IE RS lab 10 overview

CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
IEWB-RS Lab 10
Difficulty Rating (10 highest): 8
Lab Overview:
The following scenario is a practice lab exam designed to test your skills at
configuring Cisco networking devices. Specifically, this scenario is designed to
assist you in your preparation for Cisco Systems CCIE Routing and Switching
Lab exam. However, remember that in addition to being designed as a
simulation of the actual CCIE lab exam, this practice lab should be used as a
learning tool. Instead of rushing through the lab in order to complete all the
configuration steps, take the time to research the networking technology in
question and gain a deeper understanding of the principles behind its operation.
Lab Instructions:
Prior to starting, ensure that the initial configuration scripts for this lab have been
applied. For a current copy of these scripts, see the Internetwork Expert
members site at http://members.internetworkexpert.com
Refer to the attached diagrams for interface and protocol assignments. Any
reference to X in an IP address refers to your rack number, while any reference
to Y in an IP address refers to your router number.
Upon completion, all devices should have full IP reachability to all networks in the
routing domain, including any networks generated by the backbone routers
unless explicitly specified.
Lab Do s and Don ts:
" Do not change or add any IP addresses from the initial configuration
unless otherwise specified
" Do not change any interface encapsulations unless otherwise specified
" Do not change the console, AUX, and VTY passwords or access methods
unless otherwise specified
" Do not use any static routes, default routes, default networks, or policy
routing unless otherwise specified
" Save your configurations often
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 197 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
Grading:
This practice lab consists of various sections totaling 100 points. A score of 80
points is required to achieve a passing score. A section must work 100% with the
requirements given in order to be awarded the points for that section. No partial
credit is awarded. If a section has multiple possible solutions, choose the solution
that best meets the requirements.
Grading for this practice lab is available when configured on Internetwork
Expert s racks, or the racks of Internetwork Expert s preferred vendors. See
Internetwork Expert s homepage at http://www.internetworkexpert.com for more
information.
Point Values:
The point values for each section are as follows:
Section Point Value
Bridging & Switching 7
WAN Technologies 6
Interior Gateway Routing 27
Exterior Gateway Routing 15
IP Multicast 11
IPv6 7
QoS 7
Security 6
System Management 5
IP Services 9
GOOD LUCK!
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 198 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
1. Bridging & Switching
1.1. Core Layer Two
" Configure the VTP domain CCIE on SW1, SW2, SW3, and SW4.
" SW1 should be a VTP server and SW3 & SW4 should be VTP clients.
" SW2 should keep an independent VTP database.
" Bring up the following preconfigured trunk links:
o SW1 Fa0/14 and SW2 Fa0/14
o SW2 Fa0/17 and SW3 Fa0/17
o SW3 Fa0/19 and SW4 Fa0/19
" Create VLANs 7 and 9.
" Ensure VLAN information is propagated correctly between the VTP server
and the VTP clients.
4 Points
1.2. Interface Bundling
" Create 3 Etherchannel links using the information below and the IP
addressing from the diagram:
o Channel Group 14: SW1 Fa0/19 21 and SW4 Fa0/13 15
o Channel Group 23: SW2 Fa0/18 and SW3 Fa0/18
o Channel Group 34: SW3 Fa0/20 21 and SW4 Fa0/20 21
3 Points
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 199 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
2. Frame Relay
2.1. Point-to-Point
" Configure the Frame Relay connections between R3 & R4 and R3 & R5
using only the DLCIs specified in the diagram.
" These routers should not automatically map layer 3 to layer 2.
" The use of the frame-relay map command on R3 is prohibited.
" R4 and R5 should use only their main Serial interfaces.
2 Points
2.2. Point-to-Point
" Configure the Frame Relay connections between R1 & R2 and R2 & R3
using only the DLCIs specified in the diagram.
" Do not use Frame Relay Inverse-ARP.
" Do not use the frame-relay map command on R2 or R3.
" Use only the main interface on R1.
2 Points
2.3. Point-to-Point
" Configure the Frame Relay connection between R6 & BB1 using R6 s
main Serial interface and the VC information provided in the diagram.
" Do not use Frame Relay Inverse-ARP on R6 to resolve BB1 s IP address.
2 Points
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 200 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
3. Interior Gateway Routing
3.1. EIGRP
" Configure EIGRP AS 100 on R1, R2, R3, R6, and SW2.
" Enable EIGRP on VLAN 18, VLAN 26.
" Enable EIGRP on the Frame Relay circuits between R1 & R2 and R2 &
R3.
" Enable EIGRP on the PPP link between R1 and R3.
" Advertise the Loopback 0 interfaces of all of these devices into EIGRP.
2 Points
3.2. Load Distribution
" One of the deciding factors in choosing EIGRP as an IGP in your network
was the ability to do unequal cost load balancing. Therefore your network
design specification dictates that all traffic from hosts on VLAN 18
destined for hosts on VLAN 26 be load balanced across all links in the
transit path.
" Assume that the Frame Relay circuit between R1 & R2 is provisioned at
256Kbps, the circuit between R2 & R3 is provisioned at 1.28Mbps, and
that the PPP link between R1 & R3 is a full T1 of 1.536Mbps.
" Configure your network so that R1 distributes traffic between R3 and R2 in
a ratio of 5:1 respectively.
3 Points
3.3. OSPF
" Configure OSPF area 0 on the Frame Relay links between R3, R4, and
R5.
" Do not use the ip ospf network command on R3.
" Advertise VLANs 5 and 55 into OSPF R5.
" The VLAN 5 and 55 subnets should appear as Intra-area routes on R3.
2 Points
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 201 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
3.4. OSPF
" Configure OSPF area 1 on the PPP link between R4 and R5.
" Advertise the Loopback 0 networks of R4 and R5 into OSPF area 1.
" These networks should appear in the OSPF enabled device s routing
tables at /24 routes.
" Do not use the network command under the OSPF process to accomplish
this task.
3 Points
3.5. OSPF
" Configure OSPF area 38 according to the network diagram.
" Advertise SW1, SW3, and SW4 s Loopback 0 interfaces into OSPF area
38.
" Traffic from VLAN 7 destined for VLAN 5 should transit the PPP link
between R4 and R5.
3 Points
3.6. OSPF
" Authenticate all OSPF area 0 adjacencies with the clear-text password
CISCO.
" Do not use the area 0 authentication command to accomplish this.
3 Points
3.7. RIP
" Configure RIPv2 on the Frame Relay segment between R6 and BB1.
" Redistribute RIP into EIGRP on R6.
2 Points
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 202 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
3.8. IGP Redistribution
" Redistribute between OSPF and EIGRP on R3 and SW2.
" Devices in the EIGRP domain should only see only one route to the
Loopback 0 subnets of R4 and R5.
" This route should not overlap any additional IP address space.
3 Points
3.9. Routing Loop Prevention
" Ensure that the RIP routes redistributed on R6 are not passed from OSPF
and then back into EIGRP on R3 and SW2.
" Use a method that will automatically take into account any new routes
redistributed into EIGRP from RIP on R6.
3 Points
3.10. Default Routing
" Configure R3 to originate a default route into the OSPF domain.
" This route should be withdrawn if R3 loses its connections to both R1 and
R2.
3 Points
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 203 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
4. Exterior Gateway Routing
4.1. BGP Peerings
" Enable BGP on the appropriate devices using the information provided in
the diagram.
" Configure the BGP peering sessions as follows:
Device 1 Device 2
R4 BB3
R4 R3
R3 R1
R3 R2
R1 SW2
R1 R2
R2 R6
R6 BB2
" The BGP peering sessions between R3 and R4 should remain up if R4
loses its connection to the Frame Relay cloud.
" R3 and R6 should be route-reflector clients of R2.
" Authenticate the BGP peering session between R6 and BB2 with the
password CISCO.
3 Points
4.2. BGP Summarization
" Advertise VLAN 3 into BGP on R3.
" In order to facilitate in keeping the global BGP table as small as possible
configure your network so that AS 54 and AS 254 only see one route for
your entire IP Address space.
" This advertisement need not include your Loopback address space.
3 Points
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 204 -
-hot
mail.com
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
4.3. BGP Default Routing
" Since VLAN 18 is SW2 s only connection to the rest of the BGP domain it
does not need specific forwarding information.
" Configure your network so that SW2 sends all traffic destined for the BGP
domain towards R1.
" Ensure that SW2 does not learn any other unnecessary reachability
information via BGP.
3 Points
4.4. BGP Filtering
" Administrators of AS 200 have reported excessive high utilization on both
the Ethernet segment connecting to AS 254 and the Frame Relay
segment connecting to AS 100. After further investigation you have
determined that the majority of this traffic has been coming from AS 300.
In response to this, a new restriction has been put into place on the
peering session between AS 200 and AS 300 that dictates that AS 200
can not be used for transit by users in AS 300.
" Configure AS 200 to reflect this policy.
" Do not use an IP access-list or a prefix-list to accomplish this.
3 Points
4.5. BGP Reachability
" Users throughout your network have been complaining about periodic
reachability problems to networks throughout the BGP domain. After
further investigation you have determined that these reachability problems
only occur when R4 loses connectivity to the Frame Relay cloud.
However, your NOC engineers have verified that the PPP link to R5 is
working correctly.
" Configure your network to resolve these users connectivity problems.
3 Points
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 205 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
5. IP Multicast
5.1. PIM
" Configure IP Multicast routing on R2, R3, R4, and SW1.
" Configure PIM on the Frame Relay segments between R2 & R3 and R3 &
R4.
" Configure PIM on the Ethernet link between R4 and SW1.
" Configure PIM on VLANs 26, 3, and 7 of R2, R3, and SW1 respectively.
" Multicast groups without an RP should use a flood and prune distribution
mechanism.
2 Points
5.2. RP Assignment
" Configure R3 as the RP for the following multicast groups:
o 225.10.0.0 - 225.10.255.255
o 225.26.0.0 - 255.26.255.255
o 225.42.0.0 - 255.42.255.255
o 225.58.0.0 - 255.58.255.255
" Use the minimum amount of access-list entries necessary to accomplish
this.
3 Points
5.3. RP Assignment
" Configure R4 as the RP for the following multicast groups:
o 226.37.0.0 - 226.37.255.255
o 226.45.0.0 - 226.45.255.255
o 227.37.0.0 - 227.37.255.255
o 227.45.0.0 - 227.45.255.255
" Use the minimum amount of access-list entries necessary to accomplish
this.
3 Points
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 206 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
5.4. IGMP
" Your company s development engineers are testing a new multicast
application on VLAN 3 that utilizes IGMPv2. In order to assist in their
development process they have requested that you configure R3 to poll
the segment for multicast group membership every 5 seconds.
" In addition to this they have requested that R3 prune a multicast group off
the interface if the application has not responded within 3 seconds of
receiving a host-query message from R3.
" Lastly, to prevent the new application from interfering with the normal
operation of your network configure R3 so that traffic from the business
critical multicast feed 226.37.1.1 cannot be sent to VLAN 3 or accepted
from VLAN 3.
3 Points
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 207 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
6. IPv6
6.1. IPv6 Addressing
" Configure IPv6 on R1, R2, R3, and R6.
" Enable IPv6 on R6's connection to BB2 using the address
2001:192:10:X::100/64.
" Configure IPv6 on VLAN 26 between R2 and R6 using the network
2001:164:X:26::/64.
" Configure IPv6 on the PPP link between R1 and R3 using the network
2001:164:X:13::/64.
2 Points
6.2. IPv6 over Frame Relay
" Configure IPv6 over the Frame Relay segments between R1 & R2 and R2
& R3.
" Use the network 2001:164:X:12::/64 between R1 and R2.
" Use the network 2001:164:X:23::/64 between R2 and R3.
" Use the router s number for the host addresses on these segments.
2 Points
6.3. RIPng
" Configure RIPng on VLAN 26 and VLAN 62.
" Configure RIPng on the Frame Relay segments between R1, R2, and R3.
" Configure RIPng on the PPP link between R1 and R3.
3 Points
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 208 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
7. QoS
7.1. Frame Relay Traffic Shaping
" VoIP users on VLAN 7 have been complaining about low voice quality
when dialing across the data network. After further investigation you have
determined that large file transfers have been consuming a large amount
of bandwidth on the Frame Relay circuit between R3 and R4.
" The Frame Relay circuits between R3 & R4 and R3 & R5 are provisioned
at 256Kbps each.
" Configure your network so that none of these devices exceed the
provisioned rate on the circuit.
" To decrease the serialization delay on the circuit ensure that all the
shaping intervals are the smallest possible, and that a single packet
cannot take more than one interval to be transmitted.
4 Points
7.2. Queueing
" Now that your WAN circuits are properly conforming to their provisioned
rate VoIP traffic sent over the circuit between R3 and R4 must be given
preferential treatment.
" Configure your network so that 200Kbps of VoIP traffic is always
dequeued first when it is sent over the Frame Relay circuit between R3
and R4.
3 Points
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 209 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
8. Security
8.1. Traffic Filtering
" One of your network administrators would like to access a Windows 2000
server located on VLAN 7 that is running remote desktop connection.
However, your security team does not want to allow this service to be
open to the entire network. As an alternative solution to leaving the
service open the security team has suggested that SW1 be used to
authenticate users prior to allowing them to connect to the server using
remote desktop.
" Configure your network so that your administrator must authenticate to
SW1 using the username RDP and the password CISCO prior to using
remote desktop connection.
" Once he has authenticated to SW1 he alone should be able to access the
server in this manner.
" The Windows server s IP address is 164.1.7.100.
" Remote desktop connection is listening at the default TCP port of 3389.
" To avoid a hijacking of the user s active session ensure that they must re-
authenticate to SW1 every 10 minutes.
3 Points
8.2. Traffic Filtering
" After implementing the above configuration you have begun to get
complaints from other network administrators that they can no longer
telnet into SW1 to manage it remotely.
" In order to resolve this problem configure SW1 so that the user NOC with
the password CISCO can telnet to SW1 using port 3023 to get access to
the command line interface.
" Ensure that no other ports beside 23 and 3023 are open for users to
connect to SW1 for management purposes.
3 Points
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 210 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
9. System Management
9.1. Banners
" After advice from your legal department a new network policy has been
put into place which defines warning messages for all users connecting to
network devices through any method. The policy dictates that when a
user logs into the CLI the following message should be displayed:
*****************************WARNING*****************************
* *
* All connections to this device are logged *
* Unauthorized use of this system is strictly prohibited *
* Violators will be prosecuted to the fullest extent of the law *
* *
*****************************WARNING*****************************
" Configure all devices to reflect this policy.
3 Points
9.2. NTP
" Configure R4 as an NTP master with a stratum of 2.
" SW2 should receive NTP information from R4.
" Do not use the ntp server or ntp peer commands to accomplish this task.
2 Points
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 211 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
10. IP Services
10.1. Distributed Director
" In addition to your internal network your corporate network consists of
various datacenters scattered throughout the globe. These datacenters
host mirrored servers which your users access via HTTP. In order to
minimize response time over the Internet to these service, your data
centers have installed two Cisco DistributedDirector platforms. These
devices will transparently redirect your users to the most appropriate
server, and minimize their response time to the services they require.
" These DistributedDirectors are located at IP addresses 104.12.8.215 and
185.28.8.143.
" In order to communicate with these devices, your design team has
requested that R6 be configured as a Director Response Protocol (DRP)
server agent.
" In order to prevent your clients from being redirected by false information
ensure that no other DistributedDirectors can communicate with R6.
" To ensure these directors authenticity configure R6 to authenticate them
with a secure hash value of the password CISCO.
3 Points
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 212 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
10.2. DHCP
" Configure R3 s interface Ethernet0/0 to receive its IP address via DHCP.
" R3 should use ROUTER3 for DHCP option 12 and 28 hours for DHCP
option 55.
3 Points
10.3. DHCP
" Configure R3 to send a DHCP request packet to renew its Ethernet0/0 IP
address every 3 hours.
" Do not use any interface level commands for this task.
3 Points
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 213 -
-
CCIE Routing & Switching Lab Workbook Version 4.0 Lab 10
Copyright � 2007 Internetwork Expert www.InternetworkExpert.com
- 214 -
-

Wyszukiwarka

Podobne podstrony:
IE RS lab 19 overview
IE RS lab 18 overview
IE RS lab 10 diagram
IE RS lab 13 overview
IE RS lab 12 overview
IE RS lab 14 overview
IE RS lab 10 solutions
IE RS lab 20 overview
IE RS lab 17 overview
IE RS Lab 16 overview
IE RS lab 15 overview
IE RS lab 9 overview
IE RS lab 8 overview
IE RS lab 18 Diagram
IE RS lab 13 solutions
IE RS lab 17 diagram
IE RS lab 8 diagram
IE RS lab 14 solutions

więcej podobnych podstron