Aut Hor I Zed: LAB Manual

Aut
hor
ized St
ude
ntL
abMa
nua
l
CCNP
L
ABMANUAL
www.
net
wor
ker
sho
me.
com
Emai
l:i
nfo@net
wor
ker
shome.
com
Aut
hor
ized
CCNPRo
uteL
abWo
rkb
ook
Mo
dul
e:
1–VL
SMa
ndRo
uteSumma
riz
ati
on
Copyr
ightsNetworker
sHome2007-2015
Websi
te:ht
tp:
//
www.networker
shome.com;i
nfo@net
worker
shome.
com
Page2of193
Variable-Length Subnet Mask
Definition
Variable-Length Subnet Mask(VLSM): provides the ability to have more than one subnet
mask within your major network. It also allows you to further subnet your already subnetted
networks. Requires Classless Routing Protocols.
Advantages
Efficient Use of IP addresses: Without VLSMs, networks would have to use the same subnet
mask throughout the network. But all your networks don’t have the same number of hosts.
For example: You have 2 LAN connected via a Serial Point-to-point connection. Each LAN has
50 Hosts on it. When you assign the subnet mask, it has to be consistent across your network. So
you end up assign a sub-network address to the WAN connection with 62 hosts, whereas you
only need 2.
Greater Capability for Route Summarization: Route Summarization is covered in detail, later
on in this module.
Copyrights Networkers Home 2007-2015

Website: http://www.networkershome.com ; info@networkershome.com
Page 3 of 193
Calculating VLSMs
25 Hosts
25 Hosts
25 Hosts
25 Hosts
In this example, we want to connect the Main Site to the Branch Offices. If we used a fixed
length subnet mask, we would need 4 networks for the LANs and 3 Networks for WANs, a total
of 7 networks. Let us say we have a Class C address of 200.200.200.0 assigned to us. If we need
7 networks, we have to borrow 4 bits, giving us 14 networks. But it will only give us 14 hosts per
network. In order to get around this problem, we will use VLSMs.
In VLSMs, we can get away with borrowing only 3 bits. 3 bits give us 6 usable networks with
30 hosts per network. We will use the first 4 networks for our LAN based networks, and subnet
the fifth one further to give us additional networks with less hosts on each for our WAN
connections. Our WAN connections only require 2 hosts per network and we need 3 Networks.
Subnetting the 200.200.200.0 network into 6 subnets
 We borrow 3 bits, giving us a new mask of 255.255.255.224 or 27 bit Subnet Mask.

 Our new networks are as follows:
200.200.200.32/27
200.200.200.64/27
200.200.200.96/27
200.200.200.128/27
200.200.200.160/27
200.200.200.192/27

Page 4 of 193
 We will assign the first 4 networks to our LAN-Based Networks.
 We can take either the 5th or 6th network and further subnet it. Let’ use the 5 th network
and further subnet it.
Decimal Binary
Subnet :200.200.200.10100000 (200.200.200.160)
Mask : 255.255.255.11100000 (255.255.255.224)
 We only need 2 hosts per WAN connection. We will borrow a further 3 bits from this
network, leaving only 2 bits for hosts on each network.
 The network numbers are as follows:
200.200.200.10100100 (200.200.200.164) Valid Host Range: 165-166

200.200.200.10101000 (200.200.200.168) Valid Host Range: 169-170
200.200.200.10101100 (200.200.200.172) Valid Host Range: 173-174
200.200.200.10110000 (200.200.200.176) Valid Host Range: 177-178
200.200.200.10110100 (200.200.200.180) Valid Host Range: 181-182
200.200.200.10111000 (200.200.200.184) Valid Host Range: 185-186
 So you can choose any 3 of the above network addresses for the WAN connections.
200. 200.200.32/ 27
200. 200.200.164/30
25 Hosts
25 Hosts 200. 200.200.168/30

200. 200.200.64/ 27
25 Hosts
200. 200.200.96/ 27
200. 200.200.128/27 25 Hosts
200. 200.200.172/30

Page 5 of 193
Written Exercise for Calculating VLSMs
Exercise 1
25 Hosts
5 Hosts
25 Hosts
5 Hosts
5 Hosts
Objective: Given an IP address of 200.1.1.0, use VLSMs to assign IP addresses in a efficient

manner by minimizing loss of host addresses.
Write the Network Addresses for all the networks including the WAN connections. Make sure to
write the Subnet Mask in the bit format (/24).

Page 6 of 193
Route Summarization
Definition
Route Summarization: reduces the number of routes that a router must maintain because it
represents a series of network numbers in a single summary address.
Advantages
 Reduces the size of Routing Tables

 Isolates Topology changes from other routes in a Large Network
Routing Table
150. 50. 33. 0/24 150. 50. 33. 0/24
150. 50. 34. 0/24
150. 50. 35. 0/24
150. 50. 34. 0/24

A B
Routing Table 150. 50. 35. 0/24

150. 50. 0.0/ 16

Page 7 of 193
Summarizing within an Octet
Let us say that we the following networks connected to a Router named LA:
150.50.64.0/24
150.50.65.0/24
150.50.66.0/24
150.50.67.0/24
150.50.68.0/24
150.50.69.0/24
150.50.70.0/24
150.50.71.0/24
LA is connected to another router SD. LA wants to minimize the number of entries it sends to
SD.
Write the network in Binary Format.
150.50.01000000.00000000 (150.50.64.0)
150.50.01000001.00000000 (150.50.65.0)
150.50.01000010.00000000 (150.50.66.0)
150.50.01000011.00000000 (150.50.67.0)
150.50.01000100.00000000 (150.50.68.0)
150.50.01000101.00000000 (150.50.69.0)
150.50.01000110.00000000 (150.50.70.0)
150.50.01000111.00000000 (150.50.71.0)
Starting from High order bits towards low order bits (Left to Right), look at the bits that are
common and draw a line.
150.50.01000000.00000000 (150.50.64.0)
150.50.01000001.00000000 (150.50.65.0)
150.50.01000010.00000000 (150.50.66.0)
150.50.01000011.00000000 (150.50.67.0)
150.50.01000100.00000000 (150.50.68.0)
150.50.01000101.00000000 (150.50.69.0)
150.50.01000110.00000000 (150.50.70.0)
150.50.01000111.00000000 (150.50.71.0)
The summarized address will be address you get from the common high order bits.
150.50.01000000.00000000 (150.50.64.0).
Your Subnet mask will the number of common bits, which is 16 + 16 + 5 = 21

Page 8 of 193
The Route that will be sent is 150.50.64.0/21.
Written Exercise for Route Summarization
Exercise 1
131.107.1.192/28 131.107.1.208/28
LA SF
131.107.1.64/28 131.107.1.80/28
OC 131.107.1.128/28
131.107.1.144/28
131.107.1.160/28
131.107.1.96/28 131.107.1.176/28
SD
131.107.1.112/28
Where would you do Route Summarization?
What would the Summarized addresses be?

Page 9 of 193
Written Exercise for Route Summarization
Exercise 2
131.107.1.128/28 131.107.1.144/28
LA SF
131.107.1.176/28 131.107.1.160/28
131.107.1.64/28
OC 131.107.1.80/28
131.107.1.96/28
131.107.1.112/28
131.107.1.192/28
SD 131.107.1.208/28
131.107.1.48/28
Where would you do Route Summarization?
What would the Summarized addresses be?

Page 10 of 193
Aut
hor
ized
CCNPRo
uteL
abWo
rkb
ook
Mo
dul
e:0
2–Ba
sicRI
PCo
nﬁgur
ati
on
Copyr
ightsNetworker
sHome2007-2015
Websi
te:ht
tp:
//
www.networker
shome.com;i
nfo@net
worker
shome.
com
Page1 1of193
Lab 1 – Basic RIP Configuration
R1 S 0/0(.1) 192.1.12.0/24 R2
S 0/0 (.2)
L0 1.1.1.1/8 L0 2.2.2.2/8
R1 Configuration
Interface IP Address Subnet M ask

Loopback 0 1.1.1.1 255.0.0.0
S 0/0 192.1.12.1 255.255.255.0
R2 Configuration

Loopback 0 2.2.2.2 255.0.0.0
S 0/0 192.1.12.2 255.255.255.0
Objective: Configuring RIP v1 on the routers to exchange routes between the

routers.
On R1
router#conf t
router(config)#hostname R1
R1(config)#Router RIP
R1(config-router)#no auto-summary
R1 (config-router)#net 1.0.0.0

Page 12 of 193
On R2
Router#conf t
On Both Routers
Type Show ip route
What networks do you see listed?
Ping your partner’s Loopback Interface address. Are you successful?

Page 13 of 193
Lab 2 – RIP Operation
(Note: This lab builds on the configuration of Lab 1)
Objective: Looking at the operation of RIP v1. You will take a look at the
Broadcast classfull updates. You will also take a look at the effect of Passive-
Interface command and the effect of turning off Split Horizon.
On Both Routers
Rx#debug ip rip (W here x is your Router number)
RIP: Sending V1 update to 255.255.255.255 via Serial 0/0 (192.1.12.1)

RIP: Build update entries
Network 10.0.0.0 metric 1
RIP: Sending V1 update to 255.255.255.255 via Loopback 0 (1.1.1.1)
Network 2.0.0.0
Network 192.1.12.0
RIP: received V1 update from 192.1.12.2 on serial 0/0
2.0.0.0 in 1 hop
Interesting Facts
Does not include the directly connected network (192.1.12.0) in its
update towards R2.
Does not include 2.0.0.0 network although it does exist in its routing
table back towards R2.
The destination address is a Broadcast
It does not send periodic updates at constant intervals (Time Jitters)
On R1
R1(config)#int loopback 0
R1(config-if)#shut
RIP: build flash update entries

network 1.0.0.0 metric 16
RIP: sending v1 update to 255.255.255.255 via Serial0/0 (192.1.12.1)

Page 14 of 193
Interesting Facts
 When a route goes down, the router does not wait for Periodic Update. It
sends a Triggered update with a Poisoned route with a metric of 16
 Notice R2 also sends an immediate Triggered Update back, indicating
that you can’t reach 10.0.0.0 cannot be reached through it.
On R1
R1(config)#int loopback 0
R1(config-if)#no shut
Turning Split Horizon Off
On Both Routers
Rx(Config)#int s 0/0
Rx(Config-if)#no ip split-horizon
RIP: Sending v1 update to 255.255.255.255 via Serial0/0 (192.1.12.1)

RIP: build update entries
Interesting Facts
The router is advertising all routes. Even the ones that it learned from
the same router. The reason it does make it to the routing table is
because the Router has a better metric to the route.
Passive Interfaces
On Both Routers
Rx(config)#router rip
Rx(config-router)#passive interface Loopback 0
Interesting Facts
 The router stops advertising from the Loopback interface. The command
is useful for cutting down unnecessary broadcast over an interface that
only has hosts on it and no router.

Page 15 of 193
Lab 3 – RIP using UNICAST
Objective: Turn Spilt-Horizon back on. You would like to send Unicast updates
between R1 and R2 instead of Broadcast updates.
Turning Split Horizon Back on
On Both Routers
Rx(Config)#int s 0/0
Rx(Config-if)#ip split-horizon
Sending Unicast Updates on S 0/0 interface
On R1
R1(config)#Router rip
R1(config-router)#passive interface S 0/0
R1(config-router)#neighbor 192.1.12.2
On R2
R2(config-router)#passive interface S 0/0
Passive interface command disables RIP from sending broadcasts over a

specific interface. The neighbor allows updates to go to specific IP
addresses. So It will disables all RIP broadcasts and only send unicast
updates to each other.

Page 16 of 193
Lab 4 – Injection of Default
Route
R1 S 0/0(.1) 192.1.12.0/24 R2
S 0/0 (.2) L0 2.2.2.2/8
L0 1.1.1.1/8
E 0/0 (.2)
192.1.23.0/24
E 0/0 (.3)
S 0/0(.4) 192.1.34.0/24
S 0/0 (.3)
L0 4.4.4.4/8 L0 3.3.3.3/8
R4 R3
R1 Configuration

Loopback 0 1.1.1.1 255.0.0.0
E 0/0 192.1.12.1 255.255.255.0
R2 Configuration

Loopback 0 2.2.2.2 255.0.0.0
E 0/0 192.1.12.2 255.255.255.0
S 0/0 192.1.23.1 255.255.255.0

Page 17 of 193
R3 Configuration

Loopback 0 3.3.3.3 255.0.0.0
S 0/0 192.1.23.3 255.255.255.0
E 0/0 191.1.34.3 255.255.255.0
R4 Configuration

Loopback 0 4.4.4.4 255.0.0.0
S 0/0 192.1.34.4 255.255.255.0
Objective: R1 is acting as the ISP and R2 is the Edge Router for a company
that is running RIP internally between R2, R3 and R4. R1 will have static
routes towards all the company networks. R2 will have a default route pointing
towards R1.
On R1
R1#conf t
R1(config)#ip route 2.0.0.0 255.0.0.0 192.1.12.2
R1(config)#ip route 3.0.0.0 255.0.0.0 192.1.12.2
R1(config)#ip route 4.0.0.0 255.0.0.0 192.1.12.2
R1(config)#ip route 192.1.23.0 255.255.255.0 192.1.12.2
R1(config)#ip route 192.1.34.0 255.255.255.0 192.1.12.2
On R2
R2#conf t
R2(config)# ip route 0.0.0.0 0.0.0.0 192.1.12.1
R2(config-router)#net 2.0.0.0

Page 18 of 193
On R3
R3#conf t
On R4
R4#conf t
On R3 and R4
Type Show IP route. Do you see an entry learned through RIP that has
a *?
By default, RIP will advertise the default route to other RIP enabled
routers.
Enter Debug IP RIP and view the routing table entries going from R2 to
R3 and R4.

Page 19 of 193
Lab

5 – Default Network using
Default Information Originate
(Builds on Lab 4)
Objecctive: Use the default-information originate instead of the default-route

on R2 to inject the default route into R3 and R4. You will no longer be using
the default route towards R1. Configure a static route to provide reachability
towards 1.0.0.0 network.
On R2
R2(config)#no ip route 0.0.0.0 0.0.0.0 192.1.12.1
R2(config)#clear ip route *
R2(config)#ip route 1.0.0.0 255.0.0.0 192.1.12.1
On R3 and R4
 Type Show IP route. Do you see an entry learned through RIP that has a
*?
 This is done by using the Default-information originate on R2
 Enter Debug IP RIP and view the routing table entries going from R2 to R3
and R4.

Page 20 of 193
Aut
hor
ized
CCNPRo
uteL
abWo
rkb
ook
Mo
dul
e:0
3–RI
PVe
r2L
abs
Copyr
ightsNetworker
sHome2007-2015
Websi
te:ht
tp:
//
www.networker
shome.com;i
nfo@net
worker
shome.
com
Page21of193
Lab 1 – Basic RIP v2 Configuration
R1 S 0/0(.1) 192.1.12.0/2 R2
S 0/0 (.2)
L0 1.1.1.1/8 4 L0 2.2.2.2/8
R1 Configuration

Loopback 0 1.1.1.1 255.0.0.0
S 0/0 192.1.12.1 255.255.255.0
R2 Configuration
Loopback 0 2.2.2.2 255.0.0.0
S 0/0 192.1.12.2 255.255.255.0
Objective: Configuring RIP v1 on the routers to exchange routes between the

routers.
On R1
router#conf t
R1(config-router)#version 2

Page 22 of 193
On R2
Router#conf t
On Both Routers
Type Show ip route
What networks do you see listed?
Ping your partner’s Loopback Interface address. Are you successful?

Page 23 of 193
Lab 2 – RIP 2 Operation
Objective: Looking at the operation of RIP v2. You will take a look at the
Multicast classless updates.
On Both Routers
Rx#debug ip rip (W here x is your Router number)
RIP: Sending V2 update to 224.0.0.9 via Serial 0/0 (192.1.12.1)

Network 1.0.0.0/8 metric 1, External Tag 0
RIP: Sending V2 update to 224.0.0.9 via Loopback 0 (1.1.1.1)
RIP: received V2 update from 192.1.12.2 on serial 0/0
2.0.0.0/8 in 2 hop metric 1, External Tag 0
Interesting Facts
Update is a V2 Update
Includes the Subnet Mask
The destination address.

Page 24 of 193
Lab 3 – Compatibility with RIP
Version 1
R1 S 0/0(.1) 192.1.12.0/2 R2
S 0/0 (.2)
L0 1.1.1.1/8 4 L0 2.2.2.2/8
E 0/0 (.2)
192.1.23.0/2
4
E 0/0 (.3)
S 0/0(.4) 192.1.34.0/2
S 0/0 (.3)
L0 4.4.4.4/8 4 L0 3.3.3.3/8
R4 R3
R1 Configuration

Loopback 0 1.1.1.1 255.0.0.0
E 0/0 192.1.12.1 255.255.255.0
R2 Configuration

Loopback 0 2.2.2.2 255.0.0.0
E 0/0 192.1.12.2 255.255.255.0
S 0/0 192.1.23.1 255.255.255.0
R3 Configuration

Loopback 0 3.3.3.3 255.0.0.0
S 0/0 192.1.23.3 255.255.255.0
E 0/0 191.1.34.3 255.255.255.0

Page 25 of 193
R4 Configuration
Loopback 0 4.4.4.4 255.0.0.0
S 0/0 192.1.34.4 255.255.255.0
Objective: R3 does not support RIP v2. Configure R1, R2 and R4 with RIP v2.
Configure R3 with RIP V1. Allow R2 and R4 to exchange routes with R3.
On R1
R1#conf t
On R2
R2#conf t
R2(config-router)#Interface E 0/0
R2(config-if)#ip rip send v1
R2(config-if)#ip rip receive v1
On R3
R3#conf t

Page 26 of 193
On R4
R4#conf t
R4(config-router)#Interface S 0/0
R4(config-if)#ip rip send version 1
R4(config-if)#ip rip receive version 1
On R2
Type Debug ip rip
When R2 sends an update to R1, what address does it use?
When R2 sends an update to R3, what address does it use?
When R4 sends an update to R3, what version does it use?
When R3 sends an update to R2 and R4, what version does it use?

Page 27 of 193
Lab 4 – RIP V2 Plain Text
Authentication
Objective: Configure Plain Text Authentication on all routers. Enable RIP v2

on R3. Disable sending of v1 updates on R2 and R4 before enabling
authentication on all the routers.
Enable RIP V2 on all routers and Disable IP RIP Send and

Receive Version 1 commands
R1
(Requires no change)
R2
R2(config)#interface E 0/0
R2(config-if)#no ip rip send version 1
R2(config-if)#no ip rip receive version 1
R3
R4
R4(config)#interface S 0/0
R4(config-if)#no ip rip send version 1
R4(config-if)#no ip rip receive version 1
Enable Plain-text Authentication of all the Routers
R1
R1(config)#key chain KC-1
R1(config-keychain)#key 1
R1(config-keychain-key)#key-string CISCO
R1(config-keychain-key)#exit

Page 28 of 193
R1(config)#int S 0/0
R1(config-if)#ip rip authentication key-chain KC-1
R2
R2(config-if)#int E0/0
R2(config-if)# ip rip authentication key-chain KC-1
R3
R3(config-if)#int E0/0
R3(config-if)# ip rip authentication key-chain KC-1
R4
Checking the Authentication On all Routers
Type Debug ip rip
Can you see the authentication happening?
Can you see the password in the debug information?
What is the password that is being passed between the routers?

Page 29 of 193
Lab 5 – RIP V2 MD5 Authentication
Objective: Configure MD5 Authentication on all routers.
Enable RIP V2 MD 5 Authentication on all routers
R1
R1#config t
R1(config-if)#ip rip authentication mode md5
R2
R2#config t
R2(config-if)#int E 0/0
R2(config-if)# ip rip authentication mode md5
R3
R3#config t
R3(config)#int E 0/0
R4
R4#config t
Checking the Authentication On all Routers
Type Debug ip rip
Can you see the authentication happening and if so, can you see the
actual password?

Page 30 of 193
Aut
hor
ized
CCNPRo
uteL
abWo
rkb
ook
Mo
dul
e:0
4–E
IGRP
Copyr
ightsNetworker
sHome2007-2015
Websi
te:ht
tp:
//
www.networker
shome.com;i
nfo@net
worker
shome.
com
Page31of193
Enhanced IGRP (EIGRP)
Cisco proprietary routing protocol.
First released in 1994 with IOS version 9.21.
Advance Distance Vector/Hybrid routing protocol that has the behavior

of distance vector with several Link State features, such as dynamic
neighbor discovery.
Features
Rapid Convergence: EIGRP uses DUAL to achieve rapid convergence. It
stores a backup route if one is available, so it can quickly re -converge
incase a route goes down. If no backup route exists, EIGRP will send a
query to its neighbor/s to discover an alternate path. These queries are
propagated until an alternate route is found.
Reduced Bandwidth Usage/Incremental Updates: In EIGRP updates are

still sent to directly connected neighbors, much like distance vector
protocols, but these updates are:
 Non-Periodic: The updates are not sent at regular intervals, rather

when a metric or a topology change occurs.
 Partial: Updates will include the routes that are changed and not
every route in the routing table.
 Bounded: Updates are sent to affected routers only.
Another issue regarding bandwidth usage is the fact that EIGRP by

default will only consume 50% of the bandwidth of the link during
convergence. This parameter can be adjusted to a higher or lower value
eith the following command:
Ip bandwidth-percent eigrp <AS number> <number that represents
the percentage>
Classless Routing Protocol: This means that advertised routes will

include their subnet mask, this feature will eliminate the issue
pertaining to discontiguous networks. VLSM and Manual Summarization
is also supported on any router within the enterprise.
Security: With IOS version 11.3 or better, EIGRP can authenticate using
only MD5, the reason EIGRP does not support clear text is because,

Page 32 of 193
EIGRP can only be used within CISCO routers, and all Cisco routers
support MD5 authentication. But the routes are not encrypted, so a
sniffer can easily see the password/s.
M ultiple Network Layer Protocol Support: EIGRP can support IP, IPX,
and AppleTalk, whereas the other routing protocols support only one
routed protocol. EIGRP will also perform auto-redistribution with NLSP,
IPXRIP, RTMP. EIGRP supports incremental SAP and RIP updates, 224
HOPS, and it uses bandwidth + delay which is far more better than just
Ticks and Hops used by IPXRIP. For RTMP it supports event driven
updates, but it must run in a clientless networks(WAN), and also a better
metric calculation.
Use Of M ulticast Instead Of Broadcast: EIGRP uses multicast address

of 224.0.0.10 instead of broadcast.
Unequal and Equal Cost Path Load-Balancing: This feature will enable
the administrators to distribute traffic flow in the network. By default
EIGRP will use up to 4 paths and this can be increased to 6.
OSI and EIGRP: Like all TCP/IP routing protocols EIGRP relies in IP to
deliver the packets, EIGRP maps to the transport layer of OSI and uses
protocol number 88.
Support Of Different Topology: EIGRP can support broadcast multi-

access topologies such as Token-Ring, and Ethernet. Point to point
topology such as HDLC. NBMA topology such as Frame-Relay.
Easy configuration: The configuration of EIGRP is very similar to IGRP

which is very simple.
Support of hierarchical addressing scheme: Eigrp supports FLSM,

VLSM, CIDR/Supernetting.
100% Loop Free: EIGRP uses DUAL to attain fast convergence while
maintaining a totally loop free topology at every instance.
M etrics: EIGRP uses 2 step metric: 1. VECTOR 2. COMPOSITE

 Vector metric is: Min MTU, MAX Load, Min Reliability, Total delay,
Min Bandwidth and Hop count.
 The vector metric of a route received from a neighbor is computed
from the received vector metric and the metric of the interface
through which the route was received.

Page 33 of 193
 After the vector is received and calculated it is stored in the
topology table.
 The vector metric is never adjusted in the outgoing updates, the
router always reports the values it has in its topology table and
relies on the receiving router to adjust the values.
S 0/0 10.1.1.2/30 S 0/1 10.2.1.1/30
R-B
S 0/0 10.2.1.2/30
S 0/0 10.1.1.1/30
R-A R-C
S 0/1 10.3.1.2/30
S 0/1 10.4.1.1/30
R-D
S 0/1 10.4.1.2/30 S 0/0 10.3.1.1/30
 In the above diagram, the minute the Ethernet port on R-A comes
active, it notifies R-B, and R-D with its own vector metric, R-D, and
R-B will adjust these values based on the parameters of their
interface to R-A, and then they will advertise that cost to R-C.
 EIGRP uses the same formula as IGRP to calculate its composite
metric, with one difference and that is EIGRP scales the metric
component by 256 to achieve a finer metric granularity. This
metric is calculated using Bandwidth, Delay, Reliability, Load, and
MTU. The formula that it uses is as follows:
 You can view the detailed vector and composite metric of a single
EIGRP route from the topology table with the following command:
“ sh ip eigrp top <ip-address> “
EIGRP Metric Calculation uses the following formula:
 Metric = [107/Bandwidth(min))+(Delay(Sum)]/10)]*256

Page 34 of 193
 Bandwidth = the smallest of all bandwidths in the path to a
given destination divided by 10,000,000.
 Delay = the sum of all the delay values assigned to the

interfaces along the path to a given destination divided by 10.
To find out the value of bandwidth and the delay associated to a given
interface, “ sh interface < the interface type > x “ where x is the
interface number.
 These values can be changed with the following interface mode

commands:
 “ bandwidth < bandwidth in Kbps> “
 “ delay < delay in tens of microseconds > “

Page 35 of 193
Terminology
Feasible Distance: FD is equal to advertised distance of a neighbor plus
the cost of the link to that neighbor. In some cases we may have multiple
routes to the same destination, in situation like that FD will be based on
the lowest metric.
Feasibility Condition: It is a condition that is met if a neighbor’s

advertised distance to a destination is lower than the router’s FD to that
same destination.
o FC states, that the route must be advertised by a downstream
neighbor (with respect to the destination), and the cost of the
advertising routes to the destination must be less than or equal to
the cost of the route that is currently being used by the router
receiving the advertisement.
Successor: A directly connected neighboring router that has the best

route to a given destination. These routers are always downstream
routers.
o In order for a neighbor to become the successor, that neighbor
must firstmeet the FC. Successors are entries that are kept in the
routing table.
Feasible Successor: FS are downstream neighboring router/s through

which a destination can be reached. FS are nothing but backup routes to
a given destination, or second best route to a given destination.
o FS s are kept in the topology table, and there may be more than
one FS per destination.
o If a neighbor’s advertising distance to a destination meets the FC,
the neighbor becomes a FS for that destination.
Active State: When a router loses its route to a destination and no FS is

available in the topology table, the router goes into active state, in this
state the router sends out queries to all neighbors in order to find a route
to that destination. It is possible for the routers that are receiving the
queries to send queries to their neighbor, this can create a ripple effect.
Passive State: When there is no change in the internetwork, there is no

need to do a computation or convergence, so the routers are all in
passive state. Even when a router loses its successor, as long as that
router has a FS in the topology table, the router will remain in the
passive state (normal state), and it will place the FS in the routing table,
and no computation will be performed.

Page 36 of 193
Topology Table: This includes route entries for all the destinations that
the router has learned. FS are kept in this table for rapid convergence.
Neighbor table: Each Eigrp router has a neighbor table that has a list of
adjacent routers. Neighbor relationships ensure a bi-directional
communication between each of the directly connected neighbor.
Routing Table: Eigrp uses the best path to a given destination (the
Successor/s) from the topology table and places it into the routing table.
Downstream: A router which is closer to the destination than the local

router.
Upstream: This router is further away from the destination than the
local router. This router will use the local router to get to the destination.
Advertised Distance: Is a distance reported to the current router, by a

neighbor. Sometimes its referred to as Reported Distance.

Page 37 of 193
Packet Types
Hello: Used for neighbor discovery process. Hello packets are sent as
multicasts, and they use unreliable delivery meaning that they do not
need an ACK, as long as these packets are received the routers can
determine that the neighbor is up.
Update: Update packets convey route information, these are transferred

when necessary, and are sent only to the routers that require the
information. When updates are requested by a single router, the sending
router will use unicast to convey the route information’s, but if an up
date is requested by more than one router, then the updates are
multicast out to 224.0.0.10 address. The updates require ACK s. These
packets are used when a router comes up for the first time, or when
there is a topology change, or the metric of a route is changed for better
or worst.
Acknowledgements or ACK s: These packets are sent by the routers to

acknowledge the receipt of an update. Acknowledgement packets use
unicast and use unreliable delivery method.
Queries: When a router looses its successor and has no feasible

successor in the topology table, it will send a query to all neighbors in
the neighbor table. Queries will always use multicast and requires an
ACK.
Replies: These packets are sent in response to queries, these packets

will always use unicast and require an ACK.

Page 38 of 193
EIGRP Summarization
Purpose: Smaller routing table, smaller updates, and query boundary.

Auto-summarization: Auto-summarization is turned on by default, and
it is done on the major network boundary, subnets are summarized to a
single classfull networks.
M anual Summarization: Auto-summarization can be turned off, unlike
OSPF manual summarization can be done on any router in any location.

Page 39 of 193
Aut
hor
ized
CCNPRo
uteL
abWo
rkb
ook
Mo
dul
e:0
4–E
IGRPL
abs
Copyr
ightsNetworker
sHome2007-2015
Websi
te:ht
tp:
//
www.networker
shome.com;i
nfo@net
worker
shome.
com
Page40of193
Lab 1 – Configuring Basic EIGRP
R1 S 0/0(.1) 192.1.12.0/24 R2
S 0/0 (.2) L0 2.2.2.2/8
L0 1.1.1.1/8
R1 Configuration

Loopback 0 1.1.1.1 255.0.0.0
S 0/0 192.1.12.1 255.255.255.0
R2 Configuration

Loopback 0 2.2.2.2 255.0.0.0
S 0/0 192.1.12.2 255.255.255.0
Objective: Configuring EIGRP to look at the basic configuration on EIGRP.
On R1
R1(config)#Router eigrp 12
On R2

Page 41 of 193
Test the Configuration
Type SH IP ROUTE
What routes do you see?
Are the metrics advertised correct?
Breakdown the Calculation for the Metric.
Metric = Bandwidth (min) + Delay (sum)
Type SH IP OSPF NEIGHBOR
H Address Interface Hold Uptime SRTT RTO Q

Seq
(sec) (ms) Cnt Num
0 192.1.12.2 Se0/0 10 00:06:21 12 200 0
What is the Hello Time?
Type SH IP EIGRP TOPOLOGY. This shows the Topology table.
Type SH IP EIGRP TOPOLOGY 2.0.0.0.
Notice the Vector and Composite Metric
Type SH IP EIGRP TRAFFIC
See how the Hello # are changing and updates are not.
Bring the loopback interface down
Note the Values in the output. See how the queries number increased
Bring the loopback interface back up
Note how the update # changes

Page 42 of 193
Changing the Hello-interval and Hold-time timers
On Both Routers
R1(config-if)#ip hello-interval eigrp 12 20
R1(config-if)#ip hold-time eigrp 12 60
Type SH IP EIGRP NEIGHBOR
What and whose time do you see?

Page 43 of 193
Lab 2 - Basic Metric Calculation
R1 S 0/0(.1) 192.1.12.0/24 R2
S 0/0 (.2) L0 2.2.2.2/8
L0 1.1.1.1/8
E 0/0 (.2)
192.1.23.0/24
E 0/0 (.3)
S 0/0(.4) 192.1.34.0/24
S 0/0 (.3) L0 3.3.3.3/8
L0 4.4.4.4/8
R4 R3
Objective: Verifying the EIGRP Metric calculations.
R1 Configuration

Loopback 0 1.1.1.1 255.0.0.0
E 0/0 192.1.12.1 255.255.255.0
R2 Configuration
Loopback 0 2.2.2.2 255.0.0.0
E 0/0 192.1.12.2 255.255.255.0
S 0/0 192.1.23.1 255.255.255.0
R3 Configuration

Loopback 0 3.3.3.3 255.0.0.0
S 0/0 192.1.23.3 255.255.255.0

Page 44 of 193
E 0/0 191.1.34.3 255.255.255.0
R4 Configuration
Loopback 0 4.4.4.4 255.0.0.0
S 0/0 192.1.34.4 255.255.255.0
On R1
On R2
On R3
On R4
Type SH IP ROUTE
Do you see all the routes?
Type SH IP EIGRP NEIGHBOR.
Who are your neighbors?

Page 45 of 193
Verify that the Metric Calculations are done based on the EIGRP Metric
Lab 3 – Passive Interfaces with EIGRP
calculation formula:
Metric = [ 10 7/BW (min) + Delay(sum) / 10] * 256
Objective: Configuring Passive Interfaces on EIGRP to disable sending of

Multicast Updates on an Interface. Use Unicast updates to set up the neighbor
relationship.
On R1 and R2
Type SH IP ROUTE
Do you see your Neighboring router?
Configure Passive-Interface on R1 and R2 towards each other

Rx(config)#Router eigrp 1
Rx(config-router)#Passive-interface S 0/0
With RIP, the passive-interface command RIP doesn’t send updates but
continue to receive routes.
Do R1 and R2 see each other as neighbors?
Type DEBUG EIGRP PACKET
Notice updates are only going over Loopback.
There are no updates send over E 0/0.
In EIGRP, passive-interface disables sending and receiving of packets.

Page 46 of 193
Configure Neighbor Statements on R1 and R2 to establish the
relationship
On R1
R1(config-router)#Neighbor 192.1.12.2
On R2
R2(config-router)#Neighbor 192.1.12.1
On R1 and R2
Type SH IP ROUTE
Do you see your Neighboring router?

Page 47 of 193
Lab 4 –Unequal-Cost Load Balancing
R1 192.1.12.0/24 R2
S 0/0(.1)
S 0/0 (.2) L0 2.2.2.2/8
L0 1.1.1.1/8
E 0/0 (.2)
E 0/0 (.1)
192.1.23.0/24
192.1.14.0/24
E 0/0 (.3)
E 0/0 (.4)
L0 4.4.4.4/8 L0 3.3.3.3/8
S 0/0(.4)
S 0/0 (.3)
192.1.34.0/24
R4 R3
Objective: Configure the Ethernet link between R1 and R4. Configure the
Variance command to support unequal cost load balancing. This lab shows you
the Feasible Condition come into play.
R1 Configuration

E 0/0 192.1.14.1 255.255.255.0
R4 Configuration

E 0/0 192.1.14.4 255.255.255.0
Configuring the extra link between R1 and R4 and enabling

EIGRP on the new link

Page 48 of 193
On R1
On R4
Changing the Bandwidth and Delay to simulate certain Link

speeds between the Routers. Set the Delay on all the Interfaces
to 2000 to simulate a WAN setup between R1, R2, R3 and R4
Router Interface Bandwidth

R1 E 0/0 64
R1 S 0/0 128
R2 S 0/0 128
R2 E 0/0 512
R3 E 0/0 512
R3 S 0/0 256
R4 S 0/0 256
R4 E 0/0 64
On R1
R1(config)#Interface S 0/0
R1(config-if)#bandwidth 128
R1(config-if)#Interface E 0/0
R1(config-if)#delay 2000
On R2
R2(config)#Interface E 0/0
R2(config-if)#Interface S 0/0
On R3

Page 49 of 193
On R4
Configure the Variance Command on the routers to support

unequal Load balancing
Note you have 2 ways to get to the diagonally opposite loopback networks
Calculate the metric to get to the diagonally opposite loopback

networks for both Paths
Metric = [ 10 7/BW (min) + Delay(sum) / 10] * 256
Input the appropriate Variance for the EIGRP 1 process. Variance is

based on your composite metric. (Variance = Best Path/Worst Best)
Rounded up
On All Routers
Rx(config)#Router EIGRP 1
Rx(config-router)#Variance xx
On All Routers
Type Clear ip route *
Type SH IP ROUTE.
Do all the routers show dual paths to get the diagonally opposite
loopback networks.
If not, Why?

Page 50 of 193
Lab 5 – Route Summarization
Group A
L0 10.1.4.0 – R2 L0 10.1.8.0 –
R1 S 0/0(.1) 192.1.12.0/24 L3 10.1.11.0/24
L3 10.1.7.0/24 S 0/0 (.2)
E 0/0 (.2)
192.1.23.0/24
E 0/0 (.3)
L0 10.1.16.0 – S 0/0(.4) 192.1.34.0/24
S 0/0 (.3)
L3 10.1.19.0/24
L0 10.1.12.0 –
R4 R3 L3 10.1.15.0/24
Group B
Objective: Configure EIGRP Route Summarization on individual routers and

the Backbone routers connecting the two groups to each other.
R2 from each group will have E 0/1 connected to the backbone

using the 10.5.1.0 /24 network.
Use the following for x (A=1,B=2)
R1 Configuration

Loopback 0 10.x.4.1 255.255.255.0
Loopback 1 10.x.5.1 255.255.255.0
Loopback 2 10.x.6.1 255.255.255.0
Loopback 3 10.x.7.1 255.255.255.0
E 0/0 10.x.1.1 255.255.255.0

Page 51 of 193
R2 Configuration
Interface IP Address Subnet Mask

Loopback 0 10.x.8.1 255.255.255.0
Loopback 1 10.x.9.1 255.255.255.0
Loopback 2 10.x.10.1 255.255.255.0
Loopback 3 10.x.11.1 255.255.255.0
E 0/0 10.x.1.2 255.255.255.0
S 0/0 10.x.2.1 255.255.255.0
E 0/1 10.5.1.y 255.255.255.0
R3 Configuration

Loopback 0 10.x.12.1 255.255.255.0
Loopback 1 10.x.13.1 255.255.255.0
Loopback 2 10.x.14.1 255.255.255.0
Loopback 3 10.x.15.1 255.255.255.0
E 0/0 10.x.3.1 255.255.255.0
S 0/0 10.x.2.2 255.255.255.0
R4 Configuration

Loopback 0 10.x.16.1 255.255.255.0
Loopback 1 10.x.17.1 255.255.255.0
Loopback 2 10.x.18.1 255.255.255.0
Loopback 3 10.x.19.1 255.255.255.0
E 0/0 10.x.3.1 255.255.255.0
R1 on Both Groups
R1(config-router)#net 192.X.12.0
R2 on Both Groups

Page 52 of 193
R3 on Both Groups
R4 on Both Groups
Objective: Configure EIGRP Route Summarization on individual routers and

the Backbone routers connecting the two groups to each other.
Type SH IP ROUTE. Do you see all the loopback networks?
Let’s do summarization on each router.
On each router, calculate the summary address and enter it on the

appropriate interfaces.
Write down your summary address and mask.
Apply it to your appropriate interfaces using the following command:
IP summary-address eigrp 1 [summary-address] [mask]

Type SH IP ROUTE. Do you see less routes now?
Get together with your group and figure out a summarization for the
Border router (Router connecting to the backbone).
Write it down
On the Border Router’s type the following commands:

Router(config)#int E 0/1

Page 53 of 193
Router(config-if)#ip summary-address eigrp 1 [address] [Mask]
Type SH IP ROUTE
Is the routing table the same? If not, what is the change?

Page 54 of 193
Lab 6 – Injecting Default Route with
Route Redistribution
R1 S 0/0(.1) 192.1.12.0/24 R2
S 0/0 (.2) L0 2.2.2.2/8
L0 1.1.1.1/8
E 0/0 (.2)
192.1.23.0/24
E 0/0 (.3)
S 0/0(.4) 192.1.34.0/24
S 0/0 (.3)
L0 4.4.4.4/8 L0 3.3.3.3/8
R4 R3
R1 Configuration

Loopback 0 1.1.1.1 255.0.0.0
E 0/0 192.1.12.1 255.255.255.0
R2 Configuration
Loopback 0 2.2.2.2 255.0.0.0
E 0/0 192.1.12.2 255.255.255.0
S 0/0 192.1.23.1 255.255.255.0
R3 Configuration

Loopback 0 3.3.3.3 255.0.0.0
S 0/0 192.1.23.3 255.255.255.0
E 0/0 191.1.34.3 255.255.255.0

Page 55 of 193
R4 Configuration
Loopback 0 4.4.4.4 255.0.0.0
S 0/0 192.1.34.4 255.255.255.0
Objective: R1 is acting as the ISP and R2 is the Edge Router for a company
that is running EIGRP internally between R2, R3 and R4. R1 will have static
routes towards all the company networks. R2 will have a default route pointing
towards R1. R2 should inject the default route into R3 and R4.
On R1
R1(config)#ip route 2.0.0.0 255.0.0.0 192.1.12.2
R1(config)#ip route 3.0.0.0 255.0.0.0 192.1.12.2
R1(config)#ip route 4.0.0.0 255.0.0.0 192.1.12.2
R1(config)#ip route 192.1.23.0.0.0 255.255.255.0 192.1.12.2
R1(config)#ip route 192.1.34.0.0.0 255.255.255.0 192.1.12.2
On R2
R2(config)# ip route 0.0.0.0 0.0.0.0 192.1.12.1
R2(config)#Router EIGRP 1
On R3
On R4

Page 56 of 193
On R3 and R4
Type Show IP route. Do you have reachability towards the 1.0.0.0
network?
On R2
Type Ping 1.1.1.1
Does it work?
On R3 and R4
Type Ping 1.1.1.1
Does it work?
Type SH IP ROUTE
Do you have any routes to the 1.1.1.1 or any Default gateway set?
Use the Redistribute command on R2 to redistribute the

Default Route into EIGRP
On R2
R2(config)#router eigrp 1
R2(config-router)#redistribute static metric 10000 1000 255 1 1500
On R3 and R4
Type SH IP ROUTE
Do you see a Default Route? If so, who is advertising it?
Type Ping 1.1.1.1
Were you successful?

Page 57 of 193
Lab
 7 – Injecting Default Route with
Summary-Address Command
(Based on Lab 6 Configuration)
Objective: This lab is based on the previous lab. R2 will have a default route
pointing towards R1. R2 should inject the default route into R3 and R4 using
the Summary address command instead of Route Redistribution.
Remove the redistribute static and ip route statements from

R2
On R2
R1(config-router)#no redistribute static metric 10000 1000 255 1 1500
Test the connection from R3 & R4 towards the 1.0.0.0 network
On R3 and R4
Type Ping 1.1.1.1
Does it work?
Type SH IP ROUTE
Any route to 1.0.0.0 network or a Default-gateway?
Add the summary routes on R2 E 0/0 Interfaces towards R3
On R2
R2(config-if)#ip summary-address eigrp 1 0.0.0.0 0.0.0.0
Test the new configuration
On R3 and R4
Type Ping 4.4.4.4

Page 58 of 193
Does it work? Why or Why Not?
Lab 8 –Redistributing Directly
Connected Networks
R1 S 0/0(.1) 192.1.12.0/24 R2
L0 1.1.1.1/8 S 0/0 (.2) L0 2.2.2.2/8
L1 11.11.11.11/8
E 0/0 (.2)
192.1.23.0/24
E 0/0 (.3)
S 0/0(.4) 192.1.34.0/24
S 0/0 (.3) L0 3.3.3.3/8
L0 4.4.4.4/8
R4 R3
R1 Configuration

Loopback 0 1.1.1.1 255.0.0.0
Loopback 1 11.11.11.11 255.0.0.0
E 0/0 192.1.12.1 255.255.255.0
R2 Configuration
Loopback 0 2.2.2.2 255.0.0.0
E 0/0 192.1.12.2 255.255.255.0
S 0/0 192.1.23.1 255.255.255.0

Page 59 of 193
R3 Configuration

Loopback 0 3.3.3.3 255.0.0.0
S 0/0 192.1.23.3 255.255.255.0
E 0/0 191.1.34.3 255.255.255.0
R4 Configuration
Loopback 0 4.4.4.4 255.0.0.0
S 0/0 192.1.34.4 255.255.255.0
Objective: Inject the 1.0.0.0 and 11.0.0.0 networks into EIGRP without using
the Network command.
Configuring EIGRP on R1 – R4. Don’t advertise the Loopbacks

in EIGRP on R1 yet.
On R1
R1(config-router)#network 192.1.12.0
On R2
On R3

Page 60 of 193
On R4
R4#conf t
Redistribute all your directly connected networks on R1
On R1
R1(config-router)#redistribute connected
On R2, R3 and R4
Type SH IP ROUTE
Do you see the 1.0.0.0 and 11.0.0.0 networks?
What type of entry is it?

Page 61 of 193
Lab 9 –Redistributing EIGRP into
EIGRP with different AS #
(Uses the same topology as Lab 8)
Objective: Redistributing EIGRP from one AS to another. Run EIGRP in AS 11

between R1 and R2. Run EIGRP in AS 1 between R2, R3 and R4.
Remove eigrp 1 from R1. Remove network 192.1.12.0 and 2.0.0.0 from
EIGRP 1 on R2. Run EIGRP 11 between R1 and R2. Advertise the
Loopbacks on both the Routers in EIGRP 11.
On R1
R1(config)#no router eigrp 1
On R2
R2(config-router)#no net 2.0.0.0
R2(config-router)#no net 192.1.12.0
R2(config-router)#Router eigrp 11
On R1, R3 and R4
Type SH IP ROUTE
Mutually Redistribute between EIGRP 1 and EIGRP 11 on R2.

Page 62 of 193
On R2
R2(config-router)#redistribute eigrp 11
R2(config-router)#router eigrp 11
R2(config-router)#redistribute eigrp 1
On R1, R2 and R4
Type SH IP ROUTE
Are the metric’s the correct metrics?

Page 63 of 193
Lab 10 –Redistributing EIGRP into RIP
Objective: Performing Redistribution between RIP and EIGRP Run RIP between
R1 and R2. Run EIGRP in AS 1 between R2, R3 and R4.
Remove EIGRP 11 from R1 and R2. Run RIP v2 between R1 and

R2. Advertise all the loopbacks on these 2 routers in RIP
On R1
R1(config)#router rip
On R2
On R1, R3 and R4
Type SH IP ROUTE
Perform mutual Route redistribution between RIP and EIGRP

on R2

Page 64 of 193
On R3
R3(config-router)#redistribute rip metric 10000 1000 255 1 1500
R3(config-router)#router rip
R3(config-router)#redistribute eigrp 1 metric 3
On R1, R3 and R4
Type SH IP ROUTE
Ping 1.1.1.1 from R4 and Ping 4.4.4.4 from R1.
Are you successful?

Page 65 of 193
Lab 11 –Redistributing EIGRP into RIP
using Route Filtering
Objective: This lab builds on the configuration of the previous labs. We will
add some new routes on R1 and R4 and inject them into the appropriate
protocols. We will filter certain routes from getting redistributed into the other
routing protocol
Add the following Loopbacks on R1 and R4 and advertise them

into RIP on R1 and EIGRP 1 on R4
R1

Loopback 11 11.0.0.1 255.0.0.0
Loopback 12 12.0.0.1 255.0.0.0
Loopback 13 13.0.0.1 255.0.0.0
Loopback 14 14.0.0.1 255.0.0.0
R4
Loopback 15 15.0.0.1 255.0.0.0
Loopback 16 16.0.0.1 255.0.0.0
Loopback 17 17.0.0.1 255.0.0.0
Loopback 18 18.0.0.1 255.0.0.0
On R1
R1(config)#interface Loopback 11
R1(config-if)#ip address 11.0.0.1 255.0.0.0
R1(config-if)#interface Loopback 12
R1(config-if)#router rip

Page 66 of 193
On R4
R4(config-if)#Router eigrp 1
On R1, R3 and R4
Type SH IP ROUTE
Deny 11.0.0.0 & 12.0.0.0 RIP routes to be redistributed into

EIGRP
On R2
R2(config)#access-list 1 deny 11.0.0.0 0.255.255.255
R2(config)#access-list 1 permit any
R2(config)#Route-map R-2-E permit 10
R2(config-route-map)#match ip address 1
R2(config-route-map)#router eigrp 1
R2(config-router)#redistribute rip route-map R-2-E

Page 67 of 193
On R3 and R4
Type SH IP ROUTE
Do you see all the 11.0.0.0 and 12.0.0.0 routes?
Do you see all the other RIP routes?
Deny 15.0.0.0 & 16.0.0.0 EIGRP routes to be redistributed into

RIP

R2(config)#route-map E-2-R permit 10
R2(config-route-map)#router rip
R2(config-router)#redistribute eigrp 1 route-map E-2-R
On R1
Type SH IP ROUTE
Do you see all the 15.0.0.0 and 16.0.0.0 routes?
Do you see all the other EIGRP routes?

Page 68 of 193
Lab 12 – Redistributing Static using
Route Filtering
Objective: R1 and R2 will not be running any routing protocol between them.
R1 will use a default route pointing towards R2. R2 will create static routes for
the R1 networks. You would like to inject some of these static routes into the
already running EIGRP instance between R2, R3 and R4.
Disabling RIP between R1 and R2. Configuring a Default Route

on R1 pointing towards R2. Configure Static routes on R2 for
all the R1 networks
On R1
R1(config)# ip route 0.0.0.0 0.0.0.0 192.1.12.2
R1(config)#no Router RIP
On R2
R2(config)#ip route 1.0.0.0 255.0.0.0 192.1.12.1
R2(config)#ip route 11.0.0.0 255.0.0.0 192.1.12.1
R2(config)#ip route 12.0.0.0 255.0.0.0 192.1.12.1
R2(config)#ip route 13.0.0.0 255.0.0.0 192.1.12.1
R2(config)#ip route 14.0.0.0 255.0.0.0 192.1.12.1
R2(config)#no Router RIP
Redistribute all the Static routes on R2 into EIGRP except the

11.0.0.0 and 14.0.0.0 networks
On R2
R2(config)#route-map S-2-E permit 10
R2(config-route-map)#router eigrp 1
R2(config-router)#redistribute static route-map S-2-E

Page 69 of 193
On R3 and R4
Type SH IP ROUTE
Verify that you see all the static routes except the 11.0.0.0 and 14.0.0.0
networks
Can you Ping 11.0.0.1?
Can you Ping 12.0.0.1?

Page 70 of 193
Lab 13 – EIGRP Authentication
Objective: Use MD5 to authenticate the Routers that are running EIGRP
Setting up the Key for the Passwords
On R2
R2(config-keychain-key)#key-string cisco
On R3
On R4
Applying the Key to theInterface
On R2
R2(config-if)#ip authentication key-chain eigrp 1 KC-1
R2(config-if)#ip authentication mode eigrp 1 md5
On R3
R3(config-if)#ip authentication key-chain eigrp 1 trinet
R3(config-if)#int S 0/0

Page 71 of 193
On R4
On R2, R3 and R4
Type Debug
eigrp packet
Notice the
authentication is md5

Page 72 of 193
Aut
hor
ized
CCNPRo
uteL
abWo
rkb
ook
Mo
dul
e:0
5–OSPF
Copyr
ightsNetworker
sHome2007-2015
Websi
te:ht
tp:
//
www.networker
shome.com;i
nfo@net
worker
shome.
com
Page73of193
Open Shortest Path First (OSPF)
History
OSPF Version 1 was specified in RFC 1131 in 1988. This protocol was
finalized in 1989.
OSPF Version 2 (Current version). The most recent specifications are
specified in RFC 2328.
OSPF Features
Scales better than Distance Vector Routing protocols. It virtually has no

practical Hop Count Limit.
Provides Load Balancing
Introduces the concept of Area’s to ease management and control traffic.
Provides Authentication.
Uses Multicast versus Broadcasts.
Convergence is Faster than in Distance Vector Routing protocols. The
reason for that is it floods the changes to all neighboring routers
simultaneously rather than in a chain.
Supports Variable Length Subnet Masking (VLSM), FLSM and
Supernetting.
Provides bit-based Route summarization.
There are no periodic updates. Updates are only sent when there are
changes.
Router only send changes in updates and not the entire full tables.
OSPF uses a Cost Value, instead of hop count. Cost is based on the
speed of the link. Cost = 10 8/Bandwidth.
Classless Routing Protocol.
It relies on IP to deliver the Packets. Use port 89.

Page 74 of 193
Areas and Router Types
Areas
Area is a logical grouping of OSPF routers.
Areas divide an OSPF domain into sub-domains.
Areas allow OSPF to be extremely scalable.
Areas reduce the Memory, CPU utilization and amount of traffic in a
network.
Most of the traffic can be restricted to within the area.
Routers within an area will have no detailed knowledge of the topology
outside of their area.
Reduced size of the Database reduces Memory requirements for the
routers.
Area’s identified by a 32-bit Area ID. Can be denoted in Decimal
format(0) or Dotted format (0.0.0.0)
OSPF requires one area to be Area 0, known as the backbone area.
Backbone area or Area 0, connects all the other area to each other.
Three types of Traffic may be defined in relation to areas:
 Intra-area traffic consists of packets that are passed between
routers within a single area.
 Inter-area traffic consists of packets that are passed between
routers in different areas.
 External traffic consists of packets that are passed between a
router within the OSPF domain and a router within another
Autonomous systems.
Router Types
Routers, like Traffic, can be categorized in relation to areas.

The different Router Types are as follows:
 Internal Routers are routers whose interfaces all belong to the
same area. These routers have a single Link State Database.
 Area Border Routers (ABR) connect one or more areas to the
backbone area and has at least one interface that belongs to the
backbone, and must maintain as separate Link State Database for
each of its connected areas. Must be a more resourceful router
than a Internal Router.
 Backbone Routers are routers with at least one interface attached
to the backbone. Although this requirement means that ABR’s are
also backbone routers, but not all Backbone routers are ABR’s. An

Page 75 of 193
Internal Router having all its interfaces in Area 0 is also a
Backbone router.
 Autonomous System Boundary Router (ASBR) are gateways for
external traffic, injecting routes into the OSPF domain that were
learned from other protocols, such as BGP or EIGRP or RIP or
IGRP. An ASBR can be located anywhere within the OSPF
autonomous system. It may be an Internal, Backbone or ABR
router.

Page 76 of 193
OSPF Terminology
Interface: A Connection between the router and one of its attached Networks
Link State: The status of a link between two routers, that is, a router’s
interface and its relationship to its neighboring routers. The link states are
advertised to other routers in a special packet called link-state advertisements
(LSA).
Link State Advertisement(LSA):

Is the packet that is used by the routers to tell each other about the state
of a Link.
Certain types LSA’s are flooded throughout the network and certain ones
only within the area.
The ones that are flooded within the area, are used to create a topology
database, also known as the Link State Database.
Router ID:
A 32-bit number assigned to each OSPF enabled router.
It’s used to uniquely identify a router within an Autonomous System.
Its calculated at boot time
It’s the highest Loopback address on a Router. If there is no loopback
configured, it will be the highest configured address on the router.
Neighbors: Two routers that have interfaces on a common network. A

neighbor relationship is usually discovered and maintained by the Hello
Protocol.
Adjacent: OSPF routers form adjacency with neighboring routers in order to

exchange routing information.
Flooding: A technique used to distribute LSA’s between routers.
Databases or Tables: There are 3 OSPF Database or Tables:

Neighbor Database: Contains the information about Directly connected
neighbors
Link-State Database: Link States of all the routers in an Area. All routers
in the same area will have an identical Link State Database.
Routing Table: Derived from the Link State Database by running the
SPF(also known as the Dijkstra Algorithms).

Page 77 of 193
OSPF Network Types
OSPF Defines Three Main Network Types:
Broadcast Multi-access Networks

Point-to-point Networks
Non-broadcast Multi-access (NBMA) Networks
Broadcast Networks
Networks like Ethernet, Token-Ring and FDDI are examples of Broadcast

Multi-access Networks
For OSPF to exchange routes, they must establish a Neighbor Adjacency
this is done by Hello Protocol.
Hello Protocol is responsible fro establishing and maintaining neighbor
relationships.
Hello packets are multicast packets
OSPF routers on broadcast networks will elect a Designated Router
(DR)and Backup Designated Router(BDR).
All the other routers will establish the adjacency with the DR and BDR
rather than with all the other routers on a Multi-access networks.
All routers communicate to the DR using a Multicast address of
224.0.0.6.
The DR communicates with all the routers using a Multicast address of
224.0.0.5.
The Hello Packet contains the Following fields:
 Router ID: Router’s Identification. Each router has to have a
unique ID.
 Hello Interval: It specifies the frequency in seconds that a router
sends hello’s. In order to form a neighbor relationship, the Hello
Interval on the router’s has to match.
 Dead Interval: It specifies the time in seconds that a router waits
to hear from a neighbor before declaring the neighbor router down.
By default, it is 4 times the hello interval. In order to form a
neighbor relationship, the Dead Interval on the router’s has to
match.
 Neighbor’s: The list of neighbors with which a bi-directional
communication has been established. Bi-directional
communication is indicated when the router sees itself listed in the
neighbor’ hello packet.
 Area ID: The ID of an area that the router belongs to. In order to
form a neighbor relationship, the router’s have to belong to the
same Area.

Page 78 of 193
 Router Priority: An 8-bit number that indicates the priority of this
router when selecting a DR/BDR.
 DR and BDR IP: If it is known, the IP address of the DR and BDR.
 Authentication Password: If authentication is enabled, two
routers must use the same password. Although OSPF routers,
support authentication, the routes are still send across
unencrypted.
 Stub Area Flag: Specifies the Type of area the router is in. The
flag has to match for the routers to establish adjacency. Different
types of areas are discussed later.
DR and BDR election Process

For the Election process to function properly, the following conditions must
exist:
Each multi-access interface of each router has a Router Priority value,

which is an 8-bit integer ranging from 0 – 255. The default priority on
Cisco Routers is 1 and can be changed on a per multi-access interface
basis with the command IP OSPF Priority. Routers with a Priority of 0
are ineligible to become a DR or BDR.
Hello packets include fields for the originating router to specify its Router
Priority and for the IP addresses of the connected interfaces of the
routers it considers the DR and BDR.
When an interface first becomes active on a multi-access network, it sets
the DR and BDR fields to 0.0.0.0 in the Hello Packet.
The election process takes place after the 2-way communication has
taken place.
The Router with the Highest Priority becomes the DR and next highest
priority becomes the BDR.
In case of a tie, for either the DR or BDR, the Highest Router ID ( IP
Address) is used to break the tie.
Once a DR or BDR is chosen, even if a new router with a higher priority
comes up, it will not become a DR or BDR.
Point-to-point Networks
Networks like T1 or a Fractional T1, that connect a pair of Routers to

each other are examples of Point-to-point networks.
Neighbors on a Point-to-point network form adjacency with each other.
The destination address on Point-to-point networks is always 224.0.0.5,
known as AllSPFRouters.
There are no DR or BDR router types on a Point-to-point network.

Page 79 of 193
NBMA Networks
Networks like Frame Relay,X.25 or ATM, are examples of NBMA

networks.
These type of networks do have the capability to connect more than two
routers but have no capability of broadcasts. A packet sent by one of the
attached routers would not be received by all other attached routers.
OSPF routers on NBMA elect a DR and BDR and all OSPF packets are
unicast.
All routers form an adjacency with the DR and BDR.
Careful selection of DR and BDR has to be done in the Hub-and-Spoke
configuration of NBMA networks.

Page 80 of 193
OSPF Protocols and Packets
OSPF consists of a set of individual protocols all working together to

build a fast and scalable interior routing protocol.
OSPF protocols are:
Hello Protocol
Exchange Protocol
Flooding Protocol
These protocols are used in different packet types. The different packet
types, their descriptions are listed in the following Table.
Name Description Protocol

Packet Used
Type
1 Hello Used to build Adjacencies Hello
or Neighbor Relations.
Carries Parameters on
which neighbors must
agree in order to form an
adjacency
2 Database Used to check Exchange
Description Synchronization between
routers
3 Link State Used to request specific Exchange
Request Link State records from a
Neighbor Router
4 Link State Used to send specific Link Flooding
Update State records from router to
router
5 Link State Used to Acknowledge the All
Advertisements above Packet to provide
Reliability

Page 81 of 193
Problems with a large OSPF
single area
Frequent SPF algorithm calculation: In large networks, network changes
are inevitable, so the routers would have to spend more CPU cycles for
recalculating SPF.
Large Routing Table: Each router would need to maintain at least one
entry per network, and if we have provided redundancy to some of the
links, then more entries will be found in the routing table.
Huge Link-State Database: Remember each point-to-point link will have

2 entries and so on, so one can imagine the number of entries in that
database.
Solution in Hierarchical routing (multiple Areas)

In OSPF we can divide a large Area into smaller areas.
Routing still occurs between the areas called inter-area routing.
If one of the areas is having a flapping link, it will not have an effect on
the other areas, because the traffic will always be restricted to that area
If you summarization is performed on the ABR.
Benefits
Reduced Frequency of SPF calculation: detailed routing information is
kept within each area so its not necessary to flood all Link-State changes
to all other areas, thus not all routers need to run the SPF calculations.
Smaller Routing Table: Because detailed routing information is kept

within an area, the routers within an area will have smaller routing table.
Reduced Link-State Updates: LSU s can contain a variety of LSA types,

instead of sending an LSU about each network within an area, you can
advertise a single or fewer summarized routes between areas to reduce
overhead associated with LSU s.

Page 82 of 193
Multi-Area Components
Routers
LSAs
Areas
Virtual-Links
Note. Hierarchical routing enables routing efficiency because it allows you to

control the type of routing information that you allow in and out of an area.
Routers In an OSPF Multi-Area
1. Internal Routers (IR):
All interfaces are in the same area.

All routers have an identical Link-State database.
2. Back Bone Routers (BBR):
All the IR s in area 0 are called the backbone routers.

They must have at least one interface in Area 0.
3. Area Border Routers (ABR):
Routers that have interfaces to multiple areas.

These routers will maintain a separate Link-State Database for
each area to which they are connected.
An exit point for an area.
ABR s can summarize the routes from one area and advertise a
summarized route/s to the other areas.
4. Autonomous System Boundary Routers (ASBR):
Routers that have at least one interface into an external

network such as Non-OSPF network.
These routers can redistribute Non-OSPF routes into OSPF
networks.

Page 83 of 193
Link-State Types
1. LSA Type 1: Router Link Entry.
2. LSA Type 2: Network Link Entry.
3. LSA Type 3: Summary Link Entry.
4. LSA Type 4: Summary Link Entry.
5. LSA Type 5: Autonomous System External Link Entry.
6. LSA Type 6: M OSPF.
7. LSA Type 7: NSSA.
1. LSA Type 1:
Router Link Entry.

Identified by the letter O in the routing table.
Generated by all routers.
Describes the states of the router’s link to the area.
Flooded within any area.
2. LSA Type 2:
Network Link Entry.

Identified by the letter O in the routing table.
Generated by DR/BDR in multi-access networks.
Describes the set of routers attached to that multi-access
networks.
Flooded within any area that has DR/BDR s.
3. LSA Type 3:
Summary Link Entry

Identified by the letter IA in the routing table.
Generated by ABR.
Describes the networks in a given area to the backbone area and
vise versa.
Flooded throughout the backbone area or from backbone area to
other areas.

Page 84 of 193
4. LSA Type 4:
Summary Network Link Entry.

LSA Type 4s are not seen in the routing table, LSA Type 4 is only
seen in the Link-State Database.
Generated by the ASBR. In a multi-area it will be given to the ABR
of the same area , and the ABR will flood the LSAs to the other
areas.
Describes reachibility to ASBR.
Flooded throughout an OSPF autonomous area except in Totally
Stubby areas.
When LSA Type 4s are flooded, LSA Type 5s are seen as well.
5. LSA Type 5:
Autonomous System External Link Entry.

Identified by the letter E1 or E2 in the routing table.
Generated by the ASBR.
Describes the routes to destination/s external to the OSPF
autonomous system.
Flooded throughout an OSPF autonomous system except STUB,
TOTALLY STUBBY, and NSSA areas.
When LSA Type 5s are flooded, LSA Type 4s are seen as well.
6. LSA Type 6:
Group Membership Link Entry.

Flooded by a Multicast OSPF Router (MOR).
Distributes group-membership location information throughout
the routing domain.
7. LSA Type 7:
Not-So-Stubby Autonomous System External Link Entry.

Generated by ASBR in a NSSA.
These LSAs are then translated to LSA Type 5 and flooded into the
Backbone Area.
Identified by the letter N1 or N2 in the routing tables of the routers
in that particular NSSA.
Describes the routes to destination/s external to the OSPF
autonomous system.

Page 85 of 193
E1, E2, N1, and N2 entries in the routing table:
The cost of an external route differs depending on the external type
configuration on the ASBR. The external-types are as follows:
E1: If a packet is E1 then the metric is calculated by adding the external

cost to the internal cost of each link the packet crosses, used only when
there are multiple ASBRs advertising a route to the same AS.
E2 (default): If a packet is E2 it will only have the external cost assigned,

meaning ASBR’s cost to get to an external route, used only when there is
one ASBR advertising an external route/s.

Page 86 of 193
Types Of Areas
1. Standard or Normal Area:
This could be any area that is not configured as Stub, Totally

Stubby, or NSSA.
Can accept any LSA Types 1,2,3,4,5 .
2. Back Bone Area (transit area):
This is Area 0, area 0 must exist.

All the other areas must have a Physical or Logical connectivity to
the backbone area.
If a new area is added and it does not have direct connection to the
backbone area, a virtual link must be configured to provide the
needed connectivity to the backbone area.
The virtual Link provides the disconnected area with a logical path
to the backbone so the disconnected area can communicate with
other areas.
3. Stub Area:
Does not accept information about routes external to the AS.

If routers need to route to networks outside an AS, they will use a
default route (0.0.0.0).
This kind of area reduces the size of the Link-State Database, and
as a result of that it reduces the memory requirements of the
routers inside that area.
External networks LSA Type 5s are not allowed to be flooded into a
Stub area, to get to external networks, routers will use the default
route.
4. Totally Stubby Area:
Does not accept external AS routes, or summary routes from other

areas internal to the AS.
A default route is injected for reachibility to other networks outside
that area.
Cisco Proprietary solution.
Flooded LSAs are: LSA Type 1, and Type 2.
Can only be used if all the routers are CISCO.

Page 87 of 193
To get to external networks, routers will use the default route.
5. Not-So-Stubby:
Available in IOS versions 11.2 and higher.

Defined in RFC 1587.
It’s a hybrid Stub area, that can accept external routes with using
LSA Type 7s.
LSA Type 7s can be originated and advertised throughout a NSSA.
LSA Type 7s will then be translated into LSA Type 5s by the ABR
and flooded into area 0.
NSSA can only receive LSA Types 1,2,3, and 7.
Prior to NSSA, if an area had an external route, that area could not
be set to STUB of any kind.
Virtual-Links and their Purpose

Linking an area that does not have a physical connection to the
Backbone area.
Linking fragmented Backbone area.
To add redundancy incase a router failure causes the Backbone area to

be split into two.

Page 88 of 193
Aut
hor
ized
CCNPRo
uteL
abWo
rkb
ook
Mo
dul
e:0
5–OSPFL
abs
Copyr
ightsNetworker
sHome2007-2015
Websi
te:ht
tp:
//
www.networker
shome.com;i
nfo@net
worker
shome.
com
Page89of193
Lab 1 – OSPF Over Ethernet
R1 R2
L0 1.1.1.1/8 L0 2.2.2.2/8
E 0/0 (.1) E 0/0 (.2)
L0 192.1.100.0/24
E 0/0 (.4) E 0/0 (.3)

L0 3.3.3.3/8
L0 4.4.4.4/8
R3
R4
R1 Configuration

Loopback 0 1.1.1.1 255.0.0.0
E 0/0 192.1.100.1 255.255.255.0
R2 Configuration

Loopback 0 2.2.2.2 255.0.0.0
E 0/0 192.1.100.2 255.255.255.0
R3 Configuration

Loopback 0 3.3.3.3 255.0.0.0
E 0/0 192.1.100.3 255.255.255.0
R4 Configuration

Page 90 of 193
Loopback 0 4.4.4.4 255.0.0.0
E 0/0 192.1.100.4 255.255.255.0
Objective: Configuring OSPF over an Ethernet network and getting used to

different Show commands
On R1
R1(config)#Router ospf 1
R1 (config-router)#net 1.0.0.0 0.255.255.255 area 0
On R2
On R3
On R4
Neighbor ID: Neighbor’s Router ID

Pri: Neighbor’s Priority, used in DR and BDR election
State:
Init State First Hello is sent
2-Way Neighbor discovered, but adjacency not built
Exstart Neighbor’s form a Master/Slave Relationship. Based on the
Highest IP address. Initial sequence number established

Page 91 of 193
Exchange The router’s exchange Database Description packets to tell
each other about the routes it knows about. A request list is
created.
Loading Link State Request is sent to each other and based on the
LSR’s received, Link State Update packets are sent back in
both directions.
Full All neighbors have a consistent Database.
DR The neighbor is the DR

BDR The neighbor is the BDR
DROTHER The neighbor is neither a DR nor BDR
Address: The address of the neighbor router’s interface

Interface: The local interface that connects to the neighbor router
Format:
2.2.2.2 1 full/drother 192.1.100.2 E 0/0

3.3.3.3 1 full/bdr 192.1.100.3 E 0/0
4.4.4.4 1 full/dr 192.1.100.4 E 0/0
Type SH IP OSPF DATABASE ROUTER.
Displays all the router LSA’s received by your router.
Type SH IP OSPF DATABASE NETW ORK
Displays all the Network LSA’s received by your router. Send out by the DR.
Includes the following information:
o DR Address
o All the attached routers of the area
Type SH IP OSPF INTERFACE E 0/0
Shows the following information:
IP Address of the Interface

Area ID
Process ID
Network Type
Cost (108/Bandwidth)
DR and BDR Router ID’s and IP addresses

Page 92 of 193
Interval’s for Hello, Dead, Wait and Retransmit
Total # of Neighbors and Adjacent Neighbors
Type SH IP ROUTE
O – OSPF Intra-Area Route

110 – Administrative Distance for OSPF
11 – Cost
Default Cost Values for Common Intrefaces
Interface Cost
FDDI/Fast Ethernet 1
Loopback 1
HSSI 2
16 M Token Ring 6
Ethernet 10
4 M Token Ring 25
Serial 64
Other Useful Commands
Command Explanation
IP OSPF COST [Value] Changes the default cost of an
Interface
IP OSPF Hello-Interval [Value] Change the Hello-interval
IP OSPF Dead-Interval [Value] Changes the Dead-interval
IP OSPF Priority [Value] Changes the Priority. Used in forcing
one of the router’s to be the DR or
BDR
auto-cost reference-bandwidth Used when you have a Gigabit
Ethernet connection and 108 does not
work correctly.
Debug IP OSPF Packet Shows all packets for OSPF
Debug IP OSPF Adj Displays the Hello packets and DR and
BDR Election

Page 93 of 193
Lab 2 –Specifying DR and BDR
(Builds on Lab 1)
Objective: Controlling the selection of the DR and BDR on a Ethernet Segment
On R1
R1(config)#Int E 0/0
R1(config-if)#IP OSPF priority 100
R1(config-if)#shut
On R2
R2(config-if)#shut
On R3
R3(config-if)#shut
On R4
R4(config-if)#shut
Bring All E 0/0 interfaces UP
Use Up arrow key and Enter to keep on repeating the commands and see
the state of the routers going from Init to Full. Also note the Roles of the
Routers
Type SH IP OSPF INT E 0/0 to see the DR and BDR for the Network.

Page 94 of 193
Lab 3 – Clear Text Authentication
(Builds on Lab 2)
Objective: Use Clear Text authentication to authenticate all 4 routers
Type DEBUG IP OSPF PACKET
You should see the following output:
OSPF: rcv. V:2 t:1 l:56 rid:2.2.2.2

Aid:0.0.0.0 chk:965A aut:0 auk: from E 0/0
v: Stands for OSPF Version

t: OSPF Packet Type 1- Hello; 2- Data Description; 3-LS Req. 4- LS
Update 5-LSA
l: Length of packet
rid: Router ID
Chk: Checksum
Aut: Authentication type 0: No Authentication; 1:Simple; 2:md5
Auk: Authentication Key (used only for md5)
Type U ALL
On RI and R2
Rx(config)#Int E 0/0
Rx(config-if)#IP OSPF authentication-key Cisco
Rx(config-if)#IP OSPF authentication
On All Routers
Type Clear IP Route *
Type SH IP Route
Notice R1 and R2 talk to each other and R3 and R4 only see the directly
connected networks

Page 95 of 193
ON R3 and R4
Rx(config-if)#IP OSPF authentication-key Cisco
Rx(config-if)#IP OSPF authenticationOn All Routers
Type Debug IP OSPF Packet
You should see the following:
OSPF: rcv. V:2 t:1 l:56 rid:2.2.2.2

Aid:0.0.0.0 chk:965A aut:1 auk: from E 0/0
Aut:1 tells you that you are using Simple Authentication

Page 96 of 193
Lab 4 – MD5 Authentication
(Builds on Lab 3)
Objective: Use MD5 authentication to authenticate all 4 routers
Type U ALL
On All Routers
Rx(config-if)#IP OSPF message-digest-key 1 md5 ccnp
Rx(config-if)#IP OSPF authentication message-digest
On All Routers
Type Clear IP Route *
Type SH IP Route
Type Debug IP OSPF Packet
You should see the following:
OSPF: rcv. V:2 t:1 l:56 rid:2.2.2.2

Aid:0.0.0.0 chk:965A aut:2 key: from E 0/0
Aut:2 tells you that you are using md5 authentication

Page 97 of 193
Lab 5 – OSPF in a Point-to-Point
Configuration
R1 S 0/0(.1) 192.1.12.0/24 R2
S 0/0 (.2) L0 2.2.2.2/8
L0 1.1.1.1/8
Objective: Configuring OSPF over a Point-to-point network and getting used to

different Show commands
R1 Configuration

Loopback 0 1.1.1.1 255.0.0.0
S 0/0 192.1.12.1 255.255.255.0
R2 Configuration
Loopback 0 2.2.2.2 255.0.0.0
S 0/0 192.1.12.2 255.255.255.0
On R1
On R2

Page 98 of 193
Type SH IP ROUTE
What routes do you see?
Notice the State (Full/-). There is no DR or BDR in a Point-to-point

network.
Type SH IP OSPF INT S 0/0
Notice the Network Type is POINT-TO-POINT and No DR or BDR

information is displayed
Type SH IP OSPF DATABASE NETW ORK
No Type 2 LSA (Network LSA’s) are displayed. Type 2 LSA’s are only
displayed for Broadcast Multi-access(BMA) or Non-Broadcast Multi-
access Networks(NBMA).

Page 99 of 193
Lab 6 – OSPF in a Mixed Topology
R1 S 0/0(.1) 192.1.12.0/24 R2
S 0/0 (.2) L0 2.2.2.2/8
L0 1.1.1.1/8
E 0/0 (.2)
192.1.23.0/24
E 0/0 (.3)
S 0/0(.4) 192.1.34.0/24
S 0/0 (.3) L0 3.3.3.3/8
L0 4.4.4.4/8
R4 R3
R1 Configuration

Loopback 0 1.1.1.1 255.0.0.0
S 0/0 192.1.12.1 255.255.255.0
R2 Configuration
Loopback 0 2.2.2.2 255.0.0.0
S 0/0 192.1.12.2 255.255.255.0
E 0/0 192.1.23.2 255.255.255.0
R3 Configuration

Loopback 0 3.3.3.3 255.0.0.0
E 0/0 192.1.23.3 255.255.255.0
S 0/0 192.1.34.3 255.255.255.0

Page 100 of 193
R4 Configuration
Loopback 0 4.4.4.4 255.0.0.0
S 0/0 192.1.34.4 255.255.255.0
Objective: Configuring OSPF with P-2-P and Ethernet networks. You also take
a look at the LSA Database
On R1
R1(config-router)#net 1.0.0.0 0.255.255.255 area 0
On R2
On R3
On R4
Type SH IP ROUTE

Page 101 of 193
How many Neighbors do you see and What are their States and
Designations
Type SH IP OSPF DATABASE ROUTER
You should see Four Router’s Advertising with the following Information
Router ID: 1.1.1.1 (R1) should advertise 3 links:

A link to the Stub Network ( 1.1.1.1)
A Point-to-point link to Router 2 (R2)
A Stub Network for the Point-to-point link (192.1.12.0)
Router ID: 2.2.2.2 (R2) should advertise 4 Links:
A link to the Transit Network (192.1.23.0)
A link to the Stub Network (2.2.2.2)
Router ID: 3.3.3.3 (R3) should advertise 4 Links:
A link to the Transit Network (192.1.23.0)
A link to the Stub Network (3.3.3.3)
Router ID: 4.4.4.4 (R4) should advertise 2 links:
A link to the Stub Network ( 4.4.4.4)
Table for the Link ID and Data
Type Network Description Link ID Link Data

1 Point-to-Point Connection Neighboring IP Address of
to another Router Router’s ID originating Router’s
Interface to the
Network
2 Connection to a Transit IP address of IP Address of the
Network the DR’s Originating Router’s
Interface Interface to the
Network
3 Connection to a Stub IP Address of Subnet Mask
Network the Network
* A point-to-point link is considered a Stub Network

Page 102 of 193
Lab 7 – Redistributing OSPF and RIP
(Builds on Lab 6)
Objective: Performing Mutual Redistribution between RIP and OSPF. Run RIP
between R1 and R2. Run OSPF between R2, R3 and R4.
Disabling OSPF between R1 and R2. Run RIP v2 between R1

and R2. Advertise all the loopbacks in RIP on R1 and R2
On R1
R1(config)#no Router ospf 1
On R2
R2(config-router)#router ospf 1
R2(config-router)#no net 192.1.12.0 0.0.0.255 area 0
R2(config-router)#no net 2.0.0.0 0.255.255.255 area 0
On All Router’s
Type SH IP ROUTE
Do R3 and R4 see the 1.0.0.0 network?
Does R1 see the 3.0.0.0 and 4.0.0.0 network?
Redistribute RIP into OSPF and OSPF into RIP

Page 103 of 193
On R2
R2(config-router)#redistribute ospf 1 metric 2
R2(config-router)#redistribute rip metric 10 subnets
On All Router’s
Type SH IP ROUTE on R3 and R4.
Do you see another Type of Route?
How does E2 calculate the Metric?
Ping 1.1.1.1 from R3 and R4. Can you ping?
Ping 4.4.4.4 from R1. Can you Ping?
Redistribute RIP into OSPF and OSPF into RIP Using E1 routes
On R2
R2(config)#router ospf 1
R2(config-router)#no redistribute rip metric 10
R2(config-router)#redistribute rip metric 10 metric-type 1
On All Router’s
Type SH IP ROUTE on R3 and R4.
Do you see another Type of Route?
How does E1 calculate the Metric?
On All OSPF Routers (R2, R3 and R4)
Type SH IP OSPF BORDER-ROUTERS
How many router’s show in the list?
What type of router is it?

Page 104 of 193
Lab 8 – Redistributing OSPF and EIGRP
(Builds on Lab 7)
Objective: Performing Mutual Redistribution between EIGRP and OSPF. Run

EIGRP between R1 and R2. Run OSPF between R2, R3 and R4.
Disable RIP between R1 and R2. Run EIGRP 1 instead.

Advertise all the loopbacks on R1 and R2 in EIGRP
On R1
R1(config)#no router rip
On R2
R2(config)#no router rip
R2(config-router)#no redistribute rip subnets metric-type 1
R2(config-router)#router eigrp 1
On All Router’s
Type SH IP ROUTE
Does R1 see the 3.0.0.0 and 4.0.0.0 network?

Page 105 of 193
Redistribute EIGRP into OSPF and OSPF into EIGRP
On R2
R2(config-router)#redistribute ospf 1 metric 1544 2000 255 1 1500
R2(config-router)#redistribute eigrp 1 subnets
On All Router’s
Type SH IP ROUTE on R3 and R4. Do you see another Type of Route?
Ping 4.4.4.4 from R1. Can you Ping?

Page 106 of 193
Lab 9 – Redistributing Static Routes
with OSPF
(Builds on Lab 8)
Objective: Redistributing Static routes with OSPF. Configure Static routes

between R1 and R2. Redistribute the static routes on R2 into OSPF.
Disable EIGRP between R1 and R2. Configure Static routes on

R2 towards R1’s Networks. Configure a default route on R1
towards R2.
On R1
R1(config)#ip route 0.0.0.0 0.0.0.0 192.1.12.2
On R2
R2(config-router)#no redistribute eigrp 1 metric 10 metric-type 1
R2(config-router)#ip route 1.0.0.0 255.0.0.0 192.1.12.1
On All Router’s
Type SH IP ROUTE
Redistribute Static Routers into OSPF. OSPF should add the

cost of the links when forwarding the routes downstream
On R2
R2(config-router)#redistribute static metric-type 1 subnets
On All Router’s
Type SH IP ROUTE on R3 and R4. Do you see another Type of Route?

Page 107 of 193
Lab
Ping 10
4.4.4.4– Redistributing
from Connected
R1. Can you Ping? Why or why not?
Networks with OSPF

(Builds on Lab 9)
Objective: Redistributing directly connected routes into OSPF. Make sure to

only redistribute the specified directly connected routes
Create 3 additional Loopback Interfaces on R2 (5.5.5.5/8,

6.6.6.6/8 and 7.7.7.7/8)
On R2
R2(config)#int loo 5
R2(config-if)#ip addr 5.5.5.5 255.0.0.0
R2(config-if)#int loo 6
R2(config-if)#int loo 7
On All Router’s
Type SH IP ROUTE
Do R3 and R4 see the 5.0.0.0, 6.0.0.0 and 7.0.0.0 networks?
Redistribute the newly created directly connected Networks

into OSPF. Also, make sure that R1 can ping R3 and R4
loopbacks.
On R2
R2(config)#access-list 1 permit 192.1.12.0 0.0.0.255
R2(config)#route-map C-2-O permit 10
R2(config-route-map)#router ospf 1
R2(config-router)#redistribute connected route-map C-2-O subnets

Page 108 of 193
On All Router’s
Type SH IP ROUTE on R3 and R4. Do you see new Routes?
Can you ping 3.3.3.3 and 4.4.4.4 from R1 now?

Page 109 of 193
Lab 11 – Injecting Default Route into
OSPF
(Builds on Lab 10)
Objective: Injecting Default Route into OSPF
Disable and Re-enable OSPF on R2. Only enable it for the

192.1.23.0 network. Inject a Default route into OSPF so that
R3 and R4 can reach R1 and R2 loopback networks.
On R2
R2(config)#no router ospf 1
R2(config-router)#default-information originate always
On All Router’s
Type SH IP ROUTE
Do you see a 0.0.0.0 route in the routing table of R3 and R4. Is the
Gateway of Last resort set?
Can R3 and R4 Ping 1.1.1.1 and the 5.5.5.5 networks?

Page 110 of 193
Lab 12 – OSPF over NBMA using the
Broadcast Network Statement
R1
R3
R2
Frame-Relay
Objective: Configure OSPF to run over a NBMA network by changing the

network type to Broadcast.
IP addressing and DLCI information Chart
Routers IP address Local DLCI Connecting to:

R1 S0/0: 192.1.123.1/24 102 R2
103 R3
R2 S0/0: 192.1.123.2 /24 201 R1
R3 S0/0: 192.1.123.3 /24 301 R1
Configure Frame Relay on the S0/0 interface based on the table

above. Configure Static Frame-relay map statements. Make
sure that Spokes can ping each other. Also configure Loopback
Interfaces (1.1.1.1/8 ,2.2.2.2/8 and 3.3.3.3/8) on the
respective routes and enable them in OSPF.

Page 111 of 193
On R1
R1(config-if)#encapsulation frame-relay
R1(config-if)#frame-relay map ip 192.1.123.2 102 broadcast
R1(config-if)#int loopback 0
On R2
R2(config-if)#frame-relay map ip 192.1.123.3 201
On R3

Page 112 of 193
On All Routers
 Type SH IP ROUTE
 How many networks do you see?
 Type SH IP OSPF INT S 0/0?
 What type of network is it? Does it send the OSPF routing packets?
Problem: OSPF send’s Multicast packets, which is a form of

Broadcast and this is a non-broadcast network.
Solution: Turn it into a Broadcast network. In a Hub-n-spoke

network, make sure the Hub is the DR by setting the spokes with a
priority of 0.
On R2 and R3
Rx(config)#int S 0/0
Rx(config-if)#shut
Rx(config-if)# IP OSPF Network broadcast
Rx(config-if)# IP OSPF priority 0
Rx(config-if)#no shut
On R1
R1(config-if)#shut
R1(config-if)# IP OSPF Network broadcast
Type SH IP ROUTE
How many networks do you see?
Can you ping the loopback interfaces across the network?

Page 113 of 193
Neighbor Statement
(Builds on Lab 12)
Objective: Configure OSPF to run over a NBMA network by using the Neighbor
command
Change the Network type back to Non-Broadcast on all the

Routers
On All Routers
Rx(config-if)#sh
Rx(config-if)# NO IP OSPF network broadcast
On All Routers
Type SH IP ROUTE
Type SH IP OSPF INT S 0/0?
What type of network is it?
Problem: OSPF send Multicast packets, which is a form of

Solution: Have OSPF send Unicast Packets using Neighbor

Statement
On R1

Page 114 of 193
On R2
On R3
On All Routers
Type SH IP ROUTE
Ping the loopback interfaces across the Network.
Are you successful?

Page 115 of 193
Point-to-Multipoint Network Type
(Builds on Lab 13)
Objective: Configure OSPF to run over a NBMA network by changing the

Network type of point-to-multipoint. This network will not need a DR or BDR.
Delete the Neighbor Statements on all the Routers
On R1
R1(config-router)#no neighbor 192.1.123.2
On R2
On R3
On All Routers
Type SH IP ROUTE
Type SH IP OSPF INT S 0/0?
What type of network is it?
Problem: OSPF send Multicast packets, which is a form of


Page 116 of 193
Solution: Turn the network type to point-to-multipoint, which is a
form of point-to-point link and does not require any DR/BDR.
Hence no need to set the priorities on the Spokes to 0.
Change the Network type back to Point-to-multipoint on all the

Routers
On R1
R1(config-if)#sh
R1(config-if)#IP ospf network point-to-multipoint
On R2 and R3
Rx(config-if)#sh
Rx(config-if)#IP ospf network point-to-multipoint
Rx(config-if)#no IP ospf priority 0
On All Routers
Type SH IP ROUTE
Ping the loopback interfaces across the Network.
Are you successful?
Type Show IP ospf interface S 0/0.
Is there a DR/BDR on this network?

Page 117 of 193
Lab 15 – Multi-Area Connection
L0 1.1.0.0 – R1 192.1.12.0/24 R2
S 0/0(.1) L0 2.1.0.0 –
L3 1.1.3.0/24 S 0/0 (.2)
L3 2.1.3.0/24
Area 10
E 0/0 (.2)
192.1.23.0/24
Area 0
E 0/0 (.3)
S 0/0(.4) 192.1.34.0/24 L0 3.1.0.0 –

L0 4.1.0.0 – S 0/0 (.3)
L3 4.1.3.0/24 L3 3.1.3.0/24
R4 Area 100 R3
R1 Configuration

Loopback 0 1.1.0.1 255.255.255.0
Loopback 1 1.1.1.1 255.255.255.0
Loopback 2 1.1.2.1 255.255.255.0
Loopback 3 1.1.3.1 255.255.255.0
S 0/0 192.1.12.1 255.255.255.0
R2 Configuration

Loopback 0 2.1.0.1 255.255.255.0
Loopback 1 2.1.1.1 255.255.255.0
Loopback 2 2.1.2.1 255.255.255.0
Loopback 3 2.1.3.1 255.255.255.0
S 0/0 192.1.12.2 255.255.255.0
E 0/0 192.1.23.2 255.255.255.0

Page 118 of 193
R3 Configuration

Loopback 0 3.1.0.1 255.255.255.0
Loopback 1 3.1.1.1 255.255.255.0
Loopback 2 3.1.2.1 255.255.255.0
Loopback 3 3.1.3.1 255.255.255.0
E0/0 192.1.23.3 255.255.255.0
S 0/0 192.1.34.3 255.255.255.0
R4 Configuration

Loopback 0 4.1.0.1 255.255.255.0
Loopback 1 4.1.1.1 255.255.255.0
Loopback 2 4.1.2.1 255.255.255.0
Loopback 3 4.1.3.1 255.255.255.0
S 0/0 192.1.34.4 255.255.255.0
Objective: Configure OSPF in a Multi-area configuration based on the network

diagram. Advertise all the loopbacks on all the routers. Verify the different
types of routes in a Multi-area configuration.
Configure OSPF and advertise the loopbacks on all the routers

based on the network. Configure the Loopbacks in Either Area
10 or Area 100
On R1
R1(config-router)#net 1.1.0 0.0.255.255 area 10
On R2
R2(config-router)#net 192.1.12.0.0 0.0.0.255 area 10

Page 119 of 193
On R3
On R4
On All Routers
Type SH IP ROUTE. Do you see all the routes ?
Do you see new type of routes?
What is the designation of the new type of routes?
Type SH IP OSPF BORDER-ROUTERS
Do you see the address of your ABR?

Page 120 of 193
Lab 16 – Multi-Area Connection using
Route Summarization
(Builds on Lab 15)
Objective: Perform Route summarization such that all the Loopbacks from
Area 10 and Area 100 are summarized
Summarize the 1.X.0.0 and 2.X.0.0 Area 10 routes on R2
On R2
R2(config-router)# area 10 range 1.1.0.0 255.255.252.0
Summarize the 3.X.0.0 and 4.X.0.0 Area 100 routes on R3
On R3
On All Routers
Type SH IP ROUTE
Does your routing table have all the entries to all the networks outside
your area?
Can you ping the other area Hosts?
What are the benefits of Route Summarization?

Page 121 of 193
Lab 17 – Configuring Stub Area
L0 1.1.0.0 – R1 192.1.12.0/24 R2
S 0/0(.1) L0 2.1.0.0 –
L1 1.1.1.0/24 S 0/0 (.2)
L1 2.1.1.0/24
Area 10 E 0/0 (.2)
192.1.23.0/24
Area 0
E 0/0 (.3)
S 0/0(.4) 192.1.34.0/24 L0 3.1.0.0 –

L0 4.1.0.0 – S 0/0 (.3)
L1 4.1.1.0/24 L1 3.1.1.0/24
R4
Area 100 R3
R1 Configuration

Loopback 0 1.1.0.1 255.255.255.0
Loopback 1 1.1.1.1 255.255.255.0
S 0/0 192.1.12.1 255.255.255.0
R2 Configuration

Loopback 0 2.1.0.1 255.255.255.0
Loopback 1 2.1.1.1 255.255.255.0
S 0/0 192.1.12.2 255.255.255.0
E 0/0 192.1.23.2 255.255.255.0
R3 Configuration

Loopback 0 3.1.0.1 255.255.255.0
Loopback 1 3.1.1.1 255.255.255.0
E0/0 192.1.23.3 255.255.255.0

Page 122 of 193
S 0/0 192.1.34.3 255.255.255.0
R4 Configuration

Loopback 0 4.1.0.1 255.255.255.0
Loopback 1 4.1.1.1 255.255.255.0
S 0/0 192.1.34.4 255.255.255.0

diagram. Configure Area 10 and Area 100 as Stub Area’s to prevent External
routes from the Backbone getting injected into it.
Configure OSPF and advertise the loopbacks on all the routers

based on the network. Inject the 2.X.0.0 and 3.X.0.0 routes
into OSPF using the Redistribute Connected statement such
that they appear as External routes in OSPF
On R1
On R2
R2(config-router)#redistribute connected subnets
On R3
R3(config-router)# redistribute connected subnets
On R4

Page 123 of 193
On R1 and R4
Do you see the external Routes (2.1.0.0, 2.1.1.0, 3.1.0.0 and 3.1.1.0)?
Configure Area 10 and 100 as Stub area’s. This will prevent

external routes from the backbone from getting injected into it.
On R1 and R2
Rx(config)#router ospf 1
Rx(config-router)#area 10 stub
On R3 and R4
Rx(config-router)#area 100 stub
On R1 and R4
Do you see the external Routes (2.1.0.0, 2.1.1.0, 3.1.0.0 and 3.1.1.0)?
Do you see a Default Route?
Who injected this route into OSPF?
Can you still ping the external networks?
What type of routes do you not see in the routing table of a stub area?

Page 124 of 193
Lab 18 – Configuring a Totally Stub
Area
(Builds on Lab 17)
Objective: Configure Area 10 and 100 as Totally Stubby area’s by also blocking
the Inter-Area routes from propagating into it.
On R1 and R4
Do you see the Inter-Area Routes?
Configure Area 10 and 100 as Totally Stubby area’s to block all

inter-area routes from propagating into it. It should still maintain
reachability to them
On R2
R2(config-router)#area 10 stub no-summary
On R3
R3(config-router)#area 10 stub no-summary
On R1 and R4
Do you see the Inter area Routes?
Do you see a Default Route?
Who gave you this route?
Can you still ping the 1.X.0.0 and 4.1.X.0 networks?
What type of routes do you not see in the routing table of a Totally stub
area?

Page 125 of 193
Lab 19 – Configuring Not-so-Stubby
Area
R1 192.1.12.0/24 R2
L0 1.1.1.1/24 S 0/0(.1)
S 0/0 (.2) L0 2.2.2.2/24
RIP
E 0/0 (.2)
192.1.23.0/24
Area 10
E 0/0 (.3)
S 0/0(.4) 192.1.34.0/24
L0 4.4.4.4/24 S 0/0 (.3) L0 3.3.3.3/24
R4
Area 0 R3
R1 Configuration

Loopback 0 1.1.1.1 255.255.255.0
S 0/0 192.1.12.1 255.255.255.0
R2 Configuration

S 0/0 192.1.12.2 255.255.255.0
E 0/0 192.1.23.2 255.255.255.0
Loopback 0 2.2.2.2 255.255.255.0
R3 Configuration

E 0/0 192.1.23.3 255.255.255.0

Page 126 of 193
S 0/0 192.1.34.3 255.255.255.0
Loopback 0 3.3.3.3 255.255.255.0
R4 Configuration

Loopback 0 4.4.4.4 255.255.255.0
S 0/0 192.1.34.4 255.255.255.0

diagram. Configure Area 10 as a NSSA Area’ to prevent External routes from
the Backbone getting injected into it. Make sure that everybody outside of Area
10 has reachability to external routes injected by the ASBR in Area 10
Configure OSPF between R2, R3 and R4 in the appropriate

areas based on the Network diagram. Advertise the Loopbacks
on R2 and R3 into OSPF. Inject the 4.0.0.0 networks into OSPF
using the Redistribute connected command so that they appear
in OSPF as external routes. Run RIP between R1 and R2.
Perform mutual Route redistribution between RIP and OSPF on
R2.
On R1
On R2
R2(config-router)#redistribute ospf 1 metric 1
R2(config-router)#Router ospf 1
R2(config-router)#redistribute rip subnets

Page 127 of 193
On R3
On R4
R4(config-router)#redistribute connected subnets
On R3
Type SH IP ROUTE
Do you see External Routes from the ABR (R3) and from ASBR(R2)?
Configure Area 10 as a NSSA area. This will stop the ABR from
injecting the external routes from the backbone into Area 10.
Area 10 external routes should will be injected in a Type 7
routes in Area 10 and then converted back into Type when
send into the Backbone area.
On R3 and R4
Rx(config-router)#area 10 nssa
On R4
Type SH IP ROUTE
Do you see any E routes?
On R3
Do you see any N routes? What type of LSA is the N routes?

Page 128 of 193
On R2
Do you see any N routes?
Do you still see the 4.0.0.0 network? What type of route is it?
What does the ABR do with the N routes (LSA Type 7)?
On R3
Do you see the RIP routes (1.0.0.0, 192.1.12.0) in the routing table?

Page 129 of 193
Lab 20 – Configuring NSSA – Stub Area
(Builds on Lab 19)
Objective: Configure Area 10 as a NSSA – Stub area to maintain reachability

to the external routes from the Backbone.
On R4
Can R4 ping 1.1.1.1?
Configure R3 to inject a default route into R4 by making Area

10 into a NSSA – Stub area
R3(config-router)#area 10 nssa default-information-originate
On R4
Type SH IP ROUTE
Do you see a new N2 Default Route?
Can you Ping 1.1.1.1 now?

Page 130 of 193
Lab 21 – Configuring NSSA – Totally
Stubby Area
(Builds on Lab 20)
Objective: Configure Area 10 as a NSSA – Totally Stubby area to block the

Inter-area routes as well from getting injected into Area 10.
On R4
Type SH IP ROUTE
Do you see the IA routes?
What if you want to cut your Routing table by blocking the Inter-area
routes from getting injected into Area 10.
Configure Area 10 as a NSSA – Totally Stubby Area
On R3
R3(config-router)#area 1 nssa no-summary
On R4
Type SH IP ROUTE
Do you still see Inter-Area routes in Area 10?
Can you still ping 2.2.2.2 and 3.3.3.3 routes?

Page 131 of 193
Lab 22 – Configuring a Virtual Link
L0 1.1.0.0 – R1 192.1.12.0/24 R2
S 0/0(.1) L0 2.1.0.0 –
L1 1.1.1.0/24 S 0/0 (.2)
L1 2.1.1.0/24
Area 0 E 0/0 (.2)
192.1.23.0/24
Area 10
E 0/0 (.3)
S 0/0(.4) 192.1.34.0/24 L0 3.1.0.0 –

L0 4.1.0.0 – S 0/0 (.3)
L1 4.1.1.0/24 L1 3.1.1.0/24
R4
Area 100 R3
R1 Configuration

Loopback 0 1.1.1.1 255.0.0.0
S 0/0 192.1.12.1 255.255.255.0
R2 Configuration

Loopback 0 2.2.2.2 255.0.0.0
S 0/0 192.1.12.2 255.255.255.0
E 0/0 192.1.23.2 255.255.255.0
R3 Configuration

Loopback 0 3.3.3.3 255.0.0.0
E 0/0 192.1.23.3 255.255.255.0
S 0/0 192.1.34.3 255.255.255.0

Page 132 of 193
R4 Configuration

Loopback 0 4.4.4.4 255.0.0.0
S 0/0 192.1.34.4 255.255.255.0
Objective: Configure a Virtual-link between R2 and R3 to connect Area 100 to

the Backbone area using Area 10 as the Transit Area for the Virtual Link
Configure OSPF between R1 – R4 in the Appropriate Areas.

Advertise all the interfaces in OSPF.
On R1
On R2
R2(config-router)#router-id 2.2.2.2
On R3
On R4

Page 133 of 193
On R4
Type SH IP ROUTE.
Do you see all the routes ?
What is the reason behind the missing routes?
Configure a Virtual Link between R2 and R3 to connect Area

100 to the Backbone area
On R2
R2(config-router)#area 10 virtual-link 3.3.3.3
On R3
R3(config-router)#area 10 virtual-link 2.2.2.2
On R4
 Type SH IP ROUTE
 Can you all the routes from the backbone area?
 Can you ping 1.1.1.1?

Page 134 of 193
Aut
hor
ized
CCNPRo
uteL
abWo
rkb
ook
Mo
dul
e:0
6–BGP
Copyr
ightsNetworker
sHome2007-2015
Websi
te:ht
tp:
//
www.networker
shome.com;i
nfo@net
worker
shome.
com
Page135of193
Border Gateway Protocol(BGP)
FEATURES
 Inter-domain routing protocol also known as EGP

 Latest version is 4
 Defined in RFC 1771
 Autonomous system is a set of routers under a single technical administration, using an
IGP & common metrics to route packets within the AS, and using an EGP to route
packets to other AS
 Internet Assigned Numbers Authority (IANA) is responsible for allocating AS numbers
 AS number is a 16 bit number
 Range between 1 – 65535
 64512 – 65535 reserved for private use like private IP addresses
 An autonomous system can be connected to more than one ISP. This type of AS is
known as a Multihomed AS. This may be done for Redundancy or/and to increase
performance through load balancing.
 BGP exchanges routes between AS in a loop free manner
ROUTING PROTOCOL COMPARISON

Protocol IGP/EGP DV/LS Hierarchy Required Metric
OSPF IGP LS Yes Cost
EIGRP IGP Adv. DV No Composite Path
BGP EGP Adv. DV No Path Vectors or Attributes
WHEN TO USE BGP

 An AS allows packets to transit through it to reach other AS (for example, ISP)
 An AS has multiple connections to other AS
 The flow of traffic entering & leaving your AS must be manipulated
SIZE OF AN INTERNET BGP ROUTER

 > 30MB routing table
 > 70,000 routes
 > 6,500 AS numbers
WHEN NOT TO USE BGP (INSTEAD USE STATIC ROUTES)

 A single connection to the Internet or other AS
 Routing policy & route selection not a concern
 Lack of hardware requirements on the routers
 Lack of understanding of route filtering & BGP path selection process
 Low bandwidth between AS
COMMAND SYNTAX FOR STATIC ROUTES

 IP Route prefix mask {Address/Interface} [Distance]

Page 136 of 193
BGP Terminology
 Advanced D.V. protocol
 Runs on top of the TCP port 179 hence provides reliability.
 Incremental, flash updates
 Periodic keepalives to verify connectivity
 Rich metric (called path vectors or attributes)
 Extremely Scalable
 BGP routers contain two tables
 IGP routing table
 BGP routing table
 Information can be exchanged
 Peers/Neighbors – any two routers that have formed a TCP connection in order to
exchange BGP routing information
INTERNAL BGP
 When BGP neighbors belong to the same AS
 Neighbors do not have to be directly connected but need to be able to reach each other.
EXTERNAL BGP
 BGP neighbors belong to different AS and should be able to reach each other.
 Neighbors should be directly connected
 Used to connect different Autonomous Systems to each other.
POLICY BASED ROUTING

 Administrators define policies or rules for how data will flow through the AS
 BGP & associated tools cannot end-to-end policies. Admins can only influence how our
traffic to our neighboring AS, but not beyond it.
 This is known as hop-by-hop routing paradigm
BGP METRICS
 Known as Path Attributes
 Four Categories of Path Attributes
 Well-Known Mandatory
 Well-Known Discretionary
 Optional Tranistive
 Optional Non-Transitive
WELL KNOW ATTRIBUTES

 Recognized by al compliant BGP implementations
 Propagated to other neighbors
 Well-Known Mandatory attributes must be present in all update messages
 Well-Known Discretionary attributes could be present in an update

Page 137 of 193
OPTIONAL ATTRIBUTES
 Recognized by some implementation’s
 Recognized optional attributes are propagated based on their meaning
 Optional Transitive Attributes: If not recognized, are marked as partial &
propagated to other neighbors
 Optional Non-Transitive Attributes: Discard if not recognized
WELL KNOWN MANDATORY

 AS Path: It identifies the autonomous systems through which routing information carried
in this UPDATE message has passed.
 Next-Hop: It defines the IP address of the border router that should be used as the next hop
to the destinations listed in the UPDATE message. When going from a EBGP neighbor to
an IBGP neighbor, the next hop attribute is carried along in the update.
 Origin: Indicates where the route information originated from. It uses an “i” to indicate that
the route was learned from an IGP and “e” for a route learned from an EGP.
WELL KNOWN DISCRETIONARY

 Local Preference: Send within the Local Autonomous System only. Indicates to Local
Routers which path to take to exit the AS.
 Atomic Aggregate: Indicates that a summarized route has been send to the neighbor.
OPTIONAL TRANSITIVE
 Aggregator: Indicates the AS # and IP address of the Router that performed the
Aggregation,
 Community: Indicates the community that the route belongs to. Helps in route-selection
policy and filtering traffic. They allow to filter incoming and outgoing routes. They allow
routers to make decisions based on the Community a route belongs to.
OPTIONAL NON TRANSITIVE

 Multi-Exit Discriminator (MED): Also known as Metric, is send to external neighbors. It
indicates to the neighbor the preferred path into the AS.
ADDITIONAL CISCO PROPERTY

 Weight: Arbitrary number between 0 – 65535 which indicates to the router the preferred
path to a given destination.
 The Neighbor IP Address Weight Weight Command is used to set the Weight metric.
Route Selection Decision Process

 Highest Weight
 Highest Local Preference
 Route originated by the local router
 Shortest AS-Path
 Lowest Origin code ( IGP < EGP)

Page 138 of 193
 Lowest MED from other AS
 EBGP over IBGP
 The Path through the closest IGP Neighbor
 Oldest route for EBGP
 Path with the lowest Neighbor BGP Router ID
Basic BGP Configuration
Router BGP 100 (Where 100 is the Autonomous system on this router)
Neighbor 192.1.1.1 remote-as 200) (The IP address of your BGP Peer and its AS #. If the AS
number is the same as your AS #, it indicates that the BGP
Routers are IBGP Peer’s or Neighbors
Network 1.0.0.0 (What networks to advertise)

Page 139 of 193
Useful Commands
Command Description
SH IP BGP Shows EGP Table
Clear IP BGP * Clear EGP Table
Route Reflectors
 BGP Split Horizon: Routes learned via IBGP are never propagated to other IBGP Peers.
Required to avoid Routing Loops.
 In order to let IBGP routers to propagate routes within an Autonomous System it requires a
Full Mesh Topology or Use Route Reflectors.
 Full Mesh topology result in many BGP sessions being created. This may result in a
significant amount of increased traffic which is not feasible for slow WAN Links.
 Route Reflectors modify BGP Spilt Horizon by allowing the router configured as the route
reflector to propagate routes learned by IBGP to other IBGP Peers.
Prefix List
 New in Cisco 12.0 IOS Release

 Prefix list can be used as an alternative to access lists in many BGP Route Filtering
commands
 You can use Show IP prefix-list detail command to see the prefix-list entries.
 Advantages include:
 Significant Performance Improvement
 Support for incremental modifications
 More user-friendly command-line interface
 Greater Flexibility
Configuration
Router BGP 100

Network 192.168.1.0
Neighbor 2.2.2.2 remote-as 200
Neighbor 2.2.2.2 prefix-list test out
IP Prefix-list test seq 5 permit 172.0.0.0 / 8

Page 140 of 193
Aut
hor
ized
CCNPRo
uteL
abWo
rkb
ook
Mo
dul
e:0
6–BGPL
abs
Copyr
ightsNetworker
sHome2007-2015
Websi
te:ht
tp:
//
www.networker
shome.com;i
nfo@net
worker
shome.
com
Page141of193
Lab 1 – Connecting EBGP
Physical Layout
R1 S 0/0(.1) 192.1.12.0/24 R2 L0 2.2.2.2/8

L0 1.1.1.1/8
S 0/0 (.2)
L1 11.1.0.1/16 L1 12.1.0.1/16
E 0/0 (.2)
192.1.23.0/24
E 0/0 (.3)
S 0/0(.4) 192.1.34.0/24
L0 4.4.4.4/8 S 0/0 (.3) L0 3.3.3.3/8
L1 14.1.0.1/16 L1 13.1.0.1/16
R4 R3
BGP Layout
AS 1 AS 2
R2
R1
R4
R3
AS 4 AS 3

Page 142 of 193
R1 Configuration

Loopback 0 1.1.1.1 255.0.0.0
Loopback 1 11.1.0.1 255.255.0.0
S 0/0 192.1.12.1 255.255.255.0
R2 Configuration
Loopback 0 2.2.2.2 255.0.0.0
Loopback 1 12.1.0.1 255.255.0.0
S 0/0 192.1.12.2 255.255.255.0
E 0/0 192.1.23.2 255.255.255.0
R3 Configuration

Loopback 0 3.3.3.3 255.0.0.0
Loopback 1 13.1.0.1 255.255.0.0
E 0/0 192.1.23.3 255.255.255.0
S 0/0 192.1.34.3 255.255.255.0
R4 Configuration
Loopback 0 4.4.4.4 255.0.0.0
Loopback 1 14.1.0.1 255.255.0.0
S 0/0 192.1.34.4 255.255.255.0
Objective: Configure E-BGP neighbor relationship between 4 Routers. You will

also configure E-BGP neighbor relationships based on loopbacks.
Configure a BGP neighbor relationship between R1 and R2. R1

should be in AS 1 and R2 should be in AS 2. Advertise the
loopback networks in BGP. Hard-code the Router ID for the
BGP routers as 11.11.11.11 for R1 and 22.22.22.22 for R2.
On R1
R1(config)#Router bgp 1

Page 143 of 193
R1(config-router)#no sync
R1(config-router)#bgp router-id 11.11.11.11
R1(config-router)#network 11.1.0.0 mask 255.255.0.0
R1(config-router)#neighbor 192.1.12.2 remote-as 2
On R2
Configure a BGP neighbor relationship between R2 and R3. R2

should already be configured in AS 2 and R3 should be in AS 3.
Advertise the loopback network of R3 in BGP. Hard-code the
Router ID for R3 as 33.33.33.33
On R2
On R3
Configure a BGP neighbor relationship between R3 and R4. R#

should already be configured in AS 3 and R4 should be in AS 4.
Advertise the loopback network of R4 in BGP. Hard-code the
Router ID for R4 as 44.44.44.44. Establish the neighbor
relationship based on Loopback 0 addresses. Create static
routes to reach the Loopback 0 of the other router. Do not
advertise Loopback 0 in BGP.

Page 144 of 193
On R3
R3(config)#ip route 4.4.4.4 255.255.255.255 192.1.34.4
R3(config-router)#neighbor 4.4.4.4 update-source loopback 0
R3(config-router)#neighbor 4.4.4.4 ebgp-multihop
On R4
R4(config)#ip route 3.3.3.3 255.255.255.255 192.1.34.3
R4(config-router)#neighbor 3.3.3.3 update-source loopback 0
R4(config-router)#neighbor 3.3.3.3 ebgp-multiphop

Page 145 of 193
Lab 2 – BGP Neighbor MD5
Authentication
(Builds on Lab 1)
Objective: Configure BGP Authentication using MD5 between all the BGP
peers.
Configure MD5 Authentication between R1 and R2 using a

password of cisco-12
On R1
R1(config-router)#neighbor 192.1.12.2 password cisco-12
On R2

On R2
On R3

On R3
On R4

Page 146 of 193
Lab 3 – Configuring Route Reflectors
(Builds on Lab 2)
Objective: Disable BGP from the previous lab and Re-configure it based on the
new topology. Configure Route Reflector to overcome the BGP split-horizon
issue.
BGP Layout
R3
AS 234
AS 1
R3
R1 R2 R4
Disable BGP on all 4 routers. Also, delete the static routes for
network 4.0.0.0 on R3 and network 3.0.0.0 on R4.
On R1
R1(config)#no router bgp 1
On R2
On R3

R3(config)#no ip route 4.4.4.4 255.255.255.255

Page 147 of 193
On R4

R4(config)#no ip route 3.3.3.3 255.255.255.255
Configure a neighbor relationship between R1 and R2 based on

the Logical diagram. Advertise the Loopback networks on both
Routers. Hard-code the Router ID for the BGP routers as
11.11.11.11 for R1 and 22.22.22.22 for R2.
On R1
R1(config)#router bgp 1
On R2
Configure RIP V2 as the routing protocol within AS 234. Only

advertise the internal physical link in RIP on R2, R3 and R4.
Do not advertise the link between R1 and R2 in RIP.
On R2

Page 148 of 193
On R3
On R4
Configure neighbor relationships between R2 and R3 and

another one between R3 and R4. Do not configure a neighbor
relationship between R2 and R4. Advertise the Loopback
networks on R3 and R4 under BGP. R3 should have reachability
towards R1 routes. Accomplish this by using the Next-hop-self
command on R2 towards R3. Also, configure R3 to propagate
R2 routes to R4 by configuring it as a Route-Reflector server
for R2 and R3.
On R2
R2(config-router)#neighbor 192.1.23.3 next-hop-self
On R3
R3(config-router)#neighbor 192.1.23.3 route-reflector-client
R3(config-router)#neighbor 192.1.34.4 route-reflector-client

Page 149 of 193
Lab 4 – Route Filtering using Distribute
List with ACL’s
(Builds on R3)
Objective: Configure Route Filtering using Distribute Lists with ACL’s
Create the following Loopbacks on R2
Loopback 1 – 192.2.1.1/24
Loopback 2 – 192.2.2.1/24
Loopback 3 – 192.2.3.1/24
Loopback 4 – 192.2.4.1/24
Loopback 5 – 192.2.5.1/24
Loopback 6 – 192.2.6.1/24
Loopback 7 – 192.2.7.1/24
Loopback 8 – 192.2.8.1/24
On R2
R2(config-if)# ip address 192.2.1.1 255.255.255.0
Advertise the newly created routes in BGP. Redistribute the

directly connected networks into BGP . These routes should
have an origin code of “igp”.

Page 150 of 193
On R2
R2(config)#Route-map C-2-B permit 10
R2(config-route-map)#set origin igp
R2(config-route-map)#router bgp 234
R2(config-router)#redistribute connected route-map C-2-B
Configure R2 such that it blocks all the 192.2.X.0 routes that

have an odd number in the third octet from propagating
outside the local AS. Use the distribute-list command to
accomplish this task.
On R2
R2(config-router)#neighbor 192.1.12.1 distribute-list 1 out
Configure R4 such that it blocks all the 192.2.X.0 routes that

have an even number in the third octet from coming in. Make
sure that even if in the future that a neighbor relationship is
established between R2 and R4 these routes don’t come into
R4. Use the distribute-list command to accomplish this task.
On R4
R4(config-router)#distribute-list 1 in

Page 151 of 193
Lab 5 – Route Filtering using Prefix-List
(Builds on R4)
Objective: Configure Route Filtering using Prefix-list.
Create the following Loopbacks on R3
Loopback 1 – 150.3.16.1/20
Loopback 2 – 150.3.36.1/22
Loopback 3 – 150.3.40.1/22
Loopback 4 – 150.3.50.1/23
Loopback 5 – 150.3.65.1/24
Loopback 6 – 150.13.0.1/16
Loopback 7 – 150.14.64.1/18
On R3
Advertise the newly created routes in BGP using the Network

command.
On R3
R3(config-router)#Network 150.3.16.0 mask 255.255.240.0

Page 152 of 193
R3(config-router)#Network 150.13.0.0
Configure R2 such that it blocks all the 150.X.X.0 routes that

have a subnet mask between 17 and 23 bits.
On R2
R2(config)#IP Prefix-list PLIST deny 150.0.0.0/8 ge 17 le 23
R2(config)#IP Prefix-list PLIST permit 0.0.0.0/0 le 32
R2(config-router)#Neighbor 192.1.23.3 prefix-list PLIST in

Page 153 of 193
Lab 6 – Configuring MED
Physical Layout
R1 192.1.12.0/24 R2
S 0/0(.1)
S 0/0 (.2) L0 2.2.2.2/8
L0 1.1.1.1/8
E 0/0 (.2)
E 0/0 (.1)
192.1.23.0/24
192.1.14.0/24
E 0/0 (.3)
E 0/0 (.4)
L0 4.4.4.4/8 L0 3.3.3.3/8
S 0/0(.4)
S 0/0 (.3)
192.1.34.0/24
R4 R3
BGP Layout
R2
AS 1
AS 234
R3
R1
R4

Page 154 of 193
R1 Configuration

Loopback 0 1.1.1.1 255.0.0.0
S 0/0 192.1.12.1 255.255.255.0
E 0/0 192.1.14.1 255.255.255.0
R2 Configuration

Loopback 0 2.2.2.2 255.0.0.0
S 0/0 192.1.12.2 255.255.255.0
E 0/0 192.1.23.2 255.255.255.0
R3 Configuration
Loopback 0 3.3.3.3 255.0.0.0
E 0/0 192.1.23.3 255.255.255.0
S 0/0 192.1.34.3 255.255.255.0
R4 Configuration
Loopback 0 4.4.4.4 255.0.0.0
S 0/0 192.1.34.4 255.255.255.0
E 0/0 192.1.14.4 255.255.255.0
Objective: Configure BGP in 2 AS’s (1 and 234). Use MED to control incoming
traffic into AS 234.
Run RIP V2 as the IGP in AS 234. Advertise the directly

connected links under RIP. Do not advertise the external links
(192.1.12.0, 192.1.14.0) or the Loopbacks in RIP.
On R2
R2(config-router)#Version 2
R2(config-router)#No auto-summary

Page 155 of 193
On R3
On R4
Configure the routers under BGP based on the Logical diagram.

Configure the Neighbor relationships also based on the Logical
diagram. Advertise Loopback 0 Networks on all routers under
BGP. Make sure the 1.0.0.0 gets put into the routing table of
R3. Also make sure that Routes from R2 are getting propagated
to R4 and vice versa using Route-reflectors.
On R1
R1(config)#Router BGP 1
R1(config-router)#No sync
R1(config-router)#Neighbor 192.1.12.2 remote-as 234
On R2
R2(config-router)#Neighbor 192.1.23.3 next-hop-self

Page 156 of 193
On R3
R3(config-router)#Neighbor 192.1.23.2 route-reflector-client
R3(config-router)#Neighbor 192.1.34.4 route-reflector-client
All ingress (incoming) traffic to AS 234 should use the path

thru R4 using the MED attribute. Configure the MED on R2 to
100. R4’s MED is 0 by default. Lower MED will be preferred.
On R2
R2(config)#Route-map SETM ED permit 10
R2(config-route-map)#Set metric 100
R2(config-route-map)#exit
R2(config-router)#Neighbor 192.1.12.1 route-map SETM ED out

Page 157 of 193
Lab 7 – Setting Local Preference
(Builds on Lab 6)
Objective: Controlling outgoing traffic using Local Preference.
Configure AS 234 such that all traffic destined for AS 1 should

go through R2 in the outbound direction.Use Local-Preference
Attribute to accomplish this.
On R2
R2(config)#Route-map SETLP permit 10
R2(config-route-map)#Set Local-preference 200
R2(config-router)#Neighbor 192.1.12.1 route-map SETLP in

Page 158 of 193
Lab 8 – Setting Cisco Weight Attribute
(Builds on Lab 7)
Objective: Controlling outgoing traffic on the local router without affecting the
rest of the AS.
Configure R4 such that all traffic destined for network 1.0.0.0 should go
directly to R1 instead of going thru R2 as it has a higher Local Preference for
the AS.
On R4
R4(config)#Access-list 1 permit 1.0.0.0 0.255.255.255
R4(config)#Route-map SETW T permit 10
R4(config-route-map)#M atch address 1
R4(config-route-map)#Set weight 5000
R4(config-route-map)#Route-map SETW T permit 20
R4(config-router)#Neighbor 192.1.14.1 route-map SETW T in

Page 159 of 193
Aut
hor
ized
CCNPRo
uteL
abWo
rkb
ook
Mo
dul
e:0
7–Addi
ti
ona
lTo
pic
s
Copyr
ightsNetworker
sHome2007-2015
Websi
te:ht
tp:
//
www.networker
shome.com;i
nfo@net
worker
shome.
com
Page160of193
Additional Topics
IOS DHCP Server
Allows a Cisco Router to Assign IP Configuration information
Command Syntax:
Router(config)#IP dhcp pool pool name

Router(dhcp-config)#network network address /Prefix mask
Router(dhcp-config)#default-router Router’s Address
Router(dhcp-config)#netbios-name-server Name Server Address
Router(dhcp-config)#netbios-node-type Node-type
Router(dhcp-config)#dns-server Dns Server Address
Router(dhcp-config)#lease Days hours minutes
Router(config)#ip dhcp excluded-address Low-address High-address
Helper Addresses
If a client needs to reach a server and does not know the server’s
address the client uses a broadcast to find the server’s address. By
default, a router will drop the broadcast packet. Helper addresses
allow connectivity by forwarding these broadcasts as unicast packets
Server Locations
Single Server on a Single Remote Network: Clients need to connect to
only one server on a Remote Network.
M ultiple Servers on a Single Remote Networks: Multiple servers on

the Remote Network, either of the same type or different types.
M ultiple Servers on M ultiple Remote M edia: Two servers on two

separate Networks.
Command Syntax:
IP helper-address Address
Enables forwarding and specifies destination address for main UDP

broadcast packets.

Page 161 of 193
It also changes the destination address from broadcast to unicast or
directed address.
By default, forwards the following UDP ports:

 TFTP (69)
 DNS(53)
 Time(37)
 NetBIOS Name Service(137)
 NetBIOS datagram Service(138)
 BOOTP(67)
 BOOTP(68)
 TACACS(49)
IP Forward-protocol {udp | [port] |
Specifies which protocols will be forwarded
No would allow you to disable the default protocol(s) from being

forwarded
Route Maps
Route maps can be used for both Redistribution and for Policy Routing.
Route Maps are like Complex Access Lists
You have Lines in Access Lists and Statements in Route Maps
You assign an Access List a Number whereas a Route Map is assigned a

Name
You have Addresses and Inverse Masks in Access Lists whereas you have
Match Statements in a Route Map.
Like an Access List, there is an “Implicit deny any” at the end of a route
map.
Unlike Access Lists Route Maps can be edited without reentering the
whole Access Lists.
Route Maps can modify matched route with set command

Page 162 of 193
Command Syntax:
Route-map map name [permit | deny] Sequence Number
Route-map is the command

Map name is the name of the route tag
Permit | deny The action to be taken if the route map match
conditions are met
Sequence Number Indicates the position a new route map in the list of
route map
M atch ip address {access-list-number } {…access-list-number}
M atch length min max
Set ip next-hop ip address [Defines next hop to which output packets]
Set interface Type / Number [Defines interface to which output packets]
Policy Routing
Applied to incoming packets
Uses Route maps to define criteria
Policy based routing allows a network administrator to determine and

implement routing policies to allow or deny paths based on the following:
 The identity of a particular end system

 The size of the packets

Page 163 of 193
Aut
hor
ized
CCNPRo
uteL
abWo
rkb
ook
Mo
dul
e:0
7–Addi
ti
ona
lTo
pic
sLa
bs
Copyr
ightsNetworker
sHome2007-2015
Websi
te:ht
tp:
//
www.networker
shome.com;i
nfo@net
worker
shome.
com
Page164of193
Lab 1 – IP Helper Addresses
R1 S 0/0(.1) 192.1.12.0/24 R2
S 0/0 (.2)
E 0/0(.1) E 0/0(.1)
192.1.11.0/24 192.1.22.0/24
Objective:
Configure a Routers as a DHCP Server and assign IP Configurations to local

and remote subnets. Configure a Router to forward broadcast from remote
subnets to a DHCP Server.
Configure R1 as a DHCP Server. Create a pool for the

192.1.11.0/24 network. The pool should start giving addresses
from 192.1.11.11 – 192.1.11.254. It should assign 192.1.11.1
as the default gateway and 192.1.11.5 as the DNS Server. Use a
lease time of 3 and a half days.
R1 Basic Configuration
R1(config-if)#clock rate 128000
R1(config-if)#exit
R1(config-if)#exit
R1(config-if)#Router RIP

Page 165 of 193
R2 Basic Configuration
R2(config-if)#int E 0/0
R2(config-if)#Router RIP
R1 DHCP Configuration
R1(config)#ip dhcp excluded-address 192.1.11.1 192.1.11.10

R1(config)#IP dhcp pool ABC
R1(dhcp-config)#network 192.1.11.0 /24
R1(dhcp-config)#default-router 192.1.11.1
R1(dhcp-config)#dns-server 192.1.11.5
R1(dhcp-config)#lease 3 12
R1(dhcp-config)#exit
Objective:
Also, configure R1 as a DHCP Server for the 192.1.22.0/24 network. The pool
should start giving addresses from 192.1.22.11 – 192.1.22.254. It should
assign 192.1.22.1 as the default gateway and 192.1.22.5 as the DNS Server.
Use a lease time of 3 and a half days. Make sure R2 forwards the DHCP
requests to R1 DHCP.
R1 DHCP Configuration
R1(config)#ip dhcp excluded-address 192.1.22.1 192.1.22.10

R1(config)#IP dhcp pool DEF
R1(dhcp-config)#network 192.1.22.0 /24
R1(dhcp-config)#default-router 192.1.22.1
R1(dhcp-config)#dns-server 192.1.22.5
R1(dhcp-config)#lease 3 12

Page 166 of 193
R1(dhcp-config)#exit
R2 Broadcast Forwarding configuration
R2(config-if)#ip helper-address 192.1.12.1

R2(config-if)#exit
PC Configuration
Configure your PC to obtain an IP Address automatically in either

Network Neighborhood (Windows NT) or My Network Places (Windows
2000)
Open a Command prompt
Type IPCONFIG /ALL.
Check the Addresses against the addresses assigned by the IOS DHCP
Server.
Make sure the addresses are not from the excluded range

Page 167 of 193
Lab 2 – Policy Based Routing
R1 S 0/0(.1) R2
192.1.12.0/24
S 0/0 (.2) L0 2.2.2.2/8
L0 1.1.1.1/8
S 0/1(.1)
192.1.112.0/24 S 0/1 (.2) E 0/0 (.2)
192.1.23.0/24
E 0/0 (.3)
L0 3.3.3.3/8
R3
R1 Configuration

Loopback 0 1.1.1.1 255.0.0.0
S 0/0 192.1.12.1 255.255.255.0
S 0/1 192.1.112.1 255.255.255.0
R2 Configuration
Loopback 0 2.2.2.2 255.0.0.0
S 0/0 192.1.12.2 255.255.255.0
E 0/0 192.1.23.2 255.255.255.0
S 0/1 192.1.112.2 255.255.255.0
R3 Configuration

Loopback 0 3.3.3.3 255.0.0.0
E 0/0 192.1.23.3 255.255.255.0

Page 168 of 193
Objective: Configure EIGRP on the network. Advertise all the networks in
EIGRP. Use Policy-based Routing to override the default behavior of the routing
protocol to a specified policy.
Configure EIGRP as the routing protocol in AS 1. Advertise all

the links including the loopbacks in EIGRP.
On R1
R1#conf t
On R2
R2#conf t
On R3
R3#conf t
On R2, you want to send all traffic with a Source network

address of 3.0.0.0 through S 0/0 and any other traffic thru S
0/0.
On R2
R2(config)#route-map PBR permit 1
R2(config-route-map)#set interface S 0/0
R2(config)#route-map PBR permit 2
R2(config-route-map)#set interface S 0/1

Page 169 of 193
R2( config-route-map)#exit
R2(config)#int E0/0
R2(config-if)#ip policy route-map PBR
On R2
Type Debug ip packet (Look for the interface used to send the packet to
1.1.1.1 when R3 sends the ping).
On R3
Type Ping 1.1.1.1
Notice all traffic goes through S 0/1.
Ping 1.1.1.1 with the source of 3.3.3.3.
Notice all traffic from R3 with a source address of 3.3.3.3 goes through S
0/0.

Page 170 of 193
Lab 3 – GRE with RIP
R1 R2
S 0/0(.1) 192.1.12.0/24
L0 10.0.0.1/8 S 0/0 (.2) L0 2.2.2.2/8
E 0/0 (.2)
192.1.23.0/24
E 0/0 (.3)
L0 192.168.1.0/24
R3
R1 Configuration

Loopback 0 10.0.0.1 255.0.0.0
S 0/0 192.1.12.1 255.255.255.0
R2 Configuration
Loopback 0 2.2.2.2 255.0.0.0
S 0/0 192.1.12.2 255.255.255.0
E 0/0 192.1.23.2 255.255.255.0
R3 Configuration

Loopback 0 192.168.1.1 255.255.255.0
E 0/0 192.1.23.3 255.255.255.0
Objective: Configure a GRE Tunnel to route between the 10.0.0.0/8 network

behind R1 and the 192.168.1.0/24 network behind R3. R2 is simulating the
Internet.

Page 171 of 193
Configure Default routes on R1 and R3 towards R2. R2 is
simulating the ISP Router and the Internet.
On R1
R1(config)#ip route 0.0.0.0 0.0.0.0 192.1.12.2
On R3
R3(config)#ip route 0.0.0.0 0.0.0.0 192.1.23.2
Configure a GRE Tunnel from R1 to R3. Use a RFC 1918

network for the Tunnel Interface. The GRE Tunnel should be
Authenticated.
On R1
R1(config)#interface Tunnel13
R1(config-if)#tunnel source 192.1.12.1
R1(config-if)#tunnel destination 192.1.23.3
R1(config-if)#tunnel key 1234
On R3
R3(config)#interface Tunnel13
R3(config-if)#tunnel source 192.1.23.3
R3(config-if)#tunnel destination 192.1.12.1
R3(config-if)#tunnel key 1234
Run RIP as a routing protocol over a GRE tunnel so that the

Private networks of the company are seen on R1 and R3.
On R1

Page 172 of 193
On R3
On R1 and R3
Type Show IP route. Do you see the private networks from each other.
What is the Routing Source?
On R1, Ping 192.168.1.1 with the source of 10.0.0.1.
Are you successful?? Does R2 have reachability to the 10.0.0.0 or

192.168.1.0 networks?

Page 173 of 193
Lab 4 – NAT
(Builds on Lab 3)
Objective: Configure NAT and PAT on R1 and R3 to route traffic from the
private networks to the Internet (R2 – 2.2.2.2).
ISP (R2) assigns R1 a public range of 195.1.1.0/24 network.

Configure R2 to route all packets destined for this network
towards R1.
On R2
R2(config)#ip route 195.1.1.0 255.255.255.0 192.1.12.1
Translate the 10.0.0.0 Network behind R1 into a range of Class

C addresses assigned to R1 by the ISP. Use the range 195.1.1.1
– 195.1.1.250 for the pool.
On R1
R1(config)#access-list 121 permit ip 10.0.0.0 0.255.255.255 any
R1(config)#ip nat pool DP 195.1.1.1 195.1.1.254
R1(config)#ip nat inside source list 121 pool DP
R1(config)#interface Loopback0
R1(config-if)#ip nat inside
R1(config-if)#interface S0/0
R1(config-if)# ip nat outside
R1 should use 195.1.1.251 for its Web Server so that people on

the outside can access it. The internal web server is at
10.0.0.80. Configure a secondary address of 10.0.0.80 on the
loopback address to test this configuration.
On R1
R1(config)#ip nat inside source static 10.0.0.80 195.1.1.251
R1(config-if)#ip address 10.0.0.80 255.0.0.0 secondary

Page 174 of 193
On R1
Type Show IP nat translations. Do you see the static translation

already present in the translation table.
Ping 195.1.1.252 from R2. Are you successful?
Are you successful?
Type Show IP nat translations. Do you see the Dynamic translation

done for the 10.0.0.1 as 195.1.1.1?
ISP (R2) assigns R3 a public range of 195.1.3.32/30 subnet.

Configure R2 to route all packets destined for this network
towards R3
On R2
R2(config)#ip route 195.1.3.32 255.255.255.252 192.1.23.3
Translate the 192.168.1.0 Network behind R3 using the

195.1.3.33 address (PAT). The entire should be able to go out
simultaneously using this address.
On R3
R3(config)#access-list 121 permit ip 192.168.1.0 0.0.0.255 any
R3(config)#ip nat pool DP 195.1.3.33 195.1.1.33
R3(config)#ip nat inside source list 121 pool DP overload
R3(config)#interface Loopback0
R3(config-if)#ip nat inside
R3(config-if)#interface E 0/0
R3(config-if)# ip nat outside
There is a web server at 192.168.1.5 and a DNS server at

192.168.1.6. Translate these servers to 192.168.1.34 on the
outside. Use Static PAT to accomplish this task.

Page 175 of 193
On R3
R3(config)#ip nat inside source static tcp 192.168.1.5 80 195.1.1.34 80
R3(config)#ip nat inside source static udp 192.168.1.6 80 195.1.1.34 53
On R3
Type Show IP nat translations. Do you see the static translation

already present in the translation table.
Are you successful?
Type Show IP nat translations. Do you see the Dynamic translation

done?

Page 176 of 193
Lab 5 – Configuring IPv6 with RIPng
R1 R2
Lo 0 E 0/0 E 0/0 3 Lo 0
2000:192:1:12::/64 S 0/0.1
Frame 2000:192:1:23::/64
S 0/0.1
2000:192:1:34::/64
Lo 0 E 0/0 E 0/0 Lo 0
R4 R3
Objective: Configure IPv6 on the Routers. Run RIPng to route between the
networks.
Enable IPv6 routing on R1,R2, R3 and R4. Assign IPv6

addresses to the E 0/0 interface of the routers as follows:
R1 – 2001:1:1:12::1 /64
R2 – 2001:1:1:12::2 /64
R3 – 2001:1:1:34::3 /64
R4 – 2001:1:1:34::4 /64
On R1
R1(config)#ipv6 unicast-routing
R1(config-if)#ipv6 address 2001:1:1:12::1/64

Page 177 of 193
On R2
On R3
On R4
Configure the Loopback0 interface on all routers using the

auto-assigned addresses as follows:
R1 – Loopback0 – 2001:1:1:1::/64
R2 – Loopback0 – 2001:2:2:2::/64
R3 – Loopback0 – 2001:3:3:3::/64
R4 – Loopback0 – 2001:4:4:4::/64
On R1
R1(config)#Interface Loopback 0
R1(config-if)#ipv6 address 2001:1:1:1::/64 eui-64
On R2

Page 178 of 193
On R3
On R4
Configure Frame-relay between R2 and R3 using the folloing

IPV6 addresses:
R2 – 2001:1:1:23::2/64
R3 – 2001:1:1:23::3/64
Ensure that the routers can ping each other’s serial interface.
Also allow R2 and R3 to ping their own IP addresses. Use a sun-
interface on R2 and R3 for the Frame relay configuration.
On R2
R2(config-if)#encap frame-relay
R2(config-if)#interface S 0/0.1 point-to-point
R2(config-subif)#ipv6 address 2001:1:1:23::2/64
R2(config-subif)#frame-relay interface-dlci 203
On R3
R3(config-if)#interface S 0/0.1 point-to-point
R3(config-subif)#ipv6 address 2001:1:1:23::3/64
R3(config-subif)#frame-relay interface-dlci 302
Configure RIPng on all routers to route all loopbacks. Enable

RIPng under the following interfaces:
R1 – E 0/0, Loopback 0
R2 – E 0/0, Loopback 0, S 0/0.1

Page 179 of 193
R3 – E 0/0, Loopback 0, S 0/0.1
On R1
R1(config)#Interface Loopback0
R1(config-if)#ipv6 rip 1234 enable
On R2
R2(config-if)#Interface S 0/0.1
On R3
On R4
On All Routers
Type Show IPv6 Route rip. Do you see all the IPv6 routes learned thru
RIPng?
Find out the Interface IP addresses of the Loopbacks by typing Show

IPv6 Interface Brief.
Ping these address from each router to ensure connectivity.

Page 180 of 193
Lab 6 – Configuring OSPF V3
(Builds on Lab 5)
Objective: Configure OSPFv3 as the routing protocol to connect the Loopback

networks.
Disable RIP NG on all routers on all interfaces.
On R1
R1(config-if)#No ipv6 rip 1234 enable
On R2
On R3
On R4

Page 181 of 193
Configure the routers in OSPFv3 area 0 and advertise their
directly connected interfaces in this area
On R1
R1(config)#IPv6 router ospf 1
R1(config-router)#Interface Loopback 0
R1(config-if)#ipv6 ospf 1 area
R1(config-if)# Interface E 0/0
On R2
R2(config-if)# Interface S 0/0.1
On R3
On R4

Page 182 of 193
Ensure that the loopback interfaces are advertised with their
correct mask.
On R1
R1(config-if)# ip ospf network point-to-point
On R2
On R3
On R4
On All Routers
Type Show IPv6 Route ospf. Do you see all the IPv6 routes learned thru
OSPFv3?


Page 183 of 193
Lab 7 – Configuring IPv6 through a IPv4
Network using a Tunnel
R1 R2
Lo 0 E 0/0 E 0/0 3 Lo 0
2000:1:1:12::/64 S 0/0
Frame 192.1.23.0/24
S 0/0
2000:1:1:34::/64
Lo 0 E 0/0 E 0/0 Lo 0
R4 R3
Objective: IPv6 is running between R1-R2 and between R3-R4. IPv4 is running
between R2-R3. You need to connect the 2 IPv6 networks over a IPv4 network
using a Tunnel.
Enable IPv6 routing on R1,R2, R3 and R4. Assign IPv6

addresses to the E0/0 interface of the routers as follows:
R1 – 2001:1:1:12::1 /64
R2 – 2001:1:1:12::2 /64
R3 – 2001:1:1:34::3 /64
R4 – 2001:1:1:34::4 /64
On R1

Page 184 of 193
On R2
On R3
On R4
Configure the Loopback0 interface on all routers using the

auto-assigned addresses as follows:
R1 – Loopback0 – 2001:1:1:1::1/64
R2 – Loopback0 – 2001:2:2:2::2/64
R3 – Loopback0 – 2001:3:3:3::3/64
R4 – Loopback0 – 2001:4:4:4::4/64
On R1
On R2
On R3

Page 185 of 193
On R4
Configure RIPng on all routers to route all loopbacks. Enable

RIPng under the following interfaces:
On R1
On R2
On R3
On R4

Page 186 of 193
Configure the Frame Relay link between R2 and R3 as an IPv4
Link on the 192.1.23.0/24 network.
On R2
On R3
Create a Tunnel between R2 and R3 Assign it an IPv6 address

of 2001:23:23:23::/64. Set the Tunnel Mode to IPv6. Enable
RIPng on the Tunnel Interface
On R2
R2(config)#Interface Tunnel 23
R2(config-if)#tunnel source S 0/0
R2(config-if)# tunnel destination 192.1.23.3
R2(config-if)#tunnel mode IPv6IP
On R3
R3(config)#Interface Tunnel 23
R3(config-if)#tunnel source S 0/0
R3(config-if)# tunnel destination 192.1.23.2
R3(config-if)#tunnel mode IPv6IP
On All Routers
Type Show IPv6 Route rip. Do you see all the IPv6 routes learned thru
RIPng?

Page 187 of 193
Lab Can
8 you
– Configuring
ping the R4 loopback fromIPv6 over
R1 and vice versa? Point-to-
point and Multipoint
R1
R2
R4
Frame-Relay
R3
IP addressing and DLCI information Chart
Routers IP address Local Connecting

DLCI to:
R1 S0/0.123: 102 R2
2001:150:1:30::1 /64 103 R3
S0/0.14: 2001:150.1.60::1 104 R4
/64
R2 S0/0: 2001:150:1:30::2 201 R1
/64 R3

Page 188 of 193
R3 S0/0: 2001:150:1:30::3 301 R1
/64 R2
R4 S0/0: 2001:150.1.60::4 401 R1
/64
Objective: Configure IPv6 over Frame-relay. Configure OSPFv3 to route the
loopback networks over the Frame Cloud.
Configure the R1 and R4 as follows:
o R1 (The HUB) must be configured with two sub-

interfaces, one of the two sub-interfaces must be
configured to connect R1 to R4, this sub-interface
should be configured in a point-to-point manner using
the following IP addressing:
R1 = 2001:192:1:14::1/64
R4 = 2001:192:1:14::4/64
o R4 should not be configured with a sub-interface.
On R1
R1(config)#IPv6 unicast-routing
R1(config)#Interface S0/0
R1(config-if)#Encapsulation frame-relay
R1(config-if)#No frame-relay inverse
R1(config-if)#No shut
R1(config-if)#Int S0/0.14 point-to-point
R1(config-subif)#Ipv6 address 2001:192:1:14::1/64
R1(config-subif)#Frame-relay interface-dlci 104
On R4
R4(config-if)#Ipv6 address 2001:192:1:14::4/64
R4(config-if)#Frame-relay map ipv6 2001:192:1:14::1 401 broadcast
Configure the R1, R2 and R3 as follows:

Page 189 of 193
o The second sub-interface on R1 must be configured in a
multipoint manner, and this sub-interface must be
configured to connect R1 to routers R2 and R3 using
the following IP addressing:
R1 = 2001:192:1:123::1 /64
R2 = 2001:192:1:123::2 /64
R3 = 2001:192:1:123::3 /64.
o Routers R2, R3 should not be configured with a sub-

interface and these routers should NOT rely on Inverse-
arp.
o Ensure that the R2 can ping R3.
On R1
R1(config)#Int S0/0.123 multipoint
R1(config-subif)#Ipv6 address 2001:192:1:123::1/64
R1(config-subif)#Frame-relay map ipv6 2001:192:1:123::2 102 broad
R1(config-subif)#Frame-relay map ipv6 2001:192:1:123::3 103 broad
On R2
R2(config-if)#Frame-relay map ipv6 2001:192:1:123::3 201
On R3
R3(config-if)#Frame-relay map ipv6 2001:192:1:123::2 301

Page 190 of 193
Configure the routers in OSPFv3 area 0 and advertise their
directly connected interfaces in this area. Also Configure
Loopbacks on all 4 Routers using the 2001:X:X:X::X/64 format
On R1
R1(config-subif)#ipv6 ospf 1 area
R1(config-subif)# Interface S 0/0.123
R1(config-subif)#ipv6 ospf 1 area
R1(config-subif)# Frame-relay map ipv6 Link-Local 102
R1(config-subif)# Frame-relay map ipv6 Link-Local 103
R1(config-subif)# ipv6 ospf network point-to-multipoint
(Find the Link-Local Address for R2 and R3 by using Show IPv6 int brief
on R2 and R3 respectively. This is required for OSPFv3 Neighbor
relationship to be established)
On R2
R2(config-if)# Interface S 0/0
R2(config-if)# Frame-relay map ipv6 Link-Local 201
(Find the Link-Local Address for R1 by using Show IPv6 int brief on R1.
This is required for OSPFv3 Neighbor relationship to be established)
On R3

Page 191 of 193
R3config-if)#ipv6 ospf 1 area
(Find the Link-Local Address for R1 by using Show IPv6 int brief on R1.
This is required for OSPFv3 Neighbor relationship to be established)
On R4
R4config-if)#ipv6 ospf 1 area
R4(config-subif)# ipv6 ospf network point-to-point
Ensure that the loopback interfaces are advertised with their

correct mask.
On R1
On R2
On R3
On R4

Page 192 of 193
On All Routers
Type Show IPv6 Route ospf. Do you see all the IPv6 routes learned thru
OSPFv3?


Page 193 of 193

Aut Hor I Zed: LAB Manual

Enviado por

Dados do documento

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

Aut Hor I Zed: LAB Manual

Enviado por

Direitos autorais:

Formatos disponíveis

Aut

Copyrights Networkers Home 2007-2015

Subnetting the 200.200.200.0 network into 6 subnets

 We borrow 3 bits, giving us a new mask of 255.255.255.224 or 27 bit Subnet Mask.

Copyrights Networkers Home 2007-2015

 The network numbers are as follows:

200.200.200.10100100 (200.200.200.164) Valid Host Range: 165-166

25 Hosts 200. 200.200.168/30

200. 200.200.128/27 25 Hosts

Copyrights Networkers Home 2007-2015

Objective: Given an IP address of 200.1.1.0, use VLSMs to assign IP addresses in a efficient

Copyrights Networkers Home 2007-2015

 Reduces the size of Routing Tables

150. 50. 34. 0/24

Routing Table 150. 50. 35. 0/24

Copyrights Networkers Home 2007-2015

Write the network in Binary Format.

Copyrights Networkers Home 2007-2015

Where would you do Route Summarization?

What would the Summarized addresses be?

Copyrights Networkers Home 2007-2015

Where would you do Route Summarization?

What would the Summarized addresses be?

Copyrights Networkers Home 2007-2015

Interface IP Address Subnet M ask

Interface IP Address Subnet M ask

Objective: Configuring RIP v1 on the routers to exchange routes between the

Copyrights Networkers Home 2007-2015

Type Show ip route

What networks do you see listed?

Ping your partner’s Loopback Interface address. Are you successful?

Copyrights Networkers Home 2007-2015

(Note: This lab builds on the configuration of Lab 1)

RIP: Sending V1 update to 255.255.255.255 via Serial 0/0 (192.1.12.1)

RIP: build flash update entries

Copyrights Networkers Home 2007-2015

Turning Split Horizon Off

RIP: Sending v1 update to 255.255.255.255 via Serial0/0 (192.1.12.1)

Copyrights Networkers Home 2007-2015

(Note: This lab builds on the configuration of Lab 2)

Turning Split Horizon Back on

Sending Unicast Updates on S 0/0 interface

Passive interface command disables RIP from sending broadcasts over a

Copyrights Networkers Home 2007-2015

Interface IP Address Subnet M ask

Interface IP Address Subnet M ask

Copyrights Networkers Home 2007-2015

Interface IP Address Subnet M ask

Interface IP Address Subnet M ask

Copyrights Networkers Home 2007-2015

Copyrights Networkers Home 2007-2015

Objecctive: Use the default-information originate instead of the default-route

 This is done by using the Default-information originate on R2

Copyrights Networkers Home 2007-2015

Interface IP Address Subnet M ask

Objective: Configuring RIP v1 on the routers to exchange routes between the

Copyrights Networkers Home 2007-2015

Type Show ip route

What networks do you see listed?

Ping your partner’s Loopback Interface address. Are you successful?

Copyrights Networkers Home 2007-2015

RIP: Sending V2 update to 224.0.0.9 via Serial 0/0 (192.1.12.1)

Copyrights Networkers Home 2007-2015