& ipexpert IPexpert’s Lab Preparation Workbook for the Cisco® CCIE™ v4 Routing & Switching Lab Exam Volume 1IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam IPexpert’s Workbook for the Cisco® CCIE™ R&S v4.0 Lab Exam Volume 1 Before We Begin This product is part of the IPexpert "Blended Learning Solution™" that provides CCIE candidates with 4 comprehensive training program. For information about the full solution, contact an IPexpert Training Advisor today. Telephone: +1.810.326.1444 Email: sales@ipexpert.com Congratulations! You now possess one of the ULTIMATE CCIE™ Routing & Switching Lab Preparation resources available today! This resource was produced by senior engineers, technical instructors and authors, boasting decades of internetworking experience. Although there is no way to guarantee a 100% success rate on the ccle™ Routing & Switching Lab.exam, we feel VERY confident that your chances of passing the Lab will improve dramatically after completing this industry-recognized Workbook! At the beginning of each section, you will be referred to a diagram of the network topology. All sections utilize the same physical topology, which can be rented at ww. Proctoriabs.com. Technical Support from IPexpert and your €CIE community! ge ipexpert Blog a blog for CCIEs and those thaf wantto)be CCIE>Blog_ ONLIN E «sy study li IPexpert is proud to lead the industry with multiple support options at your disposal free of charge. Our online communities have attracted a membership of nearly 20,000 of your peers from around the world! At EverythinglE.com you may social-network with your peers all focused on attaining the same goal as you - the CCIE Lab. At CCIEBlog.com you can keep up to date with everything IPExpert does, as well as start your ov CCIE-focused blog or simply add your existing blog to our directory so your peers can find you. At OnlineStudyList.com, you may subscribe to multiple “SPAM-free”, CCIE-focused email lists. v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved 1Volume 1 — Introduction IPexpert’s Workbook for the Cisco CCIE™ Routing & v4.0 Lab Exam Feedback Do you have a suggestion or other feedback regarding this book or other IPexpert products? At IPexpert, ‘we ook to you — our valued clients — for the real world, frontline evaluation that we believe is necessary to improve continually. Please send an email with your thoughts to feedback@ipexpert.com or call 1.866.225.8064 (international callers dial +1.810.326.1444). In addition, when you pass the CCIE™ Lab exam, we want to hear about It! Emall your CCIE™ number to success @ipexpert.com and let us know how IPexpert helped you succeed. We would like to send you Gift of thanks and congratulations. Additional CCIE™ Preparation Material IPexpert, Inc. is committed to developing the most effective Cisco CCIE™ R&S, Security, Service Provider, and Voice Lab certification preparation tools available. Our team of Certified networking professionals develops the most up-to-date and comprehensive materials for networking certification, including self-paced workbooks, online Cisco hardware rental, classroom training, online (distance learning) instructor-led training, audio products, and video training materials. Unlike other certification- training providers, we employ the most experienced and accomplished team of experts to create, maintain, and constantly update our products. At IPexpert, we are focused on making your CCIE™ Lab preparation more effective. A message from the Author(s): The scenarios covered in this workbook were developed by Rouiting & Switching CCIEs to help you prepare for the Cisco CCIE Routing & Switching laboratory. it'is strongly recommended that you use ‘other reading materials in addition to this workbook: Training is not the CCIE Routing & Switching workbook objective. The intent of these labs is to test your knowledge and ability of implementing Cisco Enterprise Routing & Switching Solutions. Time management Is very important, if you get stuck on a lab scenario be sure to write it down. Formulate ‘a Checklist for skioped sections and then return to those sections once you have gone through the entire lab. Be sure to revisit the questions that you do not understand. For more information on the CCIE Routing & Switching lab, please visit (http://www cisco.com/aoiccie) and click on the link for Routing & Switching on the top-right of the page. Helpful Hints Keep It Simple, try to avoid any extra work (example: adding descriptions) Always reference everything from the Documentation Website: http:/www.cisco.com/web/psa/products/index.htm! Save your router configurations often (wz is the quickest command) w Copyright © 2010 by IPexpert, Inc. Al Rights Reserved, v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam Volume 1— EULA IPEXPERT END-USER LICENSE AGREEMENT END USER LICENSE FOR ONE (1) PERSON ONLY IF YOU DO NOT AGREE WITH THESE TERMS AND CONDITIONS, DO NOT OPEN OR USE THE TRAINING MATERIALS. This is a legally binding agreement between you and IPEXPERT, the “Licensor” from whom you have licensed the IPEXPERT {raining materials (the “Training Materials"). By using the Training Materials, you agree to be bound by the terms ofthis License, ‘except to the extent these terms have been modified by a written agreement (the “Goveming Agreement’) signed by you (or the party that has licensed the Training Matenals for your use) and an executve officer of Licensor. If you do not agree to the License ferms, the Licensor is unwilng to icense the Training Materials to you: In this event, you may not use the Training Materials, and ‘you should promptly contact the Licensor for retum instucions. ‘The Training Matenals shall be used by only ONE (1) INDIVIDUAL who shall be the sole individual authorized to use the Training Materials throughout the term of this License. Copyright and Proprietary Rights ‘The Training Matenals are the property of IPEXPERT, Inc. ("IPEXPERT"),and are protected by United States and Intemational copyright laws. All copyighl trademark, and other proprietary rights in the Tearing Materials and in tne Traning Materials, te graphics, design elements, audio, and all other materials originated by IPEXPERT.at its site, in its workbooks, scenarios and courses (the "IPEXPERT Information’) are reserved to IPEXPERT. ‘The Training Materials cannot be used by or transferred to any other persOn. You may not rent, lease, loan, barter, sell or time- share the Training Materials or accompanying documentation, You may not reverse engineer, decompile, or disassemble the Training Materials. You may not modify, or create derivative works based upon the Training Materials in whole or in part. You may not reproduce, store, upload, post, transmit, download or distribute in-any form or by any means, electronic, mechanical, recording ‘or othenwise any part of the Training Materials and IPEXPERT Information other than printing out or downloading portions of the text and images for your own personal, non-commercial use without the prior written permission of IPEXPERT. ‘You shall observe copyright and other resiftions imposed by IPEXPERT. You may not use the Training Materials or IPEXPERT Information in any manner that infinges the rights of any person or entity. Exclusions of Warranties ‘THE TRAINING MATERIALS. AND DOCUMENTATION ARE PROVIDED “AS IS.” LICENSOR HEREBY DISCLAIMS ALL OTHER WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, INCLUDING WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. SOME STATES DO NOT ALLOW THE LIMITATION OF INCIDENTAL DAMAGES, OR LIMITATIONS ON HOW LONG AN IMPLIED WARRANTY LASTS, SO THE ABOVE LIMITATIONS OR EXCLUSIONS MAY NOT APPLY TO YOU. This agreement gives you specific legal nghts, and you may have other nghts that vary from state to state. Choice of Law and Jurisdiction This Agreement shall be governed by and construed in accordance with the laws of the State of Michigan, without reference to any confit of law principles. You agree that any Itigation or other proceeding between you and Licensor in connection with the Training Materials shall be brought in the Michigan state or courts located in Port Huron, Michigan, and you consent to the jurisdiction of such ‘courts to decide the matter. The parties agree that the United Nations Convention on Contracts for the International Sale of Goods hall not apply to this License. ery provision of tis Agreement held wali, the reminder of ris Licence shal continue in ul and Limitation of Claims and Liability ANY ACTION ON ANY CLAIM AGAINST IPEXPERT MUST BE BROUGHT BY THE USER WITHIN ONE (1) YEAR FOLLOWING ‘THE DATE THE CLAIM FIRST ACCRUED, OR SHALL BE DEEMED WAIVED. IN NO EVENT WILL THE LIGENSOR’S LIABILITY v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved 3Volume 1 EULA ‘3 Workbook for the Cisco CCIE™ Routing & v4.0 Lab Exam, UNDER, ARISING OUT OF, OR RELATING TO THIS AGREEMENT EXCEED THE AMOUNT PAID TO LICENSOR FOR THE TRAINING MATERIALS. LICENSOR SHALL NOT BE LIABLE FOR ANY SPECIAL, INCIDENTAL, INDIRECT, OR CONSEQUENTIAL DAMAGES, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, REGARDLESS OF WHETHER LICENSOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. WITHOUT LIMITING THE FOREGOING, LICENSOR WILL NOT BE LIABLE FOR LOST PROFITS, LOSS OF DATA, OR COSTS OF COVER. Entire Agreement This is the entire agreement between the parties and may not be modified except in writing signed by both parties, U.S. Government - Restricted Rights. ‘The Training Materials and accompanying documentation are “commercial computer Training Materials’ and “commercial computer ‘Training Matenals documentation,” respectively, pursuant to DFAR Section 2277202 and FAR Section 12.212, as applicable. Any use, modification, reproduction release, performance, display, or disclosure of the Training Materials and accompanying ‘documentation by te U.S. Goverment shall be governed sell by the tem of ts Agreement and shall be prohibited except to the extent expressly permitted by the terms of this Agreement. IF YOU DO NOT AGREE WITH THE ABOVE TERMS AND CONDITIONS, DO NOT OPEN OR USE THE TRAINING MATERIALS AND CONTACT LICENSOR FOR INSTRUCTIONS ON RETURN OF THE TRAINING MATERIALS, 4 Copyright © 2010 by IPexpert, Inc. Al Rights Reserved, v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam Volume 4 — Diagrams, Layer 2 Connectivity Diagram Catt Fant Gata Fa024 Catt F024 Com = So ‘Ra Frame Relay ‘R4 Frame Relay fae para rant ieee Brows m3 Seas ene Os Fe0i23 Cais Fa023 Cala Fe023 ‘RS FrameRolay 86 Frame Relay RB SeC2i1 —-ROSeNa Routir utchi R7ScUOD RB SCOOD lions Table . e pert v1900 Copyright © 2010 by IPexpert, Inc. All Rights Reserved.Volume 1 — Diagrams IPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam Base Connectivity Diagram 6 Copyright © 2010 by IFexper, Inc. Al Rights Reserved. v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 1 — Table of Contents IPexpert’s Workbook for the Cisco® CCIE™ R&S v4.0 Lab Exam Volume 1 NOTE You are encouraged to take advantage of the knovdedge and support from your peers around the globe. Join ccieblog.com to journal your progress. And join OnlineStudyList.com to get more community support and also official support from IPexpert. Table of Contents IPEXPERT END-USER LICENSE AGREEMENT. END USER LICENSE FOR ONE (1) PERSON ONLY. U.S. Government - Restricted Rights. Layer 2 Connectivity Diagram Base Connectivity Diagram. Lab 1 - General Setup Lab 1 Topology Lab 1 Pre-Lab| Lab 1 Configuration Tasks Lab 2 - Switching: Per VLAN Spanning Tree +.. Lab 2 Topology Lab 2 Pre-Lab Setup. Lab 2 Configuration Tasks. Lab 3 - Switching: Multiple Spanning Tree ... Lab 3 Topology, Lab 3 Pre-Lab Setup. Lab 3 Configuration Tasks. Lab 4 - Switching: Rapid Per VLAN Spanning Tree+ .... Lab 4 Topology Lab 4 Pre-Lab Setup. Lab 4 Configuration Tasks Lab 5 - Layer 2 Tunneling Lab 5 Topology... Lab 5 Pre-Lab Setup........ Lab 5 Configuration Tasks. v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved 1Volume 1 —Table of Contents IPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam Lab 6 - Frame Relay .. Lab 6 Topology Lab 6 Pre-Lab Setup. Lab 6 Configuration Tasks. Lab 7 - Bridging and Frame Relay .. Lab 7 Topology... Lab 7 Pre-Lab Setup. Lab 7 Configuration Tasks. Lab 8 - RIPv2.. Lab 8 Pre-Lab Setup. Lab 8 Configuration Tasks Lab 9 - EIGRP. Lab 9 Layer 2 Topology. Lab 9 Layer 3 Topology. Lab 9 Pre-Lab Setup....... Lab 9 Configuration Tasks. Lab 10 - OSPF Lab 10 Layer 2 Topology... - see 68 Lab 10 Layer 3 Topology 69 Lab 10 Configuration Tasks a 71 Lab 11 — OSPF... Lab 11 Topology... Lab 11 Addressing Table Lab 11 Pre-Lab Setup. Lab 11 Configuration Tasks Lab 12 - GRE and Routing Protocols. Lab 12 Topology cere Lab 12 Pre-Lab Setup. Lab 12 Configuration Tasks. Lab 13 - Border Gateway Protocol.. Lab 13 Layer 2Topdlogy Lab 13 Layer 3 Topology Lab 13 Pre-Lab Setup. Lab 13 Configuration Tasks. Lab 14 - Multiprotocol BGP .. Lab 14 Topology...... Lab 14 Addressing Table Lab 14 Pre-Lab Setup. Lab 14 Configuration Tasks. 8 Copyright © 2010 by IPexpert, Inc. Al Rights Reserved, v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 1 Table of Lab 15 - Routing Protocol Redistribution .... Lab 15 Layer 2 Topology Lab 15 Layer 3 Topology Lab 15 Pre-Lab Setup. Lab 15 Configuration Tasks. Lab 16 - ACLs and Filters for IPv4.. Lab 16 Layer 2 Topology... Lab 16 Layer 3 Topology Lab 16 Pre-Lab Setup. Lab 16 Configuration Tasks. Lab 17 - Router Security Lab 17 Layer 2 Topology Lab 17 Layer 3 Topology Lab 17 Pre-Lab Setup.... Lab 17 Configuration Tasks Lab 18 - Router Security Lab 18 Topology renee Lab 18 Addressing Table Lab 18 Pre-Lab Setup. Lab 18 Configuration Tasks. Lab 19 - Router Redundancy and Network Services. Lab 19 Topolog Lab 19 Configuration Tasks Lab 20 - Advanced Router Management Lab 20 Topology ...... Lab 20 Pre-Lab Setup. Lab 20 Configuration Tasks Lab 21 — Quality of Service... Lab 21 Topology Lab 21 Pre-Lab Setup. Lab 21 Configuration Tasks Lab 22 - Legacy QoS to MQC Conversion... Lab 22 Topology «nn Lab 22 Pre-Lab Setup. Lab 22 Configuration Tasks Lab 23 - Quality of Service ... Lab 23 Topolog Lab 23 Addressing Table Lab 23 Pre-Lab Setup. Lab 23 Configuration Tasks. v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved 9Volume 1 —Table of Contents Lab 24 - Multicast Lab 24 Topology Lab 24 Pre-Lab Setup. Lab 24 Configuration Tasks. Lab 25 - Multicast Lab 25 Topology....... Lab 25 Addressing Table... Lab 25 Pre-Lab Setup........ Lab 25 Configuration Tasks. Lab 26 - Multi-Protocol Label Si Lab 26 Topology Lab 26 Addressing Table... Lab 26 Pre-Lab Setup........ Lab 26 Configuration Tasks. Lab 27 - Multiprotocol BGP .. Lab 27 Topology wre Lab 27 Addressing Table... Lab 27 Pre-Lab Setup. Lab 27 Configuration Tasks. Lab 28 - MPLS VPN... Lab 28 Topology....... Lab 28 Addressing Table... Lab 28 Pre-Lab Setup.... Lab 28 Configuration Tasks. Lab 29 - Inter-AS MPLS VPN .. Lab 29 Topology... Lab 29 Addressing Table... Lab 29 Pre-Lab Setup. Lab 29 Configuration Tasks, Lab 30 - Multicast VPN... Lab 30 Topology... Lab 30 Addressing Table... Lab 30 Pre-Lab Setup. Lab 30 Configuration Tasks Lab 31 - Layer 2 VPN. Lab 31 Topolog . Lab 31 Addressing Table Lab 31 Pre-Lab Setup. Lab 31 Configuration Tasks. Lab 32 - RIPng and EIGRPV6.. Lab 32 Topology «0... Lab 32 Pre-Lab Setup....... Lab 32 Configuration Tasks. 10 Copyright © 2010 by IPexpert, Inc. Al Rights Reserved, v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 1 Table of Lab 33 - OSPFv3 and Multiprotocol BGP... Lab 33 Topology Lab 33 Pre-Lab Setup. Lab 33 Configuration Tasks. Lab 34 - Cisco IOS Firewalls Lab 34 Topology....... Lab 34 Address Table. Lab 34 Pre-Lab Setup. Lab 34 Configuration Tasks. v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved uIPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam This page left intentionally blank 2 Copyright © 2010 by IPexpert, Inc. Al Rights Reserved, v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 4 Lab 1 Lab 1 - General Setup Overview While anyone becoming a CCIE these days will not be required to provide a topology drawing to the proctors, writing your own is a valuable skill to ensure that you are able to quickly articulate and diagram a network for both yourself and others, when it is required. In order to ensure you succeed in your lab you will create your own diagram identifying any pertinent information on a piece of paper, for each and every lab that you configure as part of your CCIE preparation or network that you work on in the field, until you can fully visualize the network in your mind. The terminal server and frame-relay switch aré~ already configured. Changes to these devices are not allowed, just like in the real lab. Routers and switches can be accessed via the Terminal Server's CLI simply by typing device names (R1, R2, Cat, Cat2, etc.). In the real lab, basic IP addressing may be completed for you. General startup configurations will likely vary from lab to lab to ensure exam diversity. We expect you to be able to perform all of the tasks in this lab much like you must be able to in real life implementations as they provide the foundational configuration for the devices that will be used in later labs. Estimated Time to Complete: 1-2 Hours v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved 13Volume 1 — Lab Lab 1 Topology IPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam veo'se‘OOr Ost 14 All Routers have a loopback ‘address of 200.0.0.X/32. R&S Volume 1 Lab 1 General Setup Frame Relay 2 150.100.24.0/24 \s Frame Rolay1 —} 150.100.100.028 4; Fat 750,100.81.0/24 ipexpert ZY Copyright © 2010 by IFexper, Inc. Al Rights Reserved. v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 4 Lab 1 Lab 1 Pre-Lab Setup « Logically connect and configure your network as displayed in the Topology Diagram. You may also refer to the Diagram located within your configuration files for topology information. « Catalyst Interconnectivity: The catalyst switches are connected via a pair of FastEthernet ports between Each other and Cat1 and Cat2 have an additional Gigabit Ethernet Connection. Please refer to the “Layer 2 Connectivity Diagram” and the “Base Connectivity Diagram” at the beginning of the workbook or in your configuration files. « You will be using the above diagrams throughout this lab. e This lab is intended to be used with online rack access provided by www.proctorlabs com. Connect to the terminal server for the online rack, and complete the configuration tasks as detailed below. Prerequisites: + Ifusing your own hardware: €, Login to iPexpert.com, navigate to the “My Configs” area, download “IPexpert Routing & Switching Volume 1 Configs’, find the Lab 1 INITIAL Configs, and copy and paste the proper router/switch files to the proper devices. * Ifyou are using ProctorLabs, Log on to your Routing & Switching vRack Web UE 2 Near the top of the web page click the “Load Lab Configs” button and choose: Volume 4 > Lab 1 > INITIAL As a General Rule of Thumb we recommend you read the entire Lab before beginning. v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved 15Volume 1 — Lab IPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam Lab 1 Configuration Tasks 14 1.2 1.3 14 15 16 17 Configure Cat1 with the hostname “Cat1” and Cat2 as “Cat2”. Configure Catt to be the VTP server and Cat2 to be a VTP client. Set both switches to be in the VTP domain “Lab1”. Configure VLANs based on the following table. Name the VLANs as shown. ee! RS 100 (VLANA) R1 FO/1 and BB1 12 (VLANB) R1 FO/0 and R2 Gi0/O 40 (VLANC) R4 FO/O 567(VLAND) RS FO/0, R6 FO/O and R7 FO/O 200 (VLANE) R8 FO/0 and BB2 300(VLANF) R9 FO/0 and BB3 Configure Cat3 with the hostname “Cat3” and Cat4 as “Cat4”. Set both switches to be in the VTP domain “Lab1A”. Configure VLANs based on the following table. Disable any connections on the Catalyst switches to switches in the other VTP domain. EET Lt Tey 240 R4 2567 R5, R6.and R7 2300 RO 2200 R&B Configure all routers-with'a hostname of “RX” where X is the router number. Referring to the Lab 1 Topology; configure the appropriate interfaces on the routers to a “Status up / Protocol up” state. On R2 use a point-to- point and»a multipoint sub-interface. On R4 use a point-to-point sub- interface. Use the physical interface on the rest of the frame-relay connections. Note: Keep in mind that the serial interfaces connected to the Frame Relay cloud must have “encapsulation Frame Relay” configured and a clock rate must be configured on the appropriate end of point-to-point serial interfaces. Add IP addressing to the interfaces as provided in Lab 1 Topology. Assure you can ping all locally-attached interfaces/devices. Configure R1 and R2 to allow telnet access. Ensure that the password used to gain access is “ip?expert”. (Yes, the ? is part of the password). Configure the routers to avoid DNS lookups. Copyright © 2010 by IPexpert, Inc. Al Rights Reserved, v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 4 Lab 1 1. v1900 8 To save time in the future, establish the following aliases on all devices: e sir = “show ip route” e siib = “show ip interface brief” « myip = the same as ‘siib” except only actual assigned IPs are displayed Configure the routers so that console access is allowed and requires the use of the password “ipexpert”. Configure the routers and Cat's with an enable secret of “ipexpert”. Configure R1 and R2 with interface descriptions for interfaces that connect to another device. BB1 connected to R1 is not able to understand CDP'so disable it on R1 Fa0/1. Also, increase the amount of time between CDP packets to 120 seconds on R1. Ensure that the VTP Management Domain Name is not advertised via CDP from R1. On R1 ensure that the IP address of Loopback0 is inserted in every CDP packet. Ensure that passwords in the running-configuration are encrypted. Configure a message of .the day “banner on all devices, warning unauthorized users. After everything is tested and completed, go back to the Catalyst switches and make some adjustments such that all links between all switches will be connected and up. This will force a change in a previous task. Use VTP domain “ipexpert”. Technical Verification and Support To verify your configurations please review the Volume 1 Detailed Solution Guide that you received along with this Workbook. Support is also available in the following ways: IPexpert Support: www.OnlineStudyList.com |Pexpert Blog: blog.ipexpert.com ProctorLabs Hardware Support: support@ipexpert.com Copyright © 2010 by IPexpert, Inc.All Rights Reserved waIPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam This page left intentionally blank 18 Copyright © 2010 by IPexpert, Inc. Al Rights Reserved, v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 4 Lab 2 Lab 2 - Switching: Per VLAN Spanning Tree + Technologies Covered Etherchannel VLAN Trunking VTP 802.1x Spanning-Tree Port-security RSPAN Private VLANs VLAN Maps Overview With four switches on the CCIE-R&S Jab (a combination of Catalyst 3550 and Catalyst 3560.switches with the v3.0 blueprint and four Catalyst 3560 switches on the v4.0 blueprint), there is the potential for a lot of detailed challenges in the "Switching" portion of the Routing & Switching exam. This lab is part ofa series that will help prepare you for the types of scenarios you may be presented with. Estimated Time to Complete: 3-4 Hours v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved 19Volume 1 —Lab 2 IPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam Lab 2 Topology r R&S Volume 1 Lab 2 Switching: Per VLAN Spanning Tree + at 150.100.12.0/24 100.100.250.0/28 VLAN 300 100.100.100.028 VAN 100 150,100.40.0/24 RS 150.100.220.0/28 ‘VLAN 567 ipexpert 20 Copyright © 2010 by IFexper, Inc. Al Rights Reserved. v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 4 Lab 2 Lab 2 Pre-Lab Setup « Logically connect and configure your network as displayed in the Topology Diagram. You may also refer to the Diagram located within your configuration files for topology information. « Catalyst Interconnectivity: The catalyst switches are connected via a pair of FastEthernet ports between Each other and Cat1 and Cat2 have an additional Gigabit Ethernet Connection. Please refer to the “Layer 2 Connectivity Diagram” and the “Base Connectivity Diagram” at the beginning of the workbook or in your configuration files. « You will be using the above diagrams throughout this lab. e This lab is intended to be used with online rack access provided by www.proctorlabs com. Connect to the terminal server for the online rack, and complete the configuration tasks as detailed below. Prerequisites: + Ifusing your own hardware: €, Login to iPexpert.com, navigate to the “My Configs” area, download “IPexpert Routing & Switching Volume 1 Configs’, find the Lab 2 INITIAL Configs, and copy and paste the proper router/switch files to the proper devices. * Ifyou are using ProctorLabs, Log on to your Routing & Switching vRack Web UE © Near the top of the web page click the “Load Lab Configs” button and choose: Volume 4 > Lab 2-> INITIAL As a General Rule of Thumb we recommend you read the entire Lab before beginning. v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved aVolume 1 —Lab 2 IPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam Lab 2 Configuration Tasks 2.1 Configure Cat3 so that you can create, modify and delete VLANs locally. The VLANs created on this switch should be propagated through the network. Use a domain name of “ipexpert”. 2.2. Catt should send VLAN updates with an MD5 one-way hash value. Other switches should not be able to process these updates unless they have the same MD5 value. Use a password of “1p3xp3rt#". DO NOT use VLAN database commands to accomplish this task. 2.3 If a downstream switch does not possess a port in a VLAN that Cat1 is advertising, make sure that Cat1 does not propagate broadcast traffic for those VLANs. 2.4 Configure any interfaces connecting the switches together to appear as one link to STP per neighbor. If either of the interfaces is damaged, the switches should manage one-way links. Do not use industry standards, but make sure these links can negotiate their setup. 2.5 These links should allow all VLANs to travel across with their VLAN ID intact. You cannot use the Cisco proprietary protocol to achieve this. Every packet that traverses the link must have the VLAN ID, no exceptions. 2.6 Only allow the defined VLANs-across the link. 2.7 Make sure that any unused ports do not remain in “auto” mode. 2.8 Any unused ports should be placed in VLANS67. 2.9 Enable Cat2 to.authenticate 802.1x clients. The server IP address to use is 150.100.220.100 witha key of ipexpert. 2.10 Verify that.Fa0/6 connected to R6 is always in an authorized state. 2.11 Configure Fa0/18 on Cat2 to check to see if the client connected is capable of 802.1x authentications. 2.12 Catt Fa0/5 should temporarily bypass the listening and learning stage to transition directly into a forwarding mode. 2.13 Assure that Cat2 becomes the root switch for VLAN100 with one command. 2.14 Configure Fa0/5 that R5 connects to so that the switch will only allow this learned MAC address to communicate through this port. If any other MAC addresses are learned on this port Cat2 should shut it down for a period of three hours. 2 Copyright © 2010 by IPexpert, Inc. Al Rights Reserved, v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 4 Lab 2 v1900 2.15 2.16 247 2.18 2.19 2.20 2.21 2.22 2.23 2.24 2.25 You have installed a Cisco® Intrusion Protection System on Fa0/7 of Cat1 and you would like to test out its functionality. Configure the Switch to take traffic that is received on VLAN300 and send a copy to your IPS. Configure VLAN567 to be in the IP Subnet 150.100.220.0/28. IP traffic should be routed. All switches will have an IP in VLANS567. Use .11, .12, .13, and .14 respectively Configure all switches to be optimized for unicast routing Configure OSPF between RS5, R6, R7 and all four of your switches. Place VLAN 567, 100, 40, and 300 into the OSPF routing process. You may use Area 0 everywhere. Add interfaces on the switches for each of these VLANs. Use .11, .12, .13, and .14 respectively. Configure R5, R6, Cat1, and Cat2 to receive their time from R7. All of the devices should be in CST (-6) as well as adjust for Day Light Savings. Configure Cat1 to age out MAC addresses 50.seconds longer than the default value for devices in VLAN 567. On Cat1, create VLAN 86, assign ports Fa0/14, 15, 16, and 17 to this VLAN. This VLAN belongs to the IT department, make sure that these ports bypass listening and learning state, DO NOT use VLAN database to. create the VLAN. A Smart Port macro should be used to create the VLAN and assign the ports and the configuration to the VLAN. Configure Cat1 such that if port Fa0/14 receives BPDU packets it should transition into down/down err-disable state. Configure Cat3 & Cat4 such that if ports Fa0/15 and/or Fa0/16 receive BPDU packets.they should transition into down/down err-disable state, and they should stay in that state for a period of 380 seconds. After 380 seconds they-should automatically recover and transition into UP/UP state; however, if these ports receive BPDU packets again, the cycle should be repeated. You would like to monitor the activity on port Fa0/18 of Cat2, as clients connect their laptops to this port. Configure the switch such that when it learns/removes a MAC address an SNMP notification is generated and sent to the Network Management Server at 150.100.40.40. Since this is a very busy network, setup a trap interval so these messages are sent every 120 seconds with up to 50 entries, in order to reduce the bandwidth consumption. Use a read only SNMP community of “Port18”. In Cat3 and Cat4, ensure that ports Fa0/12 and Fa0/13 are in VLAN 90, DO NOT use the VLAN database or any global configuration mode command to create this VLAN. Ensure that these ports cannot communicate with each other even though they are in the same VLAN. Copyright © 2010 by IPexpert, Inc.All Rights Reserved 2BVolume 1 —Lab 2 2.26 227 2.28 2.29 2.30 IPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam An SVI should be created so hosts can reach the outside world. Use 150.100.90.0/24 as the network and .13 and .14 respectively. Ensure that only the following traffic is allowed to pass through VLAN 12 « Allnon-IP frames sourced from MAC-address 000b.cd96.cc4f destined to any host * OSPF traffic and ICMP traffic ¢ All other frames should be denied Make sure that VLAN 40 will only carry IPv6 traffic. All other traffic should be discarded. On Cat3, ports Fa0/6 through Fa0/10 will utilize the 200.200.200.0/24 subnet. Allow ports Fa0/6 and Fa0/7 to talk to eachother, but no other devices in this subnet should be allowed to speak intra-VLAN to each other. Create a VLAN interface to be used as the gateway out for this subnet as 200.200.200.200/24. Additional VLANs may be created. Except in VLAN 100, Cat3 should not have any ports blocked by spanning tree. In the event that Cat2 loses its link to Cat3, the path to the root bridge should go through Cat4 as quicklyas possible. Do not use any “cost” or “priority” type commands on.Cat2 to make this happen. Technical Verification and Support To verify your configurations please review the Volume 1 Detailed Solution Guide that you received along with this Workbook. Support is also available in the following ways: IPexpert Support: www.OnlineStudyList.com IPexpert Blog: blog.ipexpert.com ProctorLabs Hardware Support: support@ipexpert.com Copyright © 2010 by IPexpert, Inc. Al Rights Reserved, v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 1 Lab 3 Lab 3 — Switching: Multiple Spanning Tree Technologies Covered Multiple Spanning Tree Protocol (802.1s) 802.1x RSPAN Port-security MAC Access-lists HSRP. VLAN Maps LLDP Overview With four switches on the CCIE R&S lab (a combination of Catalyst 3550 and Catalyst 3560 switches with the v3.0 blueprint and four Catalyst- 3560 switches on the v4.0 blueprint), there is the potential fora lot of detailed challenges in the "Switching" portion of the Routing & Switching exam. This lab is part of a series that will help prepare you for the types of scenarios you may be presented with. Estimated Time to Complete: 2 Hours v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved 28Volume 1 —Lab 3 IPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam Lab 3 Topology ~ R&S Volume 1 Lab Switching: Multiple Spanning Tree Rt 4100,100.100.0724 VLAN 100 ie 150.100.41.0/26 al ie ae Frame Relay2 150.100.24.0724 R2 ea ao a 3 y ) ALi Rubee have s loopback E ee address of 200.0.0.X/32 e wn Relay 1 ) Where is is the Router # 8 150,100.100.0/24 z 100.100.250.078 RS 8 ipexpert 750.100.81.0/24 wy 26 Copyright © 2010 by IFexper, Inc. Al Rights Reserved. v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 1 Lab 3 Lab 3 Pre-Lab Setup « Logically connect and configure your network as displayed in the Topology Diagram. You may also refer to the Diagram located within your configuration files for topology information. « Catalyst Interconnectivity: The catalyst switches are connected via a pair of FastEthernet ports between Each other and Cat1 and Cat2 have an additional Gigabit Ethernet Connection. Please refer to the “Layer 2 Connectivity Diagram” and the “Base Connectivity Diagram” at the beginning of the workbook or in your configuration files. « You will be using the above diagrams throughout this lab. e This lab is intended to be used with online rack access provided by www.proctorlabs com. Connect to the terminal server for the online rack, and complete the configuration tasks as detailed below. Prerequisites: * fusing your own-hardware: © Login to IPexpert.com, navigate to the “My Configs” area, download *IPexpert Routing & Switching Volume 1 Configs*. find the Lab 3 INITIAL Configs, and copy and paste the proper router/switch files to the proper devices. + Ifyou are using ProctorLabs, Log on to your Routing & Switching Rack Web UI: 2 Near the top of the web page click the “Load Lab Configs” button and choose: Volume 1 > Lab 3 > INITIAL As a General Rule of Thumb we recommend you read the entire Lab before beginning. v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved nVolume 1 —Lab 3 IPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam Lab 3 Configuration Tasks 34 3.2 3.3 3.4 3.5 3.6 37 3.8 3.9 3.10 3.11 3.12 3.13 3.44 3.15, Name the switches CatX-MST. Where X represents 1, 2, 3 or 4. The switches should not exchange VLAN information over any trunk. lf a VLAN is not being used locally, a switch should signal to upstream/downstream switches to stop sending information. Configure the switches to run MST. Configure Cat4 to send configuration messages every 3 seconds. Other switches should determine reachability problems within 15 seconds. Do not configure anything on any switch other than Cat4. Assure that all switches are set to the same timers.» Do not use any “spanning-tree" commands on Cat, Cat2 or Cat3 to make this happen. The links between Cat2-Cat3 and Cat1-Cat4 mustappear as if they are 1- gigabit Ethernet links. The odd numbered switches are not allowed to use a "spanning-tree" command to make this happen. The even numbered switches MUST use a "spanning-tree" command to make this happen. If the links between Cat1 and Cat4 fail, the backup path should be the highest port number to Cat3. If this link fails, the highest port number to Cat2 should come next in line. If changes are made on Cat1, Cat! is only allowed one interface command. Manual methods of backup are not allowed. Odd numbered VLANs shouldbe able to take different paths (if desired) than even numbered VLANs. All unused ports should be placed in VLAN 3333. Ports in VLAN 3333 should require authentication to come online. Use Radius server 150.100.220.110 with key ipexpert. If clients do not enter valid credentials, they should be placed in VLAN 100. If the clients' PCs do not support EAP, they should be placed in VLAN 200. Run EIGRP AS 12345 on all of the devices' loopback and Ethernet interfaces. R9's fa0/1 interface should peer directly with all devices. IP addresses may be added. Use .9 as the last octet and name the sub-interfaces based on the VLAN number. Use VLAN 2300 as the Native VLAN. All Catalysts should peer in VLAN 2300. Use .11, .12, .13, and .14 respectively for Cat1, Cat2, Cat3 and Cat4. Copyright © 2010 by IPexpert, Inc. Al Rights Reserved, v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 1 Lab 3 v1900 3.17 3.18 3.19 3.20 3.21 3.22 3.23 3.24 An intrusion prevention system (IPS) is being setup on Cat4 Fa0/18. This device should be able to monitor traffic received on R1's fa0/1 port coming from BB1. Configure ports in VLAN 567 to allow a single active MAC address. If idle for more than 90 minutes, the MAC should be cleared from the table. If multiple MACs are seen on the interface, any additional MAC address should cause the port to be shutdown for 90 minutes. From a client PC's perspective, VLAN567 will have a default router address of 150.100.220.1. R5 should handle all egress traffic from VLANS567. ¢ If R5's PPP Serial link or Frame-Relay links go down, R6 should take over handling egress traffic. e If R6's PPP link or Frame-Relay link goes, down, then R7 should assume the role. e An industry standard protocol should not be used. Make sure inter- router communications takes place using 224.0.0.102 link-local multicast address for this technology task. Each trunk link between switches must send the untagged Dot1Q frames using a different VLAN. VLAN 12 has experienced some ARP flooding problems. Disallow ARP. on this VLAN. For non-Cisco devices that.may be attached to your Catalyst switches, make sure that. 802.1AB discovery and hold-time occurs at the same interval as CDP. frames are sent. (Note: Check the IOS version, only 12.2(40)SE-or later will support this. If the IOS you have doesn't support this protocol it is still good to use this question as an opportunity to find the information in Cisco Documentation.) Copyright © 2010 by IPexpert, Inc.All Rights Reserved 29Volume 1 — Lab 3 IPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam 30 Copyright © 2010 by IFexper, Inc.All Rights Reserved. v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 1 Lab 4 Lab 4 — Switching: Rapid Per VLAN Spanning Tree+ Technologies Covered Rapid-PVST+ Influencing Spanning-tree Path Selection Etherchannel PAgP. VLAN Maps Voice VLANs Private VLANs HSRP. Overview With four switches on the CCIE R&S lab (a combination of Catalyst 3550 and Catalyst 3560 switches with the v3.0 blueprint and four Catalyst 3560 switches on the v4.0 blueprint), there is the potential for a lot of detailed challenges in the "Switching" portion of the Routing & Switching exam. This lab is part-of-a series that will help prepare you for the types of scenarios you may be presented with. Estimated Time to Complete: 3 Hours v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved 31Volume 1 —Lab 4 Iexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam Lab 4 Topology a 32 R&S Volume 1 Lab 4 Switching: Rapid Per-VLAN Spanning Tree 100.100.0728 VLAN 100 150,100.41,0/24 = Frame Relay2 — 150.100.24.0/24 \ Ali Routes have a loopback w ‘addtess of 200.0.0.X/32. . Xis the Router # Frame Relay 1 aie - 150.100.100.072 veiosz- Dor ost 100.100.250.0/24 FEIOTG OOF OST ‘VLAN 567 150.100.221.0/24 26 ipexpert A Copyright © 2010 by IFexper, Inc. Al Rights Reserved. v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 1 Lab 4 Lab 4 Pre-Lab Setup « Logically connect and configure your network as displayed in the Topology Diagram. You may also refer to the Diagram located within your configuration files for topology information. « Catalyst Interconnectivity: The catalyst switches are connected via a pair of FastEthernet ports between Each other and Cat1 and Cat2 have an additional Gigabit Ethernet Connection. Please refer to the “Layer 2 Connectivity Diagram” and the “Base Connectivity Diagram” at the beginning of the workbook or in your configuration files. « You will be using the above diagrams throughout this lab. e This lab is intended to be used with online rack access provided by www.proctorlabs com. Connect to the terminal server for the online rack, and complete the configuration tasks as detailed below. Prerequisites: + Ifusing your own hardware: 6, Login to iPexpert.com, navigate to the “My Configs” area, download “IPexpert Routing & Switching Volume 1 Configs’, find the Lab 4 INITIAL Configs, and copy and paste the proper router/switch files to the proper devices. * Ifyou are using ProctorLabs, Log on to your Routing & Switching vRack Web UE © Near the top of the web page click the “Load Lab Configs” button and choose: Volume 1 > Lab 4 -> INITIAL As a General Rule of Thumb we recommend you read the entire Lab before beginning. v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved 33Volume 1 —Lab 4 Iexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam Lab 4 Configuration Tasks 34 44 42 43 44 45 46 47 48 49 4.10 411 412 4.13 4.14 4.15 4.16 Name the switches CatX-Rapid. Where X represents 1, 2, 3 or 4. No switches should use VTP to learn information from other switches. All switches should support more than 100 instances of spanning-tree. Cat2, Cat3, and Cat4 should support dynamic convergence of link changes within two seconds. Do not use any commands containing the word "fast" to do this. Trunks to Cat1 should encapsulate the Ethernet frame with an additional header and footer. All other trunks should use a "tag" field to reflect the VLAN information. Cat1 should be configured to allow a maximum of five switches between any two end stations in VLAN 567. Make sure other switches see this without entering any additional commands on Cat2, Cat3, or Cat4. Cat3 should be configured to allow a maximum of three switches between any two end stations in VLAN 2567. Make sure that other switches see this without entering any additional commands on Cat1, Cat2, or Cat4. Cat2 should be a backup root bridge for VLANs 12, 100, 40, 200, 300 and 567. Cat4 should be a backup root bridge for VLANs 240, 2200, 2300 and 2567. Links between Cat & Cat4 and Cat2 & Cat3 should be viewed as a 10mbps Ethernet link to. spanning-tree protocol. Cat2 and Cat3 should send odd-numbered VLANs over odd-numbered trunks to.the root bridge (for VLANs 12, 100, 40, 200, 300 and 567). No commands are allowed on Cat2 or Cat3. Links between Cat1 & Cat4 and Cat2 & Cat3 should automatically bond together to form a single circuit. Use the Cisco proprietary protocol to do this. VLAN 240 is going to be used for testing IPv6 deployment. Make sure that no other protocol is allowed on this VLAN. The ethertype for IPv6 is Ox86DD. No ARPs should be allowed. Ports connected to the BB routers should allow no more than 10% of the link to be used by broadcast traffic. Do not use QoS to accomplish this task. Cat4 should setup ports Fa0/1 through Fa0/5 for an IP Telephony test project. The data VLAN will be VLAN 500. The telephony traffic will use Copyright © 2010 by IPexpert, Inc. Al Rights Reserved, v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 1 Lab 4 v1900 417 418 419 4.20 4.21 4.22 VLAN 1500. This traffic should not be sent over trunk links to other switches at this point. Cat1 and Cat2 should set aside ports Fa0/14 through Fa0/18 to be used for servers in VLAN 40. The changes, including the VLAN change and immediate recognition of an end-station being plugged in should all be enabled entering only a single command. Cat3 and Cat4 will be used for an upcoming server hosting (ASP) project. Ports Fa0/10 through Fa0/18 on each switch will be used. Create VLANs 2600, 2601, and 2602. Devices in VLAN 2600 should only be able to communicate with router ports (and SVI interfaces on both switches). All hosts in each of these VLANS combined will use the 150.100.221 0/24 IP address)range. Devices in VLAN 2601 should be able to communicate with each other as well as the routers in 150.100.221.0/24. VLAN»2602 should follow the same requirements. Use Fa0/10-12 on Cat3 for. VLAN 2601 and Fa0/10- 12 on Cat4 for VLAN 2602. Put the remaining ports in VLAN 2600. R5, R6 and R7 should employ a first-hop redundancy protocol created by Cisco. Host devices should use 150,100.221¢ as their default gateway out of that subnet. Packets should go through R35 first, then R6, then R7 based on the Layer2 operation of these. router's WAN links. Interface Fa0/6 on Cat1 willbe extended down to a conference room. Ensure that this port will néver become path to the root even if someone connects a switch with a lowen priority. Copyright © 2010 by IPexpert, Inc.All Rights Reserved 35Volume 1 — Lab 4 IPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam 36 Copyright © 2010 by IFexper, Inc.All Rights Reserved. v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 1 —Lab 5 Lab 5 - Layer 2 Tunneling Technologies Covered « DotiQ Tunnels « Layer 2 Protocol Tunnels « Etherchannel Overview One of the newer features explored in the Catalyst switches and appearing in the CCIE R&S Blueprint is Layer 2 Tunneling. This lab will explore various ways of tweaking a topology using this technology. Estimated Time to Complete: 2 Hours v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved 37Volume 1 Lab Lab 5 Topology IPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam a 38 R&S Volume 1 Lab 5 Layer 2 Tunneling RI ZENVIA vz/07ZL'00L 0st R2 Layer 3 Diagram 4100.100.100.0/24 3 VLAN 100 E00] Layer 2 Diagram Catz (eas) Catt Cat3 ipexpert A Copyright © 2010 by IFexper, Inc. Al Rights Reserved. v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 1 —Lab 5 Lab 5 Pre-Lab Setup « Logically connect and configure your network as displayed in the Topology Diagram. You may also refer to the Diagram located within your configuration files for topology information. * Catalyst Interconnectivity: The catalyst switches are connected via a pair of FastEthernet ports between Each other and Cat1 and Cat2 have an additional Gigabit Ethernet Connection. Please refer to the “Layer 2 Connectivity Diagram” and the “Base Connectivity Diagram” at the beginning of the workbook or in your configuration files. * You will be using the above diagrams throughout this lab. « This lab is intended to be used with online rack access provided by www.proctoriabs.com. Connect to the terminal server for the online rack, and complete the configuration tasks as detailed below. Prerequisites: + Ifusing your wn hardware: 2 _tlogin to IPexpert.com, navigate to the "My Configs” area, download “IPexpert Routing & Switching Volume 1 Configs”, find the Lab 5 INITIAL Configs, and copy and paste the proper router/switch files to the proper devices. + Ifyou are using ProctorLabs, Log on to your Routing & Switching vRack Web UI: © Near the top of the web page click the “Load Lab Configs” button and choose: Volume 1 > Lab 5 > INITIAL As a General Rule of Thumb we recommend you read the entire Lab before beginning. Do not get caught off guard by how small this lab appears. v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved 39Volume 1 Lab IPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam Lab 5 Configuration Tasks 5.1. Name the switches simply Cat1, Cat2, Cat3 and Cat4. 5.2 R1's output for "show cdp neighbor" should look like this: Rlleh edp ned Capability Codes: R - Router, 7 - Trans Bridge, B - source Route Bridge S - Switch, H - Host, T - IGMP, r ~ Repeater Device ID Local Intrice Holdtme Capability Platform Fort ID BBL Fas 0/1 163 R 2610 Eth 0/0 RZ Fas 0/0 70 RSI 3825 Gig 0/0 Rit 5.3 All trunks should use 802.1Q. 5.4 Fa0/23 on Cat1-Cat2 should carry ONLY VLANs 100,200, 300 and 567. 5.5 Fa0/21 on Cat2-Cat4 should carry ONLY VLANs 100, 200, 300 and 567. 5.6 Make sure that Catt is trunking with Cat3 over port Fa0/19 as an 802.1Q trunk. 5.7. Cat4 should be trunking with Cat3 over port Fa0/20 as an 802.1Q trunk. 5.8 When all is done, you should have three trunk links between Cat1-Cat3 and Cat4-Cat3. 5.9 Make sure each set of these three trunks appear in spanning-tree as a single trunk. Use industry standard protocols between Cat1-Cat3 and the Cisco proprietary protocol between Cat3-Cat4. 5.10 Catt should use a link-seléction algorithm that favors frame destination. 5.11 Cat3 should have a link-selection algorithm that takes both Layer2 and Layer3 information into account. 40 Copyright © 2010 by IPexpert, Inc. Al Rights Reserved, v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam Volume 1 —Lab 6 v1900 Copyright © 2010 by IFexper, Inc.All Rights Reserved 41IPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam This page left intentionally blank. a2 Copyright © 2010 by IPexpert, Inc. Al Rights Reserved, v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 1 Lab 6 Lab 6 - Frame Relay Technologies Covered Frame Relay Interface Types Static IP/DLCI Mapping Inverse ARP Frame Relay Encapsulation Types Frame Relay LMI PPP over Frame Relay Back-to-Back Frame Relay Multilink Frame Relay (FRF.16) End-to-End Keepalives Discard Eligible Overview Frame Relay is a technology that absolutely must be mastered. Depending on your lab, you may have any number of different scenarios manipulating a Frame Relay network. It is absolutely essential to be proficient with this technology and not have any second thoughts about configuration decisions. Frame Relay offers a number of complications that can be introduced into a topology. This lab will explore many of those areas and offer a learning path to lead to increasing your expertise and understanding. Estimated Time to Complete: 3 Hours v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved 43Volume 1 —Lab 6 Lab 6 Topology IPexpert’s Workbook for the Cisco CCIE™ Routing & Switching v4.0 Lab Exam R5 R&S Volume 1 Lab 6 Frame Relay Frame Relay 2 Re 150.100.24.0/24 \ ‘All Routers have a loopback ‘address of 200.0.0.X/32. Where X is the Router # Frame Relay f 150.100.100.028" y FramalRelay 3. >) Ro 150,200.200.0/24.\~ | we oy Ss Frame y 4 150.100.69.0/24 ‘Seriaioat Frame Relay 5 150.100.96.0/24 ipexpert Copyright © 2010 by IFexper, Inc. Al Rights Reserved. v1900IPexpert's Workbook for the Cisco CCIE™ Routing & Switching v4.0 La Exam Volume 1 Lab 6 Lab 6 Pre-Lab Setup « Logically connect and configure your network as displayed in the Topology Diagram. You may also refer to the Diagram located within your configuration files for topology information. * Catalyst Interconnectivity: The catalyst switches are connected via a pair of FastEthernet ports between Each other and Cat1 and Cat2 have an additional Gigabit Ethernet Connection. Please refer to the “Layer 2 Connectivity Diagram” and the “Base Connectivity Diagram” at the beginning of the workbook or in your configuration files. * You will be using the above diagrams throughout this lab. « This lab is intended to be used with online rack access provided by www.proctoriabs.com. Connect to the terminal server for the online rack, and complete the configuration tasks as detailed below. Prerequisites: * Ifusing your own hardware: ‘© Login to |Pexpert.com, navigate to the “My Configs” area, download “IPexpert Routing & Switching Volume 1 Configs®, find the Lab 6 INITIAL Configs. and copy and paste the proper router/switch files to the proper devices. * Ifyou are using ProctorLabs, Log on to your Routing & Switching vRack Web Ul: © Near the top of the web page click the “Load Lab Configs” button and choose: Volume 1 > Lab 6 > INITIAL As a General Rule of Thumb we recommend you read the entire Lab before beginning. v1900 Copyright © 2010 by IPexpert, Inc.All Rights Reserved 45