Sikandar CCNP Notes

sikandarbaadshah@gmail.
com
sikandarccie@gmail.com
91 - 9985048840
CCNP ROUTE 642-902

Chapter 1:
Chapter 2:
Chapter 3:
Chapter 4:
Chapter 5:
Chapter 6:
Chapter 7:
Chapter 8:
Chapter 9:
Planning for Complex Networks

EIGRP
OSPF
Optimizing Routing
Path Control
BGP and Internet Connectivity
Branch Office Connectivity
Mobile Worker Connectivity
IPv6 Introduction
Understanding Routing Protocols

Cisco routers support multiple routing protocols, but the ROUTE exam covers only EIGRP, OSPF, and BGP
Static Routing
Manually configured by Administrator
Administrative distance is 0 or 1
Destination network should be known
Routing based on next hop IP address or exit interface
Secure and fast
Static Default Route

Static default route will be used for unknown destination or for all destination.
It is used for Internet
It is last preferred route in routing table.
It can be also used on Stub router
Dynamic Routing Protocol

Dynamic routing protocols, exchange routing information with the neighbors and build the routing table
automatically
Administrator need to advertise only the directly connected networks
Any changes in the network topology are automatically updated
Types of Dynamic Routing Protocol

Distance Vector Protocol
Link-State Protocol
Advance or Hybrid Protocol
Page 1 of 182
sikandarbaadshah@gmail.com
91 - 9985048840
Distance Vector Protocol
Works with Bellman

Ford algorithm
Periodic updates
Classful routing
protocol
Full Routing tables
are exchanged
Updates are through
broadcast
Example: RIP 1, ,
IGRP
Link State Protocol
Works with Dijkstra

algorithm
Link state updates
Classless routing protocol
Missing routes are
exchanged
Updates are through
multicast
Example : OSPF, IS-IS
Hybrid Protocol
Works with DUAL

algorithm
Link state updates
Classless routing
protocol
Missing routes are
exchanged
Updates are through
multicast
Example : EIGRP
Also called as
Advance Distance
vector Protocol
Administrative distance:
It is the trustworthiness of the routing information. Lesser the Administrative distance, higher the preference.
Routing Protocols and Their Default Administrative Distance
Information Source
AD
Connected
0
Static
1
External BGP (Border Gateway Protocol)
20
Internal EIGRP (Enhanced IGRP)
90
IGRP (Internet Gateway Routing Protocol)
100
OSPF (Open Shortest Path First)
110
IS-IS (Intermediate System to Intermediate System) 115
RIP (Routing Information Protocol)
120
ODR (On Demand Routing)
160
External EIGRP
170
Internal BGP
200
Unknown
255
Building the Routing Table

The router builds a routing table by ruling out invalid routes and considering the remaining advertisements.
The procedure is
1. For each route received, verify the next hop. If invalid, discard the route.
2. If multiple identical, valid routes are received by a routing protocol, choose the lowest metric.
Page 2 of 182
91 - 9985048840
3. Routes are identical if they advertise the same prefix and mask, so 192.168.0.0/16 and 92.168.0.0/24
are separate paths and are each placed into the routing table.
4. If more than one specific valid route is advertised by different routing protocols, choose the path with
the lowest AD.
Comparison of Routing Protocols
SUBNETTING
FLSM
VLSM
All the subnet have same subnet mask

All subnet have different subnet mask
Classfull Routing Protocol

Routing protocol which doesnt carry subnet mask in Routing updates.
Eg. RIP, IGRP.
Classless Routing Protocol
Routing Protocols which carry subnet mask information in routing update
Eg. RIPv2, EIGRP, OSPF, ISIS, BGPv4
SUMMARIZATION/CIDR/SUPERNETTING
It is the process of combining smaller networks in to single large sub network (Combining the
contagious address into one and send to neighbor.)
It helps in reducing the size of routing table.

Advantages
Minimizing the routing table.
Less use of resources like memory, processor, bandwidth.
Two Type of Summarization

Auto summary
Manual summary
Auto Summary
Page 3 of 182
91 - 9985048840
Summarizes to a default class full boundary

A
/8
B
/16
C
/24
Class full routing protocol does auto summary by default and it cant be turn off
Routing protocol like RIPv2, EIGRP, BGPv4 support auto summary
Routing protocol like OSPF and ISIS doesnt support auto summary
Disadvantages of Auto-summary:
Can create Problems if the network is in discontiguous Subnets.
Not always applicable
To enable or disable auto summary

Router(config-router)# [no] auto-summary
Manual summary
Administrator manually configures Summarization
It is supported by all classless routing protocols
Example of Manual summary :

Example 1
Summarize the following addresses
10.1.0.0/24
10.1.2.0/24
10.1.3.0/24
10.1.4.0/24
10.1.5.0/24
10.1.6.0/24
Steps for calculating Manual summary :
1) WRITE THE BINARY OF FIRST and the last number
2) Divide between the common and un-common ( 0 0 or 1- 1 are common)
3) Convert right side values of the first number in to zeros ( change in to decimal)
4) count the left side bits (to find the / value)
some examples for method of converting to binary
128
0
64
0
32
0
16
0
8
0
4
1
2
1
1
0
25
Page 4 of 182
91 - 9985048840
29
10.1.0.0/24
written as
10.
1.
0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
10.1.6.0/24
written as
10.
1.
0 0 0 0 0 1 1 0
0 0 0 0 0 0 0 0
3) Convert right side values of the first number in to zeros ( change in to decimal)
10.
1.
0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
Change in to decimal the above answer
10.1.0.0
count the left side bits (to find the / value)
10.
1.
0 0 0 0 0 0 0 0
0 0 0 0 0 0 0 0
8 bits 8 bits 5 bits
10.1.0.0 /21
So the summarization address is 10.1.0.0 /21
EXAMPLE 2
Summarize the following addresses
172.16.25.0/24
172.16.26.0/24
Page 5 of 182
91 - 9985048840
172.16.27.0/24
172.16.28.0/24
172.16.29.0/24
WRITE THE BINARY OF FIRST and the last number

Divide between the common and un-common
Convert right side values of the first number in to zeros ( change in to decimal)
count the left side bits (for / value)
172.16.25.0/24
172.16.
00 0 1 1 0 0 1
00000000
172.16.29.0/24
172.16.
0 0 0 1 1 1 0 1
00000000
Convert right side values of the first number in to zeros ( change in to decimal)
172.16.
0 0 0 1100 0
00000000
count the left side bits (for / value)
172.16.24.0/21
======================================================================
Planning a Routing Implementation

It is critical to take a structured approach to planning a routing implementation and to document thoroughly
once you are done. Taking an ad-hoc approach could lead to network instability, suboptimal routing, or
scalability problems. Four commonly used models include
Cisco Lifestyle Services: Uses the PPDIOO model (Prepare, Plan, Design, Implement, Operate, and
Optimize.) Network engineers at the CCNP level are involved with the implementation planning during
the Design phase, and the Implementation itself during the Implement phase.
IT Infrastructure Library (ITIL): Emphasizes business requirements and processes as they relate to IT.
Implementation and implementation planning are part of its best practices.
Fault, Configuration, Accounting, Performance, and Security (FCAPS): Has five network
management categories. Implementation and implementation planning are under the Configuration
management category.
Telecommunications Management Network (TMN): Based on the FCAPS model. Implementation and
implementation planning are one of its building blocks. Each approach includes identifying
requirements, creating an implementation plan, implementing the changes, verifying your work, and
then documenting it.
Page 6 of 182
91 - 9985048840
Creating an Implementation Plan

To create an implementation plan you need to know what the network looks like now, and what it should look
like when you are done. This involves gathering information about the current network parameters such as IP
addressing, physical connectivity, routing configuration, and equipment. Compare the current state to what is
required. Be sure to include any site-specific requirements and any dependencies on the existing network. An
implementation plan includes most of the following, some of which might be site-specific:
1.
2.
3.
4.
5.
A checklist of tasks to be done

Tools and resources needed
The schedule of work, coordinated with all needed resources
Device configurations
Verification processes and tests
Creating Implementation Documentation

Documentation should be kept up-to-date, accurate, and accessible. It includes network information, tools and
resources used, implementation tasks, verification methods, device configurations, performance measurements,
and possibly screen shots or pictures.
Page 7 of 182
91 - 9985048840
HOW TO INSTALL AND USE GNS3
Install GNS3
Copy IOS images to a specific folder
Set the path
For PRO DIR
For IMAGES
o
TEST THE DYNAMIPS
Page 8 of 182
91 - 9985048840
Set the path of theIOS images to be used
Page 9 of 182
91 - 9985048840
yo
Design the topology and add the specific cards on the module required for connections.
Configure the routers to add the specific modules ( and cards required) for connections to be made.
Page 10 of 182
91 - 9985048840
Page 11 of 182
91 - 9985048840
Design the topology
Start the devices
Page 12 of 182
91 - 9985048840
Calculate the IDLE PC value to reduce the CPU utilization

o ( prefered values will be seen as asterisk *****
Console the routers
Page 13 of 182
91 - 9985048840
Assign the basic configurations according to the lab setup ( you will find in coming pages)
Save configs ( WRITE command)
Page 14 of 182
91 - 9985048840
Export the configs to a folder :
FILE SAVE the topology for future labs
Once the topology designed and configured with the basic configs , saved in can be used in the future labs all
relating to CCNP RS module in the coming sections.
The entire labs in the every topic is done mostly based on the same topology
Page 15 of 182
91 - 9985048840
LAB DEFAULT SETUP DIAGRAM :
BASIC CONFIGS ACCORDING TO THE LAB REQUIREMENT
R1
enable
conf t
hostname R1
no ip domain-lookup
int fa0/0
ip add 10.1.1.1 255.0.0.0
no shut
no keepalive
int s1/0
ip add 1.1.1.1 255.0.0.0
no sh
Page 16 of 182
91 - 9985048840
int s1/1
ip add 4.4.4.2 255.0.0.0
no sh
int loop 0
ip add 11.0.0.1 255.255.255.0
int loop 1
ip add 11.0.1.1 255.255.255.0
int loop 2
ip add 11.0.2.1 255.255.255.0
int loop 3
ip add 11.0.3.1 255.255.255.0
do write
===============================================
R2
enable
conf t
hostname R2
no ip domain-lookup
int fa0/0
ip add 20.1.1.1 255.0.0.0
no shut
no keepalive
int s1/0
ip add 1.1.1.2 255.0.0.0
no sh
int s1/1
ip add 2.2.2.1 255.0.0.0
no sh
int loop 0
ip add 12.0.0.1 255.255.255.0
int loop 1
ip add 12.0.1.1 255.255.255.0
int loop 2
Page 17 of 182
91 - 9985048840
ip add 12.0.2.1 255.255.255.0
int loop 3
ip add 12.0.3.1 255.255.255.0
do write
=================================
R3
enable
conf t
hostname R3
no ip domain-lookup
int fa0/0
ip add 30.1.1.1 255.0.0.0
no shut
no keepalive
exit
int s1/0
ip add 2.2.2.2 255.0.0.0
no sh
exit
int s1/1
ip add 3.3.3.1 255.0.0.0
no sh
exit
int loop 0
ip add 13.0.0.1 255.255.255.0
int loop 1
ip add 13.0.1.1 255.255.255.0
int loop 2
ip add 13.0.2.1 255.255.255.0
int loop 3
ip add 13.0.3.1 255.255.255.0
do write
=============================================
Page 18 of 182
91 - 9985048840
R4
enable
conf t
hostname R4
no ip domain-lookup
int fa0/0
ip add 40.1.1.1 255.0.0.0
no shut
no keepalive
int s1/0
ip add 3.3.3.2 255.0.0.0
no sh
exit
int s1/1
ip add 4.4.4.1 255.0.0.0
no sh
int loop 0
ip add 14.0.0.1 255.255.255.0
int loop 1
ip add 14.0.1.1 255.255.255.0
int loop 2
ip add 14.0.2.1 255.255.255.0
int loop 3
ip add 14.0.3.1 255.255.255.0
do write
==============================================
Page 19 of 182
91 - 9985048840
EIGRP
Enhanced Interior Gateway Routing Protocol (EIGRP)
The following are some features of EIGRP:
Cisco proprietary
advanced distance vector
classless routing protocol.
Fast convergence.
Support for VLSM.
Partial updates conserve network bandwidth.
Support for IP, AppleTalk, and IPX.
Runs directly over IP, using protocol number 88.
Support for all Layer 2 (data link layer) protocols and topologies.
Sophisticated metric that supports load-balancing across unequal-cost paths .
Use of multicast (and unicast where appropriate) instead of broadcasts.
Support for authentication.
uses a complex metric based on bandwidth and delay
Manual summarization at any interface.
Uses multicast 224.0.0.10.
EIGRPs function is controlled by four key technologies:
1. Neighbor discovery and maintenance: Periodic hello messages
2. The Reliable Transport Protocol (RTP): Controls sending, tracking, and acknowledging EIGRP
messages
3. Diffusing Update Algorithm (DUAL): Determines the best loop-free route
4. Protocol-independent modules (PDM): Modules are plug-ins for IP, IPX, and AppleTalk versions of
EIGRP
EIGRP uses three tables:
The neighbor table is built from EIGRP hellos and used for reliable delivery.
The topology table contains EIGRP routing information for best paths and loop-free
alternatives.
EIGRP places best routes from its topology table into the common routing table.
Packet Types
EIGRP uses five packet types
Hello:
Update:
Query:
Reply:
ACK:
Identifies neighbors and serves as a keep alive mechanism

Reliably sends route information
Reliably requests specific route information
Reliably responds to a query
Acknowledgment
Neighbor Discovery and Route Exchange

When EIGRP first starts, it uses hellos to build a neighbor table. Neighbors are directly attached routers that
have a matching AS number and k values. (The timers dont have to agree.) The process of neighbor discovery
and route exchange between two EIGRP routers is as follows:
Page 20 of 182
91 - 9985048840
Step 1. Router A sends out a hello.
Step 2. Router B sends back a hello and an update. The update contains routing information.
Step 3. Router A acknowledges the update.
Step 4. Router A sends its update.
Step 5. Router B acknowledges.
Initial Route Discovery
When two routers are EIGRP neighbors, they use hellos between them as keepalives. Additional route
information is sent only if a route is lost or a new route is discovered. A neighbor is considered lost if no hello is
received within three hello periods (called the hold time).
The default hello/hold timers are as follows:
5 seconds/15 seconds for multipoint circuits with bandwidth greater than T1 and for point-to-point
media
60 seconds/180 seconds for multipoint circuits with bandwidth less than or equal to T1
EIGRP METRIC CALCULATION
EIGRP Metric = [K1 * BW + ((K2 * BW) / (256 load)) + K3 * delay]
Page 21 of 182
91 - 9985048840
Formula with default K values
(K1 = 1, K2 = 0, K3 = 1, K4 = 0, K5 = 0)
EIGRP Metric
BW= (107/lowest Bandwidth in kbps)*256
Delay= (sum of total delay/10)*256
By default, EIGRP metric: Metric = bandwidth (slowest link) + delay (sum of delays)
A --B --C -- D
A --X --Y --Z --D
Least bandwidth 64 kbps

Least bandwidth 256 kbps
Total delay 6,000

Total delay 8,000
Delay is the sum of all the delays of the links along the paths:
Delay = [delay in tens of microseconds] x 256
Bandwidth is the lowest bandwidth of the links along the paths:

Bandwidth = [10,000,000 / (bandwidth in kbps)] x 256
DUAL Terminology
Selects lowest-cost, loop-free paths to each destination
AD = cost between the next-hop router and the destination
FD = cost from local router = AD of next-hop router + cost between the local router and the nexthop router
Lowest-cost = lowest FD
(Current) successor = next-hop router with lowest-cost, loop free path
Feasible successor = backup router with loop-free path
AD of feasible successor must be less than FD of current successor route
Feasible Successor= Second best AD < FD of Successor
Planning an EIGRP Implementation
When planning an EIGRP implementation, gather the following information:
Current network setup and future requirements: Document the IP addressing used and the network
topology, including links types, bandwidth, and utilization. A good IP addressing design allows
summarization at various points in the network.
Page 22 of 182
91 - 9985048840
Network design: Although EIGRP does not require a hierarchical network design, it can perform more
efficiently within that type of network.
Plans for EIGRP scaling options: These would include summarization, stub areas, and changes in
interface metrics to improve bandwidth utilization.
Your final implementation plan needs to include detailed parameters such as the exact topology, IP networks to
be advertised, EIGRP AS number, lists of routers to run EIGRP, and any nondefault metrics to be used. It needs to
list implementation tasks for each router in the network. Finally it needs to provide verification tasks for each
router such as verifying neighbors, IP routing tables, EIGRP topology tables, and network connectivity
DUAL Stuck In Active

After the router has chosen a path to a network, it is passive for that route. If a successor path is lost and no
feasible successor is identified, the router sends out queries on all interfaces in an attempt to identify an
alternate path. It is active for that route. No successor can be chosen until the router receives a reply to all
queries. If a reply is missing for 3 minutes, the router becomes stuck in active (SIA). In that case, it resets the
neighbor relationship with the neighbor that did not reply.
Three common causes for SIA routes are
CPU or memory usage is so high on the neighbor that it cannot process the query or reply.
The link between the routers drops packets. Enough packets get through to maintain the neighbor
relationship, but some queries or replies are dropped.
Unidirectional link, so the router never receives packets from its neighbor.
To enable EIGRP as the IP routing protocol
Router(config)# router EIGRP <ASNo.>
Identifies attached networks participating in EIGRP.
Router(config-router)#network network-id [wildcard-mask]
Defining the interfaces bandwidth for the purposes of sending routing update traffic
Router(config) # interface serial 0/0
Router(config-if)# bandwidth<kilobits>
Configuring EIGRP for IP
Page 23 of 182
91 - 9985048840
Using the Wildcard Mask in EIGRP
Verifying EIGRP
R1#show ip EIGRP neighbors
R1#show ip route EIGRP
R1#show ip protocols
R1#show ip EIGRP interfaces
EIGRP Route Summarization: Automatic
Page 24 of 182
91 - 9985048840
Purpose: Smaller routing tables, smaller updates
Automatic summarization:
On major network boundaries, subnetworks are summarized to a single classful (major)
network.
Automatic summarization occurs by default.
EIGRP Route Summarization: Manual

Manual summarization has the following characteristics:
Summarization is configurable on a per-interface basis in any router within a network.
When summarization is configured on an interface, the router immediately creates a route pointing to
null0.
When the last specific route of the summary goes away, the summary is deleted.
The minimum metric of the specific routes is used as the metric of the summary route.
Turns off automatic summarization for the EIGRP process

Router(config-router)#no auto-summary
To Creates a summary address that this interface will generate.
Router(config-if)# ip summary-address EIGRP <as-number> <address> <subnetmask>
Manually Summarizing EIGRP Routes
Page 25 of 182
91 - 9985048840
EIGRP Load Balancing

Routes with lowest equal metric are installed in the routing table (equal-cost load balancing)
There can be up to sixteen entries in the routing table for the same destination:
The number of entries is configurable
The default is four
EIGRP Unequal-Cost Load Balancing Allows the router to include routes with a metric smaller than the
multiplier value times the metric of successor
Variance is configured for unequal cost load balancing
Variance is the multiplier to FD of successor
Default is 1(equal cost load balancing)
Router(config-router)# variance <multiplier>
Page 26 of 182
91 - 9985048840
Router E chooses router C to get to network Z, because it has lowest FD of 20.

With a variance of 2, router E chooses router B to get to network Z
(20 + 10 = 30) < [2 * (FD) = 40].
Router D is never considered to get to network Z (because 25 > 20).
EIGRP BANDWIDTH UTILIZATION

EIGRP uses up to 50% of bandwidth by default; this bandwidth utilization can
be changed
-The command to change the percentage of bandwidth used by EIGRP is
Router(config-if)#ip bandwidth-percent EIGRP <ASno > <number percent>
CONFIGURING THE IP DEFAULT-NETWORK COMMAND FOR EIGRP
CONFIGURING EIGRP AUTHENTICATION
Page 27 of 182
91 - 9985048840
Many routing protocols support authentication such that a router authenticates the source of
each routing update packet that it receives.
Simple password authentication is supported by:
IS-IS
OSPF
RIPv2
MD5 authentication is supported by:
OSPF
RIPv2
BGP
EIGRP
Simple Password vs. MD5 Authentication
Simple password authentication:
Router sends packet and key.
Neighbor checks whether key matches its key.
Process not secure.
MD5 authentication:
Configure a key (password) and key ID; router generates a message digest, or hash, of the
key, key ID and message.
Message digest is sent with packet; key is not sent.
Process OS secure.
EIGRP MD5 Authentication
EIGRP supports MD5 authentication.
Router generates and checks every EIGRP packet. Router authenticates the source of each
routing update packet that it receives.
Configure a key (password) and key ID; each participating neighbor must have same key
configured.
Router generates a message digest, or hash, of the key, key ID, and message.
EIGRP allows keys to be managed using key chains.
Specify key ID (number), key, and lifetime of key.
First valid activated key, in order of key numbers, is used.
To implement EIGRP authentication, first create a plan:

Look at the current configuration to determine the AS number and interfaces where it will be
configured.
Decide the authentication type. (For EIGRP this must be MD5.)
Decide the key strings, and how many keys will be used.
Optionally decide the key lifetimes.
To configure the router for EIGRP authentication, follow these steps:

Step 1. Configure a key chain to group the keys.
Step 2. Configure one or more keys within that key chain. The router checks all inbound packets against the list
of keys and uses the first valid one it finds.
Step 3. Configure the password or authentication string for that key. Repeat Steps 2 and 3 to add more keys if
desired.
Page 28 of 182
91 - 9985048840
Step 4. Optionally configure a lifetime for the keys within that key chain. If you do this, be sure that the time is
synchronized between the two routers.
Step 5. Enable authentication and assign a key chain to an interface.
Step 6. Designate MD5 as the type of authentication.
To Enters configuration mode for the keychain

Router(config)# key chain < name-of-chain>
Identifies key and enters configuration mode for the keyid
Router(config-keychain)# key <key-id>
Identifies key string (password)
Router(config-keychain-key)# key-string <text>
To Specifies MD5 authentication for EIGRP packets
Router(config-if)# ip authentication mode EIGRP <autonomous-system> md5
Enables authentication of EIGRP packets using key in the keychain
Router(config-if)#ip authentication key-chain EIGRP < AS no > <name-of-chain>
Verifying MD5 Authentication

R1#debug EIGRP packets
R1#show key chain
Example: Configuring EIGRP Authentication

Router(config)# key chain RTR_Auth
Router(config-keychain)# key 1
Router(config-keychain-key)# key-string mykey
Router(config-keychain-key)# send-lifetime 10:15:00 300
Router(config-keychain-key)# accept-lifetime 10:00:00 10:05:00
!
Router(config)# interface s1/0
Router(config-if)# ip authentication mode EIGRP 10 md5
Router(config-if)# ip authentication key-chain EIGRP 10 RTR_Auth
Verifying MD5 Authentication
R1#debug EIGRP packets
R1#show key chain
Customizing the EIGRP Configuration
EIGRP Scalability
Four factors influence EIGRPs scalability:
Page 29 of 182
91 - 9985048840
1.
2.
3.
4.
The number of routes that must be exchanged

The number of routers that must know of a topology change
The number of alternate routes to a network
The number of hops from one end of the network to the other (topology depth)
To improve scalability, summarize routes when possible, try to have a network depth of no more than seven
hops, and limit the scope of EIGRP queries.
EIGRP Stub
Stub routing is one way to limit queries. A stub router is one that is connected to no more than two
neighbors and should never be a transit router.
The EIGRP stub routing feature improves network stability, reduces resource utilization, and simplifies
remote router (spoke) configuration.
Stub routing is commonly used in a hub-and-spoke topology.
A stub router sends a special peer information packet to all neighboring routers to report its status as a
stub router.
A neighbor that receives a packet informing it of the stub status does not query the stub router for any
routes.
Configuring EIGRP Stub
Router(config-router)# EIGRP stub [receive-only|connected|static|summary]
receive-only: Prevents the stub from sending any type of route.

connected: Permits stub to send connected routes
(may still need to redistribute).
static: Permits stub to send static routes
(must still redistribute).
summary: Permits stub to send summary routes.
Default is connected and summary.
Active Process Enhancement
Page 30 of 182
91 - 9985048840
The Active Process Enhancement enables routers to use SIA-Queries and SIA-Replies to prevent the loss of a
neighbor unnecessarily during SIA conditions. A router sends its neighbor a SIA-Query after no reply to a
normal query. If the neighbor responds with a SIA-Reply, the router does not terminate the neighbor
relationship after 3 minutes, because it knows the neighbor is available.
Graceful Shutdown
Graceful shutdown is another feature that speeds network convergence. Whenever the EIGRP process is shut
down, the router sends a goodbye message to its neighbors. Ironically, the goodbye message is sent in a hello
packet. The neighbors can then immediately recalculate any paths that used the router as the next hop, rather
than waiting for the hold timer to expire.
Passive Interface
The passive-interface command prevents either routing updates or hello messages from being sent out an
interface. RIP does not send updates when it enabled; EIGRP and OSPF do not send hellos, and thus they dont
discover neighbors or form an adjacency out that interface. To disable the protocol on one interface, use the
routing protocol configuration command passive-interface interface. To turn off the protocol on all interfaces,
use passive-interface default. You can then use no passive-interface interface for the ones that should run the
protocol, as shown here:
Router(config)# router EIGRP 7
Router(config-router)# passive-interface default
Router(config-router)# no passive-interface s1/0
Unicast Neighbors
EIGRP usually uses a multicast to IP address 224.0.0.10 for its messages. You can configure it to use a unicast
address instead with the routing protocol configuration command neighbor ip-address. The IP address must be
in the same subnet as one of the routers own interfaces.
Page 31 of 182
91 - 9985048840
Summary
EIGRP capabilities include fast convergence and support for VLSM, partial updates, and multiple
network layer protocols.
EIGRP key technologies are neighbor discovery/recovery, RTP, DUAL finite-state machine, and
PDMs.
EIGRP uses three tables: neighbor table, topology table, and routing table. The routing table
contains the best route to each destination, called the successor route. A feasible successor route
is a backup route to a destination; it is kept in the topology table.
EIGRP uses the same metric components as IGRP: delay, bandwidth, reliability, load, and MTU.
By default, EIGRP metric equals bandwidth (slowest link) plus delay
(sum of delays).
EIGRP metrics are backward-compatible with IGRP; the EIGRP-equivalent metric is the IGRP
metric multiplied by 256.
The configuration commands for basic EIGRP include:
router EIGRP autonomous-system
network network-number [wildcard-mask]
bandwidth kilobits
The optional wildcard-mask parameter in the network command is an inverse mask used to
determine how to interpret the network-number parameter. A wildcard bit of 0 is a match and of
1 is dont care.
Create and advertise a default route in an EIGRP AS with the ip default-network network-number
command.
Use the show ip EIGRP neighbors command to verify that the router recognizes its neighbors.
Use the show ip route EIGRP command to verify that the router recognizes routes from its
neighbors.
Use the show ip protocols, show ip EIGRP interfaces, show ip EIGRP neighbors, show ip EIGRP
topology, and show ip EIGRP traffic commands to verify EIGRP operations.
EIGRP performs automatic network-boundary summarization, but administrators can disable
automatic summarization and perform manual route summarization on an interface-by-interface
basis. Summarizing routes creates smaller routing tables.
Use the no auto-summary command to disable automatic summarization. Use the ip summaryaddress EIGRP command to create a summary address.
EIGRP performs equal-cost load balancing by default for up to four paths (up to six paths can be
supported).
Use the variance command to configure unequal-cost load balancing.
EIGRP uses up to 50 percent of the bandwidth of an interface by default. Because of the inherent
differences in the operational characteristics of WAN links, this default may not be the best
option for all WAN links.
Use the ip bandwidth-percent EIGRP command to configure EIGRP bandwidth use across WAN
links.
There are two types of router authentication: simple password and MD5.
When EIGRP authentication is configured, the router generates and checks every EIGRP packet
and authenticates the source of each routing update packet that it receives. EIGRP supports MD5
authentication.
Page 32 of 182
91 - 9985048840
To configure MD5 authentication, use the ip authentication mode EIGRP and ip authentication
key-chain interface commands. The key chain must also be configured, starting with the key
chain command.
Use debug EIGRP packets to verify and troubleshoot MD5 authentication.
Factors that affect network scalability include these:
Amount of information exchanged between neighbors
Number of routers
Depth of the topology
Number of alternate paths through the network
When a route is lost and no feasible successor is available, queries are sent to all neighboring
routers on all interfaces.
The EIGRP stub command is used to enable the stub routing feature, which improves network
stability, reduces resource utilization, and simplifies stub router configuration.
After a route goes active and the query sequence is initiated, it can only come out of the active
state and move to passive state when it receives a reply for every generated query. If the router
does not receive a reply to all the outstanding queries within 3 minutes (the default time), the
route goes to the SIA state.
The active process enhancement feature enables an EIGRP router to monitor the progression of
the search for a successor route so that neighbor relationships are not reset unnecessarily.
With graceful shutdown, a goodbye message is broadcast when an EIGRP routing process is shut
down, to inform adjacent peers about the impending topology change.
Features such as stub routing, active process enhancement, and graceful shutdown help improve
network stability and performance.
For successful neighbor relationship there are few attributes must match between EIGRP
enabled routers.
1. AS number must match.
2. Authentication password must match
3. K values must match
4. MTU & network / subnet mask must match.
EIGRP Authentication support only MD5
EIGRP neighbors
Steps for Troubleshooting EIGRP
1) connectivity (ping , IP , MASK ,)
2) advertisements
3) mismatch of any of the
a. AS NO
Page 33 of 182
91 - 9985048840
b. K- values
c. Authentication
Sh ip EIGRP neighbors
Sh ip protocols
Sh run
Sh run int fa0/0
Debug eigrp packets
Page 34 of 182
91 - 9985048840
LAB -1 EIGRP SUMMARIZATION
TASK 1.1
Basic ADVERTISEMENTS
R1
Conf t
router EIGRP `100
network 10.0.00.0
network 1.0.0.0
R2
router EIGRP 100
network 20.0.0.0
network 2.0.0.0
network 1.0.0.0
exit
R3
router EIGRP 100
net 30.0.0.0
net 2.0.0.0
Page 35 of 182
91 - 9985048840
net 13.0.0.0
exit
R-1#sh ip route
C
D
D
C
C
C
C
C
D
D
1.0.0.0/8 is directly connected, Serial1/0

2 0.0/8 [90/2681856] via 1.1.1.2, 00:02:33, Serial1/0
20.0.0.0/8 [90/2172416] via 1.1.1.2, 00:02:33, Serial1/0
10.0.0.0/8 is directly connected, FastEthernet0/0
11.0.0.0/24 is subnetted, 4 subnets
11.0.3.0 is directly connected, Loopback3
13.0.0.0/8 [90/2809856] via 1.1.1.2, 00:02:06, Serial1/0
30.0.0.0/8 [90/2684416] via 1.1.1.2, 00:02:12, Serial1/0
R-1#sh ip route EIGRP

D 2.0.0.0/8 [90/2681856] via 1.1.1.2, 00:03:28, Serial1/0
D 20.0.0.0/8 [90/2172416] via 1.1.1.2, 00:03:28, Serial1/0
D 13.0.0.0/8 [90/2809856] via 1.1.1.2, 00:02:59, Serial1/0
D 30.0.0.0/8 [90/2684416] via 1.1.1.2, 00:03:05, Serial1/0
Same way you can verify on R2

D
D
D
D
2.0.0.0/8 [90/2681856] via 1.1.1.2, 00:03:28, Serial1/0

20.0.0.0/8 [90/2172416] via 1.1.1.2, 00:03:28, Serial1/0
13.0.0.0/8 [90/2809856] via 1.1.1.2, 00:02:59, Serial1/0
30.0.0.0/8 [90/2684416] via 1.1.1.2, 00:03:05, Serial1/0
13.0.0.0 network is auto summarized. By default ( as EIGRP, RIPV2 and BGP do auto summary by default )
TASK 1.2
disable auto-summary on all routers
R-X(config)#router EIGRP 100
R-X(config-router)#no auto-summary
Page 36 of 182
91 - 9985048840
D 2.0.0.0/8 [90/2681856] via 1.1.1.2, 00:06:09, Serial1/0
D 20.0.0.0/8 [90/2172416] via 1.1.1.2, 00:06:09, Serial1/0
D
13.0.1.0 [90/2809856] via 1.1.1.2, 00:00:13, Serial1/0
D
13.0.0.0 [90/2809856] via 1.1.1.2, 00:00:13, Serial1/0
D
13.0.3.0 [90/2809856] via 1.1.1.2, 00:00:13, Serial1/0
D
13.0.2.0 [90/2809856] via 1.1.1.2, 00:00:13, Serial1/0
D 30.0.0.0/8 [90/2684416] via 1.1.1.2, 00:05:46, Serial1/0
Al l the routes gets advertised individually
TASK -1. 3
Here the requirement is that I want R3 to perform manual summarization of above networks as (13.0.00.0/22
after calculation) when it sends to R2
R3
int s1/0
ip summary-address EIGRP 100 13.0.0.0 255.255.252.0
D 2.0.0.0/8 [90/2681856] via 1.1.1.2, 00:10:19, Serial1/0
D 20.0.0.0/8 [90/2172416] via 1.1.1.2, 00:10:19, Serial1/0
D
13.0.0.0 [90/2809856] via 1.1.1.2, 00:00:22, Serial1/0
D 30.0.0.0/8 [90/2684416] via 1.1.1.2, 00:09:56, Serial1/0
Task 1.4
1) Advertise the loopbacks of R2 and R1 in EIGRP 100
2) Configure manual summarization when they send those routes to other routers
R1
router EIGRP 100
net 11.0.0.0
no au
no auto-summary
exit
R2
Page 37 of 182
91 - 9985048840
router EIGRP 100
network 12.0.0.0
no auto-summary
exit
D 1.0.0.0/8 [90/2681856] via 2.2.2.1, 00:13:33, Serial1/0
D 20.0.0.0/8 [90/2172416] via 2.2.2.1, 00:13:33, Serial1/0
D 10.0.0.0/8 [90/2684416] via 2.2.2.1, 00:13:33, Serial1/0
D
11.0.3.0 [90/2809856] via 2.2.2.1, 00:00:56, Serial1/0
D
11.0.2.0 [90/2809856] via 2.2.2.1, 00:00:56, Serial1/0
D
11.0.1.0 [90/2809856] via 2.2.2.1, 00:00:56, Serial1/0
D
11.0.0.0 [90/2809856] via 2.2.2.1, 00:00:56, Serial1/0
D
12.0.0.0 [90/2297856] via 2.2.2.1, 00:01:25, Serial1/0
D
12.0.1.0 [90/2297856] via 2.2.2.1, 00:01:25, Serial1/0
D
12.0.2.0 [90/2297856] via 2.2.2.1, 00:01:25, Serial1/0
D
12.0.3.0 [90/2297856] via 2.2.2.1, 00:01:25, Serial1/0
13.0.0.0/8 is variably subnetted, 5 subnets, 2 masks
D
13.0.0.0/22 is a summary, 00:03:59, Null0

D 2.0.0.0/8 [90/2681856] via 1.1.1.2, 00:14:21, Serial1/0
D 20.0.0.0/8 [90/2172416] via 1.1.1.2, 00:14:21, Serial1/0
D
12.0.0.0 [90/2297856] via 1.1.1.2, 00:01:50, Serial1/0
D
12.0.1.0 [90/2297856] via 1.1.1.2, 00:01:50, Serial1/0
D
12.0.2.0 [90/2297856] via 1.1.1.2, 00:01:50, Serial1/0
D
12.0.3.0 [90/2297856] via 1.1.1.2, 00:01:50, Serial1/0
D
13.0.0.0 [90/2809856] via 1.1.1.2, 00:04:24, Serial1/0
D 30.0.0.0/8 [90/2684416] via 1.1.1.2, 00:13:58, Serial1/0
Task 1.5
Configure manual summarization when they send those routes to other routers
R1 ( applying manual Summarization)
int s1/0
exit
Page 38 of 182
91 - 9985048840
D 10.0.0.0/8 [90/2172416] via 1.1.1.1, 00:16:07, Serial1/0
D
11.0.0.0 [90/2297856] via 1.1.1.1, 00:00:29, Serial1/0
D
13.0.0.0 [90/2297856] via 2.2.2.2, 00:06:10, Serial1/1
D 30.0.0.0/8 [90/2172416] via 2.2.2.2, 00:15:44, Serial1/1
R2 ( applying manual Summarization)

int s1/0
int s1/1

D 2.0.0.0/8 [90/2681856] via 1.1.1.2, 00:17:26, Serial1/0
D 20.0.0.0/8 [90/2172416] via 1.1.1.2, 00:17:26, Serial1/0
D
11.0.0.0/22 is a summary, 00:01:49, Null0
D
12.0.0.0 [90/2297856] via 1.1.1.2, 00:00:41, Serial1/0
D
13.0.0.0 [90/2809856] via 1.1.1.2, 00:07:29, Serial1/0
D 30.0.0.0/8 [90/2684416] via 1.1.1.2, 00:17:03, Serial1/0

D 1.0.0.0/8 [90/2681856] via 2.2.2.1, 00:17:18, Serial1/0
D 20.0.0.0/8 [90/2172416] via 2.2.2.1, 00:17:18, Serial1/0
D 10.0.0.0/8 [90/2684416] via 2.2.2.1, 00:17:18, Serial1/0
D
11.0.0.0 [90/2809856] via 2.2.2.1, 00:02:04, Serial1/0
D
12.0.0.0 [90/2297856] via 2.2.2.1, 00:00:51, Serial1/0
D
13.0.0.0/22 is a summary, 00:07:44, Null0
Page 39 of 182
91 - 9985048840
Lab- 2 DEFAULT ROUTE IN EIGRP
1) BASIC ADV
R1
router EIGRP 100
no auto-summary
net 10.0.0.0
net 1.0.0.0
exit
R2
En
Conf t
router EIGRP 100
no auto-summary
net 20.0.0.0
net 1.0.0.0
net 2.0.0.0
exit
R3
router EIGRP 100
no auto-summary
Page 40 of 182
91 - 9985048840
net 2.0.0.0
exit
note : 30.1.1.1 and all 13.0.0.0 network loopbacks act as internet routes in our example
R-2#sh ip EIGRP neighbors

IP-EIGRP neighbors for process 100
H Address
Interface
Hold Uptime SRTT RTO Q Seq
(sec)
(ms)
Cnt Num
1 2.2.2.2
Se1/1
14 00:00:19 54 324 0 3
0 1.1.1.1
Se1/0
14 00:00:31 39 351 0 3
2) Configure a Default route on R2 (head office )to
reach internet routes
R-2(config)#ip route 0.0.0.0 0.0.0.0 2.2.2.2

R-2#sh ip route
C
C
C
D

10.0.0.0/8 [90/2172416] via 1.1.1.1, 00:01:51, Serial1/0
C
C
C
C
S* 0.0.0.0/0 [1/0] via 2.2.2.2
R-2#ping 13.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 13.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/22/36 ms
R-2#ping 30.1.1.1
!!!!!
Page 41 of 182
91 - 9985048840
(R2)Head office can reach internet but the branch office cannot as there is no default route configured for
internet in Branch office ( R1) .
R-1#ping 13.0.0.1
.....
Success rate is 0 percent (0/5)
No routes for 13.0.0.0 in the routing table
R-1#sh ip route
Gateway of last resort is not set
C
D
D
C
C
C
C
C

2.0.0.0/8 [90/2681856] via 1.1.1.2, 00:02:51, Serial1/0
20.0.0.0/8 [90/2172416] via 1.1.1.2, 00:02:51, Serial1/0

D 2.0.0.0/8 [90/2681856] via 1.1.1.2, 00:05:26, Serial1/0
D 20.0.0.0/8 [90/2172416] via 1.1.1.2, 00:05:26, Serial1/0
3) In order to Provide internet access to branch offices (R1 ) to reach internet routes through head
office we need to advertise the 2.0.0.0 network in EIGRP updates with the command
R-2#conf t
R-2(config)#ip default-network 2.0.0.0

D* 2.0.0.0/8 [90/2681856] via 1.1.1.2, 00:00:22, Serial1/0
D 20.0.0.0/8 [90/2172416] via 1.1.1.2, 00:06:06, Serial1/0
R-1#ping 13.0.0.1
!!!!!
Page 42 of 182
91 - 9985048840
R-1#ping 30.1.1.1
!!!!!
RIP default routing in RIPv2
R1 and R2 basic advertisements

R2 ( head office ) configure a default route
R1
router rip
ver 2
net 10.0.0.0
net 1.0.0.0
no auto-summary
exit
R2
router rip
Page 43 of 182
91 - 9985048840
ver 2
net 20.0.0.0
net 1.0.0.0
no auto-summary
exit
ip route 0.0.0.0 0.00.0.0 2.2.2.2
R2#sh ip route
C
C
C
R

10.0.0.0/8 [120/1] via 1.1.1.1, 00:00:03, Serial0/0
C
C
C
C
S* 0.0.0.0/0 [1/0] via 2.2.2.2
R1#sh ip route
C 1.0.0.0/8 is directly connected, Serial0/0
R 20.0.0.0/8 [120/1] via 1.1.1.2, 00:00:09, Serial0/0
C 10.0.0.0/8 is directly connected, FastEthernet0/0
C
C
C
C
Here we need to advertise the default route to all branch offices in the RIP so that they can access
internet through head office
R2
router rip
default-information originate
R1#sh ip route
Page 44 of 182
91 - 9985048840
R 20.0.0.0/8 [120/1] via 1.1.1.2, 00:00:06, Serial0/0
C
C
C
C
R* 0.0.0.0/0 [120/1] via 1.1.1.2, 00:00:06, Serial0/0
R1#ping 13.0.0.1
!!!!!
R1#traceroute 13.0.0.1
Tracing the route to 13.0.0.1
1 1.1.1.2 68 msec 152 msec 4 msec
2 2.2.2.2 128 msec * 92 msec
Page 45 of 182
91 - 9985048840
DEFAULT ROUTE IN OSPF
Task : 1
Basic advertisements according to diagram
R1
Router ospf 1
Network 1.0.0.0 0.255.255.255 area 0
Network 10.0.0.0 0.255.255.255 area 0
R2
Router ospf 1
Network 1.0.0.0 0.255.255.255 area 0
Network 20.0.0.0 0.255.255.255 area 0
Network 2.0.0.0 0.255.255.255 area 0
R3
Router ospf 1
Network 2.0.0.0 0.255.255.255 area 0
Page 46 of 182
91 - 9985048840
Task 2
Configure a Default route on R2 (head office )to
reach internet routes
R2 ( head office)
conf t
ip route 0.0.0.0 0.0.0.0 2.2.2.2
Task 3
Advertise the default to all the other routers in OSPF
R2 ( head office)
router ospf 1
default-information originate
Page 47 of 182
91 - 9985048840
EIGRP Load balancing

-------------------When a router learns a same route from different neighbors with the same metric it install both
the routes in the routing table and does load balancing, this is called equal cost load
balancing.
Note:- It does equal cost load balancing automatically. whereas unequal cost is not automatic.
For unequal cost load balancing we need to enable "variance"
------------------------------------------------------
Lab : EIGRP LOAD BALANCING
TASK - 1
Page 48 of 182
91 - 9985048840
Basic advertisements On All routers
R1
En
Conf t
router EIGRP 100
no auto-summary
net 10.0.0.0
net 1.0.0.0
net 4.0.0.0
exit
R2
En
Conf t
router EIGRP 100
no auto-summary
net 20.0.0.0
net 1.0.0.0
net 2.0.0.0
exit
R3
En
Conf t
router EIGRP 100
no auto-summary
net 30.0.0.0
net 2.0.0.0
net 3.0.0.0
exit
R4
En
Conf t
router EIGRP 100
no auto-summary
net 40.0.0.0
net 3.0.0.0
net 4.0.0.0
exit
R-1#sh ip EIGRP neighbors
Page 49 of 182
91 - 9985048840
IP-EIGRP neighbors for process 100
H Address
Interface
Hold Uptime SRTT RTO Q Seq
(sec)
(ms)
Cnt Num
1 4.4.4.1
Se1/1
12 00:00:11 77 462 0 9
0 1.1.1.2
Se1/0
12 00:00:11 62 372 0 11

D
D
D
D
D
2.0.0.0/8 [90/2681856] via 1.1.1.2, 00:00:36, Serial1/0

3.0.0.0/8 [90/2681856] via 4.4.4.1, 00:00:36, Serial1/1
20.0.0.0/8 [90/2172416] via 1.1.1.2, 00:00:36, Serial1/0
40.0.0.0/8 [90/2172416] via 4.4.4.1, 00:00:36, Serial1/1
30.0.0.0/8 [90/2684416] via 4.4.4.1, 00:00:36, Serial1/1
[90/2684416] via 1.1.1.2, 00:00:36, Serial1/0
Both routes are in the routing table means it is using both the routes to send any packet to 30.1.1.1 (R3)
R-1#sh ip EIGRP topology
IP-EIGRP Topology Table for AS(100)/ID(11.0.3.1)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
P 1.0.0.0/8, 1 successors, FD is 2169856
via Connected, Serial1/0
via 1.1.1.2 (2681856/2169856), Serial1/0
via 4.4.4.1 (2681856/2169856), Serial1/1
via Connected, FastEthernet0/0
via 1.1.1.2 (2172416/28160), Serial1/0
via 1.1.1.2 (2684416/2172416), Serial1/0
via 4.4.4.1 (2684416/2172416), Serial1/1
via 4.4.4.1 (2172416/28160), Serial1/1
R-1#sh interfaces s1/0

Serial1/0 is up, line protocol is up
Hardware is M4T
Internet address is 1.1.1.1/8
Page 50 of 182
91 - 9985048840
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
by default EIGRP do equal cost load balancing
R-1#traceroute 30.1.1.1
1 4.4.4.1 52 msec
1.1.1.2 24 msec
4.4.4.1 36 msec
2 2.2.2.2 76 msec
3.3.3.1 56 msec
Task -2 :
change the BW to 1000 Kbps on any of the
R1 interface
R-1(config)#int s1/0
R-1(config-if)#bandwidth ?
<1-10000000> Bandwidth in kilobits
R-1(config-if)#bandwidth 1000
D 2.0.0.0/8 [90/3193856] via 4.4.4.1, 00:00:28, Serial1/1
D 3.0.0.0/8 [90/2681856] via 4.4.4.1, 00:00:28, Serial1/1
D 20.0.0.0/8 [90/3074560] via 1.1.1.2, 00:00:28, Serial1/0
D 40.0.0.0/8 [90/2172416] via 4.4.4.1, 00:08:11, Serial1/1
D 30.0.0.0/8 [90/2684416] via 4.4.4.1, 00:00:28, Serial1/1
R-1#sh ip EIGRP topology
IP-EIGRP Topology Table for AS(100)/ID(11.0.3.1)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
r - reply Status, s - sia Status
via 4.4.4.1 (3193856/2681856), Serial1/1
via 1.1.1.2 (3584000/2169856), Serial1/0
via 4.4.4.1 (2681856/2169856), Serial1/1
Page 51 of 182
91 - 9985048840
via Connected, FastEthernet0/0
via 1.1.1.2 (3074560/28160), Serial1/0
via 4.4.4.1 (2684416/2172416), Serial1/1
via 1.1.1.2 (3586560/2172416), Serial1/0
via 4.4.4.1 (2172416/28160), Serial1/1
EIGRP also supports unequal cost load balancing. But it has to be done manually using variance.
Variance
is a multiplier value (1 128)
The routes which can go for load balancing should satisfy the condition
cost of successor X variance > cost of the other routes to be used for load balancing
cost ofsuccessor
via 4.4.4.1 (2684416/2172416), Serial1/1
cost of second routes to be used for load balancing
via 1.1.1.2 (3586560/2172416), Serial1/0
select the variance value
cost of successor X variance > cost of the other routes to be used for loadbalancing
2684416 X ------- > 3586560
The variance to be used here is 2 to satisfy the condition
R-1(config)#router EIGRP 100

R-1(config-router)#variance 2
R-1#sh ip protocols
Routing Protocol is "EIGRP 100"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Default networks flagged in outgoing updates
Default networks accepted from incoming updates
EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
EIGRP maximum hopcount 100
EIGRP maximum metric variance 2
Redistributing: EIGRP 100
Page 52 of 182
91 - 9985048840

D 2.0.0.0/8 [90/3193856] via 4.4.4.1, 00:00:56, Serial1/1
[90/3584000] via 1.1.1.2, 00:00:56, Serial1/0
D 3.0.0.0/8 [90/2681856] via 4.4.4.1, 00:00:56, Serial1/1
D 20.0.0.0/8 [90/3196416] via 4.4.4.1, 00:00:56, Serial1/1
[90/3074560] via 1.1.1.2, 00:00:56, Serial1/0
D 40.0.0.0/8 [90/2172416] via 4.4.4.1, 00:00:56, Serial1/1
D 30.0.0.0/8 [90/2684416] via 4.4.4.1, 00:00:56, Serial1/1
[90/3586560] via 1.1.1.2, 00:00:56, Serial1/0
Note : IT WILL DO load balancing for all the routes which satisfy the condition
R-1#traceroute 30.1.1.1
1 4.4.4.1 40 msec
1.1.1.2 20 msec
4.4.4.1 52 msec
2 2.2.2.2 32 msec
3.3.3.1 60 msec
Page 53 of 182
91 - 9985048840
Page 54 of 182
91 - 9985048840
OSPF
OSPF Features
Open standard (IETF)
SPF or Dijkstra algorithm
Link-state routing protocol
Classless
Supports FLSM, VLSM, CIDR and Manual summary
Incremental / triggered updates
Updates are sent as multicast (224.0.0.5 & 224.0.0.6)
Metric = Cost (cost = 108/bandwidth in bps)
Administrative distance = 110
Load balancing via 4 equal cost paths by default (unequal cost load balancing not supported)
Auto Neighbor discovery
Hierarchical network design
Sends periodic updates, known as link-state refresh, for every 30 minutes
Maintains similar database on all the routers within an area
Router ID is used to identify each router Router ID
Highest IP address on Active Physical Interface
More preference is given to logical interface (if configured)
Highest preference is for Router ID command
Configuring Router ID
Router(config-router)#router-id<ipaddress>
Link-State Data Structures

Neighbor Table
Page 55 of 182
91 - 9985048840
Also known as the adjacency database
Contains list of directly connected routers (neighbors)
Database Table
Typically referred to as LSDB ( link state database)
Contains information about all the possible routes to the networks with in the area
Routing Table
Contains list of best paths to each destination
OSPF SEVEN STAGE PROCESS
1) Establishing Bidirectional Communication
2) Discovering the Network Routes
Page 56 of 182
91 - 9985048840
3) Adding the Link-State Entries
Link-State Data Structure: Network Hierarchy

Link-state routing can have hierarchical network
This two-level hierarchy consists of the following:
Transit area (backbone or area 0)
Regular areas (nonbackbone areas)
Page 57 of 182
91 - 9985048840
Issue of Maintaining of large OSPF network
OSPF Multi Area
OSPF Database
Page 58 of 182
91 - 9985048840
OSPF Metric calculation

OSPF metric is not defined in standards. Every vendor uses different formula to calculate metric
OSPF Metric in Cisco = Cost= 108/ Bandwidth in bps
Ex:
Serial link64 Kbpscost

1544 Kbps cost
2000 Kbps cost
Ethernet10 Mbpscost
FastEthernet100 Mbps cost
Gigabit Ethernet(1000 Mbps) cost
1562
64
48
10
1
1
OSPF Packet Type

1. Hello
2. Database Description
3. Link State Request
4. Link State Update
5. Link State Ack
OSPF Packet Header Format
Page 59 of 182
91 - 9985048840
OSPF Neighbor relationship
Page 60 of 182
91 - 9985048840
LS Data Structures: LSA Operation
OSPF Network Types
Adjacency Behavior for a Point-to-Point Link

A point-to-point link is a single pair of routers.
Serial line configured with PPP or HDLC protocol.
No DR or BDR election is required
OSPF auto detects this type of link.
Page 61 of 182
91 - 9985048840
Broadcast Multi Access

Topology like Ethernet and Token Ring is BMA.
DR and BDR Election is required.
OSPF detects this type of link automatically
Page 62 of 182
91 - 9985048840
Designated Router &Backup Designated Router

The router having highest priority is DR
The router with second-highest priority is BDR
The default priority value is 1
In the case of a tie, router with highest router ID is DR second highest router ID becomes the BDR
If router priority is 0 it cannot become the DR or BDR
Router which is not a DR or BDR is called as DROTHER
DR & BDR election is not preemptive
DR/BDR Elections Neighbors

DR/BDR DROTHER Full
DROTHER DR/BDR Full
DROTHER DROTHER 2 Way
Updates
DROTHER DR/BDR 224.0.0.6
DR DROTHER 224.0.0.5
Page 63 of 182
91 - 9985048840
NBMA
Links like Frame relay, ATM and X.25.
OSPF considers NBMA as other broadcast media.
NBMA is not always full-mesh
DR BDR election depends on type of connection
NBMA Types
Page 64 of 182
91 - 9985048840
Type of OSPF Routers
OSPF Summarization
Benefit Of Route Summarization
Minimizes number of routing table entries
Localizes the impact of a topology change
Reduces LSA 3 and 5 flooding and saves CPU resources
Before Route Summarization
Page 65 of 182
91 - 9985048840
After Route Summarization
Types Of LSA
Page 66 of 182
91 - 9985048840
LSA Type 1: Router LSA

generated by the internal router
One Router LSA (type 1) for every router in an area
Includes list of directly attached links
Identified by the router ID of the originating router
Floods within its area only; does not cross the ABR
"O" routes in the routing table
LSA Type 2: Network LSA
One Network (type 2) LSA for each transit broadcast or NBMA network in an area (happens in broadcast
networks )
Includes Network ID, subnet mask and list of attached routers on that transit link
Advertised by the DR of the transit network (DR --> other ( LSA2))
Floods within its area only; does not cross ABR
"O" routes
Page 67 of 182
91 - 9985048840
LSA Type 3: Summary LSA

sending updates from one area to another area( 0 IA routes in the routing table)
contains network ID and subnet mask
Advertised by the ABR of originating area
Regenerated by subsequent ABRs to flood throughout the autonomous system.
By default, routes are not summarized and there is one type 3 LSA for every subnet
LSA Type 4: Summary LSA
ASBR Summary (type 4) LSAs are used to advertise Router ID of ASBR to all routers in other areas
present in autonomous system
They are generated by the ABR of the originating area
They are regenerated by all subsequent ABRs to flood throughout the autonomous system
Type 4 LSAs contain only the router ID of the ASBR
Page 68 of 182
91 - 9985048840
LSA Type 5: External LSA
External (type 5) LSAs are used to advertise networks learned from other autonomous systems(ASBR
external routes (redistributed routes) in to the OSPF)
Type 5 LSAs are advertised and owned by the originating ASBR (generated by the ASBR)
Type 5 LSAs flood throughout the autonomous system
The advertising router ID (ASBR) is unchanged throughout the autonomous system
Type 4 LSA is needed to identify ASBR
By default, routes are not summarized by ASBR
oE1 / oE2 routes
LSA- 6
o
used in multicast routing (MOSPF routing protocol)

Multicast LSA (Cisco routers dont support )
Types of Routes
Page 69 of 182
91 - 9985048840
E2 --- will not add the individual metric ( it remains same metric for al l the routers )
Default for external routes
E1 ---- will add the individual metric ( it changes as move from router to router )
R4(config-router)#redistribute rip subnets metric 250 me

R4(config-router)#redistribute rip subnets metric 250 metric-type ?
1 Set OSPF External Type 1 metrics
Default Routes in OSPF

OSPF can send Default Route in update
A default route is sent as an external LSA type (O*E2)
Static Default Route needs to be defined in Originating router
Router(config)#iproute0.0.0.00.0.0.0 <ExitInt/next-hop-IP>
Router(config-router)#default-informationoriginate
Page 70 of 182
91 - 9985048840
OSPF Special Area
Stub and Totally Stubby Area Rules

There should not be an ASBR in the area
The area should not be Area 0
No virtual links must pass through the area
There should be a single ABR (recommended)
Using Stub Areas

External LSAs are stopped ( E1 and E2 routes)
Default route is advertised into stub area by the ABR
All routers in stub area must be configured as stub
Page 71 of 182
91 - 9985048840
Stub Area Configuration

Configuring Stub command on all router in the area
Router(config-router)#area<area-id>stub
Using Totally Stubby Areas

External LSAs are stopped ( E1 and E2)
Summary LSAs are stopped ( OIA routes )
Routing table is reduced to a minimum
All routers in stub area must be configured as stub
ABR of stub area must be configured as totally stubby
This is a Cisco proprietary feature
Totally Stubby Configuration

Configuring all routers of Totally Stubby Area
Router(config-router)#area<area-id> stub
Configuring Area Border Router of Totally Stubby AreaRouter
Page 72 of 182
91 - 9985048840
(config-router)#area<area-id> stubno-summary
Not-So-Stubby Areas
NSSA breaks stub area rules
ASBR is allowed in NSSA
Special LSA type 7 defined, sent by ASBR
ABR converts LSA type 7 to LSA type 5
ABR does not send default route into NSSA by default
NSSA is an RFC addendum
NSSA Area Configuration

Configuring NSSA command on all router in the area
Router(config-router)#area<area-id>nssa
Totally Not-So-Stubby Areas

Totally NSSA Does not accepts summary and external LSAs
By default, Default Route is advertised by ABR of Totally NSSA
Totally NSSA Area Configuration

Configuring NSSA command on all router in the area
Router(config-router)#area<area-id>nssa
Configuring NSSA command on ABR router in the area
Router(config-router)#area<area-id>nssano-summary
Page 73 of 182
91 - 9985048840
OSPF Virtual Link

Virtual links are used to connect a discontiguous area to area 0
A logical connection is built between routers
Virtual links are recommended for backup or temporary connections
Configuring Virtual Links

Router(config-router)#area<area-id>virtual-link <router-id>
Page 74 of 182
91 - 9985048840
LAB -2.1 BASIC OSPF IMPLEMENTATION IN MULTIPLE AREAS
TASK -1
OSPF BASIC ADVERTISEMENTS
R1
router ospf 1
network 10.0.0.0 0.255.255.255 area 10
network 1.0.0.0 0.255.255.255 area 10
end
R2
router ospf 1
network 2.0.0.0 0.255.255.255 area 0
network 20.0.0.0 0.255.255.255 area 0
network 1.0.0.0 0.255.255.255 area 10
Page 75 of 182
91 - 9985048840
R2(config-router)#
*Mar 1 00:04:22.903: %OSPF-5-ADJCHG: Process 1, Nbr 11.0.3.1 on Serial0/0 from LOADING to FULL, Loading
Done
R3
router ospf 1
network 30.0.0.0 0.255.255.255 area 0
network 2.0.0.0 0.255.255.255 area 0
network 3.0.0.0 0.255.255.255 area 20
*Mar 1 00:06:18.079: %OSPF-5-ADJCHG: Process 1, Nbr 12.0.3.1 on Serial0/0 from LOADING to FULL,
Loading Done
R4
router ospf 1
network 40.0.0.0 0.255.255.255 area 20
network 3.0.0.0 0.255.255.255 area 20
end
R1#sh ip ospf neighbor

Neighbor ID Pri State
12.0.3.1
0 FULL/ -
Dead Time Address

Interface
00:00:31 1.1.1.2
Serial0/0
R1#sh ip protocols
Routing Protocol is "ospf 1"
Router ID 11.0.3.1
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
1.0.0.0 0.255.255.255 area 10
10.0.0.0 0.255.255.255 area 10
Router ID ( here it takes the highest IP of loopback interface )
Page 76 of 182
91 - 9985048840

13.0.3.1
0 FULL/ 11.0.3.1
0 FULL/ -
Dead Time Address

Interface
00:00:30 2.2.2.2
Serial0/1
00:00:33 1.1.1.1
Serial0/0

12.0.3.1
0 FULL/ 14.0.3.1
0 FULL/ -
Dead Time Address

Interface
00:00:35 2.2.2.1
Serial0/0
00:00:33 3.3.3.2
Serial0/1

13.0.3.1
0 FULL/ 11.0.3.1
0 FULL/ -
Dead Time Address

Interface
00:00:30 2.2.2.2
Serial0/1
00:00:33 1.1.1.1
Serial0/0
R2#sh ip ospf database

OSPF Router with ID (12.0.3.1) (Process ID 1)
Router Link States (Area 0)
Link ID
12.0.3.1
13.0.3.1
ADV Router Age

Seq#
Checksum Link count
12.0.3.1
321
0x80000004 0x00EC4B 3
13.0.3.1
315
0x80000004 0x00C06B 3
Summary Net Link States (Area 0)
Link ID
1.0.0.0
3.0.0.0
10.0.0.0
40.0.0.0
ADV Router Age

12.0.3.1
429
13.0.3.1
311
12.0.3.1
419
13.0.3.1
226
Seq#
Checksum
0x80000001 0x007774
0x80000001 0x005494
0x80000001 0x006672
0x80000001 0x00D5E3

Link ID
11.0.3.1
12.0.3.1
ADV Router Age

Seq#
Checksum Link count
11.0.3.1
433
0x80000003 0x003813 3
12.0.3.1
427
0x80000002 0x00BDAF 2
Link ID
ADV Router
Age
Seq#
Checksum
Page 77 of 182
91 - 9985048840
2.0.0.0
3.0.0.0
20.0.0.0
30.0.0.0
40.0.0.0
12.0.3.1
12.0.3.1
12.0.3.1
12.0.3.1
12.0.3.1
434
310
437
320
228
0x80000001 0x006A80
0x80000001 0x00DFC9
0x80000001 0x0061AD
0x80000001 0x006163
0x80000001 0x006119
R1#sh ip ospf database

OSPF Router with ID (11.0.3.1) (Process ID 1)
Link ID
11.0.3.1
12.0.3.1
ADV Router Age

Seq#
Checksum Link count
11.0.3.1
505
0x80000003 0x003813 3
12.0.3.1
504
0x80000002 0x00BDAF 2
Link ID
2.0.0.0
3.0.0.0
20.0.0.0
30.0.0.0
40.0.0.0
ADV Router Age

12.0.3.1
508
12.0.3.1
384
12.0.3.1
508
12.0.3.1
393
12.0.3.1
302
Seq#
Checksum
0x80000001 0x006A80
0x80000001 0x00DFC9
0x80000001 0x0061AD
0x80000001 0x006163
0x80000001 0x006119
R1#sh ip protocols
Router ID 11.0.3.1
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
1.0.0.0 0.255.255.255 area 10
10.0.0.0 0.255.255.255 area 10
TASK - 2
Router ID ( it takes the highest IP of loopback interface if configured )
But its preferable to manually configure Router-ID. Lets say Here I want to change the Router-id (manually)
Page 78 of 182
91 - 9985048840
R1(config)#router ospf 1
R1(config-router)#router-id 11.1.1.1
Reload or use "clear ip ospf process" command, for this to take effect
R1 already have the router id and it already established so u need to re enale the neighbor ship
R1#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
R1#sh ip protocols
Router ID 11.1.1.1
Task 3
Change the Router-ID of as
R2
R3
R4
22.2.2.2
33.3.3.3
44.4.4.4
Page 79 of 182
91 - 9985048840
REDISTRIBUTION
Task 1
Basic adv According to Diagram
R1
router rip
ver 2
network 11.0.0.0
no auto-summary
exit
router EIGRP 100
network 1.0.0.0
network 10.0.0.0
no auto-summary
exit
R2
router EIGRP 100
network 1.0.0.0
no auto-summary
Page 80 of 182
91 - 9985048840
exit
router ospf 1
network 20.0.0.0 0.255.255.255 area 0
network 2.0.0.0 0.255.255.255 area 0
exit
R3
router ospf 1
network 2.0.0.0 0.255.255.255 area 0
network 30.0.0.0 0.255.255.255 area 0
exit
router rip
ver 2
net 3.0.0.0
no auto-summary
exit
R4
router rip
ver 2
network 3.0.0.0
network 40.0.0.0
no auto-summary
exit
router EIGRP 100
network 14.0.0.0
no auto-summary
exit
R2#sh ip route
C
C
C
D

10.0.0.0/8 [90/2195456] via 1.1.1.1, 00:03:08, Serial0/0
C
C
C
Page 81 of 182
91 - 9985048840
C
O 30.0.0.0/8 [110/74] via 2.2.2.2, 00:01:40, Serial0/1
R3#sh ip route
C
C
O
R
C
C
C
C
C

20.0.0.0/8 [110/74] via 2.2.2.1, 00:02:53, Serial0/0
40.0.0.0/8 [120/1] via 3.3.3.2, 00:00:23, Serial0/1
R4#sh ip route
C
C
C
C
From the above outputs we can see that the router only learns the routes from coming from the same protocols
So In order to the routes between different protocols we need to redistribution.
Redistribution is the process of translating the routes from one protocol to another protocol
There are some rules need to follow which doing redistribution:
The router where redistribution is done should be running both protocols on at least one interface
You may also need to change the metric according to protocol in which you do redistribution
Task 2
Redistributing RIP in to EIGRP
R1(config)#router EIGRP 100
Page 82 of 182
91 - 9985048840
R1(config-router)#re
R1(config-router)#redistribute rip ?
metric Metric for redistributed routes
route-map Route map reference
<cr>
R1(config-router)#redistribute rip metric ?
<1-4294967295> Bandwidth metric in Kbits per second
R1(config-router)#redistribute rip metric 1000 ?

<0-4294967295> EIGRP delay metric, in 10 microsecond units
R1(config-router)#redistribute rip metric 1000 20000 ?
<0-255> EIGRP reliability metric where 255 is 100% reliable
R1(config-router)#redistribute rip metric 1000 20000 255 ?
<1-255> EIGRP Effective bandwidth metric (Loading) where 255 is 100% loaded
R1(config-router)#redistribute rip metric 1000 20000 255 1 ?
<1-65535> EIGRP MTU of the path
R1(config-router)#redistribute rip metric 1000 20000 255 1 1500
Note: Recommended to use the metric values near to defaults .
R2#sh ip route
C
C
C
D

10.0.0.0/8 [90/2195456] via 1.1.1.1, 00:10:23, Serial0/0
D EX 11.0.3.0 [170/8192000] via 1.1.1.1, 00:02:26, Serial0/0
D EX 11.0.2.0 [170/8192000] via 1.1.1.1, 00:02:26, Serial0/0
D EX 11.0.1.0 [170/8192000] via 1.1.1.1, 00:02:26, Serial0/0
D EX 11.0.0.0 [170/8192000] via 1.1.1.1, 00:02:26, Serial0/0
C
C
C
C
30.0.0.0/8 [110/74] via 2.2.2.2, 00:08:56, Serial0/1
Page 83 of 182
91 - 9985048840
DEx
D
EIGRP ( external routes)

EIGRP routes
AD value = 170
AD value = 90
Here u can see the routes from RIP gets redistributed in EIGRP on R1
and they area learned on R2 as EIGRP external routes
task 3
EIGRP into OSPF
R2
R2(config-router)#redistribute EIGRP 100
% Only classful networks will be redistributed
R2(config-router)#redistribute EIGRP 100 ?

metric
Metric for redistributed routes
metric-type OSPF/IS-IS exterior metric type for redistributed routes
route-map Route map reference
subnets Consider subnets for redistribution into OSPF
tag
Set tag for routes redistributed into OSPF
R2(config-router)#redistribute EIGRP 100 subnets

R3#sh ip route
O E2 1.0.0.0/8 [110/20] via 2.2.2.1, 00:02:42, Serial0/0
O 20.0.0.0/8 [110/74] via 2.2.2.1, 00:16:57, Serial0/0
R 40.0.0.0/8 [120/1] via 3.3.3.2, 00:00:07, Serial0/1
O E2 10.0.0.0/8 [110/20] via 2.2.2.1, 00:02:42, Serial0/0
O E2 11.0.3.0 [110/20] via 2.2.2.1, 00:01:24, Serial0/0
O E2 11.0.2.0 [110/20] via 2.2.2.1, 00:01:24, Serial0/0
O E2 11.0.1.0 [110/20] via 2.2.2.1, 00:01:24, Serial0/0
O E2 11.0.0.0 [110/20] via 2.2.2.1, 00:01:24, Serial0/0
C
C
C
C
By default ospf uses default metric of 20 for external routes (redistributed routes in to ospf)
Page 84 of 182
91 - 9985048840
If u want to use other than default metric

R2(config-router)#redistribute EIGRP 100 subnets metric 1000
R3#sh ip route
O E2 1.0.0.0/8 [110/1000] via 2.2.2.1, 00:00:03, Serial0/0
O 20.0.0.0/8 [110/74] via 2.2.2.1, 00:17:44, Serial0/0
R 40.0.0.0/8 [120/1] via 3.3.3.2, 00:00:27, Serial0/1
O E2 10.0.0.0/8 [110/1000] via 2.2.2.1, 00:00:03, Serial0/0
O E2 11.0.3.0 [110/1000] via 2.2.2.1, 00:00:03, Serial0/0
O E2 11.0.2.0 [110/1000] via 2.2.2.1, 00:00:03, Serial0/0
O E2 11.0.1.0 [110/1000] via 2.2.2.1, 00:00:03, Serial0/0
O E2 11.0.0.0 [110/1000] via 2.2.2.1, 00:00:03, Serial0/0
C
C
C
C
Task 4
OSPF IN TO RIP
R4 # s how ip route
C
C
C
C
No routes being learned here as different protocols are used
R3
Page 85 of 182
91 - 9985048840
router rip
redistribute ospf 1 metric 5
R4#sh ip route
R
R
C
C
R
C
R
R
R
R
R
C
C
C
C
R
1.0.0.0/8 [120/5] via 3.3.3.1, 00:00:00, Serial0/0

2.0.0.0/8 [120/5] via 3.3.3.1, 00:00:00, Serial0/0
20.0.0.0/8 [120/5] via 3.3.3.1, 00:00:00, Serial0/0
10.0.0.0/8 [120/5] via 3.3.3.1, 00:00:00, Serial0/0
11.0.3.0 [120/5] via 3.3.3.1, 00:00:00, Serial0/0
11.0.2.0 [120/5] via 3.3.3.1, 00:00:00, Serial0/0
11.0.1.0 [120/5] via 3.3.3.1, 00:00:00, Serial0/0
11.0.0.0 [120/5] via 3.3.3.1, 00:00:00, Serial0/0
30.0.0.0/8 [120/5] via 3.3.3.1, 00:00:05, Serial0/0
TASK 5
Check for routes from R4 coming on R1 or not
R1#sh ip route
C
C
C
C
No routes coming from R4 because the redistribution has to be done mutual ( both sides)
Page 86 of 182
91 - 9985048840
Task 6
Redistributing EIGRP in to RIP
R4
router rip
redistribute EIGRP 100 metric 10
R3#sh ip route
O E2 1.0.0.0/8 [110/1000] via 2.2.2.1, 00:08:46, Serial0/0
O 20.0.0.0/8 [110/74] via 2.2.2.1, 00:26:27, Serial0/0
R 40.0.0.0/8 [120/1] via 3.3.3.2, 00:00:25, Serial0/1
O E2 10.0.0.0/8 [110/1000] via 2.2.2.1, 00:08:46, Serial0/0
O E2 11.0.3.0 [110/1000] via 2.2.2.1, 00:08:46, Serial0/0
O E2 11.0.2.0 [110/1000] via 2.2.2.1, 00:08:46, Serial0/0
O E2 11.0.1.0 [110/1000] via 2.2.2.1, 00:08:46, Serial0/0
O E2 11.0.0.0 [110/1000] via 2.2.2.1, 00:08:46, Serial0/0
C
C
C
C
R
14.0.2.0 [120/10] via 3.3.3.2, 00:00:00, Serial0/1
R
14.0.3.0 [120/10] via 3.3.3.2, 00:00:00, Serial0/1
R
14.0.0.0 [120/10] via 3.3.3.2, 00:00:00, Serial0/1
R
14.0.1.0 [120/10] via 3.3.3.2, 00:00:00, Serial0/1
Task 7
Redistributing RIP in to OSPF
R3
router ospf 1
redistribute rip subnets metric 2500
R2#sh ip route
Page 87 of 182
91 - 9985048840
O E2 3.0.0.0/8 [110/2500] via 2.2.2.2, 00:00:07, Serial0/1
O E2 40.0.0.0/8 [110/2500] via 2.2.2.2, 00:00:07, Serial0/1
D 10.0.0.0/8 [90/2195456] via 1.1.1.1, 00:28:48, Serial0/0
D EX 11.0.3.0 [170/8192000] via 1.1.1.1, 00:20:51, Serial0/0
D EX 11.0.2.0 [170/8192000] via 1.1.1.1, 00:20:51, Serial0/0
D EX 11.0.1.0 [170/8192000] via 1.1.1.1, 00:20:51, Serial0/0
D EX 11.0.0.0 [170/8192000] via 1.1.1.1, 00:20:51, Serial0/0
C
C
C
C
O E2 14.0.2.0 [110/2500] via 2.2.2.2, 00:00:09, Serial0/1
O E2 14.0.3.0 [110/2500] via 2.2.2.2, 00:00:09, Serial0/1
O E2 14.0.0.0 [110/2500] via 2.2.2.2, 00:00:09, Serial0/1
O E2 14.0.1.0 [110/2500] via 2.2.2.2, 00:00:09, Serial0/1
O 30.0.0.0/8 [110/74] via 2.2.2.2, 00:27:21, Serial0/1
Task 8
REDISTRIBUTING OSPF IN TO EIGRP
R2
router EIGRP 100
redistribute ospf 1 metric 1544 2000 255 1 1500
R1#sh ip route
D EX 2.0.0.0/8 [170/2681856] via 1.1.1.2, 00:00:17, Serial0/0
D EX 3.0.0.0/8 [170/2681856] via 1.1.1.2, 00:00:17, Serial0/0
D EX 20.0.0.0/8 [170/2681856] via 1.1.1.2, 00:00:17, Serial0/0
D EX 40.0.0.0/8 [170/2681856] via 1.1.1.2, 00:00:17, Serial0/0
C
C
C
C
D EX 14.0.2.0 [170/2681856] via 1.1.1.2, 00:00:18, Serial0/0
D EX 14.0.3.0 [170/2681856] via 1.1.1.2, 00:00:18, Serial0/0
Page 88 of 182
91 - 9985048840
D EX 14.0.0.0 [170/2681856] via 1.1.1.2, 00:00:18, Serial0/0
D EX 14.0.1.0 [170/2681856] via 1.1.1.2, 00:00:18, Serial0/0
D EX 30.0.0.0/8 [170/2681856] via 1.1.1.2, 00:00:18, Serial0/0
R1#
R1#ping 14.0.0.1
!!!!!
Page 89 of 182
91 - 9985048840
OSPF SUMMARIZATION
Task -1
Basic advertisement according to diagram
R1(config-router)#net 0.0.0.0 0.0.0.0 area 10
Note: IN order to Advertisements of all the interfaces in area 10 even you can use the above method also.
R2
router ospf 1
net 1.0.0.0 0.255.255.255 area 10
net 2.0.0.0 0.255.255.255 area 0
net 20.0.0.0 0.255.255.255 area 0
R3
router ospf 1
network 2.0.0.0 0.255.255.255 area 0
network 30.0.0.0 0.255.255.255 area 0
network 3.0.0.0 0.255.255.255 area 20
R4
Page 90 of 182
91 - 9985048840
router rip
version 2
network 14.0.0.0
no auto-summary
exit
router ospf 1
network 3.0.0.0 0.255.255.255 area 20
network 40.0.0.0 0.255.255.255 area 20
Task -2
redistribute RIP in to OSPF with metric of 250
R4
router ospf 1
redistribute rip subnets metric 250
R3#sh ip route ospf

O IA 1.0.0.0/8 [110/128] via 2.2.2.1, 00:02:13, Serial0/0
O IA 4.0.0.0/8 [110/192] via 2.2.2.1, 00:02:13, Serial0/0
O 20.0.0.0/8 [110/74] via 2.2.2.1, 00:02:13, Serial0/0
O 40.0.0.0/8 [110/74] via 3.3.3.2, 00:01:06, Serial0/1
O IA 10.0.0.0/8 [110/138] via 2.2.2.1, 00:02:13, Serial0/0
O IA 11.0.2.1 [110/129] via 2.2.2.1, 00:02:13, Serial0/0
O IA 11.0.3.1 [110/129] via 2.2.2.1, 00:02:13, Serial0/0
O IA 11.0.0.1 [110/129] via 2.2.2.1, 00:02:13, Serial0/0
O IA 11.0.1.1 [110/129] via 2.2.2.1, 00:02:13, Serial0/0
O E2 14.0.2.0 [110/250] via 3.3.3.2, 00:00:56, Serial0/1
O E2 14.0.3.0 [110/250] via 3.3.3.2, 00:00:56, Serial0/1
O E2 14.0.0.0 [110/250] via 3.3.3.2, 00:00:56, Serial0/1
O E2 14.0.1.0 [110/250] via 3.3.3.2, 00:00:56, Serial0/1
R2#sh ip route ospf

O IA 3.0.0.0/8 [110/128] via 2.2.2.2, 00:00:14, Serial0/1
O 4.0.0.0/8 [110/128] via 1.1.1.1, 00:00:14, Serial0/0
O IA 40.0.0.0/8 [110/138] via 2.2.2.2, 00:00:14, Serial0/1
O 10.0.0.0/8 [110/74] via 1.1.1.1, 00:00:14, Serial0/0
Page 91 of 182
91 - 9985048840
O
O
O
O
11.0.2.1 [110/65] via 1.1.1.1, 00:00:14, Serial0/0

11.0.3.1 [110/65] via 1.1.1.1, 00:00:14, Serial0/0
11.0.0.1 [110/65] via 1.1.1.1, 00:00:14, Serial0/0
11.0.1.1 [110/65] via 1.1.1.1, 00:00:14, Serial0/0
O E2 14.0.2.0 [110/250] via 2.2.2.2, 00:00:01, Serial0/1
O E2 14.0.3.0 [110/250] via 2.2.2.2, 00:00:01, Serial0/1
O E2 14.0.0.0 [110/250] via 2.2.2.2, 00:00:01, Serial0/1
O E2 14.0.1.0 [110/250] via 2.2.2.2, 00:00:01, Serial0/1
O 30.0.0.0/8 [110/74] via 2.2.2.2, 00:00:14, Serial0/1
Note : for external routes in Ospf Default metric - 20 , metric-type - E2

Here we changed the metric to 250
R1#sh ip route ospf

O IA 2.0.0.0/8 [110/128] via 1.1.1.2, 00:09:32, Serial0/0
O IA 3.0.0.0/8 [110/192] via 1.1.1.2, 00:07:39, Serial0/0
O IA 20.0.0.0/8 [110/74] via 1.1.1.2, 00:09:22, Serial0/0
O IA 40.0.0.0/8 [110/202] via 1.1.1.2, 00:06:39, Serial0/0
O E2 14.0.2.0 [110/250] via 1.1.1.2, 00:00:23, Serial0/0
O E2 14.0.3.0 [110/250] via 1.1.1.2, 00:00:22, Serial0/0
O E2 14.0.0.0 [110/250] via 1.1.1.2, 00:00:22, Serial0/0
O E2 14.0.1.0 [110/250] via 1.1.1.2, 00:00:22, Serial0/0
O IA 30.0.0.0/8 [110/138] via 1.1.1.2, 00:07:49, Serial0/0
There are two types of OSPF external routes ( E1 and E2)

E2 --- will not add the individual metric ( it remains same metric for al l the routers )
Default for external routes
E1 ---- will add the individual metric ( it changes as move from router to router )
( add some diagram)
Task -3
Change the metric-type to E1 so that it can add add the individual metrics.
R4(config-router)#redistribute rip subnets metric 250 me

R4(config-router)#redistribute rip subnets metric 250 metric-type ?
Page 92 of 182
91 - 9985048840
R4(config-router)#no redistribute rip subnets metric 250
R4(config-router)#redistribute rip subnets metric 250 metric-type 1
R3#sh ip route ospf

O IA 1.0.0.0/8 [110/128] via 2.2.2.1, 00:08:25, Serial0/0
O IA 4.0.0.0/8 [110/192] via 2.2.2.1, 00:08:25, Serial0/0
O 20.0.0.0/8 [110/74] via 2.2.2.1, 00:08:25, Serial0/0
O 40.0.0.0/8 [110/74] via 3.3.3.2, 00:07:18, Serial0/1
O IA 10.0.0.0/8 [110/138] via 2.2.2.1, 00:08:25, Serial0/0
O IA 11.0.2.1 [110/129] via 2.2.2.1, 00:08:25, Serial0/0
O IA 11.0.3.1 [110/129] via 2.2.2.1, 00:08:25, Serial0/0
O IA 11.0.0.1 [110/129] via 2.2.2.1, 00:08:25, Serial0/0
O IA 11.0.1.1 [110/129] via 2.2.2.1, 00:08:25, Serial0/0
O E1 14.0.2.0 [110/314] via 3.3.3.2, 00:00:04, Serial0/1
O E1 14.0.3.0 [110/314] via 3.3.3.2, 00:00:04, Serial0/1
O E1 14.0.0.0 [110/314] via 3.3.3.2, 00:00:04, Serial0/1
O E1 14.0.1.0 [110/314] via 3.3.3.2, 00:00:04, Serial0/1
R2#sh ip route ospf
O IA 3.0.0.0/8 [110/128] via 2.2.2.2, 00:01:27, Serial0/1
O 4.0.0.0/8 [110/128] via 1.1.1.1, 00:01:27, Serial0/0
O IA 40.0.0.0/8 [110/138] via 2.2.2.2, 00:01:27, Serial0/1
O 10.0.0.0/8 [110/74] via 1.1.1.1, 00:01:27, Serial0/0
O
11.0.2.1 [110/65] via 1.1.1.1, 00:01:27, Serial0/0
O
11.0.3.1 [110/65] via 1.1.1.1, 00:01:27, Serial0/0
O
11.0.0.1 [110/65] via 1.1.1.1, 00:01:27, Serial0/0
O
11.0.1.1 [110/65] via 1.1.1.1, 00:01:27, Serial0/0
O E1 14.0.2.0 [110/378] via 2.2.2.2, 00:00:17, Serial0/1
O E1 14.0.3.0 [110/378] via 2.2.2.2, 00:00:17, Serial0/1
O E1 14.0.0.0 [110/378] via 2.2.2.2, 00:00:17, Serial0/1
O E1 14.0.1.0 [110/378] via 2.2.2.2, 00:00:17, Serial0/1
O 30.0.0.0/8 [110/74] via 2.2.2.2, 00:01:27, Serial0/1
R1#sh ip route ospf

O IA 2.0.0.0/8 [110/128] via 1.1.1.2, 00:10:40, Serial0/0
O IA 3.0.0.0/8 [110/192] via 1.1.1.2, 00:08:47, Serial0/0
O IA 20.0.0.0/8 [110/74] via 1.1.1.2, 00:10:30, Serial0/0
O IA 40.0.0.0/8 [110/202] via 1.1.1.2, 00:07:47, Serial0/0
Page 93 of 182
91 - 9985048840
O E1 14.0.2.0 [110/442] via 1.1.1.2, 00:00:33, Serial0/0
O E1 14.0.3.0 [110/442] via 1.1.1.2, 00:00:33, Serial0/0
O E1 14.0.0.0 [110/442] via 1.1.1.2, 00:00:33, Serial0/0
O E1 14.0.1.0 [110/442] via 1.1.1.2, 00:00:33, Serial0/0
O IA 30.0.0.0/8 [110/138] via 1.1.1.2, 00:08:57, Serial0/0
Here you can see the routers are adding the individual metrics in E1
Note : IN OSPF summarization can be done only on ABR or ASBR
Task 4
If ospf routes need to be summarized can be done on ABR

If external routes to be summarized can be done on ASBR
SUMMARIZE 11.0.0.0 NETWORKS ON R1( ABR )
R3#sh ip route ospf

O IA 1.0.0.0/8 [110/128] via 2.2.2.1, 00:08:25, Serial0/0
O IA 4.0.0.0/8 [110/192] via 2.2.2.1, 00:08:25, Serial0/0
O 20.0.0.0/8 [110/74] via 2.2.2.1, 00:08:25, Serial0/0
O 40.0.0.0/8 [110/74] via 3.3.3.2, 00:07:18, Serial0/1
O IA 10.0.0.0/8 [110/138] via 2.2.2.1, 00:08:25, Serial0/0
O IA 11.0.2.1 [110/129] via 2.2.2.1, 00:08:25, Serial0/0
O IA 11.0.3.1 [110/129] via 2.2.2.1, 00:08:25, Serial0/0
O IA 11.0.0.1 [110/129] via 2.2.2.1, 00:08:25, Serial0/0
O IA 11.0.1.1 [110/129] via 2.2.2.1, 00:08:25, Serial0/0
O E1 14.0.2.0 [110/314] via 3.3.3.2, 00:00:04, Serial0/1
O E1 14.0.3.0 [110/314] via 3.3.3.2, 00:00:04, Serial0/1
O E1 14.0.0.0 [110/314] via 3.3.3.2, 00:00:04, Serial0/1
O E1 14.0.1.0 [110/314] via 3.3.3.2, 00:00:04, Serial0/1
R1 ( ABR)
router ospf 1
area 10 range 11.0.0.0 255.255.252.0
R3#sh ip route ospf

O IA 1.0.0.0/8 [110/128] via 2.2.2.1, 00:16:30, Serial0/0
O IA 4.0.0.0/8 [110/192] via 2.2.2.1, 00:16:30, Serial0/0
O 20.0.0.0/8 [110/74] via 2.2.2.1, 00:16:30, Serial0/0
Page 94 of 182
91 - 9985048840
O 40.0.0.0/8 [110/74] via 3.3.3.2, 00:15:22, Serial0/1
O IA 10.0.0.0/8 [110/138] via 2.2.2.1, 00:16:30, Serial0/0
O IA 11.0.0.0 [110/129] via 2.2.2.1, 00:00:16, Serial0/0
O E1 14.0.2.0 [110/314] via 3.3.3.2, 00:08:09, Serial0/1
O E1 14.0.3.0 [110/314] via 3.3.3.2, 00:08:09, Serial0/1
O E1 14.0.0.0 [110/314] via 3.3.3.2, 00:08:09, Serial0/1
O E1 14.0.1.0 [110/314] via 3.3.3.2, 00:08:09, Serial0/1
Task 5
SUMMARIZE 14.0.0.0 ON R4 ( ASBR)
R4 ( ASBR)
router ospf 1
summary-address 14.0.0.0 255.255.252.0
R3#sh ip route ospf
O IA 1.0.0.0/8 [110/128] via 2.2.2.1, 00:17:37, Serial0/0
O IA 4.0.0.0/8 [110/192] via 2.2.2.1, 00:17:37, Serial0/0
O 20.0.0.0/8 [110/74] via 2.2.2.1, 00:17:37, Serial0/0
O 40.0.0.0/8 [110/74] via 3.3.3.2, 00:16:29, Serial0/1
O IA 10.0.0.0/8 [110/138] via 2.2.2.1, 00:17:37, Serial0/0
O IA 11.0.0.0 [110/129] via 2.2.2.1, 00:01:23, Serial0/0
O E1 14.0.0.0 [110/314] via 3.3.3.2, 00:00:17, Serial0/1
Page 95 of 182
91 - 9985048840
OSPF VIRTUAL-LINKS
TASK -1
remove the previous lab routing configurations
En
Conf t
No ip routing
Ip routing
TASK -2
Configure the basic advertisements according to diagram and configure the router ID also
R1(config-router)#router-id 11.1.1.1
R1(config-router)#network 11.0.0.0 0.255.255.255 area 10
R2
Page 96 of 182
91 - 9985048840
R3
router ospf 1
router-id 33.3.3.3
network 2.0.0.0 0.255.255.255 area 20
network 30.0.0.0 0.255.255.255 area 20
network 3.0.0.0 0.255.255.255 area 0
R4
R4#sh ip route ospf

O IA 1.0.0.0/8 [110/192] via 3.3.3.1, 00:00:13, Serial0/0
O IA 2.0.0.0/8 [110/128] via 3.3.3.1, 00:00:13, Serial0/0
O IA 20.0.0.0/8 [110/138] via 3.3.3.1, 00:00:13, Serial0/0
O IA 10.0.0.0/8 [110/202] via 3.3.3.1, 00:00:13, Serial0/0
O IA 12.0.1.1 [110/129] via 3.3.3.1, 00:00:13, Serial0/0
O IA 12.0.0.1 [110/129] via 3.3.3.1, 00:00:13, Serial0/0
O IA 12.0.3.1 [110/129] via 3.3.3.1, 00:00:13, Serial0/0
O IA 12.0.2.1 [110/129] via 3.3.3.1, 00:00:13, Serial0/0
O IA 30.0.0.0/8 [110/74] via 3.3.3.1, 00:00:13, Serial0/0
No routes from 11.0.0.0 as it belongs to area 10 which is not directly connected to area 0
Solution:
But I can connect AREA 10 to AREA 0 virtually over AREA 20 (virtual area)
TASK 3
Configure a virtual- link between AREA 10 and Area 0 ( through Area 20 )
R1
Sh ip protocols
Page 97 of 182
91 - 9985048840
Router ID 11.1.1.1
R3 # Sh ip protocols
Router ID 33.3.3.3
Note : Verify router-ID before you configure virtual link as it is dependent on Router ID ( preferable manual
Router-ID as it will not change )
R1(config-router)#area 20 virtual-link 33.3.3.3
There is a virtual link through area 20 and from R1 to R3 (33.3.3.3 of remote border router R3)
R3
R3(config-router)#area 20 virtual-link 11.1.1.1
There is a virtual link through area 20 and from R3 to R1 (11.1.1. router-ID of remote border router R1)
11.1.1.1
0 FULL/ 14.0.3.1
0 FULL/ 12.0.3.1
0 FULL/ -
Dead Time Address

Interface
1.1.1.1
OSPF_VL0
00:00:31 3.3.3.2
Serial0/1
00:00:34 2.2.2.1
Serial0/0

33.3.3.3
0 FULL/ 12.0.3.1
0 FULL/ -
Dead Time Address

Interface
2.2.2.2
OSPF_VL0
00:00:36 1.1.1.2
Serial0/0
R4#sh ip route ospf

O IA 1.0.0.0/8 [110/192] via 3.3.3.1, 00:13:26, Serial0/0
O IA 2.0.0.0/8 [110/128] via 3.3.3.1, 00:13:26, Serial0/0
O IA 20.0.0.0/8 [110/138] via 3.3.3.1, 00:13:26, Serial0/0
O IA 10.0.0.0/8 [110/202] via 3.3.3.1, 00:03:25, Serial0/0
Page 98 of 182
91 - 9985048840
O IA 11.0.2.1 [110/193] via 3.3.3.1, 00:03:25, Serial0/0
O IA 11.0.3.1 [110/193] via 3.3.3.1, 00:03:25, Serial0/0
O IA 11.0.0.1 [110/193] via 3.3.3.1, 00:03:25, Serial0/0
O IA 11.0.1.1 [110/193] via 3.3.3.1, 00:03:25, Serial0/0
O IA 12.0.1.1 [110/129] via 3.3.3.1, 00:13:26, Serial0/0
O IA 12.0.0.1 [110/129] via 3.3.3.1, 00:13:26, Serial0/0
O IA 12.0.3.1 [110/129] via 3.3.3.1, 00:13:26, Serial0/0
O IA 12.0.2.1 [110/129] via 3.3.3.1, 00:13:26, Serial0/0
O IA 30.0.0.0/8 [110/74] via 3.3.3.1, 00:13:26, Serial0/0
R1#sh ip ospf virtual-links

Virtual Link OSPF_VL0 to router 33.3.3.3 is up
Run as demand circuit
DoNotAge LSA allowed.
Transit area 20, via interface Serial1/0, Cost of using 128
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:02
Adjacency State FULL (Hello suppressed)
Index 1/2, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
Page 99 of 182
91 - 9985048840
RIP authentication
Basic advertisements
router rip
ver 2
network 0.0.0.0
no auto-summary
end
RIP auth
R1
Key chain CHAINR1
Key 1
Key-string cisco123
int s1/0
ip rip authentication mode md5
ip rip authentication key-chain CHAINR1
R2
Key chain CHAINR2
Key 1
Key-string cisco123
int s1/0
Page 100 of 182
91 - 9985048840
ip rip authentication mode md5
ip rip authentication key-chain CHAINR2
note : key no and the key string should be same on both routers
R1#sh key chain

Key-chain CHAINR1:
key 1 -- text "cisco123"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]
EIGRP AUTHENTICATION
R1
Conf t
Key chain CHAINR1
Key 1
Key-string cisco123
int s1/0
ip authentication mode EIGRP 100 md5
ip authentication key-chain EIGRP 100 CHAINR1
R1#sh key chain

Key-chain CHAINR1:
key 1 -- text "cisco123"
accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]
R2
Page 101 of 182
91 - 9985048840
Key chain CHAINR2
Key 1
Key-string cisco123
int s1/0
ip authentication mode EIGRP 100 md5
ip authentication key-chain EIGRP 100 CHAINR2
note :
key no and the key string should be same on both routers ( if not they will not establish neighbor ship)
Page 102 of 182
91 - 9985048840
OSPF AUTHENTICATION
OSPF supports clear text and MD5 authentication:
Task -1
Basic advertisements
R1
Router ospf 1
Network 10.0.0.0 0.255.255.255 area 0
Network 1.0.0.0 0.255.255.255 area 0
R2
Router ospf 1
Network 20.0.0.0 0.255.255.255 area 0
Network 1.0.0.0 0.255.255.255 area 0
Task 2
Both routers configure Clear text authentication
On Both routers
int s1/0
ip ospf authentication
ip ospf authentication-key cisco123
Task 3
Remove Clear text authentication

int s1/0
Page 103 of 182
91 - 9985048840
no ip ospf authentication
no ip ospf authentication-key cisco123
Task 4
use MD5 encrypted authentication
Both routers for MD5 authentication
int s1/0
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 cisco123
Page 104 of 182
91 - 9985048840
OSPF STUBS
1. basic adv
2. redistribute rip in to ospf
R1(config-router)#net
R2
router ospf 1
network 1.0.0.0 0.255.255.255 area 10
network 20.0.0.0 0.255.255.255 area 0
network 2.0.0.0 0.255.255.255 area 0
network 12.0.0.0 0.255.255.255 area 0
R3
router ospf 1
network 2.0.0.0 0.255.255.255 area 0
network 13.0.0.0 0.255.255.255 area 0
Page 105 of 182
91 - 9985048840
network 30.0.0.0 0.255.255.255 area 0
network 3.0.0.0 0.255.255.255 area 20
R4
router rip
ver 2
network 14.0.0.0
no auto-summary
end
router ospf 1
network 3.0.0.0 0.255.255.255 area 20
network 40.0.0.0 0.255.255.255 area 20
redistribute rip subnets
exit
R1#sh ip route ospf

O IA 2.0.0.0/8 [110/128] via 1.1.1.2, 00:02:56, Serial0/0
O IA 3.0.0.0/8 [110/192] via 1.1.1.2, 00:01:54, Serial0/0
O IA 20.0.0.0/8 [110/74] via 1.1.1.2, 00:03:04, Serial0/0
O IA 40.0.0.0/8 [110/202] via 1.1.1.2, 00:01:13, Serial0/0
O IA 12.0.1.1 [110/65] via 1.1.1.2, 00:02:56, Serial0/0
O IA 12.0.0.1 [110/65] via 1.1.1.2, 00:02:56, Serial0/0
O IA 12.0.3.1 [110/65] via 1.1.1.2, 00:02:56, Serial0/0
O IA 12.0.2.1 [110/65] via 1.1.1.2, 00:02:56, Serial0/0
O IA 13.0.0.1 [110/129] via 1.1.1.2, 00:02:04, Serial0/0
O IA 13.0.1.1 [110/129] via 1.1.1.2, 00:02:04, Serial0/0
O IA 13.0.2.1 [110/129] via 1.1.1.2, 00:02:04, Serial0/0
O IA 13.0.3.1 [110/129] via 1.1.1.2, 00:02:04, Serial0/0
O E2 14.0.2.0 [110/20] via 1.1.1.2, 00:01:06, Serial0/0
O E2 14.0.3.0 [110/20] via 1.1.1.2, 00:01:06, Serial0/0
O E2 14.0.0.0 [110/20] via 1.1.1.2, 00:01:05, Serial0/0
O E2 14.0.1.0 [110/20] via 1.1.1.2, 00:01:05, Serial0/0
O IA 30.0.0.0/8 [110/138] via 1.1.1.2, 00:02:04, Serial0/0
R1#ping 14.0.0.1
!!!!!
Page 106 of 182
91 - 9985048840
CONFIGURE AREA 10 AS STUB

On all the routers of the ospf area 10 ( R1,R2) the below command has to configured
on R1 and R2
router ospf 1
area 10 stub
R1(config-router)#area 10 stub
R2(config-router)#area 10 stub
R1#sh ip route ospf

O IA 2.0.0.0/8 [110/128] via 1.1.1.2, 00:00:11, Serial0/0
O IA 3.0.0.0/8 [110/192] via 1.1.1.2, 00:00:11, Serial0/0
O IA 20.0.0.0/8 [110/74] via 1.1.1.2, 00:00:11, Serial0/0
O IA 40.0.0.0/8 [110/202] via 1.1.1.2, 00:00:11, Serial0/0
O IA 12.0.1.1 [110/65] via 1.1.1.2, 00:00:11, Serial0/0
O IA 12.0.0.1 [110/65] via 1.1.1.2, 00:00:11, Serial0/0
O IA 12.0.3.1 [110/65] via 1.1.1.2, 00:00:11, Serial0/0
O IA 12.0.2.1 [110/65] via 1.1.1.2, 00:00:11, Serial0/0
O IA 13.0.0.1 [110/129] via 1.1.1.2, 00:00:11, Serial0/0
O IA 13.0.1.1 [110/129] via 1.1.1.2, 00:00:11, Serial0/0
O IA 13.0.2.1 [110/129] via 1.1.1.2, 00:00:11, Serial0/0
O IA 13.0.3.1 [110/129] via 1.1.1.2, 00:00:11, Serial0/0
O IA 30.0.0.0/8 [110/138] via 1.1.1.2, 00:00:11, Serial0/0
O*IA 0.0.0.0/0 [110/65] via 1.1.1.2, 00:00:11, Serial0/0
Here you can see all external routes replaces with a single default route and still you can reach routes on R4
R1#ping 14.0.0.1
Page 107 of 182
91 - 9985048840
!!!!!
CONFIURE AREA 10 as TOTALLY STUB

Remove the previous lab configs to move to next task
on R1 and R2
router ospf 1
no area 10 stub
Configure area 10 totally stub

R1#sh ip route ospf
O IA 2.0.0.0/8 [110/128] via 1.1.1.2, 00:02:56, Serial0/0
O IA 3.0.0.0/8 [110/192] via 1.1.1.2, 00:01:54, Serial0/0
O IA 20.0.0.0/8 [110/74] via 1.1.1.2, 00:03:04, Serial0/0
O IA 40.0.0.0/8 [110/202] via 1.1.1.2, 00:01:13, Serial0/0
O IA 12.0.1.1 [110/65] via 1.1.1.2, 00:02:56, Serial0/0
O IA 12.0.0.1 [110/65] via 1.1.1.2, 00:02:56, Serial0/0
O IA 12.0.3.1 [110/65] via 1.1.1.2, 00:02:56, Serial0/0
O IA 12.0.2.1 [110/65] via 1.1.1.2, 00:02:56, Serial0/0
O IA 13.0.0.1 [110/129] via 1.1.1.2, 00:02:04, Serial0/0
O IA 13.0.1.1 [110/129] via 1.1.1.2, 00:02:04, Serial0/0
O IA 13.0.2.1 [110/129] via 1.1.1.2, 00:02:04, Serial0/0
O IA 13.0.3.1 [110/129] via 1.1.1.2, 00:02:04, Serial0/0
O E2 14.0.2.0 [110/20] via 1.1.1.2, 00:01:06, Serial0/0
O E2 14.0.3.0 [110/20] via 1.1.1.2, 00:01:06, Serial0/0
O E2 14.0.0.0 [110/20] via 1.1.1.2, 00:01:05, Serial0/0
O E2 14.0.1.0 [110/20] via 1.1.1.2, 00:01:05, Serial0/0
O IA 30.0.0.0/8 [110/138] via 1.1.1.2, 00:02:04, Serial0/0
On Area border router ( R2)

Router ospf 1
Area 10 stub no-summary
On all the internal routers (R1)
Page 108 of 182
91 - 9985048840
Router ospf 1
Area 10 stub
R1#sh ip route
C
C
C
C
O*IA 0.0.0.0/0 [110/65] via 1.1.1.2, 00:00:01, Serial0/0
R1#sh ip route ospf

O*IA 0.0.0.0/0 [110/65] via 1.1.1.2, 00:00:47, Serial0/0
All external ( E1/E2) and OIA routes replaced with single default route and you maintain connectivity still at a
cost of reducing the size of routing table.
R1#ping 14.0.0.1
!!!!!
R1#ping 30.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/R1/292 ms
Page 109 of 182
91 - 9985048840
IPV6
IPV6 Address Types:
UNICAST
1) Global unicast
like public IP ( routable ) , 2000:: and 2001::
2) site local ( unique local)

like private ip ( routable) , FC00:: , FD00::
3) link local
default IPV6 address on every ipv6 enabled interface
( non routable )
FE80::
MULTICAST
starts with FF00::
ANY CAST
similar to multicast , identify multiple interfaces but sends to only one which ever it finds first.
the above ( site local and Global unicast addresses can be used as anycast.
TASK -1
Configure IPv6 address according to scenario diagram
R1
hostname R1
Page 110 of 182
91 - 9985048840
int fa0/0
ipv6 address fc00:11:11:11::1/64
no shutdown
int s1/0
ipv6 address 2001:12:12:12::1/64
no shutdown
clock rate 64000
R1#sh ipv6 int brief

FastEthernet0/0
[up/up]
FE80::2D0:FFFF:FED3:1701
FC00:11:11:11::1
FastEthernet0/1
[administratively down/down]
S1/0
[down/down]
FE80::207:ECFF:FEC3:501
2001:12:12:12::1
R2
hostname 222
int fa0/0
ipv6 address fc00:22:22:22::1/64
no shutdown
int s1/0
ipv6 address 2001:12:12:12::2/64
no shutdown
clock rate 64000
222#sh ipv6 int brief

FastEthernet0/0
[up/up]
FE80::204:9AFF:FEE7:BC01
FC00:22:22:22::2
FastEthernet0/1
[administratively down/down]
S1/0
[up/up]
FE80::290:CFF:FEA0:7801
2001:12:12:12::2
TASK 2
VERIFYING STATELESS AUTO CONFIGURATION
Page 111 of 182
91 - 9985048840
R1(config)#int fa0/1
R1(config-if)#ipv6 address 2001:1234:1234:1234::/64 eui-64
R1(config-if)#no shutdown
R1#sh ipv6 int brief

FastEthernet0/0
[up/up]
FC00:11:11:11::1
FastEthernet0/1
[up/down]
2001:1234:1234:1234:2D0:FFFF:FED3:1702
S1/0
[up/up]
FE80::207:ECFF:FEC3:501
2001:12:12:12::1
TASK 3
CONFIGURING STATIC ROUTING IN IPV6
R1(config)#ipv6 route fc00:22:22:22::/64 2001:12:12:12::2

Or
R1(config)#ipv6 route fc00:22:22:22::/64 s1/0
222(config)#ipv6 route fc00:11:11:11::/64 2001:12:12:12::1

Or
222(config)#ipv6 route fc00:11:11:11::/64 s1/0
R1#sh ipv6 route
C 2001:12:12:12::/64 [0/0]
via ::, S1/0
L 2001:12:12:12::1/128 [0/0]
via ::, S1/0
C FC00:11:11:11::/64 [0/0]
via ::, FastEthernet0/0
L FC00:11:11:11::1/128 [0/0]
S FC00:22:22:22::/64 [1/0]
via 2001:12:12:12::2
L FF00::/8 [0/0]
Page 112 of 182
91 - 9985048840
via ::, Null0
222#sh ipv6 route

C 2001:12:12:12::/64 [0/0]
via ::, S1/0
L 2001:12:12:12::2/128 [0/0]
via ::, S1/0
S FC00:11:11:11::/64 [1/0]
via ::, S1/0
C FC00:22:22:22::/64 [0/0]
L FC00:22:22:22::2/128 [0/0]
L FF00::/8 [0/0]
R1#ping fc00:22:22:22::2
Sending 5, 100-byte ICMP Echos to fc00:22:22:22::2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/a
TASK # 4
DEFAULT ROUTING
Remove the static routing and configure default routing
R1(config)#ipv6 route 0::/0 2001:12:12:12::2

Or
R1(config)#ipv6 route 0::/0 s1/0 ( exit interface of our router )
222(config)#ipv6 route 0::/0 2001:12:12:12::1

or
222(config)#ipv6 route 0::/0 s1/0
R1#sh ipv6 route

S ::/0 [1/0]
via 2001:12:12:12::2
C 2001:12:12:12::/64 [0/0]
Page 113 of 182
91 - 9985048840
via ::, S1/0
L 2001:12:12:12::1/128 [0/0]
via ::, S1/0
C FC00:11:11:11::/64 [0/0]
L FC00:11:11:11::1/128 [0/0]
L FF00::/8 [0/0]
via ::, Null0
222#sh ipv6 route
S ::/0 [1/0]
via ::, S1/0
C 2001:12:12:12::/64 [0/0]
via ::, S1/0
L 2001:12:12:12::2/128 [0/0]
via ::, S1/0
C FC00:22:22:22::/64 [0/0]
L FC00:22:22:22::2/128 [0/0]
L FF00::/8 [0/0]
via ::, Null0
R1#ping fc00:22:22:22::2
!!!!!
Page 114 of 182
91 - 9985048840
TASK # 5
Configuring RIPng IPv6 protocol
To enable ipv6 routing

R1(config)#ipv6 unicast-routing
IPv6 routing has to be enabled before using any dynamic routing protocols in IPv6.
Two steps in Dynamic protocols in IPV6 :
1) Configure protocol
2) Enable protocol in interface instead of advertisements
RIPNG
both routers
conf t
ipv6 router rip CISCO
exit
int fa0/0
ipv6 rip CISCO enable
exit
int s1/0
ipv6 rip CISCO enable
R1#sh ipv6 protocols

IPv6 Routing Protocol is "connected"
IPv6 Routing Protocol is "static
IPv6 Routing Protocol is "rip CISCO"
Interfaces:
FastEthernet0/0
S1/0
222#sh ipv6 protocols
IPv6 Routing Protocol is "connected"
IPv6 Routing Protocol is "static
IPv6 Routing Protocol is "rip CISCO"
Interfaces:
FastEthernet0/0
S1/0
Page 115 of 182
91 - 9985048840
R1#sh ipv6 route
IPv6 Routing Table - 6 entries
C 2001:12:12:12::/64 [0/0]
via ::, S1/0
L 2001:12:12:12::1/128 [0/0]
via ::, S1/0
C FC00:11:11:11::/64 [0/0]
L FC00:11:11:11::1/128 [0/0]
R FC00:22:22:22::/64 [120/1]
via FE80::290:CFF:FEA0:7801, S1/0
L FF00::/8 [0/0]
via ::, Null0
222#sh ipv6 route

C 2001:12:12:12::/64 [0/0]
via ::, S1/0
L 2001:12:12:12::2/128 [0/0]
via ::, S1/0
R FC00:11:11:11::/64 [120/1]
via FE80::207:ECFF:FEC3:501, S1/0
C FC00:22:22:22::/64 [0/0]
L FC00:22:22:22::2/128 [0/0]
L FF00::/8 [0/0]
via ::, Null0
R1#ping fc00:22:22:22::2
!!!!!
Page 116 of 182
91 - 9985048840
TASK # 6
Configuring OSPF V3
R1
ipv6 router ospf 1
router-id 1.1.1.1
exit
int fa0/0
ipv6 ospf 1 area 10
int s1/0
ipv6 ospf 1 area 0
R2
ipv6 router ospf 1

router-id 2.2.2.2
exit
int fa0/0
ipv6 ospf 1 area 0
Page 117 of 182
91 - 9985048840
int s1/0
ipv6 ospf 1 area 0
EIGRP
ipv6 router EIGRP 100

router-id 1.1.1.1
no sh
exit
int fa0/0
ipv6 EIGRP 100
int s1/0
ipv6 EIGRP 100
ROUTE FILTERING
distribution list
Page 118 of 182
91 - 9985048840
on all routers
R-(config)#router rip
R-(config-router)#ver 2
R-(config-router)#net 0.0.0.0
R-(config-router)#no auto-summary
R-(config-router)#end
R-2#sh ip route rip

R 10.0.0.0/8 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
Page 119 of 182
91 - 9985048840
R
R
R
R
R
R
R
R
R
11.0.3.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0

11.0.2.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
11.0.1.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
11.0.0.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
13.0.0.0 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
13.0.1.0 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
13.0.3.0 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
13.0.2.0 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
30.0.0.0/8 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
Here the requirement is to deny 13.0.0.0/24 and 13.0.1.0/24 networks from being advertised to R2
R3
access-list 15 deny 13.0.0.0 0.0.0.255
access-list 15 deny 13.0.1.0 0.0.0.255
access-list 15 permit any
router rip
distribute-list 15 out s1/0
R-2#clear ip route *
R-2#sh ip route rip
R 10.0.0.0/8 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
R
11.0.3.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
R
11.0.2.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
R
11.0.1.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
R
11.0.0.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
R
13.0.3.0 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
R
13.0.2.0 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
R 30.0.0.0/8 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
You can see here the two networks (13.0.0.0/24 and 13.0.1.0/24 ) are no more in routing table
Remove the ACL and distribution list to move to next task

R3
no access-list 15
router rip
no distribute-list 15 out s1/0
Page 120 of 182
91 - 9985048840
Lets say the same task to be done using prefix-list
Here the requirement is to deny 13.0.0.0/24 and 13.0.1.0/24 networks from being advertised to R2
Using prefix - list
prefix list
R-2#sh ip route rip

R 10.0.0.0/8 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
R
11.0.3.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
R
11.0.2.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
R
11.0.1.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
R
11.0.0.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
R
13.0.0.0 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
R
13.0.1.0 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
R
13.0.3.0 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
R
13.0.2.0 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
R 30.0.0.0/8 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
R3
ip prefix-list CCNP deny 13.0.0.0/24
ip prefix-list CCNP deny 13.0.1.0/24
ip prefix-list CCNP permit 0.0.0.0/0 le 32
router rip
distribute-list prefix CCNP out s1/0
R-2#clear ip route *
R-2#sh ip route rip
R 10.0.0.0/8 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
R
11.0.3.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
R
11.0.2.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
R
11.0.1.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
R
11.0.0.0 [120/1] via 1.1.1.1, 00:00:10, Serial1/0
R
13.0.3.0 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
R
13.0.2.0 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
R 30.0.0.0/8 [120/1] via 2.2.2.2, 00:00:05, Serial1/1
Page 121 of 182
91 - 9985048840
You can see here the two networks (13.0.0.0/24 and 13.0.1.0/24 ) are no more in routing table
Remove the configurations done in the previous task to come to normal routing state.
Conf t
No ip prefix-list CCNP
router rip
no distribute-list prefix CCNP out s1/0
OFFSET-LIST
Lets say the requirement is to deny 13.0.0.0/24 and 13.0.1.0/24 networks from being advertised to R1 but R2
can receive it ( dont use Distribution or prefix list ) .
In such cases I can use one more filtering method called offset-list
access-list 20 permit 13.0.0.0 0.0.0.255
router rip
offset-list 20 out 14
end
Here the router R3 advertises those two networks with metric of 14 ( offset) . so the R2 gets metric 15.
R1 receives with metric 16 (which means unreachable)
R-2#sh ip route rip
R 10.0.0.0/8 [120/1] via 1.1.1.1, 00:00:05, Serial1/0
R
11.0.3.0 [120/1] via 1.1.1.1, 00:00:05, Serial1/0
R
11.0.2.0 [120/1] via 1.1.1.1, 00:00:05, Serial1/0
R
11.0.1.0 [120/1] via 1.1.1.1, 00:00:05, Serial1/0
R
11.0.0.0 [120/1] via 1.1.1.1, 00:00:05, Serial1/0
R
13.0.1.0 [120/15] via 2.2.2.2, 00:00:19, Serial1/1
R
13.0.0.0 [120/15] via 2.2.2.2, 00:00:19, Serial1/1
R
13.0.3.0 [120/1] via 2.2.2.2, 00:00:19, Serial1/1
R
13.0.2.0 [120/1] via 2.2.2.2, 00:00:19, Serial1/1
R-1#sh ip route rip

R 2.0.0.0/8 [120/1] via 1.1.1.2, 00:00:23, Serial1/0
Page 122 of 182
91 - 9985048840
R 20.0.0.0/8 [120/1] via 1.1.1.2, 00:00:23, Serial1/0
R
12.0.0.0 [120/1] via 1.1.1.2, 00:00:23, Serial1/0
R
12.0.1.0 [120/1] via 1.1.1.2, 00:00:23, Serial1/0
R
12.0.2.0 [120/1] via 1.1.1.2, 00:00:23, Serial1/0
R
12.0.3.0 [120/1] via 1.1.1.2, 00:00:23, Serial1/0
R
13.0.3.0 [120/2] via 1.1.1.2, 00:00:23, Serial1/0
R
13.0.2.0 [120/2] via 1.1.1.2, 00:00:23, Serial1/0
R 30.0.0.0/8 [120/2] via 1.1.1.2, 00:00:23, Serial1/0
You can see here the two networks (13.0.0.0/24 and 13.0.1.0/24 ) are no more in routing table of R1
NOTE :
In case of EIGRP protocol, offset list used to change the metric of the routes specified
R-2(config)# router EIGRP 100

R-2(config-router)#offset-list 20 out ?
<0-2147483647> Offset
R-2(config-router)#offset-list 20 out 2000
PASSIVE INTERFACE
EIGRP and OSPF : dont send any hello on the interface
Means no neighbor ship will be established
router EIGRP 100
passive-interface s1/0
{or }
router ospf 1
RIPv2 ; only receive the routes but dont send any routes on that interface
router rip
Page 123 of 182
91 - 9985048840
ROUTE MAPS
Remove all the routing configurations of the previous lab

en
conf t
no ip routing
ip routing
1)Basic Adv
On routers (R1- - R2 )
Page 124 of 182
91 - 9985048840
En
Conf t
Router ospf 1
Net 0.0.0.0 0.0.0.0 area 0
Exit
R3
router ospf 1
network 2.0.0.0 0.255.255.255 a 0
network 30.0.0.0 0.255.255.255 a 0
router rip
ver 2
network 13.0.0.0
no auto-summary
exit
lets say here the requirement is

13.0.0.0/24 should get redistributed in to ospf with metric = 2500 and metric-type default ( E2)
13.0.1.0/24 and 13.0.2.0/24 should get redistributed in to ospf with metric = 5000 and metric-type
== ( E1)
remaining networks should use defaults for ( metric and metric-type)
ON R3
2) ACL ( TO MATCH THE NETWORKS )

3) Route-Map which refers the ACL ( networks) and apply the specific values
route-map CCNP permit 10
match ip address 25
set metric 2500
exit
match ip add 30
Page 125 of 182
91 - 9985048840
set metric 5000
set metric-type type-1
exit

exit
4) REDISTRIBUTE WITH REFFERING TO ROUTE-MAP

router ospf 1
redistribute rip subnets route-map CCNP
end
R-3#sh route-map
R-2#sh ip route ospf

O 10.0.0.0/8 [110/65] via 1.1.1.1, 00:02:48, Serial1/0
O
11.0.2.1 [110/65] via 1.1.1.1, 00:02:48, Serial1/0
O
11.0.3.1 [110/65] via 1.1.1.1, 00:02:48, Serial1/0
O
11.0.0.1 [110/65] via 1.1.1.1, 00:02:48, Serial1/0
O
11.0.1.1 [110/65] via 1.1.1.1, 00:02:48, Serial1/0
O E1 13.0.1.0 [110/5064] via 2.2.2.2, 00:01:25, Serial1/1
O E2 13.0.0.0 [110/2500] via 2.2.2.2, 00:01:25, Serial1/1
O E2 13.0.3.0 [110/20] via 2.2.2.2, 00:01:25, Serial1/1
O E1 13.0.2.0 [110/5064] via 2.2.2.2, 00:01:25, Serial1/1
O 30.0.0.0/8 [110/65] via 2.2.2.2, 00:02:48, Serial1/1
Page 126 of 182
91 - 9985048840
LAB 01 --IBGP NEIGHBORSHIP
R1
En
Conf t
router bgp 500
neighbor 1.1.1.2 remote-as 500
network 10.0.0.0
network 1.0.0.0
network 4.0.0.0
network 11.0.0.0 mask 255.255.255.0
(To advertise with default mask value ex: 10.0.0.0/8

to advertise with exact mask other than default like 11.0.0.0/24)
no auto-summary
no synchronization
exit
R2
router bgp 500
network 20.0.0.0
network 2.0.0.0
network 1.0.0.0
no auto-summary
no synchronization
end
R3
router bgp 500
network 30.0.0.0
network 3.0.0.0
network 2.0.0.0
no auto-summary
no synchronization
end
R4
Page 127 of 182
91 - 9985048840
Router bgp 500

network 40.0.0.0
network 4.0.0.0
network 3.0.0.0
no auto-summary
no synchronization
exit
Aug 29 10:06:02.663: %BGP-5-ADJCHANGE: neighbor 4.4.4.1 Up

R-1#sh ip bgp summary
Neighbor
V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.2
4 500
5
5
9 0 0 00:01:26
3
4.4.4.1
4 500
5
5
9 0 0 00:00:21
3
R-4#sh ip bgp
Neighbor
3.3.3.1
4 500
7
7
9 0 0 00:02:05
3
4.4.4.2
4 500
7
7
9 0 0 00:02:05
4
Page 128 of 182
91 - 9985048840
R-1#sh ip route bgp
B 2.0.0.0/8 [200/0] via 1.1.1.2, 00:03:00
B 3.0.0.0/8 [200/0] via 4.4.4.1, 00:02:46
B 20.0.0.0/8 [200/0] via 1.1.1.2, 00:03:00
B 40.0.0.0/8 [200/0] via 4.4.4.1, 00:02:46
No network 30.0.0.0
R-2#sh ip route bgp

B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:03:46
B 4.0.0.0/8 [200/0] via 1.1.1.1, 00:03:51
B 10.0.0.0/8 [200/0] via 1.1.1.1, 00:03:51
B
11.0.0.0 [200/0] via 1.1.1.1, 00:03:51
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:03:46
No network 40.0.0.0
Page 129 of 182
91 - 9985048840
BGP SPLIT HORIZON RULE
an update send by one IBGP neighbor should not be send back to
another IBGP neighbor
to avoid loops
solution :
1) full mesh neighbor ship (means every router should be a neighbor of every other router with in the AS.)
IBGP neighbors need not to be directly connected
R1
Router bgp 500
Neighbor 2.2.2.2 remote-as 500
R2
Router bgp 500
R3
Router bgp 500
R4
Router bgp 500
Neighbor
1.1.1.2
4 500 20 20
11 0 0 00:16:29
3
2.2.2.2
4 500
3
5
11 0 0 00:00:09
3
4.4.4.1
4 500 20 20
11 0 0 00:15:24
3
R-1#sh ip route bgp

B 2.0.0.0/8 [200/0] via 1.1.1.2, 00:16:19
B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:00:51
B 20.0.0.0/8 [200/0] via 1.1.1.2, 00:16:19
B 40.0.0.0/8 [200/0] via 4.4.4.1, 00:16:05
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:00:51
R-2#sh ip route bgp
B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:16:42
B 4.0.0.0/8 [200/0] via 1.1.1.1, 00:16:48
B 40.0.0.0/8 [200/0] via 3.3.3.2, 00:00:57
B 10.0.0.0/8 [200/0] via 1.1.1.1, 00:16:48
Page 130 of 182
91 - 9985048840
B
11.0.0.0 [200/0] via 1.1.1.1, 00:16:48
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:16:42
Page 131 of 182
91 - 9985048840
LAB -2 IBGP using loopbacks
All routers ( remove the lab-1 configs)

En
Conf t
No Router bgp 500
R1
en
conf t
router bgp 500
network 10.0.0.0
no auto-summary
no sync
exit
WAN interfaces not preferably advertised in real networks( It makes your routing table more big).
R2
en
conf t
router bgp 500
network 20.0.0.0
no auto-summary
no sync
exit
Page 132 of 182
91 - 9985048840
R3
en
conf t
router bgp 500
network 30.0.0.0
no auto-summary
no sync
exit
R4
en
conf t
router bgp 500
network 40.0.0.0
no auto-summary
no sync
exit
v

Neighbor
V AS MsgRcvd MsgSent
12.0.0.1
4 500
0
0
0 0
13.0.0.1
4 500
0
0
0 0
14.0.0.1
4 500
0
0
0 0
TblVer InQ OutQ Up/Down State/PfxRcd

0 never Active
0 never Active
0 never Active
Active means its actively tryng to establish the neighborship ( still trying )
Page 133 of 182
91 - 9985048840
To troubleshoot BGP neighborship
Make sure that there is a connectivity to neighbor
R-1#ping 12.0.0.1
.....
R-1#sh ip rout
R-1#sh ip route
C
C
C
C
No entry of the neighbor address ( 12.0.0.1 , 13.0.0.1 , 14.0.0.1 )

Here the router R1 dont know how to reach neighbor address ( 12.0.0.1 ,13.0.0.1 , 14.0.0.1 )
To learn about those neighbors BGP relies on IGP protocol ( RIP/EIGRP/OSPF) running inside the AS
Here is the issue is with Routing

To fix it Configure RIP , OSPF , EIGRP any one and make sure that you advertise the loopback used for bgp
peering.
On all routers
en
conf t
router rip
ver 2
net 0.0.0.0
no au
exit
Page 134 of 182
91 - 9985048840

Neighbor
12.0.0.1
4 500
0
0
0 0
13.0.0.1
4 500
0
0
0 0
14.0.0.1
4 500
0
0
0 0

0 never Active
0 never Active
0 never Active
Make sure that there is connecticity between neighbors
R-1#ping 12.0.0.1
!!!!!
R-1#ping 13.0.0.1
!!!!!
R-1#ping 14.0.0.1
!!!!!
The other issue can be Problem with source address

R1
Conf t
Router bgp 500
Neighbor 12.0.0.1 update-source loop 0
R2
Conf t
Router bgp 500
Page 135 of 182
91 - 9985048840
R3
Conf t
Router bgp 500
R4
Conf t
Router bgp 500

Neighbor
12.0.0.1
13.0.0.1
14.0.0.1
4 500
7
7
8 0
4 500
6
6
8 0
4 500
6
6
8 0

0 00:02:04
1
0 00:01:39
1
0 00:01:52
1
Page 136 of 182
91 - 9985048840
BGP next hop behavior
When EBGP ---sends an update to another EBGP neighbor -------------changes the next hop
When IBGP ---sends an update to another IBGP neighbor ------------- the next hop remains same ( not change)
R1
router bgp 500
network 10.0.0.0
network 1.0.0.0
no auto-summary
no synchronization
R2
router bgp 500
network 20.0.0.0
network 1.0.0.0
network 2.0.0.0
no au
no synchronization
R3
router bgp 600
network 30.0.0.0
network 2.0.0.0
no auto-summary
no synchronization
exit
R2#sh ip bgp summary

Neighbor
1.1.1.1
4 500
4
5
4 0 0 00:00:49
1
2.2.2.2
4 600
5
6
3 0 0 00:00:06
1
Page 137 of 182
91 - 9985048840
R1#sh ip route bgp

B 2.0.0.0/8 [200/0] via 1.1.1.2, 00:02:34
B 20.0.0.0/8 [200/0] via 1.1.1.2, 00:17:10
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:00:13
R-1#sh ip bgp
R1#sh ip bgp
Network
Next Hop
* i1.0.0.0
1.1.1.2
*>
0.0.0.0
*>i2.0.0.0
1.1.1.2
*> 10.0.0.0
0.0.0.0
*>i20.0.0.0
1.1.1.2
*>i30.0.0.0
2.2.2.2
Metric LocPrf Weight Path

0 100 0 i
0
32768 i
0 100 0 i
0
32768 i
0 100 0 i
0 100 0 600 i
BGP next hop behavior

When EBGP ---sends an update to another EBGP neighbor -------------changes the next hop
When IBGP ---sends an update to another IBGP neighbor ------------- the next hop remains same ( not change)
R2
To change this behavior manually you need to tell to change the next hop ( done on the border routers
pointing to internal BGP neighbors )
R2
router bgp 500
neighbor 1.1.1.1 next-hop-self
R1#sh ip bgp
Network
Next Hop
* i1.0.0.0
1.1.1.2
*>
0.0.0.0
*>i2.0.0.0
1.1.1.2
*> 10.0.0.0
0.0.0.0
*>i20.0.0.0
1.1.1.2

0 100 0 i
0
32768 i
0 100 0 i
0
32768 i
0 100 0 i
Page 138 of 182
91 - 9985048840
*>i30.0.0.0
1.1.1.2
0 100
0 600 i
R-1#sh ip route bgp

B 2.0.0.0/8 [200/0] via 1.1.1.2, 00:06:59
B 20.0.0.0/8 [200/0] via 1.1.1.2, 00:08:38
B 30.0.0.0/8 [200/0] via 1.1.1.2, 00:01:10
Page 139 of 182
91 - 9985048840
LAB- 4
IBGP neighbors need not to be directly connected

EBGP neighbors has to to be directly connected ( if they are not directly connected u need to add EBGP
MULTIHOP command)
R1
router bgp 500
neighbor 12.0.0.1 update-source loopback 0
neighbor 12.0.0.1 ebgp-multihop
(it tells to neighbor that the 12.0.0.1 is not directly connected and it is multiple hops away )
network 10.0.0.0
no auto
no sync
R2
router bgp 600
neighbor 11.00.0.1 update-source loopback 0
neighbor 11.00.0.1 ebgp-multihop
network 20.0.0.0
no auto
no sync

Neighbor
12.0.0.1

4 600
0
0
0 0 0 never Active
R-1#ping 12.0.0.1
Page 140 of 182
91 - 9985048840
.....
Connectivity or Routing issue

In real scenario between different AS we prefer to use static routing instead of DYNAMIC
( but dynamic also works in the lab)
R-1(config)#ip route 12.0.0.0 255.255.255.0 1.1.1.2
R-1(config)#ip route 12.0.0.0 255.255.255.0 2.2.2.2 10
R-2(config)#ip route 11.0.0.0 255.255.255.0 1.1.1.1
R-2(config)#ip route 11.0.0.0 255.255.255.0 2.2.2.1 10
R-1#ping 12.0.00.1
!!!!!

BGP router identifier 11.0.3.1, local AS number 500
BGP table version is 1, main routing table version 1
Neighbor
12.0.0.1

4 600
4
4
1 0 0 00:00:21
1
Page 141 of 182
91 - 9985048840
BGP attributes
WEIGHT
Cisco proprietary
Tells how to exit the AS
Optional attribute
Local to the router ( not advertise to the other routers)
Default weight = 0 ( not directly connected )
Default weight = 32768 ( directly connected )
Higher value is preferred
LOCAL PREFERENCE
Tells how to exit the AS
Optional and Well Known attribute
Advertise to all the routers in the AS
Default - 100
Higher value is preferred
Page 142 of 182
91 - 9985048840
R1
router bgp 500

net 10.0.0.0
net 1.0.0.0
net 4.0.0.0
no au
exit
R2
router bgp 600

network 20.0.0.0
network 2.0.0.0
network 1.0.0.0
no auto-summary
R3
router bgp 600
network 30.0.0.0
network 3.0.0.0
network 2.0.0.0
no auto-summary
exit
R4
router bgp 700
network 40.0.0.0
network 4.0.0.0
network 3.0.0.0
no auto-summary
Page 143 of 182
91 - 9985048840
Neighbor
2.2.2.1
3.3.3.2

4 600
7
7
10 0 0 00:01:38
5
4 700
8
7
8 0 0 00:00:26
5
R-1#sh ip bgp
Network
* 1.0.0.0
*>
* 2.0.0.0
*>
* 3.0.0.0
*>
* 4.0.0.0
*>
*> 10.0.0.0
* 20.0.0.0
*>
* 30.0.0.0
*>
* 40.0.0.0
*>
Next Hop
1.1.1.2
0.0.0.0
4.4.4.1
1.1.1.2
4.4.4.1
1.1.1.2
4.4.4.1
0.0.0.0
0.0.0.0
4.4.4.1
1.1.1.2
4.4.4.1
1.1.1.2
1.1.1.2
4.4.4.1

0
0 600 i
0
32768 i
0 700 600 i
0
0 600 i
0
0 700 i
0 600 i
0
0 700 i
0
32768 i
0
32768 i
0 700 600 i
0
0 600 i
0 700 600 i
0 600 i
0 600 700 i
0
0 700 i
R1#ping 20.1.1.1
!!!!!
1 1.1.1.2 264 msec * 92 msec
I want R1 to use the router from R4 to reach 20.0.0.0

To change the default route (via R2) to via R4 ( 4.4.4.1) by applying higher weight to R4
Page 144 of 182
91 - 9985048840
R1
router bgp 500
neighbor 4.4.4.1 weight 40000
end
clear ip bgp *
to reset the neighborship and to update the changes.
R-1#sh ip bgp
Network
Next Hop
r> 1.0.0.0
4.4.4.1
40000 700 600 i
r
1.1.1.2
0
0 600 i
*> 2.0.0.0
4.4.4.1
40000 700 600 i
*
1.1.1.2
0
0 600 i
*> 3.0.0.0
4.4.4.1
0
40000 700 i
*
1.1.1.2
0 600 i
r> 4.0.0.0
4.4.4.1
0
40000 700 i
r
1.1.1.2
0 600 700 i
*> 20.0.0.0
4.4.4.1
40000 700 600 i
*
1.1.1.2
0
0 600 i
*> 30.0.0.0
4.4.4.1
40000 700 600 i
*
1.1.1.2
0 600 i
*> 40.0.0.0
4.4.4.1
0
40000 700 i
*
1.1.1.2
0 600 700 i
1 4.4.4.1 196 msec 252 msec 36 msec
2 3.3.3.1 [AS 700] 116 msec 112 msec 64 msec
3 2.2.2.1 [AS 600] 368 msec * 216 msec
Page 145 of 182
91 - 9985048840
Local preference
R-2#sh ip bgp
Network
Next Hop
*> 1.0.0.0
0.0.0.0
* i2.0.0.0
2.2.2.2
*>
0.0.0.0
* 3.0.0.0
1.1.1.1
*>i
2.2.2.2
* 4.0.0.0
1.1.1.1
*>i
3.3.3.2
*> 10.0.0.0
1.1.1.1
*> 20.0.0.0
0.0.0.0
*>i30.0.0.0
2.2.2.2
* 40.0.0.0
1.1.1.1
*>i
3.3.3.2

0
32768 i
0 100 0 i
0
32768 i
0 500 700 i
0 100 0 i
0 500 700 i
0 100 0 700 i
0
0 500 i
0
32768 i
0 100 0 i
0 500 700 i
0 100 0 700 i
R2
router bgp 600
bgp default local-preference 500
exit
clear ip bgp *
verify on all the routers with in the AS.
R-2#sh ip bgp
Network
Next Hop
* 1.0.0.0
1.1.1.1
0
0 500 i
*>
0.0.0.0
0
32768 i
*> 2.0.0.0
0.0.0.0
0
32768 i
*i
2.2.2.2
0 100 0 i
*> 3.0.0.0
1.1.1.1
0 500 700 i
*i
2.2.2.2
0 100 0 i
*> 4.0.0.0
1.1.1.1
0 500 700 i
*> 10.0.0.0
1.1.1.1
0
0 500 i
*> 20.0.0.0
0.0.0.0
0
32768 i
*>i30.0.0.0
2.2.2.2
0 100 0 i
*> 40.0.0.0
1.1.1.1
0 500 700 i
R3
Page 146 of 182
91 - 9985048840
R-3#sh ip bgp
Network
Next Hop
*>i1.0.0.0
2.2.2.1
*
3.3.3.2
* i2.0.0.0
2.2.2.1
*>
0.0.0.0
0
* i3.0.0.0
1.1.1.1
*
3.3.3.2
0
*>
0.0.0.0
0
*>i4.0.0.0
1.1.1.1
*
3.3.3.2
0
*>i10.0.0.0
1.1.1.1
*
3.3.3.2
*>i20.0.0.0
2.2.2.1
*> 30.0.0.0
0.0.0.0
*>i40.0.0.0
1.1.1.1
*
3.3.3.2
0

0 500 0 i
0 700 500 i
0 500 0 i
32768 i
0 500 0 500 700 i
0 700 i
32768 i
0 500 0 500 700 i
0 700 i
0 500 0 500 i
0 700 500 i
0 500 0 i
0
32768 i
0 500 0 500 700 i
0 700 i
Page 147 of 182
91 - 9985048840
Page 148 of 182
91 - 9985048840
SWITCHING
En
Conf t
Vlan 10
Name sales
vlan 20
name marketing
exit
vlan 30
vlan 40
end
Switch#sh vlan
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig1/1, Gig1/2
10 sales
active
20 marketing
active
30 VLAN0030
active
40 VLAN0040
active
There is no active ports in that vlans
shifting ports fa0/8 to vlan 10

int fa0/8
switchport mode access
switchport access vlan 10
shifting multiple ports ( 4 7 and 10 ) to vlan 20
interface range fa0/4 - 7 , fa0/10

Page 149 of 182
91 - 9985048840
Switch#sh vlan
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
active Fa0/1, Fa0/2, Fa0/3,
Fa0/9, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24
10 sales
active Fa0/8
20 marketing
Fa0/10
30 VLAN0030
active
TO CONFIGURE TRUNK
int fa0/24
switchport mode trunk
switchport trunk encapsulation DOT1Q
switchport trunk allowed vlan 1-10,20,30
switchport nonegotiate
Switch#sh interfaces trunk
DTP (Dynamic trunking protocol)

Trunking can be done dynamically through negotiation process
Switch#sh dtp
Global DTP information
Sending DTP Hello packets every 30 seconds
Dynamic Trunk timeout is 300 seconds
Page 150 of 182
91 - 9985048840
0 interfaces using DTP
DTP MODES
DESIRABLE :
desires to become trunk ( always want to become trunk)
Sends and reply to DTP messages
default mode on 3550 switches
AUTO :
Only reply to DTP messages ( not send )
Default mode on all switches except 3550
TRUNK
Configuring trunk manually
ACCESS
Configuring access manually
NO-NEGOTIATE
Turn off DTP messages (disable DTP)
Sw-1# sh interfaces fa0/20 switchport

Name: Fa0/20
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
On SW-1
int fa0/20
switchport mode dynamic desirable
SW-1#sh interfaces fa0/20 switchport
Name: Fa0/20
Switchport: Enabled
Administrative Mode: dynamic desirable
Page 151 of 182
91 - 9985048840
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
SW-1# sh interfaces trunk

Port
Mode
Encapsulation Status
Native vlan
Fa0/20 auto
n-802.1q
trunking 1
Port
Vlans allowed on trunk
Fa0/20 1-1005
Page 152 of 182
91 - 9985048840
VTP
Server (default mode)

Creates, modifies, and deletes VLANs
Sends and forwards advertisements
Synchronizes VLAN configurations
Saves configuration in NVRAM
Client
Cannot create, change,
or delete VLANs
Forwards advertisements
Synchronizes VLAN configurations
Does not save in NVRAM
Transparent
Creates, modifies, and deletes local VLANs

Forwards advertisements
Does not synchronize VLAN configurations
Saves configuration in NVRAM
Conf t
Vtp domain
Vtp password
Vtp version
Vtp mode
<NAME>
<PASSWORD>
2
< SERVER / CLIENT / TRANSPARENT>
1) Trunking has to be enabled ( vtp advertisements are send only on trunk ports)
Page 153 of 182
91 - 9985048840
2) Configure VTP on all switches
3) Create vlans on server and verify on client and transparent switch
4) Create vlans on transparent switch and verify on client and server
Domain name ( case-sensitive) / password / version must match in order for VTP to work
SS#sh vtp status
CCC#sh vtp password
VTP Password: cisco123
1) Trunking has to be enabled ( vtp advertisements are send only on trunk ports)
On SW1 ( SERVER)
hostname SW1
int fa0/20
end
SW2 ( TRANSPARENT)
22-TTT(config)#int range fa0/20 - 21
22-TTT(config-if-range)#switchport mode trunk
SW3 client
Hostname SW3
int fa0/21
end
SW1#sh interfaces trunk

Port
Mode
Native vlan
Fa0/20 on
802.1q
trunking 1
Page 154 of 182
91 - 9985048840
Configure VTP on all switches

SW1
vtp domain CCNP
vtp password cisco
vtp mode server
vtp version 2
exit
SW2
vtp domain CCNP
vtp password cisco
vtp mode transparent
vtp version 2
exit
SW3
vtp domain CCNP
vtp password cisco
vtp version 2
vtp mode client
exit
SW1#sh vtp status

VTP Version
:2
Configuration Revision
:2
Maximum VLANs supported locally : 255
Number of existing VLANs
:5
VTP Operating Mode
: Server
VTP Domain Name
: CCNP
VTP Pruning Mode
: Disabled
VTP V2 Mode
: Enabled
VTP Traps Generation
: Disabled
MD5 digest
: 0x86 0x22 0x83 0x8E 0x23 0xA8 0x06 0xCC
Configuration last modified by 0.0.0.0 at 3-1-93 00:07:33
Local updater ID is 0.0.0.0 (no valid interface found
SW1#sh vtp password

VTP Password: cisco
Page 155 of 182
91 - 9985048840
SW-3#sh vtp status

VTP Version
:2
Configuration Revision
:2
Maximum VLANs supported locally : 255
Number of existing VLANs
:5
VTP Operating Mode
: Client
VTP Domain Name
: CCNP
VTP Pruning Mode
: Disabled
VTP V2 Mode
: Enabled
VTP Traps Generation
: Disabled
MD5 digest
: 0x86 0x22 0x83 0x8E 0x23 0xA8 0x06 0xCC
Configuration last modified by 0.0.0.0 at 3-1-93 00:07
22-TTT#sh interfaces trunk

Port
Mode
Native vlan
Fa0/20 on
802.1q
trunking 1
Fa0/21 on
802.1q
trunking 1
SW-3#sh interfaces trunk

Port
Mode
Fa0/21 on
802.1q
trunking
Native vlan
1
Create vlans on server and verify on client and transparent switch

SW1
Conf t
vlan 10
vlan 20
vlan 30
vlan 40
name sales
vlan 50
name marketing
end
R1#sh vlan
VLAN Name
Status Ports
Page 156 of 182
91 - 9985048840
---- -------------------------------- --------- ------------------------------1 default
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gig1/1
Gig1/2
10 VLAN0010
active
20 VLAN0020
active
30 VLAN0030
active
40 sales
active
50 marketing
active
1002 fddi-default
act/unsup
1003 token-ring-default
act/unsup
1004 fddinet-default
act/unsup
1005 trnet-default
act/unsup
VLAN Type SAID
MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ -----1 enet 100001 1500 - - - 0 0
10 enet 100010 1500 - - - 0 0
20 enet 100020 1500 - - - 0 0
30 enet 100030 1500 - - - 0 0
40 enet 100040 1500 - - - 0 0
50 enet 100050 1500 - - - -
33#sh vlan
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/22, Fa0/23, Fa0/24, Gig1/1
Gig1/2
10 VLAN0010
active
20 VLAN0020
active
30 VLAN0030
active
40 sales
active
50 marketing
active
Page 157 of 182
91 - 9985048840
Sw-2#sh vlan
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/22
Fa0/23, Fa0/24, Gig1/1, Gig1/2
1002 fddi-default
1005 trnet-default
act/unsup
act/unsup
act/unsup
act/unsup
You dont see any vlan on the Transparent switch
Page 158 of 182
91 - 9985048840
1) Create vlans on transparent switch and verify on client and server
Sw-2(config)#vlan 100
Sw-2(config-vlan)#vlan 200
Sw-2(config-vlan)#vlan 300
Sw-2(config-vlan)#
Sw-2(config-vlan)#end
SW2 #sh vlan
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/22
Fa0/23, Fa0/24
100 VLAN0100
active
200 VLAN0200
active
300 VLAN0300
active
1002 fddi-default
act/unsup
Sw1#sh vlan
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gig1/1
Gig1/2
10 VLAN0010
active
20 VLAN0020
active
30 VLAN0030
active
40 VLAN0040
active
1002 fddi-default
act/unsup
act/unsup
act/unsup
1005 trnet-default
act/unsup
SW3 # sh vlan
Page 159 of 182
91 - 9985048840
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gig1/1
Gig1/2
10 VLAN0010
active
20 VLAN0020
active
30 VLAN0030
active
40 VLAN0040
active
1002 fddi-default
act/unsup
act/unsup
act/unsup
1005 trnet-default
act/unsup
To make revision number to ZERO
#Sh flash
#Delete vlan.dat
Or
#Delete flash: vlan.dat
#Reload
Page 160 of 182
91 - 9985048840
INTER VLAN-ROUTING using ROUTER
1)
2)
3)
4)
create vlan and shift the ports

configure on switch fa0/20 as trunk port
Create subinterfaces on router port fa0/0
Verify connectivity between vlans (ping 192.168.1.1 ---192.168.2.1)
create vlan and shift the ports

En
Conf t
Vlan 10
vlan 20
exit
int range fa0/1 - 2
exit
int range fa0/3 - 4
Page 161 of 182
91 - 9985048840
Switch#sh vlan
VLAN Name
Status Ports
---- -------------------------------- --------- ------------------------------1 default
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
10 VLAN0010
active Fa0/1, Fa0/2
20 VLAN0020
active Fa0/3, Fa0/4
1002 fddi-default
act/unsup
Task 2
configure on switch fa0/20 as trunk port
int fa0/20
switchport trunk encapsulation dot1q
Task 3
creating sub interfaces on router
int fa0/0
no shutdown
exit
int fa0/0.10
encapsulation dot1Q 10
ip add 192.168.1.100 255.255.255.0
exit
It should be the exact vlan no ( vlan 10)
int fa0/0.20
Encapsulation dot1Q 20
ip add 192.168.2.100 255.255.255.0
Router#sh ip int brief

Interface
IP-Address
FastEthernet0/0
It should be the exact vlan no ( vlan 20)
OK? Method Status
unassigned
YES unset up
Protocol
up
Page 162 of 182
91 - 9985048840
FastEthernet0/0.10
192.168.1.100 YES manual up
up
FastEthernet0/0.20
up
4)
PC>ipconfig
IP Address......................: 192.168.1.1
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 192.168.1.100
PC>ping 192.168.2.1
Pinging 192.168.2.1 with 32 bytes of data:
Request timed out.
Reply from 192.168.2.1: bytes=32 time=62ms TTL=127
C>tracert 192.168.2.1
Tracing route to 192.168.2.1 over a maximum of 30 hops:
1 47 ms 63 ms 62 ms 192.168.1.100
2 109 ms 125 ms 78 ms 192.168.2.1
Page 163 of 182
91 - 9985048840
INTER VLAN-ROUTING using MLS
1) create vlan and shift the ports

2) create SVI ( switch virtual interface ) for vlan s
3) verify connectivity between vlans (ping 192.168.1.1 ---192.168.2.1)
Task 1
En
Conf t
Vlan 10
vlan 20
exit
int range fa0/1 - 2
exit
int range fa0/3 - 4
task - 2
int vlan 10
ip address 192.168.1.100 255.255.255.0
no shutdown
exit
int vlan 20
ip address 192.168.2.100 255.255.255.0
no shutdown
exit
# sh ip int brief
Vlan10
up
Vlan20
up
PC>ipconfig
Page 164 of 182
91 - 9985048840
IP Address......................: 192.168.1.1
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 192.168.1.100
PC>ping 192.168.2.1
Request timed out.
C>tracert 192.168.2.1
1 47 ms 63 ms 62 ms 192.168.1.100
2 109 ms 125 ms 78 ms 192.168.2.1
Page 165 of 182
91 - 9985048840
Steps to configure
Ip addresses on PC and ROUTER AND Routing ( RIP )
MLS on fa0/20
Verify the connectivitys
Router#sh ip int brief

Interface
IP-Address
OK? Method Status
FastEthernet0/0
FastEthernet0/1
10.0.0.1
YES manual up
Protocol
up
up
Switch(config)#int fa0/20
Switch(config-if)#ip address 10.0.0.2 255.0.0.0
^
% Invalid input detected at '^' marker.
Switch(config-if)#no switchport
Switch(config-if)#ip address 10.0.0.2 255.0.0.0
SWITCH #Sh ip int brief

FastEthernet0/20
10.0.0.2
YES manual up
up
ON MLS
router rip
version 2
network 192.168.1.0
network 192.168.2.0
network 10.0.0.0
no auto-summary
exit
ON ROUTER
router rip
Page 166 of 182
91 - 9985048840
version 2
network 172.16.0.0
network 10.0.0.0
no auto-summary
exit
Router#sh ip route
R 192.168.1.0/24 [120/1] via 10.0.0.1, 00:00:01, FastEthernet0/1
R 192.168.2.0/24 [120/1] via 10.0.0.1, 00:00:01, FastEth
Switch#sh ip route
C
R
C
C

172.16.0.0/16 [120/1] via 10.0.0.2, 00:00:01, FastEthernet0/20
192.168.1.0/24 is directly connected, Vlan10
192.168.2.0/24 is directly connected, Vlan20
PC>ipconfig
IP Address......................: 192.168.1.1
Subnet Mask.....................: 255.255.255.0
Default Gateway.................: 192.168.1.100
PC>ping 172.16.1.1
Request timed out.
Ping statistics for 172.16.1.1:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 125ms, Maximum = 125ms, Average = 125ms
PC>tracert 172.16.1.1
Page 167 of 182
91 - 9985048840
1 31 ms 31 ms 32 ms 192.168.1.100
2 63 ms 62 ms 62 ms 10.0.0.1
3 109 ms 125 ms 125 ms 172.16.1.1
Trace complete.
PC>
Page 168 of 182
91 - 9985048840
Page 169 of 182
91 - 9985048840
Portfast on specific ports

Conf t
interface range fa0/1 - 10
spanning-tree portfast
to enable on each all access ports

(config)#spanning-tree portfast default
To enable BPDU GUARD

Switch(config)#spanning-tree portfast default bpdu guard enable
To enable BPDU FILTER

Switch(config)#spanning-tree portfast filter bpdu
Page 170 of 182
91 - 9985048840
SW1
int range fa0/20 - 23
channel-protocol pagp
channel-group 10 mode desirable
exit
SW2
channel-protocol pagp
channel-group 10 mode desirable/ auto
exit
Switch#sh etherchannel summary

Number of channel-groups in use: 1
Number of aggregators:
1
Group Port-channel Protocol Ports
------+-------------+-----------+---------------------------------------------10
Po10(SU)
PAgP Fa0/20(P) Fa0/21(P) Fa0/22(P) Fa0/23(P)
Sw-1#sh spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0006.2A5D.33C0
Cost
7
Port
27(Port-channel 10)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0060.47A8.4B57
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface
Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- -------------------------------Po10
Root FWD 7
128.27 Shr
Page 171 of 182
91 - 9985048840
Switch#sh ip int brief
Interface
IP-Address
Port-channel 10
Switch#
OK? Method Status
unassigned
YES unset up
Protocol
up
Switch#sh interfaces trunk

Switch#
Page 172 of 182
91 - 9985048840
TO USE PORTCHANNEL AS TRUNKPORT
Layer 2 trunk
On both switches
int port-channel 10
or
int range fa0/20 -2 3

the above both are have same effect.

to use portchannel as LAYER 3
int port-channel 10
no switchport
ip address 192.168.1.100 255.255.255.0
Page 173 of 182
91 - 9985048840
MANUAL
Both swithes

channel-group 10 mode ON
exit
Page 174 of 182
91 - 9985048840
HSRP
Hot standby router redundancy protocol
Cisco proprietary
Hello 3 sec Dead 10 sec
Active / Standby
No load balancing
Developed in 1993
VRRP
Virtual router redundancy protocol
Open standard
Master / backup
No load balancing
Developed in 1997
GLBP
Gateway load balancing protocol
Open standard
AVG ( active virtual gateway )
AVF ( active virtual forwarder)
load balancing
Developed in 2003
R2
ip route 192.168.1.0 255.255.255.0 1.1.1.1

ip route 192.168.1.0 255.255.255.0 2.2.2.2
end
R1
int fa0/0
ip add 192.168.1.100 255.255.255.0
no sh
ext
end
ip route 0.0.0.0 0.0.0.0 1.1.1.2
R3
Page 175 of 182
91 - 9985048840
int fa0/0
ip add 192.168.1.200 255.255.255.0
no sh
end
ip route 0.0.0.0 0.0.0.0 2.2.2.1
end
R1
int fa0/0
standby 10 ip 192.168.1.50
standby 10 preempt
standby 10 priority 150
standby 10 track s1/0 60
R3
int fa0/0
standby 10 ip 192.168.1.50
standby 10 preempt
R1#sh standby
FastEthernet0/0 - Group 10
State is Active
2 state changes, last state change 00:01:05
Virtual IP address is 192.168.1.50
Active virtual MAC address is 0000.0c07.ac0a
Local virtual MAC address is 0000.0c07.ac0a (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.444 secs
Preemption enabled
Active router is local
Standby router is 192.168.1.200, priority 100 (expires in 7.544 sec)
Priority 150 (configured 150)
Track interface Serial0/0 state Up decrement 60
Group name is "hsrp-Fa0/0-10" (default)
R3#sh standby
Page 176 of 182
91 - 9985048840
State is Standby
1 state change, last state change 00:01:11
Preemption enabled
Active router is 192.168.1.100, priority 150 (expires in 7.584 sec)
Standby router is local
Priority 100 (default 100)
R1#sh standby brief

P indicates configured to preempt.
|
Interface Grp Pri P State Active
Standby
Virtual IP
Fa0/0
10 150 P Active local
192.168.1.200 192.168.1.50
R3#sh standby brief

|
Standby
Virtual IP
Fa0/0
10 100 P Standby 192.168.1.100 local
192.168.1.50
R1(config-if)#shutdown
R1(config-if)#
*Mar 1 00:15:06.371: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 10 state Active -> Init
R1(config-if)#
*Mar 1 00:15:08.391: %LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down
*Mar 1 00:15:09.391: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to
down
R1#sh standby
State is Init (interface down)
Active virtual MAC address is unknown
Page 177 of 182
91 - 9985048840
Preemption enabled
Active router is unknown
Standby router is unknown
On R3
R3#
*Mar 1 00:14:57.231: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 10 state Standby -> Active
R3#sh standby brief
|
Standby
Fa0/0
10 100 P Active local
unknown
Virtual IP
192.168.1.50
R3#sh standby
State is Active
Preemption enabled
Standby router is unknown
R1(config-if)#
R1(config-if)#
*Mar 1 00:17:33.575: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 10 state Listen -> Active
R1(config-if)#
*Mar 1 00:17:33.847: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
R1(config-if)#
Page 178 of 182
91 - 9985048840
*Mar 1 00:17:34.847: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to
up
R1#sh standby
State is Active
Preemption enabled
R3#sh standby
State is Standby
1 state change, last state change 00:01:11
Preemption enabled
R1(config)#int s1/0
R1(config-if)#shutdown
R1(config-if)#
*Mar 1 00:18:36.559: %TRACKING-5-STATE: 1 interface Se0/0 line-protocol Up->Down
*Mar 1 00:18:36.787: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 10 state Active -> Speak
R1(config-if)#
Page 179 of 182
91 - 9985048840
*Mar 1 00:18:38.559: %LINK-5-CHANGED: Interface Serial0/0, changed state to administratively down
*Mar 1 00:18:39.559: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to down
R1#sh standby
State is Standby
Preemption enabled
Track interface Serial0/0 state Down decrement 60
R1(config)#int s1/0
R1(config-if)#
R1(config-if)#
*Mar 1 00:19:39.767: %LINK-3-UPDOWN: Interface Serial0/0, changed state to up
R1(config-if)#
*Mar 1 00:19:39.775: %TRACKING-5-STATE: 1 interface Se0/0 line-protocol Down->Up
*Mar 1 00:19:40.775: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R1(config-if)#
*Mar 1 00:19:41.315: %HSRP-5-STATECHANGE: FastEthernet0/0 Grp 10 state Standby -> Active
R1#sh standby
State is Active
Preemption enabled
Page 180 of 182
91 - 9985048840
router rip
distance 20
R1#sh ip protocols
Routing Protocol is "rip"
Sending updates every 30 seconds, next due in 27 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Redistributing: rip
Default version control: send version 2, receive version 2
Interface
Send Recv Triggered RIP Key-chain
FastEthernet0/0
2 2
Serial1/0
2 2
1111
Serial1/1
2 2
Loopback0
2 2
Loopback1
2 2
Loopback2
2 2
Loopback3
2 2
Automatic network summarization is not in effect
Maximum path: 4
0.0.0.0
Routing Information Sources:
Gateway
Distance Last Update
1.1.1.2
20 00:00:10
Distance: (default is 20)
Page 181 of 182
91 - 9985048840
Default AD is 90 for internal routes

Default AD is 170 for external routes
R2(config)#router eigrp 100
R2(config-router)#dis
R2(config-router)#dist?
distance distribute-list
R2(config-router)#dista
R2(config-router)#distance ?
<1-255> Administrative distance
eigrp IP-EIGRP distance
R2(config-router)#distance ei
R2(config-router)#distance eigrp ?
<1-255> Distance for internal routes
R2(config-router)#distance eigrp 50 ?
<1-255> Distance for external routes
R2(config-router)#distance eigrp 50 130
router ospf 1
distance 40
Page 182 of 182

Sikandar CCNP Notes

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Sikandar CCNP Notes

Încărcat de

Drepturi de autor:

Formate disponibile

sikandarbaadshah@gmail.

CCNP ROUTE 642-902

Planning for Complex Networks

Understanding Routing Protocols

Static Default Route

Dynamic Routing Protocol

Types of Dynamic Routing Protocol

Distance Vector Protocol

Works with Bellman

Link State Protocol

Works with Dijkstra

Works with DUAL

Building the Routing Table

All the subnet have same subnet mask

Classfull Routing Protocol

It helps in reducing the size of routing table.

Two Type of Summarization

Summarizes to a default class full boundary

To enable or disable auto summary

It is supported by all classless routing protocols

Example of Manual summary :

Change in to decimal the above answer

count the left side bits (to find the / value)

8 bits 8 bits 5 bits

So the summarization address is 10.1.0.0 /21

WRITE THE BINARY OF FIRST and the last number

count the left side bits (for / value)

Planning a Routing Implementation

Creating an Implementation Plan

A checklist of tasks to be done

Creating Implementation Documentation

TEST THE DYNAMIPS

Set the path of theIOS images to be used

Design the topology

Start the devices

Calculate the IDLE PC value to reduce the CPU utilization

Console the routers

Save configs ( WRITE command)

Export the configs to a folder :

FILE SAVE the topology for future labs

BASIC CONFIGS ACCORDING TO THE LAB REQUIREMENT

Identifies neighbors and serves as a keep alive mechanism

Neighbor Discovery and Route Exchange

Initial Route Discovery

EIGRP METRIC CALCULATION

EIGRP Metric = [K1 * BW + ((K2 * BW) / (256 load)) + K3 * delay]

Least bandwidth 64 kbps

Total delay 6,000

Bandwidth is the lowest bandwidth of the links along the paths:

DUAL Stuck In Active

Configuring EIGRP for IP

Using the Wildcard Mask in EIGRP

EIGRP Route Summarization: Automatic

EIGRP Route Summarization: Manual

Turns off automatic summarization for the EIGRP process

EIGRP Load Balancing

Variance is the multiplier to FD of successor

Default is 1(equal cost load balancing)

Router(config-router)# variance <multiplier>

Router E chooses router C to get to network Z, because it has lowest FD of 20.

EIGRP BANDWIDTH UTILIZATION

CONFIGURING THE IP DEFAULT-NETWORK COMMAND FOR EIGRP

CONFIGURING EIGRP AUTHENTICATION