139766101 Ccnpv6 Tshoot Sba Stud Ans Key

All contents are Copyright © 1992–2012 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 62

CCNPv6 TSHOOT

Skills-Based Assessment

Answer Key

Topology

CCNPv6 TSHOOT


IP Addressing Table

Device Interface/SVI IP Address Subnet Mask Default Gateway

R1 FA0/1 172.16.2.2 255.255.255.252 N/A S0/0/0 (DCE) 209.165.200.225 255.255.255.252 N/A Lo0 192.168.1.1 255.255.255.255 N/A R2 S0/0/0 209.165.200.226 255.255.255.252 N/A Lo0 192.168.2.1 255.255.255.255 N/A Lo1 172.30.1.1 255.255.255.255 N/A R3 FA0/0 172.16.80.1 255.255.255.128 N/A FA0/1 172.16.2.14 255.255.255.252 N/A Lo0 172.16.203.1 255.255.255.255 N/A Lo1 172.16.80.129 255.255.255.128 N/A ALS1 VLAN 100 172.16.100.1 255.255.255.0 172.16.100.254 DLS1 Fa0/5 172.16.2.1 255.255.255.252 172.16.2.1 DLS1 Lo0 172.16.211.1 255.255.255.255 N/A DLS1 VLAN 10 172.16.10.252 255.255.255.0 172.16.10.254 DLS1 VLAN 20 172.16.20.252 255.255.255.0 172.16.20.254 DLS1 VLAN 30 172.16.30.252 255.255.255.0 172.16.30.254 DLS1 VLAN 50 172.16.50.252 255.255.255.0 172.16.50.254 DLS1 VLAN 100 172.16.100.252 255.255.255.0 172.16.100.254 DLS1 VLAN 200 172.16.200.252 255.255.255.0 N/A DLS2 Fa0/5 172.16.2.13 255.255.255.252 172.16.2.14 DLS2 Lo0 172.16.212.1 255.255.255.255 N/A DLS2 VLAN 10 172.16.10.253 255.255.255.0 172.16.10.254 DLS2 VLAN 20 172.16.20.253 255.255.255.0 172.16.20.254 DLS2 VLAN 30 172.16.30.253 255.255.255.0 172.16.30.254 DLS2 VLAN 50 172.16.50.253 255.255.255.0 172.16.50.254 DLS2 VLAN 100 172.16.100.253 255.255.255.0 172.16.100.254 DLS2 VLAN 200 172.16.200.253 255.255.255.0 N/A SRV1 NIC 172.16.50.1 255.255.255.0 172.16.50.254 PC-B NIC 172.16.10.x

(DHCP) 255.255.255.0 172.16.10.254

PC-C NIC 172.16.80.x (DHCP)

255.255.255.128 172.16.80.1

CCNPv6 TSHOOT


Device Interfaces and Links Table

From Device Interface To Device Interface

Layer 1 and 2 Features and Protocols Used

ALS1 Fa0/1 DLS1 Fa0/1 EtherChannel Po1, 802.1Q




ALS1 Fa0/18 PC-B NIC DLS1 Fa0/3 DLS2 Fa0/3 EtherChannel Po10,

802.1Q DLS1 Fa0/4 DLS2 Fa0/4 EtherChannel Po10,

802.1Q DLS1 Fa0/5 R1 Fa0/1 DLS1 Fa0/6 SRV1 NIC DLS2 Fa0/5 R3 Fa0/1 R1 S0/0/0

(DCE) R2 S0/0/0 WAN link, PPP

R3 Fa0/0 PC-C NIC

Objectives Part 1: Erase the startup config and copy the SBA error file from flash to the running config for each device.

Part 2: Troubleshoot the errors introduced.

Exam Overview This skills-based assessment (SBA) is the final practical exam of Academy training for the course CCNPv6 TSHOOT. In Part 1, you erase the base configs and load the error configs. You troubleshoot and resolve the errors in Part 2. In addition to correcting configurations and restoring basic connectivity, network protocols such as Telnet, SSH, and NTP must also be verified.

Note: Refer to the Topology diagram, IP Addressing table, and Device Interfaces and Links table in the beginning of the SBA when troubleshooting issues.

Instructor Notes: • To pass the exam, the student is expected to successfully complete the exam in the timeframe

allotted.

• For the Academy student version of this exam, the student is not required to build the topology or copy the SBA error files from the TFTP server into the devices. Prior to the student starting the exam, the appropriate files, both base and error configs, should be pre-loaded in the flash:/tshoot directory of each device.

CCNPv6 TSHOOT


• Ensure that each device (R1, R2, R3, ALS1, DLS1, and DLS2) has the SBA base and error config files installed in flash. You can download the files from the Academy Connection website or copy and paste them into text files.

• Instructors can use a TFTP server (PC or router), USB drive, flash memory card, or other method to copy the SBA base and error configuration file into the flash:/tshoot directory for each device in the topology. The procedure for using a TFTP server is described in the instructor notes preceding Part 1 of the SBA.

This lab uses Cisco 1841 routers with Cisco IOS Release 12.4(24)T1 and the Advanced IP Services image c1841-advipservicesk9-mz.124-24.T1.bin. The switches are Cisco WS-C2960-24TT-L with the Cisco IOS image c2960-lanbasek9-mz.122-46.SE.bin and Catalyst 3560-24PS with the Cisco IOS image c3560-advipservicesk9-mz.122-46.SE.bin. Other routers (such as a 2801 or 2811), switches (such as a 2950 or 3550), and Cisco IOS Software versions can be used if they have comparable capabilities and features. Depending on the router or switch model and Cisco IOS Software version, the commands available and output produced might vary from what is shown in this lab.

Required Resources • 3 routers (Cisco 1841 with Cisco IOS Release 12.4(24)T1 Advanced IP Service or comparable) • 1 switch (Cisco 2960 with the Cisco IOS Release 12.2(46)SE C2960-LANBASEK9-M image or

comparable) • 2 switches (Cisco 3560 with the Cisco IOS Release 12.2(46)SE C3560-ADVIPSERVICESK9-M

image or comparable) • SRV1 (Windows PC with a static IP address) with TFTP and syslog servers, plus an SSH client

(PuTTY or comparable) and WireShark software • PC-B (Windows PC—DHCP client) with PuTTY and WireShark software • PC-C (Windows PC—DHCP client) with PuTTY and WireShark software • Serial and Ethernet cables

Instructor notes: Copying the SBA Files from the TFTP Server. You can use a TFTP server (PC or router), USB drive, flash memory card or other method to copy the SBA base and error configuration file into the flash:/tshoot directory for each device in the topology. The procedure for using a TFTP server is described here and assumes IP connectivity with between the device and the server.

Suggestion: After the error config file has been copied into flash on each device, you may wish to remove, rename or relocate the base config to make it more difficult for the student to compare the base config with the error config to determine the problem.

Step 1: Verify connectivity with the TFTP server SRV1. You must be able to access the TFTP server on SRV1 from each network device to copy the error files. From each device (ALS1, DLS1, DLS2, R1, R2, and R3) ping SRV1 at 172.16.50.1. This procedure assumes that the devices are cabled as shown in the topology and the base config is running on each device. The base configs can be copied and pasted from those listed at the end of this SBA.

Note: If the pings are not successful, verify physical network cabling and connections and verify that the SBA base config file is loaded as the running config in each device. You can exit from the user EXEC mode prompt to see the MOTD login banner, which indicates the file currently loaded. For example:

*** Switch ALS1 SBA Base Config ***

CCNPv6 TSHOOT


Step 2: Verify the TFTP server configuration. Verify that the TFTP server on SRV1 is running and that the error files are present in the default TFTP directory. The format of these files is TSHOOT-SBA-Stud_xxx-Error-Cfg.txt, where xxx is the name of the device.

Step 3: Copy the TFTP server SBA error file to flash. Copy the appropriate SBA error file from the TFTP server into the flash:/tshoot directory for each device.

The following example shows how to copy the SBA error configuration file for ALS1 from the TFTP server at IP address 172.16.50.1 to the flash:/tshoot directory on ALS1:

ALS1#copy tftp://172.16.50.1/TSHOOT-SBA-Stud_ALS1-Error-Cfg.txt flash:/tshoot

Note: This assumes that the configuration files are in the TFTP server default directory.

Note: You can view the contents of a particular file in flash using the UNIX or Cisco IOS more command. For example:

ALS1#more flash:/tshoot/TSHOOT-SBA-Stud_ALS1-Error-Cfg.txt

This command displays the contents of the file a page at a time.

Part 1: Load the SBA Error Files from Flash to the Running Config

Step 1: Verify the existence and location of the SBA error configuration files. The error configuration file should be present in flash under the tshoot directory for a given device. Use the show flash command to verify the presence of this directory. You can also verify the contents of the directory using the dir command. If the directory and files are not present, contact your instructor.

ALS1#show flash: Directory of flash:/

3 -rwx 916 Mar 1 1993 00:00:29 +00:00 vlan.dat 619 -rwx 6582 Mar 1 1993 00:10:09 +00:00 config.text 6 drwx 192 Oct 9 2009 13:00:50 +00:00 c2960-lanbasek9-mz.122-46.SE.bin 622 drwx 128 Oct 9 2009 13:03:05 +00:00 tshoot ALS1#dir flash:/tshoot Directory of flash:/tshoot/ 5 -rwx 6515 Jan 16 2010 14:39:42 +00:00 TSHOOT-SBA-Stud_ALS1-Error-Cfg.txt

Step 2: Erase the startup config from NVRAM. ALS1#erase startup-config Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] Enter [OK] Erase of nvram: complete

Step 3: Delete the VLAN database from flash (switches only). ALS1#delete vlan.dat Delete flash:vlan.dat? [confirm] Enter

CCNPv6 TSHOOT


Step 4: Reload the device, but do not save the system configuration if prompted. ALS1#reload System configuration has been modified. Save? [yes/no]: no Proceed with reload? [confirm] Enter *Jan 16 00:29:28.704: %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload command.

Step 5: When the device restarts, do not enter the initial configuration dialog, but terminate autoinstall if prompted.

Press RETURN to get started! --- System Configuration Dialog --- Would you like to enter the initial configuration dialog? [yes/no]: no Would you like to terminate autoinstall? [yes]: Enter

Step 6: Copy the SBA device error configuration file from flash to the running config. The format of these files is TSHOOT-SBA-Stud_xxx-Error-Cfg.txt, where xxx is the name of the device. For example:

Switch#copy flash:/tshoot/TSHOOT-SBA-Stud_ALS1-Error-Cfg.txt running-config Destination filename [running-config]? <Enter> ALS1#

Note: Although it is possible to copy the file to the startup config and reload the device, the RSA keys for SSH cannot be generated from the startup config.

Step 7: Copy the running config to the startup config. Even if you see an Autosave message indicating that the running configuration has been saved to NVRAM, copy the running config to the startup config manually.

ALS1#copy running-config startup-config Building configuration... [OK]

Note: If the device is rebooted at this point, you can log in remotely with the username admin and the password adminpa55. To access privileged EXEC mode, use the enable password ciscoenpa55.

Note: Although it is not considered security best practice, you can change the exec-timeout for the console line to 0 (no time out) to facilitate performance of this SBA.

Step 8: Repeat Steps 2 through 7 for all other devices in the network.

Step 9: Set the time on the NTP server R2. Set the correct time on the NTP server R2 using the clock set command.

clock set hh:mm:ss Day-of-Month Month Year

Example: R2#clock set 14:45:00 16 Jan 2010

Step 10: Configure the PCs. a. Configure SRV1 with the static IP address 172.16.50.1/24 and the default gateway 172.16.50.254.

CCNPv6 TSHOOT


b. Start the syslog server and TFTP server on SRV1.

c. Configure PC-B and PC-C as DHCP clients.

d. Release and renew the DHCP leases on PC-B and PC-C.

Note: It is important to release and renew the DHCP leases on PC-B and PC-C because the PCs may have obtained a valid IP address previously and this could mask a problem.

Part 2: Troubleshoot the Errors Introduced The SBA error files introduce various problems, including issues related to STP, NTP, SSH, VLANs, EtherChannel, HSRP, DHCP, EIGRP, OSPF, and BGP.

Hint: Two configuration errors are introduced in each device for a total of 12 errors.

Step 1: Perform connectivity tests. Use connectivity testing tools such as ping, traceroute, tracert (PC), and Cisco Discovery Protocol to determine the extent of connectivity loss. Use the following table to record the results of the connectivity tests. Be sure to ping from each PC to each network device interface and from each network device to every other network device using the various network addresses available, as shown in the IP Addressing table at the beginning of the SBA.

Note: You can use the Ping Test table in Step 3 as a starting point.

Network Connectivity Test Table Command From Device/Interface/IP To Device/Interface/IP Result

Step 2: Document, resolve, and verify the issues discovered. Using the tools available, such as show and debug commands, discover each problem, correct it, and document the corrective action taken. Use the Problem Resolution and Verification table to document the problem discovered, the affected devices, and the solution to the problem, including the commands used.

CCNPv6 TSHOOT


Note: For each device, after issuing corrective commands, copy the running config to the startup config.

Tip: If connecting from one device to another via Telnet, issue the terminal monitor command so that console and debug messages generated on the remote device can be viewed on the local console.

Problem Resolution and Verification Table

Device Problem or Error Discovered

Corrective Action (commands used)

Verification Commands (more than one command can be used)

ALS1 Wrong spanning tree mode (MST) specified. It should be rapid PVST. Trunk links are disabled.

spanning-tree mode rapid-pvst

show spanning-tree

show spanning-tree brief

ALS1 VLAN 10 is not allowed on Po1 (Fa0/1 and Fa0/2). (redundancy problem)

interface po1

switchport trunk allowed vlan add 10

show interfaces trunk

DLS1 VLAN 100 (MGMT) has not been defined, so interface VLAN 100 is down.

vlan 100

name MGMT

interface vlan 100

no shut

show vlan brief

show ip interface brief

DLS1 DHCP excluded address range covers all addresses in pool OFFICE. No addresses are assigned.

no ip dhcp excluded-address 172.16.1.252 172.16.10.254

ip dhcp excluded-address 172.16.10.252 172.16.10.254

show ip dhcp pool

DLS2 Interface VLAN 200 is assigned the wrong address (172.16.253.200). It should be 172.16.200.253. The DLS1 and DLS2 OSPF neighbor relationship is lost.

interface Vlan200

ip address 172.16.200.253 255.255.255.0

show ip interface brief

show ip ospf neighbor

DLS2 Trunk encapsulation on Fa0/1 and Fa0/2 is ISL and does not match ALS1 (dot1q). No frames can be sent. (redundancy problem)

interface Po2

switchport trunk encapsulation dot1q

show interfaces trunk

R1 The interface F0/1 network is in the wrong OSPF area (1), and the wrong subnet is specified. Should be area 0, subnet 172.16.2.0 0.0.0.3. The R1 and DLS1 OSPF neighbor relationship is lost.

router ospf 1

no network 172.16.2.4 0.0.0.3 area 1

network 172.16.2.0 0.0.0.3 area 0

show ip ospf neighbor

show ip ospf interface brief

R1 No remote access protocol is permitted on the vty lines.

line vty 0 4 show line vty 0

CCNPv6 TSHOOT


Both Telnet and SSH should be allowed transport input.

transport input telnet ssh

R2 Wrong BGP neighbor AS and neighbor ID specified. No peer relationship is formed with R1.

router bgp 65502

no neighbor 192.168.1.11 remote-as 65001

neighbor 192.168.1.1 remote-as 65501

neighbor 192.168.1.1 ebgp-multihop 2

neighbor 192.168.1.1 update-source Loopback0

show ip bgp summary

R2 Default static route (0.0.0.0) to null is not present. The default route is not injected into R2 BGP table.

ip route 0.0.0.0 0.0.0.0 null0

or neighbor 192.168.1.1 default-originate

show ip route

show ip bgp

R3 The PC-C LAN (172.16.80.0/25) is not advertised under EIGRP. No connectivity between PC-C and other parts of the network.

router eigrp 100

network 172.16.80.0 0.0.0.127

show ip protocols

show ip route

R3 IP address referencing the R2 NTP server is incorrect. R3 will not synchronize with the time server.

no ntp server 192.168.1.2

ntp server 192.168.2.1

show ntp associations

Notes

______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________

Step 3: Demonstrate basic network connectivity after correcting errors. With all devices connected and all problems resolved, you should be able to ping from any device in the network to any other device. Perform pings according to the Ping Test table below.

Note: All pings in the table must be successful. If not, there are issues that need to be resolved.

Ping Test Table From Device/Interface/IP To Device/Interface/IP Successful (Y/N) PC-B PC-C (DHCP 172.16.80.2) PC-B HSRP default gateway

(172.16.10.254)

CCNPv6 TSHOOT


PC-B SRV1 (172.16.50.1) PC-B ALS1 mgmt (172.16.100.1) PC-B DLS1 mgmt (172.16.100.252) PC-B DLS2 mgmt (172.16.100.253) PC-B R1 Fa0/1 (172.16.2.2) PC-B R2 Lo1 (172.30.1.1) PC-B R3 Fa0/1 (172.16.2.14) PC-C R3 default gateway (172.16.80.1) PC-C SRV1 (172.16.50.1) PC-C ALS1 mgmt (172.16.100.1) PC-C DLS1 mgmt (172.16.100.252) PC-C DLS2 mgmt (172.16.100.253) PC-C R1 Fa0/1 (172.16.2.2) PC-C R2 Lo1 (172.30.1.1) PC-C R3 Fa0/1 (172.16.2.14)

ALS1 mgmt vlan 100 (172.16.100.1)

DLS1 mgmt (172.16.100.252)

ALS1 mgmt vlan 100 DLS2 mgmt (172.16.100.253) ALS1 mgmt vlan 100 R1 Fa0/1 (172.16.2.2) ALS1 mgmt vlan 100 R2 Lo1 (172.30.1.1) ALS1 mgmt vlan 100 R3 Fa0/1 (172.16.2.14)

Notes

______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________

Step 4: Demonstrate Telnet and SSH connectivity. From PC-B, connect to each network device using Telnet (from the command prompt) and SSH (from an SSH client such as PuTTY) to verify remote management capability.

Note: Connecting to each device via Telnet and SSH must be successful. If not, there are issues that need to be resolved.

Remote Access Test Table From Device To Device/Interface/IP Telnet (Y/N) SSH (Y/N) PC-B ALS1 mgmt (172.16.100.1) PC-B DLS1 mgmt (172.16.100.252) PC-B DLS2 mgmt (172.16.100.253) PC-B R1 Fa0/1 (172.16.2.2) PC-B R2 S0/0/0 (209.165.200.226) PC-B R3 Fa0/1 (172.16.2.14)

Step 5: Demonstrate NTP functionality. Check each network device to verify that it has synchronized with the NTP server R2.

CCNPv6 TSHOOT


Note: Each device must synchronize with the NTP server R2. If not, there are issues that need to be resolved.

NTP Synchronization Table Device NTP Status Synched (Y/N) ALS1 DLS1 DLS2 R1 R2 R3

Step 6: Demonstrate network redundancy for PC-B after correcting errors. a. Disable (shut down) DLS2 port channel Po2.

b. Ping from PC-B to all other devices in the network. Pings from PC-B to each of the other PCs and network devices must be successful. If not, there are issues that need to be resolved.

c. Renew and release the PC-B IP address. PC-B should be able to obtain an IP address on subnet 172.16.10.0/24. If not, there are issues that need to be resolved.

STP Redundancy Test Table From Device/Interface/IP To Device/Interface/IP Result PC-B HSRP default gateway (172.16.10.254) PC-B PC-C PC-B SRV1 (172.16.50.1) PC-B ALS1 mgmt (172.16.100.1) PC-B DLS1 mgmt (172.16.100.252) PC-B DLS2 mgmt (172.16.100.253) PC-B R1 Fa0/1 (172.16.2.2) PC-B R2 Lo1 (172.30.1.1) PC-B R3 Fa0/1 (172.16.2.14)

Notes:

______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________

Router Interface Summary Table

Router Interface Summary Router Model Ethernet Interface

#1 Ethernet Interface #2

Serial Interface #1

Serial Interface #2

1700 Fast Ethernet 0 (FA0)

Fast Ethernet 1 (FA1)

Serial 0 (S0) Serial 1 (S1)

1800 Fast Ethernet 0/0 (FA0/0)

Fast Ethernet 0/1 (FA0/1)

Serial 0/0/0 (S0/0/0)

Serial 0/0/1 (S0/0/1)

CCNPv6 TSHOOT


Router Interface Summary 2600 Fast Ethernet 0/0

(FA0/0) Fast Ethernet 0/1 (FA0/1)

Serial 0/0 (S0/0) Serial 0/1 (S0/1)

2800 Fast Ethernet 0/0 (FA0/0)

Fast Ethernet 0/1 (FA0/1)

Serial 0/0/0 (S0/0/0)

Serial 0/0/1 (S0/0/1)

Note: To find out how the router is configured, look at the interfaces to identify the type of router and how many interfaces the router has. There is no way to list all combinations of configurations for each router class. This table includes identifiers for the possible combinations of Ethernet and serial interfaces in the device. The table does not include any other type of interface, even though a specific router might contain one, such as an ISDN BRI interface. The string in parenthesis is the legal abbreviation that can be used in Cisco IOS commands to represent the interface.

Note: The first group of configurations is the functioning base set that does not contain errors. The second group of configurations is the error set that does contain errors.

SBA Devices—Base Configurations (instructor version) Note: This group of configurations is the functioning base set. They do not contain errors.

Switch ALS1—SBA Base (no errors) !Switch ALS1 SBA Base Config ! hostname ALS1 ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! logging buffered 16384 enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Switch ALS1 SBA Base Config ***$ ! ip dhcp snooping vlan 10 ip dhcp snooping no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! system mtu routing 1500 ! vtp domain TSHOOT vtp mode transparent ! ip subnet-zero ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024

CCNPv6 TSHOOT


! archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory file prompt quiet spanning-tree mode rapid-pvst spanning-tree portfast default ! interface Vlan1 no ip address shutdown ! vlan 10 name OFFICE ! vlan 20 name VOICE ! vlan 30 name GUEST ! vlan 100 name MGMT ! vlan 900 name NATIVE ! vlan 999 name UNUSED ! ip telnet source-interface Vlan100 ip ssh source-interface Vlan100 ! interface Port-channel1 description Channel to DLS1 no shutdown ! interface Port-channel2 description Channel to DLS2 no shutdown ! interface FastEthernet0/1 description Channel to DLS1 switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 1 mode on ip dhcp snooping trust no shutdown ! interface FastEthernet0/2 description Channel to DLS1

CCNPv6 TSHOOT


switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 1 mode on ip dhcp snooping trust no shutdown ! interface FastEthernet0/3 description Channel to DLS2 switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on ip dhcp snooping trust no shutdown ! interface FastEthernet0/4 description Channel to DLS2 switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on ip dhcp snooping trust no shutdown ! interface FastEthernet0/5 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/6 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown interface FastEthernet0/7 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/8 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/9 description Unused

CCNPv6 TSHOOT


switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/10 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/11 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/12 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/13 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/14 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/15 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/16 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/17 description Unused switchport access vlan 999 switchport mode access

CCNPv6 TSHOOT


switchport nonegotiate shutdown ! interface FastEthernet0/18 description To PC-B switchport access vlan 10 switchport mode access switchport voice vlan 20 spanning-tree portfast switchport port-security switchport port-security maximum 2 switchport port-security violation shutdown switchport port-security mac-address sticky no shut ! interface FastEthernet0/19 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/20 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/21 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/22 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/23 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/24 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface gigabitethernet0/1

CCNPv6 TSHOOT


description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface gigabitethernet0/2 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface Vlan100 ip address 172.16.100.1 255.255.255.0 no shutdown ! ip default-gateway 172.16.100.254 ! ip http server ip http secure-server ! logging source-interface Vlan100 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Vlan100 snmp-server location TSHOOT Lab Facility snmp-server contact [email protected] snmp-server host 172.16.50.1 version 2c cisco snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps port-security snmp-server enable traps vlan-membership ! line con 0 exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 transport input telnet ssh line vty 5 15 no transport input ! ntp source Vlan100 ntp server 192.168.2.1 end

Switch DLS1—SBA Base (no errors) !Switch DLS1 SBA Base Config ! hostname DLS1 !

CCNPv6 TSHOOT


service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! logging buffered 16384 enable secret ciscoenpa55 ! username admin secret adminpa55 banner motd $*** Switch DLS1 SBA Base Config ***$ ! ip dhcp relay information trust-all ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! system mtu routing 1500 ! vtp domain TSHOOT vtp mode transparent ! ip subnet-zero ip routing ! ip domain name tshoot.net ! ip dhcp excluded-address 172.16.10.252 172.16.10.254 ip dhcp excluded-address 172.16.20.252 172.16.20.254 ip dhcp excluded-address 172.16.30.252 172.16.30.254 ! ip dhcp pool OFFICE network 172.16.10.0 255.255.255.0 default-router 172.16.10.254 domain-name tshoot.net ! ip dhcp pool VOICE network 172.16.20.0 255.255.255.0 default-router 172.16.20.254 domain-name tshoot.net ! ip dhcp pool GUEST network 172.16.30.0 255.255.255.0 default-router 172.16.30.254 domain-name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! errdisable recovery cause bpduguard ! archive log config logging size 50 notify syslog

CCNPv6 TSHOOT


hidekeys path tftp://172.16.50.1/$h-archive-config write-memory file prompt quiet ! spanning-tree mode rapid-pvst ! spanning-tree vlan 10,30,100 priority 24576 spanning-tree vlan 20,50 priority 28672 ! vlan 10 name OFFICE ! vlan 20 name VOICE ! vlan 30 name GUEST ! vlan 50 name SERVERS ! vlan 100 name MGMT ! vlan 200 name TRANS ! vlan 900 name NATIVE ! vlan 999 name UNUSED ! ip telnet source-interface Vlan100 ip ssh source-interface Vlan100 ! interface Loopback0 description OSPF router ID ip address 172.16.211.1 255.255.255.255 ip ospf network point-to-point ! interface Port-channel1 description Channel to ALS1 no shut ! interface Port-channel10 description Channel to DLS2 no shut ! interface FastEthernet0/1 description Channel to ALS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate

CCNPv6 TSHOOT


channel-group 1 mode on no shut ! interface FastEthernet0/2 description Channel to ALS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 1 mode on no shut ! interface FastEthernet0/3 description Channel to DLS2 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk switchport nonegotiate channel-group 10 mode on no shut ! interface FastEthernet0/4 description Channel to DLS2 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk switchport nonegotiate channel-group 10 mode on no shut ! interface FastEthernet0/5 description FE to R1 no switchport ip address 172.16.2.1 255.255.255.252 speed 100 duplex full no shut ! interface FastEthernet0/6 description FE to SRV1 switchport access vlan 50 switchport mode access switchport nonegotiate spanning-tree portfast no shut ! interface FastEthernet0/7 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/8 description Unused

CCNPv6 TSHOOT



CCNPv6 TSHOOT


switchport nonegotiate shutdown ! interface FastEthernet0/17 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/18 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/19 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/20 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/21 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/22 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/23 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/24 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown

CCNPv6 TSHOOT


! interface gigabitethernet0/1 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface gigabitethernet0/2 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface Vlan1 no ip address shutdown ! interface Vlan10 ip address 172.16.10.252 255.255.255.0 standby 10 ip 172.16.10.254 standby 10 priority 110 standby 10 preempt ! interface Vlan20 ip address 172.16.20.252 255.255.255.0 standby 20 ip 172.16.20.254 standby 20 preempt ! interface Vlan30 ip address 172.16.30.252 255.255.255.0 standby 30 ip 172.16.30.254 standby 30 priority 110 standby 30 preempt ! interface Vlan50 ip address 172.16.50.252 255.255.255.0 standby 50 ip 172.16.50.254 standby 50 preempt ! interface Vlan100 ip address 172.16.100.252 255.255.255.0 standby 100 ip 172.16.100.254 standby 100 priority 110 standby 100 preempt ! interface Vlan200 ip address 172.16.200.252 255.255.255.0 ! router ospf 1 log-adjacency-changes passive-interface default no passive-interface Vlan200 no passive-interface FastEthernet0/5 network 172.16.2.0 0.0.0.3 area 0 network 172.16.10.0 0.0.0.255 area 1 network 172.16.20.0 0.0.0.255 area 1

CCNPv6 TSHOOT


network 172.16.30.0 0.0.0.255 area 1 network 172.16.50.0 0.0.0.255 area 1 network 172.16.100.0 0.0.0.255 area 1 network 172.16.200.0 0.0.0.255 area 0 network 172.16.211.1 0.0.0.0 area 0 ! ip classless ip http server ip http secure-server ! logging source-interface Vlan100 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Vlan100 snmp-server location TSHOOT Lab Facility snmp-server contact [email protected] snmp-server host 172.16.50.1 version 2c cisco snmp-server enable traps ospf state-change snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps port-security snmp-server enable traps config snmp-server enable traps hsrp snmp-server enable traps vlan-membership snmp-server enable traps errdisable ! line con 0 exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 transport input telnet ssh line vty 5 15 no transport input ! ntp source Vlan100 ntp server 192.168.2.1 end

Switch DLS2—SBA Base (no errors) !Switch DLS2 SBA Base Config ! hostname DLS2 ! service timestamps debug datetime msec service timestamps log datetime service password-encryption ! logging buffered 16384 enable secret ciscoenpa55 !

CCNPv6 TSHOOT


username admin secret adminpa55 ! banner motd $*** Switch DLS2 SBA Base Config ***$ ! ip dhcp relay information trust-all ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! system mtu routing 1500 ! vtp domain TSHOOT vtp mode transparent ! ip subnet-zero ip routing ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! ! archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory file prompt quiet ! spanning-tree mode rapid-pvst ! spanning-tree vlan 10,30,100 priority 28672 spanning-tree vlan 20,50 priority 24576 ! vlan 10 name OFFICE ! vlan 20 name VOICE ! vlan 30 name GUEST ! vlan 50 name SERVERS ! vlan 100 name MGMT ! vlan 200 name TRANS !

CCNPv6 TSHOOT


vlan 900 name NATIVE ! vlan 999 name UNUSED ! ip telnet source-interface Vlan100 ip ssh source-interface Vlan100 ! interface Loopback0 description OSPF router ID ip address 172.16.212.1 255.255.255.255 ip ospf network point-to-point ! interface Port-channel2 description Channel to ALS1 no shut interface Port-channel10 description Channel to DLS1 no shut ! interface FastEthernet0/1 description Channel to ALS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on no shut ! interface FastEthernet0/2 description Channel to ALS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on no shut ! interface FastEthernet0/3 description Channel to DLS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk switchport nonegotiate channel-group 10 mode on no shut ! interface FastEthernet0/4 description Channel to DLS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk

CCNPv6 TSHOOT


switchport nonegotiate channel-group 10 mode on no shut ! interface FastEthernet0/5 description FE to R3 no switchport ip address 172.16.2.13 255.255.255.252 speed 100 duplex full spanning-tree bpduguard enable no shutdown ! interface FastEthernet0/6 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/7 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/8 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/9 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/10 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/11 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/12 description Unused switchport access vlan 999

CCNPv6 TSHOOT


switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/13 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/14 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/15 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/16 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/17 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/18 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/19 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/20 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate

CCNPv6 TSHOOT


shutdown ! interface FastEthernet0/21 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/22 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/23 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/24 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface GigabitEthernet0/1 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface GigabitEthernet0/2 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface Vlan1 no ip address shutdown ! interface Vlan10 ip address 172.16.10.253 255.255.255.0 standby 10 ip 172.16.10.254 standby 10 preempt ! interface Vlan20 ip address 172.16.20.253 255.255.255.0 standby 20 ip 172.16.20.254 standby 20 priority 110 standby 20 preempt

CCNPv6 TSHOOT


! interface Vlan30 ip address 172.16.30.253 255.255.255.0 standby 30 ip 172.16.30.254 standby 30 preempt ! interface Vlan50 ip address 172.16.50.253 255.255.255.0 standby 50 ip 172.16.50.254 standby 50 priority 110 standby 50 preempt ! interface Vlan100 ip address 172.16.100.253 255.255.255.0 standby 100 ip 172.16.100.254 standby 100 preempt ! interface Vlan200 ip address 172.16.200.253 255.255.255.0 ! router ospf 1 log-adjacency-changes passive-interface default no passive-interface Vlan200 no passive-interface FastEthernet0/5 network 172.16.2.12 0.0.0.3 area 0 network 172.16.10.0 0.0.0.255 area 1 network 172.16.20.0 0.0.0.255 area 1 network 172.16.30.0 0.0.0.255 area 1 network 172.16.50.0 0.0.0.255 area 1 network 172.16.100.0 0.0.0.255 area 1 network 172.16.200.0 0.0.0.255 area 0 network 172.16.212.1 0.0.0.0 area 0 ! ip classless ip http server ip http secure-server ! ! logging source-interface Vlan100 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Vlan100 snmp-server location TSHOOT Lab Facility snmp-server contact [email protected] snmp-server enable traps ospf state-change snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps port-security snmp-server enable traps hsrp snmp-server enable traps vlan-membership snmp-server enable traps errdisable snmp-server host 172.16.50.1 version 2c cisco ! line con 0

CCNPv6 TSHOOT


exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 transport input telnet ssh line vty 5 15 no transport input ! ntp source Vlan100 ntp server 192.168.2.1 end

Router R1—SBA Base (no errors) !Router R1 SBA Base Config ! hostname R1 ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! logging buffered 16384 debugging enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Router R1 SBA Base Config ***$ ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! file prompt quiet archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory ! ip telnet source-interface Loopback0 ip ssh source-interface Loopback0 ! interface Loopback0 description OSPF router ID ip address 192.168.1.1 255.255.255.255

CCNPv6 TSHOOT


ip ospf network point-to-point ! interface FastEthernet0/0 no ip address shutdown ! interface FastEthernet0/1 description FE to DLS1 ip address 172.16.2.2 255.255.255.252 ip flow ingress speed 100 full-duplex no shutdown ! interface Serial0/0/0 description WAN link to ISP R2 ip address 209.165.200.225 255.255.255.252 ip flow ingress encapsulation ppp clock rate 128000 no shutdown ! interface Serial0/0/1 shutdown ! router ospf 1 log-adjacency-changes passive-interface default no passive-interface FastEthernet0/1 no passive-interface Loopback0 network 172.16.2.0 0.0.0.3 area 0 network 192.168.1.1 0.0.0.0 area 0 default-information originate always ! router bgp 65501 no synchronization bgp log-neighbor-changes neighbor 192.168.2.1 remote-as 65502 neighbor 192.168.2.1 ebgp-multihop 2 neighbor 192.168.2.1 update-source Loopback0 no auto-summary ! ip route 192.168.2.1 255.255.255.255 209.165.200.226 ! ip http server no ip http secure-server ! ip flow-export source Loopback0 ip flow-export version 5 ip flow-export destination 172.16.50.1 9996 ! logging source-interface Loopback0 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Loopback0 snmp-server location TSHOOT Lab Facility

CCNPv6 TSHOOT


snmp-server contact [email protected] snmp-server enable traps ospf state-change snmp-server enable traps flash insertion removal snmp-server enable traps config snmp-server enable traps cpu threshold snmp-server host 172.16.50.1 version 2c cisco ! line con 0 exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 transport input telnet ssh ! ntp source Loopback0 ntp update-calendar ntp server 192.168.2.1 end

Router R2—SBA Base (no errors) !Router R2 SBA Base Config ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! Hostname R2 ! logging buffered 16384 debugging enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Router R2 SBA Base Config ***$ ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! file prompt quiet archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory

CCNPv6 TSHOOT


! ip telnet source-interface Loopback0 ip ssh source-interface Loopback0 ! interface Loopback0 description BGP router ID ip address 192.168.2.1 255.255.255.255 ! interface Loopback1 description Simulated Internet address ip address 172.30.1.1 255.255.255.255 ! interface FastEthernet0/0 shutdown ! interface FastEthernet0/1 shutdown ! interface Serial0/0/0 description WAN link to R1 – T1 leased line ip address 209.165.200.226 255.255.255.252 encapsulation ppp no shutdown ! interface Serial0/0/1 shutdown router bgp 65502 no synchronization bgp log-neighbor-changes network 0.0.0.0 neighbor 192.168.1.1 remote-as 65501 neighbor 192.168.1.1 ebgp-multihop 2 neighbor 192.168.1.1 update-source Loopback0 no auto-summary ! ip route 0.0.0.0 0.0.0.0 null0 ip route 192.168.1.1 255.255.255.255 209.165.200.225 ip route 172.16.0.0 255.255.0.0 209.165.200.225 ! ip http server no ip http secure-server ! logging source-interface Loopback0 logging 172.16.50.1 snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Loopback0 snmp-server location TSHOOT Lab Facility snmp-server contact [email protected] snmp-server enable traps flash insertion removal snmp-server enable traps config snmp-server enable traps cpu threshold snmp-server host 172.16.50.1 version 2c cisco ! line con 0 exec-timeout 60 0 logging synchronous

CCNPv6 TSHOOT


login authentication CONSOLE line vty 0 4 exec-timeout 60 0 transport input telnet ssh ! ntp master 3 end

Router R3—SBA Base (no errors) !Router R3 SBA Base Config ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname R3 ! logging buffered 16384 debugging enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Router R3 SBA Base Config ***$ ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! no ip domain lookup ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! ip dhcp excluded-address 172.16.80.1 ip dhcp excluded-address 172.16.80.129 ! ip dhcp pool R3-B1 network 172.16.80.0 255.255.255.128 default-router 172.16.80.1 domain-name tshoot.net ! ip dhcp pool R3-B2 network 172.16.80.128 255.255.255.128 default-router 172.16.80.129 domain-name tshoot.net ! file prompt quiet archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory

CCNPv6 TSHOOT


! ip telnet source-interface Loopback0 ip ssh source-interface Loopback0 ! interface Loopback0 description OSPF router ID ip address 172.16.203.1 255.255.255.255 ip ospf network point-to-point ! interface Loopback1 description simulated R3 Branch 2 LAN subnet ip address 172.16.80.129 255.255.255.128 ! interface FastEthernet0/0 description FE to R3 Branch 1 LAN ip address 172.16.80.1 255.255.255.128 ip flow ingress speed 100 full-duplex no shutdown ! interface FastEthernet0/1 description FE to DLS2 ip address 172.16.2.14 255.255.255.252 ip flow ingress speed 100 full-duplex no shutdown ! interface Serial0/0/0 shutdown ! interface Serial0/0/1 shutdown ! router eigrp 100 redistribute ospf 1 metric 1544 2000 255 1 1500 passive-interface default no passive-interface FastEthernet0/0 no passive-interface loopback1 network 172.16.80.0 0.0.0.127 network 172.16.80.128 0.0.0.127 no auto-summary ! router ospf 1 log-adjacency-changes redistribute eigrp 100 metric 100 subnets passive-interface default no passive-interface FastEthernet0/1 network 172.16.2.12 0.0.0.3 area 0 network 172.16.203.1 0.0.0.0 area 0 ! ip http server no ip http secure-server ! ip flow-export source Loopback0 ip flow-export version 5 ip flow-export destination 172.16.50.1 9996

CCNPv6 TSHOOT


! logging source-interface Loopback0 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Loopback0 snmp-server location TSHOOT Lab Facility snmp-server contact [email protected] snmp-server enable traps eigrp snmp-server enable traps flash insertion removal snmp-server enable traps config snmp-server enable traps cpu threshold snmp-server host 172.16.50.1 version 2c cisco ! line con 0 exec-timeout 60 0 login authentication CONSOLE line vty 0 4 exec-timeout 60 0 transport input telnet ssh ! ntp source Loopback0 ntp update-calendar ntp server 192.168.2.1 end

SBA Devices—Error Configurations

Note: The errors in the configurations are commented and highlighted as red text.

Switch ALS1—SBA Error Config !Switch ALS1 SBA Error Config ! hostname ALS1 ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! logging buffered 16384 enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Switch ALS1 SBA Error Config ***$ ! ip dhcp snooping vlan 10 ip dhcp snooping no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! system mtu routing 1500

CCNPv6 TSHOOT


! vtp domain TSHOOT vtp mode transparent ! ip subnet-zero ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory file prompt quiet spanning-tree mode mst spanning-tree portfast default ! interface Vlan1 no ip address shutdown ! vlan 10 name OFFICE ! vlan 20 name VOICE ! vlan 30 name GUEST ! vlan 100 name MGMT ! vlan 900 name NATIVE ! vlan 999 name UNUSED ! ip telnet source-interface Vlan100 ip ssh source-interface Vlan100 ! interface Port-channel1 description Channel to DLS1 no shutdown ! interface Port-channel2 description Channel to DLS2 no shutdown ! interface FastEthernet0/1 description Channel to DLS1 switchport trunk native vlan 900

Error: Incorrect spanning tree mode (MST) is configured and does not match DLS1 and DLS2 (RPVST). spanning-tree mode rapid-pvst

CCNPv6 TSHOOT


switchport trunk allowed vlan 20,30,100 switchport mode trunk switchport nonegotiate channel-group 1 mode on ip dhcp snooping trust no shutdown ! interface FastEthernet0/2 description Channel to DLS1 switchport trunk native vlan 900 switchport trunk allowed vlan 20,30,100 switchport mode trunk switchport nonegotiate channel-group 1 mode on ip dhcp snooping trust no shutdown ! interface FastEthernet0/3 description Channel to DLS2 switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on ip dhcp snooping trust no shutdown ! interface FastEthernet0/4 description Channel to DLS2 switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on ip dhcp snooping trust no shutdown ! interface FastEthernet0/5 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/6 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown interface FastEthernet0/7 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown !

Error: Trunk ports Fa0/1 and Fa0/2 (Po1) do not allow VLAN 10 (PC-B Office VLAN). interface po1

switchport trunk allowed vlan add 10

CCNPv6 TSHOOT


interface FastEthernet0/8 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/9 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/10 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/11 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/12 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/13 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/14 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/15 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/16 description Unused

CCNPv6 TSHOOT


switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/17 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/18 description To PC-B switchport access vlan 10 switchport mode access switchport voice vlan 20 spanning-tree portfast switchport port-security switchport port-security maximum 2 switchport port-security violation shutdown switchport port-security mac-address sticky no shut ! interface FastEthernet0/19 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/20 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/21 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/22 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/23 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown

CCNPv6 TSHOOT


! interface FastEthernet0/24 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface gigabitethernet0/1 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface gigabitethernet0/2 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface Vlan100 ip address 172.16.100.1 255.255.255.0 no shutdown ! ip default-gateway 172.16.100.254 ! ip http server ip http secure-server ! logging source-interface Vlan100 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Vlan100 snmp-server location TSHOOT Lab Facility snmp-server contact [email protected] snmp-server host 172.16.50.1 version 2c cisco snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps port-security snmp-server enable traps vlan-membership ! line con 0 exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 transport input telnet ssh line vty 5 15 no transport input ! ntp source Vlan100 ntp server 192.168.2.1

CCNPv6 TSHOOT


end

Switch DLS1—SBA Error Config !Switch DLS1 SBA Error Config ! hostname DLS1 ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! logging buffered 16384 enable secret ciscoenpa55 ! username admin secret adminpa55 banner motd $*** Switch DLS1 SBA Error Config ***$ ! ip dhcp relay information trust-all ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! system mtu routing 1500 ! vtp domain TSHOOT vtp mode transparent ! ip subnet-zero ip routing ! ip domain name tshoot.net ! ip dhcp excluded-address 172.16.1.252 172.16.10.254 ip dhcp excluded-address 172.16.20.252 172.16.20.254 ip dhcp excluded-address 172.16.30.252 172.16.30.254 ! ip dhcp pool OFFICE network 172.16.10.0 255.255.255.0 default-router 172.16.10.254 domain-name tshoot.net ! ip dhcp pool VOICE network 172.16.20.0 255.255.255.0 default-router 172.16.20.254 domain-name tshoot.net ! ip dhcp pool GUEST network 172.16.30.0 255.255.255.0 default-router 172.16.30.254 domain-name tshoot.net !

Error: DHCP excluded range overlaps with OFFICE pool. no ip dhcp excluded-address 172.16.1.252 172.16.10.254 ip dhcp excluded-address 172.16.10.252 172.16.10.254

CCNPv6 TSHOOT


crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! errdisable recovery cause bpduguard ! archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory file prompt quiet ! spanning-tree mode rapid-pvst ! spanning-tree vlan 10,30,100 priority 24576 spanning-tree vlan 20,50 priority 28672 ! vlan 10 name OFFICE ! vlan 20 name VOICE ! vlan 30 name GUEST ! vlan 50 name SERVERS ! ! ! vlan 200 name TRANS ! vlan 900 name NATIVE ! vlan 999 name UNUSED ! ip telnet source-interface Vlan100 ip ssh source-interface Vlan100 ! interface Loopback0 description OSPF router ID ip address 172.16.211.1 255.255.255.255 ip ospf network point-to-point ! interface Port-channel1 description Channel to ALS1 no shut ! interface Port-channel10 description Channel to DLS2 no shut !

Error: Management VLAN 100 is not defined. vlan 100

name MGMT

CCNPv6 TSHOOT


interface FastEthernet0/1 description Channel to ALS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 1 mode on no shut ! interface FastEthernet0/2 description Channel to ALS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 1 mode on no shut ! interface FastEthernet0/3 description Channel to DLS2 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk switchport nonegotiate channel-group 10 mode on no shut ! interface FastEthernet0/4 description Channel to DLS2 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk switchport nonegotiate channel-group 10 mode on no shut ! interface FastEthernet0/5 description FE to R1 no switchport ip address 172.16.2.1 255.255.255.252 speed 100 duplex full no shut ! interface FastEthernet0/6 description FE to SRV1 switchport access vlan 50 switchport mode access switchport nonegotiate spanning-tree portfast no shut ! interface FastEthernet0/7 description Unused

CCNPv6 TSHOOT



CCNPv6 TSHOOT



CCNPv6 TSHOOT


! interface FastEthernet0/24 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface gigabitethernet0/1 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface gigabitethernet0/2 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface Vlan1 no ip address shutdown ! interface Vlan10 ip address 172.16.10.252 255.255.255.0 standby 10 ip 172.16.10.254 standby 10 priority 110 standby 10 preempt ! interface Vlan20 ip address 172.16.20.252 255.255.255.0 standby 20 ip 172.16.20.254 standby 20 preempt ! interface Vlan30 ip address 172.16.30.252 255.255.255.0 standby 30 ip 172.16.30.254 standby 30 priority 110 standby 30 preempt ! interface Vlan50 ip address 172.16.50.252 255.255.255.0 standby 50 ip 172.16.50.254 standby 50 preempt ! interface Vlan100 ip address 172.16.100.252 255.255.255.0 standby 100 ip 172.16.100.254 standby 100 priority 110 standby 100 preempt ! interface Vlan200 ip address 172.16.200.252 255.255.255.0 ! router ospf 1

CCNPv6 TSHOOT


log-adjacency-changes passive-interface default no passive-interface Vlan200 no passive-interface FastEthernet0/5 network 172.16.2.0 0.0.0.3 area 0 network 172.16.10.0 0.0.0.255 area 1 network 172.16.20.0 0.0.0.255 area 1 network 172.16.30.0 0.0.0.255 area 1 network 172.16.50.0 0.0.0.255 area 1 network 172.16.100.0 0.0.0.255 area 1 network 172.16.200.0 0.0.0.255 area 0 network 172.16.211.1 0.0.0.0 area 0 ! ip classless ip http server ip http secure-server ! logging source-interface Vlan100 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Vlan100 snmp-server location TSHOOT Lab Facility snmp-server contact [email protected] snmp-server host 172.16.50.1 version 2c cisco snmp-server enable traps ospf state-change snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps port-security snmp-server enable traps config snmp-server enable traps hsrp snmp-server enable traps vlan-membership snmp-server enable traps errdisable ! line con 0 exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 transport input telnet ssh line vty 5 15 no transport input ! ntp source Vlan100 ntp server 192.168.2.1 end

Switch DLS2—SBA Error Config !Switch DLS2 SBA Error Config ! hostname DLS2 ! service timestamps debug datetime msec

CCNPv6 TSHOOT


service timestamps log datetime service password-encryption ! logging buffered 16384 enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Switch DLS2 SBA Error Config ***$ ! ip dhcp relay information trust-all ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! system mtu routing 1500 ! vtp domain TSHOOT vtp mode transparent ! ip subnet-zero ip routing ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! ! archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory file prompt quiet ! spanning-tree mode rapid-pvst ! spanning-tree vlan 10,30,100 priority 28672 spanning-tree vlan 20,50 priority 24576 ! vlan 10 name OFFICE ! vlan 20 name VOICE ! vlan 30 name GUEST ! vlan 50 name SERVERS !

CCNPv6 TSHOOT


vlan 100 name MGMT ! vlan 200 name TRANS ! vlan 900 name NATIVE ! vlan 999 name UNUSED ! ip telnet source-interface Vlan100 ip ssh source-interface Vlan100 ! interface Loopback0 description OSPF router ID ip address 172.16.212.1 255.255.255.255 ip ospf network point-to-point ! interface Port-channel2 description Channel to ALS1 no shut interface Port-channel10 description Channel to DLS1 no shut ! interface FastEthernet0/1 description Channel to ALS1 switchport trunk encapsulation isl switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on no shut ! interface FastEthernet0/2 description Channel to ALS1 switchport trunk encapsulation isl switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,100 switchport mode trunk switchport nonegotiate channel-group 2 mode on no shut ! interface FastEthernet0/3 description Channel to DLS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk switchport nonegotiate channel-group 10 mode on no shut !

Error: Trunk encapsulation on Fa0/1 and Fa0/2 is ISL and does not match ALS1 (dot1q). interface range fa0/1 - 2

switchport trunk encapsulation dot1q

CCNPv6 TSHOOT


interface FastEthernet0/4 description Channel to DLS1 switchport trunk encapsulation dot1q switchport trunk native vlan 900 switchport trunk allowed vlan 10,20,30,50,100,200 switchport mode trunk switchport nonegotiate channel-group 10 mode on no shut ! interface FastEthernet0/5 description FE to R3 no switchport ip address 172.16.2.13 255.255.255.252 speed 100 duplex full spanning-tree bpduguard enable no shutdown ! interface FastEthernet0/6 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/7 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/8 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/9 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/10 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/11 description Unused switchport access vlan 999 switchport mode access

CCNPv6 TSHOOT



CCNPv6 TSHOOT


! interface FastEthernet0/20 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/21 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/22 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/23 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface FastEthernet0/24 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface GigabitEthernet0/1 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface GigabitEthernet0/2 description Unused switchport access vlan 999 switchport mode access switchport nonegotiate shutdown ! interface Vlan1 no ip address shutdown ! interface Vlan10 ip address 172.16.10.253 255.255.255.0 standby 10 ip 172.16.10.254 standby 10 preempt

CCNPv6 TSHOOT


! interface Vlan20 ip address 172.16.20.253 255.255.255.0 standby 20 ip 172.16.20.254 standby 20 priority 110 standby 20 preempt ! interface Vlan30 ip address 172.16.30.253 255.255.255.0 standby 30 ip 172.16.30.254 standby 30 preempt ! interface Vlan50 ip address 172.16.50.253 255.255.255.0 standby 50 ip 172.16.50.254 standby 50 priority 110 standby 50 preempt ! interface Vlan100 ip address 172.16.100.253 255.255.255.0 standby 100 ip 172.16.100.254 standby 100 preempt ! interface Vlan200 ip address 172.16.253.200 255.255.255.0 ! router ospf 1 log-adjacency-changes passive-interface default no passive-interface Vlan200 no passive-interface FastEthernet0/5 network 172.16.2.12 0.0.0.3 area 0 network 172.16.10.0 0.0.0.255 area 1 network 172.16.20.0 0.0.0.255 area 1 network 172.16.30.0 0.0.0.255 area 1 network 172.16.50.0 0.0.0.255 area 1 network 172.16.100.0 0.0.0.255 area 1 network 172.16.200.0 0.0.0.255 area 0 network 172.16.212.1 0.0.0.0 area 0 ! ip classless ip http server ip http secure-server ! ! logging source-interface Vlan100 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Vlan100 snmp-server location TSHOOT Lab Facility snmp-server contact [email protected] snmp-server enable traps ospf state-change snmp-server enable traps vtp snmp-server enable traps vlancreate snmp-server enable traps vlandelete snmp-server enable traps port-security

Error: Interface VLAN 200 is assigned the wrong address. interface Vlan200

ip address 172.16.200.253 255.255.255.0

CCNPv6 TSHOOT


snmp-server enable traps hsrp snmp-server enable traps vlan-membership snmp-server enable traps errdisable snmp-server host 172.16.50.1 version 2c cisco ! line con 0 exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 transport input telnet ssh line vty 5 15 no transport input ! ntp source Vlan100 ntp server 192.168.2.1 end

Router R1—SBA Error Config !Router R1 SBA Error Config ! hostname R1 ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! logging buffered 16384 debugging enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Router R1 SBA Error Config ***$ ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! file prompt quiet archive log config logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory !

CCNPv6 TSHOOT


ip telnet source-interface Loopback0 ip ssh source-interface Loopback0 ! interface Loopback0 description OSPF router ID ip address 192.168.1.1 255.255.255.255 ip ospf network point-to-point ! interface FastEthernet0/0 no ip address shutdown ! interface FastEthernet0/1 description FE to DLS1 ip address 172.16.2.2 255.255.255.252 ip flow ingress speed 100 full-duplex no shutdown ! interface Serial0/0/0 description WAN link to ISP R2 ip address 209.165.200.225 255.255.255.252 ip flow ingress encapsulation ppp clock rate 128000 no shutdown ! interface Serial0/0/1 shutdown ! router ospf 1 log-adjacency-changes passive-interface default no passive-interface FastEthernet0/1 no passive-interface Loopback0 network 172.16.2.4 0.0.0.3 area 1 network 192.168.1.1 0.0.0.0 area 0 ! router bgp 65501 no synchronization bgp log-neighbor-changes neighbor 192.168.2.1 remote-as 65502 neighbor 192.168.2.1 ebgp-multihop 2 neighbor 192.168.2.1 update-source Loopback0 no auto-summary ! ip route 192.168.2.1 255.255.255.255 209.165.200.226 ! ip http server no ip http secure-server ! ip flow-export source Loopback0 ip flow-export version 5 ip flow-export destination 172.16.50.1 9996 ! logging source-interface Loopback0 logging 172.16.50.1

Error: Interface Fa0/1 network is in wrong OSPF area, and the wrong subnet is specified. router ospf 1

no network 172.16.2.4 0.0.0.3 area 1

network 172.16.2.0 0.0.0.3 area 0

CCNPv6 TSHOOT


! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Loopback0 snmp-server location TSHOOT Lab Facility snmp-server contact [email protected] snmp-server enable traps ospf state-change snmp-server enable traps flash insertion removal snmp-server enable traps config snmp-server enable traps cpu threshold snmp-server host 172.16.50.1 version 2c cisco ! line con 0 exec-timeout 60 0 login authentication CONSOLE logging synchronous line vty 0 4 exec-timeout 60 0 no transport input ! ntp source Loopback0 ntp update-calendar ntp server 192.168.2.1 end

Router R2 – SBA Error Config !Router R2 SBA Error Config ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! Hostname R2 ! logging buffered 16384 debugging enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Router R2 SBA Error Config ***$ ! no ip domain lookup ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! file prompt quiet archive log config

Error: No remote access protocol is permitted on the vty lines. line vty 0 4

transport input telnet ssh

CCNPv6 TSHOOT


logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory ! ip telnet source-interface Loopback0 ip ssh source-interface Loopback0 ! interface Loopback0 description BGP router ID ip address 192.168.2.1 255.255.255.255 ! interface Loopback1 description simulated Internet address ip address 172.30.1.1 255.255.255.255 ! interface FastEthernet0/0 shutdown ! interface FastEthernet0/1 shutdown ! interface Serial0/0/0 description WAN link to R1 – T1 leased line ip address 209.165.200.226 255.255.255.252 encapsulation ppp no shutdown ! interface Serial0/0/1 shutdown router bgp 65502 no synchronization bgp log-neighbor-changes network 0.0.0.0 neighbor 192.168.1.11 remote-as 65001 neighbor 192.168.1.11 ebgp-multihop 2 neighbor 192.168.1.11 update-source Loopback0 no auto-summary ! ip route 192.168.1.1 255.255.255.255 209.165.200.225 ip route 172.16.0.0 255.255.0.0 209.165.200.225 ! ip http server no ip http secure-server ! logging source-interface Loopback0 logging 172.16.50.1 snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Loopback0 snmp-server location TSHOOT Lab Facility snmp-server contact [email protected] snmp-server enable traps flash insertion removal snmp-server enable traps config snmp-server enable traps cpu threshold snmp-server host 172.16.50.1 version 2c cisco

Error: Wrong BGP neighbor AS and IP address is specified and R2 not peering with R1. router bgp 65502

no neighbor 192.168.1.11 remote-as 65001

neighbor 192.168.1.1 remote-as 65501 neighbor 192.168.1.1 ebgp-multihop 2 neighbor 192.168.1.1 update-source Loopback0

Error: Default static route (0.0.0.0) to null is not present. ip route 0.0.0.0 0.0.0.0 null0

CCNPv6 TSHOOT


! line con 0 exec-timeout 60 0 logging synchronous login authentication CONSOLE line vty 0 4 exec-timeout 60 0 transport input telnet ssh ! ntp master 3 end

Router R3—SBA Error Config !Router R3 SBA Error Config ! service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname R3 ! ! logging buffered 16384 debugging enable secret ciscoenpa55 ! username admin secret adminpa55 ! banner motd $*** Router R3 SBA Error Config ***$ ! aaa new-model aaa authentication login default local aaa authentication login CONSOLE none aaa authorization exec default local ! no ip domain lookup ip domain name tshoot.net ! crypto key zeroize rsa crypto key generate rsa general-keys modulus 1024 ! ip dhcp excluded-address 172.16.80.1 ip dhcp excluded-address 172.16.80.129 ! ip dhcp pool R3-B1 network 172.16.80.0 255.255.255.128 default-router 172.16.80.1 domain-name tshoot.net ! ip dhcp pool R3-B2 network 172.16.80.128 255.255.255.128 default-router 172.16.80.129 domain-name tshoot.net ! file prompt quiet archive log config

CCNPv6 TSHOOT


logging size 50 notify syslog hidekeys path tftp://172.16.50.1/$h-archive-config write-memory ! ip telnet source-interface Loopback0 ip ssh source-interface Loopback0 ! interface Loopback0 description OSPF router ID ip address 172.16.203.1 255.255.255.255 ip ospf network point-to-point ! interface Loopback1 description simulated R3 Branch LAN ip address 172.16.80.129 255.255.255.128 ! interface FastEthernet0/0 description FE to R3 Branch LAN ip address 172.16.80.1 255.255.255.128 ip flow ingress speed 100 full-duplex no shutdown ! interface FastEthernet0/1 description FE to DLS2 ip address 172.16.2.14 255.255.255.252 ip flow ingress speed 100 full-duplex no shutdown ! interface Serial0/0/0 shutdown ! interface Serial0/0/1 shutdown ! router eigrp 100 redistribute ospf 1 metric 1544 2000 255 1 1500 passive-interface default no passive-interface FastEthernet0/1 no passive-interface loopback1 network 172.16.80.128 0.0.0.127 no auto-summary ! router ospf 1 log-adjacency-changes redistribute eigrp 100 metric 100 subnets passive-interface default no passive-interface FastEthernet0/1 network 172.16.2.12 0.0.0.3 area 0 network 172.16.203.1 0.0.0.0 area 0 ! ip http server no ip http secure-server

Error: The PC-C LAN (172.16.80.0/25) is not advertised under EIGRP. router eigrp 100 network 172.16.80.0 0.0.0.127

CCNPv6 TSHOOT


! ip flow-export source Loopback0 ip flow-export version 5 ip flow-export destination 172.16.50.1 9996 ! logging source-interface Loopback0 logging 172.16.50.1 ! snmp-server community cisco RO snmp-server community san-fran RW snmp-server trap-source Loopback0 snmp-server location TSHOOT Lab Facility snmp-server contact [email protected] snmp-server enable traps eigrp snmp-server enable traps flash insertion removal snmp-server enable traps config snmp-server enable traps cpu threshold snmp-server host 172.16.50.1 version 2c cisco ! line con 0 exec-timeout 60 0 login authentication CONSOLE line vty 0 4 exec-timeout 60 0 transport input telnet ssh ! ntp source Loopback0 ntp update-calendar ntp server 192.168.1.2 end Error: IP address referencing the R2 NTP

server is incorrect. ntp server 192.168.2.1

Documents

139766101 Ccnpv6 Tshoot Sba Stud Ans Key