Sample-Narbik CCIE Foundation Book

R&S Foundation by Narbik Kocharians CCIE R&S Foundation 5.0 Page 1 of 124

2013 Narbik Kocharians. All rights reserved

CCIE Foundation

5.0

www.MicronicsTraining.com

Narbik Kocharians

CCIE #12410

R&S, Security, SP

VOL-I



Table of Content:

Subject Page

Topology 4

Section One:

Logical or Physical Subject Page

Lab 1 Physical to Logical Topology I 10

Lab 2 Physical to Logical Topology II 21

Lab 3 Physical to Logical Topology III 36

Section Two:

3560 Switching Subject Page

Lab 1 Basic 3560 configuration 56

Lab 2 Spanning-tree 802.1d 91

Section Three:

Frame-relay Subject Page

Lab 1 Multipoint Hub-n-Spoke Using Frame-relay maps 107

Lab 2 - Multipoint Hub-n-Spoke Using Frame-relay sub-interfaces 122

Lab 3 Frame-relay configurstion in a Point-to-point manner 127

Lab 4 Mixture of Point-to-point & Multipoint Frame-relay 132

Lab 5 Running PPP on Frame-relay 137

Section Four:

RIPv2 Subject Page

Lab 1 Configuring RIPv2 145

Lab 2 RIPv2 Authentication (Clear text and MD5) 153

Lab 3 Configuring different RIPv2 Update methods 159

Lab 4 Injection of Default routes in RIPv2 166

Lab 5 Filtering RIPv2 routes 177

Section five:

Eigrp Lab 1 Configuring Eigrp and Adjusting the Timers 185

Lab 2 Eigrp Metric 195

Lab 3 Eigrp Summarization 198

Lab 4 Eigrp Authentication & Advanced Configuration 209

Lab 5 Eigrp Stub 215



Section Six:

OSPF Subject Page

Lab 1 Advertising Networks 228

Lab 2 OSPF Non-Broadcast Networks 244

Lab 3 OSPF Broadcast Networks 252

Lab 4 OSPF Point-to-point Networks 259

Lab 5 OSPF Point-to-Multipoint Networks 265

Lab 6 OSPF Point-to-Multipoint Non-Broadcast Networks 274

Lab 7 OSPF Cost 280

Lab 8 OSPF Authentication 287

Lab 9 OSPF Summarization 317

Lab 10 OSPF Filtering 328

Lab 11 Virtual-Links and GRE Tunnels 358

Lab 12 OSPF Stub, T/Stubby, NSSA, NSS-Stub, NSS-T/Stub 369

Section Seven:

Redistribution Subject Page

Lab 1 Redistribution Basics 389

Section Eight:

BGP Subject Page

Lab 1 Establishing Neighbor Adjacency 5

Lab 2 Route reflectors, Originator-ID and Cluster-ID 15

Lab 3 Conditional Advertisement & BGP Backdoor 35

Lab 4 The Community Attribute 51

Lab 5 The AS-Path Attribute 65

Lab 6 The Weight Attribute 76

Lab 7 The Multi Exist Discriminator (MED) Attribute 86

Lab 8 Filtering Using Access-lists and Prefix-lists 105

Lab 9 Regular Expressions 118

Lab 10 BGP Confederation 137

Section Nine:

IPv6 Subject Page

Lab 1 Configuring Basic IPv6 145

Lab 2 Configuring Point-to-point, Multipoint and Multi-access links 158

Lab 3 Configuring RIPng 178

Lab 4 Configuring EIGRPv6 191

Lab 5 Configuring OSPFv3 203

Lab 6 OSPFv3 Non-Broadcast Netywork Type 225

Lab 7 OSPFv3 Broadcast Network Type 235



Lab 8 OSPFv3 Point-to-point Network Type 242

Lab 9 OSPFv3 Point-to-Multipoint Broadcast Network Type 250

Lab 10 OSPFv3 Point-to-Multipoint Non-Broadcast Network Type 259

Section Ten:

QoS Subject Page

Lab 1 MLS QoS 272

Lab 2 DSCP-Mutation 287

Lab 3 DSCP-CoS 299

Lab 4 CoS-DSCP 306

Lab 5 IP-Prec-to-DSCP 313

Lab 6 Individual Rate Policer 319

Lab 7 Policed-DSCP 325

Lab 8 Aggregate Policer 331

Lab 9 Frame-relay Traffic Shaping 337

Lab 10 Basic Class-Based Policing 345

Section Eleven:

IP Services and Network Optimization & Advanced Features Subject Page

Lab 1 HSRP 357

Lab 2 VRRP 385

Lab 3 GLBP 420

Lab 4 NTP 438

Lab 5 OER/PFR Configuration 448

Lab 6 EEM 465



F0/0

R1

R2

F0/0

F0/0

F0/0

F0/0

F0/0

F0/0

F0/0

F0/0 F0/1

F0/1

F0/5

F0/6

F0/11

F0/12

F0/13

F0/4

F0/3

F0/2

F0/1

Switch -1

F0/13

F0/12

Switch -3

F0/1

R3

R4

R5

R6

BB1

BB2

BB3

F0/1

F0/1

F0/5

F0/6

F0/11

F0/4

F0/3

F0/2

F0/1

Switch -2

F0/1

F0/1

F0/1

F0/1



The Serial Connection Between R1 and R3

R1 R3DCE

DTES0/1

S0/1

The Serial Connection Between R4 and R5

R4 R5DCE

DTES0/1

S0/1



Frame-Relay Switch Connections

R1

R2

R3

R4

R5

R6

S0/0

S0/1

S0/2

S0/3

S1/0

S1/1

S1/2

S0/0

S0/0

S0/0

S0/0/

0

S0/1

S0/0/

0

S0/0



Frame-Relay DLCI Connections:

Router: Local DLCI: Connecting to:

R1 102

112

103

104

105

106

164

R2

R2

R3

R4

R5

R6

R4

R2 201

211

203

204

205

206

R1

R1

R3

R4

R5

R6

R3 301

302

304

305

306

R1

R2

R4

R5

R6

R4 401

402

403

405

406

461

R1

R2

R3

R5

R6

R1

R5 501

502

503

504

506

R1

R2

R3

R4

R6

R6 601

602

603

604

605

R1

R2

R3

R4

R5



Switch-to-Switch connections:

SW3 SW4

SW1 SW2

F0/19

F0/20

F0/19

F0/20

F0/2

1

F0/2

2 F0/2

1

F0/2

2F0/23F0/23

F0/24

F0/24

F0/18



CCIE Foundation

5.0

www.MicronicsTraining.com

Narbik Kocharians

CCIE #12410

R&S, Security, SP

Configuring Logical Topology

from the Physical Topology



F0/0

VLAN 23

.1

12.1.1.0/24

VLAN 12

F0/0

F0/1

F0/1

F0/1

F0/0

F0/0 F0/1

F0/0

F0/0 F0/1

F0/0

R1

R3BB1

R4 R5

R6

BB2 BB3

R2

F0/1

F0/1

.1

.2

.2

.3

.3

.4 .5

.5

.6

.11

.11

.22 .33

VLAN 11

VLAN 123 VLAN 345

VLAN 56

100.1.1.0/24

123.1.1.0/24 200.1.1.0/24

23.1.1.0/24

56.1.1.0/24

LAB 1-

Physical to Logical Topology Basic configuration



Task 1

Shutdown all ports on all switches.

On All Switches

SWx(config)#Int range f0/1-24

SWx(config-if-range)#Shut

Task 2

Configure the above topology, if this configuration is performed successfully, every router

should be able to ping its neighboring routers in the same subnet.

Lets start with R1 and R2s connection in VLAN 12, we can see that these two routers are connected via their F0/0 interfaces, and the other interfaces of these two routers are connected to other routers via

their F0/1 interface, meaning that the F0/0 interface is not used to connect to other routers, we will see

how to configure that scenario in the next lab.

If the physical topology is checked, you can easily see that the F0/0 interfaces of these two routers are

connected to SW1 ports F0/1 and F0/2 for R1 and R2 respectively, so lets configure these two ports on SW1 in VLAN 12 and verify.

On SW1

SW1(config)#Int range f0/1-2

SW1(config-if-range)#Swi mode acc

SW1(config-if-range)#swi acc v 12

SW1(config-if-range)#No shut

Lets verify:

On SW1

SW1#Show vlan brief | Exc unsup

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6

Fa0/7, Fa0/8, Fa0/9, Fa0/10

Fa0/11, Fa0/12, Fa0/13, Fa0/14



Fa0/15, Fa0/16, Fa0/17, Fa0/18

Fa0/19, Fa0/20, Gi0/1, Gi0/2

12 VLAN0012 active Fa0/1, Fa0/2

Lets configure the F0/0 interfaces of R1 and R2:

On R1

R1(config)#Int F0/0

R1(config-if)#Ip addr 12.1.1.1 255.255.255.0

R1(config-if)#No shut

On R2

R2(config)#Int F0/0



To verify the configuration:

On R1

R2#Ping 12.1.1.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 12.1.1.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

We can configure R2s connection to R3 or R1s connection to BB1, the following configures R1s connection to BB1:

Before we assign an IP address to the interfaces of these routers, lets configure the F0/1 interfaces of R1 and BB1 in VLAN 11, and then, configure the F0/1 interfaces of R1 and BB1.

We can see that these interfaces are connected to SW2s F0/1 and F0/11 for R1 and BB1 respectively, therefore, these two ports on SW2 should be configured in VLAN 11:

On SW2

W2(config)#Int Range f0/1,f0/11


SW2(config-if-range)#Swi acc v 11


On R1



R1(config)#Int F0/1

R1(config-if)#Ip address 100.1.1.1 255.255.255.0


On BB1

BB1(config)#Int F0/1

BB1(config-if)#Ip addr 100.1.1.11 255.255.255.0

BB1(config-if)#No shut


On R1

R1#Ping 100.1.1.11



.!!!!


NOWlets configure the R2 and R3s F0/1 interface in VLAN 23, we can see that these two interfaces are connected to SW2s F0/2 for R2s F0/1 and F0/3 for R3s F0/1 interface.

On SW2

SW2(config)#Int Range F0/2-3


SW2(config-if-range)#swi acc v 23


On R2

R2(config)#Int F0/1



On R3

R3(config)#Int F0/1






On R2

R2#Ping 23.1.1.3



.!!!!


Lets move on to BB1, BB2 and BB3s configuration in VLAN 123. In this case we can see that BB1s F0/0 interface is connected to SW1s port F0/11, and BB2s F0/0 interface is connected to SW1s F0/12 interface, but BB3s F0/1 is connected to SW3s F0/13 interface. But how do we get these routers in the same VLAN? WellSW3 and SW1 are connected va their F0/21 and F0/22 interfaces, we can use one of these two interfaces, in this case lets choose F0/21, therefore, the F0/1 interfaces of SW1 and SW3 should be configured as a trunk allowing VLAN 123 to traverse through this trunk, lets configure the trunk and the VLANs before we configure the routers:

To configure ports F0/11 and F0/12 in VLAN 123:

On SW1

SW1(config)#Int Range f0/11-12




To configure a trunk:

On SW1 and SW3

SWx(config)#Int F0/21

SWx(config-if)#Swi trunk encap dot

SWx(config-if)#swi mode trunk

SWx(config-if)#No shut

Lastly the F0/13 interface of SW3 is configured in VLAN 123

On SW3

Sw3(config)#Int F0/13

Sw3(config-if)#Swi mode acc

Sw3(config-if)#swi acc v 123

Sw3(config-if)#No shut



Lets verify the VLAN configuration:

On SW1

SW1#Show vlan br | Exc unsup


---- -------------------------------- --------- ------------------------------


Fa0/7, Fa0/8, Fa0/9, Fa0/10

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/19, Fa0/20

Fa0/22, Fa0/23, Fa0/24, Gi0/1

Gi0/2



Lets verify the trunk link and ensure that VLAN 123 can traverse through this trunk link:

On SW1

SW1#Show interfaces trunk

Port Mode Encapsulation Status Native vlan

Fa0/21 on 802.1q trunking 1

Port Vlans allowed on trunk

Fa0/21 1-4094

Port Vlans allowed and active in management domain

Fa0/21 1,12,123

Port Vlans in spanning tree forwarding state and not pruned

Fa0/21 1,12,123

Lets verify the VLAN configuration and the trunk interface configured on SW3:

On SW3

Sw3#Show interface trunk




Fa0/21 1-4094




Fa0/21 1,123


Fa0/21 1,123

Sw3#Show vlan br | exc unsup


---- -------------------------------- --------- -------------------------------


Fa0/5, Fa0/6, Fa0/7, Fa0/8

Fa0/9, Fa0/10, Fa0/11, Fa0/12

Fa0/14, Fa0/15, Fa0/16, Fa0/17

Fa0/18, Fa0/19, Fa0/20, Fa0/22

Fa0/23, Fa0/24, Gi0/1, Gi0/2

123 VLAN0123 active Fa0/13

Lets configure the routers:

On BB1




On BB2




On BB3


BB3(config-if)#IP addr 123.1.1.33 255.255.255.0


To test the configuration:

On BB1

BB1#Ping 123.1.1.22





.!!!!


BB1#Ping 123.1.1.33



.!!!!


The ONLY VLAN left to be configured is VLAN 345, by looking at the interfaces of the routers used in

this VLAN we can see that R5 is using its F0/1 interface and not its F0/0, which means that R5s F0/1 interface is not connected to the same Switch as the one that connects R3 and R4. By looking at the

physical topology, we can see that R5s F0/1 interface is connected to SW2s F0/5 interface whereas, the F0/0 interfaces of R3 and R4s connected to SW1, this tells us that we need a trunk connection between SW1 and SW2 allowing VLAN 345 to traverse through this trunk. Since SW1 and SW2 have three

connections between them, in this lab the F0/20 interface is used for the trunk.

On SW1 and SW2


SWx(config-if)#Swi tru enc dot

SWx(config-if)#Swi mode tru

SWx(config-if)#No shut


On SW1

SW2#Show inter trunk




Fa0/20 1-4094


Fa0/20 1,11,23


Fa0/20 none

We do not see VLAN 123 over this trunk because it is not configured, lets configure VLAN 123 on SW1 and SW2, or configure both switches in the same VTP domain and then configure VLAN 123 on one of



the switches, and have VTP messages propagate the VLAN.dat, in this case the later is chosen:

On SW1

SW1(config)#VTP domain TST

Changing VTP domain name from NULL to TST

Remember that a name MUST be assigned or else the VLAN.dat will not be propagated. The following

configures interfaces F0/3 and F0/4 interfaces of SW1 in VLAN 123:

SW1(config)#Int Range f0/3-4



SW1(config-if-range)#No shu

Lets configure the F0/5 interface of SW2 in VLAN 123:

On SW2

SW2(config)#Int F0/5

SW2(config-if)#Swi mode acc

SW2(config-if)#Swi acc v 345

SW2(config-if)#No shut

Lets verify the configuration

On SW2

SW2#Show interface trunk




Fa0/20 1-4094


Fa0/20 1,12,123,345


Fa0/20 1,12,123,345

On SW1








Fa0/20 1-4094

Fa0/21 1-4094


Fa0/20 1,12,123,345

Fa0/21 1,12,123,345


Fa0/20 1,12,123,345

Fa0/21 1,12,123,345

Lets configure R3-5:

On R3

R3(config)#Int F0/0



On R4

R4(config)#Int F0/0



On R5

R5(config)#Int F0/1




On R3

R3#Ping 200.1.1.4



.!!!!




R3#Ping 200.1.1.5



.!!!!


Task 3

Erase the startup configuration and reload the routers and switches before proceeding to the

next lab.



F0/0

VLAN 34

.1

13.1.1.0/24

VLAN 13

F0/0F0/0

F0/0

F0/1

F0/0F0/0

F0/0

F0/0

F0/0

R1

R4

R2

BB1

R5

R6

BB3BB2

R3

F0/1

F0/1

.1.3

.3

.4

.4

.5

.6

.2

.11

.22 .33

VLAN 12

VLAN 123

VLAN 24

VLAN 56

12.1.1.0/24

123.1.1.0/24

24.1.1.0/24

34.1.1.0/24

.4

.2

45.1.1.0/24

VLAN 45.4

.5

F0/1

F0/1

F0/0 .2

.22F0/0

F0/0

F0/0

F0/0

VLAN 22

22.1.1.0/24

56.1.1.0/24

VLAN 16

16.1.1.0/24

.11

LAB 2-

Physical to Logical Topology Intermediate

Configuration



Task 1

Shutdown all ports on all switches.

On All Switches

SWx(config)#Int range f0/1-24

SWx(config-if-range)#Shut

Task 2

Configure the above topology, if this configuration is performed successfully, every router

should be able to ping its neighboring routers in the same subnet.

Lets do a top down configuration starting from VLAN 13.

NOTE: The F0/0 interface of R3 is configured in this VLAN, and the other Ethernet interfaces of this

router are configured in other VLANs, whereas, the F0/0 interface of R1 is configured in two VLANs.

Since this is Physically impossible, logical interfaces can be configured to accomplish this task; to

accomplish this task a trunk is configured with different DOT1q VLAN tags for different VLANs.

Since the F0/0 interface of all routers are connected to SW1, lets configure SW1 for these routers:

On SW1



SW1(config-if)#Swi acc vlan 13


NOTE: Since the F0/1 interface of SW1 is connected to R1s F0/0 interface, and R1s F0/0 interface must be configured in different VLANs, the F0/1 interface of this switch MUST be configured as a trunk.


SW1(config-if)#Swi trunk encap dot1q

SW1(config-if)#Swi mode trunk


Lets configure the routers starting with R3:



On R3

R3(config)#Int F0/0

R3(config-if)#IP addr 13.1.1.3 255.255.255.0


On R1

R1(config)#Int F0/0


R1(config-if)#Int F0/0.13

R1(config-subif)#Encap dot1q 13

R1(config-subif)#Ip addr 13.1.1.1 255.255.255.0


On SW1





Fa0/1 1-4094


Fa0/1 1,13


Fa0/1 1,13

On R1

R1#Ping 13.1.1.3



.!!!!


NOW.lets configure VLAN 34 connecting R3 to R4:

We need some configuration on the switch to which these routers are connected to. Lets begin with the



Switch configuration:

Since the F0/1 interface of R3 is connected to SW2, the F0/3 interface of SW2 must be configured in

VLAN 34:

On SW2





NOTE: R4s F0/1 interface is also connected to SW2, but this interface is also configured in another VLAN (VLAN 45), so we know that the F0/1 interface of R4 must be configured as a trunk and the port

on the switch (SW2) to which it is connected should also be configured as trunk.

On SW2

SW2(config)#int F0/4

SW2(config-if)#Swi trun encap dot1q



Since the switch is configured, lets move on to the routers starting with R3. This routers configuration is very basic and all we need to do is assign an IP address and NO SHUT the F0/1 interface.

On R3

R3(config)#Int F0/1



Lets configure R4; we know that the F0/1 interface of this router must be configured as a trunk.

On R4

R4(config)#Int F0/1


R4(config)#int F0/1.34



To verify and test the configuration:



On SW2





Fa0/4 1-4094


Fa0/4 1,34


Fa0/4 1,34

R4#Ping 34.1.1.3



.!!!!


So we can see that when a Physical Ethernet interface is configured in multiple VLANs, the interface of

the router MUST be configured as a trunk, and the port on the switch that it is connected MUST also be

configured as a trunk.

Lets configure VLAN 12. Just like any VLAN configuration we have some configuration to perform on the switch/es and some configuration on the router/s.

In this VLAN, R1s F0/0 interface must be configured with another sub-interface, remember earlier the F0/0 interface of R1 was configured with a sub-interface for VLAN 13; we also know that the F0/1

interface of the switch SW1 is already configured as a trunk, lets verify this information:

On SW1





Fa0/1 1-4094




Fa0/1 1,13


Fa0/1 1,13

Lets configure SW1 for R2, but once again we can see that the F0/0 interface of R2 is configured in two different VLANs, this means that the F0/0 interface of R1 and the port to which it is connected to MUST

be configured as trunk.

On SW1





On R1

R1(config)#Int F0/0.12


R1(config-subif)#Ip address 12.1.1.1 255.255.255.0

On R2

R2(config)#Int F0/0






On R1

R1#Ping 12.1.1.2



.....

Success rate is 0 percent (0/5)

What went wrong?

Lets verify and see if the VLAN is allowed to traverse over the trunk links:



On SW1






Fa0/1 1-4094

Fa0/2 1-4094


Fa0/1 1,13

Fa0/2 1,13


Fa0/1 1,13

Fa0/2 1,13

ONLY VLAN 13 is allowed over the trunk, but WHY? Lets see all the configured VLANs:

On SW1

SW1#Show vlan brie | Exc unsup


---- -------------------------------- --------- -------------------------------


Fa0/8, Fa0/9, Fa0/10, Fa0/11

Fa0/12, Fa0/13, Fa0/14, Fa0/15

Fa0/16, Fa0/17, Fa0/18, Fa0/19

Fa0/20, Fa0/21, Fa0/22, Fa0/23

Fa0/24, Gi0/1, Gi0/2

13 VLAN0013 active Fa0/3

VLAN 13 was created when the F0/3 interface of SW1 was placed in VLAN 13, since none of the

interfaces of SW1 is implicitly configured in VLAN 12 this VLAN was never created. Lets configure VLAN 12 on SW1:

On SW1

SW1(config)#VLAN 12

SW1(config-vlan)#Exit

R1#Ping 12.1.1.2





.!!!!


Lets configure VLAN 24:

On SW1

NOTE: Since by placing the F0/4 interface of SW1 in VLAN 24, the IOS will auto-create this VLAN,

therefore, we wont run into the previous problem.

SW1(config)#int F0/4




On R2

Another sub-interface is configured in VLAN 24:




On R4

R4(config)#Int F0/0




On R2

R2#Ping 24.1.1.4



.!!!!


NEXT VLAN is VLAN 22. We can easily see that another sub-interface must be configured on R2. The

switch, SW1s F0/2 interface is already configured as trunk. BB2s F0/0 interface is in two different VLANs, so a trunk must be configured on the F0/0 interface of the BB2 and the port to which the



interface is connected to.

Lets start with SW1s configuration:

On SW1

The port that BB2s F0/0 interface is connected is configured as a trunk to allow VLANs 22 and 123 to traverse through:


SW1(config-if)#Swi tru encap dot1q

SW1(config-if)#SWi mode trunk


VLAN 22 MUST be configured on the switch:

SW1(config)#Vlan 22

SW1(config-vlan)#exit

Lets configure another sub-interface for VLAN 22:

On R2




On BB2



BB2(config)#Int F0/0.22

BB2(config-subif)#Encap dot1q 22

BB2(config-subif)#Ip addr 22.1.1.22 255.255.255.0


On R2

R2#Ping 22.1.1.22



.!!!!




Before going further into the configuration of this topology, lets summarize what we have covered in this lab:

When configuring routers in a VLAN we MUST pay attention to the following:

If the routers interface is in ONE VLAN, then, configure the VLAN on the switch and place the interface to which the router is connected to in that VLAN.

If the routers interface is configured in multiple VLANs, then configure the interface of the router as a trunk. ISL encapsulation is only available on the older IOS and routers, therefore the ONLY

encapsulation is DOT1q, and this means we configure multiple sub-interfaces on the router. Each sub-

interface should be configured in the appropriate VLAN as identified in the topology. The switchport to

which the router is connected to, must also be configured as a trunk, YOU MUST ENSURE THAT THE

VLAN IS CONFIGURED AND IT IS ALLOWED TO TRAVERSE THROUGH THE TRUNK.

Lets configure VLAN 45. R4 needs another sub-interface configuration; R5s F0/1 interface must be configured as trunk because it is in two different VLANs, and the F0/5 interface of SW2 should also be

configured as a trunk and VLAN 45 MUST be configured/created on SW2.

On SW2





SW2(config)#Vlan 45


On R4


R4(config-subif)#encap dot1q 45


On R5

R5(config)#Int F0/1








On R4

R4#Ping 45.1.1.5



.!!!!


Lets configure VLAN 123. We know that the following must be configured:

The F0/0 interface of BB3 must be configured in VLAN 123

The F0/13 interface of SW1 must be configured in VLAN 123, this is the interface that BB3s F0/0 interface is connected to

BB1s F0/0 must be configured as a trunk, since it is a member of multiple VLANs, VLAN 123, and VLAN 16.

The interface of the switch to which BB1 is connected to must also be configured as a trunk.

Another sub-interface must be configured on BB2.

On SW1





On BB3




On BB1



BB1(config-if)#Int F0/0.123



On SW1




SW1(config-if)#Swi tru encap dot1q


SW1(config-if)#No shu

On BB2





On BB2

BB2#Ping 123.1.1.11



.!!!!


BB2#Ping 123.1.1.33



.!!!!


The second to last VLAN is VLAN 16. To configure this VLAN we must configure the following:

The F0/0 interface of R6 should be configured as a trunk, because it is connected to two different VLANs, VLAN 16 and VLAN 56.

The F0/6 interface of SW1 must be configured as a trunk; this is the interface to which R6s F0/0 interface is connected to.

VLAN 16 must be configured on this switch.

Another sub-interface must be configured on BB1 for this VLAN.

On R6

R6(config)#Int F0/0







On SW1





SW1(config)#VLAN 16

SW1(config-vlan)#Exit

On BB1





On BB1

BB1#Ping 16.1.1.6



.!!!!


NOWthe last VLAN in this topology, VLAN 56.

In this case we can see that R5 is using its F0/1 and R6 is using its F0/0 interface, this means that they are connected to two different switches. This means that a trunk must be configured to

connect these two switches and the trunk must allow the VLAN to traverse through this trunk

link.

A sub-interface must be configured on R5 for this VLAN

A sub-interface must be configured on R6 for this VLAN

VLAN 56 must be configured on BOTH SWITCHES, or VTP messages must be configured to propagate the VLAN.

On SW1



SW1(config)#Vlan 56


On SW2

SW2(config)#Vlan 56


To configure a trunk link between the switches:

On SW1 and SW2


SWx(config-if)#Swi tru enc dot

SWx(config-if)#Swi mode trunk

SWx(config-if)#No shu

On R5


R5(config-subif)#Encap dot 56


On R6


R6(config-subif)#Encap dot 56


To verify and test the configuration

On SW1

SW1#Show inter F0/18 trunk




Fa0/18 1-4094


Fa0/18 1,12-13,16,22,24,56,123




Fa0/18 1,12-13,16,22,24,56,123

On SW2

SW2#Show interface f0/18 trunk




Fa0/18 1-4094


Fa0/18 1,34,45,56


Fa0/18 1,34,45,56

On R5

R5#Ping 56.1.1.6



.!!!!


Task 3

Erase the startup configuration and reload the routers and switches before proceeding to the

next lab.



SW1 SW2

F0/19

F0/20

Task 1

Shutdown all ports on the four switches.

On All Switches:

Switch(config)#Int range f0/1-24

Switch(config-if-range)#Shut


On All Switches:

Switch#Show interface status | Exc disabled|notconnect

Port Name Status Vlan Duplex Speed Type

LAB 2- Spanning-tree Protocol 802.1D



Task 2

Configure Dot1q trunking on the F0/19 and F0/20 interfaces of SW1 and SW2.

On SW1 and SW2

SW2(config)#Int range f0/19-20

SW2(config-if-range)#Switchport trunk encapsulation dot1q

SW2(config-if-range)#Switchport mode trunk



On SW1

SW1#Show inter trunk





Fa0/19 1-4094

Fa0/20 1-4094


Fa0/19 1

Fa0/20 1


Fa0/19 none

Fa0/20 none

Task 3

Which switch is the root bridge and why?

Before we start with the show commands, lets review the STP protocol:

When the switches come up, they will both think of themselves as the root bridge, and they will send

BPDUs out every port advertising them as the root bridge. What does a BPDU look like?



2 Bytes 1 Byte 1 Byte 1 Byte 8 Bytes 4 Bytes 8 Bytes 2 Bytes 2 Bytes 2 Bytes 2 Bytes 2 Bytes

Protocol-ID Version Msg Type Flags Root ID Root-Path-Cost Bridge-ID Port-ID Msg Age Max Age Hello Time Forward-delay

Lets explain the fields:

Protocol-ID Indicates the type of the protocol, its set to zero

Version Identifies the version of the protocol, its set to zero

Message Type Indicates the type of message, its set to zero

Flags This field includes one of the following: TC-bit, which signals a topology change

TCA-bit, which is set to ACK the receipt of a configuration Message with the TC-bit set

Root ID The BID of the root bridge

Root Path Cost Cumulative cost of the sending bridge to the root bridge

Bridge ID Indicates the Priority and the BID of the sending bridge

Port ID Indicates the port number through which the BPDU was sent

Message Age The elapsed time since the root bridge sent the configuration message

Max-Age Indicates when the current configuration message should be deleted

Hello Time The time between the root bridge configuration messages

Forward-delay indicates the legth of time that the bridge should wait before transitioning to a new state after a topology change

So initially, every switch will set the Root-ID and the Bridge-ID to the local BIDs value.

Lets see the BID of each switch:

On SW1

SW1#Show spanning-tree

VLAN0001

Spanning tree enabled protocol ieee

Root ID Priority 32769

Address 0012.7f40.9380

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)

Address 0012.7f40.9380


Aging Time 300



Interface Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- ----------------------

Fa0/19 Desg FWD 19 128.21 P2p

Fa0/20 Desg FWD 19 128.22 P2p

We can see that the BID which is a concatenation of Priority value and the MAC address in the Bridge-

ID and the Root ID section of the above show command are identical, which means that this bridge

MUST be the root bridge, and the area that is highlighted in green clearly states that the This bridge is the root.

The receiving bridge compares the Root-id to its own Root-id, and the lower value wins and if the

received Root-id is better (Lower) than the local Root-id, then, the local Root-id is replaced with the

Root-id in the received BPDUs.

Since the MAC address is different on every switch, the priority is looked at first, and as a tie breaker

the switch with a lowest MAC address becomes the Root bridge.

Lets look at SW2:

On SW2


VLAN0001



Address 0012.7f40.9380

Cost 19

Port 21 (FastEthernet0/19)



Address 001d.e5d6.0000


Aging Time 300


---------------- ---- --- --------- -------- --------------

Fa0/19 Root FWD 19 128.21 P2p

Fa0/20 Altn BLK 19 128.22 P2p

Another way of knowing which switch is the Root bridge is to use the following command:

On SW2

SW2#Show spanning-tree root



Root Hello Max Fwd

Vlan Root ID Cost Time Age Dly Root Port

---------------- -------------------- --------- ----- --- --- ---------

VLAN0001 32769 0012.7f40.9380 19 2 20 15 Fa0/19

NOTE: The last field (Root Port) indicates that the root bridge is found through F0/19 interface. Lets use CDP to find out the device that is connected to F0/19 interface:

SW2#Show cdp neighbor F0/19 | B Device ID

Device ID Local Intrfce Holdtme Capability Platform Port ID

SW1 Fas 0/19 173 S I WS-C3560-2Fas 0/19

Lets check SW1:


Root Hello Max Fwd


---------------- -------------------- --------- ----- --- --- ----------

VLAN0001 32769 0012.7f40.9380 0 2 20 15

NOTE: The Root Port column is empty, which indicates that this switch is the Root bridge.

Task 4

Which port is the Root-Port?

Every None Root Bridge must select a Root Port. The Root Port is the closest port to the Root Bridge.

The Root port calculation is based on the Root-Path-Cost, which is the cumulative cost of all links to

the Root Bridge.

In this topology, SW2 is the None Root Bridge, so lets find out the Root Port:

On SW2

SW2#Show spanning-tree | B Interface


---------------- ---- --- --------- -------- -----

Fa0/19 Root FWD 19 128.21 P2p

Fa0/20 Altn BLK 19 128.22 P2p



We can clearly see that the F0/19 of SW2 is the root port, but what if there is a tie?

Lets go through the golden rules that STP uses to break ties:

A lower Root BID

A lower Path cost to the Root Bridge

A lower Sending BID

A lower Sending Port-ID, which is the combination of Priority.Port-id

Since the Root Bridge is already known, lets go with the second rule and check the Path cost to the Root Bridge:

On SW2

SW2#Sh spanning-tree root

Root Hello Max Fwd


---------------- -------------------- --------- ----- --- --- ----------

VLAN0001 32769 0012.7f40.9380 19 2 20 15 Fa0/19

Lets shutdown the F0/19 interface and check the cost through F0/20 interface: SW2(config)#Int F0/19

SW2(config-if)#Shut


Root Hello Max Fwd


---------------- -------------------- --------- ----- --- --- ----------

VLAN0001 32769 0012.7f40.9380 19 2 20 15 Fa0/20

Lets enable the F0/19 interface of SW2:

On SW2 SW2(config)#Int F0/19


In this case both F0/19 and F0/20 have the same cost.

So since the cost to the Root Bridge is the same through both paths, lets check the next rule, which is the Lower Sending BID, in this case it will be the same, since both interfaces are connected to the same Switch (SW1); therefore, lets look at the last rule, The lowest sending Port-ID, to find out the



lowest sending port-id, we can use the Show spanning-tree command:

On SW2



---------------- ---- --- --------- -------- -----

Fa0/19 Root FWD 19 128.21 P2p

Fa0/20 Altn BLK 19 128.22 P2p

We can see why the F0/19 interface is the Root port and the F0/20 interface is in BLK state, the Prio.Nbr column reveals the priority.Port-ID of the neighboring switch. You can see that the F0/19 interface and the F0/20 interface receive the same port-priority value from SW1, but the port-id is

lower through the local F0/19 interface versus the F0/20 interface of SW2.

Task 5

Which port is the Designated-Port for the two segments?

There should be one designated port per segment, there are two segments connecting the two switches,

since SW1 is the Root Bridge, and all the ports on the Root bridge will always be in designated state,

ports F0/19 and F0/20 of SW1 is elected as the designated ports on the two segments; the designated

ports are elected based on the lowest path cost.

lets verify:

On SW1


Root Hello Max Fwd


---------------- -------------------- --------- ----- --- --- ----------

VLAN0001 32769 0012.7f40.9380 0 2 20 15

NOTE: No matter which port is used on the root bridge (SW1), the cost is zero, and that is why all

interfaces on the Root bridge will always be in designated state because they will always be the closest

interface to the root bridge.



Task 6

Which port is in the BLK state?

Once all the designated ports and the Root ports are determined, the rest of the port/s (Left over ports)

will be in blocked state, lets verify:

On SW1

SW1#Show spanning-tree blockedports

Name Blocked Interfaces List

-------------------- ------------------------------------

Number of blocked ports (segments) in the system : 0

Of course, there should NOT be any ports in blocking state on the root bridge. Lets verify the blocked port on SW2:

On SW2

SW2#Show spanning-tree blockedports

Name Blocked Interfaces List

-------------------- ------------------------------------

VLAN0001 Fa0/20

Number of blocked ports (segments) in the system : 1

Lets verify that information:

On SW2



---------------- ---- --- --------- -------- -----

Fa0/19 Root FWD 19 128.21 P2p

Fa0/20 Altn BLK 19 128.22 P2p



Task 7

Configure SW2 such that its F0/20 interface transitions into FWD state and the F0/19 interface transitions into BLK state.

The BLK port is the port with the highest path cost, therefore, if the cost of the F0/20 interface is changed to be lower than the F0/19 interface, then the F0/20 interface will transition into FWD state and the F0/19 interafce will transition into BLK state. Lets test this:

On SW2


SW2(config-if)#Spanning-tree cost 10


On SW2



---------------- ---- --- --------- -------- -----

Fa0/19 Altn BLK 19 128.21 P2p

Fa0/20 Root LIS 10 128.22 P2p

SW2#Show spannin | B Interface


---------------- ---- --- --------- -------- -----

Fa0/19 Altn BLK 19 128.21 P2p

Fa0/20 Root LRN 19 128.22 P2p



---------------- ---- --- --------- -------- -----

Fa0/19 Altn BLK 19 128.21 P2p

Fa0/20 Root FWD 10 128.22 P2p

We can see that the F0/20 goes through Listenening and learning state and transitions into FWD state, and the F0/19 transitions into BLK state.



Task 8

Remove the configuration commands from the previous task, and configure SW1 such that

the F0/20 interface of SW2 transitions into FWD state and the F0/19 interface of SW2 transitions into BLK state.

On SW2

SW2(config)#int f0/20

SW2(config-if)#No Spanning-tree cost 10


On SW2



---------------- ---- --- --------- -------- -----

Fa0/19 Root FWD 19 128.21 P2p

Fa0/20 Altn BLK 19 128.22 P2p

To configure SW1


SW1(config-if)#Spanning-tree port-priority 0


On SW1



---------------- ---- --- --------- -------- -----

Fa0/19 Desg FWD 19 128.21 P2p

Fa0/20 Desg FWD 19 0.22 P2p

On SW2





---------------- ---- --- --------- -------- -----

Fa0/19 Altn BLK 19 128.21 P2p

Fa0/20 Root FWD 19 128.22 P2p

As you can see, when it comes to port-pirority, it affects the neighboring switch.

Task 9

Configure SW2 to be the root bridge. You should use a macro to accomplish this task.

To accomplish this task using a MACRO, we can use, the root Primary, lets test this MACRO:

On SW2

SW2(config)#Spanning-tree vlan 1 root primary


On SW2

SW2#Show spanning-tree vlan 1

VLAN0001









Aging Time 15


---------------- ---- --- --------- -------- ------

Fa0/19 Desg FWD 19 128.21 P2p

Fa0/20 Desg FWD 19 128.22 P2p

NOTE: The default priority is 32768, and with every VLAN, the default value is incremented by the

VLAN ID, in this case the ONLY VLAN in the Database is VLAN 1, therefore, 32768 + 1 = 32769.



Using the Spanning-tree root primary Macro, the total priority is reduced by 8192, so:

32769 8192 = 24577, and we know that the switch with the lowest priority will become the root bridge.

Task 10

Remove the command from the previous task, and configure SW2 to be the root bridge. You

should NOT use a macro to accomplish this task.

On SW2

SW2(config)#No spanning-tree vlan 1 root pri


On SW1


VLAN0001



Address 0012.7f40.9380




Address 0012.7f40.9380


Aging Time 15


---------------- ---- --- --------- -------- -----

Fa0/19 Desg FWD 19 128.21 P2p

Fa0/20 Desg FWD 19 0.22 P2p

On SW2

SW2(config)#Spanning-tree vlan 1 priority 0




On SW2

SW2#Show spanning-tree vlan 1

VLAN0001


Root ID Priority 1







Aging Time 15


---------------- ---- --- --------- -------- -----

Fa0/19 Desg FWD 19 128.21 P2p

Fa0/20 Desg FWD 19 128.22 P2p

Task 11

Remove the command from the previous task, and configure two VLANs 100 and 200. SW1

should be configured such that on SW2 the traffic for VLAN 100 takes the F0/19 interface,

whereas, the traffic for VLAN 200 takes the F0/20 interface.

On SW2

SW2(config)#No Spanning-tree vlan 1 priority 0

On SW1

SW1(config)#int f0/20

SW1(config-if)#No spanning-tree port-priority 0

SW1(config)#vtp domain tst

Changing VTP domain name from NULL to tst

SW1(config)#VLAN 100,200





On SW2

SW2#Show vlan brie | Exc unsup


---- -------------------------------- --------- ------------------------


Fa0/5, Fa0/6, Fa0/7, Fa0/8

Fa0/9, Fa0/10, Fa0/11, Fa0/12

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/21, Fa0/22

Fa0/23, Fa0/24, Gi0/1, Gi0/2

100 VLAN0100 active

200 VLAN0200 active

We can see that the configured VLANs (100 and 200) are propagated to SW2 via VTP messages. Lets configure the load sharing part of this task:


SW1(config-if)# Spanning-tree vlan 100 port-priority 16

SW1(config-if)#int f0/20

SW1(config-if)#Spanning-tree vlan 200 port-priority 16


On SW2

The output of the following show commands reveal that on SW2 the traffic for VLAN 100 uses the

F0/19 interface, whereas, the traffic for VLAN 200 uses the F0/20 interface.

SW2#Show spanning-tree vlan 100 | B Interface


---------------- ---- --- --------- -------- -----

Fa0/19 Root FWD 19 128.21 P2p

Fa0/20 Altn BLK 19 128.22 P2p



---------------- ---- --- --------- -------- -----

Fa0/19 Altn BLK 19 128.21 P2p



Fa0/20 Root FWD 19 128.22 P2p

Lets verify these values on SW1

On SW1



---------------- ---- --- --------- -------- -----

Fa0/19 Desg FWD 19 16.21 P2p

Fa0/20 Desg FWD 19 128.22 P2p



---------------- ---- --- --------- -------- -----

Fa0/19 Desg FWD 19 128.21 P2p

Fa0/20 Desg FWD 19 16.22 P2p

Task 12

Erase the startup configuration and vlan.dat and reload the switches before proceeding to the

next lab.



R1R1

R4

R3

R2

S0/0

S0/0

S0/0

S0/0

104

103

102

401

301

201

10.1.1.1 /24

10.1.1.4 /24

10.1.1.3 /24

10.1.1.2 /24

IP addressing and DLCI information Chart:

Routers IP address Local DLCI Connecting to:

R1s S0/0

10.1.1.1 /24 102

103

104

R2

R3

R4

R2s S0/0 10.1.1.2 /24 201 R1

R3s S0/0 10.1.1.3 /24 301 R1

R4s S0/0 10.1.1.4 /24 401 R1

Lab 1 Multipoint Hub-n-Spoke using

Frame-relay map statements



Task 1

Configure a frame-relay Hub and spoke using frame-relay map statements. Use the IP

addressing in the above chart.

Disable inverse-arp such that the routers do not generate inverse-arp request packets, and

ensure that only the assigned DLCIs in the above diagram are used and mapped, these

mappings should be as follows:

On R1: DLCIs 102, 103 and 104 should be mapped to R2, R3 and R4 respectively.

On R2, R3 and R4: DLCIs 201, 301 and 401 should be used on R2, R3 and R4 respectively for their mappings to R1 (The hub).

In the future Eigrp routing protocol will be configured on these routers, ensure that the

routers can handle the Multicast traffic generated by the Eigrp routing protocol. DO NOT

configure any sub-interface(s) to accomplish this task.

On R1 R1(config)#Int S0/0

R1(config-if)#IP address 10.1.1.1 255.255.255.0

R1(config-if)#Encapsulation frame

R1(config-if)#Frame-relay map ip 10.1.1.2 102 broadcast



R1(config-if)#NO frame-relay inverse-arp

R1(config-if)#NO shut


On R1

R1#Show frame-relay map

Serial0/0 (up): ip 10.1.1.2 dlci 102(0x66,0x1860), static,

broadcast,

CISCO, status defined, inactive


broadcast,



broadcast,




You may see DLCIs 105 and 106 mapped to 0.0.0.0 IP address, these dynamic mappings may not affect

Unicast traffic, but they will affect Multicast and/or Broadcast traffic, therefore, they should be

removed from the mapping table. The Clear frame-relay inarp command will NOT have any effect on these entries, whereas, saving the configuration and then reloading the routers will definitely clear

the 0.0.0.0 mappings. Another way to clear the 0.0.0.0 mapping is to remove the encapsulation and reconfigure the encapsulation back again, but once the encapsulation is removed, the frame-relay

commands configured under the interface are also removed.

The output of the above show command shows that the DLCIs are all in inactive status, this means that the problem is on the other side of the VC, in this case, the other end of these VCs are not

configured yet, and once they are configured, the status should transition to active state.

Lets configure the spoke routers:

On R2

R2(config)#Int S0/0







On R2

Lets start with layer one and see if we have a serial cable connected to the Frame-relay switch, if so, which end of the cable is connected to our router, DTE or DCE?

The output of the following show command shows that the DTE end of the cable is connected to our

local router, and the Clocks detected tells us that we are receiving clocking from a DCE device. This should always be the first step in troubleshooting frame-relay. If the output of the following command

showed that we have the DCE end of the cable connected to our router, then, the local router has to

provide clocking, which means that the Clock rate command MUST be configured on the physical interface or else the VC will NOT transition into UP/UP state.

R2#Show controller S0/0 | Inc clocks

DTE V.35 TX and RX clocks detected.

In the next step, we should see if the local router is exchanging LMIs with the frame-relay switch.

NOTE: Keepalive LMIs are exchanged every 10 seconds, which means that if the frame-relay switch is

configured correctly and the LMI types are also configured correctly (They match on the router and



the switch), then, you should see the number of status Enquires sent and received increment every 10

seconds.

R2#Show frame-relay lmi | Inc Num

Num Status Enq. Sent 68 Num Status msgs Rcvd 69

Num Update Status Rcvd 0 Num Status Timeouts 0

R2#Show frame-relay lmi | Inc Num

Num Status Enq. Sent 69 Num Status msgs Rcvd 70

Num Update Status Rcvd 0 Num Status Timeouts 0

Next the frame-relay maps are checked:

R2#Show frame-relay map 201

Serial0/0 (up): ip 10.1.1.1 dlci 201(0xC9,0x3090), static,

broadcast,

CISCO, status defined, active

NOTE: The output of the above show command reveals that the remote IP address of 10.1.1.1 is

mapped to the local DLCI of 201. Make sure you see the correct IP address.

In the paranthesis, DLCI 201 is presented in Hexadecimal and Q922 format. If the Hexadecimal value

of 0xC9 is converted to decimal, the result is 201, which is the local DLCI number.

The second Hexadecimal value of 0x3090, indicates how the DLCI is split into two sections within the Frame-relay header; a DLCI is a 10 bit digit and the first 6 bits (The most significant 6 bits) are in the

first byte and the last 4 bits of the DLCI, is found in the beginning of the second byte of the Frame-

relay frame, as follows:

Frame Relay header structure

Notice how the 10 bits are divided? 6 bits are in the first BYTE and the remaining 4 bits are in the

second Byte.

If the hex value of 0x3090 is converted to decimal, you will once again see a DLCI value of 201. As follows:



Convert 0x3090 to Binary:

3 0 9 0

0011 0 0 0 0 1001 0000

Take the most significant 6 bits, in this case: 001100

Take the most significant 4 bits of the second byte, in this case: 1001

Note the most significant 6 bits of the first byte and the most significant 4 bits of the second byte are

concatenated into a 10 bit value, as follows:

0011001001

If the above binary number is converted to decimal (1 + 8 + 64 + 128), you should get 201.

In the final step, an end to end reachability is tested:

R2#Ping 10.1.1.1



!!!!!


Lets configure R3:








On R3 R3#Ping 10.1.1.1



!!!!!




R3#Show frame map

Serial0/0 (up): ip 10.1.1.1 dlci 301(0x12D,0x48D0), static,

broadcast,


Lets configure R4:


R4(config)#Ip address 10.1.1.4 255.255.255.0

R4(config)#Encapsulation frame

R4(config)#Frame-relay map ip 10.1.1.1 401 broadcast

R4(config)#NO frame-relay inverse-arp

R4(config)#NO shut


On R4

R4#Ping 10.1.1.1



!!!!!


R4#Show frame-relay map


broadcast,


Task 2

Ensure that every router can ping every IP address connected to the cloud. When configuring

this task, ensure that the hub router does NOT receive redundant routing traffic.



NOTE: Every IP address connected to the cloud also includes the local routers IP address. Lets test the existing situation:

Remember routers IP address is also connected to the cloud

On R1

R1#Ping 10.1.1.1



.....


The ping is NOT successful. Lets enable the Debug Frame-relay packet and try the ping again: R1#Debug Frame-relay packet

Frame Relay packet debugging is on

R1#Ping 10.1.1.1



You should see the following debug output:

Serial0/0:Encaps failed--no map entry link 7(IP).






Lets disable the debug:

On R1 R1#u all

The output of the above debug states that there is NO mapping and encapsulation failed because of

that; Frame-relay can be configured in two different ways: Multipoint and Point-to-point.

There is ONLY one way to configure frame-relay in a point-to-point manner, and thats through a point-to-point sub-interface configuration, whereas, a multipoint can be configurd in two ways:



Perform the entire configuration directly under the main interface.

Configure a sub-interface in a multipoint manner.

Since the entire configuration was performed without the use of sub-interfaces, this is a multipoint

interface. In a multipoint frame-relay configuration two conditions must be met before an IP address

is reachable:

A. The destination IP address must be in the routing table with a valid next hop. B. There must be a frame-relay mapping for that destination.

In this case the destination IP address is in the routing table, but the frame-relay mapping is missing.

When configuring the frame-relay mapping, you can use any active DLCI on the local router:

On R1 R1(config)#Interface S0/0

R1(config-if)#Frame-relay map ip 10.1.1.1 102

NOTE: Since the local router will NOT be sending Multicast or Broadcast traffic to itself, there is no

need to add the Broadcast keyword for this mapping configuration.


On R1 R1#Ping 10.1.1.1



!!!!!


Lets test R2s reachability, we already know that it needs a frame-relay map or else it will not be able to ping its own IP address, lets configure one and test:

On R2

R2(config)#Int S0/0



On R2



R2#Ping 10.1.1.2



!!!!!


Lets see if R2 can ping the other spokes:

On R2 R2#Ping 10.1.1.3



.....


R2#Ping 10.1.1.4



.....


Do we have frame-relay mappings for these destinations? Lets check:

On R2 R2#Show frame-relay map




broadcast,


NOTE: There are two frame-relay mappings, one for 10.1.1.2 and the second one is for 10.1.1.1 IP

addresses. Lets add two more frame-relay mappings, one for 10.1.1.3 and the second one for 10.1.1.4:






There are two points that you need to remember:

a. The destination IP address must be in the routing table with a valid next hop. b. There must be a frame-relay mapping for that destination.


On R2

R2#Ping 10.1.1.3



.....


Lets turn on the Debug Frame-relay packet and ping again and see the result:

On R2 R2#Deb frame pack

Frame Relay packet debugging is on

R2#Ping 10.1.1.3



Serial0/0(o): dlci 201(0x3091), pkt type 0x800(IP), datagramsize 104.






It seems like the local router (R2) is sending the packets out, lets enable the same debugging on R3 and see the result:

On R2 R2#Ping 10.1.1.3





.....


On R3 Serial0/0(i): dlci 301(0x48D1), pkt type 0x800, datagramsize 104

Serial0/0:Encaps failed--no map entry link 7(IP)

It looks like R3 is missing frame-relay map back to R2. Lets configure a frame-relay map on R3 for R2 and test again:

On R3

R3(config)#Int S0/0



On R2 R2#Ping 10.1.1.3



!!!!!


Perfect..Lets do the same on R4.


R4(con

Documents

Sample-Narbik CCIE Foundation Book