 8
VTP Operating Mode
: Client
VTP Domain Name
: CISCO
VTP Pruning Mode
: Enabled
VTP V2 Mode
: Enabled
VTP Traps Generation
: Disabled
MD5 digest
: 0x77 0xF2 0x86 0xA4 0x3C 0x21 0x09 0xC0
Configuration last modified by 10.1.5.1 at 3-1-02 00:17:21
SW3#
Step 3. Verify that VTP Pruning is functioning properly by viewing the pruning list on SW1.
To view this information you can use the show interface trunk command in user or privileged mode as shown below;
SW3#show interface trunk
Port
Fa0/13

Mode
on

Encapsulation
802.1q

Status
trunking

Native vlan
1

Port
Fa0/13

Vlans allowed on trunk


1-4094

Port
Fa0/13

Vlans allowed and active in management domain


1,10,20,30

Port
Fa0/13
SW3#

Vlans in spanning tree forwarding state and not pruned


1,10

As shown above from the SW3 show interface trunk output you can see that on port Fa1/13 the VLANs that are forwarding and not
pruned on that trunk link are VLANs 1 and 10.
When having a transparent switch in a VTP Transit path you obviously must have IP connectivity. Keep in mind for traffic to pass
through the transparent switch, the transparent switch must have the VLAN configure for the traffic. For example, Traffic from SW1

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-vtp-transparent-mode-and-vtp-pruning/[4/12/2015 6:56:46 PM]

Configuring VTP Transparent Mode and VTP Pruning | Free CCNA Workbook

VLAN 10 going to SW2 VLAN 20, SW3 must have VLAN10 configured on it or the traffic would get dropped.
You can verify this by pinging SW3s VLAN 10 interface from SW1 as shown below;
SW1#ping 10.10.13.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.13.3, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/1 ms
SW1#
The ping is successful because VLAN 10 is already configured on SW2 as per the lab prerequisites. However if you remove VLAN 10
from SW2 and try to ping SW3s VLAN10 interface from SW1 again it will fail as shown below;
SW2#configure terminal
SW2(config)#no vlan 10
SW2(config)#end
SW2#

SW1#ping 10.10.13.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.13.3, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
SW1#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-vtp-transparent-mode-and-vtp-pruning/[4/12/2015 6:56:46 PM]

Configuring VTP Transparent Mode and VTP Pruning | Free CCNA Workbook

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-vtp-transparent-mode-and-vtp-pruning/[4/12/2015 6:56:46 PM]

Configuring Inter-VLAN Routing (Router-on-a-Stick) | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Router on a Stick

Router on a Stick is an uncommon configuration however you must understand the technology concepts to become a
great network engineer. This lab will discuss and demonstrate the configuration and verification of inter-vlan routing
known as Router on a Stick.

Real World Application & Core Knowledge


The only way to get off a layer two network segment is through a layer three device; commonly referred to as a Default Gateway for
host machines. So lets say for example you have a single switch with 5 different VLANs and machines on each VLAN; in which
case each VLAN would require its own router to get out of that layer two network to a different layer two network. So does this mean
that multiple routers are required or a router with 5 physical ethernet interfaces, one interface in each VLAN?
The answer is easier then youd initially think. In this case you only need a SINGLE router and thats it. Think back to the previous lab
discussing Dot1q trunk interfaces. 802.1q trunk interfaces carry all VLAN traffic.
A single Router can utilize an 802.1q trunk link to place a sub-interface in each VLAN using a single physical link and technically have
interfaces in all VLANs.
A Sub-Interface is a logical interface partitioned off from a physical interface. A sub-interface allows you to have multiple interface
configurations on a single physical interface. In this lab youll use sub-interfaces to match the VLANs in the trunk to allow for
interfaces in each VLAN and accomplish inter-vlan routing for the hosts as the router has an interface in each layer three network.
In this lab youll familiarize yourself with the following new commands;

Command

Description

encapsulation dot1Q #

This command is executed from ethernet sub-interface configuration mode and binds the sub

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-inter-vlan-routing-router-on-a-stick/[4/12/2015 6:57:05 PM]

Configuring Inter-VLAN Routing (Router-on-a-Stick) | Free CCNA Workbook

interface(s) to a particular 802.1q tagged vlan.


no ip routing

This command is executed from global configuration and disables the routers ability to be used
as a router, effectively turning it into a test client machine like a windows box.

ip default-gateway 1.2.3.4

This command is executed in global configuration mode to configure a non-routing device to use
the specific IP Address as a default-gateway.

show ip interface brief

This command can be executed from user or privileged mode to view the current IP addresses
of all interfaces on the device.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3 and SW1.
Establish a console session with devices R1, R2, R3 and SW1 than configure the devices respected hostname(s).
Create VLANs 20 and 30 on SW1 and configure interface Fa0/1 on SW1 as an 802.1q trunk link.
On SW1 configure interface Fa0/2 to access VLAN20 and Fa0/3 to access VLAN 30.
Configure the IP address 10.1.20.2/24 on R2s FastEthernet0/0 interface.
Configure the IP address 10.1.30.3/24 on R3s Fastethernet0/0 interface.

Lab Objectives
Configure a new Sub-Interface on R1 to match the VLAN 20 (Fa0/0.20) and configure the sub-interface to use 802.1q
encapsulation and the Dot1q tag of 20. Configure the sub-interface to use the IP address 10.1.20.1/24.
Configure a new Sub-Interface on R1 to match the VLAN 30 (Fa0/0.30) and configure the sub-interface to use 802.1q
encapsulation and the Dot1q tag of 30. Configure the sub-interface to use the IP address 10.1.30.1/24. Verify your subinterface configuration.
Disable IP Routing on R2 and R3 and configure the default gateway on R2 and R3 to use R1s respected Sub-interface as the
default gateway.
Verify that R2 can ping R3s FastEthernet0/0 interface using R1 as the default-gateway.

Lab Instruction
Step 1. Configure a new Sub-Interface on R1 to match the VLAN 20 (Fa0/0.20) and configure the sub-interface to use 802.1q
encapsulation and the Dot1q tag of 20. Configure the sub-interface to use the IP address 10.1.20.1/24.
To create a new sub-interface youll use the interface fa0/0.# command in global configuration mode. To enable the sub-interface to
use 802.1q youll use the encapsulation dot1q # command whereas # is the dot1q VLAN tag as shown below;
R1 con0 is now available

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-inter-vlan-routing-router-on-a-stick/[4/12/2015 6:57:05 PM]

Configuring Inter-VLAN Routing (Router-on-a-Stick) | Free CCNA Workbook

Press RETURN to get started.

R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface fa0/0
R1(config-if)#no shut
R1(config-if)#interface fa0/0.20
R1(config-subif)#encapsulation dot1q 20
R1(config-subif)#ip add 10.1.20.1 255.255.255.0
R1(config-subif)#exit
R1(config)#

Step 2. Configure a new Sub-Interface on R1 to match the VLAN 30 (Fa0/0.30) and configure the sub-interface to use 802.1q
encapsulation and the Dot1q tag of 30. Configure the sub-interface to use the IP address 10.1.30.1/24. Verify your sub-interface
configuration.
R1(config)#interface fa0/0.30
R1(config-subif)#encapsulation dot1q 30
R1(config-subif)#ip add 10.1.30.1 255.255.255.0
R1(config-subif)#end
R1#sh run interface fa0/0.20
Building configuration...
Current configuration : 96 bytes
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 10.1.20.1 255.255.255.0
end
R1#sh run interface fa0/0.30
Building configuration...
Current configuration : 96 bytes
!
interface FastEthernet0/0.30
encapsulation dot1Q 30
ip address 10.1.30.1 255.255.255.0
end
R1#show ip interface brief | inc FastEthernet0/0
Interface
IP-Address
OK? Method
FastEthernet0/0
unassigned
YES unset
FastEthernet0/0.20
10.1.20.1
YES manual
FastEthernet0/0.30
10.1.30.1
YES manual
R1#

Status
up
up
up

Protocol
up
up
up

Step 3. Disable IP Routing on R2 and R3 and configure the default gateway on R2 and R3 to use R1s respected Sub-interface as
the default gateway.
To disable IP Routing on R2 and R3 use the no ip routing command in global configuration. To specify a default gateway use the ip
default-gateway x.x.x.x as shown below;
R2 con0 is now available

Press RETURN to get started.

R2>enable
R2#configure terminal
Enter configuration commands, one per line.

End with CNTL/Z.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-inter-vlan-routing-router-on-a-stick/[4/12/2015 6:57:05 PM]

Configuring Inter-VLAN Routing (Router-on-a-Stick) | Free CCNA Workbook

R2(config)#no ip routing
R2(config)#ip default-gateway 10.1.20.1
R2(config)#end
R2#

R3 con0 is now available

Press RETURN to get started.

R3>enable
R3#configure terminal
Enter configuration commands, one per line.
R3(config)#no ip routing
R3(config)#ip default-gateway 10.1.30.1
R3(config)#end
R3#

End with CNTL/Z.

Step 4. Verify that R2 can ping R3s FastEthernet0/0 interface using R1 as the default-gateway as shown below;
R2#ping 10.1.30.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.30.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/23/52 ms
R2#

Previous Lab

Like

Next Lab

10 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-inter-vlan-routing-router-on-a-stick/[4/12/2015 6:57:05 PM]

Configuring Inter-VLAN Routing (Router-on-a-Stick) | Free CCNA Workbook

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-inter-vlan-routing-router-on-a-stick/[4/12/2015 6:57:05 PM]

Configuring Per-VLAN Spanning Tree Protocol | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Per-VLAN STP

Per-VLAN Spanning Tree Protocol is the default STP mode on Cisco Catalyst Series Switches. This lab will discuss
and demonstrate the configuration and verification of PVST+ root bridge election.

Real World Application & Core Knowledge


So what happens when you plug two non-managed switches together using two crossovers and a PCs on both switches. Im after a
short period of time you will notice that the LEDs on those switches will be flashing extremely fast and network performance will be
slow as a turtle crawling on the internet from Miami to New York.
The reason for this is called a broadcast storm. A Broadcast storm is where a switch forwards a broadcast out all ports except the
port the broadcast was received on and when you have two links between switches the broadcast goes back and forth until the links
get overwhelmed with broadcast traffic to the point where the network is slower then a 56k modem.
So how do you fix this problem? Its called spanning-tree. Spanning tree is a protocol that detects and eliminate layer two loops in the
switching topology to prevent broadcast storms. So when you have two links between two switches, one link gets blocked
completely; thus effectively killing the potential for a broadcast storm on a layer two networking loop but also kills the usefulness of a
redundant link.
What is the point of two links between two switches if you can only use a single link? How can you fix that to use both links to forward
traffic? As previously discussed in a lab you can use a technology called EtherChannel which bundles multiple links into a single
logical link and is processed as such. When spanning tree learns about the network it looks at a Port-Channel interface as a single
interface and not all the physical interfaces bound in that channel group.
Another fix to use multiple links and not use an ether-channel is to load balance traffic over the two links using different VLANs. Link
one forwards traffic for the odd VLANs and blocks even VLAN traffic and link two forwards even vlan traffic and blocks odd vlan
traffic. This will be discussed in Lab 4-15 Configuring Multiple Spanning Tree Protocol.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-per-vlan-spanning-tree-protocol/[4/12/2015 6:57:28 PM]

Configuring Per-VLAN Spanning Tree Protocol | Free CCNA Workbook

The original Spanning Tree protocol (802.1d) is quite outdated by todays standards and only worked on a single VLAN or a single
switch that does not support VLANs. Cisco saw the need for Spanning Tree on all VLANs and create the proprietary PVST and
PVST+ protocols which enable spanning-tree on a per vlan instance. So in this case every single vlan on each switch has its own
STP process running to detect and eliminate loops in a layer two switching network.
Spanning tree uses BPDU (Bridge protocol data units) to transmit information between switches regarding switches cost to the root or
during root election.
Root is elected by the lowest mac address if the priory is left at the default 32768, or by the lowest priority.
Spanning tree uses different port modes to form a layer two switching topology to ensure no layer two loops exist in the network. You
need to be familiar with the different port modes in PVST as given below;

Mode

Description

root

The port that receives the best BPDU that is closest to the root bridge in terms of path cost is called
the root port. The root bridge is the only bride in the network that does not have a root port.

designated

A port is designated if it can send the best BPDU on the segment to which it is directly connected. On
a given LAN segment there can only be a single path towards the root bridge. This port forwards
traffic to the LAN segment. Access ports are considered designated ports.

alternate

An alternate port is the next best path available back to the root bridge shall the root port fail.

backup

A backup port is a port that is connected to a segment where another bridge port already connects.

The default Spanning Tree mode is PVST on a Cisco Catalyst switch.


In this lab you will familiarize yourself with the following commands;

Command

Description

spanning-tree vlan # root


primary

This command is executed from global configuration mode and configures the VLAN specified
in the syntax on the switch youre currently configuring as the root bridge for the specific VLAN
on the network.

spanning-tree vlan # root


secondary

This command is executed from global configuration mode and configures the vlan specified in
the syntax on the switch youre currently on as the backup root bridge shall the root bridge fail
in the network.

spanning-tree vlan # priority


#

This command is executed from global configuration mode and manually sets the bridge priority
per vlan on a switch.

show spanning-tree vlan #

This command can be executed only in privileged mode and displays spanning-tree information
relating to a specific VLAN number.

show spanning-tree
summary

This command can be executed only in privileged mode and displays a summary of all
spanning-tree instances and port counts.

show spanning-tree detail

This command can be executed only in privileged mode and displays detailed information on a
per port basis of each port participating in a spanning-tree process.

show spanning-tree bridge

This command can be executed only in privileged mode and displays all spanning-tree

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-per-vlan-spanning-tree-protocol/[4/12/2015 6:57:28 PM]

Configuring Per-VLAN Spanning Tree Protocol | Free CCNA Workbook

processes per VLAN on the switch and other information including the priority per vlan, the sum
of the bridge priority (vlan priority + sys-id-ext), Bridge MAC address, timers and effective
spanning tree protocol.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; SW1, SW2 and SW3.
Establish a console session with devices SW1, SW2 and SW3 than configure the devices respected hostname(s).
Configure interfaces Fa0/10, Fa0/11 and Fa0/12 on both SW1 and SW2 in an EtherChannel and configure the channel to
trunk.
Configure interfaces Fa0/13, Fa0/14 and Fa0/15 on SW1 and interfaces Fa0/10, Fa0/11 and Fa0/12 on SW3 in an
EtherChannel and configure the channel to trunk.
Configure interfaces Fa0/13, Fa0/14 and Fa0/15 on SW2 and interfaces Fa0/13, Fa0/14 and Fa0/15 on SW3 in an
EtherChannel and configure the channel to trunk.
Configure SW1 as a VTP server and SW2 and 3 as VTP clients using the VTP domain name CISCO and VTP Version 2.
Create VLAN 10, 20 and 30 on the VTP Server, ensure the VLANs have propagated to SW2 and SW3

Lab Objectives
Configure SW1 as the ROOT bridge for VLAN 1 and 10. Verify your configuration on SW2.
Configure SW2 as the ROOT bridge for VLAN 20. Verify your configuration on SW1.
Configure SW3 as the ROOT bridge for VLAN 30. Verify your configuration on SW1.

Due to the limited feature support of the NM-16ESW, this lab CANNOT be completed using the Free CCNA Workbook GNS3
topology. This lab however can be completed on the Stub Lab.

Lab Instruction
Step 1. Configure SW1 as the ROOT bridge for VLAN 1 and 10. Verify your configuration on SW2.
To configure SW1 as the ROOT Bridge for VLAN 1 and 10, you can use one of two command. spanning-tree vlan # root primary
which determines the best bridge priority and sets it to become the root bridge or you can use the spanning-tree vlan # priority #
which manually specifies the priority on a per vlan basis. Remember the lower the priority number the higher higher chance the
switch will be the root bridge during an election. If the switch has the lowest priority of all switches then it will automatically become
the root per that vlan. Bridge priorities can be a number 0-65535 and must use 4096 increments to abide by the IEEE standard using
the sum of the bridge priority and sys-id-ext (which is the VLAN Number). So if you set a priority on vlan 1 to 4096, the sum of the
bridge priority and the sys-id-ext will be 4097 and that will be the bridge priority on that switch for that vlan.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-per-vlan-spanning-tree-protocol/[4/12/2015 6:57:28 PM]

Configuring Per-VLAN Spanning Tree Protocol | Free CCNA Workbook

Shown below is an example root bridge configuration using the spanning-tree vlan # root primary command;
SW1 con0 is now available

Press RETURN to get started.

SW1>enable
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#spanning-tree vlan 1 root primary
SW1(config)#spanning-tree vlan 10 root primary
SW1(config)#end
SW1#
To verify your configuration you can use the show spanning-tree vlan # command or the show spanning-tree vlan root command as
shown below;
SW2#show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol ieee
Root ID
Priority
24577
Address
0014.f2d2.4180
Cost
9
Port
216 (Port-channel21)
Hello Time
2 sec Max Age 20 sec
Bridge ID

Priority
Address
Hello Time
Aging Time

Interface
------------------Po21
Po23

Role
---Root
Altn

Forward Delay 15 sec

32769 (priority 32768 sys-id-ext 1)


001c.57d8.9000
2 sec Max Age 20 sec Forward Delay 15 sec
300 sec
Sts
--FWD
BLK

Cost
--------9
9

Prio.Nbr
-------128.216
128.232

Type
--------------------------P2p
P2p

SW2#show spanning-tree vlan 10


VLAN0010
Spanning tree enabled protocol ieee
Root ID
Priority
24586
Address
0014.f2d2.4180
Cost
9
Port
216 (Port-channel21)
Hello Time
2 sec Max Age 20 sec
Bridge ID

Priority
Address
Hello Time
Aging Time

Interface
------------------Po21
Po23

Role
---Root
Altn

Forward Delay 15 sec

32778 (priority 32768 sys-id-ext 10)


001c.57d8.9000
2 sec Max Age 20 sec Forward Delay 15 sec
300 sec
Sts
--FWD
BLK

Cost
--------9
9

Prio.Nbr
-------128.216
128.232

Type
--------------------------P2p
P2p

SW2#show span root


Vlan
---------------VLAN0001
VLAN0010
VLAN0020
VLAN0030
SW2#

Root
Hello Max Fwd
Root ID
Cost
Time Age Dly
-------------------- --------- ----- --- --24577 0014.f2d2.4180
9
2
20 15
24586 0014.f2d2.4180
9
2
20 15
32788 0014.a964.2e00
9
2
20 15
32798 0014.a964.2e00
9
2
20 15

Root Port
-----------Po21
Po21
Po23
Po23

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-per-vlan-spanning-tree-protocol/[4/12/2015 6:57:28 PM]

Configuring Per-VLAN Spanning Tree Protocol | Free CCNA Workbook

When using the show spanning-tree root command to verify rather or not the current switch youre on is the root switch youll look at
the root cost and root port. If you have a root cost of 0 and there is no specified root port then the switch youre currently on is the
root bridge for that vlan. If you have a root cost and root port then that displays the cost to get to the root and which port is the root
port per VLAN basis as shown above.

Step 2. Configure SW2 as the ROOT bridge for VLAN 20. Verify your configuration on SW1.
The configuration to complete this objective will be the same as step 1 as shown below;
SW2 con0 is now available

Press RETURN to get started.

SW2>enable
SW2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#spanning-tree vlan 20 root primary
SW2(config)#end
SW2#
As shown in the verification below you can see that the root bridge has a priority of 24596 and the MAC address of 001c.57d8.9000.
The best path to the root bridge is out the root port which is Po12; interface Port-Channel12 is directly connected to SW2. To further
verify that SW2 is the root for VLAN 20 you can use the show spanning-tree vlan 20 command on SW2 and verify rather or not the
output will say This bridge is the root
SW1#show spanning-tree vlan 20
VLAN0020
Spanning tree enabled protocol ieee
Root ID
Priority
24596
Address
001c.57d8.9000
Cost
9
Port
144 (Port-channel12)
Hello Time
2 sec Max Age 20 sec
Bridge ID

Priority
Address
Hello Time
Aging Time

Interface
------------------Po12
Po13

Forward Delay 15 sec

Role
---Root
Altn

32788 (priority 32768 sys-id-ext 20)


0014.f2d2.4180
2 sec Max Age 20 sec Forward Delay 15 sec
300 sec
Sts
--FWD
BLK

Cost
--------9
9

Prio.Nbr
-------128.144
128.152

Type
--------------------------P2p
P2p

SW1#
Step 3. Configure SW3 as the ROOT bridge for VLAN 30. Verify your configuration on SW1.
The configuration and verification to complete this objective will be the same as step 2 as shown below;
SW3 con0 is now available

Press RETURN to get started.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-per-vlan-spanning-tree-protocol/[4/12/2015 6:57:28 PM]

Configuring Per-VLAN Spanning Tree Protocol | Free CCNA Workbook

SW3>enable
SW3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW3(config)#spanning-tree vlan 30 root primary
SW3(config)#end
SW3#
Verification shown below from SW1;
SW1#show spanning-tree vlan 30
VLAN0030
Spanning tree enabled protocol ieee
Root ID
Priority
24606
Address
0014.a964.2e00
Cost
9
Port
152 (Port-channel13)
Hello Time
2 sec Max Age 20 sec
Bridge ID

Priority
Address
Hello Time
Aging Time

Interface
------------------Po12
Po13

Role
---Desg
Root

Forward Delay 15 sec

32798 (priority 32768 sys-id-ext 30)


0014.f2d2.4180
2 sec Max Age 20 sec Forward Delay 15 sec
300 sec
Sts
--FWD
FWD

Cost
--------9
9

Prio.Nbr
-------128.144
128.152

Type
--------------------------P2p
P2p

SW1#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

Security Workbook has been

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-per-vlan-spanning-tree-protocol/[4/12/2015 6:57:28 PM]

Configuring Per-VLAN Spanning Tree Protocol | Free CCNA Workbook

evolved into the largest CCNA training


lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-per-vlan-spanning-tree-protocol/[4/12/2015 6:57:28 PM]

Configuring Rapid Per-VLAN Spanning Tree Protocol | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Rapid-PVST+

IEEE 802.1w known as Rapid Spanning Tree has several improvements over the legacy spanning tree protocol. This
lab will discuss and demonstrate the configuration and verification of RPVST+.

Real World Application & Core Knowledge


In the previous lab (if you read and/or completed it) you learned about Ciscos proprietary Per VLAN Spanning Tree Protocol which
enables a spanning-tree instance for each VLAN that the switch hosts.
This lab will deal with the new 802.1w IEEE Rapid Spanning Tree Protocol standard; that of which Cisco modified to run on a Per
VLAN basis to suit their needs.
Rapid Spanning Tree (802.1w) provides several benefits over the IEEE 802.1D STP Standard including faster convergence time after
a topology change where the STP standard took up to 45 seconds to converge, the RSTP standard can respond to changes after 3
hellos. (6 Seconds)
Rapid Spanning Tree Protocol (RSTP) can also revert back to 802.1D STP for interoperability with older switches and existing
infrastructures.
Several new features were added in the RSTP standard such as Edge Ports (aka; PortFast) which transitions an access port which
can never become a layer2 loop in the network automatically to designated (forwarding) and does not have to listen and learn to
determine which type of port type to assign to a particular port.
A feature similar to Ciscos UplinkFast was also added to RSTP standard which automatically places an alternate port into the root
port mode shall the predecessor root port fail.
The root bridge is now able to inform all switches in the switching topology that the topology has changed by setting a TC bit in the

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rapid-per-vlan-spanning-tree-protocol/[4/12/2015 6:57:47 PM]

Configuring Rapid Per-VLAN Spanning Tree Protocol | Free CCNA Workbook

BPDUs that it advertises.


The majority of the commands you familiarized yourself with in the previous lab youll use again in this lab. shown below however is a
new command youll familiarize yourself with;

Command

Description

spanning-tree mode rapidpvst

Is executed in global configuration mode to configure the switch to use the 802.1w compatible
Rapid Per VLAN Spanning Tree protocol.

spanning-tree vlan # priority


#

This command is executed from global configuration mode and manually sets the bridge priority
per vlan on a switch.

show spanning-tree vlan #

This command can be executed only in privileged mode and displays spanning-tree information
relating to a specific VLAN number.

show spanning-tree
summary

This command can be executed only in privileged mode and displays a summary of all
spanning-tree instances and port counts.

show spanning-tree detail

This command can be executed only in privileged mode and displays detailed information on a
per port basis of each port participating in a spanning-tree process.

show spanning-tree bridge

This command can be executed only in privileged mode and displays all spanning-tree
processes per VLAN on the switch and other information including the priority per vlan, the sum
of the bridge priority (vlan priority + sys-id-ext), Bridge MAC address, timers and effective
spanning tree protocol.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; SW1, SW2 and SW3.
Establish a console session with devices SW1, SW2 and SW3 than configure the devices respected hostname(s).
Configure interfaces Fa0/10, Fa0/11 and Fa0/12 on both SW1 and SW2 in an EtherChannel and configure the channel to
trunk.
Configure interfaces Fa0/13, Fa0/14 and Fa0/15 on SW1 and interfaces Fa0/10, Fa0/11 and Fa0/12 on SW3 in an
EtherChannel and configure the channel to trunk.
Configure interfaces Fa0/13, Fa0/14 and Fa0/15 on SW2 and interfaces Fa0/13, Fa0/14 and Fa0/15 on SW3 in an
EtherChannel and configure the channel to trunk.
Configure SW1 as a VTP server and SW2 and 3 as VTP clients using the VTP domain name CISCO and VTP Version 2.
Create VLAN 10, 20 and 30 on the VTP Server, ensure the VLANs have propagated to SW2 and SW3.

Lab Objectives
Configure SW1, SW2 and SW3 to run Rapid Per-VLAN Spanning Tree Protocol.
Configure SW1 as the ROOT bridge for VLAN 1 and 10. Verify your configuration on SW2.
Configure SW2 as the ROOT bridge for VLAN 20. Verify your configuration on SW1.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rapid-per-vlan-spanning-tree-protocol/[4/12/2015 6:57:47 PM]

Configuring Rapid Per-VLAN Spanning Tree Protocol | Free CCNA Workbook

Configure SW3 as the ROOT bridge for VLAN 30. Verify your configuration on SW1.

Due to the limited feature support of the NM-16ESW, this lab CANNOT be completed using the Free CCNA Workbook GNS3
topology. This lab however can be completed on the Stub Lab.

Lab Instruction
Step 1. Configure SW1, SW2 and SW3 to run Rapid Per-VLAN Spanning Tree Protocol.
To configure switches to run the rapid spanning-tree protocol by executing the spanning-tree mode rapid-pvst in global configuration
mode as shown below;
SW1 con0 is now available

Press RETURN to get started.

SW1>enable
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#spanning-tree mode rapid-pvst
SW1(config)#end
%SYS-5-CONFIG_I: Configured from console by console
SW1#show spanning-tree bridge
Vlan
---------------VLAN0001
VLAN0010
VLAN0020
VLAN0030
SW1#

Hello
Bridge ID
Time
--------------------------------- ----32769 (32768,
1) 0014.f2d2.4180
2
32778 (32768, 10) 0014.f2d2.4180
2
32788 (32768, 20) 0014.f2d2.4180
2
32798 (32768, 30) 0014.f2d2.4180
2

Max
Age
--20
20
20
20

Fwd
Dly
--15
15
15
15

Protocol
-------rstp
rstp
rstp
rstp

Fwd
Dly
--15
15
15
15

Protocol
-------rstp
rstp
rstp
rstp

SW2 con0 is now available

Press RETURN to get started.

SW2>enable
SW2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#spanning-tree mode rapid-pvst
SW2(config)#end
%SYS-5-CONFIG_I: Configured from console by console
SW2#show spanning-tree bridge
Vlan
---------------VLAN0001
VLAN0010
VLAN0020
VLAN0030
SW2#

Hello
Bridge ID
Time
--------------------------------- ----32769 (32768,
1) 001c.57d8.9000
2
32778 (32768, 10) 001c.57d8.9000
2
32788 (32768, 20) 001c.57d8.9000
2
32798 (32768, 30) 001c.57d8.9000
2

Max
Age
--20
20
20
20

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rapid-per-vlan-spanning-tree-protocol/[4/12/2015 6:57:47 PM]

Configuring Rapid Per-VLAN Spanning Tree Protocol | Free CCNA Workbook

SW3 con0 is now available

Press RETURN to get started.

SW3>enable
SW3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW3(config)#spanning-tree mode rapid-pvst
SW3(config)#end
%SYS-5-CONFIG_I: Configured from console by console
SW3#show spanning-tree bridge
Vlan
---------------VLAN0001
VLAN0010
VLAN0020
VLAN0030
SW3#

Hello
Bridge ID
Time
--------------------------------- ----32769 (32768,
1) 0014.a964.2e00
2
32778 (32768, 10) 0014.a964.2e00
2
32788 (32768, 20) 0014.a964.2e00
2
32798 (32768, 30) 0014.a964.2e00
2

Max
Age
--20
20
20
20

Fwd
Dly
--15
15
15
15

Protocol
-------rstp
rstp
rstp
rstp

Step 2. Configure SW1 as the ROOT bridge for VLAN 1 and 10. Verify your configuration on SW2.
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#spanning-tree vlan 1 root primary
SW1(config)#spanning-tree vlan 10 root primary
SW1(config)#end
%SYS-5-CONFIG_I: Configured from console by console
SW1#

SW2#show spanning-tree vlan 1


VLAN0001
Spanning tree enabled protocol rstp
Root ID
Priority
24577
Address
0014.f2d2.4180
Cost
9
Port
216 (Port-channel21)
Hello Time
2 sec Max Age 20 sec
Bridge ID

Priority
Address
Hello Time
Aging Time

Interface
------------------Po21
Po23

Role
---Root
Altn

Forward Delay 15 sec

32769 (priority 32768 sys-id-ext 1)


001c.57d8.9000
2 sec Max Age 20 sec Forward Delay 15 sec
300 sec
Sts
--FWD
BLK

Cost
--------9
9

Prio.Nbr
-------128.216
128.232

Type
--------------------------P2p
P2p

SW2#show spanning-tree vlan 10


VLAN0010
Spanning tree enabled protocol rstp
Root ID
Priority
24586
Address
0014.f2d2.4180
Cost
9
Port
216 (Port-channel21)
Hello Time
2 sec Max Age 20 sec
Bridge ID

Priority
Address
Hello Time
Aging Time

Forward Delay 15 sec

32778 (priority 32768 sys-id-ext 10)


001c.57d8.9000
2 sec Max Age 20 sec Forward Delay 15 sec
300 sec

Interface
Role Sts Cost
Prio.Nbr Type
------------------- ---- --- --------- -------- ---------------------------

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rapid-per-vlan-spanning-tree-protocol/[4/12/2015 6:57:47 PM]

Configuring Rapid Per-VLAN Spanning Tree Protocol | Free CCNA Workbook

Po21
Po23

Root FWD 9
Altn BLK 9

128.216
128.232

P2p
P2p

SW2#
Step 3. Configure SW2 as the ROOT bridge for VLAN 20. Verify your configuration on SW1.
SW2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#spanning-tree vlan 20 root primary
SW2(config)#end
%SYS-5-CONFIG_I: Configured from console by console
SW2#

SW1#show spanning-tree vlan 20


VLAN0020
Spanning tree enabled protocol rstp
Root ID
Priority
24596
Address
001c.57d8.9000
Cost
9
Port
144 (Port-channel12)
Hello Time
2 sec Max Age 20 sec
Bridge ID

Priority
Address
Hello Time
Aging Time

Interface
------------------Po12
Po13

Role
---Root
Altn

Forward Delay 15 sec

32788 (priority 32768 sys-id-ext 20)


0014.f2d2.4180
2 sec Max Age 20 sec Forward Delay 15 sec
300 sec
Sts
--FWD
BLK

Cost
--------9
9

Prio.Nbr
-------128.144
128.152

Type
--------------------------P2p
P2p

SW1#
Step 4. Configure SW3 as the ROOT bridge for VLAN 30. Verify your configuration on SW1.
SW3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW3(config)#spanning-tree vlan 30 root primary
SW3(config)#end
%SYS-5-CONFIG_I: Configured from console by console
SW3#

SW1#show spanning-tree vlan 30


VLAN0030
Spanning tree enabled protocol rstp
Root ID
Priority
24606
Address
0014.a964.2e00
Cost
9
Port
152 (Port-channel13)
Hello Time
2 sec Max Age 20 sec
Bridge ID

Priority
Address
Hello Time
Aging Time

Interface
------------------Po12
Po13

Role
---Desg
Root

Forward Delay 15 sec

32798 (priority 32768 sys-id-ext 30)


0014.f2d2.4180
2 sec Max Age 20 sec Forward Delay 15 sec
300 sec
Sts
--FWD
FWD

Cost
--------9
9

Prio.Nbr
-------128.144
128.152

Type
--------------------------P2p
P2p

SW1#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rapid-per-vlan-spanning-tree-protocol/[4/12/2015 6:57:47 PM]

Configuring Rapid Per-VLAN Spanning Tree Protocol | Free CCNA Workbook

Previous Lab

Like

Next Lab

97 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rapid-per-vlan-spanning-tree-protocol/[4/12/2015 6:57:47 PM]

Configuring Multiple Spanning Tree Protocol (MSTP) | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Multiple-STP (MST)

Multi-Spanning Tree Protocol allows for resource conservation by now requring an instance for every single VLAN in
the layer 2 network. This lab will discuss and demonstrate the configuration and verification of 802.1s MSTP.

Real World Application & Core Knowledge


If you have read through or completed Labs 4-13 and 4-15 then you should be quite familiar with spanning tree by now and
understand that it prevents layer two network loops in a switching topology. This lab will take youre understanding of spanning tree
just a bit further. This lab will explain the function(s) of the IEEE Standard Multiple Spanning Tree protocol also referred to as MST.
MST is commonly used in extremely large networks where running PVST would tax switch resources. Multiple Spanning Tree
Protocol gives you the ability to configure a hierarchical spanning tree topology where you have a common spanning tree instance
known as the (CIST), technically instance 0 in MST Configuration mode.
MST is designed in a way that youll have regional STP instances. A region is defined by the name given in MST configuration mode.
For example a region can be Boston or Miami.
Also per each region you have a revision number. This is a locally significant number to signify a revision for the MST configuration.
Note that the name, instance map and revision number MUST MATCH in order to build a converged MST topology.
With MST youre able utilize multiple core switches at a single location (region) by using different instances. For example; core switch
1 is the root bridge for all odd VLANs such as 1, 3, 5, 7 and so on. Core switch 2 is the root bridge for even VLANs such as
2,4,5,8,10 and so on.
Keep in mind when designing a core network for a particular region some VLANs may be more traffic intensive, so you may need to
further load balance them out across multiple core switch instances in a given region.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-multiple-spanning-tree-protocol-mstp/[4/12/2015 6:58:10 PM]

Configuring Multiple Spanning Tree Protocol (MSTP) | Free CCNA Workbook

MSTP and Rapid-PVST are inter-compatible however only instance 0 (the CIST) is shared from MST to Rapid-PVST.
MSTP configuration is quite different from PVST/Rapid-PVST in such that MSTP has its own configuration mode. In this mode you
assign VLANs to a spanning tree instance then you can assign the instance as the root bridge by using the spanning-tree vlan # root
primary command.
The port modes remain the same in MSTP as they were in RSTP which are shown below;

Command

Description

root

The port that receives the best BPDU that is closest to the root bridge in terms of path cost is
called the root port. The root bridge is the only bride in the network that does not have a root
port.

designated

A port is designated if it can send the best BPDU on the segment to which it is directly
connected. On a given LAN segment there can only be a single path towards the root bridge.
This port forwards traffic to the LAN segment. Access ports are considered designated ports.

alternate

An alternate port is the next best path available back to the root bridge shall the root port fail.

backup

A backup port is a port that is connected to a segment where another bridge port already
connects.

In this lab youll use SW1 and SW2 to simulate a core and SW3 will be a distribution switch. SW1 will be the root bridge for VLANs
1,3,5,7,9 and SW2 will be the root bridge for VLANs 2,4,6,8,10. SW3 will be running Rapid-PVST.
In this lab youll familiarize yourself with the following NEW commands;

Command

Description

spanning-tree mode mst

This command is executed in global configuration and configures the switch to use the
IEEE 802.1s Multiple Spanning Tree Protocol (MSTP).

spanning-tree mst configuration

This command is executed in global configuration mode and places you into MST
(Multiple Spanning Tree) configuration mode.

instance # vlan #

This command is executed from within MST configuration mode and configures an MST
instance number and associated VLANs running on the MST instance.

name namegoeshere

This command is executed from within MST configuration mode and configures the
region name for the MSTP switch.

spanning-tree instance# priority #

aThis command when executed from global configuration configures a specific instance
of MST as the root bridge for the VLANs included in that MST instance.

show spanning-tree mst


configuration

This command is executed in privileged mode to display the current MST configuration
on a switch.

show spanning-tree mst #

This command is executed in privileged mode to display information such as the root
bridge, root bridge mac address, root bridge priority, root port and other information on a
per instance basis.

show spanning-tree mst detail

This command is executed in privileged mode to display detailed MST configuration on a


switch such as root bridge information, MST bridge priority, interface participation,
timers, port states, port cost and more.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-multiple-spanning-tree-protocol-mstp/[4/12/2015 6:58:10 PM]

Configuring Multiple Spanning Tree Protocol (MSTP) | Free CCNA Workbook

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; SW1, SW2 and SW3.
Establish a console session with devices SW1, SW2 and SW3 than configure the devices respected hostname(s).
Configure SW1 as a VTP Server, SW2 and SW3 as VTP Clients. Use the VTP Domain and Password of CISCO.
Configure interface Fa0/10 on both SW1 and SW2 to trunk using Dot1q.
Configure interface Fa0/15 on both SW2 and SW3 to trunk using Dot1q.
Configure VLANs 2,3,4,5,6,7,8,9 and 10 on SW1 and ensure they are propagated correctly to SW2 and SW3.

Lab Objectives
Configure SW1 to run MST using the revision number 1 and region name REGION1 then configure VLANs 1, 3, 5, 7 and 9 to
run on SW1 MST instance 1. Configure SW1 as the root bridge of VLANs 1, 3, 5, 7 and 9 using the static priority of 8192.
Configure SW1 to run VLANs 2, 4, 6, 8 and 10 on MST instance 2 then configure SW1 as the secondary root bridge for VLANs
2, 4, 6, 8 and 10 using the static priority of 16384.
Configure SW2 to run MST using the revision number 1 and region name REGION1 then configure VLANs 1, 3, 5, 7 and 9 to
run on SW2 MST instance 1. Configure SW2 the secondary root bridge of VLANs 1, 3, 5, 7 and 9 using the static priority of
16384.
Configure SW2 to run VLANs 2, 4, 6, 8 and 10 on MST instance 2 then configure SW2 as the root bridge for VLANs 2, 4, 6, 8
and 10 using the static priority of 8192.
Configure SW3 to run MST using the revision number 1 and region name REGION1 and assign VLANs 1,3,5,7,9 to instance
1, VLANs 2,4,6,8,10 to instance 2. Verify that the MST Root bridges for instance 1 and instance 2 are correct on SW3.

Due to the limited feature support of the NM-16ESW, this lab CANNOT be completed using the Free CCNA Workbook GNS3
topology. This lab can however be completed using the Stub Lab.

Lab Instruction
Step 1. Configure SW1 to run MST using the revision number 1 and region name REGION1 then configure VLANs 1, 3, 5, 7 and 9
to run on SW1 MST instance 1. Configure SW1 as the root bridge of VLANs 1, 3, 5, 7 and 9 using the static priority of 8192.
To configure SW1 to run MSTP youll use the spanning-tree mode mst in global configuration mode. To configure MST instances on
SW1 first you need to navigate to MST configuration mode by using the spanning-tree mst configuration command then the instance
# vlan # command to create a new instance and map VLANs to that instance. The root bridge is configured on a per instance basis
by using the command spanning-tree mst instance# priority # as shown below;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-multiple-spanning-tree-protocol-mstp/[4/12/2015 6:58:10 PM]

Configuring Multiple Spanning Tree Protocol (MSTP) | Free CCNA Workbook

SW1 con0 is now available

Press RETURN to get started.

SW1>enable
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#spanning-tree mode mst
SW1(config)#spanning-tree mst configuration
SW1(config-mst)#revision 1
SW1(config-mst)#name REGION1
SW1(config-mst)#instance 1 vlan 1,3,5,7,9
SW1(config-mst)#exit
SW1(config)#spanning-tree mst 1 priority 8192
SW1(config)#end
%SYS-5-CONFIG_I: Configured from console by console
SW1#

Step 2. Configure SW1 to run VLANs 2, 4, 6, 8 and 10 on MST instance 2 then configure SW1 as the secondary root bridge for
VLANs 2, 4, 6, 8 and 10 using the static priority of 16384.
To complete this step youll use the same commands as previously shown in the step 1 configuration example and as shown below;
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#spanning-tree mst configuration
SW1(config-mst)#instance 2 vlan 2,4,6,8,10
SW1(config-mst)#exit
SW1(config)#spanning-tree mst 2 priority 16384
SW1(config)#end
%SYS-5-CONFIG_I: Configured from console by console
SW1#
Step 3 Configure SW2 to run MST using the revision number 1 and region name REGION1 then configure VLANs 1, 3, 5, 7 and 9
to run on SW2 MST instance 1. Configure SW2 the secondary root bridge of VLANs 1, 3, 5, 7 and 9 using the static priority of 16384.
Now mirror the inverse configuration that youve done in steps 1 and 2 on SW2 in steps 3 and 4 as shown below;
SW2 con0 is now available

Press RETURN to get started.

SW2>enable
SW2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#spanning-tree mode mst
SW2(config)#spanning-tree mst configuration
SW2(config-mst)#revision 1
SW2(config-mst)#name REGION1
SW2(config-mst)#instance 1 vlan 1,3,5,7,9
SW2(config-mst)#exit
SW2(config)#spanning-tree mst 1 priority 16384
SW2(config)#end
%SYS-5-CONFIG_I: Configured from console by console
SW2#
Step 4. Configure SW2 to run VLANs 2, 4, 6, 8 and 10 on MST instance 2 then configure SW2 as the root bridge for VLANs 2, 4, 6,

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-multiple-spanning-tree-protocol-mstp/[4/12/2015 6:58:10 PM]

Configuring Multiple Spanning Tree Protocol (MSTP) | Free CCNA Workbook

8 and 10 using the static priority of 8192.


SW2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#spanning-tree mst configuration
SW2(config-mst)#instance 2 vlan 2,4,6,8,10
SW2(config-mst)#exit
SW2(config)#spanning-tree instance 2 priority 8192
SW2(config)#end
%SYS-5-CONFIG_I: Configured from console by console
SW2#
Step 5. Configure SW3 to run MST using the revision number 1 and region name REGION1 and assign VLANs 1,3,5,7,9 to
instance 1, VLANs 2,4,6,8,10 to instance 2. Verify that the MST Root bridges for instance 1 and instance 2 are correct on SW3.
SW3 con0 is now available

Press RETURN to get started.

SW3>enable
SW3#configure terminal
Enter configuration commands, one per line.
SW3(config)#spanning-tree mode mst
SW3(config)#spanning-tree mst configuration
SW3(config-mst)#revision 1
SW3(config-mst)#name REGION1
SW3(config-mst)#instance 1 vlan 1,3,5,7,9
SW3(config-mst)#instance 2 vlan 2,4,6,8,10
SW3(config-mst)#end
SW3#

End with CNTL/Z.

To verify that SW1 and SW2 are the root bridges for their respected VLANs by using the show spanning-tree mst # command for
instance 1 and 2 as shown below;
SW3#show spanning-tree mst 1,2
##### MST1
Bridge
Root

vlans mapped:
1,3,5,7,9
address 0014.a964.2e00 priority
address 0014.f2d2.4180 priority
port
Fa0/10
cost

Interface
---------------Fa0/10
Fa0/15
##### MST2
Bridge
Root

Role
---Root
Altn

Sts
--FWD
BLK

Cost
--------200000
200000

Prio.Nbr
-------128.10
128.15

Type
----------------------------P2p
P2p

vlans mapped:
2,4,6,8,10
address 0014.a964.2e00 priority
address 001c.57d8.9000 priority
port
Fa0/15
cost

Interface
---------------Fa0/10
Fa0/15

Role
---Altn
Root

Sts
--BLK
FWD

Cost
--------200000
200000

Prio.Nbr
-------128.10
128.15

32769 (32768 sysid 1)


8193 (8192 sysid 1)
200000
rem hops 19

32770 (32768 sysid 2)


8194 (8192 sysid 2)
200000
rem hops 19

Type
----------------------------P2p
P2p

SW3#
As shown above you can see that MST1 (instance 1) has VLANs 1,3,5,7,9 mapped to it and the root bridge has a priority of 8193 and
the MAC address of 0014.f2d2.4180. The root port is specified as Fa0/10 which is directly connected to SW1.
VLANs 2,4,6,8,10 are mapped to MST2 (Instance 2) and the root bridge has a priority of 8193 and the MAC address of

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-multiple-spanning-tree-protocol-mstp/[4/12/2015 6:58:10 PM]

Configuring Multiple Spanning Tree Protocol (MSTP) | Free CCNA Workbook

001c.57d8.9000. The root port specified for MST2 is Fa0/15 which is directly connected to SW2.

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-multiple-spanning-tree-protocol-mstp/[4/12/2015 6:58:10 PM]

Configuring Switchport Spanning Tree Portfast | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Spanning Tree Portfast

Waiting on Spanning Tree to place a port into forwarding can cause problems with fast booting machines requesting
DHCP IP Addresses. This lab will discuss and demonstrate the configuration and verification of STP PortFast.

Real World Application & Core Knowledge


So lets say an end user just bought this super fast computer that boots up in few seconds, or perhaps maybe you have a thin client
on the network that boots up and request an IP address within 5 seconds. What happens when that traffic gets to the switch port?
It gets dropped. Why you ask? Because the switchport takes 15 seconds to transition from blocking to forwarding as it is listening to
determinate rather or not a loop on the network exist. Once determined that no loops exist, the port is placed in learning then
designated (forwarding) if the port is an access port.
So if youre device boots up in 5 seconds and requests an IP address with the timeout of 8 seconds then you will fail to receive an IP
Address as the switchport is not forwarding traffic yet.
The simple explanation is that PortFast will immediately transition a port to the forwarding state and not attempt to detect a switching
loop unless a BPDU is received on the port with PortFast enabled. So plugging in multiple links on hubs, switches or bridges to the
network can temporary switching loops.
Another major advantage of PortFast is that a TCN (Topology Change Notification) is not generated by spanning-tree each time a
port goes up or down. This conserves resources as spanning-tree does not have to reprocess the tree every time a TCN is
generated.
There are two ways to enable PortFast on a Cisco Catalyst Series switch. One way is by enabling portfast in interface configuration
mode and the other way is to globally enable portfast across the entire switch.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-switchport-spanning-tree-portfast/[4/12/2015 6:58:32 PM]

Configuring Switchport Spanning Tree Portfast | Free CCNA Workbook

Note that Portfast is supported on the Cisco NM-16ESW however the spanning tree portfast default feature is not.
In this lab youll familiarize yourself with the following commands;

Command

Description

spanning-tree portfast

This command is executed in interface configuration mode and enables portfast


on a per interface basis

spanning-tree portfast default

This command is executed in global configuration and enables PortFast across


the entire switch by default.

show spanning-tree interfaceinterface#/#


portfast

This command is executed in privileged mode and shows rather or not portfast is
enabled on the specific interface.

show spanning-tree summary

This command is executed in privileged mode to display the current status of


default STP configurations including PortFast.

show spanning-tree

This command is executed in privileged mode to display a table of ports assigned


to a particular VLAN and the current port status rather its FWD or BLK.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1 and SW1.
Establish a console session with devices R1 and SW1 than configure the devices respected hostname(s).
Configure SW1 to run Rapid-PVST.

Lab Objectives
By default, interfaces on routers are administratively shut down. Enable FastEthernet0/0 which is connected to Fa0/1 then
observe the switches spanning-tree behavior via the show spanning-tree command.
Shutdown R1s FastEthernet0/0 interface then configure PortFast on SW1s FastEthernet0/1. Afterward; re-enable the Fa0/0
interface on R1 and ensure that Fa0/1 on SW1 is immediately transitioned to forwarding status by viewing the spanning-tree
output on SW1.
Enable PortFast on all interfaces of the switch by default and do not use the spanning-tree portfast command in interface
configuration mode. Verify your configuration.

This Lab instructional section is demonstrated using a Cisco Catalyst 3560 Series switch.

Lab Instruction

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-switchport-spanning-tree-portfast/[4/12/2015 6:58:32 PM]

Configuring Switchport Spanning Tree Portfast | Free CCNA Workbook

Step 1. By default, interfaces on routers are administratively shut down. Enable FastEthernet0/0 which is connected to Fa0/1 then
observe the switches spanning-tree behavior via the show spanning-tree command.
R1 con0 is now available

Press RETURN to get started.

*Mar 15 23:38:09.097: %SYS-5-CONFIG_I: Configured from console by console


R1#enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface fa0/0
R1(config-if)#no shut
R1(config-if)#
%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
R1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed
state to up
R1(config-if)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#
The observation is shown below;
SW1#show spanning-tree
VLAN0001
Spanning tree enabled protocol rstp
Root ID
Priority
24577
Address
0014.f2d2.4180
This bridge is the root
Hello Time
2 sec Max Age 20 sec
Bridge ID

Priority
Address
Hello Time
Aging Time

Forward Delay 15 sec

24577 (priority 24576 sys-id-ext 1)


0014.f2d2.4180
2 sec Max Age 20 sec Forward Delay 15 sec
300 sec

Interface
Role Sts Cost
Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------Fa0/1
Desg BLK 19
128.3
P2p
SW1#show spanning-tree
VLAN0001
Spanning tree enabled protocol rstp
Root ID
Priority
24577
Address
0014.f2d2.4180
This bridge is the root
Hello Time
2 sec Max Age 20 sec
Bridge ID

Priority
Address
Hello Time
Aging Time

Forward Delay 15 sec

24577 (priority 24576 sys-id-ext 1)


0014.f2d2.4180
2 sec Max Age 20 sec Forward Delay 15 sec
300 sec

Interface
Role Sts Cost
Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------Fa0/1
Desg LRN 19
128.3
P2p
SW1#show spanning-tree
VLAN0001
Spanning tree enabled protocol rstp
Root ID
Priority
24577
Address
0014.f2d2.4180
This bridge is the root
Hello Time
2 sec Max Age 20 sec

Forward Delay 15 sec

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-switchport-spanning-tree-portfast/[4/12/2015 6:58:32 PM]

Configuring Switchport Spanning Tree Portfast | Free CCNA Workbook

Bridge ID

Priority
Address
Hello Time
Aging Time

24577 (priority 24576 sys-id-ext 1)


0014.f2d2.4180
2 sec Max Age 20 sec Forward Delay 15 sec
300 sec

Interface
Role Sts Cost
Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------Fa0/1
Desg FWD 19
128.3
P2p
SW1#
As youll notice in the observation of spanning-tree the port is first blocking all traffic, then learning which still blocks traffic but learns
MAC addresses from frames and processes BPDUs from connected devices to determine potential switching loops then finally the
port is placed into FWD (forwarding) if no layer two loop is detected by spanning tree.

Step 2. Shutdown R1s FastEthernet0/0 interface then configure PortFast on SW1s FastEthernet0/1. Afterward; ee-enable the
Fa0/0 interface on R1 and ensure that Fa0/1 on SW1 is immediately transitioned to forwarding status by viewing the spanning-tree
output on SW1.
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#interface fa0/0
R1(config-if)#shutdown
R1(config-if)#

End with CNTL/Z.

As shown below is the PortFast configuration on SW1 Fa0/1;


SW1 con0 is now available

Press RETURN to get started.

SW1>enable
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface fa0/1
SW1(config-if)#spanning-tree portfast
%Warning: portfast should only be enabled on ports connected to a single
host. Connecting hubs, concentrators, switches, bridges, etc... to this
interface when portfast is enabled, can cause temporary bridging loops.
Use with CAUTION
%Portfast has been configured on FastEthernet0/1 but will only
have effect when the interface is in a non-trunking mode.
SW1(config-if)#end
SW1#
And now to re-enable FastEthernet0/0 on R1;
R1(config-if)#no shut
R1(config-if)#
%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
R1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed
state to up
R1(config-if)#
Now if you quickly view spanning-tree on SW1 you should notice that Fa0/1 is placed into FWD immediately;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-switchport-spanning-tree-portfast/[4/12/2015 6:58:32 PM]

Configuring Switchport Spanning Tree Portfast | Free CCNA Workbook

SW1#show span
VLAN0001
Spanning tree enabled protocol rstp
Root ID
Priority
24577
Address
0014.f2d2.4180
This bridge is the root
Hello Time
2 sec Max Age 20 sec
Bridge ID

Priority
Address
Hello Time
Aging Time

Forward Delay 15 sec

24577 (priority 24576 sys-id-ext 1)


0014.f2d2.4180
2 sec Max Age 20 sec Forward Delay 15 sec
300 sec

Interface
Role Sts Cost
Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------Fa0/1
Desg FWD 19
128.3
P2p Edge
SW1#
Step 3. Enable PortFast on all interfaces of the switch by default and do not use the spanning-tree portfast command in interface
configuration mode. Verify your configuration.
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#spanning-tree portfast default
%Warning: this command enables portfast by default on all interfaces. You
should now disable portfast explicitly on switched ports leading to hubs,
switches and bridges as they may create temporary bridging loops.
SW1(config)#end
SW1#
And to verify that PortFast is enabled by default use the show spanning-tree summary command as shown below;
SW1#show spanning-tree summary
Switch is in rapid-pvst mode
Root bridge for: VLAN0001
Extended system ID
is
Portfast Default
is
PortFast BPDU Guard Default is
Portfast BPDU Filter Default is
Loopguard Default
is
EtherChannel misconfig guard is
UplinkFast
is
BackboneFast
is
Configured Pathcost method used

enabled
enabled
disabled
disabled
disabled
enabled
disabled
disabled
is short

Name
Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ---------VLAN0001
0
0
0
1
1
---------------------- -------- --------- -------- ---------- ---------1 vlan
0
0
0
1
1
SW1#

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-switchport-spanning-tree-portfast/[4/12/2015 6:58:32 PM]

Next Lab

Configuring Switchport Spanning Tree Portfast | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-switchport-spanning-tree-portfast/[4/12/2015 6:58:32 PM]

Configuring Switchport Spanning Tree BPDU Guard | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring BPDU Guard

There is always the need to prevent employees from plugging random switches into the network. This lab will discuss
and demonstrate the configuration and verification of Spanning Tree BPDU Guard.

Real World Application & Core Knowledge


So what happens when an end user on your network gets the smart idea of plugging a mini switch into multiple wall jacks that are
connected to two different switches? A simple answer would be a fancy light show in the wiring closet but the technical answer would
be a layer two switching loop which would near instantaneously result in a broadcast storm bringing the network speed to a
screeching halt.
As a network engineer it is common in many work places to enforce a policy to prevent end users from plugging their own mini switch
or even a larger 24 port switch into the network just to have more ports in their office which only has a single jack or two to begin
with.
BPDU Guard is a basic feature that will automatically shut down a port when BPDUs are received on that particular port. It is
common to configure PortFast and BPDU Guard on host access ports.
BPDU Guard works also when you loop a switch using a hub as the switch will notice its own BPDUs and shutdown its own port if it
has BPDU Guard enabled on it.
When BPDU Guard shuts down a port due to BPDUs being received on the port, the port will be placed into a shutdown state known
as ERR-Disabled. To reset this, navigate to the interface and bounce the interface (shutdown the interface then bring it back up).
You can also configure BPDU Guard as a default setting for spanning-tree on all ports similar to portfast default configuration as
discussed and demonstrated in the previous lab.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-switchport-spanning-tree-bpdu-guard/[4/12/2015 6:58:49 PM]

Configuring Switchport Spanning Tree BPDU Guard | Free CCNA Workbook

Note that the NM-16ESW only supports platform wide bpduguard configuration via the spanning-tree portfast bpduguard command. It
does not support spanning-tree bpduguard default feature or interface based bpduguard configuration. With that being said you will
not be able to complete this lab using GNS3.
In this lab youll familiarize yourself with the following commands;

Command

Description

spanning-tree bpduguard
enable

This command is executed in interface configuration mode and enables BPDU Guard on that
specific interface.

spanning-tree bpduguard
disable

This command is executed in interface configuration mode and is used disable BPDU Guard
which can be enabled by default by using the command above.

show interface
interfacename#/#

This command is executed in user, privileged or configuration mode with the use of do to view
the current interface status.

show interface status

This command is executed in user, privileged or configuration mode with the use of do to view
the current interface status of all ports on the switch.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; SW1 and SW2.
Establish a console session with devices SW1 and SW2 than configure the devices respected hostname(s).
Configure interface Fa0/10 on SW1 and SW2 as an access port for VLAN 10.

Lab Objectives
On SW1 and SW2 verify that interface Fa0/10 is up/up.
Configure BPDU Guard on SW1 interface Fa0/10 then verify the port status again on SW1.
Remove the interface BPDU Guard configuration from SW1 interface Fa0/10 and configure system default portfast and
bpduguard, verify the configuration.

The instructional section of this lab is demonstrated using two Cisco Catalyst 3560 Series switches.

Lab Instruction
Step 1. On SW1 and SW2 verify that interface Fa0/10 is up/up.
You can use show ip interface brief FastEthernet 0/10 or show interface fa0/10 to verify the interface status as shown below;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-switchport-spanning-tree-bpdu-guard/[4/12/2015 6:58:49 PM]

Configuring Switchport Spanning Tree BPDU Guard | Free CCNA Workbook

SW1#show ip interface brief FastEthernet 0/10


Interface
IP-Address
OK? Method Status
FastEthernet0/10
unassigned
YES unset up
SW1#

Protocol
up

SW2 verification shown below using the show interface fa0/10 command;
SW2#show interface fa0/10
FastEthernet0/10 is up, line protocol is up (connected)
Hardware is Fast Ethernet, address is 001c.57d8.900c (bia 001c.57d8.900c)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, media type is 10/100BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:01, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 2000 bits/sec, 4 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
49720 packets input, 3684013 bytes, 0 no buffer
Received 48602 broadcasts (48602 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 48602 multicast, 0 pause input
0 input packets with dribble condition detected
3118 packets output, 381783 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
SW2#

Step 2. Shutdown interface Fa0/10 on SW2 then configure BPDU Guard on SW1 interface Fa0/10; afterward, enable interface
Fa0/10 on SW2 then verify the port status again on SW1.
SW2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#interface fa0/10
SW2(config-if)#shutdown
%LINK-5-CHANGED: Interface FastEthernet0/10, changed state to
administratively down
SW2(config-if)#
SW1 BPDU Guard interface configuration shown below;
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface fa0/10
SW1(config-if)#spanning-tree bpduguard enable
SW1(config-if)#end
SW1#
Now enable Interface Fa0/10 on SW2
SW2(config-if)#no shutdown
SW2(config-if)#
%LINK-3-UPDOWN: Interface FastEthernet0/10, changed state to down
SW2(config-if)#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-switchport-spanning-tree-bpdu-guard/[4/12/2015 6:58:49 PM]

Configuring Switchport Spanning Tree BPDU Guard | Free CCNA Workbook

If you jump over to SW1 now youll see the following SYSLog message due to the fact SW2 is sending SW1 a BPDU on Fa0/10;
SW1#
%SPANTREE-2-BLOCK_BPDUGUARD: Received BPDU on port Fa0/10 with BPDU Guard
enabled. Disabling port.
SW1#
%PM-4-ERR_DISABLE: bpduguard error detected on Fa0/10, putting Fa0/10 in
err-disable state
SW1#
Now verify the interface status on SW1 as shown below;
SW1#show interfaces fa0/10
FastEthernet0/10 is down, line protocol is down (err-disabled)
Hardware is Fast Ethernet, address is 0014.f2d2.418c (bia 0014.f2d2.418c)
MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Auto-duplex, Auto-speed, media type is 10/100BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:02:43, output 00:08:44, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
3303 packets input, 403853 bytes, 0 no buffer
Received 2097 broadcasts (2097 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 2097 multicast, 0 pause input
0 input packets with dribble condition detected
55416 packets output, 4095765 bytes, 0 underruns
0 output errors, 0 collisions, 3 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
SW1#
As you can see Fa0/10 is now in ERR-Disabled state due to BPDU Guard shutting down the port automatically once it received a
BPDU from SW2.
Step 3. Remove the interface BPDU Guard configuration from SW1 interface Fa0/10 and configure system default portfast and
bpduguard, verify the configuration.
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface fa0/10
SW1(config-if)#no spanning-tree bpduguard enable
SW1(config-if)#exit
SW1(config)#spanning-tree portfast bpduguard default
SW1(config)#end
SW1#
%SYS-5-CONFIG_I: Configured from console by console
SW1#
To verify this configuration you can use the show spanning-tree summary command in privileged mode or a configuration mode by
using the do command prefix as shown below;
SW1(config)#do show spanning-tree summary
Switch is in rapid-pvst mode
Root bridge for: none
Extended system ID
is enabled
Portfast Default
is enabled

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-switchport-spanning-tree-bpdu-guard/[4/12/2015 6:58:49 PM]

Configuring Switchport Spanning Tree BPDU Guard | Free CCNA Workbook

PortFast BPDU Guard Default is


Portfast BPDU Filter Default is
Loopguard Default
is
EtherChannel misconfig guard is
UplinkFast
is
BackboneFast
is
Configured Pathcost method used

enabled
disabled
disabled
enabled
disabled
disabled
is short

Name
Blocking Listening Learning Forwarding STP Active
---------------------- -------- --------- -------- ---------- ---------Total
0
0
0
0
0
SW1(config)#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-switchport-spanning-tree-bpdu-guard/[4/12/2015 6:58:49 PM]

Configuring Switchport Spanning Tree BPDU Guard | Free CCNA Workbook


Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.
Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-switchport-spanning-tree-bpdu-guard/[4/12/2015 6:58:49 PM]

Configuring STP Interface Specific Attributes | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Interface STP Attributes

There are multiple STP attributes that can be used to fine tune spanning tree such as link type, cost, priority and
bpdufilter. This lab will discuss and demonstrate the configuration and verification of STP Link type, cost, priority and
BPDU Filter.

Real World Application & Core Knowledge


Now that you are familiar with the basic operation of PVST, Rapid-PVST and MST its time to take another step down the sidewalk of
complex avenue. There are several interface configuration commands specific to spanning tree on the Cisco Catalyst Series
switches. This lab will discuss and demonstrate the following features; STP bpdufilter, STP interface cost, STP interface link-type
and STP interface port-priority.
Lets first started with Spanning-Tree BPDUFilter. This feature is quite useful in some scenarios where you do not want send or
process received BPDUs out a particular port on a Cisco switch. The use of this command can however be very dangerous as a
wrongful configuration can result in a layer two switching loop until spanning-tree re-converges based on the new information.
An example scenario for using BPDUFilter could be that your corporate policy mandates that host ports on the network should never
receive BPDUs from the access switches. To abide by this policy BPDUFilter must be enabled. This prevents the sending and
processing received BPDUs. Take not that in a policy requirement like this you want to ensure that no rouge switches are connected
to the network which is done by BPDU Guard as previously discussed in Lab 4-17 Configuring Switchport BPDU Guard.
The spanning-tree cost interface configuration will statically set the cost of the interface so that it modifies the spanning-tree root port
election process. On a switch with multiple equal cost links to the root bridge, setting the cost statically on a switchport can be the tie
breaker to determine which port becomes the root port.
The spanning-tree link-type interface configuration statically configures the link-type on a per interface basis. The Rapid in Rapid
Spanning Tree Protocol makes this concept quite simplistic. By default the link type is derived from a ports duplex. Full duplex is

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-stp-interface-specific-attributes/[4/12/2015 6:59:11 PM]

Configuring STP Interface Specific Attributes | Free CCNA Workbook

considered a point to point link whereas half duplex is considered a shared medium. So why is Rapid, rapid on rapid-spanningtree? The old 802.1d standard took up to 45 seconds to set the port in forwarding mode, whereas 802.1s now transitions the port to
designated (forwarding) very quickly. If a link-type is set to p2p then the RSTP does its think and quickly transitions the port into
forwarding however if the link-type is half-duplex or configured as shared in interface configuration mode by using the spanningtree link-type shared then the switch does not transition the port quickly. It goes through the entire process of determining rather or
not a port poses a potential layer two network loop.
Configuring spanning-tree port-priority in interface configuration mode statically configures the port-priority used as a tie breaker for
switches with multiple redundant links to a particular network segment where the root bridge can be reached.. So the question is, is if
you have multiple links to a root bridge from a single switch and each link has the exact same cost, how does the switch know which
link to use as the root port? The tie breaker is done by port-priority. If you do a show spanning-tree vlan # youll notice that Prio.Nbr
is between cost and type. The priority is by default set to 128 on all Catalyst series switches and the Nbr is the port number. For
example SW1 and SW2 are connected via Fa0/10, Fa0/11 and Fa0/12. All ports have the same cost so the port-priority will
determine which port becomes the root, which in this case Port Fa0/10 will be the root port, Fa0/11 and Fa0/12 will be alternate ports
(blocking).
Now that you have a basic understanding of some of the STP interface specific configurations you need to familiarize yourself with
the following commands below;

Command

Description

spanning-tree bpdufilter

This command is executed in interface configuration mode and enables BPDUFilter which
disables sending and processing received BPDU frames on the interface.

spanning-tree cost #

This command is executed in interface configuration mode and statically sets the interface cost
used for manipulating the root path in a given spanning-tree topology.

spanning-tree link-type p2p |


shared

This command is executed in interface configuration mode and statically sets the interface link
type. This command manipulates the the ports rapid transition processing.

spanning-tree port-priority

This command is executed in interface configuration mode and statically sets the interface portpriority in spanning-tree to manipulate the election of the root port when multiple equal cost links
in a given network segment exist.

show spanning-tree vlan #

This command is executed in privileged mode to view the current spanning-tree properties on a
per vlan basis. Used to view root port, alternate port(s), cost, port-priority and port-type.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; SW1, SW2 and SW3.
Establish a console session with devices SW1, SW2 and SW3 than configure the devices respected hostname(s).
Configure all switches to run Rapid-PVST.
Configure interfaces Fa0/10 and Fa0/11 on both SW1 and SW2 to trunk.
Configure interfaces Fa0/13 and Fa0/14 on SW1 to trunk then configure interfaces Fa0/10 and Fa0/11 on SW3 to trunk.
Configure interfaces Fa0/13 and Fa0/14 on both SW2 and SW3 to trunk.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-stp-interface-specific-attributes/[4/12/2015 6:59:11 PM]

Configuring STP Interface Specific Attributes | Free CCNA Workbook

For this lab youll only need to use VLAN 1, so remove all other VLANs and configure SW1 as the root bridge for VLAN 1.

Lab Objectives
Configure BPDUFilter on SW2 interface Fa0/10 then verify it by using BPDU Guard on SW1 Fa0/10. Once completed remove
the BPDUFilter and BPDUGuard before proceeding.
Configure SW3 to use Fa0/14 as the root port in the spanning-tree by using manipulating the interface cost; use a cost lower
then the default FastEthernet interface cost. Afterward, configure SW2 to use interface Fa0/11 as the root port to SW1. Verify
your configuration; once verified remove the interface costs before proceeding.
SW3 Interface Fa0/10 is connected to a 10/100Mbps hub then the hub is connected to SW1. Configure the link type
accordingly and verify your configuration.
Assuming SW2s interface Fa0/10 and Fa0/11 are configured with their defaults for spanning tree, the root port will become
Fa0/10. Influence spanning-tree to use interface Fa0/11 and do not use the cost command.

Due to the limited feature support of the NM-16ESW, this lab CANNOT fully be completed using the Free CCNA Workbook
GNS3 topology. However, this lab can be fully completed using the Stub Lab.

Lab Instruction
Step 1. Configure BPDUFilter on SW2 interface Fa0/10 then verify it by using BPDU Guard on SW1 Fa0/10. Once completed
remove the BPDUFilter and BPDUGuard before proceeding.
To configure bpdufilter youll use the spanning-tree bpdufilter enable command in interface configuration mode as shown below;
SW2 con0 is now available

Press RETURN to get started.

SW2>enable
SW2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW2(config)#interface fa0/10
SW2(config-if)#spanning-tree bpdufilter enable

To verify that BPDUFilter is operating properly you can enable BPDUGuard on SW1 interface Fa0/10 then bounce the interface. As
previously stated in the lab BPDUFilter prevents transmitting and processing received BPDUs on a particular port. Since no BPDUs
will be sent out SW2 interface Fa0/10 then SW1 Fa0/10 will not shut down as BPDUs wont be detected as shown below;
SW1 con0 is now available

Press RETURN to get started.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-stp-interface-specific-attributes/[4/12/2015 6:59:11 PM]

Configuring STP Interface Specific Attributes | Free CCNA Workbook

SW1>enable
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface fa0/10
SW1(config-if)#spanning-tree bpduguard enable
SW1(config-if)#shutdown
SW1(config-if)#
%LINK-5-CHANGED: Interface FastEthernet0/10, changed state to
administratively down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/10, changed
state to down
SW1(config-if)#no shut
SW1(config-if)#
%LINK-3-UPDOWN: Interface FastEthernet0/10, changed state to up
SW1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/10, changed
state to up
SW1(config-if)#exit
SW1(config)#exit

As shown above you can see that the interface Fa0/10 did not go into err-disabled state as no BPDUs were received since Fa0/10
on SW2 is configured to filter BPDUs (Not send them).
But however if you check over on SW3, youll notice that all interfaces have been shutdown into Err-Disabled state as SW3 has
detected a loop in the network. Ethernet by default sends a loopback keepalive out each interface every ten seconds. If this
keepalive is received back on the same interface the the interface goes into Err-Disabled mode as a physical topology loop has been
detected.

This occurs due to spanning-tree not blocking that interface and forwarding all traffic out the interface. Since this happens frames
loop back around in the network and SW3 detects it.
Youll need to remove BPDUGuard off SW1 Fa0/10 and BPDUFilter off SW2 Fa0/10, then bounce interfaces fa0/10, fa0/11, fa0/13
and fa0/14 on SW3 as shown below before proceeding as they are in Err-Disabled state;
SW1(config)#interface fa0/10
SW1(config-if)#no span bpduguard enable
SW1(config-if)#end
SW1#

SW2(config)#interface fa0/10
SW2(config-if)#no span bpdufilter
SW2config-if)#end
SW2#

SW3 con0 is now available

Press RETURN to get started.

SW3>enable
SW3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW3(config)#interface range fa0/10 , fa0/11 , fa0/13, fa0/14
SW3(config-if-range)#shutdown
SW3(config-if-range)#
%LINK-5-CHANGED: Interface FastEthernet0/10, changed state to administratively down
%LINK-5-CHANGED: Interface FastEthernet0/11, changed state to administratively down
%LINK-5-CHANGED: Interface FastEthernet0/13, changed state to administratively down

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-stp-interface-specific-attributes/[4/12/2015 6:59:11 PM]

Configuring STP Interface Specific Attributes | Free CCNA Workbook

%LINK-5-CHANGED: Interface FastEthernet0/14, changed state to administratively down


SW3(config-if-range)#no shutdown
SW3(config-if-range)#
%LINK-3-UPDOWN: Interface FastEthernet0/10, changed state to up
%LINK-3-UPDOWN: Interface FastEthernet0/11, changed state to up
%LINK-3-UPDOWN: Interface FastEthernet0/13, changed state to up
%LINK-3-UPDOWN: Interface FastEthernet0/14, changed state to up
SW3(config-if-range)#end
SW3#
Step 3. SW3 Interface Fa0/10 is connected to a 10/100Mbps hub then the hub is connected to SW1. Configure the link type
accordingly and verify your configuration.
As discussed in the Lab core knowledge section; link-type on Rapid Spanning Tree Protocol determines rather or not the interface is
rapidly transitioned into forwarding state or not. To configure link type on a particular interface use the spanning-tree link-type
command followed by the link type point-to-point or shared as shown below;
SW3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW3(config)#int fa0/10
SW3(config-if)#spanning-tree link-type shared
SW3(config-if)#end
SW3#
%SYS-5-CONFIG_I: Configured from console by console
SW3#
To verify the link-type of a particular interface use the show spanning-tree vlan # command as shown below;
SW3#show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol rstp
Root ID
Priority
24577
Address
0014.f2d2.4180
Cost
19
Port
10 (FastEthernet0/10)
Hello Time
2 sec Max Age 20 sec
Bridge ID

Priority
Address
Hello Time
Aging Time

Interface
------------------Fa0/10
Fa0/11
Fa0/13
Fa0/14

Role
---Root
Altn
Desg
Desg

Forward Delay 15 sec

32769 (priority 32768 sys-id-ext 1)


0014.a964.2e00
2 sec Max Age 20 sec Forward Delay 15 sec
300 sec
Sts
--FWD
BLK
FWD
FWD

Cost
--------19
19
19
19

Prio.Nbr
-------128.10
128.11
128.13
128.14

Type
--------------------------Shr
P2p
P2p
P2p

SW3#

Step 4. Assuming SW2s interface Fa0/10 and Fa0/11 are configured with their defaults for spanning tree, the root port will become
Fa0/10. Influence spanning-tree to use interface Fa0/11 and do not use the cost command.
To complete this objective youll need to change the port priority number as cost cannot be changed. the lowest priority number port
wins the root port election if all costs on the redundant links to the root bridge are equal as shown below;
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface fa0/11
SW1(config-if)#spanning-tree port-priority 64
SW1(config-if)#end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-stp-interface-specific-attributes/[4/12/2015 6:59:11 PM]

Configuring STP Interface Specific Attributes | Free CCNA Workbook

SW1#
%SYS-5-CONFIG_I: Configured from console by console
SW1#
To verify that the priority does manipulate the root port selection on SW2 to Fa0/11 instead of Fa0/10 use the show spanning-tree
vlan # command as shown below;
SW2#show spanning-tree vlan 1
VLAN0001
Spanning tree enabled protocol rstp
Root ID
Priority
24577
Address
0014.f2d2.4180
Cost
19
Port
13 (FastEthernet0/11)
Hello Time
2 sec Max Age 20 sec
Bridge ID

Priority
Address
Hello Time
Aging Time

Interface
------------------Fa0/10
Fa0/11

Role
---Altn
Root

Forward Delay 15 sec

32769 (priority 32768 sys-id-ext 1)


001c.57d8.9000
2 sec Max Age 20 sec Forward Delay 15 sec
300 sec
Sts
--BLK
FWD

Cost
--------19
19

Prio.Nbr
-------128.12
128.13

Type
--------------------------P2p
P2p

SW2#
Keep in mind that the port-priority is propagated from switch to switch via BPDUs. So when you want influence a traffic transit path
you must configure the port-priority on the advertising switch. In this case, SW1 is advertising two traffic paths to the root bridge, but
interface Fa0/11 is now advertising a better port priority and therefore will be selected as the root port on SW2.

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-stp-interface-specific-attributes/[4/12/2015 6:59:11 PM]

Configuring STP Interface Specific Attributes | Free CCNA Workbook

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-stp-interface-specific-attributes/[4/12/2015 6:59:11 PM]

Configuring Dynamic Switchport Security | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Dynamic Switchport Security

Securing the access edge is crucial to ensuring optimal network performance and reliability. This lab will discuss and
demonstrate the configuration and verification of Dynamic Switchport Port Security.

Real World Application & Core Knowledge


Its common knowledge that when a switch reaches the maximum limit for its mac address table it starts flooding traffic out all ports
like a hub. Hackers know this and they will use this to gain access into a network. They know if they can flood the switch with
thousands of fake mac addresses then the switch will become basically a hub and all traffic will be forwarded to their machine, in this
case they could sniff telnet or any other insecure protocol used in the environment to gain further access into the network.
A way to prevent this mac address table poisoning vulnerability is to use a feature called Port Security
Port Security is essentially a layer 2 security mechanism that can limit the number of mac addresses that can be learned on a single
switch port or perhaps be used as a security barrier to prevent anyone from unplugging a network device and plugging in a new
device without authorization.
Ideally, no more then three MAC addresses should be learned at any given time on a Cisco network. Why 3? Most Networks envision
a future where VoIP will be utilized on their network and when using a Cisco VoIP Solution, the Cisco VoIP Phone has a built in mini
switch. When you connect a phone to the network it will advertise three MAC addresses to the switch. one MAC for the built in phone
switch, another MAC for the phone its self and the last mac for the directly connected PC.
There are several configuration requirements to enable port-security correctly such as port security mac address aging which sets a
timeout timer which is used to determine how long a MAC address should stay associated with a particular port. Port security macaddress which can be dynamic or sticky (Discussed in the next lab), the maximum MAC addresses that can be associated with a
particular port and the violation action; rather it protect, restrict or shutdown the port once the max MAC address limit has been
exceeded or a device does not match the configured MAC address on the port security configuration.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-dynamic-switchport-security/[4/12/2015 6:59:39 PM]

Configuring Dynamic Switchport Security | Free CCNA Workbook

There are three different types of violation methods you can use with Port Security, the first being a protected port. A Protected port
security violation will still allow permissible traffic from authorized MAC addresses but all other traffic with unknown MAC addresses
will be dropped. A Restricted port security violation will restrict all traffic and generate an SNMP trap to the SNMP Server for
administrative reference. The last port mode is shutdown, which places the port into Err-Disabled Mode once a port security
violation has occurred.
In this lab you will familiarize yourself with the following commands;

Command

Description

switchport port-security

This command is executed in interface configuration mode and enables


port security on the configured port.

switchport port-security aging

This command is executed in interface configuration mode and sets the


MAC address aging timer, which determines how long a MAC address is
associated to a particular port with port-security enabled.

switchport port-security mac {hhhh.hhhh.hhhh |


sticky}

This command is executed in interface configuration mode and specifies


a static MAC address or a converts the the learn MAC addresses into
static configured MAC addresses.

switchport port-security maximum #

This command is executed in interface configuration mode and specifies


the maximum limit of mac addresses that can be learned on that
switchport before a violation is triggered.

switchport port-security {protected | restricted |


shutdown}

This command is executed in interface configuration mode and specifies


the action to be taken upon a port security violation.

show port-security

This command is executed in privileged mode to view the current status


of all ports on the switch if they are participating in port-security.

show port-security interface interfacename#/#

This command is executed in privileged mode to view the details of portsecurity on a particular port including status, timeout, violation type, max
mac addresses and other configurable options.

show port-security interface interfacename#/#


address

This command is executed in privileged mode to view the ports current


port-security associated mac addresses.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1 and SW1.
Establish a console session with devices R1 than configure the devices respected hostname(s).
Assign the IP Address 10.1.1.1/24 to R1 Fa0/0 and the IP Address 10.1.1.10/24 to SW1s Vlan1 interface than verify IP
connectivity between R1 and SW1.

Lab Objectives
Enable port-security on SW1 interface Fa0/1 and allow a maximum of 3 MAC addresses.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-dynamic-switchport-security/[4/12/2015 6:59:39 PM]

Configuring Dynamic Switchport Security | Free CCNA Workbook

Configure interface Fa0/1 on SW1 to shutdown the port if there is a port-security violation.
Verify your port-security configuration on SW1 by changing the MAC addresses on R1s FastEthernet0/0 interface to
aaaa.aaaa.aaaa then aaaa.aaaa.aaab and finally aaaa.aaaa.aaac to trigger a violation.

Due to the limited feature support of the NM-16ESW, this lab CANNOT be completed using the Free CCNA Workbook GNS3
topology. However, this lab can be completed using the Stub Lab.

Lab Instruction
Step 1. Enable port-security on SW1 interface Fa0/1 and allow a maximum of 3 MAC addresses
To enable port security on a specific port you use the switchport port-security command in interface configuration mode as shown
below;
SW1 con0 is now available

Press RETURN to get started.

SW1>enable
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface fa0/1
SW1(config-if)#switchport port-security
SW1(config-if)#switchport port-security maximum 3
SW1(config-if)#
Step 2. Configure interface Fa0/1 on SW1 to shutdown the port if there is a port-security violation.
To shut down a port once a violation is triggered youll use the switchport port-security violation shutdown command in interface
configuration mode as shown below;
SW1(config-if)#switchport port-security violation shutdown

Step 3. Verify your port-security configuration on SW1 by changing the MAC addresses on R1s FastEthernet0/0 interface to
aaaa.aaaa.aaaa then aaaa.aaaa.aaab and finally aaaa.aaaa.aaac to trigger a violation.
You can first verify your configuration by using the show port-security interface fa0/1 command in privileged mode to view current
port-security configuration on a per-port basis as shown below;
SW1(config-if)#end
SW1#
%SYS-5-CONFIG_I: Configured from console by console
SW1#show port-security interface fa0/1
Port Security
: Enabled
Port Status
: Secure-up
Violation Mode
: Shutdown
Aging Time
: 0 mins
Aging Type
: Absolute

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-dynamic-switchport-security/[4/12/2015 6:59:39 PM]

Configuring Dynamic Switchport Security | Free CCNA Workbook

SecureStatic Address Aging


Maximum MAC Addresses
Total MAC Addresses
Configured MAC Addresses
Sticky MAC Addresses
Last Source Address:Vlan
Security Violation Count

:
:
:
:
:
:
:

Disabled
3
1
0
0
000f.242e.bf80:1
0

SW1#

As you can see from above the port status is currently Secure-Up meaning port security is enabled and the maximum address count
is 3. You can test this port-security configuration by changing the MAC address on R1 3 times, and after the 3rd change, a violation
will occur due to the MAC addresses associated with the switch port exceeding the limit of 3.
You can change the MAC address of a routers interface by using the mac-address xxxx.xxxx.xxxx command in interface
configuration mode as shown below;
R1 con0 is now available

Press RETURN to get started.

R1#enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface fa0/0
R1(config-if)#mac-address aaaa.aaaa.aaaa
R1(config-if)#mac-address aaaa.aaaa.aaab
R1(config-if)#mac-address aaaa.aaaa.aaac
R1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed
state to down
R1(config-if)#
If you were keeping track on SW1 after changing the MAC address each time on R1 then youd see the following changes until the
port was automatically placed into Err-Disabled mode as shown below;
SW1#show port-security interface fa0/1 address
Secure Mac Address Table
-----------------------------------------------------------------------Vlan
Mac Address
Type
Ports
Remaining Age
(mins)
--------------------------------1
000f.242e.bf80
SecureDynamic
Fa0/1
-----------------------------------------------------------------------Total Addresses: 1
SW1#show port-security interface fa0/1 address
Secure Mac Address Table
-----------------------------------------------------------------------Vlan
Mac Address
Type
Ports
Remaining Age
(mins)
--------------------------------1
000f.242e.bf80
SecureDynamic
Fa0/1
1
aaaa.aaaa.aaaa
SecureDynamic
Fa0/1
-----------------------------------------------------------------------Total Addresses: 2
SW1#show port-security interface fa0/1 address
Secure Mac Address Table
-----------------------------------------------------------------------Vlan
Mac Address
Type
Ports
Remaining Age
(mins)
--------------------------------1
000f.242e.bf80
SecureDynamic
Fa0/1
-

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-dynamic-switchport-security/[4/12/2015 6:59:39 PM]

Configuring Dynamic Switchport Security | Free CCNA Workbook

1
aaaa.aaaa.aaaa
SecureDynamic
Fa0/1
1
aaaa.aaaa.aaab
SecureDynamic
Fa0/1
-----------------------------------------------------------------------Total Addresses: 3
SW1#
%PM-4-ERR_DISABLE: psecure-violation error detected on Fa0/1, putting Fa0/1 in err-disable stat
e
SW1#
%PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address aaaa.aaa
a.aaac on port FastEthernet0/1.
SW1#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
SW1#
%LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to down
SW1#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-dynamic-switchport-security/[4/12/2015 6:59:39 PM]

Configuring Dynamic Switchport Security | Free CCNA Workbook

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-dynamic-switchport-security/[4/12/2015 6:59:39 PM]

Configuring Sticky Switchport Security | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Sticky Switchport Security

Static port security is a common configuration for printers, copiers and other devices on the network that never
change. This lab will discuss and demonstrate the configuration and verification of Sticky switchport security.

Real World Application & Core Knowledge


If you completed the previous lab; Configuring Dynamic Switchport Security than youll be pretty much up to speed in this lab.
Dynamic port security is great but what about when you connect switches to routers or other devices that need to be secured in a
way to prevent unauthorized device swapping in the network. For example you have a small site location with a 1841 router and a
3560-8pc switch and an end user gets the bright idea to swap the 1841 with a WRT54G because he wants wireless and wired
network connectivity.
In this case you can sticky the port that the wan router is connected to preventing unauthorized device swaps like such.
There are two ways to configure a sticky port. The first way being that you configure a static MAC address when configuring portsecurity on a specific interface. The next way which is more convenient is to configure a Sticky MAC address and leave the max
MAC addresses to its default value of one. When port-security is configured this way, the first MAC address learned on the switch
port will be automatically statically configured into the running-configuration as if you manually specified the MAC address.
In this lab you will familiarize yourself with the following new commands;

Command

Description

switchport port-security mac-address h.h.h

This command is executed in interface configuration mode and statically sets a


MAC address that allows traffic with the source MAC to traverse the switch.

switchport port-security mac-address

This command is executed in interface configuration mode and configures the port

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-sticky-switchport-security/[4/12/2015 6:59:59 PM]

Configuring Sticky Switchport Security | Free CCNA Workbook

sticky

to dynamically learn the MAC address and automatically configure the MAC
address as a static MAC address associated with the port.

clear port-security all interface


interfacename#/#

This command is executed in privileged mode to erase the current secure macaddress table for a specified switch port.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1 and SW1.
Establish a console session with devices R1 than configure the devices respected hostname(s).
Assign the IP Address 10.1.1.1/24 to R1 Fa0/0 and the IP Address 10.1.1.10/24 to SW1s Vlan1 interface than verify that you
have IP connectivity between R1 and SW1.

Lab Objectives
Enable port-security on SW1s Fa0/1 interface and configure the interface to sticky the MAC address learned. Upon a port
security violation, restrict the port. Verify your configuration.
Change the MAC address on R1s Fa0/0 to aaaa.aaaa.abcd then configure the same MAC address as a static MAC in portsecurity on SW1s Fa0/1 interface. Verify your configuration.

Due to the limited feature support of the NM-16ESW, this lab CANNOT be completed using the Free CCNA Workbook GNS3
topology. However, this lab can be completed using the Stub Lab.

Lab Instruction
Step 1. Enable port-security on SW1s Fa0/1 interface and configure the interface to sticky the MAC address learned. Upon a port
security violation, protect the port. Verify your configuration.
To enable port-security youll execute the switchport port-security command as previously learned in Lab 4-19. To configure the
interface to sticky the MAC address dynamically learn use the switchport port-security mac sticky command in interface configuration
mode as discussed at the beginning of this lab.
SW1 con0 is now available

Press RETURN to get started.

SW1>enable
SW1#configure terminal
Enter configuration commands, one per line.
SW1(config)#interface fa0/1
SW1(config-if)#switchport port-security

End with CNTL/Z.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-sticky-switchport-security/[4/12/2015 6:59:59 PM]

Configuring Sticky Switchport Security | Free CCNA Workbook

SW1(config-if)#switchport port-security mac sticky


SW1(config-if)#switchport port-security violation protect
SW1(config-if)#end
SW1#
%SYS-5-CONFIG_I: Configured from console by console
SW1#
To verify your configuration you can use the following commands shown below;
SW1#show port-security interface fa0/1
Port Security
: Enabled
Port Status
: Secure-up
Violation Mode
: Restrict
Aging Time
: 0 mins
Aging Type
: Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses
: 1
Total MAC Addresses
: 1
Configured MAC Addresses
: 0
Sticky MAC Addresses
: 1
Last Source Address:Vlan
: 000f.242e.bf80:1
Security Violation Count
: 0
SW1#show port-security interface fa0/1 address
Secure Mac Address Table
-----------------------------------------------------------------------Vlan
Mac Address
Type
Ports
Remaining Age
(mins)
--------------------------------1
000f.242e.bf80
SecureSticky
Fa0/1
-----------------------------------------------------------------------Total Addresses: 1
SW1#show run int fa0/1
Building configuration...
Current configuration : 245 bytes
!
interface FastEthernet0/1
switchport mode access
switchport port-security
switchport port-security violation restrict
switchport port-security mac-address sticky
switchport port-security mac-address sticky 000f.242e.bf80 vlan access
end
SW1#

Step 2. Change the MAC address on R1s Fa0/0 to aaaa.aaaa.abcd then configure the same MAC address as a static MAC in portsecurity on SW1s Fa0/1 interface. Verify your configuration.
Keep in mind as soon as you change the MAC address on R1s Fa0/0 interface, R1 will no longer be able to communicate to any
resources on the network as the MAC address is not in the secure mac-address table on SW1 Fa0/1, thus any received frames will
be dropped.
R1 con0 is now available

Press RETURN to get started.

R1#enable
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#interface fa0/0
R1(config-if)#mac-address aaaa.aaaa.aaab
R1(config-if)#end

End with CNTL/Z.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-sticky-switchport-security/[4/12/2015 6:59:59 PM]

Configuring Sticky Switchport Security | Free CCNA Workbook

R1#
To resolve communication issue between R1 and SW1 due to the port-security violation after the MAC address on R1 has changed
youll need to shutdown Fa0/1 and clear the secure mac-address table on that interface using the clear port-security all interface
Fa0/1 command in privileged mode or configuration mode with the do command prefix. Afterward configure the new static MAC
address using the switchport port-security mac aaaa.aaaa.aaab command.
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface fa0/1
SW1(config-if)#shutdown
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state
to administratively down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed
state to down
SW1(config-if)#do clear port-security all interface fa0/1
SW1(config-if)#switchport port-security mac-address aaaa.aaaa.aaab
SW1(config-if)#no shut
SW1(config-if)#end
SW1#
%LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed
state to up
SW1#
%SYS-5-CONFIG_I: Configured from console by console
SW1#
To verify that connectivity has been restored between R1 and SW1, ping SW1s Vlan1 interface from R1;
R1#ping 10.1.1.10
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.10, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 1/1/4 ms
R1#

Previous Lab

Like

Tweet

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-sticky-switchport-security/[4/12/2015 6:59:59 PM]

Next Lab

Configuring Sticky Switchport Security | Free CCNA Workbook

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-sticky-switchport-security/[4/12/2015 6:59:59 PM]

Configuring a Switched Port Analyzer Session | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Port Mirroring (SPAN Session)

Mirroring a specific port to another port on a switch for the purposes of packet analysis is a fairly common
troubleshooting technique. This lab will discuss and demonstrate the configuration and verification of a SPAN
Session, also known as Port Mirroring.

Real World Application & Core Knowledge


Have you ever wanted to replicate traffic switch port to another switchport so you can view the traffic with Wireshark? Well there is a
way to achieve that; its called Switch Port Analyzer Session, commonly referred to as a SPAN. The industry knows this type of
technology as Port Mirroring which is port traffic replication from one interface to another for analysis.
SPANs prove to be extremely beneficial in a production environment when troubleshooting issues with Ethernet links between a
switch and another device such as a router, firewall, server or host.
They may sound complex at first but they are very easy to configure, typically involve two lines of configuration and your all set.
Cisco Catalyst Series switches typically have a limit on the number of SPAN sessions they support. The NM-16ESW which is used in
GNS3 only supports two SPAN sessions.
Note that youll be able to configure a SPAN session in GNS3 using a Cisco Router with the NM-16ESW installed however you will
not be able to verify the SPAN session is actually working using Wireshark as you cannot link an NIO connection to a NM-16ESW
switchport within GNS3.
In this lab youll familiarize yourself with the following commands;

Command

Description

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-switched-port-analyzer-session/[4/12/2015 7:00:21 PM]

Configuring a Switched Port Analyzer Session | Free CCNA Workbook

monitor session 1 source interface


interfacename#/#

This command is executed in global configuration and creates a new SPAN


session # and specifies the source interface(s) which are the interfaces
which traffic is to be replicated to the specified destination.

monitor session 1 destination interface


interfacename#/#

This command is executed in global configuration and creates a SPAN


session # and specifies the destination interface that all traffic is replicated
to.

show monitor session #

This command is executed in privileged mode which displays the current


configuration for the specified span number.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and SW1.
Establish a console session with devices R1, R2 and SW1 than configure the devices respected hostname(s).
Configure the IP Address 10.1.1.1/24 on R1s Fa0/0 interface than configure SW1s Vlan1 interface with the IP Address
10.1.1.10/24 than verify IP connectivity between R1 and SW1s VLAN 1 interface before continuing.

Lab Objectives
Configure a new SPAN session on SW1 using the first available SPAN session number. Configure the source interface of the
SPAN as SW1s Fa1/1 interface and the SPANs destination interface of Fa1/2.
OPTIONAL: Verify that the span is functioning properly by using WireShark to sniff traffic that on the spans destination
interface. If you choose to verify this configuration youll need real hardware and set the span destination to a port that youre
PC is plugged into.

Lab Instruction
Step 1. Configure a new SPAN session on SW1 using the first available SPAN session number. Configure the source interface of
the SPAN as SW1s Fa1/1 interface and the SPANs destination interface of Fa1/2.

To create a new span session youll use the monitor command in global configuration as shown below;
SW1 con0 is now available

Press RETURN to get started.

SW1>enable
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#monitor session 1 source interface fa1/1
SW1(config)#monitor session 1 destination interface fa1/2
SW1(config)#end
SW1#show monitor session 1
Session 1

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-switched-port-analyzer-session/[4/12/2015 7:00:21 PM]

Configuring a Switched Port Analyzer Session | Free CCNA Workbook

--------Source Ports:
RX Only:
TX Only:
Both:
Source VLANs:
RX Only:
TX Only:
Both:
Destination Ports:
Filter VLANs:

None
None
Fa1/1
None
None
None
Fa1/2
None

SW1#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-switched-port-analyzer-session/[4/12/2015 7:00:21 PM]

Configuring a Switched Port Analyzer Session | Free CCNA Workbook

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-switched-port-analyzer-session/[4/12/2015 7:00:21 PM]

Configuring Point-to-Point T1 Links using PPP or HDLC | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

T1 PPP and HDLC Configuration

Using T1 Point to Point links between a branch office and a headquarter site is a common architectural deployment.
This lab will discuss and demonstrate the configuration of this WAN links using the PPP and HDLC Layer 2 Protocols.

Real World Application & Core Knowledge


As a network engineer you will encounter T1 links very often as T1s are the de facto standard of nearly all small branch offices. T1s
operate at 1.544Mbps (1544Kbps) and now days commonly drop into a facilities point of presence (pop) or commonly (BPOP) as the
POP is most commonly in the basement.
T1s can also be fractional T1s where the bandwidth is limited to 512Kbps, 768Kbps, or even 1Mbps. Commonly with fractional T1s
youll have the ability to burst which gives the router the ability to send more then its committed information rate (CIR) at specific
times of the clocking rate. However, those concepts are beyond the scope of the CCNA blueprint.
Most Newer T1s installations are copper twisted pair T1 which connects to a WIC-1DSU-T1, WIC-1DSU-T1-V2 or other integrated
CSU/DSU T1 controllers. However you may encounter older T1 installations where the CSU/DSU is external and youll see a v.35
cable ran to a WIC-1T or WIC-2T.
WIC-1Ts are the most common lab serial interfaces and when configuring such interfaces youll be required to set the clock rate on
the DCE (Data Communications Equipment) which is done by the ISP whereas the DTE (Data Termination Equipment) is done at
the consumer end.
In this lab youll familiarize yourself with the following commands;

Command

Description

show controller serial #/#

Shows controller information about the specified serial interface including the clock rate

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-t1-links-using-ppp-or-hdlc/[4/12/2015 7:07:24 PM]

Configuring Point-to-Point T1 Links using PPP or HDLC | Free CCNA Workbook

and cable termination type (DTE or DCE)


clock rate #

This command is executed in serial interface configuration mode to set the clock rate of a
DCE termination point of a serial link.

encapsulation [ HDLC | PPP ]

This command when executed in Serial interface configuration mode configures the
interface encapsulation to Cisco HDLC (High-Level Data Link Control protocol) or the
Industry Standard PPP (Point to Point Protocol)

show interface serial #/#

This command when executed in privileged mode will display Serial interface information
such as encapsulaton, MTU, up time, current utilization and more.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1 and R2.
Establish a console session with devices R1 and R2 than configure the devices respected hostname(s).
Configure R1s Serial0/1 interface with the IP address 172.18.21.1/30 and R2s Serial0/1 interface with the IP address
172.18.21.2/30

Lab Objectives
Configure both R1 and R2s Serial0/1 interface to encapsulate traffic using the HDLC encapsulation.Verify your configuration
by using a show command to display the interface encapsulation and by pinging R2 from R1.
Configure both R1 and R2s Serial0/1 interface to encapsulate traffic using the PPP encapsulation. Verify your configuration by
using a show command to display the interface encapsulation and by pinging R2 from R1.

Lab Instruction
Objective 1. Configure both R1 and R2s Serial0/1 interface to encapsulate traffic using the HDLC encapsulation. Verify your
configuration by using a show command to display the interface encapsulation and by pinging R2 from R1.
The configuration part of this objective is a trick question however the commands shown below will demonstrate how to configure
HDLC. Keep in mind that HDLC is the default serial interface encapsulation on Cisco routers. You can verify the serial interface
encapsulation by using the show interface serial #/# command in privileged mode.
R1 con0 is now available

Press RETURN to get started.

R1>enable
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#interface Serial0/1
R1(config-if)#encapsulation hdlc

End with CNTL/Z.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-t1-links-using-ppp-or-hdlc/[4/12/2015 7:07:24 PM]

Configuring Point-to-Point T1 Links using PPP or HDLC | Free CCNA Workbook

R1(config-if)#no shutdown
R1(config-if)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#
%LINK-3-UPDOWN: Interface Serial0/1, changed state to up
R1#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1,
changed state to up
R1#

R2 con0 is now available

Press RETURN to get started.

R2>enable
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface Serial0/1
R2(config-if)#encapsulation hdlc
R2(config-if)#no shutdown
R2(config-if)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#
%LINK-3-UPDOWN: Interface Serial0/1, changed state to up
R2#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1,
changed state to up
R2#
Interface Encapsulation verification shown below;
R1#show interface Serial0/1
Serial0/1 is up, line protocol is down
Hardware is M4T
MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, crc 16, loopback not set
Keepalive set (10 sec)
Restart-Delay is 0 secs
Last input never, output 00:00:07, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
38 packets output, 2332 bytes, 0 underruns
0 output errors, 0 collisions, 4 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
5 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
R1#
Ping verification from R1 to R2 shown below;
R1#ping 172.18.21.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.18.21.2, timeout is 2 seconds:
!!!!!

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-t1-links-using-ppp-or-hdlc/[4/12/2015 7:07:24 PM]

Configuring Point-to-Point T1 Links using PPP or HDLC | Free CCNA Workbook

Success rate is 100 percent (5/5), round-trip min/avg/max = 24/42/88 ms


R1#
Objective 2. Configure both R1 and R2s Serial0/1 interface to encapsulate traffic using the PPP encapsulation. Verify your
configuration by using a show command to display the interface encapsulation and by pinging R2 from R1.
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface Serial0/1
R1(config-if)#encapsulation ppp
R1(config-if)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed
state to down
R1#

R2#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed
state to down
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface Serial0/1
R2(config-if)#encapsulation ppp
R2(config-if)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed
state to up
R2#
Youll notice when changing the encapsulation from HDLC to PPP on R1 that the line protocol will go down, this is due to an
encapsulation mis-match. Once R2s Serial0/1 interface is configured with the matching encapsulation the line protocol will go back
up.
Encapsulation and ping verification shown below;
R1#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed
state to up
R1#
R1#show interface Serial0/1
Serial0/1 is up, line protocol is up
Hardware is M4T
Internet address is 172.18.21.1/30
MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Open: IPCP, CDPCP, crc 16, loopback not set
Keepalive set (10 sec)
Restart-Delay is 0 secs
Last input 00:00:40, output 00:00:07, output hang never
Last clearing of "show interface" counters 00:04:34
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
54 packets input, 2146 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
69 packets output, 2553 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-t1-links-using-ppp-or-hdlc/[4/12/2015 7:07:24 PM]

Configuring Point-to-Point T1 Links using PPP or HDLC | Free CCNA Workbook

12 unknown protocol drops


0 output buffer failures, 0 output buffers swapped out
2 carrier transitions
DCD=up DSR=up DTR=up RTS=up

CTS=up

R1#ping 172.18.21.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.18.21.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/49/88 ms
R1#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-t1-links-using-ppp-or-hdlc/[4/12/2015 7:07:24 PM]

Configuring Point-to-Point T1 Links using PPP or HDLC | Free CCNA Workbook


Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.
Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-t1-links-using-ppp-or-hdlc/[4/12/2015 7:07:24 PM]

Configuring Point-to-Point Frame Relay Links | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Point-to-Point Frame Relay Links

Frame Relay is a legacy technology however its still fairly common in developing nations due to its simplicity and
price. This lab will discuss and demonstrate how to configure a Point to Point Frame-Relay Circuit.

Real World Application & Core Knowledge


Frame Relay is a dying breed however you will encounter it quite often as many companies are migrating away from this technology.
As a CCNA youll be required to understand how to configure and manage frame relay links.
Frame Relay is a layer 2 switching technology which switches frames through an ISP. The interface at which the both customer edge
devices are connected to are assigned a DLCI (Data Link Connection Identifier) which operates in a fashion similar to a telephone
extension. You pick up a phone and you dial extension 1234 from 1235 and the connection is made and you have two way
communication.
Frame Relay will assign each frame exiting the egress interface of a customer edge router a DLCI which identifies which path the
frame is to travel once it reaches the provider edge router. So for example DLCI 122 could will go between R1 to R2 which could be
located in NYC and San Francisco as DLCI 123 goes between Routers R1 and R3, which R3 could be located in Miami.
Point to Point Frame Relay links can be configured in one of two ways. First being that you use the physical interface by assigning a
single frame relay interface DLCI so in this case any traffic exiting that interface is encapsulated with the Frame Relay interface DLCI
number
The second way of configuring a point to point frame relay interface is by creating a Point-to-Point Sub-interface as discussed
demonstrated in the next lab.
In this lab youll familiarize yourself with the following commands;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-frame-relay-links/[4/12/2015 7:07:43 PM]

Configuring Point-to-Point Frame Relay Links | Free CCNA Workbook

Command

Description

encapsulation frame-relay

This command is executed in serial interface configuration mode to set the encapsulation
to Frame Relay.

frame-relay interface-dlci #

This command is executed in Serial interface configuration mode to configure the pointto-point frame-relay interface DLCI assigned to the interface.

show frame-relay pvc #

This command when executed in privileged mode will display all DLCIs learned by the
router from the frame relay switch as well as the PVC status and frame statistics.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1 and R2.
Establish a console session with devices R1 and R2 than configure the devices respected hostname(s).
Configure R1s Serial0/0 interface with the IP address 10.10.21.1/30 and R2s Serial0/0 interface with the IP address
10.10.21.2/30

Lab Objectives
Configure R1 Serial0/0 interface to encapsulate traffic using Frame Relay encapsulation and use the interface DLCI of 122;
verify your configuration using viewing the interface and pvc properties for DLCI 122.
Configure R2 Serial0/0 interface to encapsulate traffic using Frame Relay encapsulation and use the interface DLCI of 221;
verify your configuration using viewing the pvc properties for DLCI 122 and pinging R1s Serial0/0 interface from R2.

Lab Instruction
Objective 1. Configure R1 Serial0/0 interface to encapsulate traffic using Frame Relay encapsulation and use the interface DLCI of
122; verify your configuration using viewing the interface and pvc properties for DLCI 122.
R1 con0 is now available

Press RETURN to get started.

R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface Serial0/0
R1(config-if)#no shutdown
R1(config-if)#
%LINK-3-UPDOWN: Interface Serial0/0, changed state to up
R1(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed
state to up
R1(config-if)#encapsulation frame-relay
R1(config-if)#frame-relay interface-dlci 122
R1(config-fr-dlci)#end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-frame-relay-links/[4/12/2015 7:07:43 PM]

Configuring Point-to-Point Frame Relay Links | Free CCNA Workbook

R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#
Verification for show interface Serial0/0 and show frame-relay pvc shown below;
R1#show interface serial0/0
Serial0/0 is up, line protocol is up
Hardware is PowerQUICC Serial
Internet address is 10.10.12.1/30
MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation FRAME-RELAY, loopback not set
Keepalive set (10 sec)
CRC checking enabled
LMI enq sent 18, LMI stat recvd 18, LMI upd recvd 0, DTE LMI up
LMI enq recvd 0, LMI stat sent 0, LMI upd sent 0
LMI DLCI 1023 LMI type is CISCO frame relay DTE
FR SVC disabled, LAPF state down
Broadcast queue 0/64, broadcasts sent/dropped 0/0, interface broadcasts 0
Last input 00:00:00, output 00:00:06, output hang never
Last clearing of "show interface" counters 00:04:50
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/1/256 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 1158 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
36 packets input, 1604 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
1 input errors, 0 CRC, 1 frame, 0 overrun, 0 ignored, 0 abort
23 packets output, 684 bytes, 0 underruns
0 output errors, 0 collisions, 1 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
R1#show frame-relay pvc 122
PVC Statistics for interface Serial0/0 (Frame Relay DTE)
DLCI = 122, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/0
input pkts 26
output pkts 4
in bytes 1554
out bytes 416
dropped pkts 0
in pkts dropped 0
out pkts dropped 0
out bytes dropped 0
in FECN pkts 0
in BECN pkts 0
out FECN pkts 0
out BECN pkts 0
in DE pkts 0
out DE pkts 0
out bcast pkts 0
out bcast bytes 0
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
pvc create time 00:03:46, last time pvc status changed 00:02:04
R1#
Youll notice that the PVC for DLCI 122 is inactive, this is due to the terminating end not being active, once R2s Serial0/0 interface is
configured properly the PVC will be active and pass traffic.

Objective 2. Configure R2 Serial0/0 interface to encapsulate traffic using Frame Relay encapsulation and use the interface DLCI of
221; verify your configuration using viewing the pvc properties for DLCI 122 and pinging R1s Serial0/0 interface from R2.
First off youll need to configure the interface for frame relay encapsulation and to use the interface dlci of 221 as shown below;
R2 con0 is now available

Press RETURN to get started.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-frame-relay-links/[4/12/2015 7:07:43 PM]

Configuring Point-to-Point Frame Relay Links | Free CCNA Workbook

R2>enable
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface Serial0/0
R2(config-if)#no shutdown
R2(config-if)#
%LINK-3-UPDOWN: Interface Serial0/0, changed state to up
R2(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed
state to up
R2(config-if)#encapsulation frame-relay
R2(config-if)#frame-relay interface-dlci 221
R2(config-fr-dlci)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#
Now that the interface has been configured its time to verify the configuration by viewing the DLCI information and pinging R1s
Serial0/0 interface from R2 as demonstrated below;
R2#show frame-relay pvc 221
PVC Statistics for interface Serial0/0 (Frame Relay DTE)
DLCI = 221, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/0
input pkts 9
output pkts 40
in bytes 796
out bytes 2390
dropped pkts 0
in pkts dropped 0
out pkts dropped 0
out bytes dropped 0
in FECN pkts 0
in BECN pkts 0
out FECN pkts 0
out BECN pkts 0
in DE pkts 0
out DE pkts 0
out bcast pkts 33
out bcast bytes 1662
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
pvc create time 00:04:40, last time pvc status changed 00:00:04
R2#ping 10.10.12.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.12.1, timeout is 2 seconds:
..!!!
Success rate is 60 percent (3/5), round-trip min/avg/max = 28/29/32 ms
R2#

Previous Lab

Like

Tweet

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-frame-relay-links/[4/12/2015 7:07:43 PM]

Next Lab

Configuring Point-to-Point Frame Relay Links | Free CCNA Workbook

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-frame-relay-links/[4/12/2015 7:07:43 PM]

Configuring Point-to-Point Frame Relay Sub-Interfaces | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Frame Point-to-Point Sub-Interfaces

You can configure multiple point to point sub-interfaces using a single physical Frame Frame circuit. This type of
configuration can be used between hub and spoke sites where you would want to keep the spokes in their own layer
3 subnets. This lab will discuss and demonstrate the frame relay point to point sub-interface configuration and
verification.

Real World Application & Core Knowledge


Now that youre familiar with Point-to-Point Frame Relay links lets take a step further and demonstrate how you can have multiple
frame relay links on a single router using a single physical interface but multiple sub-interfaces to represent the multiple PVCs
(Permanent Virtual Circuits)
By Creating a Point-to-Point Sub-interface which will have an interface-dlci assigned to it youll have the ability for R1 to communicate
to R2 and R3 as if R1 has two completely separate point-to-point links using only a single physical link to the Frame Relay cloud.
When creating a Sub-interface for interface-dlcis it is a fairly common practice to use the DLCI number as the sub-interface number
for documentation purposes however this is not a requirement.
In this lab youll familiarize yourself with the following new commands;

Command

Description

interface Serial#/#.### point-topoint

This command when in global configuration creates a new point-to-point sub-interface


that can be used to configure interface dlcis.

Lab Prerequisites

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-frame-relay-sub-interfaces/[4/12/2015 7:08:36 PM]

Configuring Point-to-Point Frame Relay Sub-Interfaces | Free CCNA Workbook

If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than configure the devices respected hostname(s).
Configure R1, R2 and R3s Serial0/0 interface encapsulation to frame relay and enable the interfaces using the no shut
command.

Lab Objectives
On R1, create the sub-interface Serial0/0.122 and assign it the interface DLCI of 122 and the IP Address of 172.18.12.1/30
then create interface Serial0/0.123 and assign it the IP Address 172.18.13.1/30
On R2, create the sub-interface Serial0/0.221 and assign it the interface DLCI of 221 and the IP Address of 172.18.12.2/30
On R3, create the sub-interface Serial0/0.321 and assign it the interface DLCI of 321 and the IP Address of 172.18.13.2/30
Verify connectivity using the show frame-relay pvc and ping commands on R1.

Lab Instruction
Objective 1. On R1, create the sub-interface Serial0/0.122 and assign it the interface DLCI of 122 and the IP Address of
172.18.12.1/30 then create interface Serial0/0.123 and assign it the ip address 172.18.13.1/30
R1 con0 is now available

Press RETURN to get started.

R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface Serial0/0.122 point-to-point
R1(config-subif)#ip address 172.18.12.1 255.255.255.252
R1(config-subif)#frame-relay interface-dlci 122
R1(config-fr-dlci)#exit
R1(config-subif)#interface Serial0/0.123 point-to-point
R1(config-subif)#ip address 172.18.13.1 255.255.255.252
R1(config-subif)#frame-relay interface-dlci 123
R1(config-subif)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#
Objective 2. On R2, create the sub-interface Serial0/0.221 and assign it the interface DLCI of 221 and the IP Address of
172.18.12.2/30
R2 con0 is now available

Press RETURN to get started.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-frame-relay-sub-interfaces/[4/12/2015 7:08:36 PM]

Configuring Point-to-Point Frame Relay Sub-Interfaces | Free CCNA Workbook

R2>enable
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface Serial0/0.221 point-to-point
R2(config-subif)#ip add 172.18.12.2 255.255.255.252
R2(config-subif)#frame-relay interface-dlci 221
R2(config-fr-dlci)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#

Objective 3. On R3, create the sub-interface Serial0/0.321 and assign it the interface DLCI of 321 and the IP Address of
172.18.13.2/30
R3 con0 is now available

Press RETURN to get started.

R3>enable
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#interface Serial0/0.321 point-to-point
R3(config-subif)#ip add 172.18.13.2 255.255.255.252
R3(config-subif)#frame-relay interface-dlci 321
R3(config-fr-dlci)#end
R3#
%SYS-5-CONFIG_I: Configured from console by console
R3#
Objective 4. Verify connectivity using the show frame-relay pvc and ping commands on R1.
R1#show frame-relay pvc
PVC Statistics for interface Serial0/0 (Frame Relay DTE)
Local
Switched
Unused

Active
2
0
2

Inactive
0
0
0

Deleted
0
0
0

Static
0
0
0

DLCI = 122, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/0.122
input pkts 20
output pkts 19
in bytes 5395
out bytes 5187
dropped pkts 0
in pkts dropped 0
out pkts dropped 0
out bytes dropped 0
in FECN pkts 0
in BECN pkts 0
out FECN pkts 0
out BECN pkts 0
in DE pkts 0
out DE pkts 0
out bcast pkts 14
out bcast bytes 4667
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
pvc create time 00:14:33, last time pvc status changed 00:14:33
DLCI = 123, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/0.123
input pkts 22
output pkts 20
in bytes 6045
out bytes 4380
dropped pkts 0
in pkts dropped 0
out pkts dropped 0
out bytes dropped 0
in FECN pkts 0
in BECN pkts 0
out FECN pkts 0
out BECN pkts 0
in DE pkts 0
out DE pkts 0
out bcast pkts 10
out bcast bytes 3340
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
pvc create time 00:17:27, last time pvc status changed 00:17:27
R1#ping 172.18.12.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.18.12.2, timeout is 2 seconds:

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-frame-relay-sub-interfaces/[4/12/2015 7:08:36 PM]

Configuring Point-to-Point Frame Relay Sub-Interfaces | Free CCNA Workbook

!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/82/188 ms
R1#ping 172.18.13.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.18.13.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/96/168 ms
R1#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-frame-relay-sub-interfaces/[4/12/2015 7:08:36 PM]

Configuring Point-to-Point Frame Relay Sub-Interfaces | Free CCNA Workbook


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-point-to-point-frame-relay-sub-interfaces/[4/12/2015 7:08:36 PM]

Configuring a Point-to-Multipoint Frame Relay WAN | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring a Point-to-Multipoint Frame Relay WAN

When it comes to the Hub and Spoke topology, the hub is most commonly deployed with a Point-to-MultiPoint
interface. This lab will discuss and demonstrate the configuration and verification of multi-point frame relay interfaces.

Real World Application & Core Knowledge


So lets say you have a central office that uses a high end Cisco router such as a 7200 Series router to terminate multiple point-topoint frame-relay circuits that you have coming into the CO on a single DS3 circuit but you need each branch router to treat the circuit
as if its a point-to-point circuit but be able to communicate with other branch networks through the central office router; How would
you go about addressing this configuration?
The answer is quite easy and common. The configuration is referred to as a Frame Relay Hub and Spoke WAN. This type of network
enables you to have a single main site/campus which terminates all the branch offices and also allows for branch to branch
communication.
This lab will expose you to the new concept of Frame Relay Maps. A frame Relay map will allow you to map an IP address to a DLCI
number, this makes the router send traffic that is destined towards that IP address to take the specified DLCI number in the frame
relay map.
In this lab youll familiarize yourself with the following new command;

Command

Description

frame-relay map ip x.x.x.x dlci#


braodcast

This command when executed in the physical serial interface or point-to-multipoint subinterface configuration mode maps a specific IP Address to a specific DLCI. When you
specify broadcast after the DLCI number this enables broadcast on that DLCI.

Interface Serial#/#.### multipoint

This command when executed in global config will create a new point-to-multipoint sub-

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-point-to-multipoint-frame-relay-wan/[4/12/2015 7:09:00 PM]

Configuring a Point-to-Multipoint Frame Relay WAN | Free CCNA Workbook

interface which can be used like a physical interface but allow for multiple multipoint
interfaces on a single interface to control multiple multipoint frame-relay WANs. (I may
need to read that part twice to understand it)
show frame-relay map

This command when executed in privileged mode will display all frame-relay ip to dlci
mappings, rather they are static (using the frame-relay map) command or dynamic;
which are learned by Inverse ARP which will be discussed in the next lab.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than configure the devices respected hostname(s).
Configure R1s Serial0/0 interface with the IP address of 10.54.123.1/29 and use Frame Relay encapsulation.
Configure R2s Serial0/0.221 as a point-to-point sub-interface with the IP Address of 10.54.123.2/29 and the Frame Relay
interface DLCI of 221
Configure R3s Serial0/0.321 as a point-to-point sub-interface with the IP Address of 10.54.123.3/29 and the Frame Relay
interface DLCI of 321

Lab Objectives
Configure R1s Serial0/0 interface with two frame relay maps. Map R2s Serial0/0 IP address to DLCI 122 and R3s Serial0/0
IP Address to DLCI 123.
From R2 and R3 verify IP connectivity to the hub as well between the spokes.
Remove the previous configuration from R1s Serial0/0 interface and create a point-to-multipoint sub-interface and configure it
with the correct frame-relay maps. Verify the Frame-Relay Map statements using the show frame-relay map command
From R2 and R3 verify IP connectivity to the hub as well between the spokes using the new point-to-multipoint configuration
on R1.

Lab Instruction
Objective 1. Configure R1s Serial0/0 interface with two frame relay maps. Map R2s Serial0/0 IP address to DLCI 122 and R3s
Serial0/0 IP Address to DLCI 123.
R1 con0 is now available

Press RETURN to get started.

R1>enable
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#interface Serial0/0

End with CNTL/Z.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-point-to-multipoint-frame-relay-wan/[4/12/2015 7:09:00 PM]

Configuring a Point-to-Multipoint Frame Relay WAN | Free CCNA Workbook

R1(config-if)#frame-relay map ip 10.54.123.2 122 broadcast


R1(config-if)#frame-relay map ip 10.54.123.3 123 broadcast
R1(config-if)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#
Objective 2. From R2 and R3 verify IP connectivity to the hub as well between the spokes.
Note: If youve completed the lab prerequisites you should have full IP communications between all 3 routers as shown below;
R2#ping 10.54.123.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.54.123.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/75/172 ms
R2##ping 10.54.123.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.54.123.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/136/300 ms
R2#

Objective 3. Remove the previous configuration from R1s Serial0/0 interface and create a point-to-multipoint subinterface and
configure it with the correct frame-relay maps. Verify the Frame-Relay Map statements using the show frame-relay map command
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#default interface Serial0/0
Building configuration...

End with CNTL/Z.

Interface Serial0/0 set to default configuration


R1(config)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed
state to down
R1(config)#interface Serial0/0
R1(config-if)#encapsulation frame-relay
R1(config-if)#interface serial0/0.123 multipoint
R1(config-if)#ip address 10.54.123.1 255.255.255.248
R1(config-if)#frame map ip 10.54.123.2 122 broadcast
R1(config-if)#frame map ip 10.54.123.3 123 broadcast
R1(config-subif)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#show frame-relay map
Serial0/0.123 (up): ip 10.54.123.2 dlci 122(0x7A,0x1CA0), static,
broadcast,
CISCO, status defined, active
Serial0/0.123 (up): ip 10.54.123.3 dlci 123(0x7B,0x1CB0), static,
broadcast,
CISCO, status defined, active
R1#
Objective 4 From R2 and R3 verify IP connectivity to the hub as well between the spokes using the new point-to-multipoint
configuration on R1.
R2#ping 10.54.123.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.54.123.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/75/124 ms
R2#ping 10.54.123.3
Type escape sequence to abort.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-point-to-multipoint-frame-relay-wan/[4/12/2015 7:09:00 PM]

Configuring a Point-to-Multipoint Frame Relay WAN | Free CCNA Workbook

Sending 5, 100-byte ICMP Echos to 10.54.123.3, timeout is 2 seconds:


!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/121/264 ms
R2#

R3#ping 10.54.123.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.54.123.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/83/156 ms
R3#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-point-to-multipoint-frame-relay-wan/[4/12/2015 7:09:00 PM]

Configuring a Point-to-Multipoint Frame Relay WAN | Free CCNA Workbook

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-point-to-multipoint-frame-relay-wan/[4/12/2015 7:09:00 PM]

Understanding and Configuring Frame Relay Inverse ARP | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Frame Relay Inverse ARP

The OSI Model dictates that in order for L3 addresses to communicated with other L3 addresses it must first go
through Layer 2. In the case of Frame Relay, you must have Layer 2 to Layer 3 Mappings known as the ARP table.
This lab will discuss and demonstrate the configuration of frame relay inverse ARP.

Real World Application & Core Knowledge


As a CCNA candidate you are REQUIRED to have an understanding of Frame Relay Inverse ARP (Address Resolution Protocol). In
the previous lab you created a Frame Relay Map. These static maps will map an IP address to a DLCI # however; Inverse ARP does
this automatically. Inverse ARP will attempt to learn its neighboring devices IP addresses and automatically create a dynamic map
table.
This feature is often frowned upon and 99% of the time disabled by network engineers to prevent unexpected issues for example an
ISP brings up another DLCI for your head quarters and this DLCI should be a point to point DLCI and require a security policy but
when this DLCI is activated and if the router is already installed with the IP address and DLCI information the HQ router will
automatically map it via Inverse ARP causing a security problem.
Other potential problems could arise from this feature such as routing loops or sub-optimal routing. This lab will be similar to the
previous Lab 5-4 but the hub router will use Inverse ARP instead of static frame-relay map statements.
Configuring Frame Relay Inverse ARP is actually quite simple. It is on by default on all Frame Relay multipoint interfaces.
In this lab youll familiarize yourself with the following commands;

Command

Description

no frame-relay inverse-arp

This command under Serial interface configuration mode will disable frame-relay inverse

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-and-understanding-frame-relay-inverse-arp/[4/12/2015 7:09:21 PM]

Understanding and Configuring Frame Relay Inverse ARP | Free CCNA Workbook

arp. Doing so will require static frame-relay map statements.


clear frame-relay inarp

This command when executed from privileged mode will clear the dynamically learned
Inverse ARP mappings.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than configure the devices respected hostname(s).
Configure R1s Serial0/0 interface with the IP address of 10.55.123.1/29 and use Frame Relay encapsulation.
Configure R2s Serial0/0.221 as a point-to-point sub-interface with the IP Address of 10.55.123.2/29 and the Frame Relay
interface DLCI of 221
Configure R3s Serial0/0.321 as a point-to-point sub-interface with the IP Address of 10.55.123.3/29 and the Frame Relay
interface DLCI of 321

Lab Objectives
After youve completed the Lab Prerequisites, view the current frame-relay map table on R1 to verify is R2 and R3s IP to DLCI
Mappings have been dynamically learned.
Once R1 has learned R2 and R3s frame-relay maps dynamically via inverse arp. Ping both R2 and R3 from R1 then verify
that R2 can ping the other poke R3.
Disable Frame Relay Inverse ARP on R1s Serial0/0 interface and clear the frame relay inverse arp table using the clear
frame-relay inarp command then verify IP connectivity by pinging R2 and R3.
Create a static Frame Relay MAP on R1s Serial0/0 interface for IP to DLCI Mappings for traffic destined to R2 and R3. Verify
connectivity by pinging R2 and R3 from R1.

Lab Instruction
Objective 1. After youve completed the Lab Prerequisites, view the current frame-relay map table on R1 to verify is R2 and R3s IP
to DLCI Mappings have been dynamically learned.
R1#show frame-relay map
Serial0/0 (up): ip 10.55.123.2 dlci 122(0x7A,0x1CA0), dynamic,
broadcast,, status defined, active
Serial0/0 (up): ip 10.55.123.3 dlci 123(0x7B,0x1CB0), dynamic,
broadcast,, status defined, active
R1#
Objective 2. Once R1 has learned R2 and R3s frame-relay maps dynamically via Inverse ARP. Ping both R2 and R3 from R1 then
verify that R2 can ping the other poke R3.
R1#ping 10.55.123.2

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-and-understanding-frame-relay-inverse-arp/[4/12/2015 7:09:21 PM]

Understanding and Configuring Frame Relay Inverse ARP | Free CCNA Workbook

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 10.55.123.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 72/95/124 ms
R1#ping 10.55.123.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.55.123.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 76/105/172 ms
R1#

R2#ping 10.55.123.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.55.123.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 156/215/340 ms
R2#

Objective 3. Disable Frame Relay Invese ARP on R1s Serial0/0 interface and clear the frame relay inverse arp table using the
clear frame-relay inarp command then verify IP connectivity by pinging R2 and R3.
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface Serial0/0
R1(config-if)#no frame-relay inverse-arp
R1(config-if)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#clear frame-relay inarp
R1#ping 10.55.123.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.55.123.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R1#ping 10.55.123.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.55.123.3, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
R1#
Objective 4. Create a static Frame Relay MAP on R1s Serial0/0 interface for IP to DLCI Mappings for traffic destined to R2 and R3.
Verify connectivity by pinging R2 and R3 from R1.
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface Serial0/0
R1(config-if)#frame-relay map ip 10.55.123.2 122 broadcast
R1(config-if)#frame-relay map ip 10.55.123.3 123 broadcast
R1(config-if)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#ping 10.55.123.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.55.123.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/106/200 ms
R1#ping 10.55.123.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.55.123.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 76/120/256 ms

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-and-understanding-frame-relay-inverse-arp/[4/12/2015 7:09:21 PM]

Understanding and Configuring Frame Relay Inverse ARP | Free CCNA Workbook

R1#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-and-understanding-frame-relay-inverse-arp/[4/12/2015 7:09:21 PM]

Configuring Static Routing | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Static Routing

This lab will teach you the basics of static routing and how to configure static routes on multiple routers to ensure IP
reachability over the network.

Welcome to the wonderful world of IP Routing!!! Now the Free CCNA Lab Workbook becomes more interesting and fun. ^_^

Real World Application & Core Knowledge


If you plan to become a CCNA then you better plan on understanding Static routing. Static routing is a core technology that any
network engineer must understand. Its the ability to statically configure a route from one machine to a network with the next transit
path hop to get to that network.
For example If router R1 is connected to network 10.61.10.0/24 and PCs on that network need to get to the 10.61.30.0/24 network
then R1 must know where what router to send that traffic to thats local to R1 that can reach that network.
Lets say R1 passes this traffic off to R2 and R2 sees that the network is not directly connected so then R2 then must forward the
traffic to the next hop in the transit path to get to a router that has that network directly attached. So it then passes it off to R3 which
has the 10.61.88.0/24 network directly connected to interface Gi3/10
Take a step back for a minute and think about bi-directional traffic. If you have static routes pointing in one direction does that
necessarily mean that IP communication will be successful? What if the router R3 has no route back to 10.61.21.0/24? This means
that traffic from 10.61.21.0/24 can get to the 10.61.88.0/24 network but traffic from the 10.61.88.0/24 network cannot get back. So
with that being the case any PC on the 10.61.21.0/24 can send traffic to the 10.61.88.0/24 network but not receive any response
back.
Commonly static routes are used for floating routes (as discussed in lab 6-2) and a default route which is discussed in lab 6-3

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-static-routing/[4/12/2015 7:09:51 PM]

Configuring Static Routing | Free CCNA Workbook

however, many engineers rely on static routes in their infrastructure due to a lack of understanding of dynamic routing protocols such
as RIP, EIGRP and OSPF. A well designed network should have very few static routes as the general rule of thumb; when you
configure a static route and the network changes, youll then potentially need to reassess and reconfigure the static route to ensure
network reachability.
In this lab you will configure static routing for three routers that simulate a small business with locations in NYC, Miami and San
Francisco each having separate IP subnets attached. You will use the skills youve previously learned in Section 5 to build a daisy
chained frame relay network between R1, R2 and R3. For those of you who are unfamiliar with the Daisy Chain configuration then
technically its the act of linking one device after another after another after another in a linear bus topological fashion which has little
or no redundancy.
One thing that has yet to be discussed on the Free CCNA Workbook is the comprehension of physical verses logical topologies. This
concept causes a lot of confusion at first for candidates preparing for the CCNA and this concept alone tends to catch new CCNAs
off guard when they get a job dealing with a simi-large network and they notice that the physical and logical network topologies do
not match at all. Often times in enterprise networks there are several technologies used that are not covered in the CCNA blueprint
but youll learn very quickly that such technologies can alter how the network functions logically. For example you have a single
switch that has a single link that does routing for multiple VLANs. Physically youll see one cable in the wiring closet but logically
youll see in the documentation that there could appear to be multiple routers or switches.
Shown below is a logical topology of the network you will be building in this lab. Check out the overall lab topology to view the
physical topology. However; looking down on this network youll see the topology is built upon the operational function of each
network device as shown below;

When doing Cisco Labs is common to use loopback interfaces as simulated connected networks. In this lab the Loopback0 interface
on R1, R2 and R3 will simulate their connected networks which you will be configuring static routing for.
In this lab you will familiarize yourself with following new command(s);

Command

Description

ip route n.n.n.h s.s.s.s nh.nh.nh.nh

This command is executed in global configuration mode to create a static route locally.

The syntax of this command is ip route network subnet nexthop; so an example would be ip route 192.168.20.0 255.255.255.0
192.168.20.5 This effectively says to get to network 192.168.20.0/24 go to 192.168.20.5

Lab Prerequisites

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-static-routing/[4/12/2015 7:09:51 PM]

Configuring Static Routing | Free CCNA Workbook

If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than configure the devices respected hostname(s).
load the initial configurations provided below by copying the config from the textbox and pasting it into the respected routers
console.

Initial Configurations

!##################################################
!#

Free CCNA Workbook Lab 6-1 R2 Initial Config

!##################################################
!

enable
!
configure terminal
!

hostname R2
!
interface Loopback0

description ### SIMULATED NETWORK ###


ip address 10.61.20.1 255.255.255.0

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0

!##################################################
no frame-relay inverse-arp
!#
!

Free CCNA Workbook Lab 6-1 R3 Initial Config

!##################################################
interface Serial0/0.221 point-to-point
!description ### FRAME RELAY LINK TO R1 ###
enable
ip address 10.61.12.2 255.255.255.252
!frame-relay interface-dlci 221
configure
terminal
!

!
interface Serial0/0.223 point-to-point

hostname
R3 ### FRAME RELAY LINK TO R3 ###
description
!ip address 10.61.23.1 255.255.255.252
interface
Loopback0
frame-relay
interface-dlci 223

!description ### SIMULATED NETWORK ###


ip address
10.61.30.1 255.255.255.0
interface
Serial0/0

!no shut

interface
Serial0/0
!

description ### PHYSICAL FRAME RELAY INTERFACE ###


end
no ip address

encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp

Lab Objectives
!

interface Serial0/0.322 point-to-point

description ### FRAME RELAY LINK TO R2 ###


ip address 10.61.23.2 255.255.255.252
!

frame-relay interface-dlci 322


interface Serial0/0
no shut
!
end

Create a Static Route on R1 that states to get to 10.61.20.0/24 go to the next hop of 10.61.12.2 then place the return route on
R2 stating to get to 10.61.10.0/24 go to the next hop of 10.61.12.1. Verify that the routes added operate correctly by pinging
R2s Lo0 interface sourced from R1s Lo0 interface.
Create a Static Route on R2 that states to get to 10.61.30.0/24 go to the next hop of 10.61.23.2 then place the return route on
R3 stating to get to 10.61.20.0/24 go to the next hop of 10.61.23.1. Verify that the routes added operate correctly by pinging
R3s Lo0 interface sourced from R2s Lo0 interface.
Configure R1 to route 10.61.30.0/24 to the next hop of 10.61.12.2 (R2) then configure R3 to route 10.61.10.0/24 to 10.61.23.1.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-static-routing/[4/12/2015 7:09:51 PM]

Configuring Static Routing | Free CCNA Workbook

Afterward verify that you have IP communication between 10.61.10.0/24 and 10.61.30/24

Lab Instruction
Objective 1. Create a Static Route on R1 that states to get to 10.61.20.0/24 go to the next hop of 10.61.12.2 then place the return
route on R2 stating to get to 10.61.10.0/24 go to the next hop of 10.61.12.1. Verify that the routes added operate correctly by pinging
R2s Lo0 interface sourced from R1s Lo0 interface.
The steps of this objective are pretty straight forward and demonstrated below;
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip route 10.61.20.0 255.255.255.0 10.61.12.2
R1(config)#end
R1#

R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#ip route 10.61.10.0 255.255.255.0 10.61.12.1
R2(config)#end
R2#
And now to verify communication by pinging R2s Lo0 from R1 sourced from R1s Lo0 interface. This basically simulates traffic
coming from 10.61.10.1 going to 10.61.20.1 to verify that communications between those two subnets are functioning properly.
R1#ping 10.61.20.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.61.20.1, timeout is 2 seconds:
Packet sent with a source address of 10.61.10.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/50/104 ms
R1#
Keep in mind if youre able to ping R2s Lo0 interface from R1s Lo0 then you have bidirectional ip communications, if not then you
would not get a echo reply (ping reply) from R2 after R1 sent the echo request (ping).
Objective 2. Create a Static Route on R2 that states to get to 10.61.30.0/24 go to the next hop of 10.61.23.2 then place the return
route on R3 stating to get to 10.61.20.0/24 go to the next hop of 10.61.23.1. Verify that the routes added operate correctly by pinging
R3s Lo0 interface sourced from R2s Lo0 interface.
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#ip route 10.61.30.0 255.255.255.0 10.61.23.2
R2(config)#end
R2#

R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#ip route 10.61.20.0 255.255.255.0 10.61.23.1
R3(config)#end
R3#

Once the static route statements are configured youre ready to Verify that the routes added operate correctly by pinging R3s Lo0

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-static-routing/[4/12/2015 7:09:51 PM]

Configuring Static Routing | Free CCNA Workbook

interface from R2 with the source interface of Lo0.


R2#ping 10.61.30.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.61.30.1, timeout is 2 seconds:
Packet sent with a source address of 10.61.20.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/74/164 ms
R2#
Now you have IP communication between networks 10.61.10.0/24 and 10.61.20.0/24 as well as 10.61.20.0/24 and 10.61.30.0/24
however you do not have ip communication between 10.61.10.0/24 and 10.61.30.0/24 which leads us to our next objective.
Objective 3. Configure R1 to route 10.61.30.0/24 to the next hop of 10.61.12.2 (R2) then configure R3 to route 10.61.10.0/24 to
10.61.23.1. Afterward verify that you have IP communication between 10.61.10.0/24 and 10.61.30/24
>R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip route 10.61.30.0 255.255.255.0 10.61.12.2
R1(config)#end
R1#

R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#ip route 10.61.10.0 255.255.255.0 10.61.23.1
R3(config)#end
R3#
And now to verify IP communication between 10.61.10.0/24 and 10.61.30.0/24 you can ping R3s Loopback0 from R1 with the pings
sourced from R1s Loopback0 interface as shown below;
R1#ping 10.61.30.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.61.30.1, timeout is 2 seconds:
Packet sent with a source address of 10.61.10.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/64/124 ms
R1#

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-static-routing/[4/12/2015 7:09:51 PM]

Next Lab

Configuring Static Routing | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-static-routing/[4/12/2015 7:09:51 PM]

Configuring a Floating Static Route | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring a Floating Static Route

Floating static routes are used for redundancy in-case an interface fails. This lab will discuss and demonstrate the
configuration of a floating static route.

Real World Application & Core Knowledge


In the previous lab youve studied the basics of static routing and how it operates to ensure network reachability. This lab will give you
another building block to build that fancy house with now that you have a foundation.
A Floating static route is a route that has a higher administrative distance then the current route in a routing table. Think of how a
router works for a second; The routes that have a lower administrative distance number will be the ones installed into the routing
table whereas higher AD numbers will not.
Looking back to the Lab 6-1 topology, R1 has a single link to R2 via frame-relay point-to-point sub-interface. Now add a point-to-point
T1 link between R1 and R2 and this gives you the ability to have redundancy and potentially load balancing if you wanted but
however this link youve newly installed is dedicated for backup only and you have to pay based on per MB bandwidth which is very
expensive. So ideally youd want to use your primary frame-relay link when its active but your point-to-point T1 when the primary link
fails.
So you have the idea in your head but how do get this current proposed idea to operate with the current routing infrastructure? The
answer is a floating route.
To create floating static route(s) you will create identical routes that already exist which go to R2 through the main frame-relay link to
traverse the point to point link which have a higher administrative distance so as long as Serial0/0 is up traffic will take that path but if
Serial0/0 fails the router will re-converge and traffic will transit the link Serial0/1 to get to R2.
In the real world floating static routes are commonly used as an emergency default route which will be discussed in the next but; but

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-floating-static-route/[4/12/2015 7:10:14 PM]

Configuring a Floating Static Route | Free CCNA Workbook

in laymen terms, when a dynamic routing process neighbor relationship fails for whatever reason all the routes get removed which
includes the default route learned via the dynamic routing process. If and when this incident occurs in a network the device will
automatically inject the static route as it would be next in line with the highest administrative distance.
Configuring a floating static route is very easy and its done by a command you already know; ip route n.n.n.n s.s.s.s nh.nh.nh.nh but
you add a number to the end of the command ranging between 1-255 whereas 255 is unreachable. Any route given the
administrative distance of 255 WILL NOT be installed in the routing table under any circumstances. Keep in mind the default
administrative distance of a static route is 1.
In this lab youll use Lab 6-1s topology but add an additional link between R1 and R2 to create a backup traffic path for R1 to reach
R2 and R3. Topology shown below;

Familiarize yourself with the following new command;

Command

Description

ip route n.n.n.n s.s.s.s nh.nh.nh.nh


#

This command is executed from global configuration and is the same command used to
configure a static route but statically sets the administrative distance following the next
hop.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than configure the devices respected hostname(s).
Load the initial configurations provided below by copying the config from the textbox and pasting it into the respected routers
console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-floating-static-route/[4/12/2015 7:10:14 PM]

Configuring a Floating Static Route | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 6-2 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.55.20.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp

!##################################################
!
!#
Free CCNA
Workbook Lab
6-2 R3 Initial Config
interface
Serial0/0.221
point-to-point

!##################################################
description ### FRAME RELAY LINK TO R1 ###
!ip address 10.62.12.2 255.255.255.252
enable
frame-relay interface-dlci 221
configure
terminal
!

!
interface Serial0/0.223 point-to-point

hostname
R3 ### FRAME RELAY LINK TO R3 ###
description
!ip address 10.62.23.1 255.255.255.252
interface
Loopback0
frame-relay
interface-dlci 223

!description ### SIMULATED NETWORK ###


ip address
10.55.30.1 255.255.255.0
interface
Serial0/0

!no shut

interface
Serial0/0
exit

!description ### PHYSICAL FRAME RELAY INTERFACE ###


noroute
ip address
ip
10.55.10.0 255.255.255.0 10.62.12.1
encapsulation
frame-relay
ip
route 10.55.30.0
255.255.255.0 10.62.23.2
!serial restart-delay 0

no frame-relay inverse-arp
end

Lab Objectives
interface Serial0/0.322 point-to-point

description ### FRAME RELAY LINK TO R2 ###


ip address 10.62.23.2 255.255.255.252
frame-relay interface-dlci 322

interface Serial0/0
no shut
exit
!

Configure the new point-to-point link between R1 and R2 using the subnet 10.62.21.0/30 and ppp encapsulation. Verify that
the link is up using ping.

ip route 10.55.10.0 255.255.255.0 10.62.23.1


ip route 10.55.20.0 255.255.255.0 10.62.23.1
!

end

Create two floating static routes with the administrative distance of 200 for 10.55.20.0/24 and 10.55.30.0/24 pointing towards
R2s backup link IP address.
Create a floating route on R2 with the administrative distance of 200 for 10.55.10.0/24 pointing towards R1s backup link IP
address.
Shutdown Serial0/0 on R1 and Serial0/0.221 on R2 to simulate a link outage and verify IP connectivity by tracing to the
10.55.30.0/24 network from the 10.55.10.0/24 network.

Lab Instruction
Objective 1. Configure the new point-to-point link between R1 and R2 using the subnet 10.62.21.0/30 and ppp encapsulation. Verify
that the link is up using ping.
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface Serial0/1
R1(config-if)#ip address 10.62.21.1 255.255.255.252
R1(config-if)#encapsulation ppp
R1(config-if)#no shut
R1(config-if)#end
R1#

R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface serial0/1
R2(config-if)#ip add 10.62.21.2 255.255.255.252
R2(config-if)#encapsulation ppp

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-floating-static-route/[4/12/2015 7:10:14 PM]

Configuring a Floating Static Route | Free CCNA Workbook

R2(config-if)#no shut
R2(config-if)#end
R2#ping 10.62.21.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.62.21.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/42/60 ms
R2#

Objective 2. Create two floating static routes with the administrative distance of 200 for 10.55.20.0/24 and 10.55.30.0/24 pointing
towards R2s backup link IP address.
Under the core knowledge section you learned the concepts of floating routes and how to configure them. The commands are the
same as a static route except specifying an administrative distance as shown below;
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip route 10.55.20.0 255.255.255.0 10.62.21.2 200
R1(config)#ip route 10.55.30.0 255.255.255.0 10.62.21.2 200
R1(config)#end
R1#
Objective 3. Create a floating route on R2 with the administrative distance of 200 for 10.55.10.0/24 pointing towards R1s backup
link IP address.
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#ip route 10.55.10.0 255.255.255.0 10.62.21.1 200
R2(config)#end
R2#
Objective 4. Shutdown Serial0/0.221 on R2 and Serial0/0 on R1 and to simulate a link outage and verify IP connectivity by tracing
to the 10.55.30.0/24 network from the 10.55.10.0/24 network.
R2#configure terminal
Enter configuration commands, one per line.
R2(config)#interface Serial0/0.221
R2(config-subif)#shutdown
R2(config-subif)#end
R2#

End with CNTL/Z.

R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface serial0/0
R1(config-if)#shutdown
R1(config-if)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
%LINK-5-CHANGED: Interface Serial0/0, changed state to
administratively down
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed
state to down
R1#traceroute 10.55.30.1 source Lo0
Type escape sequence to abort.
Tracing the route to 10.55.30.1
1 10.62.21.2 152 msec 52 msec 44 msec
2 10.62.23.2 188 msec 240 msec 217 msec
R1#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-floating-static-route/[4/12/2015 7:10:14 PM]

Configuring a Floating Static Route | Free CCNA Workbook

As you can see from the traceroute shown above, traffic sourced from 10.55.10.0/24 destined towards 10.55.30.1 will take the point
to point link as you see that the first hop in the transit path is 10.62.21.2 which is R2s Serial0/1 interface.

Previous Lab

Like

Next Lab

180 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-floating-static-route/[4/12/2015 7:10:14 PM]

Configuring a Static Default Route | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring a Static Default Route

The default route, also known as the gateway of last resort is used commonly to route traffic with no longer match
towards the internet. This lab will discuss and demonstrate the configuration of a default route.

Real World Application & Core Knowledge


As you may know, Cisco routers will match traffic to a destination based on the closest match found in the routing table. With that
being said; if the router has two routes in the routing table, one for 10.88.21.0/28 and one for 10.88.21.0/24 and the router receives
traffic destined towards the host 10.88.21.6 then the router will choose the 10.88.21.0/28 route as its a closer match
In the previous two labs you learned about static routing and floating static routes, you are going to continue to build upon that
foundation with configuring a default static route; commonly referred to as a default route.
As a CCNA you must understand the concept of the default route on a Cisco router and how to configure them. It is common that a
router will have a floating default route in production in case the dynamic routing protocol fails for whatever reason, the floating
default route would be injected into the routing table and eliminate downtime if designed and implemented properly.
In a network there are commonly two ways to get to the internet from within the network. You can have a default route on your WAN
edge router pointing towards the ISP so that if any traffic destined towards a network is not found in the routing table of your WAN
edge router then it would be passed onto the ISP. The other possibility is to have a WAN edge router participate in BGP (Boarder
Gateway Protocol) which is the protocol that the internet is built upon. Having a full internet routing table via BGP will give you the
ability to have every route on the internet on a single router. However BGP does not fall within the scope of the CCNA level material
so well only be focusing on a default route.
If you are interested in how the internet works and curious about BGP then youll have to continue your studies on to the CCNP after
youve completed the CCNA.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-static-default-route/[4/12/2015 7:10:34 PM]

Configuring a Static Default Route | Free CCNA Workbook

Configuring a Default Route is as simple as configuring a static route. A default route is represented by 0.0.0.0/0. If you take a second
and analyze the network and subnet youll realize that any ip address can fall in this subnet from 0.0.0.0 to 255.255.255.255.
In this lab you will use the same topology that youre worked with in the previous Lab 6-2 however the IP Addressing has been
updated to reflect the lab number. You will be removing the static routes previously assigned to R3 and configuring a default route on
R3 to point towards R2.

Familiarize yourself with the following new command(s);

Command

Description

ip route 0.0.0.0 0.0.0.0 nh.nh.nh.nh


#

When specifying a static route to 0.0.0.0/0 you are effectively configuring a default route,
a route that will catch all traffic if no other route exist for the traffic destination in the
routing table.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-static-default-route/[4/12/2015 7:10:34 PM]

Configuring a Static Default Route | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 6-3 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.63.20.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp

!##################################################
!
!#
Free CCNA
Workbook Lab
6-3 R3 Initial Config
interface
Serial0/0.221
point-to-point

!##################################################
description ### FRAME RELAY LINK TO R1 ###
!ip address 10.63.12.2 255.255.255.252
enable
frame-relay interface-dlci 221
configure
terminal
!

!
interface Serial0/0.223 point-to-point

hostname
R3 ### FRAME RELAY LINK TO R3 ###
description
!ip address 10.63.23.1 255.255.255.252
interface
Loopback0
frame-relay
interface-dlci 223

!description ### SIMULATED NETWORK ###


ip address
10.63.30.1 255.255.255.0
interface
Serial0/0

!no shut

interface
Serial0/0
exit

!description ### PHYSICAL FRAME RELAY INTERFACE ###


no ip address
interface
Serial0/1

encapsulation
frame-relay
description ###
PPP LINK TO R1 ###

serial
restart-delay
ip address
10.63.21.20255.255.255.252
no
frame-relayppp
inverse-arp
encapsulation

!serial restart-delay 0

Lab Objectives
interface
no shut Serial0/0.322 point-to-point

!description ### FRAME RELAY LINK TO R2 ###

iproute
address
10.63.23.2
255.255.255.252
ip
10.63.10.0
255.255.255.0
10.63.12.1
frame-relay
interface-dlci
322
ip
route 10.63.30.0
255.255.255.0
10.63.23.2

!
ip route 10.63.10.0 255.255.255.0 10.63.21.1 200
interface
Serial0/0
!
no shut
end

exit
!

Remove all currently configured static routes on R3 than configure a default route on R3 pointing towards R2s Serial0/0.223
interface IP.

ip route 10.63.10.0 255.255.255.0 10.63.23.1


ip route 10.63.20.0 255.255.255.0 10.63.23.1
!

end

Verify that you have IP reachability from R3s 10.63.30.0/24 network to R1s 10.63.10.0/24 network.
Verify rather or not you can ping R1s PPP backup interface IP address.

Lab Instruction
Objective 1. Remove all currently configured static routes on R3 than configure a default route on R3 pointing towards R2s
Serial0/0.223 interface IP
R3#show run | include ip route
ip route 10.63.10.0 255.255.255.0 10.63.23.1
ip route 10.63.20.0 255.255.255.0 10.63.23.1
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#no ip route 10.63.10.0 255.255.255.0 10.63.23.1
R3(config)#no ip route 10.63.20.0 255.255.255.0 10.63.23.1
R3(config)#ip route 0.0.0.0 0.0.0.0 10.63.23.1
R3(config)#end
R3#

Objective 2. Verify that you have IP reachability from R3s 10.63.30.0/24 network to R1s 10.63.10.0/24 network.
Previously the traffic would have taken the routes you just removed but now that the router has a default route it will take it as the
route of last resort as shown below;
R3#ping 10.63.10.1 source lo0

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-static-default-route/[4/12/2015 7:10:34 PM]

Configuring a Static Default Route | Free CCNA Workbook

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 10.63.10.1, timeout is 2 seconds:
Packet sent with a source address of 10.63.30.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/82/168 ms
R3#
Objective 3. Verify rather or not you can ping R1s PPP backup interface IP address from 10.63.30.0/24.
Previously R3 had no route to get to the 10.63.21.0/30 network but now that a default route exist that points to R2 which has
10.63.21.0/3 directly connected and a route back to 10.63.30.0/24, IP reachability is feasible.
R3#ping 10.63.21.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.63.21.1, timeout is 2 seconds:
Packet sent with a source address of 10.63.30.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/81/116 ms
R3#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-static-default-route/[4/12/2015 7:10:34 PM]

Junos Workbook | Free Juniper


JNCIA Training

Configuring a Static Default Route | Free CCNA Workbook

the GNS3 platform.

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-static-default-route/[4/12/2015 7:10:34 PM]

Configuring Routing Information Protocol (RIP) | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Routing Information Protocol (RIP)

Routing Information Protocol known as RIP is a fairly simplistic dynamic routing protocol which can be deployed in a
matter of minutes. This lab will discuss and demonstrate the configuration and verification of basic RIP
implementation.

Real World Application & Core Knowledge


So the big question is is how do you maintain a network using static routing when you have over 500+ subnets and 50+ routers? The
simple answer is; you dont. Of course you can but you would have to maintain hundreds of static routes and when something went
wrong youd have to be the routers brain and re-converge the network manually with a new static route that you must wake up at
3:00 in the morning to configure.
Welcome to the wonderful world of dynamic routing protocols. Routing Information Protocol; aka: RIP, will be the first of 3 dynamic
routing protocols you must know as a CCNA network engineer. RIP was widely deployed in 1982 due to the inclusion of its code in
the BSD 4.2 Unix OS then a few years later, June of 1988 became an IETF Standard. RIP Replaced GGP (Gateway to Gateway
Protocol) which is a protocol youll never hear about again as its long gone and turned into ash.
Before you jump onto the router lets first discuss a little bit of the technology relating to RIP;
RIP is a distance vector routing protocol which has an administrative distance of 120 and uses the Bellman-Ford Algorithm. RIP uses
hop counts as a metric to determine the best path to a network. e.g; If 10.70.10.0/24 is 2 routers away then its effectively 2 hop
counts away thus having a metric of 2. Keep in mind that if you have a PC trying to get to a server on a network and one path has 2
hop counts which uses T1s links and the other path has 3 hop and uses 3 DS3s then the lower metric will be chosen.
RIP operated at UDP Port 520 by default. Version 1 uses a broadcast delivery mechanism for updates whereas version 2 uses
multicast. This will be discussed further in detail in the next lab.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-routing-information-protocol-rip/[4/12/2015 7:11:07 PM]

Configuring Routing Information Protocol (RIP) | Free CCNA Workbook

By standard; RIP utilizes three different timers to function properly however if youre running RIP on a Cisco router a 4th timer will be
used called the Hold Down timer. Timer functions given below;

Timer

Description

Update Timer

This interval at which hello packets are sent to neighboring routers. The Cisco Default is every 30
seconds +/- 5 Seconds to prevent synchronization

Invalid Timer

The invalid timer is the interval at which the router will mark the route(s) invalid by using a metric of 16
and advertise them with an unreachable metric (16). When a route is marked invalid on a Cisco router
it is enters hold down. The Cisco default invalid timer is 180 Seconds.

Hold Down Timer

The hold down timer is the interval at which a specific route that has been previously marked invalid
will be suppressed updates with an equal or greater metric. This timer is intended to prevent
inaccurate routing updates (routing by rumor) till the topology has had the time to converge or a route
with a better metric has been received.. The hold down timer is a Cisco extension of the RIP protocol
and is not included int he IETF standard.

Flushed Timer

The interval at which after the invalid timer the router waits after a route has been marked invalid
before it flushes it (removes it) from the routing table.

So lets have a run down of this shall we? R1 and R2 are connected via a Frame Relay T1 link and they both run RIP. R2 advertises
10.70.20.0/24 to R1 via RIP. However R2 randomly goes off line due to a power failure at the facility. R1 will wait 180 seconds (6
hello intervals) before all routes learned via R2 are declared invalid and marked unreachable by a metric of 16; The hold down timer
also expires at the same time as the invalid timer does thus meaning the router will now accept any new routes to the previously
marked unreachable learned via R2. If no new routes are learned during a period of 60 seconds after the invalid/hold time timers
expire (the time it takes to count to the flush timer from the invalid timer)) then the route will be flushed (removed) from the routing
table completely.
Now that you have a general understanding of how RIP operates lets further your knowledge and take a look at how RIP prevents
routing loops in the network.
The RIP standard implements two different technologies to prevent routing loops; split-horizon and poison reverse. However Cisco
has gone a step further and introduced the hold down timer which will prevent any route with a better metric from being injected into
the routing table after a router has received an advertisement from an neighboring router saying that the route has been marked
unreachable via a metric of 16. This helps prevent transient routing loops commonly caused by unstable (flapping) routes.
Split-horizon is a general loop avoidance mechanism commonly used by most distance vector protocols such as RIP, IGRP, EIGRP
as well as newer technologies such as VPNS (Virtual Private Network Services) and Babel; a new IP routing protocol which is
currently an experimental distance vector protocol. In general this mechanism prevents updates from being out the same interface in
which they were received. After all; if R2 sent R1 and update about 10.70.20.0/24, would R2 need to hear that update back from R1?
The answer is simply no.
However in some cases split-horizon must be disabled for proper network functionality; in one specific case is the Hub-and-Spoke
topology in a frame relay network. The spoke will advertise its routes to the hub through an interface but the hub must re-advertise
those updates back out the same physical interface to get to the other spokes. Split horizon is disabled on a per interface basis using
the no ip split-horizon command.
Poison Reverse is a type of route poisoning mechanism in which case a RIP router will advertise the routes learned from a
neighboring router with an unreachable hop count metric (16) back to its neighbor with the unreachable metric to ensure all routers
on the segment is aware that that particular route is unreachable.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-routing-information-protocol-rip/[4/12/2015 7:11:07 PM]

Configuring Routing Information Protocol (RIP) | Free CCNA Workbook

RIP maintains a database of all routes learned via its neighbors. This is known as the RIP Database and can be viewed using the
show ip rip database command in user or privileged mode.
Now that you have a good understanding of RIPs fundamental operation lets dive into the configuration. RIP is a single routing
process on a particular router. With that being said you cannot have multiple RIP processes running like EIGRP which will be
discussed in the next section.
To start the rip process youll use the router rip command in global configuration; after which youll be placed into dynamic routing
configuration mode, denoted by the Router(config-router)# prompt. To assign networks to participate in the RIP routing process youll
use the network x.x.x.x command. Any interfaces that falls in the specified network range will participate in the RIP routing process.
By default RIP will operate at Version 1 which is a classful version (does not support VLSM) and auto summarize so when you
specify any network under the RIP routing process it will automatically be converted to its classful network address range such as
10.70.10.0 on R1 would be converted to 10.0.0.0
When working with RIP version 1 keep in mind that it is a classful routing protocol; meaning that the same subnet must be used for
the entire network. So if you use a /24 on a switch where all the PCs are aggregated at then you must use a /24 network on the
WAN link between branches otherwise the /24 networks will not get propagated over the WAN link. RIPv1 does not include the
subnet in the updates sent to neighboring routers; only the network address. So in laymen terms, a /24 can only be advertised to
another router through through a link that uses a /24 network due to the neighboring router assuming the subnet mask is tied to the
interface in which the update was received.
By default RIP will auto summarize at the network boundary. So with that being said you cannot have 10.0.0.0/8 network connected
to R1 and R1 is connected to R2 via a class B 172.16.0.0/16 subnet which in turn is connected to R3 which also has the 10.0.0.0/8
subnet directly connected. This design will not work as traffic from R1s 10.0.0.0/8 subnet will not traverse R2 to get to R3s
10.0.0.0/8 subnet because R1 believes 10.0.0.0/8 is already directly connected.
Now that youve got a solid foundation of the Routing Information Protocol (RIP); its time to start configuring some routers. This lab
will use the same topology as the previous section discussing static routing. Youre going to convert a static routed network into a
dynamic RIP routed network. The topology is shown below;

Familiarize yourself with the following new command(s);

Command

Description

router rip

This command is executed in global configuration to start the RIP routing process on a router.

network x.x.x.x

This command is executed router configuration mode to specify the networks participating in the
dynamic routing process.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-routing-information-protocol-rip/[4/12/2015 7:11:07 PM]

Configuring Routing Information Protocol (RIP) | Free CCNA Workbook

show ip rip database

This command will display all the networks in the RIP database when executed in privileged or user
mode.

show ip protocols

This command when executed in privileged or user mode will show the RIP routing process global
configuration settings such as timers, networks, rip version (per interface) and other useful
information.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

!##################################################
!#

Free CCNA Workbook Lab 7-1 R2 Initial Config

!##################################################
!

enable
configure terminal
!

hostname R2
!

interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.20.1 255.255.255.0

interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


no ip address
encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp

!##################################################
!
!#
Free CCNA
Workbook Lab
7-1 R3 Initial Config
interface
Serial0/0.221
point-to-point

!##################################################
description ### FRAME RELAY LINK TO R1 ###
!ip address 10.70.12.2 255.255.255.252
enable
frame-relay interface-dlci 221
configure
terminal
!

!
interface Serial0/0.223 point-to-point

hostname
R3 ### FRAME RELAY LINK TO R3 ###
description
!ip address 10.70.23.1 255.255.255.252
interface
Loopback0
frame-relay
interface-dlci 223

!description ### SIMULATED NETWORK ###


ip address
10.70.30.1 255.255.255.0
interface
Serial0/0

!no shut

interface
Serial0/0
exit

!description ### PHYSICAL FRAME RELAY INTERFACE ###


no ip address
interface
Serial0/1

encapsulation
frame-relay
description ###
PPP LINK TO R1 ###

serial
restart-delay
ip address
10.70.21.20255.255.255.252
no
frame-relayppp
inverse-arp
encapsulation

!serial restart-delay 0

Lab Objectives
interface
Serial0/0.322
point-to-point
clock rate
128000

description
### FRAME RELAY LINK TO R2 ###
no shut
ip address 10.70.23.2 255.255.255.252
exit

!frame-relay interface-dlci 322

!
ip route 10.70.10.0 255.255.255.0 10.70.12.1
interface
Serial0/0 255.255.255.0 10.70.23.2
ip route 10.70.30.0

noroute
shut 10.70.10.0 255.255.255.0 10.70.21.1 200
ip

exit
!
!
end

You are tasked with migrating the network from static routing to RIP. Remove all static routes currently configured on R1, R2
and R3.

ip route 0.0.0.0 0.0.0.0 10.70.23.1


!
end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-routing-information-protocol-rip/[4/12/2015 7:11:07 PM]

Configuring Routing Information Protocol (RIP) | Free CCNA Workbook

Configure R1, R2 and R3 to run the Routing Information Protocol (RIP) and specify the classful network statement in which
interfaces will participate in RIP dynamic routing process. Verify that RIP is running on R1 via the show ip protocols
command.
Verify that routes are propagating properly from R1 to R2 and from R2 to R3; if not then why?

Lab Instruction
Objective 1. You are tasked with migrating the network from static routing to RIP. Remove all static routes currently configured on
R1, R2 and R3.
To view all current static routes you can use the show run with the inclusion of ip route
R1#show run | inc ip route
ip route 10.70.20.0 255.255.255.0
ip route 10.70.20.0 255.255.255.0
ip route 10.70.30.0 255.255.255.0
ip route 10.70.30.0 255.255.255.0
R1#configure terminal
Enter configuration commands, one
R1(config)#no ip route 10.70.20.0
R1(config)#no ip route 10.70.20.0
R1(config)#no ip route 10.70.30.0
R1(config)#no ip route 10.70.30.0
R1(config)#end
R1#

R2#show run | inc ip route


ip route 10.70.10.0 255.255.255.0
ip route 10.70.10.0 255.255.255.0
ip route 10.70.30.0 255.255.255.0
R2#configure terminal
Enter configuration commands, one
R2(config)#no ip route 10.70.10.0
R2(config)#no ip route 10.70.10.0
R2(config)#no ip route 10.70.30.0
R2(config)#end
R2#

10.70.12.2
10.70.21.2 200
10.70.12.2
10.70.21.2 200
per line. End with CNTL/Z.
255.255.255.0 10.70.12.2
255.255.255.0 10.70.21.2 200
255.255.255.0 10.70.12.2
255.255.255.0 10.70.21.2 200

10.70.12.1
10.70.21.1 200
10.70.23.2
per line. End with CNTL/Z.
255.255.255.0 10.70.12.1
255.255.255.0 10.70.21.1 200
255.255.255.0 10.70.23.2

R3#show run | inc ip route


ip route 0.0.0.0 0.0.0.0 10.70.23.1
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#no ip route 0.0.0.0 0.0.0.0 10.70.23.1
R3(config)#end
R3#

Objective 2. Configure R1, R2 and R3 to run the Routing Information Protocol (RIP) and specify the classful network statement in
which interfaces will participate in RIP dynamic routing process. Verify that RIP is running on R1 via the show ip protocols
command.
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router rip
R1(config-router)#network 10.0.0.0
R1(config-router)#end
R1#show ip protocols
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-routing-information-protocol-rip/[4/12/2015 7:11:07 PM]

Configuring Routing Information Protocol (RIP) | Free CCNA Workbook

Incoming update filter list for all interfaces is not set


Sending updates every 30 seconds, next due in 22 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Redistributing: rip
Default version control: send version 1, receive any version
Interface
Send Recv Triggered RIP Key-chain
Serial0/0.122
1
1 2
Serial0/1
1
1 2
Loopback0
1
1 2
Loopback1
1
1 2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
10.0.0.0
Routing Information Sources:
Gateway
Distance
Last Update
Distance: (default is 120)
R1#

R2#configure terminal
Enter configuration commands, one per line.
R2(config)#router rip
R2(config-router)#network 10.0.0.0
R2(config-router)#end
R2#

R2#configure terminal
Enter configuration commands, one per line.
R3(config)#router rip
R3(config-router)#network 10.0.0.0
R3(config-router)#end
R3#

End with CNTL/Z.

End with CNTL/Z.

Objective 3. Verify that routes are propagating properly from R1 to R2 and from R2 to R3; if not then why?
To verify that routes are being learned via RIP you can view the routing table and the rip database as shown below;
R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C
C
C
C
R

10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks


10.70.12.0/30 is directly connected, Serial0/0.221
10.70.23.0/30 is directly connected, Serial0/0.223
10.70.21.0/30 is directly connected, Serial0/1
10.70.20.0/24 is directly connected, Loopback0
10.70.10.0/30 [120/1] via 10.70.21.1, 00:00:11, Serial0/1
[120/1] via 10.70.12.1, 00:00:09, Serial0/0.221

R2#
R2#show ip rip database
10.0.0.0/8
auto-summary
10.70.12.0/30
directly connected, Serial0/0.221
10.70.21.0/30
directly connected, Serial0/1
10.70.23.0/30
directly connected, Serial0/0.223
10.70.20.0/24
directly connected, Loopback0
10.70.10.0/30
[1] via 10.70.12.1, 00:00:05, Serial0/0.221
[1] via 10.70.21.1, 00:00:04, Serial0/1
R2#

R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-routing-information-protocol-rip/[4/12/2015 7:11:07 PM]

Configuring Routing Information Protocol (RIP) | Free CCNA Workbook

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2


E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
R
10.70.12.0/30 [120/1] via 10.70.23.1, 00:00:06, Serial0/0.322
C
10.70.23.0/30 is directly connected, Serial0/0.322
R
10.70.21.0/30 [120/1] via 10.70.23.1, 00:00:06, Serial0/0.322
C
10.70.30.0/24 is directly connected, Loopback0
R
10.70.10.0/30 [120/2] via 10.70.23.1, 00:00:06, Serial0/0.322
R3#
R3#show ip rip database
10.0.0.0/8
auto-summary
10.70.12.0/30
[1] via 10.70.23.1, 00:00:08, Serial0/0.322
10.70.21.0/30
[1] via 10.70.23.1, 00:00:08, Serial0/0.322
10.70.23.0/30
directly connected, Serial0/0.322
10.70.30.0/24
directly connected, Loopback0
10.70.10.0/30
[2] via 10.70.23.1, 00:00:08, Serial0/0.322
R3#
As you can gather from the provided routing tables and rip databases that the /24 routes on the looback0 interfaces are not being
propagated. Why not?
By default when configuring RIP it uses version 1 which cannot share subnet information so with that being the case RIP will not
advertise a /24 subnet over a /30 subnet link. You can however configure the point to point frame relay links as /24 links and all
routes will be propagated just fine. RIPv2 (Version 2) resolves this issue by using Variable Length Subnet Masking (VLSM) in the
updates sent between routers. Continue on to the Lab 7-2 Configuring RIP Version 1 and 2 to learn more about RIPv2.

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-routing-information-protocol-rip/[4/12/2015 7:11:07 PM]

Configuring Routing Information Protocol (RIP) | Free CCNA Workbook

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-routing-information-protocol-rip/[4/12/2015 7:11:07 PM]

Configuring RIP Versions 1 and 2 | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring RIPv1 and RIPv2

There are two versions of RIP known as v1 and v2. The differences are major changes in how RIP advertises and
populates the routing table. This lab will discuss and demonstrate the configuration and verification of RIPv1 and
RIPv2.

Real World Application & Core Knowledge


After reading completing Lab 7-1 you should have an excellent foundation for understanding RIP. Now its time to build even further
on that foundation. Technically Lab 7-1 was a RIPv1 lab. When you enable RIP, by default it uses version 1 unless you specify it to
use Version 2. RIPv1 however has limitations that are just not feasible in todays modern networks.
Such limitation of classful routing protocols were seen early in the evolutionary development of the internet as more and more
networks became discontigious, such information about subnets needed to be advertised along with the networks to other routers to
ensure IP connectivity.
There are a several new features that RIPv2 has that RIPv1 does not, first off being the ability to send subnet information in updates;
VLSM. RIPv2 is a Classless routing protocol. RIPv2 also sends its updates to the Multicast address of 224.0.0.9 whereas v1 sent the
updates to the broadcast address. RIPv2 also supports authentication now to prevent unwanted rouge network routers from being
placed into the network causing chaos in the routing table. Route tagging is now a supported feature in RIP as of version two which
will help in managing redistributed routes which will be discussed in Section 10.
If youve completed the previous lab then youll notice that with RIPv1, subnets are not advertised and this causes a problem. /24
subnets cannot be advertised out /30 subnetted links. So in this lab youre going to use Version 2 to fix this issue. Youll continue to
build onto the previous labs logical topology which is shown below;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-versions-1-and-2/[4/12/2015 7:11:26 PM]

Configuring RIP Versions 1 and 2 | Free CCNA Workbook

Familiarize yourself with the following new command(s);

Command

Description

version 2

This command is executed in rip router configuration mode to specify that the RIP
process should operate at version 2.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

!##################################################
!#

Free CCNA Workbook Lab 7-2 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.20.1 255.255.255.0
!
interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address
encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp
!
interface Serial0/0.221 point-to-point
description ### FRAME RELAY LINK TO R1 ###
ip address 10.70.12.2 255.255.255.252
frame-relay interface-dlci 221
!
interface Serial0/0.223 point-to-point
description ### FRAME RELAY LINK TO R3 ###
ip address 10.70.23.1 255.255.255.252
!

frame-relay interface-dlci 223


interface Serial0/0
no shut
exit
!
interface Serial0/1
description ### PPP LINK TO R1 ###

ip address 10.70.21.2 255.255.255.252


http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-versions-1-and-2/[4/12/2015
7:11:26 PM]
encapsulation ppp

Configuring RIP Versions 1 and 2 | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 7-2 R3 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R3
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.30.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp
!

Lab Objectives
interface Serial0/0.322 point-to-point

description ### FRAME RELAY LINK TO R2 ###


ip address 10.70.23.2 255.255.255.252

frame-relay interface-dlci 322


interface Serial0/0
no shut
exit
!

Configure R1, R2 and R3 to run RIP Version 2.

router rip
network 10.0.0.0

Verify that all routes are propagating properly in the network from R1 to R2 and from R3 to R2 using show ip route. Verify IP

!
end

connectivity using ping sourced from the 10.70.20.0/24 network to the 10.70.10.0/24 and 10.70.30.0/24 networks

Lab Instruction
Objective 1. Configure R1, R2 and R3 to run RIP Version 2.
R1>enable
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#end
R1#

R2>enable
R2#configure terminal
Enter configuration commands, one per line.
R2(config)#router rip
R2(config-router)#version 2
R2(config-router)#end
R2#

R3>enable
R3#configure terminal
Enter configuration commands, one per line.
R3(config)#router rip
R3(config-router)#version 2
R3(config-router)#end
R3#

End with CNTL/Z.

End with CNTL/Z.

End with CNTL/Z.

Objective 2. Verify that all routes are propagating properly in the network from R1 to R2 and from R3 to R2 using show ip route.
Verify IP connectivity using ping sourced from the 10.70.20.0/24 network to the 10.70.10.0/24 and 10.70.30.0/24 networks
R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-versions-1-and-2/[4/12/2015 7:11:26 PM]

Configuring RIP Versions 1 and 2 | Free CCNA Workbook

ia - IS-IS inter area, * - candidate default, U - per-user static route


o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
10.70.12.0/30 is directly connected, Serial0/0.221
10.70.23.0/30 is directly connected, Serial0/0.223
10.70.21.0/30 is directly connected, Serial0/1
10.70.30.0/24 [120/1] via 10.70.23.2, 00:00:04, Serial0/0.223
10.70.20.0/24 is directly connected, Loopback0
10.70.10.0/24 [120/1] via 10.70.21.1, 00:00:27, Serial0/1
[120/1] via 10.70.12.1, 00:00:21, Serial0/0.221
R
10.56.10.0/30 [120/1] via 10.70.21.1, 00:00:27, Serial0/1
[120/1] via 10.70.12.1, 00:00:21, Serial0/0.221
R2#ping 10.70.10.1
C
C
C
R
C
R

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 10.70.10.1, timeout is 2 seconds:
Packet sent with a source address of 10.70.20.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/54/144 ms
R2#ping 10.70.30.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.70.30.1, timeout is 2 seconds:
Packet sent with a source address of 10.70.20.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/60/128 ms
R2#
After viewing the routing table; youll notice that after Version 2 has been configured all the subnets are propagated properly and you
can reach the subnets correctly from the given networks.

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-versions-1-and-2/[4/12/2015 7:11:26 PM]

Configuring RIP Versions 1 and 2 | Free CCNA Workbook

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-versions-1-and-2/[4/12/2015 7:11:26 PM]

Configuring RIP Timers | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring RIP Timers

The default timers on RIP can be tuned to meet the requirements of your network. This lab will discuss and
demonstrate the configuration and verification of RIP Timers.

Real World Application & Core Knowledge


In todays networks the convergence time for RIP just isnt fast enough. With the default timers, RIP convergence can take longer
than three minutes which is just completely unacceptable in todays networks.
If you take a look back to lab Configuring Routing Information Protocol (RIP) it discusses the different types of timers and what they
do. In this lab youll learn how to modify the timers to decrease convergence time.
The timers are configured in rip router configuration mode as a global setting however the update timer can be configured on a per
interface basis.
To set the timers youll use the timers basic update# invalid# holddown# flush#. Each # is represented as a value in seconds. i.e;
timers basic 30 40 10 60
To set the update timers manually per interface youll use the ip rip advertise # where as # is the interval in seconds at which updates
are sent.
This lab will use the same logical topology as used in Lab 7-2 which is shown below;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-timers/[4/12/2015 7:11:47 PM]

Configuring RIP Timers | Free CCNA Workbook

In this lab you will configure the timers on all routers to 30 second updates, 40 second invalid, 10 second hold down and 60 second
flush and manually set R3 to send updates to R2 every 10 seconds over interface Serial0/0.322
Familiarize yourself with the following new command(s);

Command

Description

timers basic 30 40 10 60

This command is executed in rip router configuration mode to globally set the update,
invalid, hold down and flush timers of the RIP routing process.

ip rip advertise #

This command is executed in interface configuration mode to specify the interval in


seconds at which RIP updates are sent out the specific interface.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

!##################################################
!#

Free CCNA Workbook Lab 7-3 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.20.1 255.255.255.0
!
interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address
encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp
!
interface Serial0/0.221 point-to-point
description ### FRAME RELAY LINK TO R1 ###
ip address 10.70.12.2 255.255.255.252
frame-relay interface-dlci 221
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-timers/[4/12/2015
7:11:47 PM]
!

Configuring RIP Timers | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 7-3 R3 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R3
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.30.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp
!

Lab Objectives
interface Serial0/0.322 point-to-point

description ### FRAME RELAY LINK TO R2 ###


ip address 10.70.23.2 255.255.255.252

frame-relay interface-dlci 322


interface Serial0/0
no shut
exit
!

Configure the RIP timers on R1, R2 and R3 to 30 second updates, 40 second invalid, 10 second hold and 60 second flush.

router rip
version 2

Verify your configuring.

network 10.0.0.0
exit

On R3 configure Serial0/0.322 to send updates every 10 seconds towards R2. Verify your configuration.

line con 0
logging sync

no exec-timeout

end

Lab Instruction
Objective 1. Configure the RIP timers on R1, R2 and R3 to 30 second updates, 40 second invalid, 10 second hold and 60 second
flush. Verify your configuring.
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router rip
R1(config-router)#timers basic 30 40 10 60
R1(config-router)#end
R1#show ip protocols
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 26 seconds
Invalid after 40 seconds, hold down 10, flushed after 60
Redistributing: rip
Default version control: send version 2, receive version 2
Interface
Send Recv Triggered RIP Key-chain
Serial0/0.122
2
2
Serial0/1
2
2
Loopback0
2
2
Loopback1
2
2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
10.0.0.0
Routing Information Sources:
Gateway
Distance
Last Update
10.70.12.2
120
00:00:05
10.70.21.2
120
00:00:05
Distance: (default is 120)
R1#

R2#configure terminal
Enter configuration commands, one per line.
R2(config)#router rip
R2(config-router)#timers basic 30 40 10 60
R2(config-router)#end
R2#show ip protocols
Routing Protocol is "rip"

End with CNTL/Z.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-timers/[4/12/2015 7:11:47 PM]

Configuring RIP Timers | Free CCNA Workbook

Outgoing update filter list for all interfaces is not set


Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 16 seconds
Invalid after 40 seconds, hold down 10, flushed after 60
Redistributing: rip
Default version control: send version 2, receive version 2
Interface
Send Recv Triggered RIP Key-chain
Serial0/0.221
2
2
Serial0/0.223
2
2
Serial0/1
2
2
Loopback0
2
2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
10.0.0.0
Routing Information Sources:
Gateway
Distance
Last Update
10.70.12.1
120
00:00:15
10.70.23.2
120
00:00:03
10.70.21.1
120
00:00:06
Distance: (default is 120)
R2#

R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#router rip
R3(config-router)#timers basic 30 40 10 60
R3(config-router)#end
R3#show ip protocols
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 22 seconds
Invalid after 40 seconds, hold down 10, flushed after 60
Redistributing: rip
Default version control: send version 2, receive version 2
Interface
Send Recv Triggered RIP Key-chain
Serial0/0.322
2
2
Loopback0
2
2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
10.0.0.0
Routing Information Sources:
Gateway
Distance
Last Update
10.70.23.1
120
00:00:21
Distance: (default is 120)
R3#
Objective 2. On R3 configure Serial0/0.322 to send updates every 10 seconds towards R2. Verify your configuration.
R3#configure terminal
Enter configuration commands, one per line.
R3(config)#interface Serial0/0.322
R3(config-subif)#ip rip advertise 10
R3(config-subif)#end

End with CNTL/Z.

There are three ways to verify that the interface timer that youve configured is operating properly. The first method of verification is
that you can run debug ip rip events on R2 to view how often the updates are coming from R3, they should be approximately 10
seconds apart give or take a few seconds.
The second method you can use to verify that the interface specific advertisement timer is operating correctly is using the show ip
protocols command on R2 and you should see the last update received from 10.70.23.2 never go above 10 seconds.
And the last method of verification however is not documented in any Cisco documentation and the command is a hidden command

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-timers/[4/12/2015 7:11:47 PM]

Configuring RIP Timers | Free CCNA Workbook

that will not show up when using the ?. The command is called show ip rip timers This command is very vague and does not display
any details at all however it does show the update intervals on a per interface basis. This command will show the time it the router
will wait before it sends another update through an interface.
When you do show ip protocols under rip youll see the interfaces listed in order as shown below;
R3#show ip protocols
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 6 seconds
Invalid after 40 seconds, hold down 10, flushed after 60
Redistributing: rip
Default version control: send version 2, receive version 2
Interface
Send Recv Triggered RIP Key-chain
Serial0/0.322
2
2
Loopback0
2
2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
10.0.0.0
Routing Information Sources:
Gateway
Distance
Last Update
10.70.23.1
120
00:00:11
Distance: (default is 120)
R3#
You can see that Serial0/0.322 is listed first and Loopback0 is second. Now when you execute the show ip rip timers command in
privileged mode youll see the following output;
R3#show ip rip timers
RIP timers
Expiration
Type
|
3.680 (parent)
|
3.680 Ager interval
|
7.172 (parent)
|
7.172 Periodic update
|
25.722 Periodic update
R3#
When you look at the output youll see two Periodic update timers, the first one being Serial0/0.322 which will send its next update in
7.172 seconds and Loopback0 which will send its next update in 25.722 seconds.
Note that the Ager interval is the hold down timer.

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-timers/[4/12/2015 7:11:47 PM]

Next Lab

Configuring RIP Timers | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-timers/[4/12/2015 7:11:47 PM]

Configuring RIP Triggered Updates | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring RIP Triggered Updates

By default RIP sends its updates on a fixed interval which can consume bandwidth. Triggered updates is a method
that RIP can use so only updates are sent when the routes change. This lab will discuss and demonstrate the
configuration and verification of RIP Triggered Updates.

Real World Application & Core Knowledge


So looking back at the architecture of RIP youll remember that RIP will send all its routing table in updates to its neighboring routers,
in by doing so bandwidth is required. This bandwidth over a WAN link can be excessive and even more excessive when you have
modified the RIP timers. No need to fear, triggered updates are here!!!
Proposed in RFC2092, triggered updates only send updates to neighboring routers under specific conditions to conserve bandwidth.
Triggered updates are exactly how they sound. Updates are not send to neighboring routers unless one of four things happen to
cause the update to be sent which include the following;
The router receives a specific request for an update.
Information from another interfaces has caused a modification to the RIP database causing an update to be triggered.
An interface goes up or down; in which case a partial database update is sent.
A router is powered on thus triggering an update of the FULL database.

The configuration of triggered updates is done on a per interface basis and must be configured on both sides of the link. The
command used to enable triggered updates is ip rip triggered You can verify the configuration via the show ip protocols command.
This lab will use the same logical topology as used previous Lab 7-3 as shown below;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-triggered-updates/[4/12/2015 7:12:07 PM]

Configuring RIP Triggered Updates | Free CCNA Workbook

In this lab you will configure triggered updates on the point to point Frame relay link between R2 and R3.
Familiarize yourself with the following new command(s);

Command

Description

ip rip triggered

This command is executed under interface configuration mode to enable the RIP
RFC2092 Triggered Updates extension.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

!##################################################
!#

Free CCNA Workbook Lab 7-4 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.20.1 255.255.255.0
!
interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address
encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp
!
interface Serial0/0.221 point-to-point
description ### FRAME RELAY LINK TO R1 ###
ip address 10.70.12.2 255.255.255.252
!

frame-relay interface-dlci 221


interface Serial0/0.223 point-to-point
description ### FRAME RELAY LINK TO R3 ###
ip address 10.70.23.1 255.255.255.252
frame-relay interface-dlci 223
!
interface Serial0/0
no shut

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-triggered-updates/[4/12/2015
7:12:07 PM]
exit

Configuring RIP Triggered Updates | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 7-4 R3 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R3
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.30.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp
ip rip advertise 10

Lab Objectives
!

interface Serial0/0.322 point-to-point

description ### FRAME RELAY LINK TO R2 ###


ip address 10.70.23.2 255.255.255.252
frame-relay interface-dlci 322
!
interface Serial0/0
no shut
exit

Configure the point-to-point Frame Relay link between R2 and R3 to use triggered rip updates to conserve bandwidth.

!
router rip

Verify the RIP Triggered updates configuration.

version 2

network 10.0.0.0

timers basic 30 40 10 60
!
end

Lab Instruction
Objective 1. Configure the point-to-point Frame Relay link between R2 and R3 to use triggered rip updates to conserve bandwidth.
R2#configure terminal
Enter configuration commands, one per line.
R2(config)#interface Serial0/0.223
R2(config-subif)#ip rip triggered
R2(config-subif)#end
R2#

R3#configure terminal
Enter configuration commands, one per line.
R3(config)#interface Serial0/0.322
R3(config-subif)#ip rip triggered
R3(config-subif)#end
R3#

End with CNTL/Z.

End with CNTL/Z.

Objective 2. Verify the RIP Triggered updates configuration.


This can be done using the show ip protocols command as shown below;
R2#show ip protocols
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 14 seconds
Invalid after 40 seconds, hold down 0, flushed after 60
Redistributing: rip
Default version control: send version 2, receive version 2
Interface
Send Recv Triggered RIP Key-chain
Serial0/0.221
2
2
Serial0/0.223
2
2
Yes

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-triggered-updates/[4/12/2015 7:12:07 PM]

Configuring RIP Triggered Updates | Free CCNA Workbook

Serial0/1
2
2
Loopback0
2
2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
10.0.0.0
Routing Information Sources:
Gateway
Distance
Last Update
10.70.12.1
120
00:00:07
10.70.23.2
120
00:01:28
10.70.21.1
120
00:00:18
Distance: (default is 120)
R2#

R3#show ip protocols
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 23 seconds
Invalid after 40 seconds, hold down 0, flushed after 60
Redistributing: rip
Default version control: send version 2, receive version 2
Interface
Send Recv Triggered RIP Key-chain
Serial0/0.322
2
2
Yes
Loopback0
2
2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
10.0.0.0
Routing Information Sources:
Gateway
Distance
Last Update
10.70.23.1
120
00:00:09
Distance: (default is 120)
R3#
Examine the show ip protocols information and youll see that Serial0/0.223 has yes under triggered on R2 and Serial0/0.322 has
yes under triggered on R3.

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-triggered-updates/[4/12/2015 7:12:07 PM]

Useful Links

Configuring RIP Triggered Updates | Free CCNA Workbook

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-triggered-updates/[4/12/2015 7:12:07 PM]

Configuring RIP Interface Options | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring RIP Interface Parameters

When it comes to configuring RIP, there are serveral interface parameters that can be configured to fine tune the
operation of RIP. This lab will discuss and demonstrate the configuration and verification of RIP interface parameters.

Real World Application & Core Knowledge


So what happens if you have a network that has both RIP version 1 and version 2? This could be a problem when one company buys
another company in which company A uses RIPv1 and Company B uses RIPv1.
There are two options under interface configuration mode that will allow you to set the version(s) in which the router will send and/or
receive. This gives you the ability to have two different RIP version environments and give you the ability to migrate the RIPv1
network to the RIPv2 standard. By default when you use RIPv2, the RIP process is set to only send/receive RIPv2 updates. This can
be changed to include RIPv1 if there is a need for it.
To enable the transmission of RIPv1 and RIPv2 updates youll execute the ip rip send version 1 2 on a per interface basis. To enable
RIP to process RIPv1 and RIPv2 updates, the command youll need to execute on a per interface basis is ip rip receive version 1 2
The next concept this lab will discuss is how to configure RIPv2 to send its updates using a broadcast destination address and not to
the multicast destination address of 224.0.0.9:520. This configuration is sometimes required in environments where multicast is
prohibited. In Lab 7-6 you will learn how to configure static neighbors which sends the updates via unicast.
Enabling RIPv2 to send broadcast updates is done on a per interface basis using the ip rip v2-broadcast command in interface
configuration mode.
This lab will continue to build upon the same logical topology used in the previous Lab 7-4 as shown below;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-interface-options/[4/12/2015 7:12:27 PM]

Configuring RIP Interface Options | Free CCNA Workbook

In this lab you will configure R2 and R3 to send RIPv1 and RIPv2 updates between each other on their Frame Relay point-to-point
interface. You will also configure R1 to send RIPv2 updates as broadcast to R2 via the point-to-point interface.
Familiarize yourself with the following new command(s);

Command

Description

ip rip send version #

This command is executed in interface configuration mode and specifies which


version(s) of RIP updates can be sent via that interface.

ip rip receive version #

This command is executed in interface configuration mode and specifies which


version(s) of RIP updates can be received and processed via that interface.

ip rip v2-broadcast

This command is executed in interface configuration mode and specifies that RIPv2
should send updates out that specific interface using broadcast and not multicast.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-interface-options/[4/12/2015 7:12:27 PM]

Configuring RIP Interface Options | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 7-5 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.20.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp

!##################################################
!
!#
Free CCNA
Workbook Lab
7-5 R3 Initial Config
interface
Serial0/0.221
point-to-point

!##################################################
description ### FRAME RELAY LINK TO R1 ###
!ip address 10.70.12.2 255.255.255.252
enable
frame-relay interface-dlci 221
configure
terminal
ip rip triggered
!

hostname
interfaceR3
Serial0/0.223 point-to-point

!description ### FRAME RELAY LINK TO R3 ###


interface
Loopback0
ip address
10.70.23.1 255.255.255.252
description
SIMULATED NETWORK
###
frame-relay ###
interface-dlci
223

!ip address 10.70.30.1 255.255.255.0

!
interface Serial0/0
interface
no shut Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


exit
!no ip address

encapsulation
frame-relay
interface
Serial0/1

serial
restart-delay
0
description
### PPP LINK
TO R1 ###

no
inverse-arp
ip frame-relay
address 10.70.21.2
255.255.255.252

!encapsulation ppp

Lab Objectives
interface
Serial0/0.322
serial restart-delay
0 point-to-point

description
### FRAME RELAY LINK TO R2 ###
clock rate 128000
ip shut
address 10.70.23.2 255.255.255.252
no

frame-relay
interface-dlci 322
exit

!ip rip advertise 10


ip riprip
triggered
router

!version 2

Configure R2 to send and receive RIP Version 1 and 2 updates on the point-to-point link towards R3. Verify your configuration.

interface
Serial0/0
network 10.0.0.0

no
shutbasic 30 40 10 60
timers

exit
!
!
end

Configure R2 to send and receive RIP Version 1 and 2 updates on the point-to-point link towards R2. Verify your configuration.

router rip

version 2

network 10.0.0.0

Configure R1s point-to-point interface towards R2 to send RIPv2 updates as broadcast. Verify your configuration using the

timers basic 30 40 10 60
!

end

debug ip rip events

Lab Instruction
Objective 1. Configure R2 to send and receive RIP Version 1 and 2 updates on the point-to-point link towards R3. Verify your
configuration.
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface Serial0/0.223
R2(config-subif)#ip rip send version 1 2
R2(config-subif)#ip rip receive version 1 2
R2(config-subif)#end
R2#
R2#show ip protocols
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 24 seconds
Invalid after 40 seconds, hold down 0, flushed after 60
Redistributing: rip
Default version control: send version 2, receive version 2
Interface
Send Recv Triggered RIP Key-chain
Serial0/0.221
2
2
Serial0/0.223
1 2
1 2
Yes
Serial0/1
2
2
Loopback0
2
2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
10.0.0.0

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-interface-options/[4/12/2015 7:12:27 PM]

Configuring RIP Interface Options | Free CCNA Workbook

Routing Information Sources:


Gateway
Distance
10.70.12.1
120
10.70.23.2
120
10.70.21.1
120
Distance: (default is 120)

Last Update
00:00:28
00:31:10
00:00:00

R2#

Objective 2. Configure R2 to send and receive RIP Version 1 and 2 updates on the point-to-point link towards R2. Verify your
configuration.
R3>enable
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#interface Serial0/0.322
R3(config-subif)#ip rip send version 1 2
R3(config-subif)#ip rip receive version 1 2
R3(config-subif)#end
R3#
R3#show ip protocols
Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 8 seconds
Invalid after 40 seconds, hold down 0, flushed after 60
Redistributing: rip
Default version control: send version 2, receive version 2
Interface
Send Recv Triggered RIP Key-chain
Serial0/0.322
1 2
1 2
Yes
Loopback0
2
2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
10.0.0.0
Routing Information Sources:
Gateway
Distance
Last Update
10.70.23.1
120
00:35:30
Distance: (default is 120)
R3#
Objective 3. Configure R1s point-to-point interface towards R2 to send RIPv2 updates as broadcast. Verify your configuration using
the debug ip rip events
R1>enable
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#interface Serial0/1
R1(config-subif)#ip rip v2-broadcast
R1(config-subif)#end
R1#

End with CNTL/Z.

To verify that RIP is indeed sending RIPv2 updates via broadcast you can use the debug ip rip events command as shown below;
R1#debug ip rip events
R1#
RIP: sending v2 update to 255.255.255.255 via Serial0/1 (10.70.21.1)
RIP: Update contains 3 routes
RIP: Update queued
RIP: Update sent via Serial0/1
R1#
As you can see RIP reported that it was sending a v2 update to 255.255.255.255 (Broadcast) via Serial0/1. This confirms that RIPv2
is indeed sending broadcast updates to R2 via the point-to-point frame-relay link.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-interface-options/[4/12/2015 7:12:27 PM]

Configuring RIP Interface Options | Free CCNA Workbook

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-interface-options/[4/12/2015 7:12:27 PM]

Configuring RIP Static Neighbors | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring RIP Static Neighbors

You have the ability to define static neighbor in RIP which can be used for configuring neighbors across NBMA links or
just hardening the communication where RIP communicates using unicast. This lab will discuss and demonstrate the
configuration and verification of static RIP Neighbors.

Real World Application & Core Knowledge


There is however another advantage to configuring RIP with static neighbor relationships which is added security but there is one
catch!!! By default RIPv2 will send multicast updates out all interfaces specified within the range of the network command. If you
configure a static neighbor; not only will that router send updates via unicast to that neighbor out the respected link. It will also send
multicast updates out the same link as well. To prevent this from happening, you must utilize a feature called Passive Interface.
A RIP Passive Interface in a nut shell prevents the RIP routing process from sending multicast/broadcast updates out a specified
interface. A RIP Passive interface however does not block unicast updates. Keep in mind a Passive Interface DOES NOT block
multicast/broadcast updates therefore the router would still process received RIP updates.
So with that in mind, its quite common in secure networks the passive interface feature will be utilized on all interfaces and the
neighbors will statically be configured to prevent RIP route snooping via Wireshark.
This lab will continue to build upon the same logical topology used previously in Lab 7-5 as shown below;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-static-neighbors/[4/12/2015 7:12:48 PM]

Configuring RIP Static Neighbors | Free CCNA Workbook

In this lab you will configure a static neighbor relationship between R1 and R2 via the Point-to-Point T1 link and verify that the
neighbor relationship is indeed operating in a unicast fashion using debug ip rip events
Familiarize yourself with the following new command(s);

Command

Description

neighbor x.x.x.x

This command is configured in the RIP routing process to specify a static neighbor relationship
and use unicast communication with that node.

passive-interface name#/#

This command is executed in RIP configuration mode to specify a specific interface as passive
which prevents the advertisement of multicast/broadcast updates.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

!##################################################
!#

Free CCNA Workbook Lab 7-6 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.20.1 255.255.255.0
!
interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address
encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp
!
interface Serial0/0.221 point-to-point
description ### FRAME RELAY LINK TO R1 ###
ip address 10.70.12.2 255.255.255.252
frame-relay interface-dlci 221
ip rip triggered
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-static-neighbors/[4/12/2015
7:12:48 PM]
ip rip send version 1 2

Configuring RIP Static Neighbors | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 7-6 R3 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R3
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.30.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp
!

Lab Objectives
interface Serial0/0.322 point-to-point

description ### FRAME RELAY LINK TO R2 ###


ip address 10.70.23.2 255.255.255.252
frame-relay interface-dlci 322
ip rip advertise 10
ip rip triggered
ip rip send version 1 2

Remove the previous RIP v2-broadcast configuration from R1s point-to-point towards R2 and configure R2s Point-to-Point T1

ip rip receive version 1 2


!

interface IP address as a static neighbor.

interface Serial0/0
no shut
exit
!

On R2, Configure R1s Point-to-Point T1 interface IP as a static neighbor.

router rip
version 2

network 10.0.0.0

Configure both R1 and R2 to not send Multicast/Broadcast updates out the Point-to-Point T1 link.

timers basic 30 40 10 60

end

Verify that RIP updates are being sent between R1 and R2 via Unicast using the debug ip rip events command.

Lab Instruction
Objective 1. Remove the previous RIP v2-broadcast configuration from R1s point-to-point towards R2 and configure a R2s Pointto-Point T1 interface IP address as a static neighbor.
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#interface Serial0/1
R1(config-subif)#no ip rip v2-broadcast
R1(config-subif)#router rip
R1(config-router)#neighbor 10.70.21.2
R1(config-router)#end
R1#

End with CNTL/Z.

Objective 2. On R2, Configure R1s Point-to-Point T1 interface IP as a static neighbor.


R2>enable
R2#configure terminal
Enter configuration commands, one per line.
R2(config)#router rip
R2(config-router)#neighbor 10.70.21.1
R2(config-router)#end
R2#

End with CNTL/Z.

Objective 3. Configure both R1 and R2 to not send Multicast/Broadcast updates out the Point-to-Point T1 link.
R1#configure terminal
R1(config)#router rip
R1(config-router)#passive-interface serial0/1
R1(config-router)#end
R1#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-static-neighbors/[4/12/2015 7:12:48 PM]

Configuring RIP Static Neighbors | Free CCNA Workbook

R2#configure terminal
R2(config)#router rip
R2(config-router)#passive-interface serial0/1
R2(config-router)#end
R2#
Objective 4. Verify that RIP updates are being sent between R1 and R2 via Unicast using the debug ip rip events command.
R1#debug ip rip events
RIP: sending v2 update to 10.70.21.2 via Serial0/1 (10.70.21.1)
RIP: Update contains 3 routes
RIP: Update queued
RIP: Update sent via Serial0/1
RIP: received v2 update from 10.70.21.2 on Serial0/1
RIP: Update contains 5 routes
R1#u all
All possible debugging has been turned off
R1#
As shown by the debug output above you can see that R1 sends a RIPv2 update to 10.70.21.2 via Serial0/1 and receives RIPv2
updates from 10.70.21.2. This shows that RIP unicast control traffic is operating as configured.

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-static-neighbors/[4/12/2015 7:12:48 PM]

Junos Workbook | Free Juniper

Configuring RIP Static Neighbors | Free CCNA Workbook

CCNA labs that can be completed using


the GNS3 platform.

mind would build a perimeter using

JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-static-neighbors/[4/12/2015 7:12:48 PM]

Configuring RIP Default Information Originate | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

RIP Default Information Originate

Configuring static default routes on every single network device in the infrastructure is cumbersome. This function can
be done automagically with default route propogation in RIP known as default information originate. This lab will
discuss and demonstrate the configuration and verification of RIP Default Information Originate.

Real World Application & Core Knowledge


So lets say you have a boundary router that has a direct connection to the internet and you want RIP to advertise the internet as a
route known as a default route. As previously discussed in Lab 6-3. Ideally a network engineer would not want to go to every single
node in the network to configure a static default route so generally they would use a dynamic routing protocol to advertise the
network 0.0.0.0/0.
RIP has a built in feature in which allows it to advertise a default route to its direct neighbors which will propagate throughout the
entire RIP routing domain. Utilizing this type of configuration can a company money due to the man hours required to configure a
static default route on each and every router and/or switch in the network and that does not include general router/switch
maintenance.
Advertising a default route via RIP is done by a single command that is executed in RIP router configuration mode. This command is
default-information originate
This lab will continue to build upon the same logical topology used previously in Lab 7-6 as shown below;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-default-information-originate/[4/12/2015 7:13:07 PM]

Configuring RIP Default Information Originate | Free CCNA Workbook

In this lab you will configure R3 to advertise a default route throughout the RIP routing domain.
Familiarize yourself with the following new command(s);

Command

Description

default-information originate

This command is executed in RIP router configuration mode to configure RIP to advertise a
default route throughout the RIP routing domain.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

!##################################################
!#

Free CCNA Workbook Lab 7-7 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.20.1 255.255.255.0
!
interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address
encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp
!
interface Serial0/0.221 point-to-point
description ### FRAME RELAY LINK TO R1 ###
ip address 10.70.12.2 255.255.255.252
frame-relay interface-dlci 221
!
interface Serial0/0.223 point-to-point
description ### FRAME RELAY LINK TO R3 ###
ip address 10.70.23.1 255.255.255.252
frame-relay interface-dlci 223
ip rip triggered
ip rip send version 1 2
ip rip receive version 1 2

!
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-default-information-originate/[4/12/2015
7:13:07 PM]

Configuring RIP Default Information Originate | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 7-7 R3 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R3
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.30.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp
!

Lab Objectives
interface Serial0/0.322 point-to-point

description ### FRAME RELAY LINK TO R2 ###


ip address 10.70.23.2 255.255.255.252
frame-relay interface-dlci 322
ip rip advertise 10
ip rip triggered
ip rip send version 1 2

Configure R3 to advertise a default route via the Routing Information Protocol (RIP).

ip rip receive version 1 2


!

interface Serial0/0
no shut
exit

Verify that the default route is properly propagated from R3 to R2 and R1 by viewing the RIP database and routing table on R1

router rip

and R2.

version 2
network 10.0.0.0

timers basic 30 40 10 60

Lab Instruction
end

Objective 1. Configure R3 to advertise a default route via the Routing Information Protocol (RIP).
R3>enable
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#router rip
R3(config-router)#default-information originate
R3(config-router)#end
R3#

Objective 2. Verify that the default route is properly propagated from R3 to R2 and R1 by viewing the RIP database and routing
table on R1 and R2.
R2#show ip rip database
0.0.0.0/0
auto-summary
0.0.0.0/0
[1] via 10.70.23.2, 00:01:56 (permanent), Serial0/0.223
* Triggered Routes:
- [1] via 10.70.23.2, Serial0/0.223
10.0.0.0/8
auto-summary
10.30.0.0/22
[1] via 10.70.23.2, 00:08:47 (permanent), Serial0/0.223
* Triggered Routes:
- [1] via 10.70.23.2, Serial0/0.223
10.70.10.0/24
[1] via 10.70.12.1, 00:00:16, Serial0/0.221
10.70.12.0/30
directly connected, Serial0/0.221
10.70.20.0/24
directly connected, Loopback0
10.70.21.0/30
directly connected, Serial0/1
10.70.21.1/32
directly connected, Serial0/1
10.70.23.0/30
directly connected, Serial0/0.223
10.70.30.0/24
[1] via 10.70.23.2, 00:08:47 (permanent), Serial0/0.223
* Triggered Routes:
- [1] via 10.70.23.2, Serial0/0.223
R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-default-information-originate/[4/12/2015 7:13:07 PM]

Configuring RIP Default Information Originate | Free CCNA Workbook

E1 - OSPF external type 1, E2 - OSPF external type 2


i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.70.23.2 to network 0.0.0.0
R
C
R
R
C
C
C
C
R*
R2#

10.0.0.0/8 is variably subnetted, 8 subnets, 4 masks


10.30.0.0/22 [120/1] via 10.70.23.2, 00:09:16, Serial0/0.223
10.70.12.0/30 is directly connected, Serial0/0.221
10.70.10.0/24 [120/1] via 10.70.12.1, 00:00:19, Serial0/0.221
10.70.30.0/24 [120/1] via 10.70.23.2, 00:09:16, Serial0/0.223
10.70.21.1/32 is directly connected, Serial0/1
10.70.20.0/24 is directly connected, Loopback0
10.70.21.0/30 is directly connected, Serial0/1
10.70.23.0/30 is directly connected, Serial0/0.223
0.0.0.0/0 [120/1] via 10.70.23.2, 00:02:26, Serial0/0.223

As you can see from R2s RIP database that the route 0.0.0.0/0 is being learned via 10.70.23.2 on Serial0/0.223. According to the
routing table, the router will route 0.0.0.0/0 to 10.70.23.2 as the default route is learned via RIP as denoted by the R*
R1#show ip rip database
0.0.0.0/0
auto-summary
0.0.0.0/0
[2] via 10.70.21.2, 00:00:00, Serial0/1
[2] via 10.70.12.2, 00:00:15, Serial0/0.122
10.0.0.0/8
auto-summary
10.30.0.0/22
[2] via 10.70.21.2, 00:00:00, Serial0/1
[2] via 10.70.12.2, 00:00:15, Serial0/0.122
10.70.10.0/24
directly connected, Loopback0
10.70.12.0/30
directly connected, Serial0/0.122
10.70.20.0/24
[1] via 10.70.21.2, 00:00:00, Serial0/1
[1] via 10.70.12.2, 00:00:15, Serial0/0.122
10.70.21.0/30
directly connected, Serial0/1
10.70.21.2/32
directly connected, Serial0/1
10.70.23.0/30
[1] via 10.70.21.2, 00:00:00, Serial0/1
[1] via 10.70.12.2, 00:00:15, Serial0/0.122
10.70.30.0/24
[2] via 10.70.21.2, 00:00:00, Serial0/1
[2] via 10.70.12.2, 00:00:15, Serial0/0.122
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.70.21.2 to network 0.0.0.0
R
C
C
R
R
C
R
C
R*

10.0.0.0/8 is variably subnetted, 8 subnets, 4 masks


10.30.0.0/22 [120/2] via 10.70.21.2, 00:00:02, Serial0/1
[120/2] via 10.70.12.2, 00:00:17, Serial0/0.122
10.70.12.0/30 is directly connected, Serial0/0.122
10.70.10.0/24 is directly connected, Loopback0
10.70.30.0/24 [120/2] via 10.70.21.2, 00:00:02, Serial0/1
[120/2] via 10.70.12.2, 00:00:17, Serial0/0.122
10.70.20.0/24 [120/1] via 10.70.21.2, 00:00:04, Serial0/1
[120/1] via 10.70.12.2, 00:00:18, Serial0/0.122
10.70.21.0/30 is directly connected, Serial0/1
10.70.23.0/30 [120/1] via 10.70.21.2, 00:00:04, Serial0/1
[120/1] via 10.70.12.2, 00:00:18, Serial0/0.122
10.70.21.2/32 is directly connected, Serial0/1
0.0.0.0/0 [120/2] via 10.70.21.2, 00:00:05, Serial0/1
[120/2] via 10.70.12.2, 00:00:20, Serial0/0.122

R1#
As shown above, R1s route to 0.0.0.0/0 is being learned via 10.70.12.1 and 10.70.21.2 as there are redundant links between R1 and
R2.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-default-information-originate/[4/12/2015 7:13:07 PM]

Configuring RIP Default Information Originate | Free CCNA Workbook

To further verify that the default route is operating as planned you can do a traceroute on R1 to any ip address not in in the routing
table such as 4.2.2.2 and it should load balanced towards R2 and then hit R3 before it returns and ICMP host unreachable as shown
below;
R1#traceroute 4.2.2.2
Type escape sequence to abort.
Tracing the route to 4.2.2.2
1 10.70.21.2
10.70.12.2
10.70.21.2
2 10.70.23.2
3 10.70.23.2
R1#

13
16
12
28
!H

msec
msec
msec
msec 24 msec 32 msec
!H *

When doing a traceroute on a Cisco device, you may encounter several different types of responses represented by different letters.
These letters have been listed out below to better your understanding of the traceroute and ping command(s);

Response

Description

Successful and/or response received.

Timed out

Network Unreachable, commonly caused by incomplete routing information.

Host Unreachable, commonly caused by an ACL.

Protocol Unreachable

Administratively Denied

Source Quench received

Unknown (any other ICMP message)

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-default-information-originate/[4/12/2015 7:13:07 PM]

Next Lab

Configuring RIP Default Information Originate | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-default-information-originate/[4/12/2015 7:13:07 PM]

Configuring RIP Route Summarization | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring RIP Route Summarization

Route summarization is a common practice to reduce resource utilization on network devices. Instead of having
hundreds of /24s you can have a single /16. This lab will discuss and demonstrate the configuration and verification
of RIP Route summarization.

Real World Application & Core Knowledge


First lets take a look at auto-summarization. Auto summarization will summarize routes on a router to their classful networks between
major networks, i.e; class a, b, c etc So with that being said lets say for example you have three routers connected together in a
linear bus; R1, R2 and R3. R1 is connected to R2 via a serial link using the 172.16.12.0/24 network and R2 is connected to R3 via a
serial link using the 172.16.23.0/24 network. R1 and R2 both have networks directly attached that fall into the 10.0.0.0/8 classful
subnet so both R1 and R3 will advertise they have a route to the 10.0.0.0/8 network and in this case R2 will install two routes into the
routing table and load balance between R1 and R2 to reach the 10.0.0.0/8 classful network.
However the downfall of this scenario is that if 10.70.10.0/24 is directly connected to R1 and 10.70.30.0/24 is directly connected to
R3; any traffic sourced from a network directly connected to R2 destined to the 10.70.10.0/24 network will be load balanced between
R1 and R2 thus causing half of the traffic to fail. If you lab this scenario and ping an address directly connected to R1 from R2 then
youll see the pings from R2 are intermittent and have a 50% successful delivery.
In todays networks this would be unacceptable as few organizations own a full class A subnet. In nearly every router you will see in
production as a network engineer you will see no auto-summary under the routing process in the running-configuration to prevent
such classful auto summarization.
On the other hand summarization is a good thing! Just not auto-summarization. On a Cisco router you have the ability to summarize
particular subnets into a single larger subnet which can be used to save router resources upstream on the network such as memory
and CPU cycles.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-route-summarization/[4/12/2015 7:13:26 PM]

Configuring RIP Route Summarization | Free CCNA Workbook

So lets say you have 4 directly connected interfaces on R3 as; 10.30.0.0/24, 10.30.1.0/24, 10.30.2.0/24 and 10.30.3.0/24 and you
want to advertise these 4 routes as a single route to R2 to save memory and CPU cycles. How would you accomplish this?
First off you would need to subnet the 4 address ranges, in this case 10.30.0.0/22 would cover all 4 networks that are directly
connected. So then you would need to send that summary address out the interface using the command ip summary-address rip
10.30.0.0 255.255.252.0
This lab will continue to build upon the same logical topology used previously in Lab 7-7 as shown below;

In this lab you will disable auto-summarization on all routers and configure R3 with 4 new loopback interfaces with the IP addresses
of 10.30.0.0/24, 10.30.1.0/24, 10.30.2.0/24 and 10.30.3.0/24 and create a summary route that is sent to R2 via the point-to-point
frame-relay link between R3 and R2.
Familiarize yourself with the following new command(s);

Command

Description

ip summary-address rip n.n.n.n


s.s.s.s

This command is executed in interface configuration mode to advertise a summary


address out that particular interface.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-route-summarization/[4/12/2015 7:13:26 PM]

Configuring RIP Route Summarization | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 7-8 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.20.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp

!##################################################
!
!#
Free CCNA
Workbook Lab
7-8 R3 Initial Config
interface
Serial0/0.221
point-to-point

!##################################################
description ### FRAME RELAY LINK TO R1 ###
!ip address 10.70.12.2 255.255.255.252
enable
frame-relay interface-dlci 221
configure
terminal
ip rip triggered

!ip rip send version 1 2

hostname
R3
ip rip receive
version 1 2
!

interface Loopback0
Serial0/0.223 point-to-point

description ### SIMULATED


NETWORK
###
FRAME RELAY
LINK TO
R3 ###
ip address 10.70.30.1
10.70.23.1 255.255.255.0
255.255.255.252

!frame-relay interface-dlci 223

interface Serial0/0
!

description
### PHYSICAL FRAME RELAY INTERFACE ###
interface
Serial0/0
ip address
no shut

encapsulation frame-relay
exit
!serial restart-delay 0

no frame-relay
inverse-arp
interface
Serial0/1

!description ### PPP LINK TO R1 ###

Lab Objectives
interface
Serial0/0.322
point-to-point
ip address
10.70.21.2 255.255.255.252

description ###
FRAME RELAY LINK TO R2 ###
encapsulation
ppp
ip address
10.70.23.20255.255.255.252
serial
restart-delay
frame-relay
interface-dlci 322
clock
rate 128000

ip shut
rip advertise 10
no
ip rip triggered
exit

!ip rip send version 1 2

Disable auto-summarization on all routers in the network topology; R1, R2 and R3.

ip riprip
receive version 1 2
router
!version 2

interface
Serial0/0
network 10.0.0.0

no
shutbasic 30 40 10 60
timers

Configure R3 with 4 new loopback interfaces using the ip addresses; 10.30.0.1/24, 10.30.1.1/24, 10.30.2.1/24 and

exit
passive-interface Serial0/1
!neighbor 10.70.21.1
router
rip
!

10.30.3.1/24

version 2
end

network 10.0.0.0

Configure a RIP summary route to be advertised to R2 via Serial0/0.322 summarizing the 4 new networks into a single route.

timers basic 30 40 10 60

default-information originate

!
end

Verify your configuration by viewing the routing table on R2 and ensuring that R2 is learning the summary route and not four
/24 subnets.

Lab Instruction
Objective 1. Disable auto-summarization on all routers in the network topology; R1, R2 and R3.
R1>enable
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#router rip
R1(config-router)#no auto-summary
R1(config-router)#end
R1#

R2>enable
R2#configure terminal
Enter configuration commands, one per line.
R2(config)#router rip
R2(config-router)#no auto-summary
R2(config-router)#end
R2#

End with CNTL/Z.

End with CNTL/Z.

R1>enable
R3#configure terminal

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-route-summarization/[4/12/2015 7:13:26 PM]

Configuring RIP Route Summarization | Free CCNA Workbook

Enter configuration commands, one per line.


R3(config)#router rip
R3(config-router)#no auto-summary
R3(config-router)#end
R3#

End with CNTL/Z.

Objective 2. Configure R3 with 4 new loopback interfaces using the ip addresses; 10.30.0.1/24, 10.30.1.1/24, 10.30.2.1/24 and
10.30.3.1/24
R3>enable
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#interface Lo 103000
R3(config-if)#ip add 10.30.0.1 255.255.255.0
R3(config-if)#interface Lo 103010
R3(config-if)#ip add 10.30.1.1 255.255.255.0
R3(config-if)#interface Lo 103020
R3(config-if)#ip add 10.30.2.1 255.255.255.0
R3(config-if)#interface Lo 103030
R3(config-if)#ip add 10.30.3.1 255.255.255.0
R3(config-if)#end
R3#
Objective 3. Configure a RIP summary route to be advertised to R2 via Serial0/0.322 summarizing the 4 new networks into a single
route.
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#interface Serial0/0.322
R3(config-subif)#ip summary-address rip 10.30.0.0 255.255.252.0
R3(config-subif)#end
R3#
Objective 4. Verify your configuration by viewing the routing table on R2 and ensuring that R2 is learning the summary route and
not four /24 subnets.
R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.70.23.2 to network 0.0.0.0
R
C
R
R
C
C
C
C
R*
R2#

10.0.0.0/8 is variably subnetted, 8 subnets, 4 masks


10.30.0.0/22 [120/1] via 10.70.23.2, 00:00:04, Serial0/0.223
10.70.12.0/30 is directly connected, Serial0/0.221
10.70.10.0/24 [120/1] via 10.70.21.1, 00:00:07, Serial0/1
[120/1] via 10.70.12.1, 00:00:25, Serial0/0.221
10.70.30.0/24 [120/1] via 10.70.23.2, 00:00:04, Serial0/0.223
10.70.21.1/32 is directly connected, Serial0/1
10.70.20.0/24 is directly connected, Loopback0
10.70.21.0/30 is directly connected, Serial0/1
10.70.23.0/30 is directly connected, Serial0/0.223
0.0.0.0/0 [120/1] via 10.70.23.2, 00:00:05, Serial0/0.223

To perform additional verification you can view R1s routing table to verify if the route is being correctly summarized as a a single /22
or multiple /24 subnets.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-route-summarization/[4/12/2015 7:13:26 PM]

Configuring RIP Route Summarization | Free CCNA Workbook

R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.70.21.2 to network 0.0.0.0
R
C
C
R
R
C
R
C
R*

10.0.0.0/8 is variably subnetted, 8 subnets, 4 masks


10.30.0.0/22 [120/2] via 10.70.21.2, 00:00:25, Serial0/1
[120/2] via 10.70.12.2, 00:00:03, Serial0/0.122
10.70.12.0/30 is directly connected, Serial0/0.122
10.70.10.0/24 is directly connected, Loopback0
10.70.30.0/24 [120/2] via 10.70.21.2, 00:00:25, Serial0/1
[120/2] via 10.70.12.2, 00:00:03, Serial0/0.122
10.70.20.0/24 [120/1] via 10.70.21.2, 00:00:00, Serial0/1
[120/1] via 10.70.12.2, 00:00:04, Serial0/0.122
10.70.21.0/30 is directly connected, Serial0/1
10.70.23.0/30 [120/1] via 10.70.21.2, 00:00:00, Serial0/1
[120/1] via 10.70.12.2, 00:00:04, Serial0/0.122
10.70.21.2/32 is directly connected, Serial0/1
0.0.0.0/0 [120/2] via 10.70.21.2, 00:00:01, Serial0/1
[120/2] via 10.70.12.2, 00:00:05, Serial0/0.122

R1#
As shown in R1s routing table; 10.30.0.0/22 is being load balanced over the frame relay link and the point-to-point T1 link.

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-route-summarization/[4/12/2015 7:13:26 PM]

GNS3 - Cisco Device Emulator


Download

Configuring RIP Route Summarization | Free CCNA Workbook

Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco
CCNA labs that can be completed using
the GNS3 platform.

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-route-summarization/[4/12/2015 7:13:26 PM]

Configuring RIP Route Metric Offset-Lists | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring RIP Route Offset List

There may be cases where you need to prefer one route over another route from a neighboring device with redundant
links. For example; latency, bandwidth, etc This lab will discuss and demonstrate the configuration and verification
of RIP route offset lists.

Real World Application & Core Knowledge


If you take a look back at Lab 6-3 Configuring a Static Floating Route; the lab objectives were that the point-to-point T1 link
between R1 and R2 was used as a backup link and the company had to pay per MB transferred over the link; so a floating route was
created to ensure the link would only be used in case the main frame relay link between R1 and R2 went down.
If you view the routing table on R1 in lab 7-8 you see that a lot of the networks such as 10.70.20.0/24 and 10.30.0.0/22 are load
balanced over the frame-relay link and the point-to-point T1 link. In this lab you will learn how to configure RIP so that the metrics of
all routes being transmitted or received over the point-to-point T1 link between R1 and R2 are higher therefore less preferred by RIP
thus not being installed into the routing table as the best metric would be the Frame-relay link between R1 and R2.
To complete that task youll need to configure what is known as a RIP route metric offset-list. The offset-list takes specific routes that
is matches to an ACL and increases the metric by a specified number in the rip statement.
First off youll want to create a standard named access-list which matches the routes you want to have impacted by the offset list. In
this lab interface Serial0/1 on R1 is only a backup link youd match ALL routes learned via that interface using the any statement in
the standard named ACL.
After the ACL has been created then you configure the offset-list in RIP router configuration mode. You specify the offset-list ACL
name then a metric number to be added to the current learned metric and then the direction of which the offset-list is applied and
lastly you have the ability to bind the offset list to a specific interface; for this lab itll be the backup T1 link between R1 and R2.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-route-metric-offset-lists/[4/12/2015 7:13:45 PM]

Configuring RIP Route Metric Offset-Lists | Free CCNA Workbook

The syntax of the offset-list configuration is offset-list ACLNAME in|out metric# interface#/#; an example youd potentially see on a
Cisco router could be offset-list RIP_OFFSET in 5 Serial0/0 which states any routes learned via Serial0/0 that match the networks
permitted in the RIP_OFFSET ACL then add +5 to the metric.
This lab will continue to build upon the same logical topology used previously in Lab 7-8 as shown below;

In this lab you will configure a bi-directional offset list on R1 to prevent the point-to-point T1 link between R1 and R2 from load
balancing and only be used if the primary frame-relay link fails.
Familiarize yourself with the following new command(s);

Command

Description

offset-list ACL in|out # interface#/#

This command is executed in RIP router configuration mode to assign an ACL to an


offset list specifying the metric at which to be added to routes matching the ACL as well
as the direction and the interface at which the offset-list is bound to.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-route-metric-offset-lists/[4/12/2015 7:13:45 PM]

Configuring RIP Route Metric Offset-Lists | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 7-9 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.20.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp

!##################################################
!
!#
Free CCNA
Workbook Lab
7-9 R3 Initial Config
interface
Serial0/0.221
point-to-point

!##################################################
description ### FRAME RELAY LINK TO R1 ###
!ip address 10.70.12.2 255.255.255.252
enable
frame-relay interface-dlci 221
configure
terminal
ip rip triggered

!ip rip send version 1 2

hostname
R3
ip rip receive
version 1 2
!

interface Loopback0
Serial0/0.223 point-to-point

description ### SIMULATED


NETWORK
###
FRAME RELAY
LINK TO
R3 ###
ip address 10.70.30.1
10.70.23.1 255.255.255.0
255.255.255.252

!frame-relay interface-dlci 223

interface Loopback103000
!

ip address
10.30.0.1 255.255.255.0
interface
Serial0/0
!no shut

interface Loopback103010
exit

!ip address 10.30.1.1 255.255.255.0


!
interface
Serial0/1

interface
Loopback103020
description
### PPP LINK TO R1 ###

Lab Objectives
ip address 10.30.2.1
10.70.21.2255.255.255.0
255.255.255.252

!encapsulation ppp

interface
Loopback103030
serial restart-delay
0

ip
address
255.255.255.0
clock
rate 10.30.3.1
128000

!no shut

interface
Serial0/0
exit

!description ### PHYSICAL FRAME RELAY INTERFACE ###

Configure a standard named access list called RIP_BACKUP_OFFSET and permit any traffic.

no ip address
router
rip

encapsulation
frame-relay
no
auto-summary
serial restart-delay
0
version
2

no frame-relay
inverse-arp
network
10.0.0.0

Configure an offset-list on R1 to increase the metric by 2 hops from any routes advertised or learned on interface Serial0/1

no ip split-horizon
timers
basic 30 40 10 60

!passive-interface serial0/1

interface
point-to-point
neighbor Serial0/0.322
10.70.21.1

Verify your configuration by viewing the routing table on both R1 and R2.

!description ### FRAME RELAY LINK TO R2 ###


ip address 10.70.23.2 255.255.255.252
end
frame-relay interface-dlci 322

ip rip advertise 10
ip rip triggered

Lab Instruction
ip rip send version 1 2

ip rip receive version 1 2

ip summary-address ip 10.30.0.0 255.255.252.0


!
interface Serial0/0
no shut

exit

!
Objective
1. Configure a standard named access list called RIP_BACKUP_OFFSET and permit any traffic.
router rip

no auto-summary
version 2

network 10.0.0.0

R1>enable
R1#configure terminal
! Enter configuration commands, one per line.
End with CNTL/Z.
end
R1(config)#ip access-list standard RIP_BACKUP_OFFSET
R1(config-std-nacl)#permit any
R1(config-std-nacl)#end
R1#
timers basic 30 40 10 60

default-information originate

Objective 2. Configure an offset-list on R1 to increase the metric by 2 hops from any routes advertised or learned on interface
Serial0/1.
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router rip
R1(config-router)#offset-list RIP_BACKUP_OFFSET in 2 Serial0/1
R1(config-router)#offset-list RIP_BACKUP_OFFSET out 2 Serial0/1
R1(config-router)#end
R1#
Objective 3. Verify your configuration by viewing the routing table on both R1 and R2.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-route-metric-offset-lists/[4/12/2015 7:13:45 PM]

Configuring RIP Route Metric Offset-Lists | Free CCNA Workbook

R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.70.12.2 to network 0.0.0.0
R
C
C
R
R
C
R
C
R*
R1#

10.0.0.0/8 is variably subnetted, 8 subnets, 4 masks


10.30.0.0/22 [120/2] via 10.70.12.2, 00:00:04, Serial0/0.122
10.70.12.0/30 is directly connected, Serial0/0.122
10.70.10.0/24 is directly connected, Loopback0
10.70.30.0/24 [120/2] via 10.70.12.2, 00:00:04, Serial0/0.122
10.70.20.0/24 [120/1] via 10.70.12.2, 00:00:04, Serial0/0.122
10.70.21.0/30 is directly connected, Serial0/1
10.70.23.0/30 [120/1] via 10.70.12.2, 00:00:05, Serial0/0.122
10.70.21.2/32 is directly connected, Serial0/1
0.0.0.0/0 [120/2] via 10.70.12.2, 00:00:05, Serial0/0.122

R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.70.23.2 to network 0.0.0.0
R
C
R
R
C
C
C
C
R*
R2#

10.0.0.0/8 is variably subnetted, 8 subnets, 4 masks


10.30.0.0/22 [120/1] via 10.70.23.2, 00:00:01, Serial0/0.223
10.70.12.0/30 is directly connected, Serial0/0.221
10.70.10.0/24 [120/1] via 10.70.12.1, 00:00:06, Serial0/0.221
10.70.30.0/24 [120/1] via 10.70.23.2, 00:00:01, Serial0/0.223
10.70.21.1/32 is directly connected, Serial0/1
10.70.20.0/24 is directly connected, Loopback0
10.70.21.0/30 is directly connected, Serial0/1
10.70.23.0/30 is directly connected, Serial0/0.223
0.0.0.0/0 [120/1] via 10.70.23.2, 00:00:02, Serial0/0.223

As shown from above; the IP routing tables of R1 and R2 are no longer load balancing traffic using the frame-relay network and the
point-to-point backup T1.

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-route-metric-offset-lists/[4/12/2015 7:13:45 PM]

Next Lab

Configuring RIP Route Metric Offset-Lists | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-rip-route-metric-offset-lists/[4/12/2015 7:13:45 PM]

Configuring Basic EIGRP | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Basic EIGRP

EIGRP is an extremely common routing protocol due to its simplicity and ease of configuration. This lab will discuss
and demonstrate the configuration and verification of the Cisco EIGRP dynamic routing protocol.

Real World Application & Core Knowledge


If youve completed the previous section discussing the Routing Information Protocol (RIP) then now its time to indulge further into
the wonderful world of Cisco with the introduction of the EIGRP (Enhanced Interior Gateway Routing Protocol).
EIGRP is a Cisco proprietary routing protocol which means its only found on Cisco equipment. You cannot run EIGRP on Juniper or
Adtran or any other router for that matter since EIGRP is special (only to Cisco). EIGRP is commonly the routing protocol of choice
when using an ALL Cisco network with no requirement for cross-vendor operation. EIGRP supports the use of multiple routed
protocols such as IP, IPX, AppleTalk.
EIGRP evolved from its predecessor; Interior Gateway Routing Protocol (IGRP) which is classful routing protocol just like RIPv1;
IGRP does not advertise the subnet mask with the updates whereas EIGRP is classless and supports VLSM (Variable Length
Subnet Masking) IGRP uses a 24bit metric whereas EIGRP uses a 32bit metric. When running EIGRP and IGRP on the same router
using the same Autonomous System number (AS#), EIGRP and IGRP will automatically redistribute between protocols and the
EIGRP will adjust the metric accordingly.
[notification style=tip font_size=12px closeable=true] README
IGRP support was removed from IOS versions 12.2(13)T and
later. The CCNA Exam does not test you on the configuration of IGRP but youre required to know the history of EIGRP.

[/notification]
EIGRP in and of its self is a Hybrid routing protocol which has characteristics of both a distance vector and link state protocol. Much
like RIP using the triggered feature, EIGRP updates are only sent when a change in the network is determined. At first EIGRP
routers will form a neighbor relationship and exchange the topological information. After which the routing protocol will send periodic

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-eigrp/[4/12/2015 7:14:10 PM]

Configuring Basic EIGRP | Free CCNA Workbook

hellos to ensure that the neighbor is still there. However when a link goes down or a route changes, updates are then sent to
neighboring routers via multicast 224.0.0.10 using its own IP protocol number 88.
EIGRP uses the Diffusing Update ALgorithm (DUAL) which ensures a loop free routing domain by maintaining two separate routes in
the eigrp topology table called Successor and Feasible Successor routes. The Successor route is the route that is injected into the
routers routing table as the best route whereas the Feasible Successor route is effectively the backup route which is required to
adhere to the successor feasibility condition. The rule states that in order to be considered a Feasible Successor route, the
advertised distance (AD) of the Feasible Successor should be less than the feasible distance (FD) of the Successor
The Advertised Distance is the distance advertised by an upstream neighboring router to a particular route destination.
The Feasible Distance is the distance to a particular route destination from a specific router. The sum of the administrative distance
and the distance towards the advertising router towards that specific route. For example; From R1s perspective, R3 is advertising a
distance of 10000 to the destination 10.22.55.0/24 however your distance to R3 from R1 is 500, so your feasible distance would be
10500.
EIGRP maintains three separate tables, the neighbor table, topology table and the routing table;
The neighbor table establishes a list of all adjacent routers which a particular router has formed a neighbor relationship with.
Neighbors exchange routing information and hellos to ensure a neighbor is still up.
The topology table is basically the route database in which all destination routes learned via the neighbors are stored. Routes in the
topology table can be marked with a P for passive which means the routes are stable. Routes marked as A Active are routes that
no longer satisfy the feasibility condition and are actively searching for a replacement Successor route by querying neighboring
routers. If a successor route has a feasible successor, the route will never be marked active as the router will have a backup route to
fail back to in case the primary (Successor route) fails. The convergence time is very low.
If a route goes down and no Feasible Successor exist for the route, EIGRP will query neighboring routers to see if there is an
alternate route to the failed route. In a poorly designed network, EIGRP queries can be the downfall of the network as an EIGRP
route can become SIA (Stuck in Active). If a query response is not received back from a router within the allotted time (SIA Timer:
180 seconds by default) the neighbor relationship is dropped and any routes associated with that neighbor relationship are purged
resulting in dropped packets while the network is re-converging.
The EIGRP metric is calculated by a formula using five separate values known as K Values. By default only K Values 1 and 3 are
used (Bandwidth & Delay), K2, K4 and K5 are set to 0. The EIGRP metric formula and K Values are defined below;
EIGRP Metric = 256*((K1*Bw) + (K2*Bw)/(256-Load) + K3*Delay)*(K5/(Reliability + K4)))
K1 = Bandwidth
K2 = Load
K3 = Delay
K4 = Reliability
K5 = Maximum Transmission Unit (MTU)
So if you use the order of operations you can deduce the equation down to
EIGRP Metric = 256(Bandwidth + Delay)

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-eigrp/[4/12/2015 7:14:10 PM]

Configuring Basic EIGRP | Free CCNA Workbook

Now keep in mind the Bandwidth and Delay have formulas in and of themselves to derive those variables. To determine the
bandwidth youll divide the interface bandwidth from the max bandwidth. To determine delay youll divide the interface delay by 10 as
the EIGRP metric uses tens of microseconds in its calculation. View the formulas below;
Bandwidth = (10^7/Bandwidth in Kbps)
Delay = 10/uSec
So if you want to determine the composite metric of a T1 link at 1.544Mbs (1544Kbps) youll need to get the bandwidth and delay
variables first then plug those into the EIGRP metric calculation formula as shown below; Keep in mind the delay on a T1 serial
interface is 20000uSec (20,000 Microseconds)
Bandwidth = (10^7/1544) = 6476.68 == 6476 (rounded down)
Delay = (10/20000) = 2000
EIGRP Metric = 256*(6476 + 2000) =
2169856
As shown below is the EIGRP topology table for an EIGRP T1 point-to-point link with the metric underlined;
R1#show ip eigrp topology
IP-EIGRP Topology Table for AS(10)/ID(10.80.12.1)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 10.80.12.0/30, 1 successors, FD is 2169856
via Connected, Serial0/1
R1#
Now that you have a basic understanding of the operation of EIGRP, lets get into the configurational portion of the lab. Many of the
commands used to configure EIGRP are similar to configuring RIP. You enter the EIGRP router process using the router eigrp as#
The AS# (Autonomous System #) is however a new concept. An autonomous system is by definition a collection of multiple
networking devices under the control of a single or multiple entity which share a common routing policy for the network. However you
can have multiple autonomous systems under the control of the same organization for example; multiple facilities or sites nation or
world wide interconnected but segregated for management purposes.
Like RIPv2, auto-summary is also enabled by default on EIGRP. Unless you disable auto-summary within the eigrp routing process a
router will summarize at the boundary to the classful network.
When specifying networks which participate in the routing process you must use a wildcard mask. This is the inverse bit notation of a
subnet mask. So if a subnet mask is 255.255.255.0 (11111111.11111111.11111111.00000000), then you invert the bits, 1 to 0 and 0
to 1 and the wildcard mask becomes 0.0.0.255 (00000000.00000000.00000000.11111111)
Keep in mind when specifying the network statement under the EIGRP routing process, the network you specify does NOT specify
the network that will be advertised in the EIGRP autonomous system but specifies the network range in which interfaces with IP
address which fall into that specified network participates in EIGRP. With that being said, if you have 10.80.0.0 0.255.255.255 this
means that any interface that has an IP address in the 10.80.0.0/8 network will participate in the EIGRP routing process. The subnet
mask are derived from the interfaces for example if you have 10.20.30.1/24 on Serial0/0 and you specify the 10.80.0.0
0.255.255.255 network in the EIGRP routing process. EIGRP will advertise 10.20.30.0/24 and not 10.80.0.0/8 because the network
statement does not specify the advertised network, only which interfaces participate in the routing process.
It is best practice to specify interface IP address which participate in the routing process down to the host IP address to prevent future
unwanted interface participation when a new interface is added. In this case under router configuration mode youd specify the

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-eigrp/[4/12/2015 7:14:10 PM]

Configuring Basic EIGRP | Free CCNA Workbook

network 10.20.30.1 0.0.0.0 statement. This would prevent an interface with the IP address of 10.30.22.1/24 from participating in the
routing process if you used the network 10.80.0.0 0.255.255.255 statement.
Like RIPv2, you can statically specify neighbors using the neighbor x.x.x.x command in router configuration mode to configure EIGRP
to operate over a NBMA network such as Frame Relay. By default EIGRP uses multicast to send hello packets to 224.0.0.10 using
IP protocol 88 and a TTL of 1
By using the show ip eigrp neighbors command you can view which neighbors a specific router has formed adjacencies with. Also
this command will display other important information such as the interface in which the neighbor was learned on, the SRTT is the
time it takes for an update to be sent to a neighbor and an acknowledgment to be received back. The Retransmission timeout is the
interval at which EIGRP will retransmit hello packets if an acknowledgment is not received back. The Q (Queue Count) is the
number of updates EIGRP has queued to send to that specific neighbor and neighbor uptime.
Another command similar to show ip eigrp neighbors is show ip eigrp interface which displays more information about EIGRP
pertaining to the interfaces such as how many neighbors were learned via a specific interface, the transmit queue, average SRTT
per interface and pending routes.
Labs in Section 8 will use the following diagram shown below;

Familiarize yourself with the following new command(s);

Command

Description

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-eigrp/[4/12/2015 7:14:10 PM]

Configuring Basic EIGRP | Free CCNA Workbook

router eigrp as#

This command is executed in global configuration mode to start an EIGRP routing process with
the specified autonomous system number.

no auto-summary

This command is executed in EIGRP router configuration mode to disable auto-summarization


which summarizes network subnets to the classful subnet at the boundary.

network n.n.n.n wc.wc.wc.wc

This command is executed in EIGRP router configuration mode to specify which interfaces
participate in the EIGRP routing process. This command uses the network id of the subnet and
a wildcard mask to identify the network range.

neighbor x.x.x.x

This command is executed in EIGRP configuration mode to statically specify an EIGRP


neighbor.

show ip eigrp neighbor

This command when executed from privileged mode will display all current neighbor
adjacencies on that specific router as well as information pertaining to that neighbor. You can
specify a specific neighbor by listing the IP address following this command. i.e; show ip eigrp
neighbor 10.80.1.2

show ip eigrp interface

This command when executed from privileged mode will display information relating to EIGRP
on a per-interface basis such as number of peers learnt via an interface, average SRTT and
pending routes.

clear ip eigrp x.x.x.x

This command is executed from privileged mode and forces the acquittal of a neighbor
relationship. You can force all neighbor relationships to drop by not specifying a neighbors IP
address. Keep in mind when you purge a neighbor all routes learned via that neighbor will be
purged from the routing table.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3 and R4.
Establish a console session with devices R1, R2, R3 and R4 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

!##################################################
!#

Free CCNA Workbook Lab 8-1 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.80.20.1 255.255.255.0
!
interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address
encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp
no shut
!

interface Serial0/0.221 point-to-point


http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-eigrp/[4/12/2015
7:14:10 PM]

Configuring Basic EIGRP | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 8-1 R3 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R3
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.80.30.1 255.255.255.0

interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


no ip address
encapsulation frame-relay
serial restart-delay 0

!##################################################
no frame-relay inverse-arp
!#
no Free
shut CCNA Workbook Lab 8-1 R4 Initial Config

!##################################################
!
!
interface Serial0/0.321 point-to-point

enable
description ### FRAME RELAY LINK TO R1 ###
configure
terminal
ip address
10.80.234.3 255.255.255.248
!frame-relay interface-dlci 321
hostname
R4
!

no
ip domain-lookup
interface
Serial0/1

!description ### POINT-TO-POINT LINK TO R2 ###


interface
Loopback0
ip address
10.80.23.2 255.255.255.252
description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.40.1 255.255.255.0
no

!exit

interface
Serial0/0
!

description
### PHYSICAL FRAME RELAY INTERFACE ###
line
con 0
ip address
10.80.234.4 255.255.255.248
logging
sync
encapsulation
frame-relay
no exec-timeout

!serial restart-delay 0

!##################################################
no frame-relay inverse-arp
end
!#
Free
CCNA
Lab421
8-1 R5 Initial Config
frame
map
ip Workbook
10.80.234.1

!##################################################
no shut
!

enable
interface Serial0/1

configure
terminal
description
### POINT-TO-POINT LINK TO R5 ###
!ip address 10.80.45.1 255.255.255.252
hostname
R5
encapsulation
ppp

no
domain-lookup
noip
shut

!exit

interface
Loopback0
!

description
### SIMULATED NETWORK ###
line
con 0
ip address
10.80.50.1 255.255.255.0
logging
sync

!no exec-timeout

interface
Serial0/1
!

description ### POINT-TO-POINT LINK TO R4 ###


end
ip address 10.80.45.2 255.255.255.252

encapsulation ppp
no shut
exit

Lab Objectives
!

line con 0

logging sync
no exec-timeout

end

Configure EIGRP Autonomous System 10 on all Routers and disable auto summary; then configure the network statements to
match only the host ip address of locally connected interfaces.
Verify neighbor relationships and the routes being learned via EIGRP using the show ip eigrp neighbor and show ip route
commands.

Lab Instruction
Objective 1. Configure EIGRP Autonomous System 10 on all Routers and disable auto summary; then configure the network
statements to match only the host ip address of locally connected interfaces.
R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router eigrp 10
R1(config-router)#no auto-summary
R1(config-router)#network 10.80.10.1 0.0.0.0
R1(config-router)#network 10.80.234.1 0.0.0.0
R1(config-router)#end
R1#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-eigrp/[4/12/2015 7:14:10 PM]

Configuring Basic EIGRP | Free CCNA Workbook

R2>enable
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#router eigrp 10
R2(config-router)#no auto-summary
R2(config-router)#network 10.80.20.1 0.0.0.0
R2(config-router)#network 10.80.234.2 0.0.0.0
R3(config-router)#network 10.80.23.1 0.0.0.0
R2(config-router)#end
R2#
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.80.234.1 (Serial0/0.221) is up: new adjacency
R2#

R3>enable
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#router eigrp 10
R3(config-router)#no auto-summary
R3(config-router)#network 10.80.30.1 0.0.0.0
R3(config-router)#network 10.80.234.3 0.0.0.0
R3(config-router)#network 10.80.23.2 0.0.0.0
R3(config-router)#end
R3#
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.80.234.1 (Serial0/0.321) is up: new adjacency
R3#

R4>enable
R4#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#router eigrp 10
R4(config-router)#no auto-summary
R4(config-router)#network 10.80.40.1 0.0.0.0
R4(config-router)#network 10.80.234.4 0.0.0.0
R4(config-router)#network 10.80.45.1 0.0.0.0
R4(config-router)#end
R4#

R5>enable
R5#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R5(config)#router eigrp 10
R5(config-router)#no auto-summary
R5(config-router)#network 10.80.45.2 0.0.0.0
R5(config-router)#network 10.80.50.1 0.0.0.0
R5(config-router)#end
R5#
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.80.45.1 (Serial0/1) is up: new adjacency
R5#
As youll notice when youre configure the EIGRP routing process new neighbors will form between R1 and R2, R1 and R3, R4 and
R5 but not between R1 and R4; why is this?
Objective 2 Verify neighbor relationships and the routes being learned via EIGRP using the show ip eigrp neighbor and show ip
route commands.
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 10
H
Address
Interface
1
10.80.234.3
0
10.80.234.2
R1#

Se0/0
Se0/0

Hold Uptime
SRTT
(sec)
(ms)
13 00:14:13 444
10 00:17:09 205

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-eigrp/[4/12/2015 7:14:10 PM]

RTO

Q Seq
Cnt Num
3996 0 3
1230 0 3

Configuring Basic EIGRP | Free CCNA Workbook

From R1 you can see from above that R1 has established neighbor relationships with R2 and R3 but not R4. This is due to broadcast
not being enabled on the frame map from R1 to R4 and vice versa. The ISP does not permit broadcast on the specific PVC however
you will learn how to fix this issue in the next Lab 8-2 by configuring Static Neighbors.
As shown below you can see that routes from R2 and R3 are properly being propagated to R1 via EIGRP as denoted by the D letter
next to the routes in the ip routing table.
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
D
D
D
D
D
C
C
R1#

10.80.0.0/8 is variably subnetted, 7 subnets, 4 masks


10.80.23.1/32 [90/2681856] via 10.80.234.3, 00:00:33, Serial0/0
10.80.23.0/30 [90/2681856] via 10.80.234.3, 00:00:33, Serial0/0
[90/2681856] via 10.80.234.2, 00:00:33, Serial0/0
10.80.23.2/32 [90/2681856] via 10.80.234.2, 00:03:55, Serial0/0
10.80.30.0/24 [90/2297856] via 10.80.234.3, 00:00:30, Serial0/0
10.80.20.0/24 [90/2297856] via 10.80.234.2, 00:00:29, Serial0/0
10.80.10.0/24 is directly connected, Loopback0
10.80.234.0/29 is directly connected, Serial0/0

As an additional measure of verification you can also ping the EIGRP learned networks sourced from the local network to verify that
you have IP connectivity between subnets;
R1#ping 10.80.30.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.80.30.1, timeout is 2 seconds:
Packet sent with a source address of 10.80.10.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 76/100/152 ms
R1#

Previous Lab

Like

29 Tweet

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-eigrp/[4/12/2015 7:14:10 PM]

Next Lab

Configuring Basic EIGRP | Free CCNA Workbook

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-eigrp/[4/12/2015 7:14:10 PM]

Configuring EIGRP Static Neighbors | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring EIGRP Static Neighbors

There may be times where you need to configure static neighbors for EIGRP such as NBMA networks or for security
reasons. This lab will discuss and demonstrate the configuration and verification of static EIGRP Neighbors.

Real World Application & Core Knowledge


If youve completed the previous Lab 8-1 Configuring Basic EIGRP, youll notice that EIGRP did not form a neighbor relationship
between R1 and R4. This is due to broadcast now being permitted on the frame-map between the two devices. As a restriction the
ISP prohibits broadcast on that specific PVC. With that being said, keep in mind that multicast is treated like broadcast on frame
relay networks.
As a fix to this issue you can define a static neighbor in the EIGRP routing process which will force EIGRP to communicate to that
neighbor via unicast similar to RIP; even the commands are the same which is neighbor x.x.x.x interface#/# where x.x.x.x equals the
IP address of the interface and the interface#/# is the interface of which the neighboring relationship will peer over.
When configuring an EIGRP static neighbor, the neighbor statement is required on both ends of the neighbor relationship in the
EIGRP routing process that operate in the same autonomous system. Also keep in mind when you specify a static neighbor
relationship over a particular interface, EIGRP will disable the processing of multicast EIGRP packets on the specified interface so
with that being said EIGRP will not send nor process received multicast EIGRP traffic on an interface which has a static neighbor
defined under the EIGRP routing process.
In this lab you will configure a static neighbor relationships on the hub and spokes of the frame-relay network. (R1 to R2, R1 to R3
and R1 to R4)
This lab will continue to build upon the topology used in Lab 8-1 and other labs that are in Section 8.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-static-neighbors/[4/12/2015 7:14:32 PM]

Configuring EIGRP Static Neighbors | Free CCNA Workbook

Familiarize yourself with the following new command(s);

Command

Description

neighbor x.x.x.x interface#/#

This command is executed in router configuration mode to specify a static neighbor in EIGRP,
commonly used in NBMA networks where multicast is not permitted. This command will disable
the transmission or processing of received eigrp multicast traffic.

show ip eigrp neighbor

This command is executed in privileged mode to show all current neighbor relationships on a
particular EIGRP enabled device.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3 R4 and R5.
Establish a console session with devices R1, R2, R3 R4 and R5 than load the initial configurations provided below by copying
the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-static-neighbors/[4/12/2015 7:14:32 PM]

Configuring EIGRP Static Neighbors | Free CCNA Workbook

!##################################################
!#

Free CCNA Workbook Lab 8-2 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.80.20.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0

!##################################################
no frame-relay inverse-arp
!#
no Free
shut CCNA Workbook Lab 8-2 R3 Initial Config

!##################################################
!
!
interface Serial0/0.221 point-to-point

enable
description ### FRAME RELAY LINK TO R1 ###
configure
terminal
ip address
10.80.234.2 255.255.255.248
!frame-relay interface-dlci 221
hostname
R3
!

no
ip domain-lookup
interface
Serial0/2

!### POINT-TO-POINT LINK TO R3 ###

interface
Loopback0255.255.255.252
ip add 10.80.23.1

description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.30.1 255.255.255.0
no

!exit

interface
Serial0/0
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
ip address
no auto-summary

encapsulation
frame-relay
network
10.80.234.2
0.0.0.0
serial
0
networkrestart-delay
10.80.20.1 0.0.0.0

!##################################################
no
frame-relay
inverse-arp
network
10.80.23.1
0.0.0.0
!#
Free
no
shut CCNA Workbook Lab 8-2 R4 Initial Config
exit

!##################################################
!
!
interface
line con 0Serial0/0.321 point-to-point

enable
description
logging sync### FRAME RELAY LINK TO R1 ###
configure
terminal
ip exec-timeout
address
10.80.234.3 255.255.255.248
no
!frame-relay interface-dlci 321
hostname
R4
!
end

no
ip domain-lookup
interface
Serial0/1

!description ### POINT-TO-POINT LINK TO R2 ###


interface
Loopback0
ip address
10.80.23.2 255.255.255.252
description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.40.1 255.255.255.0
no

!exit

interface
Serial0/0
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
ip auto-summary
address 10.80.234.4 255.255.255.248
no

encapsulation
frame-relay
network 10.80.234.3
0.0.0.0
serial
0
networkrestart-delay
10.80.30.1 0.0.0.0

!##################################################
no
frame-relay inverse-arp
exit
!#
Free
CCNA
Lab421
8-2 R5 Initial Config
map
ip Workbook
10.80.234.1
!frame

!##################################################
no shut
line
con 0
!logging sync

enable
interface
Serial0/1
no exec-timeout

configure
terminal
### POINT-TO-POINT LINK TO R5 ###
!description
!
ip address 10.80.45.1 255.255.255.252
end
hostname
R5
encapsulation
ppp

no
domain-lookup
noip
shut

!exit

interface
Loopback0
!

description
router
eigrp ###
10 SIMULATED NETWORK ###
ip auto-summary
address 10.80.50.1 255.255.255.0
no

!network 10.80.45.1 0.0.0.0

interface
Serial0/1 0.0.0.0
network 10.80.234.4

description
### POINT-TO-POINT
LINK TO R4 ###
network 10.80.40.1
0.0.0.0
ip
address 10.80.45.2 255.255.255.252
exit

!encapsulation ppp
no shut
line
con 0

exit
logging sync

Lab Objectives
!no exec-timeout
router
eigrp 10
!

no auto-summary
end

network 10.80.45.2 0.0.0.0


network 10.80.50.1 0.0.0.0
exit

Configure static neighbor relationships on the frame-relay hub and spoke network between R1 and R4, R1 and R3, R1 and

line con 0

logging sync

no exec-timeout
!
end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-static-neighbors/[4/12/2015 7:14:32 PM]

Configuring EIGRP Static Neighbors | Free CCNA Workbook

R2.
Verify on R1 that the neighbor relationships have been established.
Verify that the routes are being propagated between the spokes to the hub and between spoke to spoke.

Lab Instruction
Objective 1. Configure static neighbor relationships on the frame-relay hub and spoke network between R1 and R4, R1 and R3, R1
and R2.
R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router eigrp 10
R1(config-router)#neighbor 10.80.234.2 Serial0/0
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.80.234.2 (Serial0/0) is down: Static peer config
ured
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.80.234.3 (Serial0/0) is down: Static peer config
ured
R1(config-router)#neighbor 10.80.234.3 Serial0/0
R1(config-router)#neighbor 10.80.234.4 Serial0/0
R1(config-router)#end
R1#

R2>enable
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#router eigrp 10
R2(config-router)#neighbor 10.80.234.1 Serial0/0.221
R2(config-router)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.80.234.1 (Serial0/0.221) is up: new adjacency
R2#

R3>enable
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#router eigrp 10
R3(config-router)#neighbor 10.80.234.1 Serial0/0.321
R3(config-router)#end
R3#
%SYS-5-CONFIG_I: Configured from console by console
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.80.234.1 (Serial0/0.321) is up: new adjacency
R3#

R4>enable
R4#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#router eigrp 10
R4(config-router)#neighbor 10.80.234.1 Serial0/0
R4(config-router)#end
R4#
%SYS-5-CONFIG_I: Configured from console by console
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.80.234.1 (Serial0/0) is up: new adjacency
R4#
Objective 2. Verify on R1 that the neighbor relationships have been established.
To view the current neighbor relationships youll use the show ip eigrp neighbors command in privileged mode as shown below;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-static-neighbors/[4/12/2015 7:14:32 PM]

Configuring EIGRP Static Neighbors | Free CCNA Workbook

R1#show ip eigrp neighbors


IP-EIGRP neighbors for process 10
H
Address
Interface
2
10.80.234.4
1
10.80.234.3
0
10.80.234.2
R1#

Se0/0
Se0/0
Se0/0

Hold Uptime
SRTT
(sec)
(ms)
154 00:02:16
83
13 00:12:12 788
14 00:14:13
88

RTO

Q Seq
Cnt Num
498 0 24
4728 0 33
528 0 29

Objective 3. Verify that the routes are being propagated between the spokes to the hub and between spoke to spoke.
As shown below all routes are being advertised to the hub router in the frame-relay network (R1);
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
D
D
D
D
D
D
D
D
D
C
C
R1#

10.80.0.0/8 is variably subnetted, 11 subnets, 4 masks


10.80.50.0/24 [90/2809856] via 10.80.234.4, 00:01:35, Serial0/0
10.80.40.0/24 [90/2297856] via 10.80.234.4, 00:01:35, Serial0/0
10.80.23.1/32 [90/2681856] via 10.80.234.3, 00:11:32, Serial0/0
10.80.23.0/30 [90/2681856] via 10.80.234.3, 00:11:32, Serial0/0
[90/2681856] via 10.80.234.2, 00:11:32, Serial0/0
10.80.23.2/32 [90/2681856] via 10.80.234.2, 00:13:33, Serial0/0
10.80.30.0/24 [90/2297856] via 10.80.234.3, 00:07:36, Serial0/0
10.80.45.2/32 [90/2681856] via 10.80.234.4, 00:01:36, Serial0/0
10.80.45.0/30 [90/2681856] via 10.80.234.4, 00:01:36, Serial0/0
10.80.20.0/24 [90/2297856] via 10.80.234.2, 00:07:36, Serial0/0
10.80.10.0/24 is directly connected, Loopback0
10.80.234.0/29 is directly connected, Serial0/0

Now verify that the routes from the spoke routers R2 and R3 are in the R4s routing table as shown below;
R4#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
D
C
C
C
D
C
R4#

10.80.0.0/8 is variably subnetted, 6 subnets, 4 masks


10.80.50.0/24 [90/2297856] via 10.80.45.2, 00:10:07, Serial0/1
10.80.40.0/24 is directly connected, Loopback0
10.80.45.2/32 is directly connected, Serial0/1
10.80.45.0/30 is directly connected, Serial0/1
10.80.10.0/24 [90/2297856] via 10.80.234.1, 00:04:42, Serial0/0
10.80.234.0/29 is directly connected, Serial0/0

As you can see from above you can tell that routes on R2 and R3 are not getting to R4 thus not being advertised to R5 as well. What
causes this problem and how do you fix it?
This type of behavior is caused by EIGRP ip split-horizon which states that routes will not be advertised back out an interface which
they were received on. This is a loop-prevention method and in some cases must be disabled such as the hub-and-spoke topology.
You will learn more about split-horizon in Lab 8-3 Configuring EIGRP No Split-Horizon

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-static-neighbors/[4/12/2015 7:14:32 PM]

Configuring EIGRP Static Neighbors | Free CCNA Workbook

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-static-neighbors/[4/12/2015 7:14:32 PM]

Configuring EIGRP Split-Horizon | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring EIGRP Split Horizon

placeholder

Real World Application & Core Knowledge


In the previous lab you configured static neighbors on a frame relay hub-and-spoke between R1 and R2, R1 and R3, R1 and R4.
After verification you should have noticed that routes from R2 did not get propagated to R4 through the hub. This is by default the
normal operation of EIGRP and this is caused by a loop prevention mechanism called split-horizon.
The split horizon rule simply states that routes will not be advertised back out an interface in which they were received on. After all; if
a router sends route updates to a neighbor why would that router need to have the neighboring router re-advertise those routes back
to the originating router? The simple answer is that its not needed.
However in some scenarios EIGRP IP split horizon is required to be disabled to ensure intended operation; for example a hub and
spoke topology where the physical interface has multiple IPs mapped to specific PVCs out a single physical interface. In this case
the normal behavior is that routes learned via an interface will not be re-advertised back out that interface so in that case, with the
previous lab R2s routes being advertised to R1s Serial0/0 interface would not be re-advertised back out R1s Serial0/0 interface to
R3 and R4.
In a case like this youd need to disable EIGRP split-horizon using the no ip split-horizon eigrp as# command in interface
configuration mode. This disables split-horizon on a per interface basis for the specified EIGRP autonomous system.
This lab will continue to build upon the topology used in Lab 8-2 and other labs that are found in Section 8.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-split-horizon/[4/12/2015 7:14:55 PM]

Configuring EIGRP Split-Horizon | Free CCNA Workbook

Familiarize yourself with the following new command(s);

Command

Description

no ip split-horizon eigrp as#

This command is executed in interface configuration mode to disable ip split-horizon for the
specified EIGRP autonomous system.

Lab Prerequisites
If you just completed Lab 8-2 you may start where you left off, if not you can load the Free CCNA Workbook GNS3 topology;
start and establish a console session with R1, R2, R3, R4 and R5 then load their initial configurations included below by
copying the config from the textbox and pasting it into the routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-split-horizon/[4/12/2015 7:14:55 PM]

Configuring EIGRP Split-Horizon | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 8-3 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.80.20.1 255.255.255.0

interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


no ip address
encapsulation frame-relay
serial restart-delay 0

!##################################################
no frame-relay inverse-arp
!#
no Free
shut CCNA Workbook Lab 8-3 R3 Initial Config

!##################################################
!
!
interface Serial0/0.221 point-to-point

enable
description ### FRAME RELAY LINK TO R1 ###
configure
terminal
ip address
10.80.234.2 255.255.255.248
!frame-relay interface-dlci 221
hostname
R3
!

no
ip domain-lookup
interface
Serial0/2

!### POINT-TO-POINT LINK TO R3 ###

interface
Loopback0255.255.255.252
ip add 10.80.23.1

description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.30.1 255.255.255.0
no

!exit

interface
Serial0/0
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
no ip address
network
10.80.23.1 0.0.0.0

encapsulation
frame-relay
network 10.80.234.2
0.0.0.0
serial
0
networkrestart-delay
10.80.20.1 0.0.0.0

!##################################################
no frame-relay
auto-summaryinverse-arp
!#
Free
WorkbookSerial0/0.221
Lab 8-3 R4 Initial Config
no
shut CCNA
neighbor
10.80.234.1

!##################################################
!exit
!
interface Serial0/0.321 point-to-point

enable
description
### FRAME RELAY LINK TO R1 ###
line
con 0
configure
terminal
ip
address
10.80.234.3 255.255.255.248
logging
sync
!frame-relay
interface-dlci 321
no exec-timeout
hostname
R4
!

no
interface
Serial0/1
endip domain-lookup

!description ### POINT-TO-POINT LINK TO R2 ###


interface
Loopback0
ip address
10.80.23.2 255.255.255.252
description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.40.1 255.255.255.0
no

!exit

interface
Serial0/0
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
ip address
10.80.234.4
255.255.255.248
network
10.80.23.2
0.0.0.0

encapsulation
frame-relay
network 10.80.234.3
0.0.0.0
serial
0
networkrestart-delay
10.80.30.1 0.0.0.0

!##################################################
no frame-relay
auto-summaryinverse-arp
!#
Free
CCNA
Lab421
8-3 R5 Initial Config
frame
map
ip Workbook
10.80.234.1
neighbor
10.80.234.1
Serial0/0.321

!##################################################
no
shut
exit
!

enable
interface
line con 0Serial0/1

configure
terminal
description
### POINT-TO-POINT LINK TO R5 ###
logging sync
!ip
10.80.45.1 255.255.255.252
no address
exec-timeout
hostname
R5
ppp
!encapsulation

no
domain-lookup
noip
shut
end

!exit

interface
Loopback0
!

description
router
eigrp ###
10 SIMULATED NETWORK ###
ip address
10.80.50.1
255.255.255.0
network
10.80.45.1
0.0.0.0

!network 10.80.234.4 0.0.0.0


interface
Serial0/1 0.0.0.0
network 10.80.40.1

description
### POINT-TO-POINT LINK TO R4 ###
no auto-summary
ip
address
10.80.45.2Serial0/0
255.255.255.252
neighbor
10.80.234.1

encapsulation
ppp
exit

!no shut

exitcon 0
line

!logging sync

router
eigrp 10
no exec-timeout

!network 10.80.45.2 0.0.0.0


network 10.80.50.1 0.0.0.0
end

Lab Objectives
no auto-summary
exit

!
line con 0
logging sync
no exec-timeout
!
end

Disable IP Split-Horizon for EIGRP Autonomous System 10 on R1s Frame-Relay Hub interface.
Verify that routes from R2 and R3 are now being propagated through the hub to R4 and R5. Ping R2s Lo0 interface from R5s
Lo0 interface to ensure IP reachability.

Lab Instruction

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-split-horizon/[4/12/2015 7:14:55 PM]

Configuring EIGRP Split-Horizon | Free CCNA Workbook

Objective 1. Disable IP Split-Horizon for EIGRP Autonomous System 10 on R1s Frame-Relay Hub interface.
R1>enable
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#interface Serial0/0
R1(config-if)#no ip split-horizon eigrp 10
R1(config-if)#end
R1#
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor
is resync: split horizon changed
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor
is resync: split horizon changed
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor
is resync: split horizon changed
%SYS-5-CONFIG_I: Configured from console by
R1#

End with CNTL/Z.

10.80.234.4 (Serial0/0)
10.80.234.3 (Serial0/0)
10.80.234.2 (Serial0/0)
console

Objective 2. Verify that routes from R2 and R3 are now being propagated through the hub to R4 and R5. Ping R2s Lo0 interface
from R5s Lo0 interface to ensure IP reachability.
R5#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C
D
D
D
D
D
C
C
D
D
D
R5#

10.80.0.0/8 is variably subnetted, 11 subnets, 4 masks


10.80.50.0/24 is directly connected, Loopback0
10.80.40.0/24 [90/2297856] via 10.80.45.1, 01:13:18, Serial0/1
10.80.23.1/32 [90/3705856] via 10.80.45.1, 00:01:44, Serial0/1
10.80.23.0/30 [90/3705856] via 10.80.45.1, 00:01:44, Serial0/1
10.80.23.2/32 [90/3705856] via 10.80.45.1, 00:01:44, Serial0/1
10.80.30.0/24 [90/3321856] via 10.80.45.1, 00:01:44, Serial0/1
10.80.45.1/32 is directly connected, Serial0/1
10.80.45.0/30 is directly connected, Serial0/1
10.80.20.0/24 [90/3321856] via 10.80.45.1, 00:01:45, Serial0/1
10.80.10.0/24 [90/2809856] via 10.80.45.1, 01:07:51, Serial0/1
10.80.234.0/29 [90/2681856] via 10.80.45.1, 01:13:18, Serial0/1

As shown above you can see that R5 now has routes to R2s Lo0 interface and the next hop to that destination is R4 so with that in
mind, R4 also knows how to get there otherwise it would not advertise that specific route.
To verify that R5 has ip reachability to R2s Lo0 interface you can pink R2s Lo0 interface from R5s Lo0 interface as shown below;
R5#ping 10.80.20.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.80.20.1, timeout is 2 seconds:
Packet sent with a source address of 10.80.50.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 164/274/380 ms
R5#

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-split-horizon/[4/12/2015 7:14:55 PM]

Next Lab

Configuring EIGRP Split-Horizon | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-split-horizon/[4/12/2015 7:14:55 PM]

Configuring EIGRP Stub Area Networks | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring EIGRP Stubs

EIGRP Stubs can be extremely useful when building a scalable EIGRP Routed network. This lab will discuss and
demonstrate the configuration and verification of EIGRP Stubs.

Real World Application & Core Knowledge


The more routers you have the more queries you have and the more queries and latency you have the greater the chance routers in
your network will become SIA (Stuck in Active), in which case any neighboring EIGRP nodes that does not return a query reply in the
specified thread hold will be dropped and any routes learned via that neighbor will be also removed from the routing table even if the
routes were up. So in a worst case scenario, such problems can result in your routing table automagically disappearing
With all of this information brought to the table; does R5 really need to be queried regarding networks upstream when it only has one
point of entry into the network? Thats a definite no. So R5 becomes a prime candidate to become a stub eigrp router in which case
will receive all routes but only advertise connected and summary routes upstream.
When a router has formed a stub neighbor adjacency with another router, the stub eigrp neighbor will not be sent any queries so this
effectively speeds up network convergence as now theres one less router to query in case of a route failure.
There are seven different types of EIGRP stubs but the CCNA scope only coves the basic stub which is will receive all EIGRP routes
but send only connected and summary routes. The list compiled below shows the different types of stub networks that eigrp can be
configured as;

Command

Description

EIGRP Stub

This is the default stub configuration if additional syntax is not specified such as the following
listed below; the default stub will send both connected and summary routes and receive all
routes from upstream neighbors.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-stub-area-networks/[4/12/2015 7:15:16 PM]

Configuring EIGRP Stub Area Networks | Free CCNA Workbook

EIGRP Stub Connected

Configures a router as a stub router that advertises only directly connected routes. This type of
stub can be used in conjecture with the other stub types excluding receive-only.

EIGRP Stub Leak-Map

Configures a router as a stub router that advertises only route prefixes that match a specific ip
prefix-list.

EIGRP Stub Receive-Only

Configures an EIGRP router as a stub router that will ONLY receive routes from upstream and
not advertise any routes to its neighboring routers. When using this stub type; static routes
must be configured upstream to reach networks within this stub area.

EIGRP Stub Redistribute

Configures an EIGRP router as a stub router that will only advertise redistributed routes. This
type of stub can be used in conjecture with the other stub types excluding receive-only.

EIGRP Stub Static

Configures an EIGRP router as a stub router that will only advertise static routes. This type of
stub can be used in conjecture with the other stub types excluding receive-only.

EIGRP Stub Summary

Configures an EIGRP router as a stub router that will only advertise summary routes. This type
of stub can be used in conjecture with the other stub types excluding receive-only.

The CCNA exam objectives only requires you to be familiar with the basic EIGRP stub operation however if you wish to further your
knowledge you may experiment with the other EIGRP stub types.
To configure the EIGRP stub type navigate to the EIGRP router process configuration mode then use the eigrp stub command.
You can verify which neighbors are stub neighbors by using the show ip eigrp neighbors detail command in privileged mode.
In this lab R5 is a branch office and R4 is a regional office. R5 only has a single network it routes for which is 10.80.50.0/24. You will
configure R5 as an EIGRP stub router and verify your configuration.
Familiarize yourself with the following new command(s);

Command

Description

eigrp stub {receive-only | connected |


static | summary | redistribute | leak-map}

This command is executed in the EIGRP routing process configuration mode to


specify a router as a stub router. The default configuration will send directly
connected routes and summary routes and receive all routes via an upstream
neighbor. You can however specify additional stub configuration following the
command such as static or redistribute.

show ip eigrp neighbors detail

This command is executed in privileged mode to display which eigrp neighbors are
stub routers. EIGRP stub neighbors will not be queried during EIGRP reconvergence.

This lab will continue to build upon the topology previously used in Lab 8-3 as shown below and other labs found through out Section
8.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-stub-area-networks/[4/12/2015 7:15:16 PM]

Configuring EIGRP Stub Area Networks | Free CCNA Workbook

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4 and R5.
Establish a console session with devices R1, R2, R3, R4 and R5 than load the initial configurations provided below by copying
the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-stub-area-networks/[4/12/2015 7:15:16 PM]

Configuring EIGRP Stub Area Networks | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 8-4 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.80.20.1 255.255.255.0

interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


no ip address
encapsulation frame-relay
serial restart-delay 0

!##################################################
no frame-relay inverse-arp
!#
no Free
shut CCNA Workbook Lab 8-4 R3 Initial Config

!##################################################
!
!
interface Serial0/0.221 point-to-point

enable
description ### FRAME RELAY LINK TO R1 ###
configure
terminal
ip address
10.80.234.2 255.255.255.248
!frame-relay interface-dlci 221
hostname
R3
!

no
ip domain-lookup
interface
Serial0/2

!### POINT-TO-POINT LINK TO R3 ###

interface
Loopback0255.255.255.252
ip add 10.80.23.1

description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.30.1 255.255.255.0
no

!exit

interface
Serial0/0
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
no ip address
network
10.80.23.1 0.0.0.0

encapsulation
frame-relay
network 10.80.234.2
0.0.0.0
serial
0
networkrestart-delay
10.80.20.1 0.0.0.0

!##################################################
no frame-relay
auto-summaryinverse-arp
!#
Free
WorkbookSerial0/0.221
Lab 8-4 R4 Initial Config
no
shut CCNA
neighbor
10.80.234.1

!##################################################
!exit
!
interface Serial0/0.321 point-to-point

enable
description
### FRAME RELAY LINK TO R1 ###
line
con 0
configure
terminal
ip
address
10.80.234.3 255.255.255.248
logging
sync
!frame-relay
interface-dlci 321
no exec-timeout
hostname
R4
!

no
interface
Serial0/1
endip domain-lookup

!description ### POINT-TO-POINT LINK TO R2 ###


interface
Loopback0
ip address
10.80.23.2 255.255.255.252
description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.40.1 255.255.255.0
no

!exit

interface
Serial0/0
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
ip address
10.80.234.4
255.255.255.248
network
10.80.23.2
0.0.0.0

encapsulation
frame-relay
network 10.80.234.3
0.0.0.0
serial
0
networkrestart-delay
10.80.30.1 0.0.0.0

!##################################################
no frame-relay
auto-summaryinverse-arp
!#
Free
CCNA
Lab421
8-4 R5 Initial Config
frame
map
ip Workbook
10.80.234.1
neighbor
10.80.234.1
Serial0/0.321

!##################################################
no
shut
exit
!

enable
interface
line con 0Serial0/1

configure
terminal
description
### POINT-TO-POINT LINK TO R5 ###
logging sync
!ip
10.80.45.1 255.255.255.252
no address
exec-timeout
hostname
R5
ppp
!encapsulation

no
domain-lookup
noip
shut
end

!exit

interface
Loopback0
!

description
router
eigrp ###
10 SIMULATED NETWORK ###
ip address
10.80.50.1
255.255.255.0
network
10.80.45.1
0.0.0.0

!network 10.80.234.4 0.0.0.0


interface
Serial0/1 0.0.0.0
network 10.80.40.1

description
### POINT-TO-POINT LINK TO R4 ###
no auto-summary
ip
address
10.80.45.2Serial0/0
255.255.255.252
neighbor
10.80.234.1

encapsulation
ppp
exit

!no shut

exitcon 0
line

Lab Objectives
!logging sync

router
eigrp 10
no exec-timeout

!network 10.80.45.2 0.0.0.0


network 10.80.50.1 0.0.0.0
end
no auto-summary
exit

Configure R5 as an EIGRP stub network to send connected and summary routes only to its neighboring router(s)

line con 0

logging sync

no exec-timeout
!
end

Verify R5s EIGRP stub router configuration using only R4.

Lab Instruction
Objective 1. Configure R5 as an EIGRP stub network to send connected and summary routes only to its neighboring router(s).
There are two different commands you can use to accomplish this objective which do the exact same thing. The first one being eigrp

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-stub-area-networks/[4/12/2015 7:15:16 PM]

Configuring EIGRP Stub Area Networks | Free CCNA Workbook

stub which is the default eigrp stub type and will send connected and summary routes or you can use eigrp stub connected summary
which will give you the same result. This lab will demonstrate the default eigrp stub type as shown below;
R5>enable
R5#configure terminal
Enter configuration commands, one per line.
R5(config)#router eigrp 10
R5(config-router)#eigrp stub
R5(config-router)#end
R5#
%SYS-5-CONFIG_I: Configured from console by
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor
is down: peer info changed
R5#
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor
is up: new adjacency
R5#

End with CNTL/Z.

console
10.80.45.1 (Serial0/1)
10.80.45.1 (Serial0/1)

Objective 2. Verify R5s EIGRP stub router configuration using only R4.
To view rather or not a neighbor is an EIGRP stub router use the show ip eigrp neighbor detail command in privileged mode as
shown below.
R4>show ip eigrp neighbors detail
IP-EIGRP neighbors for process 10
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 10.80.45.2 Se0/1 13 00:05:04 1046 5000 0 55
Version 12.4/1.2, Retrans: 2, Retries: 0, Prefixes: 2
Stub Peer Advertising ( CONNECTED SUMMARY ) Routes
Suppressing queries
1 10.80.234.1 Se0/0 155 00:50:43 126 756 0 71
Static neighbor
Version 12.4/1.2, Retrans: 3, Retries: 0, Prefixes: 11
R4>
As you can see from the output of R4 (10.80.45.2) shown above it is Stub Peer Advertising (CONNECTED SUMMARY ) Routes and
below that shows Suppressing Queries This verifies that R5 is indeed an EIGRP stub router and that it is advertising only
connected and summary routes and will not be queried upon EIGRP network re-convergence.

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-stub-area-networks/[4/12/2015 7:15:16 PM]

Next Lab

Configuring EIGRP Stub Area Networks | Free CCNA Workbook


Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-stub-area-networks/[4/12/2015 7:15:16 PM]

Configuring EIGRP Timers | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring EIGRP Timers

When working with EIGRP you may be required to tune the timers to meet network requirements for resiliency. This
lab will discuss and demonstrate the configuration and verification of EIGRP Timers.

Real World Application & Core Knowledge


So up until now youve learned how to configure EIGRP neighbor relationships and how to configure which interfaces participate in
the EIGRP routing process. Now its time to get further in depth with the operation of EIGRP.
EIGRP uses two separate timers to ensure neighbor relationships remain established. These timers are called the Hello timer and
the Hold Down Timer. If youre familiar with the operation of RIP then you should be able to make a very good guess as to what
these timers are responsible for.
The hello timer is the interval at which a router will send hello messages to neighboring routers to let them know that the originating
router is still online and the hold-down timer is the interval at which to consider a neighbor dead if a hello message is not received
during that time window.
The default hello timer for a high-speed broadcast network link is 5 seconds and the hold-down timer is 15 seconds whereas the
default timers for slow-speed NBMA link are 60 seconds hello and 180 seconds dead. A slow-speed NBMA link is classified as any
NBMA link with speeds equal to or less than 1544Kbps (A single T1)
There is a common misconception that the Hello and Hold-down timers must match between routers to form an adjacency but in fact
they do not need to match at all. When a router sends a hello packet to a neighboring router the hello packet includes the hold down
timer which essentially tells the receiving router If you do not hear from me in this amount of time consider me dead and get on with
your router life.
However There is one exception to this rule. If you have multiple routers on a network that form adjacencies then all of those

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-timers/[4/12/2015 7:15:35 PM]

Configuring EIGRP Timers | Free CCNA Workbook

routers must have matching hello/dead timers or the adjacencies will flap. This is a common problem with EIGRP in a frame-relay
hub and spoke topology where a single T1 NBMA PVC does not support broadcast. In this case the broadcast PVCs will use the
hello/dead timers of 5/15 whereas the non-broadcast PVC will use 60/180. This will cause the hub to have adjacencies with
neighbors with different timers on the same physical network thus causing flapping adjacencies.
If you completed the previous lab you should have noticed on all routers in the frame-relay hub-and-spoke topology that the
adjacencies were flapping with the hub router. This is due to a multiple timer mismatch on the hub with one or more spokes. This lab
teach you how to resolve that problem.
The next big reason as to why you may want to manually change the timers on an EIGRP routed network is to increase network
outage detection and re-convergence time. By default on high speed links the hello/dead timer is 5/15 so with that in mind if a router
goes down it will take up to 15 seconds before the neighboring routers know about this outage and then begin to reconverge on the
outage. In some networks its idea to have the ability to detect router outages as quick as possible and in this case you can configure
the hello timer to 1 second and dead timer to 3 seconds.
The EIGRP Hello and Hold-Down timers are configured on a per-interface basis using the ip hello-interval eigrp AS# timeinseconds#
and ip hold-time eigrp as# timeinseconds# commands in interface configuration mode.
Familiarize yourself with the following new command(s);

Command

Description

ip hello-interval eigrp AS# timeinseconds#

This command is executed in interface configuration mode to manually configure


an EIGRP hello interval on a per-interface per autonomous system basis. Time is
specified in seconds.

ip hold-time eigrp as# timeinseconds#

This command is executed in interface configuration mode to manually configure


an EIGRP dead interval on a per-interface per autonomous system basis. Time is
specified in seconds.

This lab will continue to build upon the topology previously used in Lab 8-4 and other labs found through out Section 8.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-timers/[4/12/2015 7:15:35 PM]

Configuring EIGRP Timers | Free CCNA Workbook

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4 and R5.
Establish a console session with devices R1, R2, R3, R4 and R5 than load the initial configurations provided below by copying
the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-timers/[4/12/2015 7:15:35 PM]

Configuring EIGRP Timers | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 8-5 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.80.20.1 255.255.255.0

interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


no ip address
encapsulation frame-relay
serial restart-delay 0

!##################################################
no frame-relay inverse-arp
!#
no Free
shut CCNA Workbook Lab 8-5 R3 Initial Config

!##################################################
!
!
interface Serial0/0.221 point-to-point

enable
description ### FRAME RELAY LINK TO R1 ###
configure
terminal
ip address
10.80.234.2 255.255.255.248
!frame-relay interface-dlci 221
hostname
R3
!

no
ip domain-lookup
interface
Serial0/2

!### POINT-TO-POINT LINK TO R3 ###

interface
Loopback0255.255.255.252
ip add 10.80.23.1

description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.30.1 255.255.255.0
no

!exit

interface
Serial0/0
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
no ip address
network
10.80.23.1 0.0.0.0

encapsulation
frame-relay
network 10.80.234.2
0.0.0.0
serial
0
networkrestart-delay
10.80.20.1 0.0.0.0

!##################################################
no frame-relay
auto-summaryinverse-arp
!#
Free
WorkbookSerial0/0.221
Lab 8-5 R4 Initial Config
no
shut CCNA
neighbor
10.80.234.1

!##################################################
!exit
!
interface Serial0/0.321 point-to-point

enable
description
### FRAME RELAY LINK TO R1 ###
line
con 0
configure
terminal
ip
address
10.80.234.3 255.255.255.248
logging
sync
!frame-relay
interface-dlci 321
no exec-timeout
hostname
R4
!

no
interface
Serial0/1
endip domain-lookup

!description ### POINT-TO-POINT LINK TO R2 ###


interface
Loopback0
ip address
10.80.23.2 255.255.255.252
description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.40.1 255.255.255.0
no

!exit

interface
Serial0/0
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
ip address
10.80.234.4
255.255.255.248
network
10.80.23.2
0.0.0.0

encapsulation
frame-relay
network 10.80.234.3
0.0.0.0
serial
0
networkrestart-delay
10.80.30.1 0.0.0.0

!##################################################
no frame-relay
auto-summaryinverse-arp
!#
Free
CCNA
Lab421
8-5 R5 Initial Config
frame
map
ip Workbook
10.80.234.1
neighbor
10.80.234.1
Serial0/0.321

!##################################################
no
shut
exit
!

enable
interface
line con 0Serial0/1

configure
terminal
description
### POINT-TO-POINT LINK TO R5 ###
logging sync
!ip
10.80.45.1 255.255.255.252
no address
exec-timeout
hostname
R5
ppp
!encapsulation

no
domain-lookup
noip
shut
end

!exit

interface
Loopback0
!

description
router
eigrp ###
10 SIMULATED NETWORK ###
ip address
10.80.50.1
255.255.255.0
network
10.80.45.1
0.0.0.0

!network 10.80.234.4 0.0.0.0


interface
Serial0/1 0.0.0.0
network 10.80.40.1

description
### POINT-TO-POINT LINK TO R4 ###
no auto-summary
ip
address
10.80.45.2Serial0/0
255.255.255.252
neighbor
10.80.234.1

encapsulation
ppp
exit

!no shut

exitcon 0
line

Lab Objectives
!logging sync

router
eigrp 10
no exec-timeout
!no auto-summary
eigrp stub
end

network 10.80.45.2 0.0.0.0


network 10.80.50.1 0.0.0.0
exit

Configure EIGRP on R4 to send Hellos to R1 at 5 seconds and a dead timer of 15 seconds.

line con 0

logging sync
no exec-timeout
!

Verify your configuration on R1 by using the show ip eigrp neighbor command.

end

Lab Instruction
Objective 1. Configure EIGRP on R4 to send Hellos to R1 at 5 seconds and a dead timer of 15 seconds.
To complete this objective youll use the two commands discussed in the core knowledge section of this lab as shown below;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-timers/[4/12/2015 7:15:35 PM]

Configuring EIGRP Timers | Free CCNA Workbook

R4>enable
R4#configure terminal
Enter configuration commands, one per line.
R4(config)#interface Serial0/0
R4(config-if)#ip hello-interval eigrp 10 5
R4(config-if)#ip hold-time eigrp 10 15
R4(config-if)#end
R4#

End with CNTL/Z.

Objective 2. Verify your configuration on R1 by using the show ip eigrp neighbor command.
You can easily determine the hello/dead timers of an EIGRP neighbor by viewing the neighbor adjacencies. If the hold timer is less
then 15 seconds then its safe to assume that the neighbor is using a 5 second hello interval and a 15 second dead timer. You can
view the neighbor table multiple times to see that the hold timer is reset back to 15 seconds upon each receipt of a hello packet as
shown below;
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 10
H
Address
Interface
2
10.80.234.4
Se0/0
1
10.80.234.3
Se0/0
0
10.80.234.2
Se0/0
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 10
H
Address
Interface
2
10.80.234.4
Se0/0
1
10.80.234.3
Se0/0
0
10.80.234.2
Se0/0
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 10
H
Address
Interface
2
10.80.234.4
Se0/0
1
10.80.234.3
Se0/0
0
10.80.234.2
Se0/0
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 10
H
Address
Interface
2
10.80.234.4
Se0/0
1
10.80.234.3
Se0/0
0
10.80.234.2
Se0/0
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 10
H
Address
Interface
2
10.80.234.4
Se0/0
1
10.80.234.3
Se0/0
0
10.80.234.2
Se0/0
R1#show ip eigrp neighbors
IP-EIGRP neighbors for process 10
H
Address
Interface
2
10.80.234.4
1
10.80.234.3
0
10.80.234.2
R1#

Se0/0
Se0/0
Se0/0

Hold Uptime
SRTT
(sec)
(ms)
11 00:18:25 510
11 00:18:53 509
12 00:20:02 529

RTO

Hold Uptime
SRTT
(sec)
(ms)
11 00:18:25 510
10 00:18:54 509
12 00:20:03 529

RTO

Hold Uptime
SRTT
(sec)
(ms)
10 00:18:26 510
10 00:18:54 509
12 00:20:03 529

RTO

Hold Uptime
SRTT
(sec)
(ms)
10 00:18:26 510
10 00:18:54 509
11 00:20:03 529

RTO

Hold Uptime
SRTT
(sec)
(ms)
10 00:18:26 510
14 00:18:54 509
11 00:20:03 529

RTO

Hold Uptime
SRTT
(sec)
(ms)
14 00:18:26 510
14 00:18:54 509
11 00:20:03 529

RTO

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-timers/[4/12/2015 7:15:35 PM]

Q Seq
Cnt Num
3060 0 12
3054 0 17
3174 0 17
Q Seq
Cnt Num
3060 0 12
3054 0 17
3174 0 17
Q Seq
Cnt Num
3060 0 12
3054 0 17
3174 0 17
Q Seq
Cnt Num
3060 0 12
3054 0 17
3174 0 17
Q Seq
Cnt Num
3060 0 12
3054 0 17
3174 0 17
Q Seq
Cnt Num
3060 0 12
3054 0 17
3174 0 17

Next Lab

Configuring EIGRP Timers | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-timers/[4/12/2015 7:15:35 PM]

Configuring EIGRP Maximum Paths | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring EIGRP Maximum Paths

EIGRP by default load balances using 4 routes with identical metrics however you may need to change this for
whatever reason. This lab will discuss and demonstrate the configuration and verification of EIGRP Maximum Paths

Real World Application & Core Knowledge


Now that your understanding of EIGRP has evolved lets touch on a few of the more advanced features of the routing protocol. EIGRP
by default will load sharing over a maximum of 4 routes if they all have the same metric as shown by the show ip protocols command
under Maximum Paths.
This number can be an integer value between 1 and 32. While load sharing over 32 routes is unheard of, there are some scenarios
out there that would require such network configuration.
It is common practice to load share over multiple WAN links to some degree rather it be using load balanced routes in the routing
table or some other technology such as ether-channel or ppp multi-link.
When the router load balances over multiple paths using the routing table, the default load balancing behavior is per-destination load
sharing. Some platforms support different algorithms such as per-packet and per source port/per destination port or both layer4
ports.
In this lab you will learn how to statically set the maximum paths that EIGRP can use for ip route based load sharing.
If youve completed Lab 8-5 Configuring EIGRP Timers, then youll notice on R1 if you view the routing table that the router is load
sharing to the 10.80.23.0/30 network via R2 and R3. This is because R1 has two routes to that destination network with the same
metric.
To statically configure EIGRPs maximum paths value, youll need to use the maximum-paths command in EIGRP router

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-maximum-paths/[4/12/2015 7:15:56 PM]

Configuring EIGRP Maximum Paths | Free CCNA Workbook

configuration mode followed by the the number value of paths.


Familiarize yourself with the following new command(s);

Command

Description

maximum-paths #

This command is executed in EIGRP router configuration mode to statically configure the
maximum paths value on a per router basis.

This lab will continue to build upon the topology previously used in Lab 8-5 and other labs found through out Section 8.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4 and R5.
Establish a console session with devices R1, R2, R3, R4 and R5 than load the initial configurations provided below by copying
the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-maximum-paths/[4/12/2015 7:15:56 PM]

Configuring EIGRP Maximum Paths | Free CCNA Workbook

!##################################################
!#

Free CCNA Workbook Lab 8-6 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.80.20.1 255.255.255.0
!

interface Serial00
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0

!##################################################
no frame-relay inverse-arp
!#
no Free
shut CCNA Workbook Lab 8-6 R3 Initial Config

!##################################################
!
!
interface Serial00.221 point-to-point

enable
description ### FRAME RELAY LINK TO R1 ###
configure
terminal
ip address
10.80.234.2 255.255.255.248
!frame-relay interface-dlci 221
hostname
R3
!

no
ip domain-lookup
interface
Serial02

!### POINT-TO-POINT LINK TO R3 ###

interface
Loopback0255.255.255.252
ip add 10.80.23.1

description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.30.1 255.255.255.0
no

!exit

interface
Serial00
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
no ip address
network
10.80.23.1 0.0.0.0

encapsulation
frame-relay
network 10.80.234.2
0.0.0.0
serial
0
networkrestart-delay
10.80.20.1 0.0.0.0

!##################################################
no frame-relay
auto-summaryinverse-arp
!#
Free
WorkbookSerial00.221
Lab 8-6 R4 Initial Config
no
shut CCNA
neighbor
10.80.234.1

!##################################################
!exit
!
interface Serial00.321 point-to-point

enable
description
### FRAME RELAY LINK TO R1 ###
line
con 0
configure
terminal
ip
address
10.80.234.3 255.255.255.248
logging
sync
!frame-relay
interface-dlci 321
no exec-timeout
hostname
R4
!

no
interface
Serial01
endip domain-lookup

!description ### POINT-TO-POINT LINK TO R2 ###


interface
Loopback0
ip address
10.80.23.2 255.255.255.252
description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.40.1 255.255.255.0
no

!exit

interface
Serial00
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
ip address
10.80.234.4
255.255.255.248
network
10.80.23.2
0.0.0.0

ip
hello-interval
eigrp
10 5
network
10.80.234.3
0.0.0.0
ip
hold-time
eigrp 10
15
network
10.80.30.1
0.0.0.0

!##################################################
encapsulation
frame-relay
no auto-summary
!#
Freerestart-delay
CCNA
Workbook0
Lab 8-6 R5 Initial Config
serial
neighbor
10.80.234.1
Serial00.321

!##################################################
no
frame-relay inverse-arp
exit
!frame map ip 10.80.234.1 421
enable
no shut
line
con 0

configure
terminal
!logging sync

!
interface
Serial01
no exec-timeout

hostname
R5 ### POINT-TO-POINT LINK TO R5 ###
!description
no
domain-lookup
ipip
address
10.80.45.1 255.255.255.252
end

!encapsulation ppp

interface
no shut Loopback0

description
### SIMULATED NETWORK ###
exit

!ip address 10.80.50.1 255.255.255.0


!
router eigrp 10

interface
Serial01 0.0.0.0
network 10.80.45.1

description
### POINT-TO-POINT
LINK TO R4 ###
network 10.80.234.4
0.0.0.0
ip
address
10.80.45.2
255.255.255.252
network
10.80.40.1
0.0.0.0

encapsulation
ppp
no auto-summary

no
shut 10.80.234.1 Serial00
neighbor
exit

Lab Objectives
!

router
eigrp
10
line con
0

no
auto-summary
logging
sync

eigrp
stub
no exec-timeout

!network 10.80.45.2 0.0.0.0


network 10.80.50.1 0.0.0.0
end
exit

On R1, view the routing table and verify that R1 is load-balancing to 10.80.23.0/30; afterward, specify the maximum paths for

line con 0

logging sync
no exec-timeout
!
end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-maximum-paths/[4/12/2015 7:15:56 PM]

Configuring EIGRP Maximum Paths | Free CCNA Workbook

EIGRP Autonomous System 10 to use only 1 path.


Verify your configuration by using the show ip route command.

Lab Instruction
Objective 1. On R1, view the routing table and verify that R1 is load-balancing to 10.80.23.0/30; afterward, specify the maximum
paths for EIGRP Autonomous System 10 to use only 1 path.
R1>show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.80.0.0/8 is variably subnetted, 11 subnets, 4 masks
10.80.50.0/24 [90/2809856] via 10.80.234.4, 01:13:17, Serial00
10.80.40.0/24 [90/640256] via 10.80.234.4, 01:13:17, Serial00
10.80.23.1/32 [90/2681856] via 10.80.234.3, 01:13:17, Serial00
10.80.23.0/30 [90/2681856] via 10.80.234.3, 01:13:17, Serial00
[90/2681856] via 10.80.234.2, 01:13:17, Serial00
D
10.80.23.2/32 [90/2681856] via 10.80.234.2, 01:13:17, Serial00
D
10.80.30.0/24 [90/640256] via 10.80.234.3, 01:13:17, Serial00
D
10.80.45.2/32 [90/2681856] via 10.80.234.4, 01:13:17, Serial00
D
10.80.45.0/30 [90/2681856] via 10.80.234.4, 01:13:17, Serial00
D
10.80.20.0/24 [90/512512] via 10.80.234.2, 01:13:17, Serial00
C
10.80.10.0/24 is directly connected, Loopback0
C
10.80.234.0/29 is directly connected, Serial00
R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router eigrp 10
R1(config-router)#maximum-paths 1
R1(config-router)#end
R1#
D
D
D
D

Objective 2. Verify your configuration by using the show ip route command.


R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
D
D
D
D
D
D
D
D
D
C
C
R1#

10.80.0.0/8 is variably subnetted, 11 subnets, 4 masks


10.80.50.0/24 [90/2809856] via 10.80.234.4, 00:01:23, Serial00
10.80.40.0/24 [90/640256] via 10.80.234.4, 00:01:23, Serial00
10.80.23.1/32 [90/2681856] via 10.80.234.3, 00:01:23, Serial00
10.80.23.0/30 [90/2681856] via 10.80.234.2, 00:01:23, Serial00
10.80.23.2/32 [90/2681856] via 10.80.234.2, 00:01:23, Serial00
10.80.30.0/24 [90/640256] via 10.80.234.3, 00:01:23, Serial00
10.80.45.2/32 [90/2681856] via 10.80.234.4, 00:01:23, Serial00
10.80.45.0/30 [90/2681856] via 10.80.234.4, 00:01:23, Serial00
10.80.20.0/24 [90/512512] via 10.80.234.2, 00:01:23, Serial00
10.80.10.0/24 is directly connected, Loopback0
10.80.234.0/29 is directly connected, Serial00

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-maximum-paths/[4/12/2015 7:15:56 PM]

Configuring EIGRP Maximum Paths | Free CCNA Workbook

As you can see from the routing table on R1 shown above that R1 is no longer load balancing traffic to 10.80.23.0/30 via R2 and R3
but using only R3 as the next hop.
You can view the EIGRP topology and the route to 10.80.23.0/30 via R2 will become the feasible successor (backup route) as shown
below;
R1#show ip eigrp topology
IP-EIGRP Topology Table for AS(10)/ID(10.80.10.1)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 10.80.50.0/24, 1 successors, FD is 2298112
via 10.80.234.4 (2809856/2297856), Serial00
P 10.80.40.0/24, 1 successors, FD is 128512
via 10.80.234.4 (640256/128256), Serial00
P 10.80.23.1/32, 1 successors, FD is 2170112
via 10.80.234.3 (2681856/2169856), Serial00
P 10.80.23.0/30, 1 successors, FD is 2170112
via 10.80.234.2 (2681856/2169856), Serial00
via 10.80.234.3 (2681856/2169856), Serial00
P 10.80.23.2/32, 1 successors, FD is 2170112
via 10.80.234.2 (2681856/2169856), Serial00
P 10.80.30.0/24, 1 successors, FD is 128512
via 10.80.234.3 (640256/128256), Serial00
P 10.80.45.2/32, 1 successors, FD is 2170112
via 10.80.234.4 (2681856/2169856), Serial00
P 10.80.45.0/30, 1 successors, FD is 2170112
via 10.80.234.4 (2681856/2169856), Serial00
P 10.80.20.0/24, 1 successors, FD is 768
via 10.80.234.2 (512512/512), Serial00
P 10.80.10.0/24, 1 successors, FD is 128256
via Connected, Loopback0
P 10.80.234.0/29, 1 successors, FD is 512256
via Connected, Serial00
R1#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-maximum-paths/[4/12/2015 7:15:56 PM]

Configuring EIGRP Maximum Paths | Free CCNA Workbook

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-maximum-paths/[4/12/2015 7:15:56 PM]

Configuring EIGRP Passive Interface | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring EIGRP Passive Interface

There will be times where you want an interface to participate in EIGRP but not establish neighbors on it. This lab will
discuss and demonstrate the configuration and verification of EIGRP Passive Interfaces.

Real World Application & Core Knowledge


When you configure EIGRP using a broad network statement such as network 10.80.0.0 0.0.255.255; any interface you bring online
with an ip address that falls in that range will start advertising and processing received hellos on that interface.
In some scenarios you may want to disable EIGRP from sending and receiving Hellos on a particular interface however you may still
need that network which the interface is connected to be advertised throughout the routed domain.
A great example of this would be disabling EIGRP hellos on a link that goes from a distribution switch to a layer 2 access switch;
another great example would a network hand off link to a 3rd party organization which you have no control over, in this case you
would need to advertise that particular link through out your own routed domain but not allow the 3rd party to receive hellos or send
hellos to your device.
To configure an interface as a passive interface in EIGRP, youll use the passive-interface interface#/# command in EIGRP router
configuration mode.
To verify rather or not an interface is in passive-mode you can use the show ip protocols command in privileged mode.
For arguments sake, when attempting this lab vision that a NEW link has been brought up on R5 which connects to an access switch,
one which you have no control over. In this case you need configure the routers interface as a passive interface to prevent the router
from sending hellos to this new access switch or process any hellos received by the access switch.
Familiarize yourself with the following new command(s);

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-passive-interface/[4/12/2015 7:16:15 PM]

Configuring EIGRP Passive Interface | Free CCNA Workbook

Command

Description

passive-interface
interface#/#

This command is executed in EIGRP router configuration mode to configure an interface as an


EIGRP passive interface. This command will disable EIGRP from sending and processing
received hellos on the specified interface.

This lab will continue to build upon the topology previously used in Lab 8-6 and other labs found through out Section 8.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4 and R5.
Establish a console session with devices R1, R2, R3, R4 and R5 than load the initial configurations provided below by copying
the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-passive-interface/[4/12/2015 7:16:15 PM]

Configuring EIGRP Passive Interface | Free CCNA Workbook

!##################################################
!#

Free CCNA Workbook Lab 8-7 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.80.20.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0

!##################################################
no frame-relay inverse-arp
!#
no Free
shut CCNA Workbook Lab 8-7 R3 Initial Config

!##################################################
!
!
interface Serial0/0.221 point-to-point

enable
description ### FRAME RELAY LINK TO R1 ###
configure
terminal
ip address
10.80.234.2 255.255.255.248
!frame-relay interface-dlci 221
hostname
R3
!

no
ip domain-lookup
interface
Serial0/2

!### POINT-TO-POINT LINK TO R3 ###

interface
Loopback0255.255.255.252
ip add 10.80.23.1

description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.30.1 255.255.255.0
no

!exit

interface
Serial0/0
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
no ip address
network
10.80.23.1 0.0.0.0

encapsulation
frame-relay
network 10.80.234.2
0.0.0.0
serial
0
networkrestart-delay
10.80.20.1 0.0.0.0

!##################################################
no frame-relay
auto-summaryinverse-arp
!#
Free
WorkbookSerial0/0.221
Lab 8-7 R4 Initial Config
no
shut CCNA
neighbor
10.80.234.1

!##################################################
!exit
!
interface Serial0/0.321 point-to-point

enable
description
### FRAME RELAY LINK TO R1 ###
line
con 0
configure
terminal
ip
address
10.80.234.3 255.255.255.248
logging
sync
!frame-relay
interface-dlci 321
no exec-timeout
hostname
R4
!

no
interface
Serial0/1
endip domain-lookup

!description ### POINT-TO-POINT LINK TO R2 ###


interface
Loopback0
ip address
10.80.23.2 255.255.255.252
description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.40.1 255.255.255.0
no

!exit

interface
Serial0/0
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
ip address
10.80.234.4
255.255.255.248
network
10.80.23.2
0.0.0.0

ip
hello-interval
eigrp
10 5
network
10.80.234.3
0.0.0.0
ip
hold-time
eigrp 10
15
network
10.80.30.1
0.0.0.0

!##################################################
encapsulation
frame-relay
no auto-summary
!#
Freerestart-delay
CCNA
Workbook0
Lab 8-7 R5 Initial Config
serial
neighbor
10.80.234.1
Serial0/0.321

!##################################################
no
frame-relay inverse-arp
exit
!frame map ip 10.80.234.1 421
enable
no shut
line
con 0

configure
terminal
!logging sync

!
interface
Serial0/1
no exec-timeout

hostname
R5 ### POINT-TO-POINT LINK TO R5 ###
!description
no
domain-lookup
ipip
address
10.80.45.1 255.255.255.252
end

!encapsulation ppp

interface
no shut Loopback0

description
### SIMULATED NETWORK ###
exit

!ip address 10.80.50.1 255.255.255.0


!
router eigrp 10

interface
Serial0/1 0.0.0.0
network 10.80.45.1

description
### POINT-TO-POINT
LINK TO R4 ###
network 10.80.234.4
0.0.0.0
ip
address
10.80.45.2
255.255.255.252
network
10.80.40.1
0.0.0.0

encapsulation
ppp
no auto-summary

no
shut 10.80.234.1 Serial0/0
neighbor
exit

Lab Objectives
!

router
eigrp
10
line con
0

no
auto-summary
logging
sync

eigrp
stub
no exec-timeout

!network 10.80.45.2 0.0.0.0


network 10.80.50.1 0.0.0.0
end
exit

On R5 create the new loopback interface using the IP address of 10.50.0.1/24 then add the respective network statement into

line con 0

logging sync
no exec-timeout
!
end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-passive-interface/[4/12/2015 7:16:15 PM]

Configuring EIGRP Passive Interface | Free CCNA Workbook

EIGRP AS 10.
Configure R5s newly created loopback interface as a passive-interface.
Verify your configuration by using the show ip protocols command.

Lab Instruction
Objective 1. On R5 create the new loopback interface using the IP address of 10.50.0.1/24 then add the respective network
statement into EIGRP AS 10.
R5>enable
R5#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R5(config)#interface loopback5
*Jul 3 19:00:19.631: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback5, changed state
to up
R5(config-if)#ip add 10.50.0.1 255.255.255.0
R5(config-if)#exit
R5(config)#router eigrp 10
R5(config-router)#network 10.50.0.1 0.0.0.0
R5(config-router)#

Objective 2. Configure R5s newly created loopback interface as a passive-interface.


R5(config-router)#passive-interface Lo5
R5(config-router)#end
R5#
Objective 3. Verify your configuration by using the show ip protocols command.
R5#show ip protocols
Routing Protocol is "eigrp 10"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Default networks flagged in outgoing updates
Default networks accepted from incoming updates
EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
EIGRP maximum hopcount 100
EIGRP maximum metric variance 1
EIGRP stub, connected, summary
Redistributing: eigrp 10
EIGRP NSF-aware route hold timer is 240s
Automatic network summarization is not in effect
Maximum path: 4
Routing for Networks:
10.80.45.2/32
10.50.0.1/32
10.80.50.1/32
Passive Interface(s):
Loopback5
Routing Information Sources:
Gateway
Distance
Last Update
10.80.45.1
90
00:08:41
Distance: internal 90 external 170
R5#

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-passive-interface/[4/12/2015 7:16:15 PM]

Next Lab

Configuring EIGRP Passive Interface | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-passive-interface/[4/12/2015 7:16:15 PM]

Configuring EIGRP Route Summarization | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring EIGRP Route Summarization

EIGRP Route summarization is used to conserve resources and clean up the routing table. It can also advanced route
engineering based on route summaries and longest match. This lab will discuss and demonstrate the configuration
and verification of EIGRP Route summarization.

Real World Application & Core Knowledge


If you completed Lab 7-8 Configuring RIP Route Summarization then you should have a basic understanding of how route
summarization works. If you did not then to sum it all up; its basically the operation at which you subnet different subnets into a
single larger subnet which gets advertised to neighboring routers to conserve router resources. For example, if you advertise a /22
subnet which encompasses four single /24 networks then youre effectively cutting the resource requirements of neighboring routers
by 75%; in which case an upstream router will have a single /22 route instead of four /24 routes to the same geographic location.
Configuring a summary address for EIGRP is done on a per interface basis uses practically the same command as configuring a
summary address for RIP however there is a slight difference. When configuring a summary address on an interface for EIGRP youll
use the ip summary-address eigrp AS# n.n.n.n s.s.s.s.s command whereas RIP uses the ip summary-address rip n.n.n.n s.s.s.s
Another benefit of using summary routes (aka: route aggregation) is if a single route goes down that is contained within a summary
route, updates are not sent throughout the entire routed domain. Only the router advertising the summary route will know that the
more specific route has went down. For EIGRP, this will prevent unwanted queries and potentially SIA in the EIGRP autonomous
system.
In this lab you will configure four new loopback interfaces on R1 and configure a summary route on R1 advertised out the Framerelay hub-and-spoke interface as well as the point-to-point interface towards R2.
Familiarize yourself with the following new command(s);

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-route-summarization/[4/12/2015 7:16:37 PM]

Configuring EIGRP Route Summarization | Free CCNA Workbook

Command

Description

ip summary-address eigrp AS# n.n.n.n


s.s.s.s.s

This command is executed in interface configuration mode to configure an EIGRP


summary route to be advertised out a specific interface.

This lab will continue to build upon the topology previously used in Lab 8-7 and other labs found through out Section 8.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4 and R5.
Establish a console session with devices R1, R2, R3, R4 and R5 than load the initial configurations provided below by copying
the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-route-summarization/[4/12/2015 7:16:37 PM]

Configuring EIGRP Route Summarization | Free CCNA Workbook

!##################################################
!#

Free CCNA Workbook Lab 8-8 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.80.20.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0

!##################################################
no frame-relay inverse-arp
!#
no Free
shut CCNA Workbook Lab 8-8 R3 Initial Config

!##################################################
!
!
interface Serial0/0.221 point-to-point

enable
description ### FRAME RELAY LINK TO R1 ###
configure
terminal
ip address
10.80.234.2 255.255.255.248
!frame-relay interface-dlci 221
hostname
R3
!

no
ip domain-lookup
interface
Serial0/2

!### POINT-TO-POINT LINK TO R3 ###

interface
Loopback0255.255.255.252
ip add 10.80.23.1

description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.30.1 255.255.255.0
no

!exit

interface
Serial0/0
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
no ip address
network
10.80.23.1 0.0.0.0

encapsulation
frame-relay
network 10.80.234.2
0.0.0.0
serial
0
networkrestart-delay
10.80.20.1 0.0.0.0

!##################################################
no frame-relay
auto-summaryinverse-arp
!#
Free
WorkbookSerial0/0.221
Lab 8-8 R4 Initial Config
no
shut CCNA
neighbor
10.80.234.1

!##################################################
!exit
!
interface Serial0/0.321 point-to-point

enable
description
### FRAME RELAY LINK TO R1 ###
line
con 0
configure
terminal
ip
address
10.80.234.3 255.255.255.248
logging
sync
!frame-relay
interface-dlci 321
no exec-timeout
hostname
R4
!

no
interface
Serial0/1
endip domain-lookup

!description ### POINT-TO-POINT LINK TO R2 ###


interface
Loopback0
ip address
10.80.23.2 255.255.255.252
description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.40.1 255.255.255.0
no

!exit

interface
Serial0/0
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
ip address
10.80.234.4
255.255.255.248
network
10.80.23.2
0.0.0.0

ip
hello-interval
eigrp
10 5
network
10.80.234.3
0.0.0.0
ip
hold-time
eigrp 10
15
network
10.80.30.1
0.0.0.0

!##################################################
encapsulation
frame-relay
no auto-summary
!#
Freerestart-delay
CCNA
Workbook0
Lab 8-8 R5 Initial Config
serial
neighbor
10.80.234.1
Serial0/0.321

!##################################################
no
frame-relay inverse-arp
exit
!frame map ip 10.80.234.1 421
enable
no shut
line
con 0

configure
terminal
!logging sync

!
interface
Serial0/1
no exec-timeout

hostname
R5 ### POINT-TO-POINT LINK TO R5 ###
!description
no
domain-lookup
ipip
address
10.80.45.1 255.255.255.252
end

!encapsulation ppp

interface
no shut Loopback0

description
### SIMULATED NETWORK ###
exit

!ip address 10.80.50.1 255.255.255.0


!
router eigrp 10

interface
Loopback5 0.0.0.0
network 10.80.45.1

description
### SIMULATED
NETWORK ###
network 10.80.234.4
0.0.0.0
ip
address
10.50.0.1
255.255.255.0
network
10.80.40.1
0.0.0.0

!no auto-summary

interface
neighbor Serial0/1
10.80.234.1 Serial0/0

description
### POINT-TO-POINT LINK TO R4 ###
exit

Lab Objectives
!ip address 10.80.45.2 255.255.255.252
encapsulation
ppp
line
con 0
no
shut sync
logging

exit
no exec-timeout

router
eigrp 10
end

no auto-summary

Configure four new loopback interfaces on R1 using the numbers 4-7, configure these interfaces with the ip address range

eigrp stub

network 10.80.45.2 0.0.0.0


network 10.80.50.1 0.0.0.0
network 10.50.0.1 0.0.0.0

passive-interface Loopback5
exit
!

line con 0
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-route-summarization/[4/12/2015
7:16:37 PM]

Configuring EIGRP Route Summarization | Free CCNA Workbook

10.122.4.0/22. Tip: The 3rd octet as the interface number.


Configure a single network statement to encompass the four newly created loopback interfaces.
On R1 configure a summary address of 10.122.4.0/22 to be advertised out both the frame-relay hub-and-spoke interface.
Verify the summary address is being propagated correctly by viewing he routing table on R5.

Lab Instruction
Objective 1. Configure four new loopback interfaces on R1 using the numbers 4-7, configure these interfaces with the ip address
range 10.122.4.0/22. Tip: The 3rd octet as the interface number.
R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface loopback4
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback4, changed
to up
R1(config-if)#ip add 10.122.4.1 255.255.255.0
R1(config-if)#interface loopback5
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback5, changed
R1(config-if)#ip address 10.122.5.1 255.255.255.0
R1(config-if)#interface loopback6
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback6, changed
R1(config-if)#ip add 10.122.6.1 255.255.255.0
R1(config-if)#interface loopback 7
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback7, changed
R1(config-if)#ip add 10.122.7.1 255.255.255.0
R1(config-if)#exit
R1(config)#

state

state to up
state to up
state to up

Objective 2. Configure a single network statement to encompass the four newly created loopback interfaces.
R1(config)#router eigrp 10
R1(config-router)#network 10.122.4.0 0.0.3.255
R1(config-router)#exit
R1(config)#
Objective 3. On R1 configure a summary address of 10.122.4.0/22 to be advertised out both the frame-relay hub-and-spoke
interface.
R1(config)#interface Serial0/0
R1(config-if)#ip summary-address eigrp 10 10.122.4.0 255.255.252.0
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.80.234.4 (Serial0/0) is resync: summary configur
ed
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.80.234.3 (Serial0/0) is resync: summary configur
ed
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.80.234.2 (Serial0/0) is resync: summary configur
ed
R1(config-if)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#
Objective 4. Verify the summary address is being propagated correctly by viewing he routing table on R5.
R5>show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-route-summarization/[4/12/2015 7:16:37 PM]

Configuring EIGRP Route Summarization | Free CCNA Workbook

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area


N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C
D
D
D
D
D
C
C
D
D
C
D
D
R5>

10.80.0.0/8 is variably subnetted, 13 subnets, 5 masks


10.80.50.0/24 is directly connected, Loopback0
10.80.40.0/24 [90/2297856] via 10.80.45.1, 01:43:54, Serial0/1
10.80.23.1/32 [90/3705856] via 10.80.45.1, 01:43:54, Serial0/1
10.80.23.0/30 [90/3705856] via 10.80.45.1, 01:43:54, Serial0/1
10.80.23.2/32 [90/3705856] via 10.80.45.1, 01:43:54, Serial0/1
10.80.30.0/24 [90/3321856] via 10.80.45.1, 01:43:54, Serial0/1
10.80.45.1/32 is directly connected, Serial0/1
10.80.45.0/30 is directly connected, Serial0/1
10.80.20.0/24 [90/3321856] via 10.80.45.1, 01:43:54, Serial0/1
10.80.10.0/24 [90/2809856] via 10.80.45.1, 01:43:54, Serial0/1
10.50.0.0/24 is directly connected, Loopback5
10.122.4.0/22 [90/2809856] via 10.80.45.1, 00:05:37, Serial0/1
10.80.234.0/29 [90/2681856] via 10.80.45.1, 01:43:55, Serial0/1

Previous Lab

Like

Next Lab

17 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-route-summarization/[4/12/2015 7:16:37 PM]

Configuring EIGRP Route Summarization | Free CCNA Workbook

the GNS3 platform.

devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-route-summarization/[4/12/2015 7:16:37 PM]

Configuring EIGRP Default Route Propagation | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring EIGRP Default Route Propagation

Configuring static default routes on every device in the routed network can be cumbersome. with EIGRP you have the
ability to advertise a default route. This lab will discuss and demonstrate the configuration and verification of EIGRP
default route propagation.

Real World Application & Core Knowledge


If youve completed all the previous labs found in Section 8, then you have knowledgeable understanding of how to configure the
Enhanced Interior Gateway Routing Protocol (EIGRP) however there is one more topic left to touch upon before moving onto OSPF
which is the ability to advertise a default route using EIGRP.
If youve completed Configuring RIP Default Information Originate then youll have a good understanding of the benefits and
operational concept of dynamically advertising a default route within the routed domain however; unlike RIP, EIGRP uses a two
different methods commonly used to inject a default route into the EIGRP Topology table.
The first method being to advertising a 0.0.0.0/0 summary route via an interface to neighboring routers which will flag the route as the
default and install it into the routing table as the gateway of last resort and the second way being to create a static route and
redistribute that static route into the EIGRP autonomous system. This method will be discussed in Section 10.
In this lab you will learn to configure EIGRP to propagate the default route using a summary address on R1s hub-and-spoke framerelay interface. (Serial0/0). When configuring a default summary route for EIGRP, the router advertising the EIGRP default summary
route will suppress any upstream routes learned and only send the default summary route to down stream neighbors. For an
example; vision three routers connected via serial links in a a linear bus topology. R1 is connected to R2, then R2 is connected to
R3. If you configure a default summary route on the two interfaces of R2 facing R1 and R3, when R3 advertises directly connected
networks to R2, R2 will install those networks in its own routing table and only advertise a default route to R1.
However if a single edge router connecting to the internet is advertising a default route via a summary-address into EIGRP network

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-default-route-propagation/[4/12/2015 7:16:59 PM]

Configuring EIGRP Default Route Propagation | Free CCNA Workbook

then the default router will not be in the transit path of internal traffic thus all internal routers will have the full internal routing table.
You will use the same command as discussed in the previous lab; ip summary-address eigrp as# n.n.n.n s.s.s.s to advertise a default
route from R1 to the spoke routers in the hub-and-spoke topology which include R1, R2, R3 and R4.
This lab will continue to build upon the topology previously used in Lab 8-8 and other labs found through out Section 8.

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4 and R5.
Establish a console session with devices R1, R2, R3, R4 and R5 than load the initial configurations provided below by copying
the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-default-route-propagation/[4/12/2015 7:16:59 PM]

Configuring EIGRP Default Route Propagation | Free CCNA Workbook

!##################################################
!#

Free CCNA Workbook Lab 8-9 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.80.20.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address

encapsulation frame-relay
serial restart-delay 0

!##################################################
no frame-relay inverse-arp
!#
no Free
shut CCNA Workbook Lab 8-9 R3 Initial Config

!##################################################
!
!
interface Serial0/0.221 point-to-point

enable
description ### FRAME RELAY LINK TO R1 ###
configure
terminal
ip address
10.80.234.2 255.255.255.248
!frame-relay interface-dlci 221
hostname
R3
!

no
ip domain-lookup
interface
Serial0/2

!### POINT-TO-POINT LINK TO R3 ###

interface
Loopback0255.255.255.252
ip add 10.80.23.1

description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.30.1 255.255.255.0
no

!exit

interface
Serial0/0
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
no ip address
network
10.80.23.1 0.0.0.0

encapsulation
frame-relay
network 10.80.234.2
0.0.0.0
serial
0
networkrestart-delay
10.80.20.1 0.0.0.0

!##################################################
no frame-relay
auto-summaryinverse-arp
!#
Free
WorkbookSerial0/0.221
Lab 8-9 R4 Initial Config
no
shut CCNA
neighbor
10.80.234.1

!##################################################
!exit
!
interface Serial0/0.321 point-to-point

enable
description
### FRAME RELAY LINK TO R1 ###
line
con 0
configure
terminal
ip
address
10.80.234.3 255.255.255.248
logging
sync
!frame-relay
interface-dlci 321
no exec-timeout
hostname
R4
!

no
interface
Serial0/1
endip domain-lookup

!description ### POINT-TO-POINT LINK TO R2 ###


interface
Loopback0
ip address
10.80.23.2 255.255.255.252
description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip shut
address 10.80.40.1 255.255.255.0
no

!exit

interface
Serial0/0
!

description
router
eigrp ###
10 PHYSICAL FRAME RELAY INTERFACE ###
ip address
10.80.234.4
255.255.255.248
network
10.80.23.2
0.0.0.0

ip
hello-interval
eigrp
10 5
network
10.80.234.3
0.0.0.0
ip
hold-time
eigrp 10
15
network
10.80.30.1
0.0.0.0

!##################################################
encapsulation
frame-relay
no auto-summary
!#
Freerestart-delay
CCNA
Workbook0
Lab 8-9 R5 Initial Config
serial
neighbor
10.80.234.1
Serial0/0.321

!##################################################
no
frame-relay inverse-arp
exit
!frame map ip 10.80.234.1 421
enable
no shut
line
con 0

configure
terminal
!logging sync

!
interface
Serial0/1
no exec-timeout

hostname
R5 ### POINT-TO-POINT LINK TO R5 ###
!description
no
domain-lookup
ipip
address
10.80.45.1 255.255.255.252
end

!encapsulation ppp

interface
no shut Loopback0

description
### SIMULATED NETWORK ###
exit

!ip address 10.80.50.1 255.255.255.0


!
router eigrp 10

interface
Loopback5 0.0.0.0
network 10.80.45.1

description
### SIMULATED
NETWORK ###
network 10.80.234.4
0.0.0.0
ip
address
10.50.0.1
255.255.255.0
network
10.80.40.1
0.0.0.0

!no auto-summary

interface
neighbor Serial0/1
10.80.234.1 Serial0/0

description
### POINT-TO-POINT LINK TO R4 ###
exit

Lab Objectives
!ip address 10.80.45.2 255.255.255.252
encapsulation
ppp
line
con 0
no
shut sync
logging

exit
no exec-timeout

router
eigrp 10
end

no auto-summary

Create a summary route to advertise the address of the 0.0.0.0/0 network on R1s hub-and-spoke serial interface.

eigrp stub

network 10.80.45.2 0.0.0.0


network 10.80.50.1 0.0.0.0
network 10.50.0.1 0.0.0.0

passive-interface Loopback5
exit
!

line con 0
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-default-route-propagation/[4/12/2015
7:16:59 PM]

Configuring EIGRP Default Route Propagation | Free CCNA Workbook

Examine the routing tables on R3 and R4 to ensure the default route is being learned from R1 as well as other routes.

Lab Instruction
Objective 1. Create a summary route to advertise the address of the 0.0.0.0/0 network on R1s hub-and-spoke serial interface.
R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface Serial0/0
R1(config-if)#ip summary-address eigrp 10 0.0.0.0 0.0.0.0
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.80.234.4 (Serial0/0) is resync: summary configur
ed
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.80.234.3 (Serial0/0) is resync: summary configur
ed
%DUAL-5-NBRCHANGE: IP-EIGRP(0) 10: Neighbor 10.80.234.2 (Serial0/0) is resync: summary configur
ed
R1(config-if)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#

Objective 2. Examine the routing tables on R3 and R4 to ensure the default route is being learned from R1 as well as other routes.
R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.80.234.1 to network 0.0.0.0
C
C
C
D
D
C
D*
R3#

10.80.0.0/8 is variably subnetted, 6 subnets, 5 masks


10.80.23.1/32 is directly connected, Serial0/1
10.80.23.0/30 is directly connected, Serial0/1
10.80.30.0/24 is directly connected, Loopback0
10.80.20.0/24 [90/2297856] via 10.80.23.1, 00:43:57, Serial0/1
10.122.4.0/22 [90/2297856] via 10.80.234.1, 00:41:16, Serial0/0.321
10.80.234.0/29 is directly connected, Serial0/0.321
0.0.0.0/0 [90/2297856] via 10.80.234.1, 00:01:39, Serial0/0.321

If you examine the routing table of R3 as shown above youll notice that the default route 0.0.0.0/0 is being learned via 10.80.234.1
on interface Serial0/0.321 however youll also notice that routes that are advertised by R4 and R5 are no longer in the routing table
as but you can still ping those destinations. This is due to R1 only advertising the default route to neighboring routers.
In this case, R4 advertises all its connected networks such as 10.80.40.0/24 to R1 then R1 places this route in its routing table but
only advertises a default route to R2 and R3 however R2 and R3 are still able to get to R4s networks using only the default route.
You can see from examining the routing table of R4 shown below that the same thing is occurring to R4 as it only has a default route
which points to R1 and the previous more specific routes pointing towards R1 originally advertised by R2 and R3 have disappeared.
R4#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-default-route-propagation/[4/12/2015 7:16:59 PM]

Configuring EIGRP Default Route Propagation | Free CCNA Workbook

ia - IS-IS inter area, * - candidate default, U - per-user static route


o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.80.234.1 to network 0.0.0.0
D
C
C
C
D
D
C
D*
R4#

10.80.0.0/8 is variably subnetted, 7 subnets, 5 masks


10.80.50.0/24 [90/2297856] via 10.80.45.2, 00:51:28, Serial0/1
10.80.40.0/24 is directly connected, Loopback0
10.80.45.2/32 is directly connected, Serial0/1
10.80.45.0/30 is directly connected, Serial0/1
10.50.0.0/24 [90/2297856] via 10.80.45.2, 00:51:28, Serial0/1
10.122.4.0/22 [90/2297856] via 10.80.234.1, 00:48:47, Serial0/0
10.80.234.0/29 is directly connected, Serial0/0
0.0.0.0/0 [90/2297856] via 10.80.234.1, 00:09:10, Serial0/0

If you view the EIGRP topology table on R4 youll notice that routes from R3 are not being advertised to R4 via R1 but instead only a
default route is advertised as shown below;
R4#show ip eigrp topology
IP-EIGRP Topology Table for AS(10)/ID(10.80.40.1)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 0.0.0.0/0, 1 successors, FD is 2297856
via 10.80.234.1 (2297856/128256), Serial0/0
P 10.80.50.0/24, 1 successors, FD is 2297856
via 10.80.45.2 (2297856/128256), Serial0/1
P 10.80.40.0/24, 1 successors, FD is 128256
via Connected, Loopback0
P 10.80.45.2/32, 1 successors, FD is 2169856
via Rconnected (2169856/0)
P 10.80.45.1/32, 0 successors, FD is Inaccessible
via 10.80.45.2 (2681856/2169856), Serial0/1
P 10.80.45.0/30, 1 successors, FD is 2169856
via Connected, Serial0/1
P 10.50.0.0/24, 1 successors, FD is 2297856
via 10.80.45.2 (2297856/128256), Serial0/1
P 10.122.4.0/22, 1 successors, FD is 2297856
via 10.80.234.1 (2297856/128256), Serial0/0
P 10.80.234.0/29, 1 successors, FD is 2169856
via Connected, Serial0/0
R4#
As shown above in R4s EIGRP topology routes to 10.80.20.0/24, 10.80.30.0/24 and 10.80.23.0/30 do not exist however a route to
0.0.0.0/0 does which points to R1 which in turn has the missing routes from R4s routing table thus the giving full ip reachability as
shown below with the ping command;
R4#ping 10.80.30.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.80.30.1, timeout is 2 seconds:
Packet sent with a source address of 10.80.40.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 160/200/236 ms
R4#
The more preferred way of injecting a default route into the EIGRP topology is by redistributing a static route into EIGRP which will
show up as an External EIGRP Route in the routing table as denoted by D*EX next to the route and having an administrative
distance of 170. This method will be discussed in Section 10 Redistribution.

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-default-route-propagation/[4/12/2015 7:16:59 PM]

Next Lab

Configuring EIGRP Default Route Propagation | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-eigrp-default-route-propagation/[4/12/2015 7:16:59 PM]

Configuring Basic OSPF | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Basic OSPF

This lab will discuss and demonstrate the configuration and verification of

Real World Application & Core Knowledge


If youve completed the labs in the Free CCNA Workbook up until this point then boy youre in for a real treat. Free CCNA Workbook
has saved the best for last. Open Shortest Path First (Aka: OSPF)
OSPF is the industry standard in internal dynamic routing protocols and its supported on nearly all vendor platforms. So what makes
OSPF so special? Its really the functionality and the hierarchical nature of the protocol in which it fits perfectly with modern networks.
However; in general, OSPF is a very large technological and configurational protocol. Meaning that there are books dedicated to
OSPF design, implementation and configuration with 500+ pages but for the CCNA youll just need to know the basics which include
in summary; single and multi-area configuration, link priority, DR/BDR Election, OSPF network types, stub area types, timers, default
route propagation, route summarization and Link State Advertisements (LSA) Types. etc
So with all that being said lets take a dive into the technological pool of OSPF
OSPF is a link state protocol and each router maintains a topology map of their configured area; however routers in Area 0 maintain
the topology for the entire network, in which case backbone routers know of every single link and route. Just because a backbone
router knows about the link does not necessary mean the router will use that link in the routing table. Many factors can take into play
to manipulate the best path such as a distribute list, route maps or policy based routing.
OSPF was designed to support Variable Length Subnet Masking (VLSM) and a hierarchical network model by nature. All traffic
destined between areas, also known as inter-area traffic must traverse area 0 which is called the backbone area. All areas must
have a single interface attaching the area to area 0. Routers that have these connections to Area 0 are called Area Boarder
Router(s) (ABRs). Any routers that connect an area to an external autonomous system are called Autonomous System Boundary

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ospf/[4/12/2015 7:17:21 PM]

Configuring Basic OSPF | Free CCNA Workbook

Router(s), (ASBRs). These routers connect OSPF to an external network such as the internet or a redistributed autonomous system.
OSPF does not use TCP/UDP to encapsulate its traffic but instead encapsulates the traffic into its own protocol; protocol number 89.
OSPF sends multicast traffic packets have a TTL of 1 so they never travel further then 1 hop. OSPF uses the destination addresses
225.0.0.5 for all OSPF routers and 224.0.0.6 for communication between the DR/BDR (Designated Router and Backup Designated
Router).
In OSPF, you can only summarize routes at an ABR/ASBR on the link facing the inbound towards the network.
OSPF uses a centralized management method of distributing route updates on networks. On multi-access networks such as Ethernet
or frame relay point-to-multipoint, a Designated router and potentially backup designated router is elected. The function of the DR is
to distribute updates to the other routers connected on the multi-access network. The Backup Designated Router will take over the
Designated roll if the DR fails. So with that said, If R1 is the DR then R2 could be the BDR and when a link on R3 goes down it
informs R1 which in turn informs all other routers on the multi-access network segment.
The DR/BDR election winner is determined by one of several factors, whichever breaks the tie. OSPF Interface Priority takes
precedence. By default all interfaces send hello packets with an OSPF priority of 1. If an interface has the OSPF interface priority of
0 then that router will never become the DR/BDR for that particular network segment. If all OSPF interface priorities match then the
highest router ID wins. The Router-ID can be statically configured under the OSPF routing process configuration mode or it is
dynamically determined by the highest IP address of a loopback interface. If no loopback interfaces exist on the router then the
highest IP address of an active interface becomes the router-id for OSPF. For example; 192.168.0.1/24 is higher then 10.0.0.1/24
If a router comes online with a higher priority/router-id then that router will not preempt the DR/BDR role but will have to wait until a
role change. DR or BDR failure. The Router Priority ranges between 0-255.
The DRs purpose is to provide a central source for routing updates and to reduce traffic. All routers form a neighbor relationship with
the DR/BDR but not between DROTHERs (Non DR or BDR Routers)
DR/BDR routers are not elected on point-to-point networks as there are only two routers on the link. A DR/BDR is also not elected on
a point-to-multipoint network type due to OSPF treating the network type as a collection of point-to-point interfaces.
Take note of the following OSPF Interface Types;
Non-Broadcast
The Non-Broadcast network type is the default for OSPF enabled frame relay physical interfaces.
Non-Broadcast networks requires the configuration of static neighbors; hellos are sent via unicast.
The Non-Broadcast network type has a 30 second hello and 120 second dead timer.
An OSPF Non-Broadcast network type requires the use of a DR/BDR

Broadcast
The Broadcast network type is the default for an OSPF enabled ethernet interface.
The Broadcast network type requires that a link support Layer 2 Broadcast capabilities.
The Broadcast network type has a 10 second hello and 40 second dead timer.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ospf/[4/12/2015 7:17:21 PM]

Configuring Basic OSPF | Free CCNA Workbook

An OSPF Broadcast network type requires the use of a DR/BDR.

Point-to-Point
A Point-to-Point OSPF network type does not maintain a DR/BDR relationship.
The Point-to-Point network type has a 10 second hello and 40 second dead timer.
Point-to-Point network types are intended to be used between 2 directly connected routers.

Point-to-Multipoint
OSPF treats Point-to-Multipoint networks as a collective of point-to-point links.
Point-to-Multipoint networks do not maintain a DR/BDR relationship.
Point-to-Multipoint networks advertise a hot route for all the frame-relay endpoints.
The Point-to-Multipoint network type has a 30 second hello and 120 second dead timer.

Point-to-Multipoint Non-Broadcast
Same as Point-to-Multipoint but requires static neighbors. Used on Non-broadcast layer 2 topologies.
Gives you the ability to define link cost on a per neighbor basis.

Loopback
The default OSPF network type; only available to loopback interfaces.
Advertises the interface as a host route; changeable by configuring the interface as point-to-point.

For the CCNA exam you are required to know the six Link State Advertisement types listed below;

LSA Number

LSA Name

Description

Type 1

Router LSA

Generated by all routers in an area and list the directly connected networks; this
specific LSA do not transit the ABR/ASBR into other areas.

Type 2

Network LSA

Generated by the DR on a multi-access network such as Ethernet to identify all


routers to that network segment. This LSA type is flooded through out the local
area only. Both Type 1 and Type 2 LSAs advertise Intra-Area routes denoted as
(O) Routes in the routing table.

Type 3

Summary LSA

Generated by the ABR to describe summary routes to neighboring routers outside


of the Area such as an Area 1 ABR summarizing the 10.20.0.0/12 network to
Area 0.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ospf/[4/12/2015 7:17:21 PM]

Configuring Basic OSPF | Free CCNA Workbook

Type 4

Summary LSA

Generated by an ABR to describe route(s) to an ASBR to outside neighboring


routers. For example an ABR telling Area 0 that an ASBR is located inside Area
1. LSAs Type 3 and 4 advertise Inter-Area routes; denoted as (O*IA) routes in
the routing table.

Type 5

External LSA

Generated by an ASBR to describe routes towards an external network such as


redistributed networks. These routes are denoted as (O*E#) Routes in the routing
table.

Type 7

NSSA External LSA

Generated by an ASBR in an Not-So-Stubby-Area which describes a route to an


external network. These LSAs are sent to the ABR which in turn translates these
LSAs to Type 5 to be sent into the Backbone area. These routes are denoted as
(O*N#) Routes in the routing table.

After having an understanding of the LSA types you must memorize the operations of different OSPF Area types as listed below;

Area Type

Description and/or Function

Backbone Area

Permits all LSA types except Type 7. This same rule applies to non-backbone, non stub area
routers.

Stub Area

An area that has a single exit point and blocks type 5 LSA types and receives type 3/4 LSAs
with a default route (0.0.0.0/0)

Not-So-Stubby-Area (NSSA)

This area allows for a stub area to have characteristics of a stub and non stub. External routes
redistributed into the OSPF autonomous system by am NSSA advertising an LSA type 7 which
is translated at the ABR to type 5 and forwarded into the OSPF backbone.

Totally Stubby Area

Permits type 1 and 2 LSAs while blocking types 3*/4/5/7 LSAs. *TSAs receive a single type 3
LSA containing a default route to the ABR.

Totally NSSA

Is an area that permits LSAs 1, 2 and 7 while blocking 3 4 and 5. This stub area receives a
default route from the ABR using a type 3 LSA.

Okay so enough with all the technology stuff, its time to get to the configuration!!!
Just like the previous dynamic routing protocols youll need to enable OSPF by executing the router ospf process-id# command in
global configuration. The process id number is a locally significant process identification number and this does not need to match
neighboring routers.
As previously stated; OSPF was designed to used VLSM so there is no auto-summarization to disable.
To specify which interfaces participate in the OSPF routing process youll use the network ip.ip.ip.ip wc.wc.wc.wc area # in OSPF
router configuration mode where ip is the network ip and wc is the wildcard mask followed by the area in which that network belongs
in. For example; network 10.90.23.1 0.0.0.0 area 23
Keep in mind the default OSPF network type on a frame-relay interface is non-broadcast, in which case static neighbors have to be
defined. For this lab youll need to change this to broadcast using the ip ospf network-type broadcast command the frame relay
interfaces. The ip ospf network-type network-type is issued on a per interface basis.
To view OSPF neighbors use the show ip ospf neighbors command. You can view information relating to interfaces participating in
ospf by using the show ip ospf interface command.
In this lab you will configure the frame-relay interfaces on R1, R2, R4 and R5 to participate in OSPF area 0.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ospf/[4/12/2015 7:17:21 PM]

Configuring Basic OSPF | Free CCNA Workbook

Familiarize yourself with the following new command(s);

Command

Function

router ospf proc-id#

This command is executed in OSPF router configuration mode to specifiy which


networks paticipate in the OSPF routing protocol and in which area they belong to.

network ip.ip.ip.ip wc.wc.wc.wc area #

This command is executed in OSPF router configuration mode to specifiy which


networks paticipate in the OSPF routing protocol and in which area they belong to.

show ip ospf neighbor

This command is executed in privileged mode and displays a list of neighbor


relationships.

clear ip ospf proc-id proc

This command clears the OSPF process completely and rebuilds all neighbor
relationships and re-learns all routes when executed in privileged mode.

show ip ospf database

This command is executed in privileged mode and displays all entries in the routers
OSPF database by LSA type.

ip ospf network network-type

This command is executed in interface configuration mode and displays and


configures the a specific network type on a per-interface basis.

The following logical topology shown below is used in labs found through out Section 9 Configuring OSPF;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ospf/[4/12/2015 7:17:21 PM]

Configuring Basic OSPF | Free CCNA Workbook

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.
Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ospf/[4/12/2015 7:17:21 PM]

Configuring Basic OSPF | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 9-1 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.90.20.1 255.255.255.0
!
interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


ip address 10.90.245.2 255.255.255.248
encapsulation frame-relay
serial restart-delay 0

!##################################################
no frame-relay inverse-arp
!#
Free
CCNA
Lab221
9-1broadcast
R3 Initial Config
frame
map
ip Workbook
10.90.245.1

!##################################################
frame map ip 10.90.245.4 221
!frame map ip 10.90.245.5 221
enable
no shut

configure
terminal
!

!
interface Serial0/2

hostname
R3
### POINT-TO-POINT
LINK TO R3 ###

no
domain-lookup
ipip
address
10.90.23.1 255.255.255.252

!encapsulation ppp

interface
Loopback0
serial restart-delay
0

description
### SIMULATED NETWORK ###
no shut
ip
address 10.90.30.1 255.255.255.0
exit

interface
line con 0Serial0/1

description
logging sync### POINT-TO-POINT LINK TO R2 ###
ip
10.90.23.2 255.255.255.252
no address
exec-timeout

!encapsulation ppp
no shut
end

!##################################################
exit
!#
!

Free CCNA Workbook Lab 9-1 R4 Initial Config

!##################################################
line con 0
!logging sync

enable
no exec-timeout

configure
terminal
!
!
end

hostname R4

no ip domain-lookup
!
interface Loopback0

description ### SIMULATED NETWORK ###


ip address 10.90.40.1 255.255.255.0

interface FastEthernet0/0
description ### REAL NETWORK ###

ip address 10.90.145.1 255.255.255.0


no shut

!##################################################
interface
Serial0/0
!#
Free CCNA###
Workbook
LabFRAME
9-1 R5
Initial
Config###
#
description
PHYSICAL
RELAY
INTERFACE

!##################################################
ip address 10.90.245.4 255.255.255.248
!encapsulation frame-relay
enable
serial restart-delay 0

configure
terminal
no frame-relay
inverse-arp

!frame map ip 10.90.245.1 421 broadcast


hostname
R5ip 10.90.245.2 421
frame map
no
ip domain-lookup
frame
map ip 10.90.245.5 421

!no shut

interface
Loopback0
!

description
### SIMULATED NETWORK ###
interface
Serial0/1

ip address 10.90.50.1
255.255.255.0
description
### POINT-TO-POINT
LINK TO R5 ###

!ip address 10.90.45.1 255.255.255.252


interface
FastEthernet0/0
encapsulation
ppp

description
### REAL NETWORK
###
serial restart-delay
0

ip
10.90.145.2 255.255.255.0
no address
shut

no
shut
exit

!##################################################
interface
line
con 0Serial0/0
!#
Free sync
CCNA###
Workbook
LabFRAME
9-1 SW1
Initial
Config
#
description
PHYSICAL
RELAY
INTERFACE
###
logging

!##################################################
ip
10.90.245.5 255.255.255.248
no address
exec-timeout

!encapsulation frame-relay
enable
serial restart-delay 0
end

configure
terminal
no frame-relay
inverse-arp

!frame map ip 10.90.245.1 521 broadcast


hostname
SW1
frame map
ip 10.90.245.2 521
no
ip domain-lookup
frame
map ip 10.90.245.4 521

!no shut

line con 0
!

logging sync
interface
Serial0/1

no exec-timeout
description
### POINT-TO-POINT LINK TO R4 ###

!ip address 10.90.45.2 255.255.255.252


end
encapsulation ppp

serial restart-delay 0
no shut
exit
!
line con 0

Lab Objectives
logging sync

no exec-timeout

!
end

Configure OSPF Area 0 on R1, R2, R4 and R5s frame-relay hub-and-spoke interfaces.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ospf/[4/12/2015 7:17:21 PM]

Configuring Basic OSPF | Free CCNA Workbook

Configure the OSPF broadcast network type on R1, R2, R4 and R5s frame relay hub and spoke interfaces.
Verify that the spoke routers (R2, R4 and R5) have formed an adjacency with the hub router; R1.

Lab Instruction
Objective 1. Configure OSPF Area 0 on R1, R2, R4 and R5s frame-relay hub-and-spoke interfaces.
R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router ospf 1
R1(config-router)#network 10.90.245.1 0.0.0.0 area 0
R1(config-router)#end
R1#

R2>enable
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#router ospf 1
R2(config-router)#network 10.90.245.2 0.0.0.0 area 0
R2(config-router)#end
R2#

R4>enable
R4#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#router ospf 1
R4(config-router)#network 10.90.245.4 0.0.0.0 area 0
R4(config-router)#end
R4#

R5>enable
R5#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R5(config)#router ospf 1
R5(config-router)#network 10.90.245.5 0.0.0.0 area 0
R5(config-router)#end
R5#
Objective 2. Configure the OSPF broadcast network type on R1, R2, R4 and R5s frame relay hub and spoke interfaces.
Due to the nature of OSPF, the default interface type for a frame relay interface is non-broadcast, in which case static neighbors must
de defined. However configuring static neighbors will be discussed in the next lab. To fix this problem change the network type of the
frame-relay interfaces to broadcast to allow for dynamic neighbor discovery as shown below;
R1>enable
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#interface Serial0/0
R1(config-if)#ip ospf network broadcast
R1(config-if)#end
R1#

R2>enable
R2#configure terminal
Enter configuration commands, one per line.

End with CNTL/Z.

End with CNTL/Z.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ospf/[4/12/2015 7:17:21 PM]

Configuring Basic OSPF | Free CCNA Workbook

R2(config)#interface Serial0/0
R2(config-if)#ip ospf network broadcast
R2(config-if)#end
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.10.1 on Serial0/0 from LOADING to FULL, Loading Done
R2#

R4>enable
R4#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#interface Serial0/0
R4(config-if)#ip ospf network broadcast
R4(config-if)#end
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.10.1 on Serial0/0 from LOADING to FULL, Loading Done
R4#

R5>enable
R5#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R5(config)#interface Serial0/0
R5(config-if)#ip ospf network broadcast
R5(config-if)#end
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.10.1 on Serial0/0 from LOADING to FULL, Loading Done
R5#
Objective 3. Verify that the spoke routers (R2, R4 and R5) have formed an adjacency with the hub router; R1.
R1#show ip ospf neighbor
Neighbor ID
10.90.20.1
10.90.40.1
10.90.50.1
R1#

Pri
1
1
1

State
FULL/DROTHER
FULL/DROTHER
FULL/BDR

Dead Time
00:00:33
00:00:31
00:00:35

Address
10.90.245.2
10.90.245.4
10.90.245.5

Interface
Serial0/0
Serial0/0
Serial0/0

As you can see from the neighbor table, R2 and R4 have become DROTHERS (non DR/BDR routers) and R5 has become the
Backup Designated Router (BDR). As discussed in the core knowledge section the Neighbor ID (Router-ID) is derived from the
statically configured ospf router-id or the highest ip address of a loopback interface or the highest ip address of a directly connected
interface. Whichever comes first.
In a frame relay hub and spoke environment you ALWAYS need to have the hub router become the Designated Router (DR) due to
the way OSPF operates. Think back to the core knowledge where you read that OSPF sends hellos and updates using multicast
with a TTL of only 1. This means that the traffic will not go further then one hop. So with this in mind lets say R2 became the DR and
R5 wanted to send an update, it would have to send it to R5 but to get to R5 it would traverse R1 in which case the TTL would
decrement to 0 and the packet would be dropped.
In the next lab youll learn how to configure the OSPF interface priority to ensure that R1 always becomes the DR and R2, R4 and R5
do not become the DR or BDR.

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ospf/[4/12/2015 7:17:21 PM]

Next Lab

Configuring Basic OSPF | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ospf/[4/12/2015 7:17:21 PM]

Configuring OSPF Priority | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring OSPF Priority

When architecting a correct OSPF network, you may need to have specific routers or layer 3 switches be the DR
and/or BDR. The OSPF election process is influenced by the OSPF Priority. This lab will discuss and demonstrate the
configuration and verification of OSPF Priority.

Real World Application & Core Knowledge


If you completed the previous lab then theirs a high possibility that R1 may not be the designated router and this will most definitely
cause a routing update problem.
First off when you configured OSPF on R1 first, it extrapolated the loopback interface IP address as its router-id, which in this case
would be 10.90.10.1. When enabling OSPF on R2, it would have got the RID of 10.90.20.1. By default both routers interface priority
would have been 1 so the DR/BDR election process tie breaker would have been the router ID, and in this case R2 would have
became the Designated Router as it has a higher router ID number and R1 would have became the DBR.
Take a step back and look at the big picture for a minute and lets say R5 needs to send an Update to the DR, in which case it will
look up the frame relay map and send the multicast update to 224.0.0.5 out dlci 521. In order to get to the DR (R2) the packet must
traverse R1. Now if you think back and remember in Lab 9-1, you should recall that OSPF sends multicast traffic using a TTL of 1, so
with this in mind soon as the packet reaches R1, it would not be forwarded to the DR because its TTL would be decremented to 0
and dropped. With this being a problem, routers on the hub and spoke network would not function properly as updates would not
properly reach the DR.
To fix this problem you need to configure the spoke routers to NEVER become the DR/BDR. This is done by setting the interface
priority to 0. The interface priority is an integer between 0-255 and is configured using the ip ospf priority # command in interface
configuration mode.
You could also fix this problem by raising R1s frame-relay hub and spoke interface priority to 10 for example but this would not

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-priority/[4/12/2015 7:17:46 PM]

Configuring OSPF Priority | Free CCNA Workbook

prevent R2, R4 and R5 from becoming a BDR, in which case would become the DR in the event of a DR failure thus putting you
back at square one.
You can verify which neighbors are the DR/BDR/DROTHER by using the show ip ospf neighbor command in privileged mode.
Familiarize yourself with the following new command(s);

Command

Description

ip ospf priority #

Configures an OSPF priority on a per interface basis used to manipulate the DR/BDR election
process.

The following logical topology shown below is used in labs found through out Section 9 Configuring OSPF;

Lab Prerequisites

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-priority/[4/12/2015 7:17:46 PM]

Configuring OSPF Priority | Free CCNA Workbook

If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.
Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

!##################################################
!#

Free CCNA Workbook Lab 9-2 R2 Initial Config

!##################################################
!

enable
configure terminal
!

hostname R2

no ip domain-lookup
!
interface Loopback0

description ### SIMULATED NETWORK ###


ip address 10.90.20.1 255.255.255.0

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
ip address 10.90.2452 255.255.255.248

encapsulation frame-relay

ip ospf network broadcast

!##################################################
serial restart-delay 0
!#
CCNA Workbook
Lab 9-2 R3 Initial Config
no Free
frame-relay
inverse-arp

!##################################################
frame map ip 10.90.2451 221 broadcast
!frame map ip 10.90.2454 221
enable
frame map ip 10.90.2455 221
configure
no shut terminal
!

hostname
interfaceR3
Serial0/2

no
ipPOINT-TO-POINT
domain-lookup LINK TO R3 ###
###

!ip address 10.90.23.1 255.255.255.252


interface
Loopback0
encapsulation
ppp

description
### SIMULATED
NETWORK ###
serial restart-delay
0
ip
10.90.30.1 255.255.255.0
no address
shut

!exit

interface
Serial0/1
!

description
router
ospf 1### POINT-TO-POINT LINK TO R2 ###
ip address 10.90.23.2 255.255.255.252
log-adjacency-changes

encapsulation
ppp 0.0.0.0 area 0
network 10.90.2452

!no shut

!##################################################
exitcon 0
line
!#
Free CCNA
!logging
sync Workbook Lab 9-2 R4 Initial Config

!##################################################
line
con 0
no exec-timeout
!logging sync

enable
no exec-timeout
end

configure
terminal
!
!
end

hostname R4
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.90.40.1 255.255.255.0
!
interface FastEthernet0/0
description ### REAL NETWORK ###
ip address 10.90.145.1 255.255.255.0
no shut
!

!##################################################
interface
Serial0/0
!#
Free CCNA###
Workbook
LabFRAME
9-2 R5
Initial
Config###
#
description
PHYSICAL
RELAY
INTERFACE

!##################################################
ip address 10.90.2454 255.255.255.248
!encapsulation frame-relay
enable
ip ospf network broadcast
configure
terminal
serial restart-delay
0

!no frame-relay inverse-arp

hostname
R5ip 10.90.2451 421 broadcast
frame map
no
ip domain-lookup
frame
map ip 10.90.2452 421

!frame map ip 10.90.2455 421


interface
no shut Loopback0

!description ### SIMULATED NETWORK ###


ip address
10.90.50.1 255.255.255.0
interface
Serial0/1

!description ### POINT-TO-POINT LINK TO R5 ###


interface
FastEthernet0/0
ip address
10.90.451 255.255.255.252
description
###
REAL NETWORK ###
encapsulation
ppp

ip
address
10.90.145.2
serial
restart-delay
0 255.255.255.0

no shut

!exit

interface
Serial0/0
!

description
router
ospf 1### PHYSICAL FRAME RELAY INTERFACE ###
ip
address 10.90.2455 255.255.255.248
log-adjacency-changes

encapsulation
frame-relay
network 10.90.2454
0.0.0.0 area 0
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-priority/[4/12/2015
7:17:46 PM]

Configuring OSPF Priority | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 9-1 SW1 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname SW1
no ip domain-lookup
!
line con 0
logging sync
no exec-timeout

end

Lab Objectives
Configure the Serial interfaces on the Frame relay spoke routers with an OSPF priority to ensure they NEVER become the
DR/BDR.
Clear the OSPF routing process on R1 so that all neighbor relationships are rebuilt then using R2, verify that R1 has became
the DR.

Lab Instruction
Objective 1. Configure the Serial interfaces on the Frame relay spoke routers with an OSPF priority to ensure they NEVER become
the DR/BDR.
R2>enable
R2#configure terminal
Enter configuration commands, one per line.
R2(config)#interface Serial0/0
R2(config-if)#ip ospf priority 0
R2(config-if)#end
R2#

R4>enable
R4#configure terminal
Enter configuration commands, one per line.
R4(config)#interface Serial0/0
R4(config-if)#ip ospf priority 0
R4(config-if)#end
R4#

R5>enable
R5#configure terminal
Enter configuration commands, one per line.
R5(config)#interface Serial0/0
R5(config-if)#ip ospf priority 0
R5(config-if)#end
R5#

End with CNTL/Z.

End with CNTL/Z.

End with CNTL/Z.

Objective 2. Clear the OSPF routing process on R1 so that all neighbor relationships are rebuilt then using R2, verify that R1 has
became the DR.
R1#clear ip ospf 1 proc
Reset OSPF process? [no]: y

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-priority/[4/12/2015 7:17:46 PM]

Configuring OSPF Priority | Free CCNA Workbook

R1#
%OSPF-5-ADJCHG: Process
ace down or detached
%OSPF-5-ADJCHG: Process
ace down or detached
%OSPF-5-ADJCHG: Process
ace down or detached
R1#
%OSPF-5-ADJCHG: Process
%OSPF-5-ADJCHG: Process
%OSPF-5-ADJCHG: Process
R1#

1, Nbr 10.90.20.1 on Serial0/0 from FULL to DOWN, Neighbor Down: Interf


1, Nbr 10.90.40.1 on Serial0/0 from FULL to DOWN, Neighbor Down: Interf
1, Nbr 10.90.50.1 on Serial0/0 from FULL to DOWN, Neighbor Down: Interf
1, Nbr 10.90.20.1 on Serial0/0 from LOADING to FULL, Loading Done
1, Nbr 10.90.50.1 on Serial0/0 from LOADING to FULL, Loading Done
1, Nbr 10.90.40.1 on Serial0/0 from LOADING to FULL, Loading Done

R2#show ip ospf neighbor


Neighbor ID
10.90.10.1
R2#

Pri
1

State
FULL/DR

Dead Time
00:00:31

Address
10.90.2451

Interface
Serial0/0

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-priority/[4/12/2015 7:17:46 PM]

Configuring OSPF Priority | Free CCNA Workbook

Quiz Me! - CCNA R&S Practice


Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-priority/[4/12/2015 7:17:46 PM]

Configuring OSPF Network Types | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring OSPF Network Types

There are multiple OSPF Network Types that can be configured to directly affect the operation of OSPF on a specific
interface. This lab will discuss and demonstrate the configuration and verification of the different OSPF Network
Types.

Real World Application & Core Knowledge


When building out an OSPF network you must take into consideration of the internet network types. This is dependent on the layer 2
technology used such as Ethernet, point-to-point T1 circuit, frame relay and even frame relay with no broadcast.
There are five different configurable OSPF network types on a Cisco router, broadcast, non-broadcast, point-to-point, point-tomultipoint and point-to-multipoint non-broadcast.
As a network engineer in the field working with OSPF you must know the differences in the OSPF network types and which types are
compatible with one another. Some types will work with each other but you have to adjust the hello/dead timers. With this being said
the following list below shows which OSPF network types can inter-operate with each other;
Broadcast to Broadcast
Non-broadcast to Non-broadcast
Point-to-Point to Point-to-Point
Broadcast to Non-broadcast (adjust hello/dead timers)
Point-to-Point to Point-to-Multipoint (adjust hello/head timers)

If youve read through Lab 9-1 youll see a nice little bullet list of the different types of OSPF network types and their features, Ive

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-network-types/[4/12/2015 7:18:05 PM]

Configuring OSPF Network Types | Free CCNA Workbook

added that list to this lab to refresh your memory. As a CCNA you must know these network types inside and out;
Non-Broadcast
The Non-Broadcast network type is the default for OSPF enabled frame relay physical interfaces.
Non-Broadcast networks requires the configuration of static neighbors; hellos are sent via unicast.
The Non-Broadcast network type has a 30 second hello and 120 second dead timer.
An OSPF Non-Broadcast network type requires the use of a DR/BDR

Broadcast
The Broadcast network type is the default for an OSPF enabled ethernet interface.
The Broadcast network type requires that a link support Layer 2 Broadcast capabilities.
The Broadcast network type has a 10 second hello and 40 second dead timer.
An OSPF Broadcast network type requires the use of a DR/BDR.

Point-to-Point
A Point-to-Point OSPF network type does not maintain a DR/BDR relationship.
The Point-to-Point network type has a 10 second hello and 40 second dead timer.
Point-to-Point network types are intended to be used between 2 directly connected routers.

Point-to-Multipoint
OSPF treats Point-to-Multipoint networks as a collective of point-to-point links.
Point-to-Multipoint networks do not maintain a DR/BDR relationship.
Point-to-Multipoint networks advertise a hot route for all the frame-relay endpoints.
The Point-to-Multipoint network type has a 30 second hello and 120 second dead timer.

Point-to-Multipoint Non-Broadcast
Same as Point-to-Multipoint but requires static neighbors. Used on Non-broadcast layer 2 topologies.
Gives you the ability to define link cost on a per neighbor basis.

Loopback
The default OSPF network type; only available to loopback interfaces.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-network-types/[4/12/2015 7:18:05 PM]

Configuring OSPF Network Types | Free CCNA Workbook

Advertises the interface as a host route; changeable by configuring the interface as point-to-point.

While mixing and matching the different OSPF network types may be required some some scenarios; it is however outside of the
scope of the CCNA objectives. This lab is just to demonstrate how to configure the different OSPF network types.
In this lab you will configure the interfaces of R1, R2, R4 and R5 as an OSPF point-to-multipoint network type and verify the
configuration.
Familiarize yourself with the following new command(s);

Command

Description

ip ospf network networktype

This command is executed in interface configuration mode and configures the OSPF network
type on a per interface basis.

show ip ospf interface


interface#/#

This command is executed in privileged mode and displays interface parameters relating to
OSPF configuration such as network type and hello/dead timers.

The following logical topology shown below is used in labs found through out Section 9 Configuring OSPF;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-network-types/[4/12/2015 7:18:05 PM]

Configuring OSPF Network Types | Free CCNA Workbook

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.
Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-network-types/[4/12/2015 7:18:05 PM]

Configuring OSPF Network Types | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 9-3 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.90.20.1 255.255.255.0
!
interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


ip address 10.90.245.2 255.255.255.248
encapsulation frame-relay
ip ospf network broadcast

!##################################################
ip ospf priority 0
!#
Freerestart-delay
CCNA Workbook0Lab 9-3 R3 Initial Config
serial

!##################################################
no frame-relay inverse-arp
!frame map ip 10.90.245.1 221 broadcast
enable
frame map ip 10.90.245.4 221
configure
frame mapterminal
ip 10.90.245.5 221
!no shut

hostname
R3
!

no
ip domain-lookup
interface
Serial0/2

!### POINT-TO-POINT LINK TO R3 ###

interface
Loopback0
ip address
10.90.23.1 255.255.255.252
description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip
address
10.90.30.10255.255.255.0
serial
restart-delay

!no shut

interface
Serial0/1
exit

!description ### POINT-TO-POINT LINK TO R2 ###


ip address
255.255.255.252
router
ospf 10.90.23.2
1
encapsulation
ppp
log-adjacency-changes

no
shut 10.90.245.2 0.0.0.0 area 0
network

!##################################################
!exit
!#
Workbook Lab 9-3 R4 Initial Config
!
lineFree
con CCNA
0

!##################################################
line
con 0
logging
sync
!logging
sync
no exec-timeout
enable
!no exec-timeout

configure
terminal
!
end
!
end

hostname R4

no ip domain-lookup
!
interface Loopback0

description ### SIMULATED NETWORK ###


ip address 10.90.40.1 255.255.255.0

interface FastEthernet0/0
description ### REAL NETWORK ###

ip address 10.90.145.1 255.255.255.0


no shut

!##################################################
interface
Serial0/0
!#
Free CCNA###
Workbook
LabFRAME
9-3 R5
Initial
Config###
#
description
PHYSICAL
RELAY
INTERFACE

!##################################################
ip address 10.90.245.4 255.255.255.248
!encapsulation frame-relay
enable
ip ospf network broadcast
configure
terminal0
ip ospf priority

!serial restart-delay 0

hostname
R5
no frame-relay
inverse-arp

no
ip domain-lookup
frame
map ip 10.90.245.1 421 broadcast

!frame map ip 10.90.245.2 421


interface
frame mapLoopback0
ip 10.90.245.5 421

description
### SIMULATED NETWORK ###
no shut

!ip address 10.90.50.1 255.255.255.0


!
interface Serial0/1

interface
FastEthernet0/0
description
### POINT-TO-POINT LINK TO R5 ###
description
### REAL NETWORK
###
ip address 10.90.45.1
255.255.255.252

ip
address 10.90.145.2
255.255.255.0
encapsulation
ppp

no
shutrestart-delay 0
serial

!no shut

!##################################################
interface
Serial0/0
exit
!#
Free CCNA###
Workbook
LabFRAME
9-3 SW1
Initial
Config
#
description
PHYSICAL
RELAY
INTERFACE
###
!

!##################################################
ip address
255.255.255.248
router
ospf 10.90.245.5
1
!encapsulation
frame-relay
log-adjacency-changes

enable
ip
ospf network
broadcast
network
10.90.245.4
0.0.0.0 area 0

configure
terminal0
ip ospf priority
!

!serial
0
line
conrestart-delay
0

hostname
SW1
no
frame-relay
inverse-arp
logging
sync

no
domain-lookup
frame
map ip 10.90.245.1 521 broadcast
noip
exec-timeout

!frame map ip 10.90.245.2 521


line
con
0 ip 10.90.245.4 521
frame
map
end
logging
no
shut sync

!no exec-timeout

!
interface
Serial0/1

end
description ### POINT-TO-POINT LINK TO R4 ###
ip address 10.90.45.2 255.255.255.252
encapsulation ppp
serial restart-delay 0
no shut
exit

Lab Objectives
!

router ospf 1

log-adjacency-changes
network 10.90.245.5 0.0.0.0 area 0
!
line con 0
logging sync

Configure the Serial interfaces connecting R1, R2, R4 and R5 to the hub-and-spoke frame relay topology as an OSPF point-

no exec-timeout
!
end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-network-types/[4/12/2015 7:18:05 PM]

Configuring OSPF Network Types | Free CCNA Workbook

to-multipoint network type.


Verify the network type configuration change by viewing the OSPF parameters of the serial interface.
Verify the neighbor relationships on R1 by viewing the neighbor table.

Lab Instruction
Objective 1. Configure the Serial interfaces connecting R1, R2, R4 and R5 to the hub-and-spoke frame relay topology as an OSPF
point-to-multipoint network type.
R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface Serial0/0
R1(config-if)#ip ospf network point-to-multipoint
R1(config-if)#end
R1#
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.20.1 on Serial0/0 from FULL to DOWN, Neighbor Down: Interf
ace down or detached
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.40.1 on Serial0/0 from FULL to DOWN, Neighbor Down: Interf
ace down or detached
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.50.1 on Serial0/0 from FULL to DOWN, Neighbor Down: Interf
ace down or detached
%SYS-5-CONFIG_I: Configured from console by console
R1#

%OSPF-5-ADJCHG: Process 1, Nbr 10.90.10.1 on Serial0/0 from FULL to DOWN, Neighbor Down: Dead t
imer expired
R2>enable
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface Serial0/0
R2(config-if)#ip ospf network point-to-multipoint
R2(config-if)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.10.1 on Serial0/0 from LOADING to FULL, Loading Done
R2#

%OSPF-5-ADJCHG: Process 1, Nbr 10.90.10.1 on Serial0/0 from FULL to DOWN, Neighbor Down: Dead t
imer expired
R4>enable
R4#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#interface Serial0/0
R4(config-if)#ip ospf network point-to-multipoint
R4(config-if)#end
R4#
%SYS-5-CONFIG_I: Configured from console by console
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.10.1 on Serial0/0 from LOADING to FULL, Loading Done
R4#

%OSPF-5-ADJCHG: Process 1, Nbr 10.90.10.1 on Serial0/0 from FULL to DOWN, Neighbor Down: Dead t
imer expired
R5>enable
R5#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R5(config)#interface Serial0/0
R5(config-if)#ip ospf network point-to-multipoint
R5(config-if)#end
R5#
%SYS-5-CONFIG_I: Configured from console by console
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.10.1 on Serial0/0 from LOADING to FULL, Loading Done

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-network-types/[4/12/2015 7:18:05 PM]

Configuring OSPF Network Types | Free CCNA Workbook

R5#
Objective 2. Verify the network type configuration change by viewing the OSPF parameters of the serial interface.
R1#show ip ospf interface Serial0/0
Serial0/0 is up, line protocol is up
Internet Address 10.90.245.1/29, Area 0
Process ID 1, Router ID 10.90.10.1, Network Type POINT_TO_MULTIPOINT,
Cost: 64
Transmit Delay is 1 sec, State POINT_TO_MULTIPOINT
Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
oob-resync timeout 120
Hello due in 00:00:02
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 3
Last flood scan time is 4 msec, maximum is 4 msec
Neighbor Count is 3, Adjacent neighbor count is 3
Adjacent with neighbor 10.90.50.1
Adjacent with neighbor 10.90.40.1
Adjacent with neighbor 10.90.20.1
Suppress hello for 0 neighbor(s)
R1#

R2#show ip ospf interface Serial0/0


Serial0/0 is up, line protocol is up
Internet Address 10.90.245.2/29, Area 0
Process ID 1, Router ID 10.90.20.1, Network Type POINT_TO_MULTIPOINT,
Cost: 64
Transmit Delay is 1 sec, State POINT_TO_MULTIPOINT
Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
oob-resync timeout 120
Hello due in 00:00:05
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 4 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.90.10.1
Suppress hello for 0 neighbor(s)
R2#

R4#show ip ospf interface Serial0/0


Serial0/0 is up, line protocol is up
Internet Address 10.90.245.4/29, Area 0
Process ID 1, Router ID 10.90.40.1, Network Type POINT_TO_MULTIPOINT,
Cost: 64
Transmit Delay is 1 sec, State POINT_TO_MULTIPOINT
Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
oob-resync timeout 120
Hello due in 00:00:08
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 4 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.90.10.1
Suppress hello for 0 neighbor(s)
R4#

R5#show ip ospf interface Serial0/0


Serial0/0 is up, line protocol is up
Internet Address 10.90.245.5/29, Area 0

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-network-types/[4/12/2015 7:18:05 PM]

Configuring OSPF Network Types | Free CCNA Workbook

Process ID 1, Router ID 10.90.50.1, Network Type POINT_TO_MULTIPOINT,


Cost: 64
Transmit Delay is 1 sec, State POINT_TO_MULTIPOINT
Timer intervals configured, Hello 30, Dead 120, Wait 120, Retransmit 5
oob-resync timeout 120
Hello due in 00:00:01
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/1, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 4 msec, maximum is 4 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 10.90.10.1
Suppress hello for 0 neighbor(s)
R5#
Objective 3. Verify the neighbor relationships on R1 by viewing the neighbor table.
R1#show ip ospf neighbor
Neighbor ID
10.90.50.1
10.90.40.1
10.90.20.1
R1#

Pri
0
0
0

State
FULL/
FULL/
FULL/

Dead Time
00:01:53
00:01:58
00:01:50

Address
10.90.245.5
10.90.245.4
10.90.245.2

Interface
Serial0/0
Serial0/0
Serial0/0

As you can see from the neighbor table on R1 that no DR/BDR is elected when using the OSPF point-to-multipoint network type
because each neighbor relationship is treated as a point-to-point link.

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

Security Workbook has been

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-network-types/[4/12/2015 7:18:05 PM]

Configuring OSPF Network Types | Free CCNA Workbook

evolved into the largest CCNA training


lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-network-types/[4/12/2015 7:18:05 PM]

Configuring OSPF Static Neighbors | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring OSPF Static Neighbors

There will be some scenarios where you will need to build static OSPF Neighbors such as for NBMA relationships or
for network security hardening. This lab will discuss and demonstrate the configuration and verification o.

Real World Application & Core Knowledge


In lab 9-1 when you configured OSPF initially you had to change the frame relay hub and spoke network type to broadcast to ensure
the neighbor relationships formed. However the default network type for OSPF on a serial interface with frame relay encapsulation is
non-broadcast. With this in mind you must configure static neighbors to ensure OSPF can form a neighbor relationship, this is due to
frame relay trading multicast as pseudo-broadcast and if a frame relay PVC (Permanent Virtual Circuit) is not broadcast capable then
multicast would not traverse the PVC.
In this lab you will revert the routers serial interfaces in the hub-and-spoke topology back to its default, non-broadcast and configure a
static neighbor statement on R1. The static neighbor statement only needs to be configured on the hub however its best to configure
it on both hub and spokes to ensure initialization of neighbor negotiation.
You can manually specify the network type as non-broadcast on the interface of you can negate the current OSPF network type on
the interfaces thus reverting it back to its default; either way will suffice for this lab.
Familiarize yourself with the following new command(s);

Command

Description

no ip ospf network

Executed in interface configuration mode to revert the OSPF network type back to its default for
that specified interface.

ip ospf network nonbroadcast

Executed in interface configuration mode to configure the specified interface OSPF network
type to non-broadcast; this mode requires static neighbor statements and will form a DR/BDR

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-static-neighbors/[4/12/2015 7:18:29 PM]

Configuring OSPF Static Neighbors | Free CCNA Workbook

relationship.
The following logical topology shown below is used in labs found through out Section 9 Configuring OSPF;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.
Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-static-neighbors/[4/12/2015 7:18:29 PM]

Configuring OSPF Static Neighbors | Free CCNA Workbook

!##################################################
!#

Free CCNA Workbook Lab 9-4 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.90.20.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
ip address 10.90.245.2 255.255.255.248

encapsulation frame-relay

ip ospf network point-to-multipoint

!##################################################
ip ospf priority 0
!#
Freerestart-delay
CCNA Workbook0Lab 9-3 R3 Initial Config
serial

!##################################################
no frame-relay inverse-arp
!frame map ip 10.90.245.1 221 broadcast
enable
frame map ip 10.90.245.4 221
configure
frame mapterminal
ip 10.90.245.5 221
!no shut

hostname
R3
!

no
ip domain-lookup
interface
Serial0/2

!### POINT-TO-POINT LINK TO R3 ###

interface
Loopback0
ip address
10.90.23.1 255.255.255.252
description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip
address
10.90.30.10255.255.255.0
serial
restart-delay

!no shut

interface
Serial0/1
exit

!description ### POINT-TO-POINT LINK TO R2 ###


ip address
255.255.255.252
router
ospf 10.90.23.2
1
encapsulation
ppp
log-adjacency-changes

no
shut 10.90.245.2 0.0.0.0 area 0
network

!##################################################
!exit
!#
Workbook Lab 9-4 R4 Initial Config
!
lineFree
con CCNA
0

!##################################################
line
con 0
logging
sync
!logging
sync
no exec-timeout
enable
!no exec-timeout

configure
terminal
!
end
!
end

hostname R4

no ip domain-lookup
!
interface Loopback0

description ### SIMULATED NETWORK ###


ip address 10.90.40.1 255.255.255.0

interface FastEthernet0/0
description ### REAL NETWORK ###
ip address 10.90.145.1 255.255.255.0
no shut
!

!##################################################
interface
Serial0/0
!#
Free CCNA###
Workbook
LabFRAME
9-4 R5
Initial
Config###
#
description
PHYSICAL
RELAY
INTERFACE

!##################################################
ip address 10.90.245.4 255.255.255.248
!encapsulation frame-relay

enable
ip ospf network point-to-multipoint
configure
terminal0
ip ospf priority

!serial restart-delay 0

hostname
R5
no frame-relay
inverse-arp

no
ip domain-lookup
frame
map ip 10.90.245.1 421 broadcast

!frame map ip 10.90.245.2 421


interface
frame mapLoopback0
ip 10.90.245.5 421

description
### SIMULATED NETWORK ###
no shut

!ip address 10.90.50.1 255.255.255.0


!
interface Serial0/1

interface
FastEthernet0/0
description
### POINT-TO-POINT LINK TO R5 ###
description
### REAL NETWORK
###
ip address 10.90.45.1
255.255.255.252

ip
address 10.90.145.2
255.255.255.0
encapsulation
ppp

no
shutrestart-delay 0
serial

!no shut

interface
Serial0/0
exit

!description ### PHYSICAL FRAME RELAY INTERFACE ###


ip address
255.255.255.248
router
ospf 10.90.245.5
1
encapsulation
frame-relay
log-adjacency-changes

ip
ospf network
point-to-multipoint
network
10.90.245.4
0.0.0.0 area 0

!ip ospf priority 0

serial
0
line
conrestart-delay
0

no
frame-relay
inverse-arp
logging
sync

frame
map ip 10.90.245.1 521 broadcast
no exec-timeout

!frame map ip 10.90.245.2 521


frame map ip 10.90.245.4 521
end
no shut

!
interface Serial0/1
description ### POINT-TO-POINT LINK TO R4 ###

ip address 10.90.45.2 255.255.255.252


http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-static-neighbors/[4/12/2015
7:18:29 PM]

Configuring OSPF Static Neighbors | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 9-4 SW1 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname SW1
no ip domain-lookup
!
line con 0
logging sync
no exec-timeout

end

Lab Objectives
Revert the OSPF interface type back its default on R1, R2, R4 and R5s frame relay hub and spoke interfaces.
Configure static neighbor statements on R1 pointing to R2, R4 and R5.
Verify that the neighbor relationships form using the show ip ospf neighbor command.

Lab Instruction
Objective 1. Revert the OSPF interface type back its default on R1, R2, R4 and R5s frame relay hub and spoke interfaces.
R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface Serial0/0
R1(config-if)#no ip ospf network
R1(config-if)#end
R1#
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.20.1 on Serial0/0 from FULL to DOWN, Neighbor Down: Interf
ace down or detached
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.40.1 on Serial0/0 from FULL to DOWN, Neighbor Down: Interf
ace down or detached
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.50.1 on Serial0/0 from FULL to DOWN, Neighbor Down: Interf
ace down or detached
R1#
*Jul 8 20:19:16.767: %SYS-5-CONFIG_I: Configured from console by console
R1#

R2>enable
R2#configure terminal
Enter configuration commands, one per line.
R2(config)#interface Serial0/0
R2(config-if)#no ip ospf network
R2(config-if)#end
R2#

R4>enable
R4#configure terminal
Enter configuration commands, one per line.
R4(config)#interface Serial0/0
R4(config-if)#no ip ospf network
R4(config-if)#end
R4#

End with CNTL/Z.

End with CNTL/Z.

R5>enable

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-static-neighbors/[4/12/2015 7:18:29 PM]

Configuring OSPF Static Neighbors | Free CCNA Workbook

R5#configure terminal
Enter configuration commands, one per line.
R5(config)#interface Serial0/0
R5(config-if)#no ip ospf network
R5(config-if)#end
R5#

End with CNTL/Z.

Objective 2. Configure static neighbor statements on R1 pointing to R2, R4 and R5.


R1#configure terminal
Enter configuration commands, one per line.
R1(config)#router ospf 1
R1(config-router)#neighbor 10.90.245.2
R1(config-router)#neighbor 10.90.245.4
R1(config-router)#neighbor 10.90.245.5
R1(config-router)#end
R1#
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.20.1 on
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.40.1 on
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.50.1 on
R1#

End with CNTL/Z.

Serial0/0 from LOADING to FULL, Loading Done


Serial0/0 from LOADING to FULL, Loading Done
Serial0/0 from LOADING to FULL, Loading Done

Objective 3. Verify that the neighbor relationships form using the show ip ospf neighbor command.
R1#show ip ospf neighbor
Neighbor ID
10.90.20.1
10.90.40.1
10.90.50.1
R1#

Pri
0
0
0

State
FULL/DROTHER
FULL/DROTHER
FULL/DROTHER

Dead Time
00:01:51
00:01:35
00:01:45

Address
10.90.245.2
10.90.245.4
10.90.245.5

Interface
Serial0/0
Serial0/0
Serial0/0

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook


In 2008 Free CCNA Workbook originally

Latest Tweets
1 month ago
The Core Knowledge

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-static-neighbors/[4/12/2015 7:18:29 PM]

Useful Links

Stub Lab GNS3 Topology File

Configuring OSPF Static Neighbors | Free CCNA Workbook

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

GNS3 - Cisco Device Emulator


Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

Download

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-static-neighbors/[4/12/2015 7:18:29 PM]

Configuring Multiple OSPF Areas | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Multiple OSPF Areas

When it comes to building scalable OSPF networks, you will commonly use multiple OSPF Areas. This lab will discuss
and demonstrate the configuration and verification of multi-area OSPF.

Real World Application & Core Knowledge


After completing the first 4 Labs found in the OSPF section you should have a good foundation of configuring OSPF. Now its time to
build onto that foundation by learning how to configure multiple areas in OSPF to segregate the routed network for management and
resource conservation benefits. Take a step back and look at it this way, designing a network using multiple areas gives you an easy
network to troubleshoot when something blows up. For example facility one is OSPF area 1, facility 2 is OSPF area two, this gives
you the ability to isolate network problems to a site/facility level.
You can conserve router resources as a specific router in a given area only has to maintain the database for that configured area.
However Area Boarder Routers maintain a copy of the entire OSPF topology thus these routers need to be able to handle such
performance requirements such as a Catalyst 6500 layer 3 switch, 7600 Series routers, 7200 series routers, or even 3800/3900
Series Integrated Services Routers.
An online poll done by a highly respectable network media website showed that the average OSPF network contains 50-75 areas.
Keep in mind that not every single building has to be its own OSPF area, a general rule of thumb when designing OSPF areas is
that a single area could contain up to 250 routers and a few hundred intra-area routes.
To configure a new area the command is identical to configuring the backbone area but instead of specifying area 0 after the network
statement you specify the new area number. Remember Area 0 is the backbone area and all traffic traversing the network from one
area to another area MUST!!! traverse the backbone area.
In this lab you will configure six new areas; one for each router that contains the routers loopback interface. For example; R1s
Loopback0 interface will be in Area 1, R2s Loopback0 interface will belong in Area 2, etc On R5 and R6 you will configure area 45

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-multi-area-ospf/[4/12/2015 7:18:50 PM]

Configuring Multiple OSPF Areas | Free CCNA Workbook

for the FastEthernet network connected to SW1. This configuration will be used for a later lab in the OSPF section.
Review the following command(s);

Command

Description

network ip.ip.ip.ip
wc.wc.wc.wc area #

This command is executed in OSPF router configuration mode to specify which interfaces
participate in the OSPF process and which OSPF area they belong to.

show ip ospf interface

This command is executed in privileged mode to display interface parameters including which
Area particular interfaces belong to.

The following logical topology shown below is used in labs found through out Section 9 Configuring OSPF;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-multi-area-ospf/[4/12/2015 7:18:50 PM]

Configuring Multiple OSPF Areas | Free CCNA Workbook

Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

!##################################################
!#

Free CCNA Workbook Lab 9-5 R2 Initial Config

!##################################################
!

enable
configure terminal
!

hostname R2

no ip domain-lookup
!
interface Loopback0

description ### SIMULATED NETWORK ###


ip address 10.90.20.1 255.255.255.0

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
ip address 10.90.245.2 255.255.255.248

encapsulation frame-relay
ip ospf priority 0

!##################################################
serial restart-delay 0
!#
CCNA Workbook
Lab 9-5 R3 Initial Config
no Free
frame-relay
inverse-arp

!##################################################
frame map ip 10.90.245.1 221 broadcast
!frame map ip 10.90.245.4 221
enable
frame map ip 10.90.245.5 221
configure
no shut terminal
!

hostname
interfaceR3
Serial0/2

no
ipPOINT-TO-POINT
domain-lookup LINK TO R3 ###
###

!ip address 10.90.23.1 255.255.255.252


interface
Loopback0
encapsulation
ppp

description
### SIMULATED
NETWORK ###
serial restart-delay
0
ip
10.90.30.1 255.255.255.0
no address
shut

!exit

interface
Serial0/1
!

description
router
ospf 1### POINT-TO-POINT LINK TO R2 ###
ip
address 10.90.23.2 255.255.255.252
log-adjacency-changes

encapsulation
ppp
network 10.90.245.2
0.0.0.0 area 0

!no shut

!##################################################
exitcon 0
line
!#
Free CCNA
!logging
sync Workbook Lab 9-5 R4 Initial Config

!##################################################
line
con 0
no exec-timeout
!logging sync

enable
no exec-timeout
end

configure
terminal
!
!
end

hostname R4
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.90.40.1 255.255.255.0
!
interface FastEthernet0/0
description ### REAL NETWORK ###
ip address 10.90.145.1 255.255.255.0
no shut
!

!##################################################
interface
Serial0/0
!#
Free CCNA###
Workbook
LabFRAME
9-5 R5
Initial
Config###
#
description
PHYSICAL
RELAY
INTERFACE

!##################################################
ip address 10.90.245.4 255.255.255.248
!encapsulation frame-relay
enable
ip ospf priority 0

configure
terminal
serial restart-delay
0

!no frame-relay inverse-arp

hostname
R5ip 10.90.245.1 421 broadcast
frame map
no
ip domain-lookup
frame
map ip 10.90.245.2 421

!frame map ip 10.90.245.5 421


interface
no shut Loopback0

!description ### SIMULATED NETWORK ###


ip address
10.90.50.1 255.255.255.0
interface
Serial0/1

!description ### POINT-TO-POINT LINK TO R5 ###


interface
FastEthernet0/0
ip address
10.90.45.1 255.255.255.252
description
###
REAL NETWORK ###
encapsulation
ppp

ip
address
10.90.145.2
serial
restart-delay
0 255.255.255.0

no shut

!exit

interface
Serial0/0
!

description
router
ospf 1### PHYSICAL FRAME RELAY INTERFACE ###
ip
address 10.90.245.5 255.255.255.248
log-adjacency-changes

encapsulation
frame-relay
network 10.90.245.4
0.0.0.0 area 0

!ip ospf priority 0

serial
0
line
conrestart-delay
0
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-multi-area-ospf/[4/12/2015
7:18:50 PM]
no
frame-relay
inverse-arp
logging
sync

Configuring Multiple OSPF Areas | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 9-5 SW1 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname SW1
no ip domain-lookup
!
line con 0
logging sync
no exec-timeout

end

Lab Objectives
Configure R2s point-to-point link between R2 and R3 in Area 3.
Configure each routers Loopback0 interface in its own OSPF area, use the router number as the new OSPF area.
Configure the point-to-point link between R4 and R5 as well as R4 and R5s physical LAN interfaces (FastEthernet0/0) in
OSPF Area 45.
Verify that all the new OSPF Inter-Area routes are in R1s routing table; these are denoted as O*IA routes.

Lab Instruction
Objective 1. Configure R2s point-to-point link between R2 and R3 in Area 3.
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#router ospf 1
R2(config-router)#network 10.90.23.1 0.0.0.0 area 3
R2(config-router)#end
R2#

R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#router ospf 1
R3(config-router)#network 10.90.23.2 0.0.0.0 area 3
R3(config-router)#end
R3#
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.20.1 on Serial0/1 from LOADING to FULL, Loading Done
R3#
Objective 2. Configure each routers Loopback0 interface in its own OSPF area, use the router number as the new OSPF area.
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router ospf 1
R1(config-router)#network 10.90.10.1 0.0.0.0 area 1
R1(config-router)#end
R1#

R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#router ospf 1
R2(config-router)#network 10.90.20.1 0.0.0.0 area 2

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-multi-area-ospf/[4/12/2015 7:18:50 PM]

Configuring Multiple OSPF Areas | Free CCNA Workbook

R2(config-router)#end
R2#

R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#router ospf 1
R3(config-router)#network 10.90.30.1 0.0.0.0 area 3
R3(config-router)#end
R3#

R4#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#router ospf 1
R4(config-router)#network 10.90.40.1 0.0.0.0 area 4
R4(config-router)#end
R4#

R5#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R5(config)#router ospf 1
R5(config-router)#network 10.90.50.1 0.0.0.0 area 5
R5(config-router)#end
R5#
Objective 3. Configure the point-to-point link between R4 and R5 as well as R4 and R5s physical LAN interfaces (FastEthernet0/0)
in OSPF Area 45.
R4#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#router ospf 1
R4(config-router)#network 10.90.45.1 0.0.0.0 area 45
R4(config-router)#network 10.90.145.1 0.0.0.0 area 45
R4(config-router)#end
R4#

R5#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R5(config)#router ospf 1
R5(config-router)#network 10.90.45.2 0.0.0.0 area 45
%OSPF-5-ADJCHG: Process 1, Nbr 10.90.40.1 on Serial0/1 from LOADING to FULL, Loading Done
R5(config-router)#network 10.90.145.2 0.0.0.0 area 45
R5(config-router)#end
R5#
Objective 4. Verify that all the new OSPF Inter-Area routes are in R1s routing table; these are denoted as O*IA routes.
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 9 subnets, 4 masks
10.90.50.1/32 [110/65] via 10.90.245.5, 00:15:38, Serial0/0
10.90.40.1/32 [110/65] via 10.90.245.4, 00:15:58, Serial0/0
10.90.23.0/30 [110/128] via 10.90.245.2, 00:18:13, Serial0/0
10.90.30.1/32 [110/129] via 10.90.245.2, 00:16:13, Serial0/0
10.90.145.0/24 [110/65] via 10.90.245.5, 00:07:14, Serial0/0
[110/65] via 10.90.245.4, 00:08:31, Serial0/0
O IA
10.90.45.0/30 [110/128] via 10.90.245.5, 00:07:24, Serial0/0
[110/128] via 10.90.245.4, 00:08:41, Serial0/0
O IA
10.90.20.1/32 [110/65] via 10.90.245.2, 00:17:02, Serial0/0
O
O
O
O
O

IA
IA
IA
IA
IA

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-multi-area-ospf/[4/12/2015 7:18:50 PM]

Configuring Multiple OSPF Areas | Free CCNA Workbook

C
C
R1#

10.90.10.0/24 is directly connected, Loopback0


10.90.245.0/29 is directly connected, Serial0/0

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-multi-area-ospf/[4/12/2015 7:18:50 PM]

Configuring The OSPF Router-ID | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring The OSPF Router-ID

The OSPF Router-ID is used to identify a specific device within an OSPF database. Router IDs must be unique to
prevent unintended OSPF database problems. This lab will discuss and demonstrate the configuration and verification
of the OSPF Router-ID

Real World Application & Core Knowledge


In lab 9-1, the process of the Router-ID determination was discussed and through out Section 9 labs when youve used the show ip
ospf neighbor command and Im sure youve noticed the neighbor id and that it was the IP Address of the neighbors loopback0
interface. As discussed in Lab 9-1, there is a reason for this. The Router-ID uniquely identifies a router in an autonomous system, no
two routers in an OSPF autonomous system can have the same router-id.
If a router-id is not configured manually in the OSPF routing process the router will automatically configure a router-id determined
from the highest IP address of a logical interface (loopback interface) or the highest IP address of an active interface. When referring
to a higher IP address, step back and look at the IP address as a whole number. For example, 1.1.1.1 translates to 1,111 and 2.2.2.2
translates to 2,222; in which case 2,222 is a higher number than 1,111.
The router id is used in several OSPF related commands such as the specifying a specific neighbor when clearing a neighbor
relationship or when viewing neighbor parameters by using the cmd>show ip ospf neighbor rid.
When configuring a router-id, the neighbors will not be updated automatically until that router has failed or the OSPF process has
been cleared and the neighbor relationship has been re-established.
In this lab you will statically configure the Router-IDs on all routers in the topology using the router number as the router-id. i.e; R1s
router-id would be 1.1.1.1
Familiarize yourself with the following new command(s);

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-ospf-router-id/[4/12/2015 7:19:12 PM]

Configuring The OSPF Router-ID | Free CCNA Workbook

Command

Description

router-id x.x.x.x

This command is executed in OSPF router configuration mode to statically configure a router id
on a specific neighbor.

show ip ospf proc-id

This command is executed in privileged mode to view OSPF process parameters such s the
local router-id and OSPF area information related to that router.

The following logical topology shown below is used in labs found through out Section 9 Configuring OSPF;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.
Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-ospf-router-id/[4/12/2015 7:19:12 PM]

Configuring The OSPF Router-ID | Free CCNA Workbook

!##################################################
!#

Free CCNA Workbook Lab 9-6 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0

description ### SIMULATED NETWORK ###


ip address 10.90.20.1 255.255.255.0

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
ip address 10.90.245.2 255.255.255.248

encapsulation frame-relay
ip ospf priority 0

!##################################################
serial restart-delay 0
!#
CCNA Workbook
Lab 9-6 R3 Initial Config
no Free
frame-relay
inverse-arp

!##################################################
frame map ip 10.90.245.1 221 broadcast
!frame map ip 10.90.245.4 221
enable
frame map ip 10.90.245.5 221
configure
no shut terminal
!

hostname
interfaceR3
Serial0/2

no
ipPOINT-TO-POINT
domain-lookup LINK TO R3 ###
###

!ip address 10.90.23.1 255.255.255.252


interface
Loopback0
encapsulation
ppp

description
### SIMULATED
NETWORK ###
serial restart-delay
0
ip
10.90.30.1 255.255.255.0
no address
shut

!exit

interface
Serial0/1
!

description
router
ospf 1### POINT-TO-POINT LINK TO R2 ###
ip
address 10.90.23.2 255.255.255.252
log-adjacency-changes

encapsulation
ppp 0.0.0.0 area 3
network 10.90.23.1

no
shut 10.90.245.2 0.0.0.0 area 0
network

!##################################################
exit
network 10.90.20.1 0.0.0.0 area 2
!#
!

Free CCNA Workbook Lab 9-6 R4 Initial Config

!##################################################
router
ospf
line con
0 1
!log-adjacency-changes
logging sync

enable
network
10.90.23.2 0.0.0.0 area 3
no exec-timeout
configure
terminal 0.0.0.0 area 3
!network 10.90.30.1
!
end

hostname
line con R4
0

no
ip domain-lookup
logging
sync

!no exec-timeout

interface
Loopback0
!

description ### SIMULATED NETWORK ###


end
ip address 10.90.40.1 255.255.255.0

!
interface FastEthernet0/0
description ### REAL NETWORK ###
ip address 10.90.145.1 255.255.255.0
no shut
!

!##################################################
interface
Serial0/0
!#
Free CCNA###
Workbook
LabFRAME
9-6 R5
Initial
Config###
#
description
PHYSICAL
RELAY
INTERFACE

!##################################################
ip address 10.90.245.4 255.255.255.248
!encapsulation frame-relay
enable
ip ospf priority 0

configure
terminal
serial restart-delay
0

!no frame-relay inverse-arp

hostname
R5ip 10.90.245.1 421 broadcast
frame map
no
ip domain-lookup
frame
map ip 10.90.245.2 421

!frame map ip 10.90.245.5 421


interface
no shut Loopback0

!description ### SIMULATED NETWORK ###


ip address
10.90.50.1 255.255.255.0
interface
Serial0/1

!description ### POINT-TO-POINT LINK TO R5 ###


interface
FastEthernet0/0
ip address
10.90.45.1 255.255.255.252
description
###
REAL NETWORK ###
encapsulation
ppp

ip
address
10.90.145.2
serial
restart-delay
0 255.255.255.0

no shut

!exit

interface
Serial0/0
!

description
router
ospf 1### PHYSICAL FRAME RELAY INTERFACE ###
ip
address 10.90.245.5 255.255.255.248
log-adjacency-changes

encapsulation
frame-relay
network 10.90.45.1
0.0.0.0 area 45
ip
ospf priority
0 0.0.0.0 area 0
network
10.90.245.4

serial
0
networkrestart-delay
10.90.145.1 0.0.0.0
area 45
no
frame-relay
inverse-arp
network
10.90.40.1
0.0.0.0 area 4

!frame map ip 10.90.245.1 521 broadcast


frame
map
line
con
0 ip 10.90.245.2 521
frame
map
ip 10.90.245.4 521
logging
sync
no shut
exec-timeout

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-ospf-router-id/[4/12/2015
7:19:12 PM]
interface
Serial0/1
end

Configuring The OSPF Router-ID | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 9-5 SW1 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname SW1
no ip domain-lookup
!
line con 0
logging sync
no exec-timeout

end

Lab Objectives
Configure each router with a router-id that reflects the router number. i.e; R1s Router-id would be 1.1.1.1
Clear the OSPF process on each router and verify on R1 that the new router IDs are be used by viewing R1s OSPF
neighbors.

Lab Instruction
Objective 1. Configure each router with a router-id that reflects the router number. i.e; R1s Router-id would be 1.1.1.1
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router ospf 1
R1(config-router)#router-id 1.1.1.1
Reload or use "clear ip ospf process" command, for this to take effect
R1(config-router)#end
R1#

R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#router ospf 1
R2(config-router)#router-id 2.2.2.2
Reload or use "clear ip ospf process" command, for this to take effect
R2(config-router)#end
R2#

R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#router ospf 1
R3(config-router)#router-id 3.3.3.3
Reload or use "clear ip ospf process" command, for this to take effect
R3(config-router)#end
R3#

R4#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#router ospf 1
R4(config-router)#router-id 4.4.4.4
Reload or use "clear ip ospf process" command, for this to take effect
R4(config-router)#end
R4#

R5#configure terminal

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-ospf-router-id/[4/12/2015 7:19:12 PM]

Configuring The OSPF Router-ID | Free CCNA Workbook

Enter configuration commands, one per line. End with CNTL/Z.


R5(config)#router ospf 1
R5(config-router)#router-id 5.5.5.5
Reload or use "clear ip ospf process" command, for this to take effect
R5(config-router)#end
R5#
Objective 2. Clear the OSPF process on each router and verify on R1 that the new router IDs are be used by viewing R1s OSPF
neighbors.
R1#clear ip ospf 1 proc
Reset OSPF process? [no]: y
R1#

R2#clear ip ospf 1 proc


Reset OSPF process? [no]: y
R2#

R3#clear ip ospf 1 proc


Reset OSPF process? [no]: y
R3#

R4#clear ip ospf 1 proc


Reset OSPF process? [no]: y
R4#

R5#clear ip ospf 1 proc


Reset OSPF process? [no]: y
R5#
Once youve cleared the OSPF process as shown above on R1 through R5 the neighbor relationships will drop and reform, once all
neighbor relationships have been re-established you can then view the OSPF neighbor table on R1 to verify that the router-ids have
indeed been changed;
R1#show ip ospf neighbors
Neighbor ID
2.2.2.2
4.4.4.4
5.5.5.5
R1#

Pri
0
0
0

State
FULL/DROTHER
FULL/DROTHER
FULL/DROTHER

Dead Time
00:01:39
00:01:35
00:01:59

Address
10.90.245.2
10.90.245.4
10.90.245.5

Interface
Serial0/0
Serial0/0
Serial0/0

To verify that R3s router ID has been changed you can view the neighbor relationships on R2 as shown below;
R2#show ip ospf neighbors
Neighbor ID
1.1.1.1
3.3.3.3
R2#

Pri
1
0

State
FULL/DR
FULL/ -

Dead Time
00:01:50
00:00:36

Address
10.90.245.1
10.90.23.2

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-ospf-router-id/[4/12/2015 7:19:12 PM]

Interface
Serial0/0
Serial0/2

Next Lab

Configuring The OSPF Router-ID | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-ospf-router-id/[4/12/2015 7:19:12 PM]

Configuring OSPF Timers | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring OSPF Timers

Like RIP and EIGRP, the OSPF routing protocol is an extremely tunable. There may be scenarios where you need to
tune the default timers to speed up network convergence during a hardware failure. This lab will discuss and
demonstrate the configuration and verification of OSPF Timers.

Real World Application & Core Knowledge


If youve completed Configuring EIGRP Timers and Configuring RIP Timers then you should know that the routing protocol timers are
the lively hood of a routing protocol. Through the use of timers, the routing protocol is able to maintain a stable neighbor relationship
and ensure routes are propagated correctly.
Timers in OSPF are like the timers in EIGRP, you have a Hello timer and a Dead timer. The hello timer is the interval at which the
routing process sends hello packets to its directly connected neighbor with a TTL of 1 and the dead timer is the interval at which a
router will declare a neighbor down if hello packets are not received from that neighbor in the time specified by the dead-interval. The
OSPF timers on a Cisco router depend on what time of interface they are used on.
By default the timers on a broadcast network which include Ethernet, point-to-point and point-to-multipoint are 10 seconds hello and
40 seconds dead. The timers on a non-broadcast network are 30 seconds hello 120 seconds dead.
The Hello and Dead timers must match to form a neighbor relationship in OSPF. Also when combining different OSPF network types
such as point-to-point and point-to-multipoint you must adjust the timers to match as point-to-multipoint is 30/120 by default and
point-to-point is 10/40 by default.
The dead-timer is typically four times the amount of the hello timer to give time for packet loss/drops due to network issues and/or
quality of service policies.
In this lab you will configure the OSPF hello and dead on the point to point link between R2 and R3 to 1 second hello and 4 second

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-timers/[4/12/2015 7:19:31 PM]

Configuring OSPF Timers | Free CCNA Workbook

dead. The commands to configure the timers statically are executed under interface configuration mode and is done on a perinterface basis.
To configure the hello timer, youd use the ip ospf hello-interval # whereas # is a number between 1 and 65535 seconds.
To configure the dead timer youll use the ip ospf dead-interval # whereas # is a number between 1 and 65535 seconds.
To verify the OSPF timers on a particular interface youll use the show ip ospf interface interfacename#/#.
Familiarize yourself with the following new command(s);

Command

Description

ip ospf hello-interval #

This command is executed in interface configuration mode to statically set the hello-interval
timer for OSPF hello packets exiting the specified interface.

ip ospf dead-interval #

This command is executed in interface configuration mode to statically set the dead-interval
timer for OSPF which is the amount of time a router will go waiting for a hello packet before
declaring a particular neighbor down and executing the SPF algorithm to re-converge.

The following logical topology shown below is used in labs found through out Section 9 Configuring OSPF;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-timers/[4/12/2015 7:19:31 PM]

Configuring OSPF Timers | Free CCNA Workbook

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.
Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-timers/[4/12/2015 7:19:31 PM]

Configuring OSPF Timers | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 9-7 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.90.20.1 255.255.255.0
!
interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


ip address 10.90.245.2 255.255.255.248
encapsulation frame-relay
ip ospf priority 0

!##################################################
serial restart-delay 0
!#
CCNA Workbook
Lab 9-7 R3 Initial Config
no Free
frame-relay
inverse-arp

!##################################################
frame map ip 10.90.245.1 221 broadcast
!frame map ip 10.90.245.4 221
enable
frame map ip 10.90.245.5 221
configure
no shut terminal
!

hostname
interfaceR3
Serial0/2

no
ipPOINT-TO-POINT
domain-lookup LINK TO R3 ###
###

!ip address 10.90.23.1 255.255.255.252


interface
Loopback0
encapsulation
ppp

description
### SIMULATED
NETWORK ###
serial restart-delay
0
ip
10.90.30.1 255.255.255.0
no address
shut

!exit

interface
Serial0/1
!

description
router
ospf 1### POINT-TO-POINT LINK TO R2 ###
ip
address2.2.2.2
10.90.23.2 255.255.255.252
router-id

encapsulation
ppp
log-adjacency-changes

no
shut 10.90.23.1 0.0.0.0 area 3
network

!##################################################
exit
network 10.90.245.2 0.0.0.0 area 0
!#
Free CCNA
Workbook
Lab 9-7
R42Initial Config
!network
10.90.20.1
0.0.0.0
area

!##################################################
router
ospf 1
!
!
router-id
line
con 0 3.3.3.3

enable
log-adjacency-changes
logging sync

configure
terminal 0.0.0.0 area 3
network
10.90.23.2
no exec-timeout
!network 10.90.30.1 0.0.0.0 area 3
hostname
R4
!
end

no
ipcon
domain-lookup
line
0

!logging sync

interface
Loopback0
no exec-timeout

!description ### SIMULATED NETWORK ###


ip address 10.90.40.1 255.255.255.0
end

interface FastEthernet0/0
description ### REAL NETWORK ###

ip address 10.90.145.1 255.255.255.0


no shut

!##################################################
interface
Serial0/0
!#
Free CCNA###
Workbook
LabFRAME
9-7 R5
Initial
Config###
#
description
PHYSICAL
RELAY
INTERFACE

!##################################################
ip address 10.90.245.4 255.255.255.248
!encapsulation frame-relay
enable
ip ospf priority 0

configure
terminal
serial restart-delay
0

!no frame-relay inverse-arp

hostname
R5ip 10.90.245.1 421 broadcast
frame map
no
ip domain-lookup
frame
map ip 10.90.245.2 421

!frame map ip 10.90.245.5 421


interface
no shut Loopback0

!description ### SIMULATED NETWORK ###


ip address
10.90.50.1 255.255.255.0
interface
Serial0/1

!description ### POINT-TO-POINT LINK TO R5 ###


interface
FastEthernet0/0
ip address
10.90.45.1 255.255.255.252
description
###
REAL NETWORK ###
encapsulation
ppp

ip
address
10.90.145.2
serial
restart-delay
0 255.255.255.0

no shut

!exit

!##################################################
interface
Serial0/0
!
!#
Free
CCNA
Workbook
LabFRAME
9-7 SW1
Initial
Config
#
description
PHYSICAL
RELAY
INTERFACE
###
router
ospf
1###

!##################################################
ip
address4.4.4.4
10.90.245.5 255.255.255.248
router-id
!encapsulation
frame-relay
log-adjacency-changes

enable
ip
ospf priority
0 0.0.0.0 area 45
network
10.90.45.1
configure
terminal
serial
0
networkrestart-delay
10.90.245.4
0.0.0.0
area 0

!no
frame-relay
inverse-arp
network
10.90.145.1
0.0.0.0 area 45

hostname
SW1
frame
map
ip 10.90.245.1
521
broadcast
network
10.90.40.1
0.0.0.0
area
4

no
ip domain-lookup
frame
map ip 10.90.245.2 521
!
!frame
map
line
con
0 ip 10.90.245.4 521
line
con sync
0
no
shut
logging

logging
sync
!no
exec-timeout

interface
Serial0/1
!no exec-timeout

!description ### POINT-TO-POINT LINK TO R4 ###


end
end
ip address 10.90.45.2 255.255.255.252
encapsulation ppp
serial restart-delay 0
no shut
exit

Lab Objectives
router ospf 1

router-id 5.5.5.5

log-adjacency-changes
network 10.90.45.2 0.0.0.0 area 45
network 10.90.245.5 0.0.0.0 area 0
network 10.90.145.2 0.0.0.0 area 45
network 10.90.50.1 0.0.0.0 area 5

Configure the interfaces on the point-to-point link between R2 and R3 to send OSPF hellos every 1 second and declare the

line con 0

logging sync
no exec-timeout
!
end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-timers/[4/12/2015 7:19:31 PM]

Configuring OSPF Timers | Free CCNA Workbook

neighboring router down if a hello is not received within 4 seconds.


Verify the OSPF hello and dead timers on both R2 and R3.

Lab Instruction
Objective 1. Configure the interfaces on the point-to-point link between R2 and R3 to send OSPF hellos every 1 second and
declare the neighboring router down if a hello is not received within 4 seconds.
R2>enable
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface Serial0/2
R2(config-if)#ip ospf hello-interval 1
R2(config-if)#ip ospf dead-interval 4
R2(config-if)#end
%OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Serial0/2 from FULL
to DOWN, Neighbor Down: Dead timer expired
R2#

R3>enable
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#interface Serial0/1
R3(config-if)#ip ospf hello-interval 1
R3(config-if)#ip ospf dead-in
%OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial0/1 from LOADING to FULL, Loading Done
R3(config-if)#ip ospf dead-interval 4
R3(config-if)#end
R3#
Objective 2. Verify the OSPF hello and dead timers on both R2 and R3.
R2#show ip ospf interface Serial0/2
Serial0/2 is up, line protocol is up
Internet Address 10.90.23.1/30, Area 3
Process ID 1, Router ID 2.2.2.2, Network Type POINT_TO_POINT, Cost: 64
Transmit Delay is 1 sec, State POINT_TO_POINT
Timer intervals configured, Hello 1, Dead 4, Wait 4, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:00
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled
Index 1/2, flood queue length 0
Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 6
Last flood scan time is 0 msec, maximum is 4 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 3.3.3.3
Suppress hello for 0 neighbor(s)
R2#

R3#show ip ospf interface Serial0/1


Serial0/1 is up, line protocol is up
Internet Address 10.90.23.2/30, Area 3
Process ID 1, Router ID 3.3.3.3, Network Type POINT_TO_POINT, Cost: 64
Transmit Delay is 1 sec, State POINT_TO_POINT
Timer intervals configured, Hello 1, Dead 4, Wait 4, Retransmit 5
oob-resync timeout 40
Hello due in 00:00:00
Supports Link-local Signaling (LLS)
Cisco NSF helper support enabled
IETF NSF helper support enabled

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-timers/[4/12/2015 7:19:31 PM]

Configuring OSPF Timers | Free CCNA Workbook

Index 1/1, flood queue length 0


Next 0x0(0)/0x0(0)
Last flood scan length is 1, maximum is 1
Last flood scan time is 0 msec, maximum is 4 msec
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 2.2.2.2
Suppress hello for 0 neighbor(s)
R3#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-timers/[4/12/2015 7:19:31 PM]

Configuring OSPF Timers | Free CCNA Workbook

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-timers/[4/12/2015 7:19:31 PM]

Configuring Per Interface OSPF | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Per Interface OSPF

There are two ways to configure OSPF on a single interface, the network command in the routing process config mode
or through the ip ospf command in interface configuration. This lab will discuss and demonstrate the configuration and
verification of per-interface OSPF configuration.

Real World Application & Core Knowledge


Well you should know by now how to specify which interfaces to participate in a routing protocol as discussed in Labs 9-1, 8-1 and 71. You use the network statement followed by the network ip address and wildcard mask. However in this lab you will learn a new
way to configure an interface to participate in specific OSPF process.
The way discussed in this lab is the new way of configuring OSPF to operate on interfaces; by using this method this prevents
unintended interfaces when brought online to participate in OSPF by a broad network statement in the OSPF router configuration.
For example, 10.0.0.0 0.255.255.255 would cover any interface in the 10.0.0.0/8 network and if a new interface is brought online with
the IP address of 10.89.22.1/24 then it will automatically fall into the configured network statement range. This may cause you
unintended problems if you did not plan for this to occur.
By specifying on an interface level rather or not that interface participates in the OSPF routing process, this ensures any new
interfaces brought online would not automatically be included in the routing process. Also when configuring OSPFv3 for IP Version 6
(IPv6), you no longer have the network statement but rather you use interface configuration mode only to specify which interfaces
participate in the OSPF routing process.
To configure an interface to participate in a specific OSPF routing process youll use the ip ospf procid# area # command in interface
configuration mode.
Familiarize yourself with the following new command(s);

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-per-interface-ospf/[4/12/2015 7:19:52 PM]

Configuring Per Interface OSPF | Free CCNA Workbook

Command

Description

ip ospf procid# area #

This command is executed in interface configuration mode as an alternative to specify the


configured interface to participate in the OSPF routing process via a network statement in
OSPF router configuration mode.

The following logical topology shown below is used in labs found through out Section 9 Configuring OSPF;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.
Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-per-interface-ospf/[4/12/2015 7:19:52 PM]

Configuring Per Interface OSPF | Free CCNA Workbook

!##################################################
!#

Free CCNA Workbook Lab 9-8 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.90.20.1 255.255.255.0
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
ip address 10.90.245.2 255.255.255.248

encapsulation frame-relay
ip ospf priority 0

!##################################################
serial restart-delay 0
!#
CCNA Workbook
Lab 9-8 R3 Initial Config
no Free
frame-relay
inverse-arp

!##################################################
frame map ip 10.90.245.1 221 broadcast
!frame map ip 10.90.245.4 221
enable
frame map ip 10.90.245.5 221
configure
no shut terminal
!

hostname
interfaceR3
Serial0/2

no
ipPOINT-TO-POINT
domain-lookup LINK TO R3 ###
###

!ip address 10.90.23.1 255.255.255.252


interface
Loopback0
ip ospf hello-interval
1

description
###
SIMULATED NETWORK ###
encapsulation
ppp
ip
address
10.90.30.10255.255.255.0
serial
restart-delay

!no shut

interface
Serial0/1
exit

!description ### POINT-TO-POINT LINK TO R2 ###


ip ospf
hello-interval
1
router
ospf
1

ip
address2.2.2.2
10.90.23.2 255.255.255.252
router-id

encapsulation
ppp
log-adjacency-changes

!##################################################
no
shut 10.90.23.1 0.0.0.0 area 3
network
!#
Free CCNA
Workbook
Lab 9-8
R4 Initial
Config
exit
network
10.90.245.2
0.0.0.0
area
0

!##################################################
!network 10.90.20.1 0.0.0.0 area 2
!
router ospf 1

enable
router-id
line
con 0 3.3.3.3

configure
terminal
log-adjacency-changes
logging sync

!network
10.90.23.2 0.0.0.0 area 3
no exec-timeout
hostname
10.90.30.1 0.0.0.0 area 3
!network R4
no
!
endip domain-lookup

!
line con 0

interface
Loopback0
logging sync

description
### SIMULATED NETWORK ###
no exec-timeout

!ip address 10.90.40.1 255.255.255.0

!
end

interface FastEthernet0/0
description ### REAL NETWORK ###
ip address 10.90.145.1 255.255.255.0
no shut
!

!##################################################
interface
Serial0/0
!#
Free CCNA###
Workbook
LabFRAME
9-8 R5
Initial
Config###
#
description
PHYSICAL
RELAY
INTERFACE

!##################################################
ip address 10.90.245.4 255.255.255.248
!encapsulation frame-relay
enable
ip ospf priority 0

configure
terminal
serial restart-delay
0

!no frame-relay inverse-arp

hostname
R5ip 10.90.245.1 421 broadcast
frame map
no
ip domain-lookup
frame
map ip 10.90.245.2 421

!frame map ip 10.90.245.5 421


interface
no shut Loopback0

!description ### SIMULATED NETWORK ###


ip address
10.90.50.1 255.255.255.0
interface
Serial0/1

!description ### POINT-TO-POINT LINK TO R5 ###


interface
FastEthernet0/0
ip address
10.90.45.1 255.255.255.252
description
###
REAL NETWORK ###
encapsulation
ppp

ip
address
10.90.145.2
serial
restart-delay
0 255.255.255.0

no shut

!exit

interface
Serial0/0
!

description
router
ospf 1### PHYSICAL FRAME RELAY INTERFACE ###
ip
address4.4.4.4
10.90.245.5 255.255.255.248
router-id

encapsulation
frame-relay
log-adjacency-changes

ip
ospf priority
0 0.0.0.0 area 45
network
10.90.45.1
serial
0
networkrestart-delay
10.90.245.4 0.0.0.0
area 0

no
frame-relay
inverse-arp
network
10.90.145.1
0.0.0.0 area 45

frame
map
ip 10.90.245.1
521
broadcast
network
10.90.40.1
0.0.0.0
area
4

!frame map ip 10.90.245.2 521


frame
map
line
con
0 ip 10.90.245.4 521
no
shut sync
logging

!no exec-timeout

interface
Serial0/1
!

description ### POINT-TO-POINT LINK TO R4 ###


end
ip address 10.90.45.2 255.255.255.252

encapsulation ppp
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-per-interface-ospf/[4/12/2015
7:19:52 PM]

Configuring Per Interface OSPF | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 9-8 SW1 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname SW1
no ip domain-lookup
!
line con 0
logging sync
no exec-timeout

end

Lab Objectives
Configure each interface on all routers in the OSPF topology to use per-interface OSPF statements and not network
statements in the OSPF configuration mode. Complete this in a way that the OSPF neighbor relationships are not dropped.
Verify that all interfaces on R1 are participating in the OSPF routing process.

Lab Instruction
Objective 1. Configure each interface on all routers in the OSPF topology to use per-interface OSPF statements and not network
statements in the OSPF configuration mode. Complete this in a way that the OSPF neighbor relationships are not dropped.
To complete this objective in a way that the neighbor relationships are NOT dropped when removing the network statements in OSPF
router configuration mode you must first configure each interface to participate in the correct OSPF routing process and area then
remove the network statements from the OSPF configuration as shown below;
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface Serial0/0
R1(config-if)#ip ospf 1 area 0
R1(config-if)#interface lo0
R1(config-if)#ip ospf 1 area 1
R1(config-if)#exit
R1(config)#router ospf 1
R1(config-router)#no network 10.90.245.1 0.0.0.0 area 0
R1(config-router)#no network 10.90.10.1 0.0.0.0 area 1
R1(config-router)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#

R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface Serial0/0
R2(config-if)#ip ospf 1 area 0
R2(config-if)#interface lo0
R2(config-if)#ip ospf 1 area 2
R2(config-if)#interface Serial0/2
R2(config-if)#ip ospf 1 area 3
R2(config-if)#exit
R2(config)#router ospf 1
R2(config-router)#no network 10.90.245.2 0.0.0.0 area 0
R2(config-router)#no network 10.90.20.1 0.0.0.0 area 2
R2(config-router)#no network 10.90.23.1 0.0.0.0 area 3
R2(config-router)#end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-per-interface-ospf/[4/12/2015 7:19:52 PM]

Configuring Per Interface OSPF | Free CCNA Workbook

R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#

R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#interface Serial0/1
R3(config-if)#ip ospf 1 area 3
R3(config-if)#interface lo0
R3(config-if)#ip ospf 1 area 3
R3(config-if)#exit
R3(config)#router ospf 1
R3(config-router)#no network 10.90.23.2 0.0.0.0 area 3
R3(config-router)#no network 10.90.30.1 0.0.0.0 area 3
R3(config-router)#end
R3#
%SYS-5-CONFIG_I: Configured from console by console
R3#

R4#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#interface Serial0/0
R4(config-if)#ip ospf 1 area 0
R4(config-if)#interface lo0
R4(config-if)#ip ospf 1 area 4
R4(config-if)#interface Serial0/1
R4(config-if)#ip ospf 1 area 45
R4(config-if)#interface FastEthernet0/0
R4(config-if)#ip ospf 1 area 45
R4(config-if)#exit
R4(config)#router ospf 1
R4(config-router)#no network 10.90.245.4 0.0.0.0 area 0
R4(config-router)#no network 10.90.40.1 0.0.0.0 area 4
R4(config-router)#no network 10.90.145.1 0.0.0.0 area 45
R4(config-router)#no network 10.90.45.1 0.0.0.0 area 45
R4(config-router)#end
R4#
*Jul 9 22:03:43.149: %SYS-5-CONFIG_I: Configured from console by console
R4#

R5#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R5(config)#interface Serial0/0
R5(config-if)#ip ospf 1 area 0
R5(config-if)#interface Lo0
R5(config-if)#ip ospf 1 area 5
R5(config-if)#interface Serial0/1
R5(config-if)#ip ospf 1 area 45
R5(config-if)#interface FastEthernet0/0
R5(config-if)#ip ospf 1 area 45
R5(config-if)#exit
R5(config)#router ospf 1
R5(config-router)#no network 10.90.245.5 0.0.0.0 area 0
R5(config-router)#no network 10.90.50.1 0.0.0.0 area 5
R5(config-router)#no network 10.90.45.2 0.0.0.0 area 45
R5(config-router)#no network 10.90.145.2 0.0.0.0 area 45
R5(config-router)#end
R5#
%SYS-5-CONFIG_I: Configured from console by console
R5#
Objective 2. Verify that all interfaces on R1 are participating in the OSPF routing process.
R1#show ip ospf interface brief
Interface
PID
Area
Se0/0
1
0
Lo0
1
1
R1#

IP Address/Mask
10.90.245.1/29
10.90.10.1/24

Cost
64
1

State Nbrs F/C


DR
3/3
LOOP 0/0

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-per-interface-ospf/[4/12/2015 7:19:52 PM]

Configuring Per Interface OSPF | Free CCNA Workbook

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-per-interface-ospf/[4/12/2015 7:19:52 PM]

Configuring OSPF Stub Areas | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring OSPF Stub Areas

Stub Areas are another way of building a scalable OSPF network. Stub Areas support multiple features that can
reduce router resources and simplify configurations. This lab will discuss and demonstrate the configuration and
verification of OSPF stub areas.

Real World Application & Core Knowledge


In Lab 9-1 Configuring Basic OSPF you learned about Stub areas and their purpose and how they operate. In this lab you will
review those concepts and put the technology to use.
Think of Stub areas in OSPF a way to simplify an area so that a particular area does not need the full routing table; in which case this
conserves router resources. Show below is a list of the different type of stub areas and their properties;
Stub Area An area that has a single exit point and blocks type 5/7 LSA types and receives type 3/4 LSAs with a default route
(0.0.0.0/0) This type of stub area is an IETF standard. To configure an Area as a stub youd execute the area # stub in OSPF router
configuration mode on the ABR.
Not-So-Stubby-Area (NSSA) This area allows a stub area to have characteristics of a stub and non stub. External routes advertised
into the OSPF autonomous system by am NSSA advertising an LSA type 7 which is translated at the ABR to type 5 and forwarded
into the OSPF backbone. This type of stub area is an IETF standard. To configure an area as a NSSA youd execute the area # nssa
in OSPF router configuration mode on the ABR.
Totally Stubby Area Permits type 1 and 2 LSAs while blocking types 3*/4/5/7 LSAs. *TSAs receive a single type 3 LSA containing
a default route to the ABR. This type of stub area is an extension to OSPF created by Cisco. To configure an area as a totally stubby
area youd execute the area # stub no-summary in OSPF router configuration mode on the ABR.
Totally NSSA Is an area that permits LSAs 1, 2 and 7 while blocking 3 4 and 5. This stub area receives a default route from the

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-stub-areas/[4/12/2015 7:20:13 PM]

Configuring OSPF Stub Areas | Free CCNA Workbook

ABR using a type 3 LSA. This type of stub area is an extension to OSPF created by Cisco. To configure an area as a not so totally
stubby area area youd execute the area # nssa no-summary in OSPF router configuration mode on the ABR.
When configuring an area stub type the command is executed on the ABR, however when you specify an area as a stub on the ABR,
all routers in that area must have be configured as a stub by using the area # stub
In this lab you will configure and verify area 3 as a stub area and totally stubby area.
Familiarize yourself with the following new command(s);

Command

Description

area # stub

This command is executed in OSPF configuration mode to configure a specific area in OSPF as
a stub. All routers in a stub area must have the stub area flag set. This means that all routers in
the area must be configure with this command if the ABR has the area configured as a stub.

area # nssa

This command is executed in OSPF configuration mode on the ABR to specify an area as a not
so stubby area. This type of area allows for redistributed routes as a type 7 lsa which is
translated to a type 5 at the ABR before being propagated through out the autonomous system.

area # stub no-summary

This command is executed in OSPF configuration mode on the ABR to specify an area as a
totally stubby area which only allows type 1 and 2 LSAs and a single type 3 LSA (default route)
from the ABR. all other LSAs are blocked.

area # nssa no-summary

This command is executed in OSPF configuration mode on the ABR in OSPF configuration
mode to specify a specific area as a not so totally stubby area which blocks types 3 4 and 5
LSAs but allows a single type 3 LSA as the default route and type 7 LSAs internal to the area.

The following logical topology shown below is used in labs found through out Section 9 Configuring OSPF;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-stub-areas/[4/12/2015 7:20:13 PM]

Configuring OSPF Stub Areas | Free CCNA Workbook

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.
Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-stub-areas/[4/12/2015 7:20:13 PM]

Configuring OSPF Stub Areas | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 9-9 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.90.20.1 255.255.255.0
ip ospf 1 area 2
!

interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
ip address 10.90.245.2 255.255.255.248
encapsulation frame-relay

!##################################################
ip ospf priority 0
!#
Free1CCNA
Lab 9-9 R3 Initial Config
ip ospf
areaWorkbook
0

!##################################################
serial restart-delay 0
!no frame-relay inverse-arp

enable
frame map ip 10.90.245.1 221 broadcast
configure
frame mapterminal
ip 10.90.245.4 221
!frame map ip 10.90.245.5 221
hostname
no shut R3

no
! ip domain-lookup

!
interface Serial0/2

interface
Loopback0 LINK TO R3 ###
### POINT-TO-POINT

description
### SIMULATED
NETWORK ###
ip address 10.90.23.1
255.255.255.252
ip address
10.90.30.1
255.255.255.0
ospf 1 area
3

ip ospf 1
area 3
hello-interval
1

!encapsulation ppp

interface
Serial0/1
serial restart-delay
0

description
### POINT-TO-POINT LINK TO R2 ###
no shut
ip
address 10.90.23.2 255.255.255.252
exit

!ip ospf 1 area 3

!##################################################
ip ospf
hello-interval
1
router
ospf
1
!#
Free CCNA
Workbook
Lab 9-9 R4 Initial Config
encapsulation
ppp
router-id
2.2.2.2

!##################################################
no
shut
log-adjacency-changes
!exit

enable
!
line con 0

configure
terminal
router
ospf
1
logging
sync

!router-id
3.3.3.3
no exec-timeout

hostname
R4
!log-adjacency-changes
no
!
endip domain-lookup

!
line con 0

interface
Loopback0
logging sync

description
### SIMULATED NETWORK ###
no exec-timeout

!ip address 10.90.40.1 255.255.255.0


ip ospf 1 area 4
end
!

interface FastEthernet0/0

description ### REAL NETWORK ###

ip address 10.90.145.1 255.255.255.0

ip ospf 1 area 45

!##################################################
no shut

!#
!

Free CCNA Workbook Lab 9-9 R5 Initial Config

!##################################################
interface
Serial0/0
!description ### PHYSICAL FRAME RELAY INTERFACE ###
enable
ip address 10.90.245.4 255.255.255.248
configure
terminal
encapsulation
frame-relay
!ip ospf priority 0
hostname
R5area 0
ip ospf 1

no
ip domain-lookup
serial
restart-delay 0

!no frame-relay inverse-arp

interface
frame mapLoopback0
ip 10.90.245.1 421 broadcast
description
SIMULATED421
NETWORK ###
frame map ip###
10.90.245.2
ip address
10.90.50.1
255.255.255.0
frame
map ip
10.90.245.5
421
ip
no ospf
shut 1 area 5

interface FastEthernet0/0
Serial0/1

description ### REAL


NETWORK ###
POINT-TO-POINT
LINK TO R5 ###

ip address 10.90.145.2
255.255.255.0
10.90.45.1 255.255.255.252

ip ospf 1 area 45

!##################################################
no
shut
encapsulation
ppp

!#
Freerestart-delay
CCNA Workbook0Lab 9-8 SW1 Initial Config #
!
serial

!##################################################
interface
no shut Serial0/0
!description
### PHYSICAL FRAME RELAY INTERFACE ###
exit

enable
ip address 10.90.245.5 255.255.255.248
!
configure
terminal
encapsulation
router
ospf
1 frame-relay
!ip
ospf priority
router-id
4.4.4.40

hostname
SW1
ip
ospf 1
area 0
log-adjacency-changes

no
ip domain-lookup
serial
restart-delay 0
!

!no frame-relay
inverse-arp
line
con 0

line
con
0 ip 10.90.245.1 521 broadcast
frame
map
logging
sync
logging
sync
frame
map
ip 10.90.245.2 521
no
exec-timeout

no exec-timeout
map ip 10.90.245.4 521
!frame
!no shut
end
end
!

interface Serial0/1
description ### POINT-TO-POINT LINK TO R4 ###
ip address 10.90.45.2 255.255.255.252
ip ospf 1 area 45
encapsulation ppp

Lab Objectives
serial restart-delay 0
no shut
exit
!
router ospf 1
router-id 5.5.5.5
log-adjacency-changes

Configure Area 3 as a stub area. Afterward; verify the routing table on R3.

line con 0

logging sync
no exec-timeout
!
end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-stub-areas/[4/12/2015 7:20:13 PM]

Configuring OSPF Stub Areas | Free CCNA Workbook

Configure Area 3 as a totally stubby area. Afterward; verify the routing table on R3.

Lab Instruction
Objective 1. Configure Area 3 as a stub area. Afterward; verify the routing table on R3.
To complete this objective you must specify Area 3 as a stub area on the ABR and all routers that participate in area 3 as shown
below;
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#router ospf 1
R2(config-router)#area 3 stub
R2(config-router)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
%OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Serial0/2 from FULL to DOWN, Neighbor Down: Adjacency
forced to reset
R2#

When configuring the are Area Border Router youll notice the neighbor relationship will drop as shown above due to the stub flag not
matching in the hello packets. However when you configure the neighboring router in area 3 (R3) as a stub area the neighbor
relationship will rebuild as shown below;
R3#
%OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial0/1 from FULL to DOWN, Neighbor Down: Dead time
r expired
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#router ospf 1
R3(config-router)#area 3 stub
R3(config-router)#end
R3#
%SYS-5-CONFIG_I: Configured from console by console
%OSPF-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial0/1 from LOADING
to FULL, Loading Done
R3#
Shown below is the routing table of R3 to verify that R3 is indeed receiving the correct default route from the ABR.
R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.90.23.1 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 10 subnets, 4 masks
O IA
10.90.50.1/32 [110/129] via 10.90.23.1, 00:02:40, Serial0/1
O IA
10.90.40.1/32 [110/129] via 10.90.23.1, 00:02:40, Serial0/1
C
10.90.23.0/30 is directly connected, Serial0/1
C
10.90.23.1/32 is directly connected, Serial0/1
C
10.90.30.0/24 is directly connected, Loopback0
O IA
10.90.145.0/24 [110/129] via 10.90.23.1, 00:02:40, Serial0/1
O IA
10.90.45.0/30 [110/192] via 10.90.23.1, 00:02:40, Serial0/1
O IA
10.90.20.1/32 [110/65] via 10.90.23.1, 00:02:40, Serial0/1
O IA
10.90.10.1/32 [110/129] via 10.90.23.1, 00:02:40, Serial0/1
O IA
10.90.245.0/29 [110/128] via 10.90.23.1, 00:02:40, Serial0/1
O*IA 0.0.0.0/0 [110/65] via 10.90.23.1, 00:02:40, Serial0/1

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-stub-areas/[4/12/2015 7:20:13 PM]

Configuring OSPF Stub Areas | Free CCNA Workbook

R3#
You can also verify that Area 3 is a stub area by using the show ip ospf command on R2 or R3 as this will explicitly tell you rather or
not a specific area is a stub area as shown below;
R3#show ip ospf
Routing Process "ospf 1" with ID 3.3.3.3
Start time: 00:03:08.388, Time elapsed: 01:33:52.844
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports Link-local Signaling (LLS)
Supports area transit capability
Router is not originating router-LSAs with maximum metric
Initial SPF schedule delay 5000 msecs
Minimum hold time between two consecutive SPFs 10000 msecs
Maximum wait time between two consecutive SPFs 10000 msecs
Incremental-SPF disabled
Minimum LSA interval 5 secs
Minimum LSA arrival 1000 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x000000
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 0 normal 1 stub 0 nssa
Number of areas transit capable is 0
External flood list length 0
IETF NSF helper support enabled
Cisco NSF helper support enabled
Area 3
Number of interfaces in this area is 2 (1 loopback)
It is a stub area
Area has no authentication
SPF algorithm last executed 00:08:19.176 ago
SPF algorithm executed 6 times
Area ranges are
Number of LSA 10. Checksum Sum 0x04EE8E
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0
R3#
Objective 2. Configure Area 3 as a totally stubby area. Afterward; verify the routing table on R3.
To configure Area 3 as a totally stubby area you only need to change the stub type on the ABR now as R3 already has area 3
specified as a stub due to the previous objective.
R2#configure terminal
Enter configuration commands, one per line.
R2(config)#router ospf 1
R2(config-router)#area 3 stub no-summary
R2(config-router)#end
R2#

End with CNTL/Z.

Shown below is the routing table of R3, youll notice that R3 is now only receiving a default route from R2 (The ABR) as the ABR is
treating area 3 as a totally stubby area, it is only advertising a single type 3 LSA which is the default route shown in the routing table
as O*IA 0.0.0.0/0 and blocking type 3 and 4 LSAs which are the other area routes which would typically be O*IA routes as shown in
verification of Objective 1.
R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-stub-areas/[4/12/2015 7:20:13 PM]

Configuring OSPF Stub Areas | Free CCNA Workbook

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2


E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.90.23.1 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 3 subnets, 3 masks
C
10.90.23.0/30 is directly connected, Serial0/1
C
10.90.23.1/32 is directly connected, Serial0/1
C
10.90.30.0/24 is directly connected, Loopback0
O*IA 0.0.0.0/0 [110/65] via 10.90.23.1, 00:00:29, Serial0/1
R3#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-stub-areas/[4/12/2015 7:20:13 PM]

Configuring OSPF Stub Areas | Free CCNA Workbook

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-stub-areas/[4/12/2015 7:20:13 PM]

Configuring OSPF Interface Cost | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring OSPF Interface Cost

Changing OSPF interface cost is a simple and easy way to manipulate the OSPF routes in the routing table. This lab
will discuss and demonstrate the configuration and verification of OSPF Interface Cost.

Real World Application & Core Knowledge


Unlike the metric in RIP which is determined by hop count and EIGRPs crazy mathematical formulated metric, OSPF is a little more
simple. The default formula to calculate the cost for the OSPF metric is (10^8/BW).
By default the metrics reference cost is 100Mbps, so any link that is 100Mbps will have a metric of 1. a T1 interface will have a metric
of 64 so in this case if a router is trying to get to a FastEthernet network on a router that is through a T1 the metric would be 65 (64
+1).
You do however have the ability to statically specify a metric on a per interface basis by using the ip ospf cost # where the cost is an
integer between 1-65535.
So the big question is why would you want to statically configure a metric?
The biggest advantage of statically configuring an OSPF metric on an interface is to manipulate which route will be chosen
dynamically via OSPF. In a nut shell its like statically configuring a dynamic protocol to use a specific route. Pretty cool huh?
In this lab youll increase the interface cost on R5s FastEthernet0/0 interface to make R4 the preferred route on R1 to get to the
10.90.145.0/24 network.
Familiarize yourself with the following new command(s);

Command

Description

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-interface-cost/[4/12/2015 7:20:33 PM]

Configuring OSPF Interface Cost | Free CCNA Workbook

ip ospf cost #

This command is executed in interface configuration mode to statically configure the OSPF
interface cost of the specified interface.

The following logical topology shown below is used in labs found through out Section 9 Configuring OSPF;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.
Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-interface-cost/[4/12/2015 7:20:33 PM]

Configuring OSPF Interface Cost | Free CCNA Workbook

!##################################################
!#

Free CCNA Workbook Lab 9-10 R2 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.90.20.1 255.255.255.0
ip ospf 1 area 2

interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


ip address 10.90.245.2 255.255.255.248

encapsulation frame-relay

!##################################################
ip ospf priority 0
!#
Free1CCNA
Lab 9-10 R3 Initial Config #
ip ospf
areaWorkbook
0

!##################################################
serial restart-delay 0
!no frame-relay inverse-arp

enable
frame map ip 10.90.245.1 221 broadcast
configure
frame mapterminal
ip 10.90.245.4 221
!frame map ip 10.90.245.5 221
hostname
no shut R3

no
! ip domain-lookup

!
interface Serial0/2

interface
Loopback0 LINK TO R3 ###
### POINT-TO-POINT

description
### SIMULATED
NETWORK ###
ip address 10.90.23.1
255.255.255.252
ip address
10.90.30.1
255.255.255.0
ospf 1 area
3

ip ospf 1
area 3
hello-interval
1

!encapsulation ppp

interface
Serial0/1
serial restart-delay
0

description
### POINT-TO-POINT LINK TO R2 ###
no shut
ip
address 10.90.23.2 255.255.255.252
exit

!ip ospf 1 area 3

!##################################################
ip ospf
hello-interval
1
router
ospf
1
!#
Free CCNA
Workbook
Lab 9-10 R4 Initial Config #
encapsulation
ppp
router-id
2.2.2.2

!##################################################
no
shut
log-adjacency-changes
!exit
area 3 stub no-summary
enable
!

configure
router
ospf
1
line con
0terminal

!router-id
3.3.3.3
logging sync

hostname
R4
log-adjacency-changes
no exec-timeout
no
ip domain-lookup
3 stub
!area

!
end

interface
line con 0Loopback0

description
logging sync### SIMULATED NETWORK ###
ip
10.90.40.1 255.255.255.0
no address
exec-timeout

!ip ospf 1 area 4

!
end

interface FastEthernet0/0
description ### REAL NETWORK ###
ip address 10.90.145.1 255.255.255.0
ip ospf 1 area 45

!##################################################
no shut

!#
!

Free CCNA Workbook Lab 9-10 R5 Initial Config #

!##################################################
interface
Serial0/0
!description ### PHYSICAL FRAME RELAY INTERFACE ###
enable
ip address 10.90.245.4 255.255.255.248
configure
terminal
encapsulation
frame-relay
!ip ospf priority 0
hostname
R5area 0
ip ospf 1

no
ip domain-lookup
serial
restart-delay 0

!no frame-relay inverse-arp

interface
frame mapLoopback0
ip 10.90.245.1 421 broadcast
description
SIMULATED421
NETWORK ###
frame map ip###
10.90.245.2
ip address
10.90.50.1
255.255.255.0
frame
map ip
10.90.245.5
421
ip
no ospf
shut 1 area 5

interface FastEthernet0/0
Serial0/1

description ### REAL


NETWORK ###
POINT-TO-POINT
LINK TO R5 ###

ip address 10.90.145.2
255.255.255.0
10.90.45.1 255.255.255.252

ip ospf 1 area 45
no
shut
encapsulation
ppp

!serial restart-delay 0
interface
no shut Serial0/0

description
### PHYSICAL FRAME RELAY INTERFACE ###
exit

!ip address 10.90.245.5 255.255.255.248


encapsulation
router
ospf 1 frame-relay
ip
ospf priority
router-id
4.4.4.40

ip
ospf 1 area 0
log-adjacency-changes

!serial restart-delay 0

no frame-relay
inverse-arp
line
con 0

frame
map
ip 10.90.245.1 521 broadcast
logging
sync
frame
map ip 10.90.245.2 521
no exec-timeout

!frame map ip 10.90.245.4 521


no shut
end
!

interface Serial0/1
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-interface-cost/[4/12/2015
7:20:33 PM]

Configuring OSPF Interface Cost | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 9-X SW1 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname SW1
no ip domain-lookup
!
line con 0
logging sync
no exec-timeout

end

Lab Objectives
Observe the routing table on R1, The route to 10.90.145.0/24 should be load balanced via R4 and R5.
Configure R5s 10.90.145.0/24 interface with the OSPF cost 100; afterwards verify R1s routing table to see if R1 is using the
R4 to get to the 10.90.145.0/24 route.

Lab Instruction
Objective 1. Observe the routing table on R1, The route to 10.90.145.0/24 should be load balanced via R4 and R5.
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 9 subnets, 4 masks
10.90.50.1/32 [110/65] via 10.90.245.5, 02:09:40, Serial0/0
10.90.40.1/32 [110/65] via 10.90.245.4, 02:09:40, Serial0/0
10.90.23.0/30 [110/128] via 10.90.245.2, 02:01:57, Serial0/0
10.90.30.1/32 [110/129] via 10.90.245.2, 00:47:17, Serial0/0
10.90.145.0/24 [110/65] via 10.90.245.5, 02:09:40, Serial0/0
[110/65] via 10.90.245.4, 00:11:37, Serial0/0
O IA
10.90.45.0/30 [110/128] via 10.90.245.5, 02:09:40, Serial0/0
[110/128] via 10.90.245.4, 02:09:40, Serial0/0
O IA
10.90.20.1/32 [110/65] via 10.90.245.2, 02:01:57, Serial0/0
C
10.90.10.0/24 is directly connected, Loopback0
C
10.90.245.0/29 is directly connected, Serial0/0
R1#
O
O
O
O
O

IA
IA
IA
IA
IA

Objective 2. Configure R5s 10.90.145.0/24 interface with the OSPF cost 100; afterwards verify R1s routing table to see if R1 is
using the R4 to get to the 10.90.145.0/24 route.
In order to make R4 the preferred route on R1, you must increase R5s cost to the 10.90.145.0/24 network as both routers cost to the
10.90.145.0/24 network is 1 since 100Mbps is the default reference bandwidth of OSPF.
R5#configure terminal
Enter configuration commands, one per line.
R5(config)#interface FastEthernet0/0
R5(config-if)#ip ospf cost 100
R5(config-if)#end

End with CNTL/Z.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-interface-cost/[4/12/2015 7:20:33 PM]

Configuring OSPF Interface Cost | Free CCNA Workbook

R5#
%SYS-5-CONFIG_I: Configured from console by console
R5#
After the cost has been changed on R5 verify that R1 is now using R4 as the next hop to get to the 10.90.145.0/24 network as shown
below;
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 9 subnets, 4 masks
10.90.50.1/32 [110/65] via 10.90.245.5, 02:14:01, Serial0/0
10.90.40.1/32 [110/65] via 10.90.245.4, 02:14:01, Serial0/0
10.90.23.0/30 [110/128] via 10.90.245.2, 02:06:18, Serial0/0
10.90.30.1/32 [110/129] via 10.90.245.2, 00:51:38, Serial0/0
10.90.145.0/24 [110/65] via 10.90.245.4, 00:15:59, Serial0/0
10.90.45.0/30 [110/128] via 10.90.245.5, 02:14:01, Serial0/0
[110/128] via 10.90.245.4, 02:14:01, Serial0/0
O IA
10.90.20.1/32 [110/65] via 10.90.245.2, 02:06:18, Serial0/0
C
10.90.10.0/24 is directly connected, Loopback0
C
10.90.245.0/29 is directly connected, Serial0/0
R1#
O
O
O
O
O
O

IA
IA
IA
IA
IA
IA

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-interface-cost/[4/12/2015 7:20:33 PM]

GNS3 - Cisco Device Emulator

Configuring OSPF Interface Cost | Free CCNA Workbook

:( http://t.co/wjL6GYuo2O

Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco
CCNA labs that can be completed using
the GNS3 platform.

Download

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-interface-cost/[4/12/2015 7:20:33 PM]

Configuring OSPF Auto Cost Reference Bandwidth | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring OSPF Reference Bandwidth

You can modify the default interface cost in OSPF by changing the OSPF Reference Bandwidth metric. This lab will
discuss and demonstrate the configuration and verification of OSPF reference bandwidth.

Real World Application & Core Knowledge


If you completed Lab 9-10 Configuring OSPF Interface Cost then you should be familiar with how t he metric is calculated by
OSPF.The default formula to calculate the cost for the OSPF metric is (10^8/BW). This is due to the default auto cost reference
bandwidth being set at 100Mbps so any link with a speed of 100Mbps or great would have a cost of 1 and no less. This can cause
problems such as sub-optimal route selection and load balancing which could lead to out of order packets thus causing application
problems on through out the network.
The default reference bandwidth used to calculate the OSPF metric can be changed to reflect todays modern networks in which case
a 100Gbps reference bandwidth is a good estimate or perhaps you wish to future proof your network as many corporations do and
use a reference bandwidth of 1Tbps.
In this lab you will learn how to configure the auto cost reference bandwidth on all routers in the OSPF autonomous system to ensure
proper route metric calculation based on interface speed. To configure the reference bandwidth you use the auto-cost referencebandwidth # command in OSPF router configuration mode whereas # is the Mbps used as the constant in the OSPF metric formula
Metric = (C/Bw)
Familiarize yourself with the following new command(s);

Command

Description

auto-cost referencebandwidth #

This command is executed in OSPF router configuration mode to specify a default auto-cost
reference bandwidth used to dynamically calculate OSPF interface cost.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-auto-cost-reference-bandwidth/[4/12/2015 7:20:51 PM]

Configuring OSPF Auto Cost Reference Bandwidth | Free CCNA Workbook

The following logical topology shown below is used in labs found through out Section 9 Configuring OSPF;

Lab Prerequisites
If you are using GNS3 than load the Stub Area Networking GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.
Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-auto-cost-reference-bandwidth/[4/12/2015 7:20:51 PM]

Configuring OSPF Auto Cost Reference Bandwidth | Free CCNA Workbook

!##################################################
!#

Free CCNA Workbook Lab 9-11 R2 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.90.20.1 255.255.255.0
ip ospf 1 area 2

interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


ip address 10.90.245.2 255.255.255.248

encapsulation frame-relay

!##################################################
ip ospf priority 0
!#
Free1CCNA
Lab 9-11 R3 Initial Config #
ip ospf
areaWorkbook
0

!##################################################
serial restart-delay 0
!no frame-relay inverse-arp

enable
frame map ip 10.90.245.1 221 broadcast
configure
frame mapterminal
ip 10.90.245.4 221
!frame map ip 10.90.245.5 221
hostname
no shut R3

no
! ip domain-lookup

!
interface Serial0/2

interface
Loopback0 LINK TO R3 ###
### POINT-TO-POINT

description
### SIMULATED
NETWORK ###
ip address 10.90.23.1
255.255.255.252
ip address
10.90.30.1
255.255.255.0
ospf 1 area
3

ip ospf 1
area 3
hello-interval
1

!encapsulation ppp

interface
Serial0/1
serial restart-delay
0

description
### POINT-TO-POINT LINK TO R2 ###
no shut
ip
address 10.90.23.2 255.255.255.252
exit

!ip ospf 1 area 3

!##################################################
ip ospf
hello-interval
1
router
ospf
1
!#
Free CCNA
Workbook
Lab 9-11 R4 Initial Config #
encapsulation
ppp
router-id
2.2.2.2

!##################################################
no
shut
log-adjacency-changes
!exit
area 3 stub no-summary
enable
!

configure
router
ospf
1
line con
0terminal

!router-id
3.3.3.3
logging sync

hostname
R4
log-adjacency-changes
no exec-timeout
no
ip domain-lookup
3 stub
!area

!
end

interface
line con 0Loopback0

description
logging sync### SIMULATED NETWORK ###
ip
10.90.40.1 255.255.255.0
no address
exec-timeout

!ip ospf 1 area 4

!
end

interface FastEthernet0/0
description ### REAL NETWORK ###
ip address 10.90.145.1 255.255.255.0
ip ospf 1 area 45

!##################################################
no shut

!#
!

Free CCNA Workbook Lab 9-11 R5 Initial Config #

!##################################################
interface
Serial0/0
!description ### PHYSICAL FRAME RELAY INTERFACE ###
enable
ip address 10.90.245.4 255.255.255.248
configure
terminal
encapsulation
frame-relay
!ip ospf priority 0
hostname
R5area 0
ip ospf 1

no
ip domain-lookup
serial
restart-delay 0

!no frame-relay inverse-arp

interface
frame mapLoopback0
ip 10.90.245.1 421 broadcast
description
SIMULATED421
NETWORK ###
frame map ip###
10.90.245.2
ip address
10.90.50.1
255.255.255.0
frame
map ip
10.90.245.5
421
ip
no ospf
shut 1 area 5

interface FastEthernet0/0
Serial0/1

description ### REAL


NETWORK ###
POINT-TO-POINT
LINK TO R5 ###

ip address 10.90.145.2
255.255.255.0
10.90.45.1 255.255.255.252

ip ospf cost
100
1 area
45
ip
ospf 1 areappp
45
encapsulation

no
shutrestart-delay 0
serial

!no shut

interface
Serial0/0
exit

!description ### PHYSICAL FRAME RELAY INTERFACE ###


ip address
255.255.255.248
router
ospf 10.90.245.5
1
encapsulation
frame-relay
router-id 4.4.4.4
ip
ospf priority 0
log-adjacency-changes

!ip ospf 1 area 0

serial
0
line
conrestart-delay
0

no
frame-relay
inverse-arp
logging
sync

frame
map ip 10.90.245.1 521 broadcast
no exec-timeout

!frame map ip 10.90.245.2 521


frame map ip 10.90.245.4 521
end
no shut

!
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-auto-cost-reference-bandwidth/[4/12/2015
7:20:51 PM]

Configuring OSPF Auto Cost Reference Bandwidth | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 9-X SW1 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname SW1
no ip domain-lookup
!
line con 0
logging sync
no exec-timeout

end

Lab Objectives
Configure the OSPF Auto Cost Reference Bandwidth on all OSPF routers in the topology to 1Tbps.
Verify your configuration by viewing the routing table and manually calculating the metric for a T1

Lab Instruction
Objective 1. Configure the OSPF Auto Cost Reference Bandwidth on all OSPF routers in the topology to 1Tbps.
1Tbps = 1000000Mbps as shown below;
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router ospf 1
R1(config-router)#auto-cost reference-bandwidth 1000000
% OSPF: Reference bandwidth is changed.
Please ensure reference bandwidth is consistent across all routers.
R1(config-router)#end
R1#

R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#router ospf 1
R2(config-router)#auto-cost reference-bandwidth 1000000
% OSPF: Reference bandwidth is changed.
Please ensure reference bandwidth is consistent across all routers.
R2(config-router)#end
R2#

R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#router ospf 1
R3(config-router)#auto-cost reference-bandwidth 1000000
% OSPF: Reference bandwidth is changed.
Please ensure reference bandwidth is consistent across all routers.
R3(config-router)#end
R3#

R4#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#router ospf 1
R4(config-router)#auto-cost reference-bandwidth 1000000
% OSPF: Reference bandwidth is changed.
Please ensure reference bandwidth is consistent across all routers.
R4(config-router)#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-auto-cost-reference-bandwidth/[4/12/2015 7:20:51 PM]

Configuring OSPF Auto Cost Reference Bandwidth | Free CCNA Workbook

end
R4#

R5#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R5(config)#router ospf 1
R5(config-router)#auto-cost reference-bandwidth 1000000
% OSPF: Reference bandwidth is changed.
Please ensure reference bandwidth is consistent across all routers.
R5(config-router)#end
R5#
Objective 2. Verify your configuration by viewing the routing table and manually calculating the metric for a T1
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 9 subnets, 4 masks
10.90.50.1/32 [110/65536] via 10.90.245.5, 00:06:04, Serial0/0
10.90.40.1/32 [110/65536] via 10.90.245.4, 00:06:04, Serial0/0
10.90.23.0/30 [110/131070] via 10.90.245.2, 00:05:53, Serial0/0
10.90.30.1/32 [110/131071] via 10.90.245.2, 00:05:53, Serial0/0
10.90.145..0/24 [110/65635] via 10.90.245.5, 00:05:24, Serial0/0
10.90.45.0/30 [110/131070] via 10.90.245.5, 00:05:14, Serial0/0
[110/131070] via 10.90.245.4, 00:05:14, Serial0/0
O IA
10.90.20.1/32 [110/65536] via 10.90.245.2, 00:06:04, Serial0/0
C
10.90.10.0/24 is directly connected, Loopback0
C
10.90.245.0/29 is directly connected, Serial0/0
R1#
O
O
O
O
O
O

IA
IA
IA
IA
IA
IA

To calculate the auto-cost metric for a T1 well use the following route shown below;
O IA

10.90.20.1/32 [110/65536] via 10.90.245.2, 00:06:04, Serial0/0

First off we know the formula is Metric = (10^12/bw) in which case we also know the bandwidth of the interface which is 1544; so to
calculate the T1 auto-cost metric the math would be; metric = (10^12/1,544,000) in which case equals 647668.
Okay so something does not add up; the metric on the router shows 65536 but the metric calculated shown above does not match
the route metric in the actual routing table? To answer this question you must think back to the operation of OSPF; this is due to the
maximum metric per interface being 65536. This is the worst possible metric given to a single hop.
Keep in mind setting the OSPF auto-cost reference-bandwidth to 1Tbps can hurt your network more then it can help it. This is due to
the fact that any link slower then ~15Mbps will get the max metric of 65536 per hop, in which case OSPF cannot tell the difference
between a T1 and 10Mbps WAN link and thus will install both routes as equal cost routes to the destination in the routing table
resulting in sub-optimal routing. CEF will load-share based on per destination hashing which can result in unintended network
operation such as all traffic going to one server takes the slow path over the faster path.
In todays network it is best to set the OSPF auto-cost reference-bandwidth too 100Gbps using the auto-cost reference-bandwidth
100000 command in router configuration mode. In which case a full T1 would get a metric of 64766.

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-auto-cost-reference-bandwidth/[4/12/2015 7:20:51 PM]

Next Lab

Configuring OSPF Auto Cost Reference Bandwidth | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-auto-cost-reference-bandwidth/[4/12/2015 7:20:51 PM]

Configuring OSPF Passive Interface | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring OSPF Passive Interface

As like EIGRP, the OSPF routing protocol also supports the passive interface where you have the ability to enable
OSPF on the interface but not form relationships with neighbors on it. This lab will discuss and demonstrate the
configuration and verification of passive OSPF interfaces.

Real World Application & Core Knowledge


If youve completed Lab 8-7 Configuring EIGRP Passive Interface then you should have a firm understanding of how passive
interface works and what it does.
If not then to summarize passive-interface up in one paragraph; its a feature you enable on a per interface basis which allows a
particular interface to participate in a routing process but prevents that interface from forming neighbor relationships by not sending
hello packets and discarding received hello packets.
So youre probably wondering what is this feature good for? Lets say you have a layer 2 access switch and all layer 3 functions of the
network occur at the distribution layer. In this case you would not want the router(s) sending hello packets down to the access switch
but youd still want the links participating in a routing protocol to be advertised dynamically. In this case youd need to use the
passive interface feature.
You configure a passive interface in OSPF the same way you do in EIGRP and RIP by using the passive-interface interfacename#/#
in router configuration mode.
In this lab youll be configuring the LAN interfaces on R4 and R5 as passive interfaces to ensure they do not form a neighbor
relationship with each other however they must advertise the LAN network 10.90.145.0/24 into the OSPF autonomous system.
Familiarize yourself with the following new command(s);

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-passive-interface/[4/12/2015 7:21:11 PM]

Configuring OSPF Passive Interface | Free CCNA Workbook

Command

Description

passive-interface interfacename#/#

This command is executed in router configuration mode to specify a particular interface


as a passive-interface in the dynamic routing process. A passive interface does not send
or process received hellos thus not forming a neighbor relationship or advertising
routes.

The following logical topology shown below is used in labs found through out Section 9 Configuring OSPF;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.
Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-passive-interface/[4/12/2015 7:21:11 PM]

Configuring OSPF Passive Interface | Free CCNA Workbook

!##################################################
!#

Free CCNA Workbook Lab 9-12 R2 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.90.20.1 255.255.255.0
ip ospf 1 area 2

interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


ip address 10.90.245.2 255.255.255.248

encapsulation frame-relay

!##################################################
ip ospf priority 0
!#
Free1CCNA
Lab 9-12 R3 Initial Config #
ip ospf
areaWorkbook
0

!##################################################
serial restart-delay 0
!no frame-relay inverse-arp

enable
frame map ip 10.90.245.1 221 broadcast
configure
frame mapterminal
ip 10.90.245.4 221
!frame map ip 10.90.245.5 221
hostname
no shut R3

no
! ip domain-lookup

!
interface Serial0/2

interface
Loopback0 LINK TO R3 ###
### POINT-TO-POINT

description
### SIMULATED
NETWORK ###
ip address 10.90.23.1
255.255.255.252
ip address
10.90.30.1
255.255.255.0
ospf 1 area
3

ip ospf 1
area 3
hello-interval
1

!encapsulation ppp

interface
Serial0/1
serial restart-delay
0

description
### POINT-TO-POINT LINK TO R2 ###
no shut
ip
address 10.90.23.2 255.255.255.252
exit

!ip ospf 1 area 3

!##################################################
ip ospf
hello-interval
1
router
ospf
1
!#
Free CCNA
Workbook
Lab 9-12 R4 Initial Config #
encapsulation
ppp
router-id
2.2.2.2

!##################################################
no
shut
auto-cost
reference-bandwidth 100000
!exit
log-adjacency-changes

enable
!area 3 stub no-summary
configure
terminal
router
ospf
1
!

!
router-id
line
con 0 3.3.3.3

hostname
log-adjacency-changes
logging R4
sync

no
domain-lookup
auto-cost
reference-bandwidth 100000
noip
exec-timeout

!area 3 stub

interface
Loopback0
!
end

description
### SIMULATED NETWORK ###
line
con 0
ip address
10.90.40.1 255.255.255.0
logging
sync
ip exec-timeout
ospf 1 area 4
no

interface FastEthernet0/0
end

description ### REAL NETWORK ###

ip address 10.90.145.1 255.255.255.0


ip ospf 1 area 45

!##################################################
no shut

!#
!

Free CCNA Workbook Lab 9-12 R5 Initial Config #

!##################################################
interface
Serial0/0
!description ### PHYSICAL FRAME RELAY INTERFACE ###
enable
ip address 10.90.245.4 255.255.255.248
configure
terminal
encapsulation
frame-relay
!ip ospf priority 0
hostname
R5area 0
ip ospf 1

no
ip domain-lookup
serial
restart-delay 0

!no frame-relay inverse-arp

interface
frame mapLoopback0
ip 10.90.245.1 421 broadcast
description
SIMULATED421
NETWORK ###
frame map ip###
10.90.245.2
ip address
10.90.50.1
255.255.255.0
frame
map ip
10.90.245.5
421
ip
no ospf
shut 1 area 5

interface FastEthernet0/0
Serial0/1

description ### REAL


NETWORK ###
POINT-TO-POINT
LINK TO R5 ###

ip address 10.90.145.2
255.255.255.0
10.90.45.1 255.255.255.252

ip ospf cost
100
1 area
45
ip
ospf 1 areappp
45
encapsulation

no
shutrestart-delay 0
serial

!no shut

interface
Serial0/0
exit

!description ### PHYSICAL FRAME RELAY INTERFACE ###


ip address
255.255.255.248
router
ospf 10.90.245.5
1
encapsulation
frame-relay
router-id 4.4.4.4

ip
ospf priority
0
auto-cost
reference-bandwidth
100000
ip
ospf 1 area 0
log-adjacency-changes

!serial restart-delay 0

no frame-relay
inverse-arp
line
con 0

frame
map
ip 10.90.245.1 521 broadcast
logging
sync
frame
map ip 10.90.245.2 521
no exec-timeout

!frame map ip 10.90.245.4 521


no shut
end

!
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-passive-interface/[4/12/2015
7:21:11 PM]

Configuring OSPF Passive Interface | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 9-X SW1 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname SW1
no ip domain-lookup
!
line con 0
logging sync
no exec-timeout

end

Lab Objectives
Configure R4 and R5s LAN interfaces (FastEthernet0/0) as passive interfaces to ensure R4 and R5 never become neighbors
over through the LAN.
Verify on R1 that the routes to R4 and R5s connected LAN is still in the routing table.

Lab Instruction
Objective 1. Configure R4 and R5s LAN interfaces (FastEthernet0/0) as passive interfaces to ensure R4 and R5 never become
neighbors over through the LAN.
R4#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#router ospf 1
R4(config-router)#passive-interface FastEthernet0/0
%OSPF-5-ADJCHG: Process 1, Nbr 5.5.5.5 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Int
erface down or detached
R4(config-router)#end
R4#
%SYS-5-CONFIG_I: Configured from console by console
R4#

R5#
%OSPF-5-ADJCHG: Process 1, Nbr 4.4.4.4 on FastEthernet0/0 from FULL
to DOWN, Neighbor Down: Interface down or detached
R5#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R5(config)#router ospf 1
R5(config-router)#passive-interface FastEthernet0/0
R5(config-router)#end
R5#
*Jul 12 20:06:16.183: %SYS-5-CONFIG_I: Configured from console by console
R5#
Objective 2. Verify on R1 that the routes to R4 and R5s connected LAN is still in the routing table.
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-passive-interface/[4/12/2015 7:21:11 PM]

Configuring OSPF Passive Interface | Free CCNA Workbook

10.0.0.0/8 is variably subnetted, 9 subnets, 4 masks


10.90.50.1/32 [110/64767] via 10.90.245.5, 00:46:01, Serial0/0
10.90.40.1/32 [110/64767] via 10.90.245.4, 00:46:01, Serial0/0
10.90.23.0/30 [110/129532] via 10.90.245.2, 00:45:51, Serial0/0
10.90.30.1/32 [110/129533] via 10.90.245.2, 00:36:08, Serial0/0
10.90.145.0/24 [110/64866] via 10.90.245.5, 00:00:27, Serial0/0
10.90.45.0/30 [110/129532] via 10.90.245.5, 00:45:51, Serial0/0
[110/129532] via 10.90.245.4, 00:45:51, Serial0/0
O IA
10.90.20.1/32 [110/64767] via 10.90.245.2, 00:46:02, Serial0/0
C
10.90.10.0/24 is directly connected, Loopback0
C
10.90.245.0/29 is directly connected, Serial0/0
R1#
O
O
O
O
O
O

IA
IA
IA
IA
IA
IA

As you can see from the routing table of R1 shown above that to get to the 10.90.145.0/24 network from R1 the next hop is R5. If you
view the interface configuration on R5 youll see it has an ospf cost of 100 as previously configured in Lab 9-10 Configuring OSPF
Interface Cost before the auto-cost reference-bandwidth was changed in Lab 9-11 Configuring OSPF Auto Cost Reference
Bandwidth to ensure traffic coming from R1 would take R4 to get to 10.90.145.0/24 as R4 used the default cost reference which
gave its FastEthernet0/0 interface a cost of 1 thus the ip ospf cost 100 on R5s FastEthernet0/0 interface would be a higher. But after
the auto cost reference bandwidth change R5 became the preferred route as OSPF dynamically calculated a higher cost then 100
for R4 to its FastEthernet0/0.
To resolve this you can change the cost on R5s FastEthernet0/0 interface to 65535 as shown below;
R5#configure terminal
Enter configuration commands, one per line.
R5(config)#interface FastEthernet0/0
R5(config-if)#ip ospf cost 65535
R5(config-if)#end
R5#

End with CNTL/Z.

View R1s routing table as shown below; youll notice that the R1 now has the correct route to 10.90.145.0/24 through R4.
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 9 subnets, 4 masks
10.90.50.1/32 [110/64767] via 10.90.245.5, 00:55:05, Serial0/0
10.90.40.1/32 [110/64767] via 10.90.245.4, 00:55:05, Serial0/0
10.90.23.0/30 [110/129532] via 10.90.245.2, 00:54:55, Serial0/0
10.90.30.1/32 [110/129533] via 10.90.245.2, 00:45:11, Serial0/0
10.90.145.0/24 [110/65766] via 10.90.245.4, 00:01:05, Serial0/0
10.90.45.0/30 [110/129532] via 10.90.245.5, 00:54:55, Serial0/0
[110/129532] via 10.90.245.4, 00:54:55, Serial0/0
O IA
10.90.20.1/32 [110/64767] via 10.90.245.2, 00:55:05, Serial0/0
C
10.90.10.0/24 is directly connected, Loopback0
C
10.90.245.0/29 is directly connected, Serial0/0
R1#
O
O
O
O
O
O

IA
IA
IA
IA
IA
IA

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-passive-interface/[4/12/2015 7:21:11 PM]

Next Lab

Configuring OSPF Passive Interface | Free CCNA Workbook

Like

13 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-passive-interface/[4/12/2015 7:21:11 PM]

Configuring OSPF Maximum Paths | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring OSPF Maximum Paths

By default OSPF supports a maximum of 4 paths to be installed to a single network with an identical metric. This
however can be changed to a maximum of 16. This lab will discuss and demonstrate the configuration and verification
of OSPF maximum paths.

Real World Application & Core Knowledge


If youve completed Lab 8-6 Configuring EIGRP Maximum Paths then you should know how maximum paths works when
configured in a dynamic routing protocol.
Like EIGRP, OSPF has the same feature allowing you to administratively configure how many maximum paths OSPF will inject into
the routing table with the same metric to the same destination network to load balance over.
By default, OSPF has a maximum path variable of 4, meaning that OSPF will install 4 routes into the routing table with the same
metric/destination to load balance over. For example; you have 4 point-to-point T1s from a branch location to the central office,
OSPF by default will load balance across these 4 links if they are independently configured. However if they are in a PPP Multi-link
group they will operate as a single 6Mbps link.
To configure the maximum paths variable youd use the maximum-paths # command in router configuration mode.
In this lab you will configure R1 to use only 1 path to get to a destination network.
Familiarize yourself with the following new command(s);

Command

Description

maximum-paths #

This command is executed in router configuration mode to set how many equal metric paths
that the routing can install into the routing table for load balancing.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-maximum-paths/[4/12/2015 7:21:31 PM]

Configuring OSPF Maximum Paths | Free CCNA Workbook

The following logical topology shown below is used in labs found through out Section 9 Configuring OSPF;

Lab Prerequisites
If you are using GNS3 than load the Stub Area Networking GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.
Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-maximum-paths/[4/12/2015 7:21:31 PM]

Configuring OSPF Maximum Paths | Free CCNA Workbook

!##################################################
!#

Free CCNA Workbook Lab 9-13 R2 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.90.20.1 255.255.255.0
ip ospf 1 area 2

interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


ip address 10.90.245.2 255.255.255.248

encapsulation frame-relay

!##################################################
ip ospf priority 0
!#
Free1CCNA
Lab 9-13 R3 Initial Config #
ip ospf
areaWorkbook
0

!##################################################
serial restart-delay 0
!no frame-relay inverse-arp

enable
frame map ip 10.90.245.1 221 broadcast
configure
frame mapterminal
ip 10.90.245.4 221
!frame map ip 10.90.245.5 221
hostname
no shut R3

no
! ip domain-lookup

!
interface Serial0/2

interface
Loopback0 LINK TO R3 ###
### POINT-TO-POINT

description
### SIMULATED
NETWORK ###
ip address 10.90.23.1
255.255.255.252
ip address
10.90.30.1
255.255.255.0
ospf 1 area
3

ip ospf 1
area 3
hello-interval
1

!encapsulation ppp

interface
Serial0/1
serial restart-delay
0

description
### POINT-TO-POINT LINK TO R2 ###
no shut
ip
address 10.90.23.2 255.255.255.252
exit

!ip ospf 1 area 3

!##################################################
ip ospf
hello-interval
1
router
ospf
1
!#
Free CCNA
Workbook
Lab 9-13 R4 Initial Config #
encapsulation
ppp
router-id
2.2.2.2

!##################################################
no
shut
auto-cost
reference-bandwidth 100000
!exit
log-adjacency-changes

enable
!area 3 stub no-summary
configure
terminal
router
ospf
1
!

!
router-id
line
con 0 3.3.3.3

hostname
log-adjacency-changes
logging R4
sync

no
domain-lookup
auto-cost
reference-bandwidth 100000
noip
exec-timeout

!area 3 stub

interface
Loopback0
!
end

description
### SIMULATED NETWORK ###
line
con 0
ip address
10.90.40.1 255.255.255.0
logging
sync
ip exec-timeout
ospf 1 area 4
no

interface FastEthernet0/0
end

description ### REAL NETWORK ###

ip address 10.90.145.1 255.255.255.0


ip ospf 1 area 45

!##################################################
no shut

!#
!

Free CCNA Workbook Lab 9-13 R5 Initial Config #

!##################################################
interface
Serial0/0
!description ### PHYSICAL FRAME RELAY INTERFACE ###
enable
ip address 10.90.245.4 255.255.255.248
configure
terminal
encapsulation
frame-relay
!ip ospf priority 0
hostname
R5area 0
ip ospf 1

no
ip domain-lookup
serial
restart-delay 0

!no frame-relay inverse-arp

interface
frame mapLoopback0
ip 10.90.245.1 421 broadcast
description
SIMULATED421
NETWORK ###
frame map ip###
10.90.245.2
ip address
10.90.50.1
255.255.255.0
frame
map ip
10.90.245.5
421
ip
no ospf
shut 1 area 5

interface FastEthernet0/0
Serial0/1

description ### REAL


NETWORK ###
POINT-TO-POINT
LINK TO R5 ###

ip address 10.90.145.2
255.255.255.0
10.90.45.1 255.255.255.252

ip ospf cost
65535
1 area
45
ip
ospf 1 areappp
45
encapsulation

no
shutrestart-delay 0
serial

!no shut

interface
Serial0/0
exit

!description ### PHYSICAL FRAME RELAY INTERFACE ###


ip address
255.255.255.248
router
ospf 10.90.245.5
1
encapsulation
frame-relay
router-id 4.4.4.4

ip
ospf priority
0
auto-cost
reference-bandwidth
100000
ip
ospf 1 area 0
log-adjacency-changes

serial
restart-delay
0
passive-interface
fastethernet0/0

!no frame-relay inverse-arp

frame
map
line
con
0 ip 10.90.245.1 521 broadcast
frame
map
ip 10.90.245.2 521
logging
sync
frame
map ip 10.90.245.4 521
no
exec-timeout

!no shut

!
end
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-maximum-paths/[4/12/2015
7:21:31 PM]

Configuring OSPF Maximum Paths | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 9-X SW1 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname SW1
no ip domain-lookup
!
line con 0
logging sync
no exec-timeout

end

Lab Objectives
View the routing table on R1 and check if any routes are being load balanced.
Configure R1 to use no more then 1 path to get to any given destination.
View R1s routing table again and verify that network 10.90.45.0/30 is no longer load balanced between R4 and R5.

Lab Instruction
Objective 1. View the routing table on R1 and check if any routes are being load balanced.
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 9 subnets, 4 masks
10.90.50.1/32 [110/64767] via 10.90.245.5, 01:12:43, Serial0/0
10.90.40.1/32 [110/64767] via 10.90.245.4, 01:12:43, Serial0/0
10.90.23.0/30 [110/129532] via 10.90.245.2, 01:12:33, Serial0/0
10.90.30.1/32 [110/129533] via 10.90.245.2, 01:02:49, Serial0/0
10.90.145.0/24 [110/65766] via 10.90.245.4, 00:18:43, Serial0/0
10.90.45.0/30 [110/129532] via 10.90.245.5, 01:12:32, Serial0/0
[110/129532] via 10.90.245.4, 01:12:33, Serial0/0
O IA
10.90.20.1/32 [110/64767] via 10.90.245.2, 01:12:43, Serial0/0
C
10.90.10.0/24 is directly connected, Loopback0
C
10.90.245.0/29 is directly connected, Serial0/0
R1#
O
O
O
O
O
O

IA
IA
IA
IA
IA
IA

As you can see from R1s routing table shown above that R1 is load balancing traffic to the 10.90.45.0/30 destination.

Objective 2. Configure R1 to use no more then 1 path to get to any given destination.
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router ospf 1
R1(config-router)#maximum-paths 1
R1(config-router)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-maximum-paths/[4/12/2015 7:21:31 PM]

Configuring OSPF Maximum Paths | Free CCNA Workbook

Objective 3. View R1s routing table again and verify that network 10.90.45.0/30 is no longer load balanced between R4 and R5.
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
O IA
O IA
O IA
O IA
O IA
O IA
O IA
C
C
R1#

10.0.0.0/8 is variably subnetted, 9 subnets, 4 masks


10.90.50.1/32 [110/64767] via 10.90.245.5, 00:00:42, Serial0/0
10.90.40.1/32 [110/64767] via 10.90.245.4, 00:00:42, Serial0/0
10.90.23.0/30 [110/129532] via 10.90.245.2, 00:00:42, Serial0/0
10.90.30.1/32 [110/129533] via 10.90.245.2, 00:00:42, Serial0/0
10.90.145.0/24 [110/65766] via 10.90.245.4, 00:00:42, Serial0/0
10.90.45.0/30 [110/129532] via 10.90.245.5, 00:00:42, Serial0/0
10.90.20.1/32 [110/64767] via 10.90.245.2, 00:00:42, Serial0/0
10.90.10.0/24 is directly connected, Loopback0
10.90.245.0/29 is directly connected, Serial0/0

After configuring the maximum paths in OSPF to 1 youll see that R1 no longer load balances to 10.90.45.0/30 as shown above in
R1s routing table.

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-maximum-paths/[4/12/2015 7:21:31 PM]

GNS3 - Cisco Device Emulator


Download

Configuring OSPF Maximum Paths | Free CCNA Workbook

Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco
CCNA labs that can be completed using
the GNS3 platform.

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-maximum-paths/[4/12/2015 7:21:31 PM]

Configuring OSPF Route Summarization | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring OSPF Route Summarization

Route summarization in OSPF can only be done in two places in OSPF due to the operational nature of protocol.
Because the link state database must be the identical everywhere you cant just do it in random places. This lab will
discuss and demonstrate the configuration and verification of OSPF route summarization.

Real World Application & Core Knowledge


If you have completed Lab 7-8 Configuring RIP Route Summarization and Lab 8-8 Configuring EIGRP Route Summarization then
youre no stranger to configuring route summarization.
In a nut shell, route summarization is the process of summarizing subnets into a larger subnet to be advertised to upstream routers
for ease of management/troubleshooting and resource conservation.
However when working with OSPF you can only summarize at an ABR or ASBR. There are two types of summarization in OSPF;
Inter-Area Summarization and External Summarization.
Inter-Area route summarization can only be done on the Area Boarder Router (ABR) and summarize routes from a particular area
into the backbone area.
External Route summarization can only be done on an ASBR and summarizes routes to an external destination.
To configure Inter-Area summarization, youll use the area # range network netmask command in OSPF router configuration mode.
This command can only be issued on an ABR.
To configure External Route summarization youd use the summary-address network netmask command in router configuration
mode. This command can be executed on any OSPF router but will only function on ASBRs.
In this lab youre going to create 4 new loopback interfaces on R4 located in Area 44 then create a summary route advertising all 4

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-route-summarization/[4/12/2015 7:21:48 PM]

Configuring OSPF Route Summarization | Free CCNA Workbook

routes as a single route into the backbone area.


Familiarize yourself with the following new command(s);

Command

Description

area # range network netmask

This command is executed in OSPF router configuration mode on an Area Boarder


Router (ABR) to configure Inter-Area route summarization. These summary routes will
be advertised into the OSPF backbone area (Area 0).

summary-address network netmask

This command is executed in OSPF router configuration mode on an Autonomous


System Boundary Router (ASBR) to configure External route summarization.

The following logical topology shown below is used in labs found through out Section 9 Configuring OSPF;

Lab Prerequisites

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-route-summarization/[4/12/2015 7:21:48 PM]

Configuring OSPF Route Summarization | Free CCNA Workbook

If you are using GNS3 than load the Stub Area Networking GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.
Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

!##################################################
!#

Free CCNA Workbook Lab 9-14 R2 Initial Config #

!##################################################
!

enable
configure terminal
!

hostname R2

no ip domain-lookup
!
interface Loopback0

description ### SIMULATED NETWORK ###


ip address 10.90.20.1 255.255.255.0

ip ospf 1 area 2

interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


ip address 10.90.245.2 255.255.255.248

encapsulation frame-relay

!##################################################
ip ospf priority 0
!#
Free1CCNA
Lab 9-14 R3 Initial Config #
ip ospf
areaWorkbook
0

!##################################################
serial restart-delay 0
!no frame-relay inverse-arp

enable
frame map ip 10.90.245.1 221 broadcast
configure
frame mapterminal
ip 10.90.245.4 221
!frame map ip 10.90.245.5 221
hostname
no shut R3

no
! ip domain-lookup

!
interface Serial0/2

interface
Loopback0 LINK TO R3 ###
### POINT-TO-POINT

description
### SIMULATED
NETWORK ###
ip address 10.90.23.1
255.255.255.252
ip address
10.90.30.1
255.255.255.0
ospf 1 area
3

ip ospf 1
area 3
hello-interval
1

!encapsulation ppp

interface
Serial0/1
serial restart-delay
0

description
### POINT-TO-POINT LINK TO R2 ###
no shut
ip
address 10.90.23.2 255.255.255.252
exit

!ip ospf 1 area 3

!##################################################
ip ospf
hello-interval
1
router
ospf
1
!#
Free CCNA
Workbook
Lab 9-14 R4 Initial Config #
encapsulation
ppp
router-id
2.2.2.2

!##################################################
no
shut
auto-cost
reference-bandwidth 100000
!exit
log-adjacency-changes

enable
!area 3 stub no-summary
configure
terminal
router
ospf
1
!

!
router-id
line
con 0 3.3.3.3

hostname
log-adjacency-changes
logging R4
sync

no
domain-lookup
auto-cost
reference-bandwidth 100000
noip
exec-timeout

!area 3 stub

interface
Loopback0
!
end

description
### SIMULATED NETWORK ###
line
con 0
ip address
10.90.40.1 255.255.255.0
logging
sync
ip exec-timeout
ospf 1 area 4
no

interface FastEthernet0/0
end

description ### REAL NETWORK ###

ip address 10.90.145.1 255.255.255.0


ip ospf 1 area 45

!##################################################
no shut

!#
!

Free CCNA Workbook Lab 9-14 R5 Initial Config #

!##################################################
interface
Serial0/0
!description ### PHYSICAL FRAME RELAY INTERFACE ###
enable
ip address 10.90.245.4 255.255.255.248
configure
terminal
encapsulation
frame-relay
!ip ospf priority 0
hostname
R5area 0
ip ospf 1

no
ip domain-lookup
serial
restart-delay 0

!no frame-relay inverse-arp

interface
frame mapLoopback0
ip 10.90.245.1 421 broadcast
description
SIMULATED421
NETWORK ###
frame map ip###
10.90.245.2
ip address
10.90.50.1
255.255.255.0
frame
map ip
10.90.245.5
421
ip
no ospf
shut 1 area 5

interface FastEthernet0/0
Serial0/1

description ### REAL


NETWORK ###
POINT-TO-POINT
LINK TO R5 ###

ip address 10.90.145..2
255.255.255.0
10.90.45.1 255.255.255.252
ip ospf cost
65535
1 area
45
ip
ospf 1 areappp
45
encapsulation

no
shutrestart-delay 0
serial

!no shut

interface
Serial0/0
exit
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-route-summarization/[4/12/2015
7:21:48 PM]

Configuring OSPF Route Summarization | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 9-X SW1 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname SW1
no ip domain-lookup
!
line con 0
logging sync
no exec-timeout

end

Lab Objectives
Create 4 new loopback interfaces on R4 located in Area 44 using the ip addresses 10.44.4.0/24, 10.44.5.0/24, 10.44.6.0/24
and 10.44.7.0/24
Configure R4 to advertise a single Inter-Area summary route into the OSPF backbone that encompasses all 4 routes.
Verify that the summary route is being propagated correctly by viewing the routing table on R1.

Lab Instruction
Objective 1. Create 4 new loopback interfaces on R4 located in Area 44 using the ip addresses 10.44.4.0/24, 10.44.5.0/24,
10.44.6.0/24 and 10.44.7.0/24
R4#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#interface loopback4
R4(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback4, changed
R4(config-if)#ip add 10.44.4.1 255.255.255.0
R4(config-if)#ip ospf 1 area 44
R4(config-if)#interface loopback5
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback5, changed
R4(config-if)#ip add 10.44.5.1 255.255.255.0
R4(config-if)#ip ospf 1 area 44
R4(config-if)#interface loopback6
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback6, changed
R4(config-if)#ip add 10.44.6.1 255.255.255.0
R4(config-if)#ip ospf 1 area 44
R4(config-if)#interface loopback7
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback7, changed
R4(config-if)#ip add 10.44.7.1 255.255.255.0
R4(config-if)#ip ospf 1 area 44
R4(config-if)#end
R4#

state to up

state to up

state to up

state to up

Objective 2. Configure R4 to advertise a single Inter-Area summary route into the OSPF backbone that encompasses all 4 routes.
R4#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R4(config)#router ospf 1
R4(config-router)#area 44 range 10.44.4.0 255.255.252.0
R4(config-router)#end
R4#
%SYS-5-CONFIG_I: Configured from console by console
R4#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-route-summarization/[4/12/2015 7:21:48 PM]

Configuring OSPF Route Summarization | Free CCNA Workbook

Objective 3. Verify that the summary route is being propagated correctly by viewing the routing table on R1.
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
O IA
O IA
O IA
O IA
O IA
O IA
O IA
O IA
C
C
R1#

10.0.0.0/8 is variably subnetted, 10 subnets, 5 masks


10.90.50.1/32 [110/64767] via 10.90.245.5, 00:43:29, Serial0/0
10.90.40.1/32 [110/64767] via 10.90.245.4, 00:43:29, Serial0/0
10.90.23.0/30 [110/129532] via 10.90.245.2, 00:43:29, Serial0/0
10.90.30.1/32 [110/129533] via 10.90.245.2, 00:43:29, Serial0/0
10.44.4.0/22 [110/64767] via 10.90.245.4, 00:00:57, Serial0/0
10.90.145..0/24 [110/65766] via 10.90.245.4, 00:43:29, Serial0/0
10.90.45.0/30 [110/129532] via 10.90.245.5, 00:43:29, Serial0/0
10.90.20.1/32 [110/64767] via 10.90.245.2, 00:43:29, Serial0/0
10.90.10.0/24 is directly connected, Loopback0
10.90.245.0/29 is directly connected, Serial0/0

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right

Junos Workbook | Free Juniper

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-route-summarization/[4/12/2015 7:21:48 PM]

Configuring OSPF Route Summarization | Free CCNA Workbook

CCNA labs that can be completed using


the GNS3 platform.

mind would build a perimeter using

JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-route-summarization/[4/12/2015 7:21:48 PM]

Configuring OSPF Default Route Propagation | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring OSPF Default Route Propagation

Advertising a default route into OSPF can be done multiple ways, through the use of redistribution or default
information originate. This lab will discuss and demonstrate the configuration and verification of OSPF default route
propagation.

Real World Application & Core Knowledge


Configuring OSPF to advertise a default route through out the OSPF domain is very similar configuring the default route propagation
in the Routing Information Protocol (RIP) found in Lab 7-7 Configuring Rip Default Information Originate except there are two
differences.
In RIP you use the default-information originate command in RIP router configuration mode and this will advertise a default route
through out the RIP domain. However if you issue this command in OSPF router configuration mode this will advertise a default route
from the router as a type 5 LSA in a normal area (Non-Backbone/Non Stub Area). This command will not advertise a default route
unless a static default route exist on the router youve issued this command on.
In order to advertise a default route through out area 0 such as a route to an ISP you can use the default-information originate always
in OSPF router configuration mode which will advertises a type 3 0.0.0.0/0 LSA to the entire network or you can redistribute a static
default route into the OSPF routing process which will be discussed in Section 10.
In this lab you will configure R1 to advertise a default route to all routers in the OSPF autonomous system.
Familiarize yourself with the following new command(s);

Command

Description

default-information originate

This command is executed in OSPF router configuration mode to advertise the default route as

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-default-route-propagation/[4/12/2015 7:22:08 PM]

Configuring OSPF Default Route Propagation | Free CCNA Workbook

a type 3 Summary LSA to 0.0.0.0/0 only if a default route already exist in the routing table.
default-information originate
always

This command is executed in OSPF router configuration mode to always advertise the default
route as a type 3 Summary LSA to 0.0.0.0/0.

The following logical topology shown below is used in labs found through out Section 9 Configuring OSPF;

Lab Prerequisites
If you are using GNS3 than load the Stub Area Networking GNS3 topology than start devices; R1, R2, R3, R4, R5 and SW1.
Establish a console session with devices R1, R2, R3, R4, R5 and SW1 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-default-route-propagation/[4/12/2015 7:22:08 PM]

Configuring OSPF Default Route Propagation | Free CCNA Workbook

!##################################################
!#

Free CCNA Workbook Lab 9-15 R2 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.90.20.1 255.255.255.0
ip ospf 1 area 2

interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


ip address 10.90.245.2 255.255.255.248

encapsulation frame-relay

!##################################################
ip ospf priority 0
!#
Free1CCNA
Lab 9-15 R3 Initial Config #
ip ospf
areaWorkbook
0

!##################################################
serial restart-delay 0
!no frame-relay inverse-arp

enable
frame map ip 10.90.245.1 221 broadcast
configure
frame mapterminal
ip 10.90.245.4 221
!frame map ip 10.90.245.5 221
hostname
no shut R3

no
! ip domain-lookup

!
interface Serial0/2

interface
Loopback0 LINK TO R3 ###
### POINT-TO-POINT

description
### SIMULATED
NETWORK ###
ip address 10.90.23.1
255.255.255.252
ip address
10.90.30.1
255.255.255.0
ospf 1 area
3

ip ospf 1
area 3
hello-interval
1

!encapsulation ppp

interface
Serial0/1
serial restart-delay
0

description
### POINT-TO-POINT LINK TO R2 ###
no shut
ip
address 10.90.23.2 255.255.255.252
exit

!ip ospf 1 area 3

!##################################################
ip ospf
hello-interval
1
router
ospf
1
!#
Free CCNA
Workbook
Lab 9-15 R4 Initial Config #
encapsulation
ppp
router-id
2.2.2.2

!##################################################
no
shut
auto-cost
reference-bandwidth 100000
!exit
log-adjacency-changes

enable
!area 3 stub no-summary
configure
terminal
router
ospf
1
!

!
router-id
line
con 0 3.3.3.3

hostname
log-adjacency-changes
logging R4
sync

no
domain-lookup
auto-cost
reference-bandwidth 100000
noip
exec-timeout

!area 3 stub

interface
Loopback0
!
end

description
### SIMULATED NETWORK ###
line
con 0
ip address
10.90.40.1 255.255.255.0
logging
sync
ip exec-timeout
ospf 1 area 4
no

interface Loopback4
end

description ### SIMULATED NETWORK ###


ip address 10.44.4.1 255.255.255.0
ip ospf 1 area 44

!##################################################
!
!#
Free CCNA
Workbook Lab 9-15 R5 Initial Config #
interface
Loopback5

!##################################################
description ### SIMULATED NETWORK ###
!ip address 10.44.5.1 255.255.255.0
enable
ip ospf 1 area 44
configure
terminal
!

!
interface Loopback6

hostname
R5 ### SIMULATED NETWORK ###
description
no
domain-lookup
ipip
address
10.44.6.1 255.255.255.0

!ip ospf 1 area 44

interface
Loopback0
!

description
### SIMULATED NETWORK ###
interface
Loopback7
ip
address 10.90.50.1
255.255.255.0
description
### SIMULATED
NETWORK ###

ip ospf
1 area
5
address
10.44.7.1
255.255.255.0

!ip ospf 1 area 44

interface
FastEthernet0/0
!

description
### REAL NETWORK ###
interface
FastEthernet0/0

ip
address 10.90.145.2
255.255.255.0
description
### REAL NETWORK
###

ip ospf
cost
65535
address
10.90.145.1
255.255.255.0
ip ospf 1 area 45
no shut

interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


ip address 10.90.245.5
10.90.245.4 255.255.255.248

encapsulation frame-relay
ip ospf priority 0
ip ospf 1 area 0

serial restart-delay 0

no frame-relay inverse-arp

frame map ip 10.90.245.1 521


421 broadcast
frame map ip 10.90.245.2 521
421
frame map ip 10.90.245.4
10.90.245.5 521
421
no shut

!
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-default-route-propagation/[4/12/2015
7:22:08 PM]

Configuring OSPF Default Route Propagation | Free CCNA Workbook


!##################################################
!#

Free CCNA Workbook Lab 9-X SW1 Initial Config #

!##################################################
!
enable
configure terminal
!
hostname SW1
no ip domain-lookup
!
line con 0
logging sync
no exec-timeout

end

Lab Objectives
Configure R1 to always originate a default route through out the entire OSPF autonomous system.
Verify that the default route is being propagated correctly by viewing the routing table on R4.

Lab Instruction
Objective 1. Configure R1 to always originate a default route through out the entire OSPF autonomous system.
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router ospf 1
R1(config-router)#default-information originate always
R1(config-router)#end
R1#

Objective 2. Verify that the default route is being propagated correctly by viewing the routing table on R4.
R4#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.90.245.1 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 15 subnets, 5 masks
O IA
10.90.50.1/32 [110/64767] via 10.90.245.5, 00:54:52, Serial0/0
C
10.90.40.0/24 is directly connected, Loopback0
O IA
10.90.23.0/30 [110/129532] via 10.90.245.2, 00:54:52, Serial0/0
C
10.44.6.0/24 is directly connected, Loopback6
C
10.44.7.0/24 is directly connected, Loopback7
O IA
10.90.30.1/32 [110/129533] via 10.90.245.2, 00:26:12, Serial0/0
C
10.44.4.0/24 is directly connected, Loopback4
O
10.44.4.0/22 is a summary, 00:54:52, Null0
C
10.44.5.0/24 is directly connected, Loopback5
C
10.90.45.2/32 is directly connected, Serial0/1
C
10.90.145.0/24 is directly connected, FastEthernet0/0
C
10.90.45.0/30 is directly connected, Serial0/1
O IA
10.90.20.1/32 [110/64767] via 10.90.245.2, 00:54:53, Serial0/0
O IA
10.90.10.1/32 [110/64767] via 10.90.245.1, 00:54:53, Serial0/0
C
10.90.245.0/29 is directly connected, Serial0/0
O*E2 0.0.0.0/0 [110/1] via 10.90.245.1, 00:00:17, Serial0/0
R4#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-default-route-propagation/[4/12/2015 7:22:08 PM]

Configuring OSPF Default Route Propagation | Free CCNA Workbook

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ospf-default-route-propagation/[4/12/2015 7:22:08 PM]

Configuring Static Route Redistribution | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Static Route Redistribution

A Common way to get routes into routing protocols is through static route redistribution. This lab will discuss and
demonstrate the configuration and verification of static route redistribution.

Real World Application & Core Knowledge


The most common way to advertise a default route into a routing protocol is via static distribution. What this does is that the router will
take the static routes and translate them into the dynamic routing protocol so that way they can be advertised to neighbors whereas
static routes by themselves are locally significant only.
When advertising a default route via static redistribution you have the ability to dynamically control something that is static. Also keep
in mind you can control which default routes to advertise via a floating static route which would be useful when advertising a default
route to a router which has internet connectivity.
When redistributing static routes you have the ability to manipulate which static routes you want to redistribute into a dynamic routing
protocol using what is called a route-map. Static redistribution is the same process for any dynamic routing protocol and all dynamic
routing protocols rather it be RIP, EIGRP or OSPF, all use the same commands to redistribute the static routes into the routing
process.
To configure static redistribution youll use the redistribute static metric metric# whereas the metric is a statically configured metric
which is assigned to the redistributed route(s). Keep in mind each dynamic routing protocol has a different type of metric. RIP uses
hop counts, EIGRP uses K Values (bandwidth, load, delay, reliability and mtu), OSPF uses a cost based metric. With this in mind,
the configuration for static route redistribution into a dynamic routing protocol will be different based on the routing protocol youre
redistributing into.
In this lab you will configure a static default route on R1 and redistribute that route into RIP.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-static-route-redistribution/[4/12/2015 7:22:28 PM]

Configuring Static Route Redistribution | Free CCNA Workbook

Familiarize yourself with the following new command(s);

Command

Description

redistribute static metric


metric#

This command is executed in router configuration mode rather it be RIP, EIGRP or OSPF to
redistribute local static routes into the dynamic routing process to be dynamically advertised.
The metric is configured differently on a per routing protocol basis.

The following logical topology shown below is used in this lab;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, and R5
Establish a console session with devices R1, R2, R3, R4, and R5 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-static-route-redistribution/[4/12/2015 7:22:28 PM]

Configuring Static Route Redistribution | Free CCNA Workbook

!###################################################
!#

Free CCNA Workbook Lab 10-1 R2 Initial Config

!###################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
encapsulation frame-relay
no frame-relay inverse-arp
no shut
!

interface Serial0/0.221 point-to-point


description ### FRAME RELAY LINK TO R1 ###
ip address 10.101.12.2 255.255.255.0

!###################################################
frame-relay interface-dlci 221
!#
no Free
shut CCNA Workbook Lab 10-1 R3 Initial Config

!###################################################
!
!
interface Serial0/0.223 point-to-point

enable
description ### FRAME RELAY LINK TO R3 ###
configure
terminal
ip address
10.101.23.1 255.255.255.0
!frame-relay interface-dlci 223
hostname
no shut R3

no
! ip domain-lookup

!
router rip

interface
Serial0/0
no auto-summary

description
### PHYSICAL FRAME RELAY INTERFACE ###
version 2
encapsulation
frame-relay
network 10.0.0.0

no
frame-relay inverse-arp
exit

!no shut

exitcon 0
line

!logging sync

interface
Serial0/0.322 point-to-point
no exec-timeout

!description ### FRAME RELAY LINK TO R2 ###

!###################################################
ip address 10.101.23.2 255.255.255.0
end
!#
Free CCNAinterface-dlci
Workbook Lab 10-1
frame-relay
322 R4 Initial Config

!###################################################
no shut
!

enable
interface Serial0/0.324 point-to-point

configure
terminal
description
### PHYSICAL FRAME RELAY INTERFACE ###
!ip address 10.101.34.1 255.255.255.0
hostname
R4 interface-dlci 324
frame-relay
no
domain-lookup
noip
shut

interface
router ripSerial0/0

description
### PHYSICAL FRAME RELAY INTERFACE ###
no auto-summary
encapsulation
frame-relay
version 2

no
frame-relay
inverse-arp
network
10.0.0.0
no
shut
exit

interface
line con 0Serial0/0.423 point-to-point

description
logging sync### FRAME RELAY LINK TO R3 ###
ip exec-timeout
address 10.101.34.2 255.255.255.0
no

!###################################################
!frame-relay interface-dlci 423
!#
no Free
shut CCNA Workbook Lab 10-1 R5 Initial Config
end

!###################################################
!
!
interface Serial0/0.425 point-to-point

enable
description ### FRAME RELAY LINK TO R5 ###
configure
terminal
ip address
10.101.45.1 255.255.255.0
!frame-relay interface-dlci 425
hostname
no shut R5

no
! ip domain-lookup

!
router rip

interface
Serial0/0
no auto-summary

description
### PHYSICAL FRAME RELAY INTERFACE ###
version 2
encapsulation
frame-relay
network 10.0.0.0

no
frame-relay inverse-arp
exit

!no shut

!
line con 0

interface
Serial0/0.524 point-to-point
logging sync

description
### FRAME RELAY LINK TO R5 ###
no exec-timeout

!ip address 10.101.45.2 255.255.255.0


frame-relay interface-dlci 524
end

Lab Objectives
no shut

router rip
no auto-summary
version 2
network 10.0.0.0
exit
!

Create a loopback interface on R1 using the IP address of 172.29.41.1/24

line con 0

logging sync
no exec-timeout
!
end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-static-route-redistribution/[4/12/2015 7:22:28 PM]

Configuring Static Route Redistribution | Free CCNA Workbook

Create a default static route on R1 pointing to 172.29.41.5


Redistribute all static routes into the RIP routing process using a metric of 5
Verify that the static default route being redistributed is properly propagated to R5.

Lab Instruction
Objective 1. Create a loopback interface on R1 using the IP address of 172.29.41.1/24
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface loopback0
R1(config-if)#
*Jul 15 18:56:30.351: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Loopback0, changed state to up
R1(config-if)#ip add 172.29.41.1 255.255.255.0
R1(config-if)#exit
R1(config)#

Objective 2. Create a default static route on R1 pointing to 172.29.41.5


R1(config)#ip route 0.0.0.0 0.0.0.0 172.29.41.5

Objective 3. Redistribute all static routes into the RIP routing process using a metric of 5
R1(config)#router rip
R1(config-router)#redistribute static metric 5

Objective 4. Verify that the static default route being redistributed is properly propagated to R5.
R5#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 10.101.45.1 to network 0.0.0.0
R
R
C
R
R*
R5#

10.0.0.0/24 is subnetted, 4 subnets


10.101.12.0 [120/3] via 10.101.45.1, 00:00:22, Serial0/0.524
10.101.23.0 [120/2] via 10.101.45.1, 00:00:22, Serial0/0.524
10.101.45.0 is directly connected, Serial0/0.524
10.101.34.0 [120/1] via 10.101.45.1, 00:00:22, Serial0/0.524
0.0.0.0/0 [120/8] via 10.101.45.1, 00:00:01, Serial0/0.524

As shown above you can see that a default route is now present in the routing table on R5 learned via RIP.

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-static-route-redistribution/[4/12/2015 7:22:28 PM]

Next Lab

Configuring Static Route Redistribution | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-static-route-redistribution/[4/12/2015 7:22:28 PM]

Configuring Mutual OSPF and RIP Redistribution | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Mutual OSPF and RIP Redistribution

This lab will discuss and demonstrate the configuration and verification of

Real World Application & Core Knowledge


So up until this point youve learnt how to configure different routing protocols such as the Routing Information Protocol (RIP),
Enhanced Interior Gateway Routing protocol (EIGRP) and Open Shortest Path First (OSPF) but now its time to learn how to make
this protocols play nice with each other and share their routes between each other. Its always nice to share things.
First lets look at how route redistribution works in a basic way. In this lab youll be redistributing routes between OSPF and RIP, with
that being said routes from OSPF will appear in RIP marked as a RIP route and RIP routes redistributed will appear in OSPF as an
OSPF E2 route by default.
So for example; lets say you work at ABC Inc. and your corporation buys company XYZ Inc. Your company uses OSPF and XYZ Inc.
uses RIP. During the acquisition youll want to merge infrastructures to ensure information sharing between the already existing
infrastructure to the newly acquired company. In this case youll have to configure redistribution between the two networks. Keep in
mind even redistribution may not work 100% of the time. For example when you purchase a company that uses the same RFC1918
private address space as you. You dont want their routes to 10.50.33.0/24 in your network which has its own route to 10.50.33.0/24,
this would cause serious problems. In cases like these, NAT is used until the issue can be fully addressed.
Route redistribution should NOT be designed into a network from the beginning but should only be used during scenarios where you
need to route between two different autonomous systems running different routing protocols. For example, company acquisitions or
vendor incompatibilities; in which case you have a device that only supports rip but your network runs OSPF. You will need to either
utilize static routing or redistribution.
When you configure redistribution, the command(s) are entered under the routing process configuration mode; in which case you
specify the metric for the redistributed routes when redistributing a particular routing process into the routing process youre currently

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-ospf-and-rip-redistribution/[4/12/2015 7:22:45 PM]

Configuring Mutual OSPF and RIP Redistribution | Free CCNA Workbook

configuring. For example in RIP router configuration mode youd redistribute ospf and specify a hop count metric.
In OSPF router configuration mode, when redistributing RIP routes into OSPF youd specify a COST associated with the routes
redistributed by RIP into OSPF. You can however leave a metric out following the redistribute command specifying a metric is best
practice.
Also a quick note to remember, when configuring route redistribution into EIGRP or OSPF you must use the subnets keyboard
following the specified metric or the routing process will only redistribute a classful network into the routing process.
So now that you have an understanding of mutual route redistribution lets jump into the configuration.
Please review the following command(s) listed below;

Command

Description

redistribute protocol metric


metric info

This command is executed in router configuration mode of RIP, EIGRP or OSPF to configure
the routing process to redistribute routes from a different source into the configured routing
process such as static into RIP or RIP into OSPF. Its best practice to specify a metric.

The following logical topology shown below is used in this lab;

Lab Prerequisites

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-ospf-and-rip-redistribution/[4/12/2015 7:22:45 PM]

Configuring Mutual OSPF and RIP Redistribution | Free CCNA Workbook

If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, and R5
Establish a console session with devices R1, R2, R3, R4, and R5 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

!###################################################
!#

Free CCNA Workbook Lab 10-2 R2 Initial Config

!###################################################
!

enable
configure terminal
!

hostname R2

no ip domain-lookup
!
interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


encapsulation frame-relay

no frame-relay inverse-arp
no shut
!

interface Serial0/0.221 point-to-point


description ### FRAME RELAY LINK TO R1 ###
ip address 10.102.12.2 255.255.255.0

!###################################################
ip ospf 1 area 0
!#
Free CCNAinterface-dlci
Workbook Lab 10-2
frame-relay
221 R3 Initial Config

!###################################################
exit
!

enable
interface Serial0/0.223 point-to-point

configure
terminal
description
### FRAME RELAY LINK TO R3 ###
!ip address 10.102.23.2 255.255.255.0
hostname
ip ospf R3
1 area 0

no
ip domain-lookup
frame-relay
interface-dlci 223

!exit

interface
Serial0/0
!

description
router
ospf 1### PHYSICAL FRAME RELAY INTERFACE ###
encapsulation frame-relay
exit

!no frame-relay inverse-arp


no shut
line
con 0

exit
logging
sync

!no exec-timeout

interface Serial0/0.322 point-to-point


!

description ### FRAME RELAY LINK TO R2 ###


end

!###################################################
ip address 10.102.23.3 255.255.255.0
!#
Workbook
Lab 10-2 R4 Initial Config
ip Free
ospf CCNA
1 area
0

!###################################################
frame-relay interface-dlci 322
!exit

enable
!

configure
interface terminal
Serial0/0.324 point-to-point

!description ### PHYSICAL FRAME RELAY INTERFACE ###


hostname
R4 172.29.34.3 255.255.255.0
ip address
no
ip domain-lookup
frame-relay
interface-dlci 324

!no shut

interface
Serial0/0
!

description
router
ospf 1### PHYSICAL FRAME RELAY INTERFACE ###
encapsulation frame-relay
exit

!no frame-relay inverse-arp


no shut
router
rip
!version 2

interface
no auto Serial0/0.423 point-to-point

description
### FRAME RELAY LINK TO R3 ###
network
172.29.34.3
ip address 172.29.34.4 255.255.255.0
exit

!###################################################
!frame-relay interface-dlci 423
!#
Free
Workbook Lab 10-2 R5 Initial Config
exit
line
con CCNA
0

!###################################################
!logging sync
!
interface
Serial0/0.425 point-to-point
no exec-timeout

enable
!description ### FRAME RELAY LINK TO R5 ###
configure
terminal
ip address
172.29.45.4 255.255.255.0
end
!frame-relay interface-dlci 425
hostname
R5
exit

no
! ip domain-lookup

!
router rip

interface
version 2Serial0/0

description
### PHYSICAL FRAME RELAY INTERFACE ###
no auto
encapsulation
frame-relay
network 172.29.0.0

no
frame-relay inverse-arp
exit

!no shut

!
line con 0

interface
Serial0/0.524 point-to-point
logging sync

description
### FRAME RELAY LINK TO R5 ###
no exec-timeout

!ip address 172.29.45.5 255.255.255.0


frame-relay interface-dlci 524
end
exit

router rip
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-ospf-and-rip-redistribution/[4/12/2015
7:22:45 PM]

Configuring Mutual OSPF and RIP Redistribution | Free CCNA Workbook

Lab Objectives
Create four new loopback interfaces on R1 using the 10.1.0.0/22 address allocation and configure those interfaces to
participate in OSPF area 0. Ensure that these loopback interfaces participate in OSPF with their configured subnet mask and
not a host mask.
Create four new loopback interfaces on R5 using the 172.5.0.0/22 address allocation and configure those interfaces to
participate in RIP.
By viewing R3s routing table, verify that the newly created loopback interfaces are being learned by R3.
Configure R3 to redistribute RIP routes into OSPF using the cost of 50000 then redistribute OSPF routes into RIP using the
hop count of 3.
Verify on R1 and R5 that routes from the opposite autonomous system exist in their routing table.

Lab Instruction
Objective 1. Create four new loopback interfaces on R1 using the 10.1.0.0/22 address allocation and configure those interfaces to
participate in OSPF area 0. Ensure that these loopback interfaces participate in OSPF with their configured subnet mask and not a
host mask.
By default loopback interfaces participate in ospf as a /32 host route unless you change the default network type from LOOPBACK to
Point-to-Point as shown below;
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface loopback0
R1(config-if)#ip address 10.1.0.1 255.255.255.0
R1(config-if)#ip ospf 1 area 0
R1(config-if)#ip ospf network point-to-point
R1(config-if)#
R1(config-if)#interface loopback1
R1(config-if)#ip address 10.1.1.1 255.255.255.0
R1(config-if)#ip ospf 1 area 0
R1(config-if)#ip ospf network point-to-point
R1(config-if)#
R1(config-if)#interface loopback2
R1(config-if)#ip address 10.1.2.1 255.255.255.0
R1(config-if)#ip ospf 1 area 0
R1(config-if)#ip ospf network point-to-point
R1(config-if)#
R1(config-if)#interface loopback3
R1(config-if)#ip address 10.1.3.1 255.255.255.0
R1(config-if)#ip ospf 1 area 0
R1(config-if)#ip ospf network point-to-point
R1(config-if)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#

Objective 2. Create four new loopback interfaces on R5 using the 172.5.0.0/22 address allocation and configure those interfaces to
participate in RIP.
R5#configure terminal

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-ospf-and-rip-redistribution/[4/12/2015 7:22:45 PM]

Configuring Mutual OSPF and RIP Redistribution | Free CCNA Workbook

Enter configuration commands, one per line. End with CNTL/Z.


R5(config)#interface loopback0
R5(config-if)#ip address 172.5.0.1 255.255.255.0
R5(config-if)#
R5(config-if)#interface loopback1
R5(config-if)#ip address 172.5.1.1 255.255.255.0
R5(config-if)#
R5(config-if)#interface loopback2
R5(config-if)#ip address 172.5.2.1 255.255.255.0
R5(config-if)#
R5(config-if)#interface loopback3
R5(config-if)#ip address 172.5.3.1 255.255.255.0
R5(config-if)#exit
R5(config)#router rip
R5(config-router)#network 172.5.0.0
R5(config-router)#end
R5#
%SYS-5-CONFIG_I: Configured from console by console
R5#
Objective 3. By viewing R3s routing table, verify that the newly created loopback interfaces are being learned by R3.
R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
R
R
R
R
C
R
O
O
O
O
O
C
R3#

172.5.0.0/24 is subnetted, 4 subnets


172.5.1.0 [120/2] via 172.29.34.4, 00:00:01, Serial0/0.324
172.5.0.0 [120/2] via 172.29.34.4, 00:00:01, Serial0/0.324
172.5.3.0 [120/2] via 172.29.34.4, 00:00:01, Serial0/0.324
172.5.2.0 [120/2] via 172.29.34.4, 00:00:01, Serial0/0.324
172.29.0.0/24 is subnetted, 2 subnets
172.29.34.0 is directly connected, Serial0/0.324
172.29.45.0 [120/1] via 172.29.34.4, 00:00:01, Serial0/0.324
10.0.0.0/24 is subnetted, 6 subnets
10.1.3.0 [110/129] via 10.102.23.2, 00:02:24, Serial0/0.322
10.1.2.0 [110/129] via 10.102.23.2, 00:02:24, Serial0/0.322
10.1.1.0 [110/129] via 10.102.23.2, 00:02:24, Serial0/0.322
10.1.0.0 [110/129] via 10.102.23.2, 00:02:24, Serial0/0.322
10.102.12.0 [110/128] via 10.102.23.2, 00:02:24, Serial0/0.322
10.102.23.0 is directly connected, Serial0/0.322

Objective 4. On R3 redistribute RIP routes into OSPF using the cost of 50000 then redistribute OSPF routes into RIP using the hop
count of 3.
Before redistributing RIP into OSPF keep in mind you must use the subnets keyword after the redistribution metric as shown below
other wise youll redistribute only a classful network;
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#router ospf 1
R3(config-router)#redistribute rip metric 50000 subnets
R3(config-router)#exit
R3(config)#router rip
R3(config-router)#redistribute ospf 1 metric 3
R3(config-router)#end
R3#
Objective 5. Verify on R1 and R5 that routes from the opposite autonomous system exist in their routing table.
R1#show ip route

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-ospf-and-rip-redistribution/[4/12/2015 7:22:45 PM]

Configuring Mutual OSPF and RIP Redistribution | Free CCNA Workbook

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP


D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.5.0.0/24 is subnetted, 4 subnets
172.5.1.0 [110/50000] via 10.102.12.2, 00:00:15, Serial0/0.122
172.5.0.0 [110/50000] via 10.102.12.2, 00:00:15, Serial0/0.122
172.5.3.0 [110/50000] via 10.102.12.2, 00:00:15, Serial0/0.122
172.5.2.0 [110/50000] via 10.102.12.2, 00:00:15, Serial0/0.122
172.29.0.0/24 is subnetted, 2 subnets
O E2
172.29.34.0 [110/50000] via 10.102.12.2, 00:00:15, Serial0/0.122
O E2
172.29.45.0 [110/50000] via 10.102.12.2, 00:00:15, Serial0/0.122
10.0.0.0/24 is subnetted, 6 subnets
C
10.1.3.0 is directly connected, Loopback3
C
10.1.2.0 is directly connected, Loopback2
C
10.1.1.0 is directly connected, Loopback1
C
10.1.0.0 is directly connected, Loopback0
C
10.102.12.0 is directly connected, Serial0/0.122
O
10.102.23.0 [110/128] via 10.102.12.2, 00:05:34, Serial0/0.122
R1#
O
O
O
O

E2
E2
E2
E2

As shown above you can see that the RIP routes being redistributed into the OSPF autonomous system are denoted as E2 routes in
the routing table on R1.
R5#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C
C
C
C
R
C
R
R
R
R
R
R
R5#

172.5.0.0/24 is subnetted, 4 subnets


172.5.1.0 is directly connected, Loopback1
172.5.0.0 is directly connected, Loopback0
172.5.3.0 is directly connected, Loopback3
172.5.2.0 is directly connected, Loopback2
172.29.0.0/24 is subnetted, 2 subnets
172.29.34.0 [120/1] via 172.29.45.4, 00:00:05, Serial0/0.524
172.29.45.0 is directly connected, Serial0/0.524
10.0.0.0/24 is subnetted, 6 subnets
10.1.3.0 [120/4] via 172.29.45.4, 00:00:06, Serial0/0.524
10.1.2.0 [120/4] via 172.29.45.4, 00:00:06, Serial0/0.524
10.1.1.0 [120/4] via 172.29.45.4, 00:00:06, Serial0/0.524
10.1.0.0 [120/4] via 172.29.45.4, 00:00:06, Serial0/0.524
10.102.12.0 [120/4] via 172.29.45.4, 00:00:07, Serial0/0.524
10.102.23.0 [120/4] via 172.29.45.4, 00:00:07, Serial0/0.524

As shown above you can see that the OSPF networks in the 10.0.0.0/8 range are now in R5s routing table with a hop count of 4. To
get to R3 its 1 hop to R4, on R3 the redistributed metric adds +3 giving you a total metric of 4 on R5 for routes learned from the
OSPF network.

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-ospf-and-rip-redistribution/[4/12/2015 7:22:45 PM]

Next Lab

Configuring Mutual OSPF and RIP Redistribution | Free CCNA Workbook

Like

11 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-ospf-and-rip-redistribution/[4/12/2015 7:22:45 PM]

Configuring Mutual OSPF & EIGRP Redistribution | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Mutual OSPF & EIGRP Redistribution

Mututal redistribution between OSPF and EIGRP is uncommon however it is used mostly in company acquisitions or
band aiding poorly architected networks. This lab will discuss and demonstrate the configuration and verification of
mutual OSPF and EIGRP redistribution.

Real World Application & Core Knowledge


If youve completed the previous lab; Lab 10-2 Configuring Mutual OSPF and RIP Redistribution, then you should have a basic
understanding of mutual route redistribution.
If not then to summarize it all up for you in a pretty little nut shell; mutual route redistribution is the process where two dynamic routing
protocols exchange their routes with each other. For example, When you redistribute EIGRP into OSPF, all routes in the EIGRP
Autonomous system will be in the OSPF database and show up as OSPF routes in the OSPF domain. Same goes with EIGRP when
you redistribute OSPF into EIGRP, all the routes from OSPF will be carried over to EIGRP and advertised through out the
autonomous system.
Mutual route redistribution is a common remedy when companies acquire other companies that use different routing protocols. In
such case Company ABC Inc. acquires Company XYZ Inc. however ABC Inc. uses OSPF and XYZ Inc. uses EIGRP. After the
acquisition, the CTO (Chief Technology Officer) Mandates that there be full network communication between the newly merged
companies. In this case youd need to perform mutual redistribution to ensure ABC Inc. has routes to XYZs network; vice-versa.
When you redistribute into OSPF its common practice to specify a metric in which case is the OSPF cost. When specifying a metric
keep in mind if you have multiple routers performing mutual redistribution you may need to have a higher metric on one router then
the other to prevent a routing loop; this is where packets just keep going in circles between the two autonomous systems. Its a safe
bet to specify a fairly high metric in a production network to prevent such routes from becoming looped as lower metric routes are
preferred.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-ospf-and-eigrp-redistribution/[4/12/2015 7:23:30 PM]

Configuring Mutual OSPF & EIGRP Redistribution | Free CCNA Workbook

When you redistribute into OSPF; following the metric you must specify rather or not you wish to redistribute the subnets of the
source routing protocol by specifying subnets after the metric. If you do not specify this then the protocol that youre redistributing
routes into will only receive a classful route. In some cases this may work fine, however in other cases it may cause total mayhem in
your network.
Please review the following command(s) listed below;

Command

Description

redistribute protocol metric {metric


info}

This command is executed in router configuration mode of RIP, EIGRP or OSPF to


configure the routing process to redistribute routes from a different source into the
configured routing process such as static into RIP or RIP into OSPF. Its best practice to
specify a metric; when specifying a metric you specify a metric to be used by the routes
when they appear in the routing process. For example, RIP uses hop counts, OSPF
uses cost and EIGRP uses K Values (bandwidth, load, delay, reliability, mtu)

The following logical topology shown below is used in this lab;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, and R5
Establish a console session with devices R1, R2, R3, R4, and R5 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-ospf-and-eigrp-redistribution/[4/12/2015 7:23:30 PM]

Configuring Mutual OSPF & EIGRP Redistribution | Free CCNA Workbook

!###################################################
!#

Free CCNA Workbook Lab 10-3 R2 Initial Config

!###################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


encapsulation frame-relay

no frame-relay inverse-arp
no shut
!

interface Serial0/0.221 point-to-point


description ### FRAME RELAY LINK TO R1 ###
ip address 10.103.12.2 255.255.255.0

!###################################################
ip ospf 1 area 0
!#
Free CCNAinterface-dlci
Workbook Lab 10-3
frame-relay
221 R3 Initial Config

!###################################################
exit
!

enable
interface Serial0/0.223 point-to-point

configure
terminal
description
### FRAME RELAY LINK TO R3 ###
!ip address 10.103.23.2 255.255.255.0
hostname
ip ospf R3
1 area 0

no
ip domain-lookup
frame-relay
interface-dlci 223

!exit

interface
Serial0/0
!

description
router
ospf 1### PHYSICAL FRAME RELAY INTERFACE ###
encapsulation frame-relay
exit

!no frame-relay inverse-arp


no shut
line
con 0

exit
logging
sync

!no exec-timeout

interface Serial0/0.322 point-to-point


!

description ### FRAME RELAY LINK TO R2 ###


end

!###################################################
ip address 10.103.23.3 255.255.255.0
!#
Workbook
Lab 10-3 R4 Initial Config
ip Free
ospf CCNA
1 area
0

!###################################################
frame-relay interface-dlci 322
!exit

enable
!

configure
interface terminal
Serial0/0.324 point-to-point

!description ### PHYSICAL FRAME RELAY INTERFACE ###


hostname
R4 172.29.34.3 255.255.255.0
ip address
no
ip domain-lookup
frame-relay
interface-dlci 324

!no shut

interface
Serial0/0
!

description
router
ospf 1### PHYSICAL FRAME RELAY INTERFACE ###
encapsulation frame-relay
exit

!no frame-relay inverse-arp


no shut
router
eigrp 10
!no auto

interface
Serial0/0.423
point-to-point
network 172.29.0.0
0.0.255.255

description
### FRAME RELAY LINK TO R3 ###
exit

!ip address 172.29.34.4 255.255.255.0

!###################################################
frame-relay
interface-dlci 423
line
con 0
!#
Free CCNA
exit
logging
sync Workbook Lab 10-3 R5 Initial Config

!###################################################
!no exec-timeout
!
interface Serial0/0.425 point-to-point

enable
description ### FRAME RELAY LINK TO R5 ###
end
configure
terminal
ip address
172.29.45.4 255.255.255.0
!frame-relay interface-dlci 425
hostname
R5
exit

no
! ip domain-lookup

!
router eigrp 10

interface
no auto Serial0/0

description
### PHYSICAL
FRAME RELAY INTERFACE ###
network 172.29.0.0
0.0.255.255
encapsulation
frame-relay
exit

!no frame-relay inverse-arp


no shut
line
con 0

!logging sync

interface
Serial0/0.524 point-to-point
no exec-timeout

!description ### FRAME RELAY LINK TO R5 ###


ip address 172.29.45.5 255.255.255.0
end
frame-relay interface-dlci 524

Lab Objectives
exit
exit

!
router eigrp 10
no auto
network 172.29.0.0 0.0.255.255
!
line con 0
logging sync
no exec-timeout
!

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-ospf-and-eigrp-redistribution/[4/12/2015
7:23:30 PM]
end

Configuring Mutual OSPF & EIGRP Redistribution | Free CCNA Workbook

Create four new loopback interfaces on R1 using the 10.1.0.0/22 address allocation and configure those interfaces to
participate in OSPF area 0. Ensure that these loopback interfaces participate in OSPF with their configured subnet mask and
not a host mask.
Create four new loopback interfaces on R5 using the 172.5.0.0/22 address allocation and configure those interfaces to
participate in EIGRP Autonomous System 10.
Analyze R3s routing table and verify that the newly created loopback interfaces are being learned by R3.
Configure R3 to redistribute EIGRP routes into OSPF using the cost of 50000 then redistribute OSPF routes into EIGRP using
a T1 bandwidth and 20,000 microsecond delay.
Verify on R1 and R5 that routes from the opposite autonomous system exist in their routing table.

Lab Instruction
Objective 1. Create four new loopback interfaces on R1 using the 10.1.0.0/22 address allocation and configure those interfaces to
participate in OSPF area 0. Ensure that these loopback interfaces participate in OSPF with their configured subnet mask and not a
host mask.
By default loopback interfaces participate in ospf as a /32 host route unless you change the default network type from LOOPBACK to
Point-to-Point as shown below;
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface loopback0
R1(config-if)#ip address 10.1.0.1 255.255.255.0
R1(config-if)#ip ospf 1 area 0
R1(config-if)#ip ospf network point-to-point
R1(config-if)#
R1(config-if)#interface loopback1
R1(config-if)#ip address 10.1.1.1 255.255.255.0
R1(config-if)#ip ospf 1 area 0
R1(config-if)#ip ospf network point-to-point
R1(config-if)#
R1(config-if)#interface loopback2
R1(config-if)#ip address 10.1.2.1 255.255.255.0
R1(config-if)#ip ospf 1 area 0
R1(config-if)#ip ospf network point-to-point
R1(config-if)#
R1(config-if)#interface loopback3
R1(config-if)#ip address 10.1.3.1 255.255.255.0
R1(config-if)#ip ospf 1 area 0
R1(config-if)#ip ospf network point-to-point
R1(config-if)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#

Objective 2. Create four new loopback interfaces on R5 using the 172.5.0.0/22 address allocation and configure those interfaces to
participate in EIGRP Autonomous System 10.
R5#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R5(config)#interface loopback0
R5(config-if)#ip address 172.5.0.1 255.255.255.0
R5(config-if)#
R5(config-if)#interface loopback1
R5(config-if)#ip address 172.5.1.1 255.255.255.0

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-ospf-and-eigrp-redistribution/[4/12/2015 7:23:30 PM]

Configuring Mutual OSPF & EIGRP Redistribution | Free CCNA Workbook

R5(config-if)#
R5(config-if)#interface loopback2
R5(config-if)#ip address 172.5.2.1 255.255.255.0
R5(config-if)#
R5(config-if)#interface loopback3
R5(config-if)#ip address 172.5.3.1 255.255.255.0
R5(config-if)#exit
R5(config)#router eigrp 10
R5(config-router)#network 172.5.0.0 0.0.255.255
R5(config-router)#end
R5#
%SYS-5-CONFIG_I: Configured from console by console
R5#
Objective 3. Analyze R3s routing table and verify that the newly created loopback interfaces are being learned by R3.
R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
D
D
D
D
C
D
O
O
O
O
O
C
R3#

172.5.0.0/24 is subnetted, 4 subnets


172.5.1.0 [90/2809856] via 172.29.34.4, 00:00:41, Serial0/0.324
172.5.0.0 [90/2809856] via 172.29.34.4, 00:00:41, Serial0/0.324
172.5.3.0 [90/2809856] via 172.29.34.4, 00:00:41, Serial0/0.324
172.5.2.0 [90/2809856] via 172.29.34.4, 00:00:41, Serial0/0.324
172.29.0.0/24 is subnetted, 2 subnets
172.29.34.0 is directly connected, Serial0/0.324
172.29.45.0 [90/2681856] via 172.29.34.4, 00:03:39, Serial0/0.324
10.0.0.0/24 is subnetted, 6 subnets
10.1.3.0 [110/129] via 10.103.23.2, 00:08:45, Serial0/0.322
10.1.2.0 [110/129] via 10.103.23.2, 00:08:45, Serial0/0.322
10.1.1.0 [110/129] via 10.103.23.2, 00:08:45, Serial0/0.322
10.1.0.0 [110/129] via 10.103.23.2, 00:08:45, Serial0/0.322
10.103.12.0 [110/128] via 10.103.23.2, 00:08:46, Serial0/0.322
10.103.23.0 is directly connected, Serial0/0.322

Objective 4. Configure R3 to redistribute EIGRP routes into OSPF using the cost of 50000 then redistribute OSPF routes into
EIGRP using a T1 bandwidth and 20,000 microsecond delay.
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#router ospf 1
R3(config-router)#redistribute eigrp 10 metric 50000 subnets
R3(config-router)#exit
R3(config)#router eigrp 10
R3(config-router)#redistribute ospf 1 metric ?
<1-4294967295> Bandwidth metric in Kbits per second
R3(config-router)#redistribute ospf 1 metric 1544 ?
<0-4294967295> EIGRP delay metric, in 10 microsecond units
R3(config-router)#redistribute ospf 1 metric 1544 2000 ?
<0-255> EIGRP reliability metric where 255 is 100% reliable
R3(config-router)#redistribute ospf 1 metric 1544 2000 255 ?
<1-255> EIGRP Effective bandwidth metric (Loading) where 255
is 100% loaded
R3(config-router)#redistribute ospf 1 metric 1544 2000 255 1 ?
<1-65535> EIGRP MTU of the path
R3(config-router)#redistribute ospf 1 metric 1544 2000 255 1 1500
R3(config-router)#end
R3#
%SYS-5-CONFIG_I: Configured from console by console
R3#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-ospf-and-eigrp-redistribution/[4/12/2015 7:23:30 PM]

Configuring Mutual OSPF & EIGRP Redistribution | Free CCNA Workbook

Objective 5. Verify on R1 and R5 that routes from the opposite autonomous system exist in their routing table.
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
172.5.0.0/24 is subnetted, 4 subnets
172.5.1.0 [110/50000] via 10.103.12.2, 00:00:07, Serial0/0.122
172.5.0.0 [110/50000] via 10.103.12.2, 00:00:07, Serial0/0.122
172.5.3.0 [110/50000] via 10.103.12.2, 00:00:07, Serial0/0.122
172.5.2.0 [110/50000] via 10.103.12.2, 00:00:07, Serial0/0.122
172.29.0.0/24 is subnetted, 2 subnets
O E2
172.29.34.0 [110/50000] via 10.103.12.2, 00:00:07, Serial0/0.122
O E2
172.29.45.0 [110/50000] via 10.103.12.2, 00:00:07, Serial0/0.122
10.0.0.0/24 is subnetted, 6 subnets
C
10.1.3.0 is directly connected, Loopback3
C
10.1.2.0 is directly connected, Loopback2
C
10.1.1.0 is directly connected, Loopback1
C
10.1.0.0 is directly connected, Loopback0
C
10.103.12.0 is directly connected, Serial0/0.122
O
10.103.23.0 [110/128] via 10.103.12.2, 00:11:04, Serial0/0.122
R1#
O
O
O
O

E2
E2
E2
E2

As you can see from R1s routing table shown above that the routes redistributed into OSPF from EIGRP are now OSPF E2 routes.
R5#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C
C
C
C
D
C
D EX
D EX
D EX
D EX
D EX
D EX
R5#

172.5.0.0/24 is subnetted, 4 subnets


172.5.1.0 is directly connected, Loopback1
172.5.0.0 is directly connected, Loopback0
172.5.3.0 is directly connected, Loopback3
172.5.2.0 is directly connected, Loopback2
172.29.0.0/24 is subnetted, 2 subnets
172.29.34.0 [90/2681856] via 172.29.45.4, 00:04:21, Serial0/0.524
172.29.45.0 is directly connected, Serial0/0.524
10.0.0.0/24 is subnetted, 6 subnets
10.1.3.0 [170/3193856] via 172.29.45.4, 00:01:31, Serial0/0.524
10.1.2.0 [170/3193856] via 172.29.45.4, 00:01:31, Serial0/0.524
10.1.1.0 [170/3193856] via 172.29.45.4, 00:01:31, Serial0/0.524
10.1.0.0 [170/3193856] via 172.29.45.4, 00:01:31, Serial0/0.524
10.103.12.0 [170/3193856] via 172.29.45.4, 00:01:31, Serial0/0.524
10.103.23.0 [170/3193856] via 172.29.45.4, 00:01:31, Serial0/0.524

As you can see from R5s routing table shown above that the routes redistributed into EIGRP from OSPF on R3 show up in R5s
routing table as EIGRP EX (External) routes with the administrative distance of 170.

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-ospf-and-eigrp-redistribution/[4/12/2015 7:23:30 PM]

Next Lab

Configuring Mutual OSPF & EIGRP Redistribution | Free CCNA Workbook

Like

17 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-ospf-and-eigrp-redistribution/[4/12/2015 7:23:30 PM]

Configuring Mutual EIGRP and RIP Redistribution | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Mutual EIGRP & RIP Redistribution

Mututal redistribution is commonly done to fix architectural problems or during company acquisitions. This lab will
discuss and demonstrate the configuration and verification of mutual EIGRP and RIP redistribution.

Real World Application & Core Knowledge


If youve completed Lab 10-2 Configuring Mutual OSPF and RIP Redistribution and Lab 10-3 Configuring Mutual OSPF and
EIGRP Redistribution then you should be no stranger to mutual route redistribution.
If you did not complete the previous labs then to summarize mutual route redistribution up in a pretty little nut shell; mutual route
redistribution is the process where two dynamic routing protocols exchange their routes with each other. For example, When you
redistribute EIGRP into RIP, all routes in the EIGRP Autonomous System will be injected into the RIP database and show up as
regular RIP routes. The same concepts apply to EIGRP when you redistribute RIP into EIGRP, all the routes from RIP will be
injected into the EIGRP topology table and advertised through out the autonomous system as an EIGRP External route. These
routes are denoted as D EX routes in the routing table.
Mutual route redistribution is a common remedy when companies acquire other companies that use different routing protocols. In
such case Company ABC Inc. acquires Company XYZ Inc. however ABC Inc. uses EIGRP and XYZ Inc. uses RIP. After the
acquisition, the CTO (Chief Technology Officer) Mandates that there be full network communication between the newly merged
companies. In this case youd need to perform mutual redistribution to ensure ABC Inc. has routes to XYZs network; vice-versa.
When you configure mutual route redistribution its best practice to specify a static metric. When specifying a metric keep in mind if
you have multiple routers performing mutual redistribution you may need to have a higher metric on one router then the other to
prevent a routing loop; this is where packets just keep going in circles between the two autonomous systems. Its a safe bet to
specify a fairly high metric in a production network to prevent such routes from becoming looped as lower metric routes are
preferred.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-eigrp-and-rip-redistribution/[4/12/2015 7:23:55 PM]

Configuring Mutual EIGRP and RIP Redistribution | Free CCNA Workbook

To configure route redistribution youll use the redistribute command in router configuration mode.
Please review the following command(s) listed below;

Command

Description

redistribute protocol metric


{metric info}

This command is executed in router configuration mode of RIP, EIGRP or OSPF to configure
the routing process to redistribute routes from a different source into the configured routing
process such as static into RIP or RIP into OSPF. Its best practice to specify a metric; when
specifying a metric you specify a metric to be used by the routes when they appear in the
routing process. For example, RIP uses hop counts, OSPF uses cost and EIGRP uses K
Values (bandwidth, load, delay, reliability, mtu)

The following logical topology shown below is used in this lab;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3, R4, and R5
Establish a console session with devices R1, R2, R3, R4, and R5 than load the initial configurations provided below by
copying the config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-eigrp-and-rip-redistribution/[4/12/2015 7:23:55 PM]

Configuring Mutual EIGRP and RIP Redistribution | Free CCNA Workbook

!###################################################
!#

Free CCNA Workbook Lab 10-4 R2 Initial Config

!###################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
encapsulation frame-relay
no frame-relay inverse-arp
no shut
!

interface Serial0/0.221 point-to-point


description ### FRAME RELAY LINK TO R1 ###
ip address 10.104.12.2 255.255.255.0

!###################################################
frame-relay interface-dlci 221
!#
Free CCNA Workbook Lab 10-4 R3 Initial Config
exit

!###################################################
!
!
interface Serial0/0.223 point-to-point

enable
description ### FRAME RELAY LINK TO R3 ###
configure
terminal
ip address
10.104.23.2 255.255.255.0
!frame-relay interface-dlci 223
hostname
R3
exit

no
! ip domain-lookup

!
router eigrp 10

interface
Serial0/0
no auto-summary

description
### PHYSICAL
FRAME RELAY INTERFACE ###
network 10.104.12.2
0.0.0.0
encapsulation
frame-relay
network 10.104.23.2
0.0.0.0
no
frame-relay inverse-arp
exit

!no shut

exitcon 0
line

!logging sync

interface
Serial0/0.322 point-to-point
no exec-timeout

!description ### FRAME RELAY LINK TO R2 ###

!###################################################
ip address 10.104.23.3 255.255.255.0
end
!#
Free CCNAinterface-dlci
Workbook Lab 10-4
frame-relay
322 R4 Initial Config

!###################################################
exit
!

enable
interface Serial0/0.324 point-to-point

configure
terminal
description
### FRAME RELAY LINK TO R4 ###
!ip address 172.29.34.3 255.255.255.0
hostname
R4 interface-dlci 324
frame-relay
no
domain-lookup
noip
shut

interface
Serial0/0
router eigrp
10

description
### PHYSICAL FRAME RELAY INTERFACE ###
no auto-summary
encapsulation
frame-relay
network 10.104.23.3

no
frame-relay inverse-arp
exit

!no shut

!
router rip

interface
Serial0/0.423 point-to-point
no auto-summary

description
### FRAME RELAY LINK TO R3 ###
version 2
ip address
172.29.34.4 255.255.255.0
network
172.29.0.0

!###################################################
!frame-relay interface-dlci 423
!#
Free
Workbook Lab 10-4 R5 Initial Config
exit
line
con CCNA
0

!###################################################
!logging sync
!
interface
Serial0/0.425 point-to-point
no exec-timeout

enable
!description ### FRAME RELAY LINK TO R5 ###
configure
terminal
ip address
172.29.45.4 255.255.255.0
end
!frame-relay interface-dlci 425
hostname
R5
exit

no
! ip domain-lookup

!
router rip

interface
version 2Serial0/0

description
### PHYSICAL FRAME RELAY INTERFACE ###
no auto-summary
encapsulation
frame-relay
network 172.29.0.0

no
frame-relay inverse-arp
exit

!no shut

!
line con 0

interface
Serial0/0.524 point-to-point
logging sync

description
### FRAME RELAY LINK TO R5 ###
no exec-timeout

!ip address 172.29.45.5 255.255.255.0


frame-relay interface-dlci 524
end

Lab Objectives
exit

router rip
version 2
no auto-summary
network 172.29.0.0
exit
!

Create four new loopback interfaces on R1 using the 10.1.0.0/22 address allocation and configure those interfaces to

line con 0

logging sync
no exec-timeout
!
end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-eigrp-and-rip-redistribution/[4/12/2015 7:23:55 PM]

Configuring Mutual EIGRP and RIP Redistribution | Free CCNA Workbook

participate in EIGRP Autonomous System 10.


Create four new loopback interfaces on R5 using the 172.5.0.0/22 address allocation and configure those interfaces to
participate in RIP.
Analyze R3s routing table and verify that the newly created loopback interfaces are being learned by R3.
Configure R3 to redistribute EIGRP routes into RIP using a hop count of 3 then redistribute RIP routes into EIGRP using a T1
bandwidth and 20,000 microsecond delay.
Verify on R1 and R5 that routes from the opposite autonomous system exist in their routing table.

Lab Instruction
Objective 1. Create four new loopback interfaces on R1 using the 10.1.0.0/22 address allocation and configure those interfaces to
participate in EIGRP Autonomous System 10.
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface loopback0
R1(config-if)#ip address 10.1.0.1 255.255.255.0
R1(config-if)#
R1(config-if)#interface loopback1
R1(config-if)#ip address 10.1.1.1 255.255.255.0
R1(config-if)#
R1(config-if)#interface loopback2
R1(config-if)#ip address 10.1.2.1 255.255.255.0
R1(config-if)#
R1(config-if)#interface loopback3
R1(config-if)#ip address 10.1.3.1 255.255.255.0
R1(config-if)#exit
R1(config)#
R1(config)#router eigrp 10
R1(config-router)#network 10.1.0.0 0.0.3.255
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#

Objective 2. Create four new loopback interfaces on R5 using the 172.5.0.0/22 address allocation and configure those interfaces to
participate in RIP.
R5#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R5(config)#interface loopback0
R5(config-if)#ip address 172.5.0.1 255.255.255.0
R5(config-if)#
R5(config-if)#interface loopback1
R5(config-if)#ip address 172.5.1.1 255.255.255.0
R5(config-if)#
R5(config-if)#interface loopback2
R5(config-if)#ip address 172.5.2.1 255.255.255.0
R5(config-if)#
R5(config-if)#interface loopback3
R5(config-if)#ip address 172.5.3.1 255.255.255.0
R5(config-if)#exit
R5(config)#router rip
R5(config-router)#network 172.5.0.0
R5(config-router)#end
R5#
%SYS-5-CONFIG_I: Configured from console by console
R5#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-eigrp-and-rip-redistribution/[4/12/2015 7:23:55 PM]

Configuring Mutual EIGRP and RIP Redistribution | Free CCNA Workbook

Objective 3. Analyze R3s routing table and verify that the newly created loopback interfaces are being learned by R3.
R3#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
R
R
R
R
C
R
D
D
D
D
D
C
R3#

172.5.0.0/24 is subnetted, 4 subnets


172.5.1.0 [120/2] via 172.29.34.4, 00:00:25, Serial0/0.324
172.5.0.0 [120/2] via 172.29.34.4, 00:00:25, Serial0/0.324
172.5.3.0 [120/2] via 172.29.34.4, 00:00:25, Serial0/0.324
172.5.2.0 [120/2] via 172.29.34.4, 00:00:25, Serial0/0.324
172.29.0.0/24 is subnetted, 2 subnets
172.29.34.0 is directly connected, Serial0/0.324
172.29.45.0 [120/1] via 172.29.34.4, 00:00:25, Serial0/0.324
10.0.0.0/24 is subnetted, 6 subnets
10.1.3.0 [90/2809856] via 10.104.23.2, 00:05:50, Serial0/0.322
10.1.2.0 [90/2809856] via 10.104.23.2, 00:05:50, Serial0/0.322
10.1.1.0 [90/2809856] via 10.104.23.2, 00:05:50, Serial0/0.322
10.1.0.0 [90/2809856] via 10.104.23.2, 00:05:50, Serial0/0.322
10.104.12.0 [90/2681856] via 10.104.23.2, 00:09:59, Serial0/0.322
10.104.23.0 is directly connected, Serial0/0.322

Objective 4. Configure R3 to redistribute EIGRP routes into RIP using a hop count of 3 then redistribute RIP routes into EIGRP
using a T1 bandwidth and 20,000 microsecond delay.
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#router rip
R3(config-router)#redistribute eigrp 10 metric 3
R3(config-router)#exit
R3(config)#router eigrp 10
R3(config-router)#redistribute rip metric ?
<1-4294967295> Bandwidth metric in Kbits per second
R3(config-router)#redistribute rip metric 1544 ?
<0-4294967295> EIGRP delay metric, in 10 microsecond units
R3(config-router)#redistribute rip metric 1544 2000 ?
<0-255> EIGRP reliability metric where 255 is 100% reliable
R3(config-router)#redistribute rip metric 1544 2000 255 ?
<1-255> EIGRP Effective bandwidth metric (Loading) where 255
is 100% loaded
R3(config-router)#redistribute rip metric 1544 2000 255 1 ?
<1-65535> EIGRP MTU of the path
R3(config-router)#redistribute rip metric 1544 2000 255 1 1500
R3(config-router)#end
R3#
%SYS-5-CONFIG_I: Configured from console by console
R3#
Objective 5. Verify on R1 and R5 that routes from the opposite autonomous system exist in their routing table.
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-eigrp-and-rip-redistribution/[4/12/2015 7:23:55 PM]

Configuring Mutual EIGRP and RIP Redistribution | Free CCNA Workbook

172.5.0.0/24 is subnetted, 4 subnets


172.5.1.0 [170/3193856] via 10.104.12.2, 00:00:09, Serial0/0.122
172.5.0.0 [170/3193856] via 10.104.12.2, 00:00:09, Serial0/0.122
172.5.3.0 [170/3193856] via 10.104.12.2, 00:00:09, Serial0/0.122
172.5.2.0 [170/3193856] via 10.104.12.2, 00:00:09, Serial0/0.122
172.29.0.0/24 is subnetted, 2 subnets
D EX
172.29.34.0 [170/3193856] via 10.104.12.2, 00:00:09, Serial0/0.122
D EX
172.29.45.0 [170/3193856] via 10.104.12.2, 00:00:09, Serial0/0.122
10.0.0.0/24 is subnetted, 6 subnets
C
10.1.3.0 is directly connected, Loopback3
C
10.1.2.0 is directly connected, Loopback2
C
10.1.1.0 is directly connected, Loopback1
C
10.1.0.0 is directly connected, Loopback0
C
10.104.12.0 is directly connected, Serial0/0.122
D
10.104.23.0 [90/2681856] via 10.104.12.2, 00:11:13, Serial0/0.122
R1#
D
D
D
D

EX
EX
EX
EX

You can see from R1s routing table shown above that the RIP routes redistributed into EIGRP at R3 are being propagated
throughout the EIGRP Autonomous System as EIGRP External routes.
R5#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
C
C
C
C
R
C
R
R
R
R
R
R
R5#

172.5.0.0/24 is subnetted, 4 subnets


172.5.1.0 is directly connected, Loopback1
172.5.0.0 is directly connected, Loopback0
172.5.3.0 is directly connected, Loopback3
172.5.2.0 is directly connected, Loopback2
172.29.0.0/24 is subnetted, 2 subnets
172.29.34.0 [120/1] via 172.29.45.4, 00:00:20, Serial0/0.524
172.29.45.0 is directly connected, Serial0/0.524
10.0.0.0/24 is subnetted, 6 subnets
10.1.3.0 [120/4] via 172.29.45.4, 00:00:21, Serial0/0.524
10.1.2.0 [120/4] via 172.29.45.4, 00:00:21, Serial0/0.524
10.1.1.0 [120/4] via 172.29.45.4, 00:00:21, Serial0/0.524
10.1.0.0 [120/4] via 172.29.45.4, 00:00:21, Serial0/0.524
10.104.12.0 [120/4] via 172.29.45.4, 00:00:22, Serial0/0.524
10.104.23.0 [120/4] via 172.29.45.4, 00:00:22, Serial0/0.524

You can see from R5s routing table shown above that the EIGRP routes redistributed into RIP at R3 are now RIP routes on R5 with
a metric of 4 (1 hop to R4 + 3 from R3s added metric)

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-eigrp-and-rip-redistribution/[4/12/2015 7:23:55 PM]

Next Lab

Configuring Mutual EIGRP and RIP Redistribution | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-mutual-eigrp-and-rip-redistribution/[4/12/2015 7:23:55 PM]

Configuring Network Address Translation (NAT) One-to-One | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Static NAT

Static NAT, also more commonly known as one to one NAT is primary used to translate a public IP Address to an
internal DMZ private address. There are of course other uses for static nat which will be explains however this lab will
discuss and demonstrate the configuration and verification of basic Static NAT.

Real World Application & Core Knowledge


Network Address Translation; referred to as NAT is used in almost every network in the world in some form or fashion rather it be a
NAT one to one translation, NAT pool where a pool of IP addresses are given on a first come first serve basis to the inside private
address range or the most famous PAT (Port Address Translation), commonly a misconception and referred to as NAT but PAT
translates many inside addresses to a single outside address by using random port numbers for ip communication.
NAT Pooling and Port Address Translation (PAT) will be discussed in the next two labs but for this lab lets dive into the abyss of
Network Address Translation (NAT) one to one.
NAT was created with the intention to prolong the inevitable which was our ever depleting IPv4 address space. As more and more
address blocks were allocated by IANA, more and more people became worried that we would soon one day run out of IPv4
addresses. Granted if IPv4 NAT was not created we would have ran out of IP addresses a long time ago but NAT saved us in more
ways then one.
NAT one to one is commonly used when you go from one autonomous system to another autonomous system and you need your
source address when communicating to the destination to be a specific IP address but that IP address does not match your IP
address layout. In which case youd need to NAT one to one the source address to a destination address, in this case NAT one to
one is commonly performed on both sides.
For example; ABC Inc. and XYZ Inc. need to establish IP connectivity using a point-to-point T1 and you need to ensure ip
communication but both companies use the SAME RFC1918 address space. In this case Network Address Translation (NAT) would

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-network-address-translation-nat-one-to-one/[4/12/2015 7:24:12 PM]

Configuring Network Address Translation (NAT) One-to-One | Free CCNA Workbook

be need to be implemented on both sides of the point-to-point T1.


In ABC Inc. the source address is 10.17.50.22 and the destination is 10.84.18.7 however the 10.84.18.7 address shows up in ABC
Inc.s networks routing table as a small branch office in Miami, Florida. In XYZ Inc.s network the source address is 10.84.18.7 and
the destination needs to be 10.17.50.22 however that address shows up as being located at the corporate head quarters in Dallas,
Texas. In a scenario like this youre in a tough spot but no need to fear, Network Address Translation is here to save the network and
possibly your job
Both ABC Inc. and XYZ Inc. would need to agree on an IP address allocation used for the connectivity between the two companies.
Lets say ABC Inc. and XYZ Inc. agree on using the 10.240.18.0/29 address space for the point to point T1. In this case there would
be six usable host IP Addresses. ABC Inc. would use 10.240.18.1 on their T1 serial interface and 10.240.18.2 as their NAT address
for the source address of 10.17.50.22 and XYZ Inc. would use 10.240.18.5 on their T1 interface and 10.240.18.6 as their NAT IP
address for source of 10.84.18.7.
Through the magic of Network Address Translation when ABC Inc.s server attempts to communicate with XYZ Inc.s server they
need to use the destination NAT address. So ABC Inc.s server would communicate to 10.240.18.6. In this case The traffic would
originate from 10.17.50.22, go to the router and get translated from 10.17.50.22 to 10.240.18.2 then go to 10.240.18.6 which in turn
would be translated from 10.240.18.8 to 10.84.18.7 therefore full IP communication would be functional without any drastic changes
to the companies networks.
Now that you have an general understanding of how NAT works, its time to take a look at how NAT operates.
When dealing with Network Address Translation on a Cisco router youll need to familiarize yourself with four different terms. Inside
Global, Inside Local, Outside Global, Outside Local.
Inside Local Is an IP address assigned to a host on the inside network. This is can be configured statically or obtained via
DHCP. This IP Address is most likely to be an RFC1918 private address.
Inside Global Is commonly a public IP Address assigned by an Internet Services Provider (ISP) or a Network Operations
Center (NOC) that represents one or more inside local IP addresses to the outside world.
Outside Local In an IP address of an outside host as it appears to the inside network. Not necessarily a public IP address, it
is allocated from an address space routable on the inside.
Outside Global Is an IP address that is assigned to a host on the outside network by the host owner. This address is
allocated from a globally routable address or network space; not a private address (RFC1918)

When configuring Network Address Translation, youll need to specify the INSIDE and OUTSIDE interfaces. This specifies the NAT
boundary at a given router. To specify these types of interfaces youll use the ip nat inside | outside command in interface
configuration mode.
To configure a static one to one NAT translation youll need two key components; the inside host address (inside local) and the ip
address of which the inside local address is to be translated to, (the inside global). Once you have this information youll use the ip
nat inside source static inside_local_ip outside_global_ip command in global configuration mode.
When configuring a NAT statement rather it be a static one to one translation or port address translation (PAT Many to One), you
have the ability to specify rather or not the entry is extendable by adding the extendable following the NAT statement.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-network-address-translation-nat-one-to-one/[4/12/2015 7:24:12 PM]

Configuring Network Address Translation (NAT) One-to-One | Free CCNA Workbook

The Extendable option allows you to configure multiple NAT statements that use the same inside local or inside global address
whereas when attempting to create a static translation map where the inside local or outside global matches an IP address thats
already used in a different translation map would give you an ambiguous command error.
In general there are two types of static NAT translations. The first one being a standard translation where the translation entry maps a
single inside local address to a single outside global address then there is the extended NAT translation where you can create static
translation map(s) that include multiple identical inside local OR outside global maps based on an inside/outside port number.
For example;
ip nat source static tcp 10.11.1.1 8080 172.29.18.5 80 extendable
ip nat source static tcp 10.11.1.14 80 172.29.18.5
443 extendable
In the example given, any traffic destined to 172.29.18.5 on port 80 would be translated to 10.1.11.1 port 8080 internally whereas any
traffic destined towards 172.29.18.5 on port 445 SSL would be translated to 10.11.1.14 port 80.
You have the ability to view the routers IP NAT translation table by using the show ip nat translations command in user or privileged
mode. This gives you the ability to determine what translation flows are currently installed in the NAT table. You can purge the NAT
tables dynamic translations by using the clear ip nat translation * command in privileged mode.
Now that you have an understanding of NAT one-to-one, this lab will build the same scenario given as an example previously to
familiarize you with NAT one-to-one configuration.
Please review the following command(s) listed below;

Command

Description

ip nat inside source static


il.il.il.il ig.ig.ig.ig

This command is executed in global configuration mode to configure a static NAT one to one
translation where as il.il.il.il is the inside local address and ig.ig.ig.ig is the outside global
address which the inside local address will be translated to.

ip nat inside source static


{tcp | udp} il.il.il.il {TCP/UDP
Port #} ig.ig.ig.ig {TCP/UDP
Port #} extendable

This command is executed in global configuration mode to configure an extended static NAT
translation where you translate a single inside local or outside global address based on port
number(s).

show ip nat translations

This command is executed in user or privileged mode to view all the current NAT translations in
the routers NAT table.

clear ip nat translation *

This command is executed in privileged mode to purge all the dynamic NAT translations that
exist in the routing table. If this command is executed in a live network take caution as it will
drop current dynamic NAT translated TCP sessions.

In this lab you will be configuring static NAT (One-to-One) between two companies; ABC Inc. and XYZ Inc. both of which have a
server with the IP address of 10.111.14.14. Since both companies believe it would be too difficult to RE-IP the network, youll need to
setup a static NAT translation on R2 and R3 to ensure IP communication between the two servers that have the same IP address
among both organizations.
The following logical topology shown below is used in this lab;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-network-address-translation-nat-one-to-one/[4/12/2015 7:24:12 PM]

Configuring Network Address Translation (NAT) One-to-One | Free CCNA Workbook

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2, R3 and R4
Establish a console session with devices R1, R2, R3 and R4 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

<
!###################################################
!#

Free CCNA Workbook Lab 11-1 R2 Initial Config

!###################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
encapsulation frame-relay
no frame-relay inverse-arp
exit
!
interface Serial0/0.221 point-to-point
description ### FRAME RELAY LINK TO R1 ###
ip address 10.111.12.2 255.255.255.0
frame-relay interface-dlci 221
exit
!
interface Serial0/0.223 point-to-point
description ### FRAME RELAY LINK TO R3 ###
ip address 172.20.23.2 255.255.255.0
frame-relay interface-dlci 223
exit
!
interface Serial0/0
no shut
exit

!
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-network-address-translation-nat-one-to-one/[4/12/2015
7:24:12 PM]

Configuring Network Address Translation (NAT) One-to-One | Free CCNA Workbook


!###################################################
!#

Free CCNA Workbook Lab 11-1 R3 Initial Config

!###################################################
!
enable
configure terminal
!
hostname R3
no ip domain-lookup
!
interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
encapsulation frame-relay

no frame-relay inverse-arp
exit

interface Serial0/0.322 point-to-point


description ### FRAME RELAY LINK TO R2 ###
ip address 172.20.23.3 255.255.255.0

!###################################################
frame-relay interface-dlci 322
!#
Free CCNA Workbook Lab 11-1 R4 Initial Config
exit

!###################################################
!
!
interface Serial0/0.324 point-to-point

enable
description ### PHYSICAL FRAME RELAY INTERFACE ###
configure
terminal
ip address
10.111.34.3 255.255.255.0
!frame-relay interface-dlci 324
hostname
no shut R4

no
! ip domain-lookup

!
interface Serial0/0
interface
no shut loopback0

description
### SIMULATED SERVER ###
exit

!ip address 10.111.14.14 255.255.255.255


!
router eigrp 10

interface
Serial0/0
no auto-summary

description
### PHYSICAL
FRAME RELAY INTERFACE ###
network 172.20.23.3
0.0.0.0
encapsulation
frame-relay
network
10.111.34.3
0.0.0.0

no frame-relay inverse-arp
passive-interface
Serial0/0.322
exit

Lab Objectives
interface
line
con 0Serial0/0.423 point-to-point

description
logging
sync### FRAME RELAY LINK TO R3 ###
ip exec-timeout
address 10.111.34.4 255.255.255.0
no

!frame-relay interface-dlci 423


exit
end
!

interface Serial0/0
no shut
exit

Configure R2 and R3s respected interfaces as NAT Inside and NAT Outside.

router eigrp 10

Create a static NAT translation on R2 to translate the inside local address 10.111.14.14 to the outside global address of

no auto-summary

network 10.111.14.14 0.0.0.0

172.20.23.41

network 10.111.34.4 0.0.0.0

!
line con 0

Create a static NAT translation on R3 to translate the inside local address 10.111.14.14 to the outside global address of

logging sync

no exec-timeout
!
end

172.20.23.14

Verify that you have IP communication between the two simulated servers by pinging 172.20.23.14 from R1s Lo0 interface.

Lab Instruction
Objective 1. Configure R2 and R3s respected interfaces as NAT Inside and NAT Outside.
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface Serial0/0.221
R2(config-subif)#ip nat inside
%LINEPROTO-5-UPDOWN: Line protocol on Interface NVI0, changed state to up
R2(config-subif)#interface Serial0/0.223
R2(config-subif)#ip nat outside
R2(config-subif)#end
R2#

R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#interface Serial0/0.322
R3(config-subif)#ip nat outside
%LINEPROTO-5-UPDOWN: Line protocol on Interface NVI0, changed state to up
R3(config-subif)#interface Serial0/0.324
R3(config-subif)#ip nat inside
R3(config-subif)#end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-network-address-translation-nat-one-to-one/[4/12/2015 7:24:12 PM]

Configuring Network Address Translation (NAT) One-to-One | Free CCNA Workbook

R3#
Objective 2. Create a static NAT translation on R2 to translate the inside local address 10.111.14.14 to the outside global address
of 172.20.23.41
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#ip nat inside source static 10.111.14.14 172.20.23.41
R2(config)#end
R2#
Objective 3. Create a static NAT translation on R3 to translate the inside local address 10.111.14.14 to the outside global address
of 172.20.23.14
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#ip nat inside source static 10.111.14.14 172.20.23.14
R3(config)#end
R3#
Objective 4. On R1 verify that you have IP communication towards the R4s Lo0 via the translated address 172.20.23.14 by pinging
172.20.23.14 sourced from R1s Lo0 interface.
R1#ping 172.20.23.14 source loopback 0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.20.23.14, timeout is 2 seconds:
Packet sent with a source address of 10.111.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 88/90/93 ms
R1#
As you can see from above you now have full IP connectivity between the two completely seperate networks that have a server using
the same IP address via Network Address Translation.
So when ABC Inc.s Server 10.111.14.14 attempts to communicate to 172.20.23.14 it is actually communicating to the 10.111.14.14
server located in XYZ Inc.s network.
So for a complete run down of this scenario, when the simulated server 10.111.14.14 sends traffic to 172.20.23.14 it goes towards R2
and from R2 the traffic gets NATed to 172.20.23.41. At which point 172.20.23.41 is on a common subnet to 172.20.23.14 so the
traffic gets forwarded out Se0/0.223. When it reaches Serial0/0.322 on R3, R3 looks at its static translation table and immediately
forwards traffic destined to 172.20.23.14 towards 10.111.14.14. When the simulated server at 10.111.14.14 receives the traffic it
responds in the opposite direction in the same manner.
You can check the ip nat translation table on R2 to verify that the NAT translation was installed into the NAT table as shown below;
R2#show ip nat trans
Pro Inside global
--- 172.20.23.41
R2#

Inside local
10.111.14.14

Outside local
---

Outside global
---

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-network-address-translation-nat-one-to-one/[4/12/2015 7:24:12 PM]

Next Lab

Configuring Network Address Translation (NAT) One-to-One | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-network-address-translation-nat-one-to-one/[4/12/2015 7:24:12 PM]

Configuring a Network Address Translation (NAT) Pool | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Dynamic NAT Pooling

NAT Pooling is the ability to randomly assign public IP addresses to private internal IPs on a first come first serve
basis from a pool of IPs. This lab will discuss and demonstrate the configuration and verification of dynamic NAT
pooling.

Real World Application & Core Knowledge


If youve completed the previous Lab 11-1 Configuring Network Address Translation (NAT) One-to-One then you should have a
basic understanding of how NAT works, if not then its recommended to complete the previous lab before attempting this one.
A Network Address Translation Pool in simple terms is a pool that has been carved out of an allocated address block that assigns
inside global addresses on a first come first serve basis to inside local host based on a match found in a specified access control list.
The benefit of this type of configuration is that your inside network can use RFC1918 private addressing such as the 10.0.0.0/8
range but still obtain IP connectivity to the outside world using a single public IP address per host. Some universities use this method
however the majority of universities in the USA are moving more towards a NAC (Network Admissions Control) infrastructure of its
residential students to access the internet due to NAC having the ability to enforce virus protection and required operating system
updates.
However NAT pooling still has its place in todays networks such as the DMZ (Demilitarized Zone) or companies that own a block of
public IP addresses and requires each inside host to have its own translated outside IP address.
When configuring a NAT pool you must specify a address pool range with a start and end IP address followed by the network prefix
of the allocated IP address block the IP address range is carved out of . After the pool has been created you must then create the
NAT statement that uses a specific access control list that translates ACL matched inside host machines to the outside global IP
addresses in the pool on a first come first serve basis.
To create an NAT pool youll use the command ip nat pool poolname sip.sip.sip.sip eip.eip.eip.eip prefix # whereas the poolname is

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-network-address-translation-nat-pool/[4/12/2015 7:24:35 PM]

Configuring a Network Address Translation (NAT) Pool | Free CCNA Workbook

referenced by the NAT translation statement followed by the starting ip and ending ip of the pool range and the prefix of the
allocation that the IP address range is carved out of; I.e; 24 = /24 or 255.255.255.0
When specifying a NAT translation statement using a pool youll need specify an access control list which is used to match inside
host addresses or networks that will be translated to the IP addresses found in the pool on a first come first serve basis.
To configure a NAT Pool Translation youll use the ip nat inside source list ACL#_OR_NAME pool POOLNAME command in global
configuration whereas the ACL#_OR_NAME is the access control list name or number used to match inside host which will be
permitted to use the NAT pool translation and the POOLNAME is the IP address range pool you carved out of an address block
allocation.
In this lab you will be using R1, R2 and R3 to simulate a network connected to an ISP at R2 and using R2 to translate simulated
inside host machines from R1 to a public IP address pool to the internet (R3).
Please review the following command(s) listed below;

Command

Description

ip nat pool poolname


sip.sip.sip.sip eip.eip.eip.eip
prefix #

This command is executed in global configuration mode to configure a NAT pool whereas the
sip is the starting ip address in the range of the pool and the eip is the ending ip address range
of the pool. The prefix # is the actual prefix used by the router which the ips in the pool use.

ip nat inside source list acl#


pool poolname

This command is executed in global configuration mode to setup an inside to outside NAT pool
configuration whereas the access-list # matches in ACL in which inside hosts must be
permitted to be able to obtain a pool IP address. The pool name references the pool of IP
addresses created when using the previous command.

show ip nat translations

This command is executed in user or privileged mode to view all the current NAT translations in
the routers NAT table.

clear ip nat translation *

This command is executed in privileged mode to purge all the dynamic NAT translations that
exist in the routing table. If this command is executed in a live network take caution as it will
drop current dynamic NAT translated TCP sessions.

The following logical topology shown below is used in this lab;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-network-address-translation-nat-pool/[4/12/2015 7:24:35 PM]

Configuring a Network Address Translation (NAT) Pool | Free CCNA Workbook

Establish a console session with devices R1, R2 and R3 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

!###################################################
!#

Free CCNA Workbook Lab 11-2 R2 Initial Config

!###################################################
!

enable
configure terminal
!

hostname R2

no ip domain-lookup
!
interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


encapsulation frame-relay

no frame-relay inverse-arp
exit
!

interface Serial0/0.221 point-to-point


description ### FRAME RELAY LINK TO R1 ###
ip address 10.112.12.2 255.255.255.252

!###################################################
frame-relay interface-dlci 221
!#
Free CCNA Workbook Lab 11-2 R3 Initial Config
exit

!###################################################
!
!
interface Serial0/0.223 point-to-point

enable
description ### FRAME RELAY LINK TO R3 ###
configure
terminal
ip address
171.18.24.1 255.255.255.224
!frame-relay interface-dlci 223
hostname
R3
exit

no
! ip domain-lookup

!
interface Serial0/0
interface
no shut Loopback0

description
### SIMULATED INTERNET HOST ###
exit

!ip address 4.2.2.2 255.255.255.255

!
router eigrp 10

interface
Serial0/0
no auto-summary

description
### PHYSICAL
FRAME RELAY INTERFACE ###
network 10.112.12.2
0.0.0.0
encapsulation
frame-relay
network 171.18.24.1
0.0.0.0
no
frame-relay
inverse-arp
redistribute
static

exit
passive-interface Serial0/0.223

!exit

Lab Objectives
interface
Serial0/0.322 point-to-point
!

description
### FRAME
RELAY
LINK TO R2 ###
ip
route 0.0.0.0
0.0.0.0
171.18.24.2
!ip address 171.18.24.2 255.255.255.224
frame-relay
interface-dlci 322
line
con 0
exit
logging sync

!no exec-timeout

interface
Serial0/0
!
no shut
end
exit

Create 4 new loopback interfaces on R1 using the 10.55.0.0/22 allocation and advertise them into EIGRP AS 10.

!
line con 0

Configure the respected NAT interface types then create a NAT pool on R2 starting with the IP address 171.18.24.5 and

logging sync

no exec-timeout
!

ending with the IP address 171.18.24.25 using the prefix mask of /27.

end

Create a named extended access-list on R2 matching the simulated host on R1 using only a single line in the ACL.
Configure a NAT Pool translation on R2 using the newly created named ACL and NAT Pool.
Verify that R1s simulated has IP connectivity to the simulated internet host (4.2.2.2) on R3 via NAT.
Verify on R2 that the inside host(s) are being assigned pool addresses.

Lab Instruction

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-network-address-translation-nat-pool/[4/12/2015 7:24:35 PM]

Configuring a Network Address Translation (NAT) Pool | Free CCNA Workbook

Objective 1. Create 4 new loopback interfaces on R1 using the 10.55.0.0/22 allocation and advertise them into EIGRP AS 10.
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface loopback0
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed
R1(config-if)#ip add 10.55.0.1 255.255.255.0
R1(config-if)#interface loopback1
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed
R1(config-if)#ip add 10.55.1.1 255.255.255.0
R1(config-if)#interface loopback2
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback2, changed
R1(config-if)#ip add 10.55.2.1 255.255.255.0
R1(config-if)#interface loopback3
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback3, changed
R1(config-if)#ip add 10.55.3.1 255.255.255.0
R1(config-if)#exit
R1(config)#router eigrp 10
R1(config-router)#network 10.55.0.0 0.0.3.255
R1(config-router)#end
R1#

state to up
state to up
state to up
state to up

Objective 2. Configure the respected NAT interface types then create a NAT pool on R2 starting with the IP address 171.18.24.5
and ending with the IP address 171.18.24.25 using the prefix mask of /27.
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface Serial0/0.221
R2(config-subif)#ip nat inside
%LINEPROTO-5-UPDOWN: Line protocol on Interface NVI0, changed
state to up
R2(config-subif)#interface Serial0/0.223
R2(config-subif)#ip nat outside
R2(config-subif)#exit
R2(config)#ip nat pool natpool1 171.18.24.5 171.18.24.25 prefix-length 27
R2(config)#
Objective 3. Create a named extended access-list on R2 matching the simulated host on R1 using only a single line in the ACL.
R2(config)#ip access-list extended NATPOOL_ACL
R2(config-ext-nacl)#10 permit ip 10.55.0.0 0.0.3.255 any
R2(config-ext-nacl)#exit
R2(config)#
Objective 4. Configure a NAT Pool translation on R2 using the newly created named ACL and NAT Pool.
R2(config)#ip nat inside source list NATPOOL_ACL pool natpool1
R2(config)#end
R2#
Objective 5. Verify that R1s simulated has IP connectivity to the simulated internet host (4.2.2.2) on R3 via NAT.
R1#ping 4.2.2.2 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 10.55.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/104/196 ms
R1#ping 4.2.2.2 source lo1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 10.55.1.1

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-network-address-translation-nat-pool/[4/12/2015 7:24:35 PM]

Configuring a Network Address Translation (NAT) Pool | Free CCNA Workbook

!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/108/184 ms
R1#ping 4.2.2.2 source lo2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 10.55.2.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/136/252 ms
R1#ping 4.2.2.2 source lo3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 10.55.3.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/83/224 ms
R1#
Objective 6. Verify on R2 that the inside host(s) are being assigned pool addresses.
R2#show ip nat translations
Pro Inside global
Inside local
icmp 171.18.24.5:2
10.55.0.1:2
--- 171.18.24.5
10.55.0.1
icmp 171.18.24.6:3
10.55.1.1:3
--- 171.18.24.6
10.55.1.1
icmp 171.18.24.7:4
10.55.2.1:4
--- 171.18.24.7
10.55.2.1
icmp 171.18.24.8:5
10.55.3.1:5
--- 171.18.24.8
10.55.3.1
R2#

Outside local
4.2.2.2:2
--4.2.2.2:3
--4.2.2.2:4
--4.2.2.2:5
---

Outside global
4.2.2.2:2
--4.2.2.2:3
--4.2.2.2:4
--4.2.2.2:5
---

As you can see shown in Objective 5 and 6 that the simulated host IP addresses on R1 have ip connectivity to the simulated server
on R3 via NAT pool translation.
Objective 6 shows that 10.55.0.1 has been assigned the IP 171.18.24.5 from the NAT pool, 10.55.1.1 has been assigned 171.18.24.6
and so on.

Previous Lab

Like

Tweet

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-network-address-translation-nat-pool/[4/12/2015 7:24:35 PM]

Next Lab

Configuring a Network Address Translation (NAT) Pool | Free CCNA Workbook

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-a-network-address-translation-nat-pool/[4/12/2015 7:24:35 PM]

Configuring Port Address Translation (PAT) | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Port Address Translation (PAT)

PAT, known as Port Address Translation has a much more popular name called port forwarding. This lab will discuss
and demonstrate the configuration and verification of port address translation.

Real World Application & Core Knowledge


When most people think of Network Address Translation (NAT) they immediately think of the operation of Port Address Translation
where you can translate many internal RFC1918 private addresses to a single public globally routable IP address. Most people think
that a standard consumer grade router does NAT to allow several PCs to share a single internet connection however this operation
is called Port Address Translation (PAT).
PAT is a type of Network Address Translation that translates inside local addresses to a single inside global address which would be
in most cases the IP Address your ISP assigns you. You can think of PAT as a dynamic form of extended NAT. The general
operation of PAT is quite simple.
A PC on the inside network with the IP address 10.55.1.22 attempts to communicate to the internet however its IP address is not
routable on the internet so this IP address would have to be translated to an IP address that is. When the PC attempts to
communicate to an IP address on the internet the router will port address translate the packets to its own public IP address and
random port number and install the NAT flow into the NAT table for return traffic.
So for example; PC 10.55.1.22 attempts to communicate to 4.2.2.2 so it sends its traffic to the default gateway. This router is
connected to the internet and can reach 4.2.2.2 via a T1 interface. The router then translates the incoming packet sourced from
10.55.1.22 on a random port to the IP Address of its T1 interface with a randomly generated source port and the same destination.
Once this is done the router adds the translation to the NAT table and forwards the traffic. When the traffic returns to the router it
uses the same translation to translate the return traffic back to the internal private IP host inside the network.
Port Address Translation can serve up to 10,000 PCs using a single IP address. In this scenario every internal privately address PC

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-port-address-translation-pat-many-to-one/[4/12/2015 7:24:54 PM]

Configuring Port Address Translation (PAT) | Free CCNA Workbook

could theoretically use a maximum of 6 random ports simultaneously. This is a very high number for most companies and very hard
to break. However if youre hitting the max session range on a router/firewall for PAT you can just add another public IP address to
be port address translated.
To configure Port Address Translation, you must specify the inside and outside NAT interfaces as with any NAT configuration.
Afterward youll need to create an access control list to will be referenced by the NAT translation statement to match inside networks
and/or host machines to be translated. If you have multiple public IP addresses and you wish to port address translate to an IP
address other then the IP address thats assigned to the routers WAN interface youll need to create a NAT pool with the specified IP
address(es). In most scenarios youll just port address translate to the single IP address that is assigned to the routers public
interface. When using the IP address of the routers interface you do not need to specify a pool. You just specify the interface name
followed by overload. Example; ip nat inside source list PAT_TRAFFIC interface Serial0/0.223 overload
In this lab you will be using R1, R2 and R3 to simulate a small company network connected to an ISP at R2 and using R2 to port
address translate simulated inside host machines with private IP addresses from R1 to a single public IP address so inside machines
can reach the simulated internet host 4.2.2.2 on R3.
Please review the following command(s) listed below;

Command

Description

ip nat inside source list


aclnameor# ip.ip.ip.ip
overload

This command is executed in global configuration mode to configure a NAT translation that
matches inside host to be permitted to be port address translated to a specific IP Address.

ip nat inside source list


aclnameor# interface
interface#/# overload

This command is executed in global configuration mode to configure a NAT translation that
matches inside host that will permitted to be port address translated to a specific IP Address
assigned to a specific interface.

show ip nat translations

This command is executed in user or privileged mode to view all the current NAT translations in
the routers NAT table.

clear ip nat translation *

This command is executed in privileged mode to purge all the dynamic NAT translations that
exist in the routing table. If this command is executed in a live network take caution as it will
drop current dynamic NAT translated TCP sessions.

The following logical topology shown below is used in this lab;

Lab Prerequisites

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-port-address-translation-pat-many-to-one/[4/12/2015 7:24:54 PM]

Configuring Port Address Translation (PAT) | Free CCNA Workbook

If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

!###################################################
!#

Free CCNA Workbook Lab 11-3 R2 Initial Config

!###################################################
!

enable
configure terminal
!

hostname R2

no ip domain-lookup
!
interface Serial0/0

description ### PHYSICAL FRAME RELAY INTERFACE ###


encapsulation frame-relay

no frame-relay inverse-arp
exit
!

interface Serial0/0.221 point-to-point


description ### FRAME RELAY LINK TO R1 ###
ip address 10.113.12.2 255.255.255.252

!###################################################
frame-relay interface-dlci 221
!#
Free CCNA Workbook Lab 11-3 R3 Initial Config
exit

!###################################################
!
!
interface Serial0/0.223 point-to-point

enable
description ### FRAME RELAY LINK TO R3 ###
configure
terminal
ip address
172.29.81.1 255.255.255.252
!frame-relay interface-dlci 223
hostname
R3
exit

no
! ip domain-lookup

!
interface Serial0/0
interface
no shut Loopback0

description
### SIMULATED INTERNET HOST ###
exit

!ip address 4.2.2.2 255.255.255.255

!
router eigrp 10

interface
Serial0/0
no auto-summary

description
### PHYSICAL
FRAME RELAY INTERFACE ###
network 10.113.12.2
0.0.0.0
encapsulation
frame-relay
network 172.29.81.1
0.0.0.0
no
frame-relay
inverse-arp
redistribute
static

exit
passive-interface Serial0/0.223

!exit

Lab Objectives
interface
Serial0/0.322 point-to-point
!

description
### FRAME
RELAY
LINK TO R2 ###
ip
route 0.0.0.0
0.0.0.0
172.29.81.2
!ip address 172.29.81.2 255.255.255.224
frame-relay
interface-dlci 322
line
con 0
exit
logging sync

!no exec-timeout

interface
Serial0/0
!
no shut
end
exit

Create 4 new loopback interfaces on R1 using the 10.55.0.0/22 allocation and advertise them into EIGRP AS 10.

!
line con 0

Configure the respected NAT inside/outside interfaces on R2.

logging sync

no exec-timeout
!
end

Create a named extended named access-list on R2 matching the simulated host on R1 using only a single line in the ACL.
Configure a NAT translation statement to Port Address Translate any host machines matching the access-list previously
created to the IP address of Serial0/0.223
Verify that you can ping the simulated host 4.2.2.2 located on R3 from R1s simulated host loopback interfaces you created
earlier.
After verifying IP connectivity between the inside simulated host machines on R1 to the simulated internet host on R3
(4.2.2.2), view the NAT translation table on R2 and verify that the router is translating the inside local addresses to a single
inside global address.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-port-address-translation-pat-many-to-one/[4/12/2015 7:24:54 PM]

Configuring Port Address Translation (PAT) | Free CCNA Workbook

Lab Instruction
Objective 1. Create 4 new loopback interfaces on R1 using the 10.55.0.0/22 allocation and advertise them into EIGRP AS 10.
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#interface loopback0
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed
R1(config-if)#ip add 10.55.0.1 255.255.255.0
R1(config-if)#interface loopback1
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed
R1(config-if)#ip add 10.55.1.1 255.255.255.0
R1(config-if)#interface loopback2
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback2, changed
R1(config-if)#ip add 10.55.2.1 255.255.255.0
R1(config-if)#interface loopback3
%LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback3, changed
R1(config-if)#ip add 10.55.3.1 255.255.255.0
R1(config-if)#exit
R1(config)#router eigrp 10
R1(config-router)#network 10.55.0.0 0.0.3.255
R1(config-router)#end
R1#

state to up
state to up
state to up
state to up

Objective 2. Configure the respected NAT inside/outside interfaces on R2.


R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface Serial0/0.221
R2(config-subif)#ip nat inside
%LINEPROTO-5-UPDOWN: Line protocol on Interface NVI0, changed state to up
R2(config-subif)#interface Serial0/0.223
R2(config-subif)#ip nat outside
R2(config-subif)#exit
R2(config)#
Objective 3. Create a named extended named access-list on R2 matching the simulated host on R1 using only a single line in the
ACL.
R2(config)#ip access-list extended PAT_TRAFFIC_ACL
R2(config-ext-nacl)#10 permit ip 10.55.0.0 0.0.3.255 any
R2(config-ext-nacl)#exit
R2(config)#
Objective 4. Configure a NAT translation statement to Port Address Translate any host machines matching the access-list
previously created to the IP address of Serial0/0.223.
R2(config)#ip nat inside source list PAT_TRAFFIC_ACL interface Serial0/0.223 overload
R2(config)#end
R2#
Objective 5. Verify that you can ping the simulated host 4.2.2.2 located on R3 from R1s simulated host loopback interfaces you
created earlier.
R1#ping 4.2.2.2 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-port-address-translation-pat-many-to-one/[4/12/2015 7:24:54 PM]

Configuring Port Address Translation (PAT) | Free CCNA Workbook

Packet sent with a source address of 10.55.0.1


!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/94/168 ms
R1#ping 4.2.2.2 source lo1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 10.55.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/108/200 ms
R1#ping 4.2.2.2 source lo2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 10.55.2.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 72/133/196 ms
R1#ping 4.2.2.2 source lo3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
Packet sent with a source address of 10.55.3.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/114/240 ms
R1#
Objective 6. After verifying IP connectivity between the inside simulated host machines on R1 to the simulated internet host on R3
(4.2.2.2), view the NAT translation table on R2 and verify that the router is translating the inside local addresses to a single inside
global address.
R2#show ip nat translations
Pro Inside global
Inside local
icmp 172.29.81.1:2
10.55.0.1:2
icmp 172.29.81.1:3
10.55.1.1:3
icmp 172.29.81.1:4
10.55.2.1:4
icmp 172.29.81.1:5
10.55.3.1:5
R2#

Outside local
4.2.2.2:2
4.2.2.2:3
4.2.2.2:4
4.2.2.2:5

Outside global
4.2.2.2:2
4.2.2.2:3
4.2.2.2:4
4.2.2.2:5

As shown above in R2s NAT translation table you will see the inside global IP address and source port number(s) assigned to the
inside local source IP addresses per NAT translation flow. (A NAT Translation flow is a single line entry in the NAT Translation table).

Previous Lab

Like

311 Tweet

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-port-address-translation-pat-many-to-one/[4/12/2015 7:24:54 PM]

Next Lab

Configuring Port Address Translation (PAT) | Free CCNA Workbook

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-port-address-translation-pat-many-to-one/[4/12/2015 7:24:54 PM]

Configuring the Cisco IOS DHCP Server | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring Cisco IOS DHCP Server

Small offices dont necessarily have dedicated DHCP Servers so its quite common to embedded this service into
routers and/or switches. This lab will discuss and demonstrate the configuration and verification of the Cisco IOS
DHCP Server.

Real World Application & Core Knowledge


In the world of networking it can be a real big pain when you have to assign static IP addresses to hundreds of different PCs on the
network. The fix for this is Dynamic Host Configuration Protocol which is a type of server that can provide an ip address
automatically to network host requesting an IP Address on the network.
DHCP in general has a pretty simple operational concept. It responds to DHCP request from PCs on the network. DHCP can provide
several different attributes during its reply to a host request such as domain name, WINS Server(s), DNS Server(s), default gateway,
NTP Server, TFTP Options etc
In a network of 5000 PCs it would take several hundred man hours to assign IP addresses to each machine however using DHCP
will cut the several hundred hours down to a few hours of careful planning and implementation of a DHCP Server on the network.
DHCP is used in nearly every single network in the world today however there are some benefits of assigning IP Addresses statically
such as IP addressing in a demilitarized zone (DMZ) or for servers in a data center and of course all network infrastructure devices
which include routers, switches, firewalls and etc should be assigned static IP addresses.
Its common to configure a DHCP server on a Cisco Router or Switch that is used in a small branch office. For example a branch
office has a single T1 and if you have the network configured in a way the DHCP server exist on the other side of the T1 then if the
T1 ever fails, PCs on the network will not be able to obtain a DHCP address and thus could prevent site local productivity such as
printing or site local servers.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-cisco-ios-dhcp-server/[4/12/2015 7:25:17 PM]

Configuring the Cisco IOS DHCP Server | Free CCNA Workbook

When first learning about DHCP the first question that is often the most puzzling question is how does a DHCP server know to
provide a host an IP address in 10.114.12.0/24 network when the DHCP server is in the 10.114.94.0/24 network?
This is done through the use IP helper addresses which will be discussed in Lab 11-6.
There are several configuration requirements to a Cisco IOS DHCP Server. The first step is to create a DHCP pool on a Cisco router
or switch. To create the pool you must name the pool. This is done by using the ip dhcp pool POOL_NAME
Once youve created the DHCP Pool youll be placed into DHCP configuration mode denoted by the hostname(dhcp-config)# prompt.
There are several variables you must assign to the pool, the first being optional which is the domain name which will be assigned to
host learning the DHCP addresses. This is configured using the domain-name NAME
Next up would be the pools network in which the pool provides DHCP address to host from. This is configured using the network
A.B.C.D /x whereas A.B.C.D is the network address and the /x is the CIDR netmask. Example; 225.255.255.0 = /24
You have the ability to specify how long the DHCP can lease out its IP addresses to host machines by using the lease days hours
minutes seconds command. The default is 24 hours.
The DNS Server(s) can be automatically learned via DHCP replies from a host. To configure the DHCP server to provide DNS Server
information in Cisco IOS, youll use the dns-server A.B.C.D. If you wish to add multiple DNS servers then add the second DNS
servers ip address after the first one. Example; dns-server 10.114.12.16 10.114.54.16.
If you still use the Microsoft WINS service in your network infrastructure you have the ability to specify the WINS servers to be
included in the DHCP response. To specify WINS servers on the Cisco IOS DHCP Server use the netbios-name-server A.B.C.D.
The same command syntax that is used by DNS is also used to configure multiple WINS servers.
The last and most important option that will be discussed in this lab is the default gateway option. When a host PC on the network
request a DHCP address it does not know the default gateway automatically but will be learned via the DHCP reply. To configure the
Cisco IOS DHCP server to include the default gateway information in the DHCP responses then youll need to use the default-router
A.B.C.D command.
In this lab you will configure R1 as a DHCP server and R2 as a DHCP client to simulate a PC on the network.
Familiarize yourself with the following new command(s) listed below;

Command

Description

ip dhcp pool POOL_NAME

This command is executed in global configuration mode to create a new Cisco IOS
DHCP Server pool.

domain-name NAME

This command is executed in DHCP configuration mode to specify a domain name to be


included in DHCP replies.

network A.B.C.D /x

This command is executed in DHCP configuration mode to specify a network in which


the DHCP pool provides DHCP addresses from to host clients upon request.

lease days hours minutes seconds

This command is executed in DHCP configuration mode to specify the DHCP address
lease time of IP addresses allocated by that DHCP Server. The default is 24 hours.

dns-server 10.114.12.16

This command is executed in DHCP configuration mode to specify DNS Server(s) to be

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-cisco-ios-dhcp-server/[4/12/2015 7:25:17 PM]

Configuring the Cisco IOS DHCP Server | Free CCNA Workbook

10.114.54.16

included in DHCP replies.

netbios-name-server A.B.C.D

This command is executed in DHCP configuration mode to specify WINS Server(s) to be


included in DHCP replies.

default-router A.B.C.D

This command is executed in DHCP configuration mode to specify the default gateway
that will be included in DHCP replies.

The following logical topology shown below is used in this lab;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and SW1.
Establish a console session with devices R1, R2 and SW1 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

!###################################################
!#

Free CCNA Workbook Lab 11-4 R2 Initial Config

!###################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface FastEthernet0/0
description ### LAN INTERFACE ###
no shut
!
line con 0
logging sync
no exec-timeout
!
end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-cisco-ios-dhcp-server/[4/12/2015 7:25:17 PM]

Configuring the Cisco IOS DHCP Server | Free CCNA Workbook


!###################################################
!#

Free CCNA Workbook Lab 11-4 SW1 Initial Config #

!###################################################
!
enable
configure terminal
!
hostname SW1
no ip domain-lookup
!
!
line con 0

logging sync

no exec-timeout

end

Lab Objectives
Create a DHCP pool on R1 using the name LAB_POOL1
Assign the domain name TESTLAB.LOCAL to the DHCP pool LAB_POOL1
Assign the network 10.114.12.0/24 to the DHCP pool LAB_POOL1
Assign the DHCP Address lease time of 7 days to the DHCP pool LAB_POOL1
Assign the DNS Servers 10.114.18.6 and 10.114.18.7 to the DHCP pool LAB_POOL1
Assign the WINS Servers 10.114.18.4 and 10.114.18.5 to the DHCP pool LAB_POOL1
Assign the default gateway of 10.114.12.1 to the DHCP pool LAB_POOL1
Configure R2s FastEthernet0/0 interface to obtain an IP Address via DHCP. Verify that R1 has provided R2 a DHCP IP
address and that you can ping R1s FastEthernet0/0 interface using the newly acquired DHCP address.

Lab Instruction
Objective 1. Create a DHCP pool on R1 using the name LAB_POOL1
R1>enable
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#ip dhcp pool LAB_POOL1

End with CNTL/Z.

Objective 2. Assign the domain name TESTLAB.LOCAL to the DHCP pool LAB_POOL1
R1(dhcp-config)#domain-name TESTLAB.LOACL

Objective 3. Assign the network 10.114.12.0/24 to the DHCP pool LAB_POOL1


R1(dhcp-config)#network 10.114.12.0 /24

Objective 4. Assign the DHCP Address lease time of 7 days to the DHCP pool LAB_POOL1
R1(dhcp-config)#lease 7

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-cisco-ios-dhcp-server/[4/12/2015 7:25:17 PM]

Configuring the Cisco IOS DHCP Server | Free CCNA Workbook

Objective 5. Assign the DNS Servers 10.114.18.6 and 10.114.18.7 to the DHCP pool LAB_POOL1
R1(dhcp-config)#dns-server 10.114.18.6 10.114.18.7

Objective 6. Assign the WINS Servers 10.114.18.4 and 10.114.18.5 to the DHCP pool LAB_POOL1
R1(dhcp-config)#netbios-name-server 10.114.18.4 10.114.18.5

Objective 7. Assign the default gateway of 10.114.12.1 to the DHCP pool LAB_POOL1
R1(dhcp-config)#default-router 10.114.12.1
R1(dhcp-config)#end
R1#
Objective 8. Configure R2s FastEthernet0/0 interface to obtain an IP Address via DHCP. Verify that R1 has provided R2 a DHCP
IP address and that you can ping R1s FastEthernet0/0 interface using the newly acquired DHCP address.
To verify that FastEthernet0/0 has learned its IP address via DHCP use the show ip interface brief command.
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface Fastethernet0/0
R2(config-if)#ip address dhcp
R2(config-if)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#
%DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0/0 assigned DHCP address 10.114.12.2, mask 255.2
55.255.0, hostname R2
R2#show ip interface brief FastEthernet0/0
Interface
IP-Address
OK? Method Status
FastEthernet0/0
10.114.12.2
YES DHCP
up
R2#ping 10.114.12.1

Protocol
up

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 10.114.12.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/59/152 ms
R2#

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-cisco-ios-dhcp-server/[4/12/2015 7:25:17 PM]

Next Lab

Configuring the Cisco IOS DHCP Server | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-cisco-ios-dhcp-server/[4/12/2015 7:25:17 PM]

Configuring an IOS DHCP Server IP Exclusion Range | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring DHCP Server Exclusion Range

When configuring a DHCP pool you must specify the network and subnet for the IP address pool. But what if you need
to exclude some IP addresses from being allocated? This lab will discuss and demonstrate the configuration and
verification of ios dhcp server exclusion ranges

Real World Application & Core Knowledge


If youve completed Lab 11-4 Configuring the Cisco IOS DHCP Server then you should have a general understanding on how to
configure the Cisco IOS DHCP Server.
However when you specified a network in the DHCP pool youll notice that the router would use the entire network to provide DHCP
addresses and start with the lowest IP address available first. In many cases this would not suit the needs of network engineers who
need to specify a range of ip addresses in a network to be statically configured only. For example, many networks that use a /24
netmask will carve out the first and last 25 IP addresses of the subnet for administrative and static use only. In this case only
addresses .26 through .229 would be usable thus giving you 204 DHCP addresses to be used with PCs on the network segment.
By default the Cisco IOS Server does not carve out any IP addresses in the DHCP Pools network. To do this youll need to configure
an exclusion range to prevent the DHCP server from handing out IP Addresses in a specified range that fall in the network statement
of a DHCP pool.
To specify an exclusion range youll use the ip dhcp exclusion s.s.s.s e.e.e.e whereas the s.s.s.s is the starting ip address and the
e.e.e.e is the ending ip address of the range.
In this lab youll continue where you left on with 11-4 Configuring the Cisco IOS DHCP Server and configure an exclusion range for
the first and last 25 IP addresses of the 10.115.10.0/24 network.
Please review the following command(s) listed below;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-ios-dhcp-server-ip-exclusion-range/[4/12/2015 7:25:36 PM]

Configuring an IOS DHCP Server IP Exclusion Range | Free CCNA Workbook

Command

Description

ip dhcp exclusion s.s.s.s


e.e.e.e

This command is executed in global configuration mode to specify an IP DHCP exclusion range
whereas s.s.s.s is the starting IP Address and e.e.e.e is the ending IP address of the range.

This lab will use the same logical topology as Lab 11-5 however the IP Addressing has changed as shown below;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and SW1
Establish a console session with devices R1, R2 and SW1 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

!###################################################
!#

Free CCNA Workbook Lab 11-4 R2 Initial Config

!###################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface FastEthernet0/0
description ### LAN INTERFACE ###
ip address dhcp
no shut
!
line con 0
logging sync
no exec-timeout
!
end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-ios-dhcp-server-ip-exclusion-range/[4/12/2015 7:25:36 PM]

Configuring an IOS DHCP Server IP Exclusion Range | Free CCNA Workbook


!###################################################
!#

Free CCNA Workbook Lab 11-4 SW1 Initial Config #

!###################################################
!
enable
configure terminal
!
hostname SW1
no ip domain-lookup
!
line con 0
logging sync
no exec-timeout

end

Lab Objectives
Create a IP DHCP Exclusion range to exclude the first and last 25 IP addresses of the 10.115.10.0/24 network on R1.
Verify your configuration by renewing the IP address on R2s FastEthernet0/0 interface.

Lab Instruction
Objective 1. Create a IP DHCP Exclusion range to exclude the first and last 25 IP addresses of the 10.115.10.0/24 network on R1.
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip dhcp excluded-address 10.115.10.1 10.115.10.25
R1(config)#ip dhcp excluded-address 10.115.10.229 10.115.10.254
R1(config)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#

Objective 2. Verify your configuration by renewing the IP address on R2s FastEthernet0/0 interface.
To clear the DHCP IP address from an Ethernet interface you can bounce the interface by shutting it down and waiting 10 seconds
and bringing it back up or you can configure the interface to have no ip address then wait 10 seconds and configure the interface to
have a DHCP IP Address again thus forcing the router to send a dhcp request.
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface FastEthernet0/0
R2(config-if)#no ip address
R2(config-if)#ip address dhcp
R2(config-if)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#
%DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0/0 assigned DHCP
address 10.115.10.26, mask 255.255.255.0, hostname R2
R2#
As shown above in the syslog messages, you see that the FastEthernet0/0 interface on R2 has now obtained the 10.115.10.26
DHCP IP address which is the first address available outside of the excluded ranges configured in objective 1.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-ios-dhcp-server-ip-exclusion-range/[4/12/2015 7:25:36 PM]

Configuring an IOS DHCP Server IP Exclusion Range | Free CCNA Workbook

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-ios-dhcp-server-ip-exclusion-range/[4/12/2015 7:25:36 PM]

Configuring an IP DHCP Helper Address | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring IP DHCP Helper Address

Have you ever wondered how DHCP clients get IP addresses from servers not on their own subnet? This lab will
discuss and demonstrate the configuration and verification of an IP DHCP helper addresses.

Real World Application & Core Knowledge


So have you ever wondered how a single DHCP server can provide DHCP IP addresses to every PC on the network when the DHCP
server is not on the same broadcast domain? After all DHCP request are broadcast request right?
Many people wonder how this works but the answer is quite simple. Its called an IP Helper address. DHCP IP Helper addresses are
IP addresses configured on a routed interface such as a VLAN Interface or a routers Ethernet interface that allows that specific
device to act as a middle man which forwards BOOTP (Broadcast) DHCP request it receives on an interface to the DHCP server
specified by the IP Helper address via unicast.
To configure an IP helper address youll use the ip helper-address a.b.c.d in interface configuration mode on the interface that is
connected to the broadcast domain in which you wish to provide DHCP IP addresses. For example, a VLAN interface or an Ethernet
interface on a router connected to a Cisco switch or segregated by a layer 2 VLAN.
In this lab R1 and R2 are placed separate VLANs and you will create DHCP pools for each VLAN on R1 then configure an IP Helper
address on SW1s VLAN20 interface connecting to R2 VLAN to ensure that devices on that Ethernet segment can receive DHCP IP
address from the DHCP Server (R1). You will test the DHCP and IP Helper configuration using R2 as a simulated host PC.
Familiarize yourself with the following new command(s);

Command

Description

ip helper-address a.b.c.d

This command is executed in interface configuration mode to enable a Layer 3 interface to

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-ip-dhcp-helper-address/[4/12/2015 7:25:53 PM]

Configuring an IP DHCP Helper Address | Free CCNA Workbook

receive BOOTP DHCP Request and forward them to a specified DHCP server.
The following logical topology shown below is used in this lab;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and SW1
Establish a console session with devices R1, R2 and SW1 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

!###################################################
!#

Free CCNA Workbook Lab 11-6 R2 Initial Config

!###################################################
!

enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface FastEthernet0/0
description ### LAN INTERFACE ###
ip address dhcp
no shut
!

exit
line con 0
logging sync
no exec-timeout

!###################################################
!
!# Free CCNA Workbook Lab 11-6 SW1 Initial Config #
end

!###################################################
!
enable
!
vlan database
vlan 10
vlan 20
exit
!
configure terminal
!
vlan 10
name 10.116.10.0/24
!
vlan 20
name 10.116.20.0/24
!
hostname SW1
no ip domain-lookup
!
ip routing
!
interface FastEthernet0/1

switchport mode access


http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-ip-dhcp-helper-address/[4/12/2015
7:25:53 PM]

Configuring an IP DHCP Helper Address | Free CCNA Workbook

Lab Objectives
On R1 create a new DHCP pool called LAB_POOL2 and assign it the following attributes; network 10.116.20.0/24, defaultrouter of 10.116.20.2, domain name TESTLAB.LOCAL, DNS servers 10.116.18.6 & 10.116.18.7
On SW1 configure the VLAN20 interface with an IP Helper address that points to 10.116.10.1
Verify that R2 can receive a DHCP address from R1 in the 10.116.20.0/24 network.

Lab Instruction
Objective 1. On R1 create a new DHCP pool called LAB_POOL2 and assign it the following attributes; network 10.116.20.0/24,
default-router of 10.116.20.2, domain name TESTLAB.LOCAL, DNS servers 10.116.18.6 & 10.116.18.7
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ip dhcp pool LAB_POOL2
R1(dhcp-config)#network 10.116.20.0 255.255.255.0
R1(dhcp-config)#default-router 10.116.20.2
R1(dhcp-config)#domain-name TESTLAB.LOCAL
R1(dhcp-config)#dns-server 10.116.18.6 10.116.18.7
R1(dhcp-config)#end
R1#
Objective 2. On SW1 configure the VLAN20 interface with an IP Helper address that points to 10.116.10.1
SW1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
SW1(config)#interface vlan 20
SW1(config-if)#ip helper-address 10.116.10.1
SW1(config-if)#end
SW1#
%SYS-5-CONFIG_I: Configured from console by console
SW1#
Objective 3. Verify that R2 can receive a DHCP address from R1 in the 10.116.20.0/24 network.
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface FastEthernet0/0
R2(config-if)#shut
R2(config-if)#
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down
R2(config-if)#no shut
R2(config-if)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#
%LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R2#
%DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0/0 assigned DHCP address 10.116.20.3, mask 255.2
55.255.0, hostname R2
R2#ping 10.116.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.116.10.1, timeout is 2 seconds:
!!!!!

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-ip-dhcp-helper-address/[4/12/2015 7:25:53 PM]

Configuring an IP DHCP Helper Address | Free CCNA Workbook

Success rate is 100 percent (5/5), round-trip min/avg/max = 48/108/164 ms


R2#

Previous Lab

Like

Next Lab

14 Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-an-ip-dhcp-helper-address/[4/12/2015 7:25:53 PM]

Configuring the Cisco IOS NTP Client | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

NTP Client Configuration

Keeping the date and time correct on a Cisco Router and/or Switch is crucial to security and logging. Setting the date
in time manually on 5000 devices in a network is not an option but there is an easy way out called NTP. This lab will
discuss and demonstrate the configuration and verification of the Network Time Protocol.

Real World Application & Core Knowledge


Im sure at least once a day you wonder what time it is right? Well just like us Cisco devices have a very good reason to know what
time it is as well. When you look at the SYSLogs on a Cisco device they are all date/time stamped which indicates obviously when
the event occurred. For example such as such T1 went to link state down on January 14th 2010 @ 5:32:53AM.
Another reason as to why a Cisco device will need to know the exact time is due to key chain security which is commonly used as
secret passwords so to speak to ensure no unauthorized routers attempt to become neighbors with EIGRP enabled routers. These
keys have a life time on them specified by a valid date range. Eg; Jan 1st 2010 at 12:00am through Jan 1st 2011 12:00am. Keep in
mind though that EIGRP security is not part of the CCNA exam curriculum.
A real good day to day beneficial reason as to why to have the correct date and time on a Cisco device which is to record the last
time the running configuration was modified. Whenever you make changes to the running configuration it will also save the time and
date along with the username of who changed the config when showing the running or startup configuration.
Of course the reasons are endless; none the less it is important that all devices in your network have synchronized time and with that
being said; Network Time Protocol (NTP) is the right technology for the job.
Network Time Protocol as defined in RFC958 simply lays out a method for a device to obtain the time and date over the network with
several variables taken into consideration such as latency and processing delay to ensure the most accurate synchronization.
Todays networks use the new and approved standard NTPv3 (Network Time Protocol version 3). In a nut shell NTP uses the User

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-cisco-ios-ntp-client/[4/12/2015 7:26:12 PM]

Configuring the Cisco IOS NTP Client | Free CCNA Workbook

Datagram Protocol (UDP) on port 123 and is actually one of the oldest protocols on the internet in use today. NTP was designed by
David Mills at the University of Delaware and is still maintained by David and a team of selected volunteers.
The Network Time Protocol is based on a tiered model known as the Clock Strata which is short for Stratum meaning one of a series
of layers in Latin.
When working with a Cisco device there are 15 Stratum layers youre able to configure, 1 through 15 with 1 being the most trusted
time source and 15 being the least. In common deployments most Cisco devices are a stratum layer 4 or higher as an atomic
(caesium, rubidium) clock is a stratum 0 which is commonly directly connected via serial interface to a stratum 1 device. Stratum 2
devices are refereed to as Time Servers query their time to from stratum 1 devices and provide the time to stratum 3 devices which
commonly reside in a local area network as the local time server. NTP Servers can query other NTP Servers as long as they are in
the same stratum layer and this can occur to ensure the most accurate synchronization of time. A Stratum 4 device retrieves their
time from the LAN time server(s) which in properly designed network would be a stratum 3.
One bit of information to really keep in mind when dealing with NTP to save a lot of frustration and headaches is that an NTP client
will not sync with a server that has an earlier date/time.
Okay so enough with the jibber jabber and lets get down to business. To configure the NTP client on a Cisco device youll use the ntp
server x.x.x.x command in global configuration. You can specify multiple NTP servers if you have multiple servers in your network;
this ensures that a cisco device has NTP redundancy and can still obtain the time from a server if one were to fail. However the
catch to this configuration is that the servers are processed top down in the configuration but you have the ability to specify a
preferred server using the command ntp server x.x.x.x prefer.
Another way of configuring NTP servers on a Cisco device is to use the ntp peer x.x.x.x command in global configuration. This
command will allow you to use multiple NTP servers in a peer group and the server that is the most accurate with the lowest stratum
number will become the NTP server of the peer group.
To verify that your Cisco device is learning the time via NTP youll need to use the show ntp associations which will show you the
current NTP peers on the device and additional information including the NTP Peers reference clock, their stratum #, poling interval,
reach, delay and offset.
In this lab you will configure R2 as an NTP client which queries its time from the preferred NTP server; R1. In this labs lab R1 is preconfigured as an stratum 3 NTP Server.
Familiarize yourself with the following new command(s) listed below;

Command

Description

ntp server x.x.x.x

This command is executed in global configuration and configures an NTP server as to which the
device will query for the time.

ntp server x.x.x.x prefer

This command is executed in global configuration and configures an NTP server as a preferred
server when multiple servers are configured.

ntp peer x.x.x.x

This command is executed in global configuration mode and configures a peer group of multiple
specified NTP servers whereas the most accurate lowest stratum server becomes the NTP
Server of the peer group.

show ntp associations

This command is executed in user or privileged mode to view the current NTP peers and their
NTP related information.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-cisco-ios-ntp-client/[4/12/2015 7:26:12 PM]

Configuring the Cisco IOS NTP Client | Free CCNA Workbook

The following logical topology shown below is to be used in this lab;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1 and R2
Establish a console session with devices R1 and R2 than load the initial configurations provided below by copying the config
from the textbox and pasting it into the respected routers console.

!###################################################
!#

Free CCNA Workbook Lab 11-7 R2 Initial Config

!###################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Serial0/1
description ### PPP LINK TO R1 ###
encapsulation ppp
ip address 10.117.12.2 255.255.255.252
no shut
exit
!
line con 0
logging sync
no exec-timeout

Lab Objectives
!

end

Configure the time and date on R1 as 00:00:00 Jan 1, 2010 to ensure the configured time is different then the actual time to
demonstrate NTP.
Configure R2 to use the NTP server located at 10.117.12.1.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-cisco-ios-ntp-client/[4/12/2015 7:26:12 PM]

Configuring the Cisco IOS NTP Client | Free CCNA Workbook

Verity that R2 has obtained the correct date and time from R1 via NTP by viewing the NTP associations and the local clock.

Lab Instruction
Objective 1. Configure the time and date on R1 as 17:00:00 Jan 1, 2005 to ensure the configured time is different then the actual
time to demonstrate NTP.
R1#clock set 00:00:00 1 jan 2010
R1#

Objective 2. Configure R2 to use the NTP server located at 10.117.12.1.


R2#configure terminal
Enter configuration commands, one per line.
R2(config)#ntp server 10.117.12.1
R2(config)#end
R2#

End with CNTL/Z.

Objective 3. Verity that R2 has obtained the correct time and date from R1 via NTP by viewing the NTP associations and the local
clock.
R2#show ntp associations
address
ref clock
st when poll reach delay offset
disp
*~10.117.12.1
127.127.7.1
3
58
64
7
5.1
-0.93 3875.2
* master (synced), # master (unsynced), + selected, - candidate, ~ configured
R2#show clock
00:05:18.467 UTC Fri Jan 1 2010
R2#
As shown above by the show ntp associations command youll see that the server 10.117.12.1 is the master (synced) server as
denoted by the *. Once viewing the clock you can confirm that the time has indeed been synchronized via NTP.

Previous Lab

Like

Tweet

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-cisco-ios-ntp-client/[4/12/2015 7:26:12 PM]

Next Lab

Configuring the Cisco IOS NTP Client | Free CCNA Workbook

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-cisco-ios-ntp-client/[4/12/2015 7:26:12 PM]

Configuring the Cisco IOS NTP Server | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Cisco IOS NTP Server

So configuring an external NTP Server is great to keep the date and time syncd on evey device but what if you want
to host your own NTP Server? This lab will discuss and demonstrate the configuration and verification of Cisco IOS
NTP server.

Real World Application & Core Knowledge


If youve completed Lab 11-7 Configure the Cisco IOS NTP Client then youre probably pretty curious as to how R1 is configured as
an NTP Server in that lab. When you think about it, its pretty cool to have a Cisco device as an NTP Server. In the real world you can
have a high end Cisco 7200 or 7600 Cisco router as an NTP Server and have the entire infrastructure including the Windows or
Linux network to obtain its time from the same NTP server in the network to ensure every device is in sync.
The configuration is quite simple, just a single command. To configure a supported Cisco device as a NTP Server youll use the ntp
master # command in global configuration whereas the # is the stratum layer of the device. For example; ntp master 3 would
configure the Cisco device as an Stratum 3 NTP Server.
In this lab you will configure R1 as an NTP Server and R2 as an NTP Client which queries its time from the NTP server; R1.
Familiarize yourself with the following new command(s) listed below;

Command

Description

ntp master #

This command is executed in global configuration and configures the Cisco device as an NTP
Master server followed by the stratum number provided. Cisco devices will only allow the
stratum # to be a configured as a value between 1 and 15.

The following logical topology shown below is to be used in this lab;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-cisco-ios-ntp-server/[4/12/2015 7:26:43 PM]

Configuring the Cisco IOS NTP Server | Free CCNA Workbook

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1 and R2
Establish a console session with devices R1 and R2 than load the initial configurations provided below by copying the config
from the textbox and pasting it into the respected routers console.

!###################################################
!#

Free CCNA Workbook Lab 11-8 R2 Initial Config

!###################################################
!

enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Serial1/1
description ### PPP LINK TO R1 ###
encapsulation ppp
ip address 10.118.12.2 255.255.255.252
no shut
exit
!
line con 0
logging sync
no exec-timeout

Lab Objectives
!

end

Manually configure the time and date on R1 to the current time and date.
Configure R1 as an NTP Master server in the stratum 3 layer.
Configure R2 as an NTP client using R1 as its NTP Server.
Verify that R2 is correctly syncing its time and date with R1.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-cisco-ios-ntp-server/[4/12/2015 7:26:43 PM]

Configuring the Cisco IOS NTP Server | Free CCNA Workbook

Lab Instruction
Objective 1. Manually configure the time and date on R1 to the current time and date.
R1#clock set 20:00:00 aug 26 2010

Objective 2. Configure R1 as an NTP Master server in the stratum 3 layer.


R1#configure terminal
Enter configuration commands, one per line.
R1(config)#ntp master 3
R1(config)#end
R1#

End with CNTL/Z.

Objective 3. Configure R2 as an NTP client using R1 as its NTP Server.


R2#configure terminal
Enter configuration commands, one per line.
R2(config)#ntp server 10.118.12.1
R2(config)#end
R2#

End with CNTL/Z.

Objective 4. Verify that R2 is correctly syncing its time and date with R1.
Read Me
You may need to wait a few minutes before R2 will synchronize its time with R1, so do not get discouraged if it does not sync
immediately.
R2#show ntp associations
address
ref clock
st when poll reach delay offset
disp
*~10.118.12.1
127.127.7.1
3
52
64 377
3.2
-1.38
0.9
* master (synced), # master (unsynced), + selected, - candidate, ~ configured
R2#
R2#
R2#show clock
20:05:05.581 UTC Thu Aug 26 2010
R2#
As you can see from the NTP associations above that 10.118.12.1 is now the configured master and it is synchronized as its a
denoted by the ~ and not the #.

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-cisco-ios-ntp-server/[4/12/2015 7:26:43 PM]

Next Lab

Configuring the Cisco IOS NTP Server | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-the-cisco-ios-ntp-server/[4/12/2015 7:26:43 PM]

Configuring Cisco IOS DNS Name Servers | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Setting IOS DNS Servers

So if you want a Cisco device to resolve names to IPs you must setup DNS Servers. This lab will discuss and
demonstrate the configuration and verification of Cisco IOS DNS Servers.

Real World Application & Core Knowledge


If youve ever wondered how typing a URL in the web browser takes you to a specific website then youre in for a treat, however if
you already know how DNS works then this should be just review for you.
Domain Name System (DNS) is a type of service that translates names into IP addresses. When you visit a URL on the internet
youre going to the URLs website however behind the scene the DNS servers translate that name to an IP Address so that way you
would not have to remember 209.191.122.70 as yahoo.com
DNS has made the operation of the modern network so much easier as its obviously easier to remember www.companyname.com
instead of some random sets of numbers. Most people have a hard time remembering telephone numbers. Could you imagine
having to remember all the IP Addresses of all the popular websites? That could potentially cause chronic headaches.
In the Cisco world, you have the ability to configure multiple DNS Servers on a Cisco device running the Cisco Internetwork
Operating System (Cisco IOS) to ease network management. To configure a DNS server on a Cisco Router and/or Switch youll use
the ip name-server a.b.c.d command in global configuration mode. You can however specify multiple DNS servers by typing the next
servers IP Address following the first DNS server specified. Example; ip name-server 10.1.50.6 10.1.50.7
After specifying DNS servers you have the ability to ping named host such as yahoo.com or internal network host using the internal
DNS servers. Cisco automatically attempts to resolve IP addresses to name when using the traceroute command when you have
DNS servers specified.
In this lab you will configure R1 to use the DNS servers of 4.2.2.2 and 4.2.2.4 (Public DNS Servers hosted by Verizon/GTE) and then

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-ios-dns-name-servers/[4/12/2015 7:27:03 PM]

Configuring Cisco IOS DNS Name Servers | Free CCNA Workbook

test the DNS name resolution by pinging Google.com from R1s command line interface.
Familiarize yourself with the following new command(s) listed below;

Command

Description

ip name-server a.b.c.d

This command is executed in global configuration to specify DNS servers to be used by the
Cisco device during name to ip resolution. You may have multiple servers by adding the next
server IP Address following the first in this command.

The following logical topology shown below is to be used in this lab;

Lab Prerequisites
If you are using GNS3 than delete the link between R1s FastEthernet0/0 and SW1s FastEthernet0/1, than configure a NIO
Cloud in GNS3 and bind it to your physical NIC than connect it to R1s FastEthernet0/0 interface. Ensure that you have
internet connectivity.
If youre using real hardware than ensure that R1s FastEthernet0/0 interface is plugged into a network with DHCP and internet
access.
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start device(s); R1.
Establish a console session with device(s) R1 than load the initial configurations provided below by copying the config from the
textbox and pasting it into the respected routers console.

Lab Objectives
Ensure that R1 has obtained a DHCP address from your internet gateway and verify that R1 internet connectivity via the NIO

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-ios-dns-name-servers/[4/12/2015 7:27:03 PM]

Configuring Cisco IOS DNS Name Servers | Free CCNA Workbook

cloud by pinging 4.2.2.2


Configure R1 to use the DNS Servers 4.2.2.2 and 4.2.2.4
Verify that R1 is properly resolving names to IP Addresses by pinging google.com

Lab Instruction
Objective 1. Ensure that R1 has obtained a DHCP address from your internet gateway and verify that R1 internet connectivity via
the NIO cloud by pinging 4.2.2.2
R1#show ip interface brief FastEthernet0/0
Interface
IP-Address
OK? Method Status
FastEthernet0/0
192.168.2.8
YES DHCP
up
R1#ping 4.2.2.2

Protocol
up

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/38/112 ms
R1#

Objective 2. Configure R1 to use the DNS Servers 4.2.2.2 and 4.2.2.4


R1#configure terminal
Enter configuration commands, one per line.
R1(config)#ip name-server 4.2.2.2 4.2.2.4
R1(config)#end
R1#

End with CNTL/Z.

Objective 3. Verify that R1 is properly resolving names to IP Addresses by pinging google.com


Read Me
In the initial configuration for this Lab, R1s FastEthernet0/0 interface is configured as DHCP. If the default gateway on your network
is setup as a DNS proxy server then the R2 will use your default gateway for DNS resolution over the configured name-servers as
shown below; However if FastEthernet0/0 is statically configured then R2 will use the specified name-servers.
R1#ping google.com
Translating "google.com"...domain server (192.168.2.1) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 72.14.204.104, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/35/56 ms
R1#

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-ios-dns-name-servers/[4/12/2015 7:27:03 PM]

Next Lab

Configuring Cisco IOS DNS Name Servers | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-cisco-ios-dns-name-servers/[4/12/2015 7:27:03 PM]

The Basics of Internet Protocol Version 6 (IPv6) | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

The Basics of IPv6

Its a brave new world out there and sadly were running out of IPv4 address space. This information lab will discuss
thew basics of the next generation IP addressing scheme known as Internet Protocol version 6 (IPv6).

Real World Application & Core Knowledge


The huge data communications network that wraps around our planet which is known as the Internet is considered by many one of
mankinds greatest invention and accomplishments. The ability to share information from any location on the planet to any other
location within within seconds has changed the way we live since the days of messengers riding horses through rough lands to
deliver a letter. However since the dawn of the internet we have been faced with many challenges and yet we as a race have created
solutions to proceed forward. While these solutions sometimes are not permanent, but rather band-aid like it still serves its purpose
for technological evolution. After all trial and error is how we learn right? If you attempt to complete a task and fail you try again until
youve succeeded.
In the early days of the birth of the internet, IP version 4 was thought to be inexhaustible. After all who in those days could ever see
4.3 billions logical addresses ever used. Sadly when the internet was young many people did not envision a PC in every home and
access to the internet on every cell phone which today has pushed the IPv4 address space on the brink of exhaustion.
In the early 1990s various experts noticed that the IPv4 address space was being allocated at an alarming rate and calculated
exhaustion within years. A new IP addressing scheme known as IP Next Generation (IPng) was in its early development stages
however it was noted that standardizing such proposed solutions would take considerable time. So therefore such alarming
allocations of IPv4 address space gave birth to Network Address Translation (NAT); Also known as the band-aid of IPv4. When
deployed in a Port Address Translation manner (a type of NAT) it allowed for many internal IP private addresses (RFC1918
Addressing) to be translated to a single outside address thus easing the demand on the IPv4 address space.
This ultimately slowed down the allocations of the IPv4 address space but did not stop it. NAT in and of its self has become a

http://www.freeccnaworkbook.com/workbooks/ccna/the-basics-of-internet-protocol-version-6-ipv6/[4/12/2015 7:27:21 PM]

The Basics of Internet Protocol Version 6 (IPv6) | Free CCNA Workbook

standard in todays modern networks. In todays world you will have a hard time finding a network that does not utilize Network
Address Translation in one way or another. As the internet continues to grow day after day with the addition of new cellular devices,
tablets, wireless devices and IP enabled smart home which allows you to control several aspects of your home appliances such
lights, refrigerators, heating and air conditioning equipment and more the requirement for IP addressing will continue to grow.
There are several parts of the world that use layers and layers upon Network Address Translation because there simply is not
enough IPv4 address space for everyone. China alone can easily consume over a quarter of the IPv4 address space and still not
have enough addressing to cover all devices in the country. The same applies to India.
The standards of IPv6 were completed several years ago and it is only recently that companies and organizations have taken interest
into migrating from IPv4 to IPv6. One of the two driving factors of a global IPv6 migration is that Network Address Translation stifles
innovation in areas such as peer-to-peer networking, grid computing, end-to-end security, global quality of service guarantees and
internet access through mobile devices such as cell phones and tablets.
IPv4 us made up of a 32-bit number represented by 4 decimal octets and has a maximum address space of roughly 4.3 billion
addresses. IPv6 on the other hand uses a 128-bit address making 340 trillion trillion trillion IP addresses available. to be exact the
number is;
340,282,366,920,938,463,463,374,607,431,768,211,456
In a nut shell that is enough IP address space to assign an entire IPv4 address space (4.3 billion IP addresses) to every man woman
and child and barely put a dent in the IPv6 address space.
There are approximately 79,135,434,167,660,000,000,000,000,000 IPv4 address spaces (4.3 billion) in the entire IPv6 address
space.
IPv6 addresses are different then IPv4 address in many ways and not just in length. You should already know the representation of
the IPv4 address which is a 32-bit number represented by a 4 decimal octet number such as 192.168.21.82. IPv6 however is
represented by a HEX address such as; 2002:1834:0110:0394:AF3E:2501:36FF:0A0B
That is going to be quite a hard number to memorize, IPv6 will rely heavily on DNS (Domain Name System) in the future which
translates names to IP addresses. such as ipv6.google.com to 2001:4860:b002:0000:0000:0000:0000:0068
There are a two representation rules that will help make engineers lives so much easier when dealing with IPv6 addressing. The first
one being concatenation of the IPv6 address. This gives an engineer the ability to collapse an IPv6 address to a shorter, easier to
write IPv6 address. The basic rule states that the multiple zeros in any 16-bit segment do not have to be written and if any 16-bit
segment has fewer then four hexadecimal digits it is then assumed that the missing digits are leading zeros and can collapsed to
using the double semicolon :: However this method can only be used ONCE.
For an example; 2001:1934:0101:0000:0000:0000:0000:0035 can be shorted to 2001:1934:0101::35
The placement of the double semicolon does not matter as long as it is used only once. Take for example the following IPv6 address;
2001:A0D3:0000:0000:0343:0000:0000:0323 can be represented as either;
2001:A0D3::0343:0000:0000:0323 or 2001:A0D3:0000:0000:0343::0323
If you use the double Semicolon more then once it can invalidate the IP address in a way that multiple IP Addresses can be derived
from it. For example;
2001:A0D3::0343::0323 can be any translated to any of the following addresses;

http://www.freeccnaworkbook.com/workbooks/ccna/the-basics-of-internet-protocol-version-6-ipv6/[4/12/2015 7:27:21 PM]

The Basics of Internet Protocol Version 6 (IPv6) | Free CCNA Workbook

2001:A0D3:0000:0343:0000:0000:0000:0323
2001:A0D3:0000:0000:0343:0000:0000:0323
2001:A0D3:0000:0000:0000:0343:0000:0323

Some IPv6 addresses can be shorted to as little as 5 hexadecimal characters. For example;
ff01:0000:0000:0000:0000:0000:0000:0005 can be written as ff01::5
The second rule that allows an engineer to shorten the written notation of an IPv6 address is the ability to not write leading 0s in an
IP address. For example; 2001:A0D3:0032:0000:0000:0000:0000:0023 can become 2001:A0D3:32:0000:0000:0000:0000:23 and
can be further shortened with the double semicolon to 2001:A0D3:32::23
Keep in mind when using this method that trialing zeros CANNOT be omitted in written notation as this would change the absolute
number of the IP Address. For a basic example; HEX: A0 is 160 in decimal format. If you omit off the trailing zero to A it then
becomes 10 and not 160 thus changing the number.
IPv6 has three different types of addressing as listed below;
Unicast
Multicast
Anycast

Unlike IPv4, IPv6 does not utilize broadcast. There is however an all nodes multicast address which serves the same purpose as
the broadcast address.
As you should know, a Unicast address is an address that identifies a single device. The general format of an IPv6 address goes;

48bit Global Routing Prefix (Network Portion)


16 bit Subnet ID (Network Portion)
64 Bit Interface ID (Host Portion)
The host portion of an IPv6 address is called the Interface ID. Keep in mind a single interface can have multiple IPv6 addresses
unlike IPv4 which can have a single primary IP address and multiple secondary addresses which pose several limitations in routing
protocols.
IANA and the Regional Internet Registries such as RIPE, LACNIC and ARIN typically assign /48 IPv6 address allocations to the Local
Internet Registries which include large ISPs such as AT&T, Level3, Verizon and so on which in turn allocate smaller allocations to
customers. However some ISPs can be assigned a larger prefix then a /48 if the customer is extremely large.
In IPv6 addressing a single subnet is represented as /64 address. From an addressing stand point think of the IPv6 /64 as the
common IPv4 /24.
There are several types of IPv6 addresses that are currently standardized. As a CCNA you should know these address types as
given below;
Address Type
Bits (Binary)
HEX Representation
-------------------------------------------------------------------Unspecified
00...0
::/128

http://www.freeccnaworkbook.com/workbooks/ccna/the-basics-of-internet-protocol-version-6-ipv6/[4/12/2015 7:27:21 PM]

The Basics of Internet Protocol Version 6 (IPv6) | Free CCNA Workbook

Loopback
Multicast
Link-Local Unicast
Site Local Unicast
(Depreciated)
Global Unicast
(Currently Allocated)
Reserved (Future Use)

00...1
11111111
1111111010
1111111011

::1/128
FF00::/8
FE80::/10
FEC0::/10

001

2xxx::/ or 3xxx::/4

Everything Else

IPv6 AnyCast Addresses is an address that represents a service rather then a device. For example a service can reside on multiple
servers which but is represented by a single AnyCast address. In which case the closest Server logically to the traffic source would
be used. For example A Single PC on a network segment is trying to reach a particular DNS Server. When the PC attempts to
communicate to the AnyCast address the router will route the source traffic to the destination that is closest to the source. Server 1
has a metric of 20, Server 2 has a metric of 30 and Server 3 would have a metric of 40 then the source PC would be routed to Server
1.
This provides an advantage that PCs will always use the closest services oriented devices such as DNS, NTP, WINS, Proxy server,
etc.. anything that can be stored in a data center technically. This also gives the ability to ensure facility redundancy. For example
you have 2 DNS servers in a single data center and that data center catches fire, you do not lose youre entire DNS infrastructure
which applications can rely heavily upon.
IPv6 multicast addresses are similar to their predecessor IPv4 Multicast addresses. A Multicast address does not identify a single
device but a group of devices. For example when a single PC attempts to join a multicast group to receive streaming video traffic.
The server sends to the same IP address however the network devices throughout the network route that traffic to PCs that have
joined that group. This solves the requirement of one-to-one communications when dealing with single source to multiple destination
scenario. (A Server sending to multiple clients) Traditionally the Server would have to send a single unicast stream to every single
client and if this stream perhaps is a compressed 1080P HD video stream then the bandwidth required would be around 9Mbps per
every unicast device. If the server only had a 1Gbps connection to the network then it would max out at around 100 clients.
However, when using multicast the server only needs to send a single 9Mbps compressed HD video stream to a multicast group
address as the destination and any PC that has joined the multicast group can receive the stream.
Examples of well known multicast group destinations are given below;
Address
Multicast Group
-----------------------------------FF02::1
All Nodes
FF02::2
All Routers
FF02::5
OSPFv3 Routers
FF02::6
OSPFv3 DR's
FF02::9
RIPng Routers
FF02::A
EIGRP Routers
FF02::B
Mobile Agents
FF02::C
DHCP Servers
FF02::D
All PIM Routers

When an IPv6 host first becomes active on a link that is a broadcast link such as Ethernet, it has the ability to auto-configure an IPv6
address. The first step in the process to determine the 64bit interface ID portion of the IPv6 address is a mechanism called MAC-toEUI64. In a nut shell, this takes the 48-bit Media Access Control (MAC) address of an interface which is assumed to be globally
unique and converts it into a 64-bit interface id by inserting a reserved 16-bit value of 0xFFFe into the middle of the MAC address
and flipping the Universal/Local bit of the MAC address to 1, which represents universal.
First off lets look at the MAC address in detail, Well use the following example; 0019.B941.E3E3 which is represented in Binary as;

00000000.00011001.10111001.01000001.11100011.11100011

http://www.freeccnaworkbook.com/workbooks/ccna/the-basics-of-internet-protocol-version-6-ipv6/[4/12/2015 7:27:21 PM]

The Basics of Internet Protocol Version 6 (IPv6) | Free CCNA Workbook

The UL Bit (Universal/Local) bit is the 7 most significant bit starting at the beginning of the MAC address. So when you flip the 7th bit
of the MAC address it becomes;
00000010.00011001.10111001.01000001.11100011.11100011 = 0219.B941.E3E3
Now to finish the MAC-to-EUI64 conversion youll place 0xFFFE in the middle of the address as shown below;

0219.B9FF.FE41.E3E3
Now you have an MAC-to-EUI64 auto-configured Host ID Portion of the IPv6 address but of course this is only half of the IPv6
address. If you look back to the IPv6 address types youll see Link-Local addressing which is 0xFF80::/64. This is the address that
will be used in the auto-configuration.
So effectively the MAC-to-EUI64 portion 0219.B9FF.FE41.E3E3 becomes the IPv6 auto-configured address of;
FE80::219.B9FF.FE41.E3E3/64
The MAC address is considered to be globally unique but as with any IPv6 address assignment(s) the IPv6 address much undergo a
duplicate address detection mechanism. When a device is assigned an IPv6 address it will send a Neighbor Solicitation (NS) to the
solicited-node multicast address (FF02:0:0:0:0:1:FF00::/104) with the last 24bits of the configured IPv6 address prepended onto the
address. For example; in the previous MAC-to-EUI auto-configured device example, the device would send a NS to
FF02::1:FF01:E3E3. If a device receives a Neighbor Solicitation that is destined to an IP Address assigned to a local interface it will
respond with a Neighbor Advertisement (NA) with the target address and the destination address set to the tentative address. When
the originating node receives the NA, it knows that the tentative address is a duplicate and cannot be used.
The MAC-to-EUI64 auto-configuration mechanism raises many privacy concerns such due to the fact that the MAC address is
assumed to be globally unique it can be used to track an individual as the device moves from subnet to subnet or even ISP to ISP.
This gives someone the ability to determine rather or not youre at work or if youre at a coffee shop or a wireless hot spot. Further
investigations into traffic can be used to log your locations at specific times such as when youre at home, when youre traveling,
when youre working etc
RFC3041 addresses this security concern by defining the IPv6 privacy addresses An IPv6 privacy address is an address in which
the Interface ID is generated by an algorithm using a pseudo-random number. What makes this so practical is that interface ID (last
64bits of the IPv6 address) changes approximately once a day or on a configured timer period and also whenever the device
acquires a new IPv6 prefix.
Subnetting in IPv6 is much like subnetting IPv4 and the number of host per subnet is insanely larger but when you think of it on terms
of multiples of /64 then it should all click. A Host is represented as a /128 and a subnet is represented as /64. For example you have
a single /63 subnet assigned to you by your ISP which is 2001:1::/63. This subnet has two /64 subnets which are 2001:1:0:0::/64 and
2001:1:0:1::/64. If youve been assigned the 2001:1::/62 subnet then you have four /64 subnets which include; 2001:1:0:0::/64,
2001:1:0:1::/64, 2001:1:0:2::/64 and 2001:1:0:3::/64.
When thinking in terms of routing protocols, general the next hop is the interface assigned unicast IP address of the router in which
the traffic is passed to in the transit path however IPv6 changes that. When subnets are advertised from router to router, the next
hop address is not the configured unicast address but rather the Link Local address of the router as the next hop.
For example, R1 has Fa0/0 configured using the IPv6 address 2001:1::1/64 and R2 has the Fa0/0 interface configured with IP
address 2001:2::2/64 and both routers have RIPng (RIP Next Generation for IPv6) configured on their FastEthernet0/0 interfaces.
When viewing the routing table on R1 to see the next hop to 2001:2::2, the next hop is R2s Fa0/0 link-local IP address;
FE80::20D:29FF:FED1:D460

http://www.freeccnaworkbook.com/workbooks/ccna/the-basics-of-internet-protocol-version-6-ipv6/[4/12/2015 7:27:21 PM]

The Basics of Internet Protocol Version 6 (IPv6) | Free CCNA Workbook

You will go further into depth with the IPv6 dynamic routing protocols throughout the next few labs.

Lab Review Questions


1.Write the following IPv6 address into short hand notation: 2001:0012:0000:0000:00AB:0000:0000:09FB
2.What bit in the MAC address is the Universal/Local bit?
3.The ISP has allocated the following subnet to you; 2001:0BAD:BEEF:3200::/62. You must subnet this network into four /64
networks. What are the four /64 subnet addresses that can be derived from the ISP allocated subnet?
4.What is the IPv6 Multicast address for the OSPF Designated Routers?
5.What is the bit size of the host portion of an IPv6 address?
6.Approximately how many addresses are their in the IPv4 and IPv6 Address space(s)?
7.What is the purpose of an the IPv6 Anycast address?
8.What is the representation of the IPv6 Loopback IP address?
9.How is an RFC3041 IPv6 privacy address generated?
10.What would be the default Link-Local IPv6 Address of a Routers FastEthernet0/0 interface if that routers FastEthernet0/0
interface had the MAC address of: 000f.242e.bf80

Lab Review Question Answers


Check out the forums!

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/the-basics-of-internet-protocol-version-6-ipv6/[4/12/2015 7:27:21 PM]

Next Lab

The Basics of Internet Protocol Version 6 (IPv6) | Free CCNA Workbook


Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/the-basics-of-internet-protocol-version-6-ipv6/[4/12/2015 7:27:21 PM]

Configuring IPv6 Interface Addressing | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring IPv6 Interface Addressing

So you know how IPv6 works but how do you assign IPv6 addresses to Cisco Router and Switch interfaces? This lab
will discuss and demonstrate the configuration and verification of IPv6 interface addressing.

Real World Application & Core Knowledge


If youve read Lab 12-1 The Basics of Internet Protocol Version 6 (IPv6) then youre probably tired of reading about all the concepts,
history and such and ready to get into the configuration.
Configuring an IPv6 address is just as easy as configuring an IPv4 address on a Cisco interface; however an understanding of IPv6 is
required. If youre not familiar with IPv6 then its highly recommended that you check out Lab 12-1.
There are several commands that have been ported over to suit the needs of IPv6 on a Cisco router such as show ip interface brief
for ipv6 is show ipv6 interface brief. Also show ip route for IPv6 is now show ipv6 route. You should take the time to experiment and
discover new commands relating to IPv6 by using the Cisco IOS context sensitive help. (The question mark in Cisco IOS)
To configure an IPv6 address on a Cisco interface youll use the ipv6 address X:X:X:X::X/<0-128> command in interface
configuration mode. Note that IPv6 addressing does not use a subnet mask explicitly following the address but uses the CIDR bit
notation. Examples; IPv4 address 10.55.82.23/24, IPv6 Address: 2001:dabd:32bf::1/64. Keep in mind the host ID portion of a IPv6
address is 64 bits in length. (half of the IPv6 IP address)
Auto configuration is one of the big advantages of IPv6, the ability for a node to auto-configure a global unique IPv6 address without
the need of an IPv6 DHCP server is very appealing to businesses looking to same some dime.
Before you dive into configuring IPv6 autoconfig first lets dive more into depth with how it works. IPv6 uses a mechanism called
Neighbor Discovery Protocol (NDP), which gives IPv6 its unique plug-and-play features. NDP performs several functions which are
listed below;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-interface-addressing/[4/12/2015 7:27:44 PM]

Configuring IPv6 Interface Addressing | Free CCNA Workbook

Router Discovery The ability for a node to discover local routers on a network segment without the aid of a DHCP server.
Parameter Discovery The ability for a node to discover link parameters such as MTU and hop limits for its links.
Prefix Discovery The ability for a node to discover the prefix or prefixes assigned to a specific IPv6 link.
Address Autoconfiguration The ability for a node to determine its full unique i address without the aid of a DHCP server.
Duplicated Address Detection (DAD) The ability for a node to determine rather or not an IPv6 address it attempts to use
already exist.
Address Resolution The ability for a node to discover the link-layer addresses of other node(s) on a link without the use of
Address Resolution Protocol (ARP).
Next-Hop Determination The ability for a node to determine the next link-layer hop on a network link; a local node or router
destination.
Neighbor Unreachability Detection The ability for a node to determine when a neighboring device on the network link is no
longer reachable.
Redirect The ability for a router to notify a host that a better path exist to reach a given destination.

Network Discovery Protocol messages should always be link-local originating. To add further security to NDP messages, the hop limit
(IPv6 TTL) of the IPv6 packet carrying all NTP traffic is set to 255. (TTL) to ensure it does not traverse routers.
The Network Discovery Protocol is defined in RFC2461 which uses ICMPv6 to exchange messages required for its functions.
Specifically, five new ICMPv6 messages are defined in RFc2461 which you be aware. These messages which are listed below are
responsible for the operation of NDP;
Router Advertisement (RA) An RA is a message that originates from a Router, (Cisco or non-Cisco) to advertise their
existence on a network link. These RAs also include link parameters and are sent automatically periodically and in response
of a Router Solicitation (RS) message.
Router Solicitation (RS) These messages originate from host nodes to request that any router on the link respond with a RA.
Neighbor Solicitation (NS) These messages are sent from a node requesting the link layer address of another node and also
used by the duplicate address detection and neighbor unreachability detection mechanisms.
Neighbor Advertisement (NA) These messages are sent in response to a NS message. If a node changes its link-layer
address then a NA can be used to send an unsolicited advertisement to advertise its new address.
Redirect These messages are used in the same fashion as IPv4 ICMP redirects however they have been migrated from
ICMP in IPv4 to native operation NDP which uses ICMPv6 to function.

To configure IPv6 stateless auto configuration on an interface you first much configure the router to advertise its connected prefix on
the link using the NDP Router Advertisement (RA) message(s). Without this advertisement the host on the network link will not know
what address to autoconfig to.
To configure a Cisco router to advertise an IPv6 prefix out an Ethernet interface for neighbor IPv6 auto configuration you must first to
enable IPv6 unicast routing on that router by executing the ipv6 unicast-routing command in global configuration. After IPv6 unicast
routing is enabled you can then continue to configure the advertised prefixed by using the ipv6 nd prefix x:x:x:x::/x command in

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-interface-addressing/[4/12/2015 7:27:44 PM]

Configuring IPv6 Interface Addressing | Free CCNA Workbook

interface configuration mode. Once the prefix is configured the router will advertised the interface prefix specified in the Network
Discovery Protocol (NDP) Router Advertisements (RA)s periodically and upon receipt of a Router Solicitation (RS).
In this lab you will configure the FastEthernet0/0 interfaces of R1 and R2 whereas R1 will have a statically configured global unique
IPv6 unicast address and R2 will auto configure its global unique IPv6 address on the link.
Familiarize yourself with the following new command(s);

Command

Description

ipv6 unicast-routing

This command when executed in global configuration mode to enable IPv6 Unicast routing on a
Cisco router and/or Switch.

ipv6 address X:X:X:X::X/

This command when executed in interface configuration mode sets an IPv6 address on the
specified interface.

ipv6 address autoconfig

This command when executed in interface configuration mode configures that specific interface
to autoconfig its IPv6 address based on prefix advertisements from routers on that network
segment.

ipv6 nd prefix x:x:x:x::/x

This command when executed in interface configuration mode configures which prefix or
prefixes to advertise in its IPv6 NDP router advertisements (RAs) which is used by neighboring
nodes to auto configure an IPv6 address.

The following logical topology shown below is used in this lab;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; R1, R2 and SW1.
Establish a console session with devices R1, R2 and SW1 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-interface-addressing/[4/12/2015 7:27:44 PM]

Configuring IPv6 Interface Addressing | Free CCNA Workbook

!##################################################
!# Free CCNA Workbook Lab 12-2 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface FastEthernet0/0
description ### LINK TO LAN ###
no ip address
no shut
exit
!

line con 0
logging sync

no exec-timeout

!##################################################
!
!#
endFree CCNA Workbook Lab 12-2 SW1 Initial Config #

!##################################################
!

enable
configure terminal
!

hostname SW1

no ip domain-lookup
!
interface FastEthernet1/1

description ### LINK TO R1 FA0/0 ###


switchport mode access

switchport access vlan 22

spanning-tree portfast
no shut
exit
!

interface FastEthernet1/2
description ### LINK TO R2 FA0/0 ###

Lab Objectives
switchport mode access

switchport access vlan 22

spanning-tree portfast
no shut
exit

line con 0

Configure R1s FastEthernet0/0 interface with the IPv6 address; 2001:abad:beef::1/64.

logging sync

no exec-timeout

end

Configure R1s FastEthernet0/0 interface to advertise the 2001:abad:beef::/64 prefix in the NDP Router advertisements onto
the Ethernet segment.
Configure R2s FastEthernet0/0 interface to autoconfig its IPv6 global unique unicast address, wait a few minutes and verify
that this interfaces auto configures a global unique IPv6 address.
Verify IPv6 communication between R2 and R1 using ping.

Lab Instruction
Objective 1. Configure R1s FastEthernet0/0 interface with the IPv6 address; 2001:abad:beef::1/64.
R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ipv6 unicast-routing
R1(config)#interface FastEthernet0/0
R1(config-if)#ipv6 address 2001:abad:beef::1/64
R1(config-if)#no shut

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-interface-addressing/[4/12/2015 7:27:44 PM]

Configuring IPv6 Interface Addressing | Free CCNA Workbook

R1(config-if)#

Objective 2. Configure R1s FastEthernet0/0 interface to advertise the 2001:abad:beef::/64 prefix in the NDP Router advertisements
onto the Ethernet segment.
R1(config-if)#ipv6 nd prefix 2001:abad:beef::/64
R1(config-if)#end
R1#
Objective 3. Configure R2s FastEthernet0/0 interface to autoconfig its IPv6 global unique unicast address, wait a few minutes and
verify that this interfaces auto configures a global unique IPv6 address.
R2>enable
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface FastEthernet0/0
R2(config-if)#ipv6 address autoconfig
R2(config-if)#no shut
R2(config-if)#end
R2#
R2#show ipv6 interface FastEthernet0/0
FastEthernet0/0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::C800:7FF:FE14:8
No Virtual link-local address(es):
Description: ### LINK TO LAN ###
Stateless address autoconfig enabled
Global unicast address(es):
2001:ABAD:BEEF:0:C800:7FF:FE14:8, subnet is 2001:ABAD:BEEF::/64
[EUI/CAL/PRE]
valid lifetime 2591992 preferred lifetime 604792
Joined group address(es):
FF02::1
FF02::2
FF02::1:FF14:8
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 37387)
ND advertised reachable time is 0 (unspecified)
ND advertised retransmit interval is 0 (unspecified)
ND router advertisements are sent every 200 seconds
ND router advertisements live for 1800 seconds
ND advertised default router preference is Medium
Hosts use stateless autoconfig for addresses.
Objective 4. Verify IPv6 communication between R2 and R1 using ping.
R2#ping ipv6 2001:abad:beef::1 source FastEthernet0/0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:ABAD:BEEF::1, timeout is 2 seconds:
Packet sent with a source address of 2001:ABAD:BEEF:0:C800:7FF:FE14:8
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/77/268 ms
R2#

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-interface-addressing/[4/12/2015 7:27:44 PM]

Next Lab

Configuring IPv6 Interface Addressing | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-interface-addressing/[4/12/2015 7:27:44 PM]

Configuring IPv6 Static Routing | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring IPv6 Static Routing

Once you have a basic understanding of IPv6 and configuring IPv6 interfaces you can then build networks using static
routes! This lab will discuss and demonstrate the configuration and verification of IPv6 static routing.

Real World Application & Core Knowledge


If you completed Labs 12-1 The Basics of Internet Protocol Version 6 (IPv6) and Lab 12-2 Configuring IPv6 Interface Addressing
then you should have a solid foundational understanding IPv6. Now its time to move into IPv6 routing technologies.
The IPv6 routing technologies that will be discussed and demonstrated in the Free CCNA Workbook includes IPv6 static routing,
RIPng (Routing Information Protocol next generation) and OSPFv3 (Open Shortest Path First version 3).
You will learn two types of IPv6 static routes in this lab which are the standard administrative static routes where you have the ability
to set the administrative distance following the route statement as well as default static routes used as a last resort route if no
particular route exist for a destination of incoming traffic.
Before you can configure IPv6 routing on a Cisco router you must first enable the Cisco router to route IPv6 by executing the
command ipv6 unicast-routing in global configuration mode.
IPv6 static routing is much like IPv4 static routing so if you need to review IPv4 static routing then take a look back at Lab 6-1
Configuring Static Routing.
Unlike IPv4 static routing, with IPv6 you have the ability to use either the global unicast address or link-local address as the next hop
in the static route statement. When working with IPv6 dynamic routing protocols which will be discussed in the next 2 labs, the next
hop will be the neighbors link-local IPv6 address and not their global unique assigned ipv6 address. However when configuring a
static route with a link-local IPv6 address as the next hop you must specify the egress interface. For all intensive purposes, using
either/or will achieve the same desired effect.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-static-routing/[4/12/2015 7:28:04 PM]

Configuring IPv6 Static Routing | Free CCNA Workbook

When configuring an IPv6 static route youll use the ipv6 route X:X:X:X::/X X:X:X:X::X whereas the first IPv6 address in the static
route statement is the network and the 2nd IPv6 address is the next hop in the transit path to reach that network. You also have the
ability to assign the IPv6 static route an administrative distance the same way you would assign administrative distance to an IPv4
static route by following the route statement with an administrative distance (1-254). Keep in mind the administrative distance of 255
is considered unreachable. An example of an IPv6 static route using an administrative distance of 224 is; ipv6 route
2001:ABC:123:FADE::0/64 2001:ABAD:BEEF:1234::1 224. Keep in mind when using an IPv6 link-local address as the next hop you
must specify the egress (exiting) interface. I.e; ipv6 route 2001:ABC:123:FADE::0/64 Serial0/1 FE80::C800:10FF:FE1C:8 224.
Looking back at 12-1, youll see in the chart provided that the unspecified network is represented as ::/0. This is the same concept
as the IPv4 0.0.0.0/0 address. You can configure an IPv6 static default route by using ::/128 as the destination network followed by
the next-hop. I.e; ipv6 route ::/128 2001:ABAD:BEEF:1234::1 200
In this lab you will configure a static route on R1 to reach R2s Loopback0 network using R2s Serial0/1 IPv6 link-local address as the
next-hop then configure a default IPv6 route on R2 using R1s Serial0/1 IPv6 link-local address as the next-hop.
Familiarize yourself with the following new command(s);

Command

Description

ipv6 route x:x:x:x::0/1-128


egress-interface
x:x:x:x:x:x:x:x

This command when executed in interface configuration mode sets an IPv6 address on the
specified interface. The syantax is ipv6 route network egress interface next-hop ipv6 address.

The following logical topology shown below is used in this lab;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start device(s); R1 and R2
Establish a console session with device(s) R1 and R2 than load the initial configurations provided below by copying the config
from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-static-routing/[4/12/2015 7:28:04 PM]

Configuring IPv6 Static Routing | Free CCNA Workbook

!##################################################
!# Free CCNA Workbook Lab 12-3 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
!
interface Loopback0
description ### IPv6 SIMULATED NETWORK ###
ipv6 address 2001:ABAD:BEEF:2002::1/64
!

interface Serial0/1
description ### LINK TO FRAME RELAY SWITCH ###
encapsulation ppp

ipv6 address 2001:ABAD:BEEF:1221::2/64

no shut
exit

Lab Objectives
!

line con 0

logging sync
no exec-timeout

end

Configure a static route with the administrative distance of 200 on R1 pointing towards R2s Serial0/1 link-local IPv6 address to
reach the network assigned to R2s loopback0 interface.
Configure a default static route on R2 pointing towards R1s Serial0/1 globally unique IPv6 unicast address to reach all
unknown networks including the network assigned to R1s loopback0 interface.
Verify IPv6 communication between R1s Loopback0 interface and R2s Loopback0 interface using PINGv6.

Lab Instruction
Objective 1. Configure a static route with the administrative distance of 200 on R1 pointing towards R2s Serial0/1 link-local IPv6
address to reach the network assigned to R2s loopback0 interface.
To configure this static route statement you must first obtain the IPv6 link-local address of R2s Serial0/1 interface as shown below;
R2>enable
R2#show ipv6 interface Serial0/1
Serial0/1 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::C800:10FF:FE1C:8
No Virtual link-local address(es):
Description: ### LINK TO FRAME RELAY SWITCH ###
Global unicast address(es):
2001:ABAD:BEEF:1221::2, subnet is 2001:ABAD:BEEF:1221::/64
Joined group address(es):
FF02::1
FF02::1:FF00:2
FF02::1:FF1C:8
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 17988)
R2#

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-static-routing/[4/12/2015 7:28:04 PM]

Configuring IPv6 Static Routing | Free CCNA Workbook

Once youve obtained R2s IPv6 link-local address you can now configure the static route statement on R1 as shown below;
R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#ipv6 unicast-routing
R1(config)#ipv6 route 2001:ABAD:BEEF:2002::0/64 Serial0/1 FE80::C800:10FF:FE1C:8
R1(config)#end
R1#
Objective 2. Configure a default static route on R2 pointing towards R1s Serial0/1 globally unique IPv6 unicast address to reach all
unknown networks including the network assigned to R1s loopback0 interface.
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#ipv6 route unicast-routing
R2(config)#ipv6 route ::/0 2001:ABAD:BEEF:1221::1
R2(config)#end
R2#
Objective 3. Verify that R2s Loopback0 has IPv6 communication to R1s Loopback0 network using ping.
R2#ping 2001:ABAD:BEEF:1001::1 source Loopback0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:ABAD:BEEF:1001::1, timeout
is 2 seconds:
Packet sent with a source address of 2001:ABAD:BEEF:2002::1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/37/68 ms
R2#

Previous Lab

Like

Tweet

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-static-routing/[4/12/2015 7:28:04 PM]

Next Lab

Configuring IPv6 Static Routing | Free CCNA Workbook

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-static-routing/[4/12/2015 7:28:04 PM]

Configuring Basic IPv6 RIPng | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring RIP for IPv6 RIPng

Just like RIP for IPv4 there is also RIP Next Generation which is used to build dynamic routed IPv6 networks. This lab
will discuss and demonstrate the configuration and verification of RIP Next Generation

Real World Application & Core Knowledge


Now that you have a foundational understanding of IPv6 its time to move into the first of the three dynamic routing protocols
discussed in the Free CCNA Workbook for IPv6. RIP Next Generation was created specifically for IPv6.
RIPng operates much like RIPv2, updates are sent every 30 seconds and the route expiration timer is 180 seconds. The default
garbage collection interval is 120 seconds. RIP sends updates to the IPv6 multicast group FF02::9 using port 521 by default.
Configuring RIPng however is a tad bit easier then RIPv2. When configuring RIPng you do not use the network x.x.x.x command in
router configuration mode to specific which interfaces participate in the RIP process anymore. As of RIPng you now configure RIP
interface participation on a Per interface basis.
To configure an interface to participate in RIPng you use the ipv6 rip NAME enable command on a per interface basis. The name
specified in the syntax is a locally significant name used to identify the RIPng process on that router as you can have multiple RIPng
processes on a single router whereas RIP for IPv4 you can only have a single process.
To view the RIPng protocol timers and other related information you use the command show ipv6 rip NAME. To view the RIPng
database youll use the show ipv6 rip NAME database command in user or privileged mode.
There is one new command for IPv6 that is not in RIP for IPv4 which is the show ipv6 rip NAME next-hops command. This command
will display how many routes are are pointing towards each next-hop (neighboring router).
In this lab you will configure RIPng on the frame relay sub-interfaces between R1 & R2 and R2 to R3 to route IPv6 traffic between the

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ipv6-ripng/[4/12/2015 7:28:44 PM]

Configuring Basic IPv6 RIPng | Free CCNA Workbook

simulated IPv6 networks located on the loopback0 interface of each router.


Familiarize yourself with the following new command(s);

Command

Description

show ipv6 rip NAME

This command when executed in interface configuration mode will configure that paticular
interface to participate in the specified RIPng process name.

show ipv6 rip NAME

This command when executed in user or privileged mode will display current RIPng timers and
statistics of the specified RIPng process name.

show ipv6 rip NAME


database

This command when executed in user or privileged mode will display the RIPng data base of
the specified RIPng process name.

show ipv6 rip NAME nexthops

This command when executed in user or privileged mode will display a summary of RIPng
routes per RIPng process name based on their next-hop.

show ipv6 route

This command when executed in user or privileged mode will display the routing table on that
particular device.

The following logical topology shown below is used in this lab;

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start device(s); R1, R2 and R3
Establish a console session with device(s) R1, R2 and R3 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ipv6-ripng/[4/12/2015 7:28:44 PM]

Configuring Basic IPv6 RIPng | Free CCNA Workbook

!##################################################
!# Free CCNA Workbook Lab 12-4 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
ipv6 unicast-routing
!
interface Loopback0
description ### IPv6 SIMULATED NETWORK ###
ipv6 address 2001:ABAD:BEEF:2002::1/64

interface Serial0/0

description ### LINK TO FRAME RELAY SWITCH ###


no ip address

encapsulation frame-relay

!##################################################
no frame-relay inverse-arp
!#
Free CCNA Workbook Lab 12-4 R3 Initial Config
exit

!##################################################
!
!
interface Serial0/0.221 point-to-point
enable
description ### LINK TO R1 ###

configure
terminal
ipv6 address
2001:ABAD:BEEF:1221::2/64
!frame-relay interface-dlci 221
hostname
R3
exit

no ip domain-lookup
!

ipv6 unicast-routing
interface
Serial0/0.223 point-to-point
!description ### LINK TO R3 ###

interface
Loopback0
ipv6 address
2001:ABAD:BEEF:2332::2/64

description interface-dlci
### IPv6 SIMULATED
frame-relay
223 NETWORK ###

ipv6 address 2001:ABAD:BEEF:3003::1/64


exit

interface Serial0/0

description
no
shutdown ### LINK TO FRAME RELAY SWITCH ###
encapsulation frame-relay
exit

!no frame-relay inverse-arp


exitcon 0
line

Lab Objectives
!logging sync

interface
Serial0/0.322 point-to-point
no exec-timeout

!description ### LINK TO R2 ###

ipv6 address 2001:ABAD:BEEF:2332::3/64


end
frame-relay interface-dlci 322

exit
!

Enable RIPng on R1s Loopback0 and Serial0/0.122 interfaces using the RIPng process name FREE.

interface Serial0/0
no shutdown
exit
!

Enable RIPng on R2s Loopback0, Serial0/0.221 and Serial0/0.223 interfaces using the RIPng process name CCNA.

line con 0

logging sync
no exec-timeout

Enable RIPng on R3s Loopback0 and Serial0/0.322 interfaces using the RIPng process name WORKBOOK.

!
end

Verify that IPv6 the route to R1s Loopback0 network exists in the R3s IPv6 routing table with a next-hop of R2s Serial0/0.223
link-local IPv6 address.
Verify IPv6 communication by pinging R1s Loopback0 interface from R3s Loopback0 interface.

Lab Instruction
Objective 1. Enable RIPng on R1s Loopback0 and Serial0/0.122 interfaces using the RIPng process name CCNA.
R1>enable
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#interface loopback0
R1(config-if)#ipv6 rip FREE enable
R1(config-if)#interface Serial0/0.122

End with CNTL/Z.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ipv6-ripng/[4/12/2015 7:28:44 PM]

Configuring Basic IPv6 RIPng | Free CCNA Workbook

R1(config-subif)#ipv6 rip FREE enable


R1(config-subif)#end
R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#

Objective 2. Enable RIPng on R2s Loopback0, Serial0/0.221 and Serial0/0.223 interfaces using the RIPng process name CCNA.
R2>enable
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#interface loopback0
R2(config-if)#ipv6 rip CCNA enable
R2(config-if)#interface Serial0/0.221
R2(config-subif)#ipv6 rip CCNA enable
R2(config-if)#interface Serial0/0.223
R2(config-subif)#ipv6 rip CCNA enable
R2(config-subif)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#
Objective 3. Enable RIPng on R3s Loopback0 and Serial0/0.322 interfaces using the RIPng process name WORKBOOK.
R3>enable
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#interface loopback0
R3(config-if)#ipv6 rip WORKBOOK enable
R3(config-if)#interface Serial0/0.322
R3(config-subif)#ipv6 rip WORKBOOK enable
R3(config-subif)#end
R3#
%SYS-5-CONFIG_I: Configured from console by console
R3#
Objective 4. Verify that IPv6 the route to R1s Loopback0 network exists in the R3s IPv6 routing table with a next-hop of R2s
Serial0/0.223 link-local IPv6 address.
R3#show ipv6 route 2001:ABAD:BEEF:1001::/64
Routing entry for 2001:ABAD:BEEF:1001::/64
Known via "rip WORKBOOK", distance 120, metric 3
Route count is 1/1, share count 0
Routing paths:
FE80::C800:11FF:FE84:8, Serial0/0.322
Last updated 00:01:22 ago
R3#
As shown above in R3s routing table; the route to the 2001:ABAD:BEEF:1001::/64 network shows a next hop of
FE80::C800:11FF:FE84:8 via Serial0/0.322. Immediately you should recognize that this address is a link-local address as it begins
with FF80. You can further verify that this is R2s Serial0/0.223 link-local address by using the show ipv6 interface Serial0/0.223
command on R2 as shown below. Notice that the underlined link-local addresses from R3s routing table and R2s Serial0/0.223
interface match.
R2#show ipv6 interface Serial0/0.223
Serial0/0.223 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::C800:11FF:FE84:8
No Virtual link-local address(es):
Description: ### LINK TO R3 ###
Global unicast address(es):
2001:ABAD:BEEF:2332::2, subnet is 2001:ABAD:BEEF:2332::/64

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ipv6-ripng/[4/12/2015 7:28:44 PM]

Configuring Basic IPv6 RIPng | Free CCNA Workbook

Joined group address(es):


FF02::1
FF02::2
FF02::9
FF02::1:FF00:2
FF02::1:FF84:8
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 36654)
Hosts use stateless autoconfig for addresses.
R2#
Objective 5. Verify IPv6 communication by pinging R1s Loopback0 interface from R3s Loopback0 interface.
R3#ping 2001:ABAD:BEEF:1001::1 source loopback0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:ABAD:BEEF:1001::1, timeout is 2 seconds:
Packet sent with a source address of 2001:ABAD:BEEF:3003::1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/29/64 ms
R3#

Previous Lab

Like

Next Lab

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

GNS3 - Cisco Device Emulator


Download
Reddit.com CCNA Community

The website was founded in late 2009


1 month ago
Who in their right

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ipv6-ripng/[4/12/2015 7:28:44 PM]

Configuring Basic IPv6 RIPng | Free CCNA Workbook

with the goal of providing FREE Cisco


CCNA labs that can be completed using
the GNS3 platform.

mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ipv6-ripng/[4/12/2015 7:28:44 PM]

Configuring Basic IPv6 OSPFv3 | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

OSPF for IPv6 OSPFv3

OSPF is very common among IPv4 networks and also has a newer version known as OSPFv3 to work with IPv6. This
lab will discuss and demonstrate the configuration and verification of OSPF version 3.

Real World Application & Core Knowledge


In the real world many companies use multiple vendors when it comes to networking equipment such as Cisco, Juniper, Adtran and
others and with multi-vendor solution requires a multi-vendor supported routing protocol. OSPFv3 (Open Shortest Path First version
3) is sets the industry standard as an interior dynamic gateway routing protocol. Since OSPF is an industry standard it is supported
on nearly every routing platform from any vendor.
OSPF has since been ported from IPv4 to IPv6 with OSPFv3. Most of the concepts and rules remain the same including stub areas,
backbone area, default information-originate and more. If you need to review OSPF take a look back at the CCNA Workbook Section
9.
However there are a few changes as to configuring OSPFv3 vs OSPF for IPv4. Instead of using the network x.x.x.x wc.wc.wc.wc
area # command in ospf router configuration mode you now configure OSPFv3 on a per interface basis using the ipv6 ospf procid#
area area# command in interface configuration mode.
There are many reasons as to why youd need to get into OSPFv3 router configuration mode such as configuring the router-id or
setting the default information or distribute list. In which case youll use the ipv6 router ospf procid# command in global configuration
mode. However keep in mind the network command does not exist in OSPFv3.
Also if you think back to OSPF for IPv4 youll remember that the OSPF Router-ID is determined by the highest IPv4 address on a
loopback or physical interface if it is not statically configured. When working with a strictly IPv6 network, youll need to statically set
an OSPFv3 Router-ID by using the router-id x.x.x.x command in IPv6 ospf router configuration mode.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ipv6-ospfv3/[4/12/2015 7:29:18 PM]

Configuring Basic IPv6 OSPFv3 | Free CCNA Workbook

Many of the verification commands for OSPF have also been ported to IPv6 such as the show ipv6 ospf neighbor, show ipv6 ospf
interface and show ipv6 ospf database commands.
To view important OSPFv3 information such as the current timers, router-id, reference bandwidth youll need to use the show ipv6
ospf procid# command in user or privileged mode.
In this lab you will configure OSPFv3 Area 0 on the frame relay sub-interfaces between R1 & R2 and R2 to R3 and Areas 1, 2 and 3
on the loopback interfaces of each router. Upon completion you should be able to route IPv6 traffic between the simulated IPv6
networks located on the loopback0 interface of each router.
Familiarize yourself with the following new command(s);

Command

Description

ipv6 ospf procid# area


areaid#

This command when executed in interface configuration mode enables OSPFv3 per specified
process id and area id.

ipv6 router ospf procid#

This command when executed in global configuration mode places you into IPv6 OSPF
(OSPFv3) router configuration mode where you can configure the router-id, distribute list,
default information options and more.

router-id x.x.x.x

This command is executed in OSPFv3 router configuration mode to statically set a router-id. If
youre in a complete IPv6 network with no IPv4 addresses assigned to any interface on a router
you must have a Router-ID assigned due to OSPF not being able to use the highest IPv4
address assigned to a logical or connected physical interface.

show ipv6 ospf procid#

This command when executed in user or privileged mode will display current timers, router-id
and reference bandwidth.

show ipv6 ospf neighbor

This command when executed in user or privileged mode displays established neighbor
relationships and their router type (DR,BDR, DROTHER)

show ipv6 ospf database

This command when executed in user or privileged mode displays the current OSPFv3
database contents including the sequence number.

The following logical topology will be used for this lab;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ipv6-ospfv3/[4/12/2015 7:29:18 PM]

Configuring Basic IPv6 OSPFv3 | Free CCNA Workbook

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start device(s); R1, R2 and R3
Establish a console session with device(s) R1, R2 and R3 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ipv6-ospfv3/[4/12/2015 7:29:18 PM]

Configuring Basic IPv6 OSPFv3 | Free CCNA Workbook


!##################################################
!# Free CCNA Workbook Lab 12-5 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
ipv6 unicast-routing
!
interface Loopback0
description ### IPv6 SIMULATED NETWORK ###
ipv6 address 2001:ABAD:BEEF:2002::1/64
!

interface Serial0/0
description ### LINK TO FRAME RELAY SWITCH ###
no ip address
encapsulation frame-relay

!##################################################
no frame-relay inverse-arp
!#
Free CCNA Workbook Lab 12-5 R3 Initial Config
exit

!##################################################
!
!
interface Serial0/0.221 point-to-point
enable
description ### LINK TO R1 ###

configure
terminal
ipv6 address
2001:ABAD:BEEF:1221::2/64
!frame-relay interface-dlci 221
hostname
R3
exit

no ip domain-lookup
!

ipv6 unicast-routing
interface
Serial0/0.223 point-to-point
!description ### LINK TO R3 ###

interface
Loopback0
ipv6 address
2001:ABAD:BEEF:2332::2/64

description interface-dlci
### IPv6 SIMULATED
frame-relay
223 NETWORK ###

ipv6 address 2001:ABAD:BEEF:3003::1/64


exit

interface Serial0/0

description
no
shutdown ### LINK TO FRAME RELAY SWITCH ###
encapsulation frame-relay
exit

!no frame-relay inverse-arp


exitcon 0
line

Lab Objectives
!logging sync

interface
Serial0/0.322 point-to-point
no exec-timeout

!description ### LINK TO R2 ###

ipv6 address 2001:ABAD:BEEF:2332::3/64


end
frame-relay interface-dlci 322

exit
!

Configure R1, R2 and R3s OSPFv3 Router-ID according to their router number. I.e; 1.1.1.1

interface Serial0/0
no shutdown
exit
!

Configure R1s Serial0/0.122 & R2s Serial0/0.221 interfaces to participate in OSPF Area 0.

line con 0

logging sync

no exec-timeout

Configure R2s Serial0/0.223 & R3s Serial0/0.322 interfaces to participate in OSPF Area 0.

!
end

Configure R1s Loopback0 interface to participate in OSPF Area 1 and ensure that R1 advertises Lo0 as a /64 subnet and not
a host route (/128).
Configure R2s Loopback0 interface to participate in OSPF Area 2 and ensure that R1 advertises Lo0 as a /64 subnet and not
a host route (/128).
Configure R2s Loopback0 interface to participate in OSPF Area 3 and ensure that R1 advertises Lo0 as a /64 subnet and not
a host route (/128).
Verify that R1s Loopback0 network is in the IPv6 routing table of R3.
Verify that R3s Loopback0 network has IPv6 connectivity to R1s Loopback0 network using PING.

Lab Instruction
Objective 1. Configure R1, R2 and R3s OSPFv3 Router-ID according to their router number. I.e; 1.1.1.1
R1>enable
R1#configure terminal
Enter configuration commands, one per line.
R1(config)#ipv6 unicast-routing
R1(config)#ipv6 router ospf 1
R1(config-rtr)#router-id 1.1.1.1
R1(config-rtr)#exit
R1(config)#

End with CNTL/Z.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ipv6-ospfv3/[4/12/2015 7:29:18 PM]

Configuring Basic IPv6 OSPFv3 | Free CCNA Workbook

R2>enable
R2#configure terminal
Enter configuration commands, one per line.
R2(config)#ipv6 unicast-routing
R2(config)#ipv6 router ospf 1
R2(config-rtr)#router-id 2.2.2.2
R2(config-rtr)#exit
R2(config)#

R3>enable
R3#configure terminal
Enter configuration commands, one per line.
R3(config)#ipv6 unicast-routing
R3(config)#ipv6 router ospf 1
R3(config-rtr)#router-id 3.3.3.3
R3(config-rtr)#exit
R3(config)#

End with CNTL/Z.

End with CNTL/Z.

Objective 2. Configure R1s Serial0/0.122 & R2s Serial0/0.221 interfaces to participate in OSPF Area 0.
R1(config)#interface Serial0/0.122
R1(config-subif)#ipv6 ospf 1 area 0
R1(config-subif)#exit
R1(config)#

R2(config)#interface s1/0.221
R2(config-subif)#ipv6 ospf 1 area 0
R2(config-subif)#
%OSPFv3-5-ADJCHG: Process 1, Nbr 1.1.1.1 on Serial0/0.221 from LOADING
to FULL, Loading Done
R2(config-subif)#exit
R2(config)#
Objective 3. Configure R2s Serial0/0.223 & R3s Serial0/0.322 interfaces to participate in OSPF Area 0.
R2(config)#interface Serial0/0.223
R2(config-subif)#ipv6 ospf 1 area 0
R2(config-subif)#exit
R2(config)#

R3(config)#interface Serial0/0.322
R3(config-subif)#ipv6 ospf 1 area 0
R3(config-subif)#exit
R3(config)#
%OSPFv3-5-ADJCHG: Process 1, Nbr 2.2.2.2 on Serial0/0.322 from LOADING
to FULL, Loading Done
R3(config)#
Objective 4. Configure R1s Loopback0 interface to participate in OSPF Area 1 and ensure that R1 advertises Lo0 as a /64 subnet
and not a host route (/128).
Note: Loopback interfaces have their own OSPF network type in which case OSPF advertises a host route to the loopback interface
and not the configure subnet mask. To change OSPF to advertise the subnet assigned to the loopback interface youll need to
change the network type to point-to-point as shown below;
R1(config)#interface loopback0
R1(config-if)#ipv6 ospf 1 area 1
R1(config-if)#ipv6 ospf network point-to-point
R1(config-if)#end

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ipv6-ospfv3/[4/12/2015 7:29:18 PM]

Configuring Basic IPv6 OSPFv3 | Free CCNA Workbook

R1#
%SYS-5-CONFIG_I: Configured from console by console
R1#
Objective 5. Configure R2s Loopback0 interface to participate in OSPF Area 2 and ensure that R1 advertises Lo0 as a /64 subnet
and not a host route (/128).
R2(config)#interface loopback0
R2(config-if)#ipv6 ospf 1 area 2
R2(config-if)#ipv6 ospf network point-to-point
R2(config-if)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#
Objective 6. Configure R3s Loopback0 interface to participate in OSPF Area 3 and ensure that R1 advertises Lo0 as a /64 subnet
and not a host route (/128).
R3(config)#interface loopback0
R3(config-if)#ipv6 ospf 1 area 3
R3(config-if)#ipv6 ospf network point-to-point
R3(config-if)#end
R3#
%SYS-5-CONFIG_I: Configured from console by console
R3#
Objective 7. Verify that R1s Loopback0 network is in the IPv6 routing table of R3.
R3#show ipv6 route ospf
IPv6 Routing Table - Default - 8 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
OI 2001:ABAD:BEEF:1001::/64 [110/129]
via FE80::C800:DFF:FE0C:8, Serial0/0.322
O
2001:ABAD:BEEF:1221::/64 [110/128]
via FE80::C800:DFF:FE0C:8, Serial0/0.322
OI 2001:ABAD:BEEF:2002::1/128 [110/64]
via FE80::C800:DFF:FE0C:8, Serial0/0.322
R3#
Objective 8. Verify that R3s Loopback0 network has IPv6 connectivity to R1s Loopback0 network using PING.
R3#ping 2001:ABAD:BEEF:1001::1 source loopback0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:ABAD:BEEF:1001::1, timeout
is 2 seconds:
Packet sent with a source address of 2001:ABAD:BEEF:3003::1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/41/104 ms
R3#

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ipv6-ospfv3/[4/12/2015 7:29:18 PM]

Next Lab

Configuring Basic IPv6 OSPFv3 | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-basic-ipv6-ospfv3/[4/12/2015 7:29:18 PM]

Configuring IPv6 Access Control Lists | Free CCNA Workbook

Home

About

Blog

Bootcamp

Workbooks

Stub Lab

Configuring IPv6 Access Control Lists

IPv6 is extremely cool in all but it is not the holy grail of security and you must still use access-list to ensure
infrastructure security. This lab will discuss and demonstrate the configuration and verification of IPv6 access control
lists.

Real World Application & Core Knowledge


So if youve completed the previous 5 labs then you should have a knowledgeable understanding of IPv6 and IPv6 routing
infrastructures. However one thing left to discuss remains of the utter most importance in any network; Security.
In the real world, the ability to prevent machines such as Student PCs in a lab at a university from communicating to Enrollment
Servers or Servers that host the database of the students grades is very important. There are some young students that have a
knowledgeable understanding of SQL injection methods that could easily change their grades or even their finances. Of course the
same could be applied to many companies such as a Hospital for example, you dont want visitor PCs to have the ability to access
Servers that host protected health information about patients which could include identification information such as name, address,
social security number and health information which should remain private. Regardless of the scenario there is ALWAYS a need for
security in a network.
The first line of defense is Access Control List (ACL). When working with Access List keep in mind they are processed top down. So
for example lets say you there is a teacher PC in a classroom that needs to access a server farm however other student PCs are on
the same network and they need to be denied access to the server farm. How can you achieve this desired policy?
Well on the first line of an ACL you can permit the teach PC that has the source address 2001:ABAD:BEEF:1001::5/64 access to
nodes located in the the server farm located in the 2001::ABAD:BEEF:FADE::0/64 network however on the second line you can deny
the network that the teacher PC and student PCs are on which is 2001:ABAD:BEEF:1001::0/64 from accessing the server farm
located at 2001:ABAD:BEEF:FADE::0/64. Since the ACL is processed top down this would permit the teacher PC to access the

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-access-list/[4/12/2015 7:29:38 PM]

Configuring IPv6 Access Control Lists | Free CCNA Workbook

server farm network and deny student PCs on the same source network from accessing servers located in the server farm because
the teacher PC was processed first and permitted.
Configuring an IPv6 ACL is much like configuring an IPv4 ACL however you do not have numbered, standard or extended access-list.
You have single type of IPv6 access list that can function like a standard or extended access-list. For example with a standard IPv4
ACL you can specified permit 10.0.0.0 any and an extended ACL can permit traffic from10.0.0.25 255.255.255.255 to access
10.20.5.81 255.255.255.25 equal to port 80.
With IPv6 ACLs you have the same ability. You can use a standard broad statement that encompass all source traffic to any
destination or you can get granular with the ACL statements and permit specific host to specific destinations based on source and
destination port numbers.
To configure an IPv6 access list youll use the ipv6 access-list NAME command in global configuration. From there youll be placed
into IPv6 access-list configuration mode where you have the ability to specify the ACL statements. an example is given below;
R1(config)#ipv6 access-list EXAMPLE_IPv6_ACL
R1(config-ipv6-acl)#sequence 10 permit 2001:ABAD:BEEF:1221::/64 any
R1(config-ipv6-acl)#sequence 20 deny tcp host 2001:ABAD:BEEF:2345::1 host
2001:ABAD:BEEF:1212::1 eq www
R1(config-ipv6-acl)#
As with any ACL you have the ability to assign the ACL to a particular interface in a particular direction, ingress or egress. (incoming
or outgoing). Assigning an IPv6 access list to an interface is different then its processor. When assigning an IPv4 access list to an
interface you used the ip access-list ACL_NAME in|out command in interface configuration mode. To assign an IPv6 ACL to an
interface youll use the ipv6 traffic-filter ACL_NAME in|out command in interface configuration mode.
You can view current ACL statistics by using the show ipv6 access-list command in user or privileged mode.
Familiarize yourself with the following new command(s);

Command

Description

ipv6 access-list NAME

This command when executed in interface configuration mode enables OSPFv3 per specified
process id and area id.

sequence seq#

This command is executed in IPv6 access-list configuration mode to insert a new sequence
number in the list. You can delete or add ACL lines in specific spots of the ACL using sequence
numbers.

ipv6 traffic-filter ACL_NAME


in|out

This command when executed in interface configuration mode will apply an Access Control List
on an interface in an ingress or egress direction of the interface.

show ipv6 access-list

This command can be executed in user or privileged mode to view current Access Control List
entries and statistics.

In this lab you will configure an Access-list on R2 to prevent traffic sourced from R1s loopback interface destined to R3s loopback0
interface be denied on port 80 and permit all other traffic.
The following logical topology will be used for this lab;

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-access-list/[4/12/2015 7:29:38 PM]

Configuring IPv6 Access Control Lists | Free CCNA Workbook

Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start device(s); R1, R2 and R3
Establish a console session with device(s) R1, R2 and R3 than load the initial configurations provided below by copying the
config from the textbox and pasting it into the respected routers console.

!##################################################
!# Free CCNA Workbook Lab 12-5 R2 Initial Config

!##################################################
!
enable
configure terminal
!
hostname R2
no ip domain-lookup
ipv6 unicast-routing
!
interface Loopback0
description ### IPv6 SIMULATED NETWORK ###
ipv6 address 2001:ABAD:BEEF:2002::1/64
ipv6 ospf network point-to-point
!

ipv6 ospf 1 area 2


interface Serial0/0
description ### LINK TO FRAME RELAY SWITCH ###

!##################################################
no ip address
!#
Free CCNA Workbook
Lab 12-5 R3 Initial Config
encapsulation
frame-relay

!##################################################
no frame-relay inverse-arp
!exit

enable
!

configure
interface terminal
Serial0/0.221 point-to-point
!description ### LINK TO R1 ###

hostname
R3
ipv6 address
2001:ABAD:BEEF:1221::2/64
no
ip domain-lookup
frame-relay
interface-dlci 221

ipv6
ipv6unicast-routing
ospf 1 area 0
!exit

interface Loopback0
!

description
### IPv6 SIMULATED
NETWORK ###
interface
Serial0/0.223
point-to-point
ipv6 address###
2001:ABAD:BEEF:3003::1/64
description
LINK TO R3 ###

ospf network
point-to-point
ipv6 address
2001:ABAD:BEEF:2332::2/64

ipv6 ospf 1 interface-dlci


area 3
frame-relay
223

!ipv6 ospf 1 area 0

interface
Serial0/0
exit

!description ### LINK TO FRAME RELAY SWITCH ###


encapsulation
frame-relay
ipv6
router ospf
1

no frame-relay
inverse-arp
router-id
2.2.2.2
exit
log-adjacency-changes

!
http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-access-list/[4/12/2015
7:29:38 PM]

Configuring IPv6 Access Control Lists | Free CCNA Workbook

Lab Objectives
Verify that youre able to ping R3s loopback0 interface from R1s Loopback0 interface.
Verify that youre able to telnet from R1s Loopback0 interface to R3s Loopback0 interface via port 80 (WWW).
Configure an IPv6 ACL on R2 named TEST and deny R1s Loopback0 interface access to R3s Loopback interface Via port 80
then permit all other traffic.
Configure the newly created IPv6 ACL on R2 as an ingress traffic-filter on R2s Serial0/0.221 sub-interface.
Verify that R1s Loopback0 interface can still ping R3s Loopback0 interface.
Verify that traffic sourced from R1s Loopback0 is being denied access to R3s Loopback0 interface via port 80 using the
telnet.

Lab Instruction
Objective 1. Verify that youre able to ping R3s loopback0 interface from R1s Loopback0 interface.
R1#ping 2001:ABAD:BEEF:3003::1 source Loopback0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:ABAD:BEEF:3003::1, timeout
is 2 seconds:
Packet sent with a source address of 2001:ABAD:BEEF:1001::1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/44/64 ms
R1#

Objective 2. Verify that youre able to telnet from R1s Loopback0 interface to R3s Loopback0 interface via port 80 (WWW).
Read Me
After establishing a connection, to exit press CTRL + C and enter then it should terminate the connection giving you an HTTP 400
error as shown below;
R1#telnet 2001:ABAD:BEEF:3003::1 www /source-interface loopback 0
Trying 2001:ABAD:BEEF:3003::1, 80 ... Open
^C
HTTP/1.1 400 Bad Request
Date: Sun, 19 Sep 2010 23:51:32 GMT
Server: cisco-IOS
Accept-Ranges: none
400 Bad Request
[Connection to 2001:ABAD:BEEF:3003::1 closed by foreign host]
R1#
Objective 3. Configure an IPv6 ACL on R2 named TEST and deny R1s Loopback0 interface access to R3s Loopback interface Via
port 80 then permit all other traffic.
R2#configure terminal
Enter configuration commands, one per line.

End with CNTL/Z.

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-access-list/[4/12/2015 7:29:38 PM]

Configuring IPv6 Access Control Lists | Free CCNA Workbook

R2(config)#ipv6 access-list TEST


R2(config-ipv6-acl)#sequence 10 deny tcp 2001:ABAD:BEEF:1001::1/128 host
2001:ABAD:BEEF:3003::1 eq www
R2(config-ipv6-acl)#sequence 20 permit any any
R2(config-ipv6-acl)#exit
R2(config)#
Objective 4. Configure the newly created IPv6 ACL on R2 as an ingress traffic-filter on R2s Serial0/0.221 sub-interface.
R2(config)#interface Serial0/0.221
R2(config-subif)#ipv6 traffic-filter TEST in
R2(config-subif)#end
R2#
%SYS-5-CONFIG_I: Configured from console by console
R2#
Objective 5. Verify that R1s Loopback0 interface can still ping R3s Loopback0 interface.
R1#ping 2001:ABAD:BEEF:3003::1 source Loopback0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:ABAD:BEEF:3003::1, timeout
is 2 seconds:
Packet sent with a source address of 2001:ABAD:BEEF:1001::1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/33/72 ms
R1#
Objective 6. Verify that traffic sourced from R1s Loopback0 is being denied access to R3s Loopback0 interface via port 80 using
the telnet.
R1#telnet 2001:ABAD:BEEF:3003::1 www /source-interface loopback 0
Trying 2001:ABAD:BEEF:3003::1, 80 ...
% Destination unreachable; gateway or host down
R1#
As shown above you can see that traffic from R1s loopback0 destined to R3s loopback0 interface via port 80 is now being dropped
at R2. You can further verify this by viewing the Access List Statistics on R2 as shown below;
R2#show access-list TEST
IPv6 access list TEST
deny tcp host 2001:ABAD:BEEF:1001::1 host 2001:ABAD:BEEF:3003::1
eq www (1 match) sequence 10
permit ipv6 any any (32 matches) sequence 20
R2#

Previous Lab

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-access-list/[4/12/2015 7:29:38 PM]

Configuring IPv6 Access Control Lists | Free CCNA Workbook

Like

Tweet

About Free CCNA Workbook

Latest Tweets

Useful Links

In 2008 Free CCNA Workbook originally

1 month ago
The Core Knowledge

Stub Lab GNS3 Topology File

started as a sharable PDF but quickly

section of Lab 7-11 in the CCNA

Download

evolved into the largest CCNA training

Security Workbook has been

lab website on the net!

published. Didnt have time to finish

:( http://t.co/wjL6GYuo2O

CCNA labs that can be completed using


the GNS3 platform.

Download
Reddit.com CCNA Community

The website was founded in late 2009


with the goal of providing FREE Cisco

GNS3 - Cisco Device Emulator

1 month ago
Who in their right
mind would build a perimeter using

Junos Workbook | Free Juniper


JNCIA Training

ASA's as the BGP Peering


devices? What happened to letting

Putty Terminal Emulator (Free

firewalls be firewalls?

Download)
Quiz Me! - CCNA R&S Practice
Exam

Copyright 2009-2014 Free CCNA Workbook All Rights Reserved.


Legal | Privacy Policy | Sitemap | Contact Us

http://www.freeccnaworkbook.com/workbooks/ccna/configuring-ipv6-access-list/[4/12/2015 7:29:38 PM]

Você também pode gostar